Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

ib.adnxs.com pop up

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

ib.adnxs.com pop up

Unread postby Sippowich » August 14th, 2012, 1:51 pm

Hello,
I get pop ups with the ib.adnxs.com url when I open for example youtube songs in firefox (not with ie).


Thank you for your help!


DDS:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Peter at 19:45:36 on 2012-08-14
Microsoft Windows 7 Professional 6.1.7601.1.1252.43.1031.18.8086.5926 [GMT 2:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\viakaraokesrv.exe
C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\StikyNot.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\mobsync.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_270.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_270.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: {BA0454C5-FD30-428E-8DB9-3FF87A612F64} - No File
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{07787C27-73E5-44CD-82D0-9B2E8F3B7994} : DhcpNameServer = 10.0.0.138
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}
{53707962-6F74-2D53-2644-206D7942484F}
BHO-X64: {BA0454C5-FD30-428E-8DB9-3FF87A612F64} - No File
mRun-x64: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun-x64: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\qx56zo0x.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxps://ixquick.com/
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll
.
---- FIREFOX POLICIES ----
user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\system32\DRIVERS\avgidsha.sys --> C:\Windows\system32\DRIVERS\avgidsha.sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;C:\Windows\system32\DRIVERS\iusb3hcs.sys --> C:\Windows\system32\DRIVERS\iusb3hcs.sys [?]
R1 AppleCharger;AppleCharger;C:\Windows\system32\DRIVERS\AppleCharger.sys --> C:\Windows\system32\DRIVERS\AppleCharger.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-4 63928]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-7-4 5160568]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-8 607456]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-7-26 161560]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-7-27 1153368]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-7-26 363800]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service;C:\Windows\system32\viakaraokesrv.exe --> C:\Windows\system32\viakaraokesrv.exe [?]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\avgidsdrivera.sys --> C:\Windows\system32\DRIVERS\avgidsdrivera.sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\avgidsfiltera.sys --> C:\Windows\system32\DRIVERS\avgidsfiltera.sys [?]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\system32\Drivers\EtronHub3.sys --> C:\Windows\system32\Drivers\EtronHub3.sys [?]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\system32\Drivers\EtronXHCI.sys --> C:\Windows\system32\Drivers\EtronXHCI.sys [?]
R3 IntcDAud;Intel(R) Display-Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;C:\Windows\system32\DRIVERS\iusb3hub.sys --> C:\Windows\system32\DRIVERS\iusb3hub.sys [?]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;C:\Windows\system32\DRIVERS\iusb3xhc.sys --> C:\Windows\system32\DRIVERS\iusb3xhc.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface ;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\system32\drivers\viahduaa.sys --> C:\Windows\system32\drivers\viahduaa.sys [?]
S2 gupdate;Google Update-Dienst (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-7-29 116648]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-7-29 250056]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 cphs;Intel(R) Content Protection HECI Service;C:\Windows\SysWOW64\IntelCpHeciSvc.exe [2012-7-26 274200]
S3 cpuz135;cpuz135;C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [2012-7-27 23816]
S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?]
S3 gupdatem;Google Update-Dienst (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-7-29 116648]
S3 StorSvc;Speicherdienst;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S3 WatAdminSvc;Windows-Aktivierungstechnologieservice;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-08-14 16:31:06 -------- d-----w- C:\Users\Peter\AppData\Roaming\Malwarebytes
2012-08-14 16:30:52 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-08-14 16:30:52 -------- d-----w- C:\ProgramData\Malwarebytes
2012-08-14 16:30:52 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-08-07 08:23:55 -------- d-----w- C:\Program Files (x86)\GTASA-Ultimate Editor
2012-08-07 08:23:41 249856 ------w- C:\Windows\Setup1.exe
2012-08-07 08:23:40 73216 ----a-w- C:\Windows\ST6UNST.EXE
2012-08-06 17:41:49 99840 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\HPZPPLHN.DLL
2012-08-03 09:51:39 -------- d-----w- C:\Users\Peter\AppData\Roaming\pdfforge
2012-08-03 09:51:38 95744 ----a-w- C:\Windows\System32\pdfcmon.dll
2012-08-03 09:51:38 662288 ----a-w- C:\Windows\SysWow64\MSCOMCT2.OCX
2012-08-03 09:51:38 137000 ----a-w- C:\Windows\SysWow64\MSMAPI32.OCX
2012-08-03 09:51:38 1071088 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
2012-08-03 09:51:37 64512 ----a-w- C:\Windows\SysWow64\MSCC2DE.DLL
2012-08-03 09:51:37 23552 ----a-w- C:\Windows\SysWow64\MSMPIDE.DLL
2012-08-03 09:51:37 158208 ----a-w- C:\Windows\SysWow64\MSCMCDE.DLL
2012-08-03 09:51:37 125712 ----a-w- C:\Windows\SysWow64\VB6DE.DLL
2012-08-03 09:51:37 -------- d-----w- C:\Program Files (x86)\PDFCreator
2012-08-02 14:00:03 -------- d-----w- C:\Users\Peter\AppData\Roaming\SchreibTrainer4
2012-08-02 14:00:00 -------- d-----w- C:\Program Files (x86)\AB-Tools.com
2012-08-01 12:02:49 749568 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2012-08-01 12:02:49 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2012-08-01 12:02:49 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2012-08-01 12:02:49 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2012-08-01 12:02:49 180224 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2012-08-01 12:02:40 323716 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2012-08-01 12:02:40 192644 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2012-08-01 08:18:18 -------- d-----w- C:\Program Files (x86)\VideoLAN
2012-08-01 07:51:07 -------- d-----w- C:\Program Files (x86)\tmx5
2012-08-01 05:36:17 -------- d-----w- C:\Program Files (x86)\uTorrent
2012-08-01 05:31:23 -------- d-----w- C:\Users\Peter\AppData\Roaming\uTorrent
2012-07-31 11:06:00 -------- d-----w- C:\Users\Peter\AppData\Local\Diagnostics
2012-07-31 10:50:43 -------- d-----w- C:\Users\Peter\AppData\Local\ElevatedDiagnostics
2012-07-30 13:35:19 -------- d-----w- C:\Users\Peter\AppData\Roaming\7-PDFWebsiteConverter
2012-07-30 13:35:19 -------- d-----w- C:\Program Files (x86)\7-PDF
2012-07-29 17:19:43 -------- d-----w- C:\Users\Peter\AppData\Roaming\WikidPad
2012-07-29 15:56:54 -------- d-----w- C:\Users\Peter\AppData\Local\Macromedia
2012-07-29 15:56:27 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-29 15:56:27 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-07-29 15:46:55 -------- d-----w- C:\Users\Peter\AppData\Roaming\LibreOffice
2012-07-29 15:33:37 -------- d-----w- C:\Users\Peter\AppData\Local\Google
2012-07-29 15:25:44 -------- d-----w- C:\Users\Peter\AppData\Local\Thunderbird
2012-07-29 14:58:54 -------- d-----w- C:\Program Files (x86)\MozBackup
2012-07-29 07:05:16 -------- d-----w- C:\Program Files (x86)\WikidPad
2012-07-29 06:55:35 -------- d-----w- C:\Program Files (x86)\GIMP 2
2012-07-29 06:21:36 -------- d-----w- C:\Users\Peter\AppData\Local\Adobe
2012-07-29 06:21:04 -------- d-----w- C:\Program Files (x86)\LibreOffice 3.5
2012-07-27 14:59:42 -------- d-----w- C:\Program Files (x86)\Microsoft WSE
2012-07-27 14:59:36 3977496 ----a-w- C:\Windows\System32\d3dx9_31.dll
2012-07-27 14:59:36 2414360 ----a-w- C:\Windows\SysWow64\d3dx9_31.dll
2012-07-27 14:34:56 -------- d-----r- C:\Program Files (x86)\Skype
2012-07-27 11:46:12 -------- d-----w- C:\Program Files (x86)\SpeedFan
2012-07-27 11:38:05 -------- d-----w- C:\Program Files (x86)\Motherboard Monitor 5
2012-07-27 06:45:34 -------- d-----w- C:\Program Files (x86)\Rockstar Games
2012-07-27 06:42:46 -------- d-----w- C:\Program Files (x86)\OpenApp
2012-07-27 06:42:27 -------- d-----w- C:\Program Files (x86)\smartdl
2012-07-27 06:40:12 -------- d-----w- C:\Windows\SysWow64\wbem\en-US
2012-07-27 06:40:11 -------- d-----w- C:\Windows\System32\wbem\en-US
2012-07-27 06:40:10 -------- d-----w- C:\Windows\SysWow64\Wat
2012-07-27 06:40:10 -------- d-----w- C:\Windows\System32\Wat
2012-07-27 06:36:56 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-27 06:29:34 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-07-27 06:29:34 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-07-27 06:29:34 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-07-27 06:29:34 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-07-27 06:29:34 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-07-27 06:29:34 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-07-27 06:29:34 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-07-27 06:10:34 114176 ----a-w- C:\Windows\SysWow64\PCWizard.cpl
2012-07-27 06:10:34 -------- d-----w- C:\Program Files (x86)\CPUID
2012-07-27 06:04:29 -------- d-----w- C:\Users\Peter\AppData\Local\Mozilla
2012-07-27 05:58:14 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-07-27 05:58:14 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-07-27 05:46:08 -------- d-----w- C:\Users\Peter\AppData\Roaming\AVG2012
2012-07-27 05:44:53 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
2012-07-27 05:44:51 -------- d--h--w- C:\$AVG
2012-07-27 05:44:51 -------- d-----w- C:\Windows\System32\drivers\AVG
2012-07-27 05:44:51 -------- d-----w- C:\ProgramData\AVG2012
2012-07-27 05:44:43 -------- d-----w- C:\Program Files (x86)\AVG
2012-07-27 05:37:49 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2012-07-27 05:36:53 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe
2012-07-27 05:35:22 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-07-27 05:35:21 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E40F3BDC-4576-4124-8CFA-E54372177044}\mpengine.dll
2012-07-26 20:58:37 -------- d-----w- C:\Windows\Panther
2012-07-26 20:25:38 -------- d-----w- C:\Program Files (x86)\Etron Technology
2012-07-26 20:24:57 104560 ----a-w- C:\Windows\System32\drivers\L1C62x64.sys
2012-07-26 20:24:53 16152 ----a-w- C:\Windows\System32\drivers\iusb3hcs.sys
2012-07-26 20:24:44 356120 ----a-w- C:\Windows\System32\drivers\iusb3hub.sys
2012-07-26 20:24:42 787736 ----a-w- C:\Windows\System32\drivers\iusb3xhc.sys
2012-07-26 20:24:42 -------- d-----w- C:\Windows\SysWow64\Atheros_L1e
2012-07-26 20:22:32 -------- d-----w- C:\Program Files\Common Files\Intel
2012-07-26 20:21:08 15128 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll
2012-07-26 20:20:51 53248 ----a-r- C:\Windows\SysWow64\CSVer.dll
2012-07-26 20:20:50 -------- d-sh--w- C:\Windows\Installer
2012-07-26 20:20:46 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent
2012-07-26 20:20:39 -------- d-----w- C:\Intel
2012-07-26 20:20:37 60184 ----a-w- C:\Windows\System32\drivers\HECIx64.sys
2012-07-26 20:09:27 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-07-26 20:09:27 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-07-26 20:09:27 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-07-26 20:06:42 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-07-26 20:06:41 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-07-26 20:06:40 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-07-26 20:06:40 186752 ----a-w- C:\Windows\System32\wuwebv.dll
.
==================== Find3M ====================
.
2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-05-31 10:25:12 279656 ------w- C:\Windows\System32\MpSigStub.exe
.
============= FINISH: 19:45:48,10 ===============




Attach:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 26.07.2012 22:05:25
System Uptime: 14.08.2012 19:16:49 (0 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | Z77-D3H
Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz | Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz | 3801/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 141 GiB total, 88,043 GiB free.
D: is FIXED (NTFS) - 932 GiB total, 903,235 GiB free.
E: is CDROM (UDF)
F: is Removable
G: is Removable
H: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Virtual WiFi Miniport Adapter
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&2D559611&0&01
Manufacturer: Microsoft
Name: Microsoft Virtual WiFi Miniport Adapter
PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&2D559611&0&01
Service: vwifimp
.
Class GUID: {4d36e96f-e325-11ce-bfc1-08002be10318}
Description: Microsoft PS/2-Maus
Device ID: ACPI\PNP0F03\4&FA2F13B&0
Manufacturer: Microsoft
Name: Microsoft PS/2-Maus
PNP Device ID: ACPI\PNP0F03\4&FA2F13B&0
Service: i8042prt
.
Class GUID: {4d36e96b-e325-11ce-bfc1-08002be10318}
Description: Standardtastatur (PS/2)
Device ID: ACPI\PNP0303\4&FA2F13B&0
Manufacturer: (Standardtastaturen)
Name: Standardtastatur (PS/2)
PNP Device ID: ACPI\PNP0303\4&FA2F13B&0
Service: i8042prt
.
==== System Restore Points ===================
.
RP20: 01.08.2012 09:51:03 - *tmx spanisch wird installiert
RP21: 01.08.2012 09:53:04 - *tmx englisch wird installiert
RP22: 01.08.2012 14:04:29 - Installed GTA San Andreas
RP23: 01.08.2012 17:01:34 - Gerätetreiber-Paketinstallation: Microsoft Netzwerkadapter
RP24: 06.08.2012 17:59:12 - Windows Update
RP25: 14.08.2012 15:16:22 - Geplanter Prüfpunkt
.
==== Installed Programs ======================
.
*tmx englisch
*tmx spanisch
7-PDF Website Converter Version 1.0.6 (Build 164)
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3) - Deutsch
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
µTorrent
Die Sims™ 3
Die Sims™ 3 Einfach tierisch
Die Sims™ 3 Luxus-Accessoires
Etron USB3.0 Host Controller
Google Earth Plug-in
Google Update Helper
GTA San Andreas
GTASA-Ultimate Editor
Intel(R) Management Engine Components
Intel(R) OpenCL CPU Runtime
Intel(R) Processor Graphics
Intel(R) USB 3.0 eXtensible Host Controller Driver
LibreOffice 3.5
Malwarebytes Anti-Malware Version 1.62.0.1300
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft WSE 3.0 Runtime
MozBackup 1.5.1
Mozilla Firefox 14.0.1 (x86 de)
Mozilla Thunderbird 14.0 (x86 de)
ON_OFF Charge B11.1102.1
PC Wizard 2012.2.1
PDFCreator
Platform
Schreib-Trainer 4.1.3
Skype™ 5.10
SpeedFan (remove only)
Spybot - Search & Destroy
VIA Plattform-Geräte-Manager
VideoFileDownload
Visual Studio 2008 x64 Redistributables
VLC media player 2.0.3
WikidPad 2.1
.
==== End Of File ===========================
Sippowich
Active Member
 
Posts: 8
Joined: August 14th, 2012, 1:43 pm
Advertisement
Register to Remove

Re: ib.adnxs.com pop up

Unread postby pgmigg » August 15th, 2012, 4:20 pm

Hello Sippowich,

Welcome to the forum! :)

My name is pgmigg and I'll be helping you with any malware problems.

Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  8. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!" :cheers:
    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions. In the meantime...

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf you have any questions or problems executing these instructions, <<STOP>> do not proceed, post back with the question or problem.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: ib.adnxs.com pop up

Unread postby pgmigg » August 15th, 2012, 5:00 pm

Hello Sippowich,

P2P Advisory!
IMPORTANT: There are signs of one or more P2P (Peer to Peer) File Sharing Programs installed on your computer.
µTorrent

As long as you have the P2P program(s) installed, per Forum Policy, I can offer you no further assistance.
If you choose NOT to remove the program(s), please indicate that in your next reply and this topic will be closed.

Otherwise, please perform the following steps:

Step 1.
Disable Spybot's TeaTimer. This is a two step process.
From your log I can see that you are running a Spybot S&D Teatimer. This might interfere with fixes we are about to do so we need to disable it.
First step:
  • Right-click the Spybot Icon in the System Tray (looks like a blue/white calendar with a padlock symbol)
  • If you have the new version 1.5 or later, click once on Resident Protection, then Right click the Spybot icon again and make sure Resident Protection is now Unchecked. The Spybot icon in the System tray should now be now colorless.
  • If you have Version 1.4, click on Exit Spybot S&D Resident
Second step, For Either Version :
  • Open Spybot S&D
  • Click Mode, choose Advanced Mode
  • Go To the bottom of the Vertical Panel on the Left, Click Tools
  • then, also in left panel, click Resident shows a red/white shield.
  • If your firewall raises a question, say OK
  • In the Resident protection status frame, Uncheck the box labeled Resident "Tea-Timer"(Protection of over-all system settings) active
  • OK any prompts.
  • Use File, Exit to terminate Spybot
  • Reboot your machine for the changes to take effect.

Step 2.
Create a System Restore Point
Because we are going to be making changes to your computer, it is advisable to create a new System Restore Point.
  1. Right-click on Computer and select Properties.
  2. In the left pane under Tasks please click System protection.
    If UAC prompts for an administrator password or approval, type the password or give your "permission to continue".
  3. Select System Protection, then choose Create.
  4. In the System Restore dialog box, type a description for the restore point and then click Create again.
    A window will pop up with "The Restore Point was created successfully" confirmation message.
  5. Click OK, then close the System Restore dialog.

If you have successfully created a System Restore Point... we can proceed.
If you have NOT successfully created a System Restore Point... do not go any further!
Please post back so we can determine why it was unsuccessful.


Step 3.
Remove Program(s)
  1. Click on Start, then click the Start Search box on the Start Menu.
  2. Copy and paste the value below without the word Code: into the open text entry box:
    Code: Select all
     appwiz.cpl 
    and press Enter - the Unistall or change a program list will be opened.
  3. Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:
    Spybot Search & Destroy
    uTorrent
  4. Take extra care in answering questions posed by any Uninstaller.
  5. When the program(s) have been uninstalled, please close Control Panel.
  6. Reboot you computer.

NEXT:
Please tell me, is this computer used for business purposes and connected to a business or educational network?
I need to know it - so I can provide the proper instructions.

Step 4.
TDSSKiller - Rootkit Removal Tool - Scan only
Please download the TDSSKiller.exe by Kaspersky and save it to your Desktop. <-Important!!!
  1. Right click on TDSSKiller.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
    If TDSSKiller does not run, please rename it. Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. zarodinu.com).
    If you don't see file extensions, please see: How to change the file extension.
  2. Click the Start Scan button. Do not use the computer during the scan!
  3. If the scan completes with nothing found, click Close to exit.
  4. If malicious objects are found, they will show in the "Scan results - Select action for found objects" and offer 3 options.
    • Please select Skip instead of Cure (default).
  5. Then click Continue, then Close and then Close again.
  6. A log file named TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt will be created and saved to the root directory (usually Local Disk C:).
  7. Copy and paste the contents of that file in your next reply.

Step 5.
OTL - Download
Please download OTL.exe by Old Timer and save it to your Desktop.

Fresh OTL Scan
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Under Output, ensure that Standard Output is selected.
  3. Check the boxes labeled:
    • Include 64 bit scans
    • Scan All Users
    • LOP check
    • Purity check
    • Extra Registry > Use SafeList
  4. Click on Run Scan at the top left hand corner.
  5. When done, two Notepad files will open.
    • OTL.txt <-- Will be opened, maximized
    • Extras.txt <-- Will be minimized on task bar.
  6. Please post the contents of both OTL.txt and Extras.txt files in your next reply.

Please include in your next reply:
  1. Your decision about P2P program.
  2. Do you have any problems executing the instructions?
  3. Contents of the TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt log file
  4. Answer for my question related to type of using of your computer.
  5. Contents of a OTL.txt log file
  6. Contents of a Extras.txt log file
  7. Do you see any changes in computer behavior?

Please do not hesitate to divide the post into multiple if it is too long...

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: ib.adnxs.com pop up

Unread postby Sippowich » August 16th, 2012, 5:21 am

Hello pgmigg,

thank you for your time and help.

A. I deleted utorrent.

B. I had no problems executing the instructions.


C. TDSSKiller log file:

10:53:08.0011 5008 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
10:53:08.0105 5008 ============================================================
10:53:08.0105 5008 Current date / time: 2012/08/16 10:53:08.0105
10:53:08.0105 5008 SystemInfo:
10:53:08.0105 5008
10:53:08.0105 5008 OS Version: 6.1.7601 ServicePack: 1.0
10:53:08.0105 5008 Product type: Workstation
10:53:08.0105 5008 ComputerName: HOME
10:53:08.0105 5008 UserName: Peter
10:53:08.0105 5008 Windows directory: C:\Windows
10:53:08.0105 5008 System windows directory: C:\Windows
10:53:08.0105 5008 Running under WOW64
10:53:08.0105 5008 Processor architecture: Intel x64
10:53:08.0105 5008 Number of processors: 4
10:53:08.0105 5008 Page size: 0x1000
10:53:08.0105 5008 Boot type: Normal boot
10:53:08.0105 5008 ============================================================
10:53:08.0511 5008 Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 (238.47 Gb), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:53:08.0526 5008 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:53:08.0542 5008 ============================================================
10:53:08.0542 5008 \Device\Harddisk0\DR0:
10:53:08.0542 5008 MBR partitions:
10:53:08.0542 5008 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:53:08.0542 5008 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x11970800
10:53:08.0542 5008 \Device\Harddisk1\DR1:
10:53:08.0542 5008 MBR partitions:
10:53:08.0542 5008 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
10:53:08.0542 5008 ============================================================
10:53:08.0542 5008 C: <-> \Device\Harddisk0\DR0\Partition2
10:53:08.0542 5008 D: <-> \Device\Harddisk1\DR1\Partition1
10:53:08.0542 5008 ============================================================
10:53:08.0542 5008 Initialize success
10:53:08.0542 5008 ============================================================
10:53:50.0132 3572 ============================================================
10:53:50.0132 3572 Scan started
10:53:50.0132 3572 Mode: Manual;
10:53:50.0132 3572 ============================================================
10:53:50.0787 3572 ================ Scan services =============================
10:53:50.0834 3572 [ a87d604aea360176311474c87a63bb88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:53:50.0849 3572 1394ohci - ok
10:53:50.0849 3572 [ d81d9e70b8a6dd14d42d7b4efa65d5f2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:53:50.0849 3572 ACPI - ok
10:53:50.0865 3572 [ 99f8e788246d495ce3794d7e7821d2ca ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:53:50.0865 3572 AcpiPmi - ok
10:53:50.0865 3572 [ 62b7936f9036dd6ed36e6a7efa805dc0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:53:50.0865 3572 AdobeARMservice - ok
10:53:50.0880 3572 [ a9d3b95e8466bd58eeb8a1154654e162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:53:50.0880 3572 AdobeFlashPlayerUpdateSvc - ok
10:53:50.0896 3572 [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
10:53:50.0896 3572 adp94xx - ok
10:53:50.0896 3572 [ 597f78224ee9224ea1a13d6350ced962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
10:53:50.0912 3572 adpahci - ok
10:53:50.0912 3572 [ e109549c90f62fb570b9540c4b148e54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
10:53:50.0912 3572 adpu320 - ok
10:53:50.0912 3572 [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:53:50.0912 3572 AeLookupSvc - ok
10:53:50.0927 3572 [ 1c7857b62de5994a75b054a9fd4c3825 ] AFD C:\Windows\system32\drivers\afd.sys
10:53:50.0927 3572 AFD - ok
10:53:50.0927 3572 [ 608c14dba7299d8cb6ed035a68a15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:53:50.0927 3572 agp440 - ok
10:53:50.0927 3572 [ 3290d6946b5e30e70414990574883ddb ] ALG C:\Windows\System32\alg.exe
10:53:50.0927 3572 ALG - ok
10:53:50.0943 3572 [ 5812713a477a3ad7363c7438ca2ee038 ] aliide C:\Windows\system32\drivers\aliide.sys
10:53:50.0943 3572 aliide - ok
10:53:50.0943 3572 [ 1ff8b4431c353ce385c875f194924c0c ] amdide C:\Windows\system32\drivers\amdide.sys
10:53:50.0943 3572 amdide - ok
10:53:50.0943 3572 [ 7024f087cff1833a806193ef9d22cda9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
10:53:50.0943 3572 AmdK8 - ok
10:53:50.0943 3572 [ 1e56388b3fe0d031c44144eb8c4d6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
10:53:50.0943 3572 AmdPPM - ok
10:53:50.0943 3572 [ 6ec6d772eae38dc17c14aed9b178d24b ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:53:50.0943 3572 amdsata - ok
10:53:50.0958 3572 [ f67f933e79241ed32ff46a4f29b5120b ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
10:53:50.0958 3572 amdsbs - ok
10:53:50.0958 3572 [ 1142a21db581a84ea5597b03a26ebaa0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:53:50.0958 3572 amdxata - ok
10:53:50.0958 3572 [ 89a69c3f2f319b43379399547526d952 ] AppID C:\Windows\system32\drivers\appid.sys
10:53:50.0958 3572 AppID - ok
10:53:50.0958 3572 [ 0bc381a15355a3982216f7172f545de1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:53:50.0974 3572 AppIDSvc - ok
10:53:50.0974 3572 [ 3977d4a871ca0d4f2ed1e7db46829731 ] Appinfo C:\Windows\System32\appinfo.dll
10:53:50.0974 3572 Appinfo - ok
10:53:50.0974 3572 [ ba957e7acd2b44fa3b01faa64f6a9060 ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
10:53:50.0974 3572 AppleCharger - ok
10:53:50.0974 3572 [ 95ef7247c50c7241fdae39a9b3aff4ae ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
10:53:50.0990 3572 AppleChargerSrv - ok
10:53:50.0990 3572 [ 4aba3e75a76195a3e38ed2766c962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
10:53:50.0990 3572 AppMgmt - ok
10:53:50.0990 3572 [ c484f8ceb1717c540242531db7845c4e ] arc C:\Windows\system32\drivers\arc.sys
10:53:50.0990 3572 arc - ok
10:53:51.0005 3572 [ 019af6924aefe7839f61c830227fe79c ] arcsas C:\Windows\system32\drivers\arcsas.sys
10:53:51.0005 3572 arcsas - ok
10:53:51.0005 3572 [ 769765ce2cc62867468cea93969b2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:53:51.0005 3572 AsyncMac - ok
10:53:51.0005 3572 [ 02062c0b390b7729edc9e69c680a6f3c ] atapi C:\Windows\system32\drivers\atapi.sys
10:53:51.0005 3572 atapi - ok
10:53:51.0021 3572 [ e857eee6b92aaa473ebb3465add8f7e7 ] athr C:\Windows\system32\DRIVERS\athrx.sys
10:53:51.0021 3572 athr - ok
10:53:51.0036 3572 [ f23fef6d569fce88671949894a8becf1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:53:51.0036 3572 AudioEndpointBuilder - ok
10:53:51.0052 3572 [ f23fef6d569fce88671949894a8becf1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:53:51.0052 3572 AudioSrv - ok
10:53:51.0083 3572 [ d67719bcfde5798f5c30d14efed3bcaf ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
10:53:51.0114 3572 AVGIDSAgent - ok
10:53:51.0114 3572 [ 1b2e9fcdc26dc7c81d4131430e2dc936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
10:53:51.0130 3572 AVGIDSDriver - ok
10:53:51.0130 3572 [ 0f293406f64b48d5d2f0d3a1117f3a83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
10:53:51.0130 3572 AVGIDSFilter - ok
10:53:51.0130 3572 [ cffc3a4a638f462e0561cb368b9a7a3a ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
10:53:51.0130 3572 AVGIDSHA - ok
10:53:51.0130 3572 [ 59955b4c288dd2a8b9fd2cd5158355c5 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
10:53:51.0130 3572 Avgldx64 - ok
10:53:51.0130 3572 [ a6aec362aae5e2dda7445e7690cb0f33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
10:53:51.0130 3572 Avgmfx64 - ok
10:53:51.0146 3572 [ 645c7f0a0e39758a0024a9b1748273c0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
10:53:51.0146 3572 Avgrkx64 - ok
10:53:51.0146 3572 [ 1bee674ad792b1c63bb0dac5fa724b23 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
10:53:51.0146 3572 Avgtdia - ok
10:53:51.0146 3572 [ ea1145debcd508fd25bd1e95c4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
10:53:51.0146 3572 avgwd - ok
10:53:51.0161 3572 [ a6bf31a71b409dfa8cac83159e1e2aff ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:53:51.0161 3572 AxInstSV - ok
10:53:51.0161 3572 [ 3e5b191307609f7514148c6832bb0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
10:53:51.0161 3572 b06bdrv - ok
10:53:51.0177 3572 [ b5ace6968304a3900eeb1ebfd9622df2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:53:51.0177 3572 b57nd60a - ok
10:53:51.0177 3572 [ fde360167101b4e45a96f939f388aeb0 ] BDESVC C:\Windows\System32\bdesvc.dll
10:53:51.0177 3572 BDESVC - ok
10:53:51.0177 3572 [ 16a47ce2decc9b099349a5f840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
10:53:51.0177 3572 Beep - ok
10:53:51.0192 3572 [ 82974d6a2fd19445cc5171fc378668a4 ] BFE C:\Windows\System32\bfe.dll
10:53:51.0192 3572 BFE - ok
10:53:51.0208 3572 [ 1ea7969e3271cbc59e1730697dc74682 ] BITS C:\Windows\System32\qmgr.dll
10:53:51.0208 3572 BITS - ok
10:53:51.0208 3572 [ 61583ee3c3a17003c4acd0475646b4d3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:53:51.0208 3572 blbdrive - ok
10:53:51.0224 3572 [ 6c02a83164f5cc0a262f4199f0871cf5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:53:51.0224 3572 bowser - ok
10:53:51.0224 3572 [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
10:53:51.0224 3572 BrFiltLo - ok
10:53:51.0224 3572 [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
10:53:51.0224 3572 BrFiltUp - ok
10:53:51.0224 3572 [ 05f5a0d14a2ee1d8255c2aa0e9e8e694 ] Browser C:\Windows\System32\browser.dll
10:53:51.0224 3572 Browser - ok
10:53:51.0239 3572 [ 43bea8d483bf1870f018e2d02e06a5bd ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:53:51.0239 3572 Brserid - ok
10:53:51.0239 3572 [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:53:51.0239 3572 BrSerWdm - ok
10:53:51.0239 3572 [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:53:51.0239 3572 BrUsbMdm - ok
10:53:51.0239 3572 [ a87528880231c54e75ea7a44943b38bf ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:53:51.0239 3572 BrUsbSer - ok
10:53:51.0239 3572 [ 9da669f11d1f894ab4eb69bf546a42e8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
10:53:51.0239 3572 BTHMODEM - ok
10:53:51.0255 3572 [ 95f9c2976059462cbbf227f7aab10de9 ] bthserv C:\Windows\system32\bthserv.dll
10:53:51.0255 3572 bthserv - ok
10:53:51.0255 3572 [ b8bd2bb284668c84865658c77574381a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:53:51.0255 3572 cdfs - ok
10:53:51.0255 3572 [ f036ce71586e93d94dab220d7bdf4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:53:51.0255 3572 cdrom - ok
10:53:51.0255 3572 [ f17d1d393bbc69c5322fbfafaca28c7f ] CertPropSvc C:\Windows\System32\certprop.dll
10:53:51.0270 3572 CertPropSvc - ok
10:53:51.0270 3572 [ d7cd5c4e1b71fa62050515314cfb52cf ] circlass C:\Windows\system32\drivers\circlass.sys
10:53:51.0270 3572 circlass - ok
10:53:51.0270 3572 [ fe1ec06f2253f691fe36217c592a0206 ] CLFS C:\Windows\system32\CLFS.sys
10:53:51.0270 3572 CLFS - ok
10:53:51.0270 3572 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:53:51.0286 3572 clr_optimization_v2.0.50727_32 - ok
10:53:51.0286 3572 [ d1ceea2b47cb998321c579651ce3e4f8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:53:51.0286 3572 clr_optimization_v2.0.50727_64 - ok
10:53:51.0286 3572 [ 0840155d0bddf1190f84a663c284bd33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
10:53:51.0286 3572 CmBatt - ok
10:53:51.0286 3572 [ e19d3f095812725d88f9001985b94edd ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:53:51.0286 3572 cmdide - ok
10:53:51.0302 3572 [ 9ac4f97c2d3e93367e2148ea940cd2cd ] CNG C:\Windows\system32\Drivers\cng.sys
10:53:51.0302 3572 CNG - ok
10:53:51.0302 3572 [ 102de219c3f61415f964c88e9085ad14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
10:53:51.0302 3572 Compbatt - ok
10:53:51.0302 3572 [ 03edb043586cceba243d689bdda370a8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
10:53:51.0302 3572 CompositeBus - ok
10:53:51.0302 3572 COMSysApp - ok
10:53:51.0317 3572 [ db84d759193fdedf82144e565108037e ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
10:53:51.0317 3572 cphs - ok
10:53:51.0317 3572 [ 8f5b84350bfc4fe3a65d921b4bd0e737 ] cpuz135 C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys
10:53:51.0317 3572 cpuz135 - ok
10:53:51.0317 3572 [ 1c827878a998c18847245fe1f34ee597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
10:53:51.0317 3572 crcdisk - ok
10:53:51.0333 3572 [ 4f5414602e2544a4554d95517948b705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:53:51.0333 3572 CryptSvc - ok
10:53:51.0333 3572 [ 54da3dfd29ed9f1619b6f53f3ce55e49 ] CSC C:\Windows\system32\drivers\csc.sys
10:53:51.0333 3572 CSC - ok
10:53:51.0348 3572 [ 3ab183ab4d2c79dcf459cd2c1266b043 ] CscService C:\Windows\System32\cscsvc.dll
10:53:51.0348 3572 CscService - ok
10:53:51.0364 3572 [ 5c627d1b1138676c0a7ab2c2c190d123 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:53:51.0364 3572 DcomLaunch - ok
10:53:51.0364 3572 [ 3cec7631a84943677aa8fa8ee5b6b43d ] defragsvc C:\Windows\System32\defragsvc.dll
10:53:51.0364 3572 defragsvc - ok
10:53:51.0364 3572 [ 9bb2ef44eaa163b29c4a4587887a0fe4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:53:51.0380 3572 DfsC - ok
10:53:51.0380 3572 [ 43d808f5d9e1a18e5eeb5ebc83969e4e ] Dhcp C:\Windows\system32\dhcpcore.dll
10:53:51.0380 3572 Dhcp - ok
10:53:51.0380 3572 [ 13096b05847ec78f0977f2c0f79e9ab3 ] discache C:\Windows\system32\drivers\discache.sys
10:53:51.0380 3572 discache - ok
10:53:51.0380 3572 [ 9819eee8b5ea3784ec4af3b137a5244c ] Disk C:\Windows\system32\drivers\disk.sys
10:53:51.0380 3572 Disk - ok
10:53:51.0395 3572 [ 5db085a8a6600be6401f2b24eecb5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
10:53:51.0395 3572 dmvsc - ok
10:53:51.0395 3572 [ 16835866aaa693c7d7fceba8fff706e4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:53:51.0395 3572 Dnscache - ok
10:53:51.0395 3572 [ b1fb3ddca0fdf408750d5843591afbc6 ] dot3svc C:\Windows\System32\dot3svc.dll
10:53:51.0395 3572 dot3svc - ok
10:53:51.0411 3572 [ b26f4f737e8f9df4f31af6cf31d05820 ] DPS C:\Windows\system32\dps.dll
10:53:51.0411 3572 DPS - ok
10:53:51.0411 3572 [ 9b19f34400d24df84c858a421c205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:53:51.0411 3572 drmkaud - ok
10:53:51.0411 3572 [ f5bee30450e18e6b83a5012c100616fd ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:53:51.0426 3572 DXGKrnl - ok
10:53:51.0426 3572 [ e2dda8726da9cb5b2c4000c9018a9633 ] EapHost C:\Windows\System32\eapsvc.dll
10:53:51.0426 3572 EapHost - ok
10:53:51.0442 3572 [ dc5d737f51be844d8c82c695eb17372f ] ebdrv C:\Windows\system32\drivers\evbda.sys
10:53:51.0473 3572 ebdrv - ok
10:53:51.0473 3572 [ c118a82cd78818c29ab228366ebf81c3 ] EFS C:\Windows\System32\lsass.exe
10:53:51.0473 3572 EFS - ok
10:53:51.0489 3572 [ c4002b6b41975f057d98c439030cea07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:53:51.0489 3572 ehRecvr - ok
10:53:51.0489 3572 [ 4705e8ef9934482c5bb488ce28afc681 ] ehSched C:\Windows\ehome\ehsched.exe
10:53:51.0489 3572 ehSched - ok
10:53:51.0504 3572 [ 0e5da5369a0fcaea12456dd852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
10:53:51.0504 3572 elxstor - ok
10:53:51.0504 3572 [ 34a3c54752046e79a126e15c51db409b ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:53:51.0504 3572 ErrDev - ok
10:53:51.0504 3572 [ f4845b5eeca94d200f621bbaaf7946c1 ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys
10:53:51.0504 3572 EtronHub3 - ok
10:53:51.0520 3572 [ 4a5945b5cdcf8ec3f842ae8aaa146a1f ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys
10:53:51.0520 3572 EtronXHCI - ok
10:53:51.0520 3572 [ 4166f82be4d24938977dd1746be9b8a0 ] EventSystem C:\Windows\system32\es.dll
10:53:51.0520 3572 EventSystem - ok
10:53:51.0520 3572 [ a510c654ec00c1e9bdd91eeb3a59823b ] exfat C:\Windows\system32\drivers\exfat.sys
10:53:51.0536 3572 exfat - ok
10:53:51.0536 3572 [ 0adc83218b66a6db380c330836f3e36d ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:53:51.0536 3572 fastfat - ok
10:53:51.0536 3572 [ dbefd454f8318a0ef691fdd2eaab44eb ] Fax C:\Windows\system32\fxssvc.exe
10:53:51.0551 3572 Fax - ok
10:53:51.0551 3572 [ d765d19cd8ef61f650c384f62fac00ab ] fdc C:\Windows\system32\drivers\fdc.sys
10:53:51.0551 3572 fdc - ok
10:53:51.0551 3572 [ 0438cab2e03f4fb61455a7956026fe86 ] fdPHost C:\Windows\system32\fdPHost.dll
10:53:51.0551 3572 fdPHost - ok
10:53:51.0551 3572 [ 802496cb59a30349f9a6dd22d6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
10:53:51.0551 3572 FDResPub - ok
10:53:51.0567 3572 [ 655661be46b5f5f3fd454e2c3095b930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:53:51.0567 3572 FileInfo - ok
10:53:51.0567 3572 [ 5f671ab5bc87eea04ec38a6cd5962a47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:53:51.0567 3572 Filetrace - ok
10:53:51.0567 3572 [ c172a0f53008eaeb8ea33fe10e177af5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
10:53:51.0567 3572 flpydisk - ok
10:53:51.0567 3572 [ da6b67270fd9db3697b20fce94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:53:51.0567 3572 FltMgr - ok
10:53:51.0582 3572 [ b4447f606bb19fd8ad0bafb59b90f5d9 ] FontCache C:\Windows\system32\FntCache.dll
10:53:51.0598 3572 FontCache - ok
10:53:51.0598 3572 [ a8b7f3818ab65695e3a0bb3279f6dce6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:53:51.0598 3572 FontCache3.0.0.0 - ok
10:53:51.0598 3572 [ d43703496149971890703b4b1b723eac ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:53:51.0598 3572 FsDepends - ok
10:53:51.0598 3572 [ 6bd9295cc032dd3077c671fccf579a7b ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:53:51.0598 3572 Fs_Rec - ok
10:53:51.0598 3572 [ 1f7b25b858fa27015169fe95e54108ed ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:53:51.0614 3572 fvevol - ok
10:53:51.0614 3572 [ 8c778d335c9d272cfd3298ab02abe3b6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
10:53:51.0614 3572 gagp30kx - ok
10:53:51.0614 3572 gdrv - ok
10:53:51.0614 3572 [ 277bbc7e1aa1ee957f573a10eca7ef3a ] gpsvc C:\Windows\System32\gpsvc.dll
10:53:51.0629 3572 gpsvc - ok
10:53:51.0629 3572 [ 506708142bc63daba64f2d3ad1dcd5bf ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:53:51.0629 3572 gupdate - ok
10:53:51.0629 3572 [ 506708142bc63daba64f2d3ad1dcd5bf ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:53:51.0629 3572 gupdatem - ok
10:53:51.0629 3572 [ f2523ef6460fc42405b12248338ab2f0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:53:51.0629 3572 hcw85cir - ok
10:53:51.0645 3572 [ 975761c778e33cd22498059b91e7373a ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:53:51.0645 3572 HdAudAddService - ok
10:53:51.0645 3572 [ 97bfed39b6b79eb12cddbfeed51f56bb ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
10:53:51.0645 3572 HDAudBus - ok
10:53:51.0645 3572 [ 78e86380454a7b10a5eb255dc44a355f ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
10:53:51.0645 3572 HidBatt - ok
10:53:51.0660 3572 [ 7fd2a313f7afe5c4dab14798c48dd104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
10:53:51.0660 3572 HidBth - ok
10:53:51.0660 3572 [ 0a77d29f311b88cfae3b13f9c1a73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
10:53:51.0660 3572 HidIr - ok
10:53:51.0660 3572 [ bd9eb3958f213f96b97b1d897dee006d ] hidserv C:\Windows\system32\hidserv.dll
10:53:51.0660 3572 hidserv - ok
10:53:51.0660 3572 [ 9592090a7e2b61cd582b612b6df70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:53:51.0660 3572 HidUsb - ok
10:53:51.0660 3572 [ 387e72e739e15e3d37907a86d9ff98e2 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:53:51.0660 3572 hkmsvc - ok
10:53:51.0676 3572 [ efdfb3dd38a4376f93e7985173813abd ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:53:51.0676 3572 HomeGroupListener - ok
10:53:51.0676 3572 [ 908acb1f594274965a53926b10c81e89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:53:51.0676 3572 HomeGroupProvider - ok
10:53:51.0676 3572 [ 39d2abcd392f3d8a6dce7b60ae7b8efc ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:53:51.0676 3572 HpSAMD - ok
10:53:51.0692 3572 [ 0ea7de1acb728dd5a369fd742d6eee28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:53:51.0692 3572 HTTP - ok
10:53:51.0692 3572 [ a5462bd6884960c9dc85ed49d34ff392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:53:51.0692 3572 hwpolicy - ok
10:53:51.0707 3572 [ fa55c73d4affa7ee23ac4be53b4592d3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
10:53:51.0707 3572 i8042prt - ok
10:53:51.0707 3572 [ 3df4395a7cf8b7a72a5f4606366b8c2d ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:53:51.0707 3572 iaStorV - ok
10:53:51.0723 3572 [ 5988fc40f8db5b0739cd1e3a5d0d78bd ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:53:51.0723 3572 idsvc - ok
10:53:51.0816 3572 [ 54e37a4e66b2ca1c38e9728fad5f9822 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
10:53:51.0926 3572 igfx - ok
10:53:51.0926 3572 [ 5c18831c61933628f5bb0ea2675b9d21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
10:53:51.0926 3572 iirsp - ok
10:53:51.0941 3572 [ fcd84c381e0140af901e58d48882d26b ] IKEEXT C:\Windows\System32\ikeext.dll
10:53:51.0941 3572 IKEEXT - ok
10:53:51.0957 3572 [ 6c9fffeca9fed31347d211c5d1ffbd2d ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
10:53:51.0957 3572 IntcDAud - ok
10:53:51.0972 3572 [ 2d66067c7a8a0112156bcd1c0baa7042 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
10:53:51.0972 3572 Intel(R) Capability Licensing Service Interface - ok
10:53:51.0972 3572 [ f00f20e70c6ec3aa366910083a0518aa ] intelide C:\Windows\system32\drivers\intelide.sys
10:53:51.0972 3572 intelide - ok
10:53:51.0972 3572 [ ada036632c664caa754079041cf1f8c1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:53:51.0972 3572 intelppm - ok
10:53:51.0972 3572 [ 098a91c54546a3b878dad6a7e90a455b ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:53:51.0972 3572 IPBusEnum - ok
10:53:51.0972 3572 [ c9f0e1bd74365a8771590e9008d22ab6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:53:51.0988 3572 IpFilterDriver - ok
10:53:51.0988 3572 [ a34a587fffd45fa649fba6d03784d257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:53:51.0988 3572 iphlpsvc - ok
10:53:51.0988 3572 [ 0fc1aea580957aa8817b8f305d18ca3a ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:53:51.0988 3572 IPMIDRV - ok
10:53:52.0004 3572 [ af9b39a7e7b6caa203b3862582e9f2d0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:53:52.0004 3572 IPNAT - ok
10:53:52.0004 3572 [ 3abf5e7213eb28966d55d58b515d5ce9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:53:52.0004 3572 IRENUM - ok
10:53:52.0004 3572 [ 2f7b28dc3e1183e5eb418df55c204f38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:53:52.0004 3572 isapnp - ok
10:53:52.0004 3572 [ d931d7309deb2317035b07c9f9e6b0bd ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:53:52.0004 3572 iScsiPrt - ok
10:53:52.0019 3572 [ 6bcef45131c8b8e1c558be540b190b3c ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
10:53:52.0019 3572 iusb3hcs - ok
10:53:52.0019 3572 [ f080eada8715f811b58bd35bb774f2f9 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
10:53:52.0019 3572 iusb3hub - ok
10:53:52.0035 3572 [ 0f1756d9396740f053221fa6260fce66 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
10:53:52.0035 3572 iusb3xhc - ok
10:53:52.0035 3572 [ 166fc0b36842135bc2d3c32df70ed0d6 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
10:53:52.0035 3572 jhi_service - ok
10:53:52.0035 3572 [ bc02336f1cba7dcc7d1213bb588a68a5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:53:52.0035 3572 kbdclass - ok
10:53:52.0035 3572 [ 0705eff5b42a9db58548eec3b26bb484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:53:52.0035 3572 kbdhid - ok
10:53:52.0050 3572 [ c118a82cd78818c29ab228366ebf81c3 ] KeyIso C:\Windows\system32\lsass.exe
10:53:52.0050 3572 KeyIso - ok
10:53:52.0050 3572 [ 97a7070aea4c058b6418519e869a63b4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:53:52.0050 3572 KSecDD - ok
10:53:52.0050 3572 [ 26c43a7c2862447ec59deda188d1da07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:53:52.0050 3572 KSecPkg - ok
10:53:52.0050 3572 [ 6869281e78cb31a43e969f06b57347c4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:53:52.0050 3572 ksthunk - ok
10:53:52.0066 3572 [ 6ab66e16aa859232f64deb66887a8c9c ] KtmRm C:\Windows\system32\msdtckrm.dll
10:53:52.0066 3572 KtmRm - ok
10:53:52.0066 3572 [ b8040d3b97b16b89701e31a17353856c ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
10:53:52.0066 3572 L1C - ok
10:53:52.0066 3572 [ d9f42719019740baa6d1c6d536cbdaa6 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:53:52.0066 3572 LanmanServer - ok
10:53:52.0082 3572 [ 851a1382eed3e3a7476db004f4ee3e1a ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:53:52.0082 3572 LanmanWorkstation - ok
10:53:52.0082 3572 [ 1538831cf8ad2979a04c423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:53:52.0082 3572 lltdio - ok
10:53:52.0082 3572 [ c1185803384ab3feed115f79f109427f ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:53:52.0082 3572 lltdsvc - ok
10:53:52.0097 3572 [ f993a32249b66c9d622ea5592a8b76b8 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:53:52.0097 3572 lmhosts - ok
10:53:52.0097 3572 [ c56e64ba70dc822b84d100a6f8d690d3 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:53:52.0097 3572 LMS - ok
10:53:52.0097 3572 [ 1a93e54eb0ece102495a51266dcdb6a6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
10:53:52.0097 3572 LSI_FC - ok
10:53:52.0097 3572 [ 1047184a9fdc8bdbff857175875ee810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
10:53:52.0113 3572 LSI_SAS - ok
10:53:52.0113 3572 [ 30f5c0de1ee8b5bc9306c1f0e4a75f93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
10:53:52.0113 3572 LSI_SAS2 - ok
10:53:52.0113 3572 [ 0504eacaff0d3c8aed161c4b0d369d4a ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
10:53:52.0113 3572 LSI_SCSI - ok
10:53:52.0113 3572 [ 43d0f98e1d56ccddb0d5254cff7b356e ] luafv C:\Windows\system32\drivers\luafv.sys
10:53:52.0113 3572 luafv - ok
10:53:52.0113 3572 [ 0be09cd858abf9df6ed259d57a1a1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:53:52.0113 3572 Mcx2Svc - ok
10:53:52.0128 3572 [ a55805f747c6edb6a9080d7c633bd0f4 ] megasas C:\Windows\system32\drivers\megasas.sys
10:53:52.0128 3572 megasas - ok
10:53:52.0128 3572 [ baf74ce0072480c3b6b7c13b2a94d6b3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
10:53:52.0128 3572 MegaSR - ok
10:53:52.0128 3572 [ 6b01b7414a105b9e51652089a03027cf ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
10:53:52.0128 3572 MEIx64 - ok
10:53:52.0128 3572 [ e40e80d0304a73e8d269f7141d77250b ] MMCSS C:\Windows\system32\mmcss.dll
10:53:52.0144 3572 MMCSS - ok
10:53:52.0144 3572 [ 800ba92f7010378b09f9ed9270f07137 ] Modem C:\Windows\system32\drivers\modem.sys
10:53:52.0144 3572 Modem - ok
10:53:52.0144 3572 [ b03d591dc7da45ece20b3b467e6aadaa ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:53:52.0144 3572 monitor - ok
10:53:52.0144 3572 [ 7d27ea49f3c1f687d357e77a470aea99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:53:52.0144 3572 mouclass - ok
10:53:52.0144 3572 [ d3bf052c40b0c4166d9fd86a4288c1e6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:53:52.0144 3572 mouhid - ok
10:53:52.0144 3572 [ 32e7a3d591d671a6df2db515a5cbe0fa ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:53:52.0144 3572 mountmgr - ok
10:53:52.0160 3572 [ a44b420d30bd56e145d6a2bc8768ec58 ] mpio C:\Windows\system32\drivers\mpio.sys
10:53:52.0160 3572 mpio - ok
10:53:52.0160 3572 [ 6c38c9e45ae0ea2fa5e551f2ed5e978f ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:53:52.0160 3572 mpsdrv - ok
10:53:52.0175 3572 [ 54ffc9c8898113ace189d4aa7199d2c1 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:53:52.0175 3572 MpsSvc - ok
10:53:52.0175 3572 [ dc722758b8261e1abafd31a3c0a66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:53:52.0175 3572 MRxDAV - ok
10:53:52.0191 3572 [ a5d9106a73dc88564c825d317cac68ac ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:53:52.0191 3572 mrxsmb - ok
10:53:52.0191 3572 [ d711b3c1d5f42c0c2415687be09fc163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:53:52.0191 3572 mrxsmb10 - ok
10:53:52.0191 3572 [ 9423e9d355c8d303e76b8cfbd8a5c30c ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:53:52.0191 3572 mrxsmb20 - ok
10:53:52.0191 3572 [ c25f0bafa182cbca2dd3c851c2e75796 ] msahci C:\Windows\system32\drivers\msahci.sys
10:53:52.0191 3572 msahci - ok
10:53:52.0206 3572 [ db801a638d011b9633829eb6f663c900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:53:52.0206 3572 msdsm - ok
10:53:52.0206 3572 [ de0ece52236cfa3ed2dbfc03f28253a8 ] MSDTC C:\Windows\System32\msdtc.exe
10:53:52.0206 3572 MSDTC - ok
10:53:52.0206 3572 [ aa3fb40e17ce1388fa1bedab50ea8f96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:53:52.0206 3572 Msfs - ok
10:53:52.0206 3572 [ f9d215a46a8b9753f61767fa72a20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:53:52.0206 3572 mshidkmdf - ok
10:53:52.0222 3572 [ d916874bbd4f8b07bfb7fa9b3ccae29d ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:53:52.0222 3572 msisadrv - ok
10:53:52.0222 3572 [ 808e98ff49b155c522e6400953177b08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:53:52.0222 3572 MSiSCSI - ok
10:53:52.0222 3572 msiserver - ok
10:53:52.0222 3572 [ 49ccf2c4fea34ffad8b1b59d49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:53:52.0222 3572 MSKSSRV - ok
10:53:52.0222 3572 [ bdd71ace35a232104ddd349ee70e1ab3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:53:52.0222 3572 MSPCLOCK - ok
10:53:52.0222 3572 [ 4ed981241db27c3383d72092b618a1d0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:53:52.0238 3572 MSPQM - ok
10:53:52.0238 3572 [ 759a9eeb0fa9ed79da1fb7d4ef78866d ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:53:52.0238 3572 MsRPC - ok
10:53:52.0238 3572 [ 0eed230e37515a0eaee3c2e1bc97b288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
10:53:52.0238 3572 mssmbios - ok
10:53:52.0238 3572 [ 2e66f9ecb30b4221a318c92ac2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:53:52.0238 3572 MSTEE - ok
10:53:52.0253 3572 [ 7ea404308934e675bffde8edf0757bcd ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
10:53:52.0253 3572 MTConfig - ok
10:53:52.0253 3572 [ f9a18612fd3526fe473c1bda678d61c8 ] Mup C:\Windows\system32\Drivers\mup.sys
10:53:52.0253 3572 Mup - ok
10:53:52.0253 3572 [ 582ac6d9873e31dfa28a4547270862dd ] napagent C:\Windows\system32\qagentRT.dll
10:53:52.0253 3572 napagent - ok
10:53:52.0269 3572 [ 1ea3749c4114db3e3161156ffffa6b33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:53:52.0269 3572 NativeWifiP - ok
10:53:52.0269 3572 [ 79b47fd40d9a817e932f9d26fac0a81c ] NDIS C:\Windows\system32\drivers\ndis.sys
10:53:52.0284 3572 NDIS - ok
10:53:52.0284 3572 [ 9f9a1f53aad7da4d6fef5bb73ab811ac ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:53:52.0284 3572 NdisCap - ok
10:53:52.0284 3572 [ 30639c932d9fef22b31268fe25a1b6e5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:53:52.0284 3572 NdisTapi - ok
10:53:52.0300 3572 [ 136185f9fb2cc61e573e676aa5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:53:52.0300 3572 Ndisuio - ok
10:53:52.0300 3572 [ 53f7305169863f0a2bddc49e116c2e11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:53:52.0300 3572 NdisWan - ok
10:53:52.0300 3572 [ 015c0d8e0e0421b4cfd48cffe2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:53:52.0300 3572 NDProxy - ok
10:53:52.0300 3572 [ 86743d9f5d2b1048062b14b1d84501c4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:53:52.0300 3572 NetBIOS - ok
10:53:52.0316 3572 [ 09594d1089c523423b32a4229263f068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:53:52.0316 3572 NetBT - ok
10:53:52.0316 3572 [ c118a82cd78818c29ab228366ebf81c3 ] Netlogon C:\Windows\system32\lsass.exe
10:53:52.0316 3572 Netlogon - ok
10:53:52.0316 3572 [ 847d3ae376c0817161a14a82c8922a9e ] Netman C:\Windows\System32\netman.dll
10:53:52.0316 3572 Netman - ok
10:53:52.0331 3572 [ 5f28111c648f1e24f7dbc87cdeb091b8 ] netprofm C:\Windows\System32\netprofm.dll
10:53:52.0331 3572 netprofm - ok
10:53:52.0331 3572 [ 3e5a36127e201ddf663176b66828fafe ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:53:52.0331 3572 NetTcpPortSharing - ok
10:53:52.0331 3572 [ 77889813be4d166cdab78ddba990da92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
10:53:52.0331 3572 nfrd960 - ok
10:53:52.0347 3572 [ 1ee99a89cc788ada662441d1e9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:53:52.0347 3572 NlaSvc - ok
10:53:52.0347 3572 [ 1e4c4ab5c9b8dd13179bbdc75a2a01f7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:53:52.0347 3572 Npfs - ok
10:53:52.0347 3572 [ d54bfdf3e0c953f823b3d0bfe4732528 ] nsi C:\Windows\system32\nsisvc.dll
10:53:52.0347 3572 nsi - ok
10:53:52.0347 3572 [ e7f5ae18af4168178a642a9247c63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:53:52.0347 3572 nsiproxy - ok
10:53:52.0362 3572 [ 05d78aa5cb5f3f5c31160bdb955d0b7c ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:53:52.0378 3572 Ntfs - ok
10:53:52.0378 3572 [ 9899284589f75fa8724ff3d16aed75c1 ] Null C:\Windows\system32\drivers\Null.sys
10:53:52.0378 3572 Null - ok
10:53:52.0378 3572 [ 5d9fd91f3d38dc9da01e3cb5fa89cd48 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:53:52.0394 3572 nvraid - ok
10:53:52.0394 3572 [ f7cd50fe7139f07e77da8ac8033d1832 ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:53:52.0394 3572 nvstor - ok
10:53:52.0394 3572 [ 270d7cd42d6e3979f6dd0146650f0e05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:53:52.0394 3572 nv_agp - ok
10:53:52.0394 3572 [ 3589478e4b22ce21b41fa1bfc0b8b8a0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:53:52.0394 3572 ohci1394 - ok
10:53:52.0409 3572 [ 3eac4455472cc2c97107b5291e0dcafe ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:53:52.0409 3572 p2pimsvc - ok
10:53:52.0409 3572 [ 927463ecb02179f88e4b9a17568c63c3 ] p2psvc C:\Windows\system32\p2psvc.dll
10:53:52.0409 3572 p2psvc - ok
10:53:52.0425 3572 [ 0086431c29c35be1dbc43f52cc273887 ] Parport C:\Windows\system32\drivers\parport.sys
10:53:52.0425 3572 Parport - ok
10:53:52.0425 3572 [ e9766131eeade40a27dc27d2d68fba9c ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:53:52.0425 3572 partmgr - ok
10:53:52.0425 3572 [ 3aeaa8b561e63452c655dc0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:53:52.0425 3572 PcaSvc - ok
10:53:52.0425 3572 [ 94575c0571d1462a0f70bde6bd6ee6b3 ] pci C:\Windows\system32\drivers\pci.sys
10:53:52.0425 3572 pci - ok
10:53:52.0440 3572 [ b5b8b5ef2e5cb34df8dcf8831e3534fa ] pciide C:\Windows\system32\drivers\pciide.sys
10:53:52.0440 3572 pciide - ok
10:53:52.0440 3572 [ b2e81d4e87ce48589f98cb8c05b01f2f ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
10:53:52.0440 3572 pcmcia - ok
10:53:52.0440 3572 [ d6b9c2e1a11a3a4b26a182ffef18f603 ] pcw C:\Windows\system32\drivers\pcw.sys
10:53:52.0440 3572 pcw - ok
10:53:52.0456 3572 [ 68769c3356b3be5d1c732c97b9a80d6e ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:53:52.0456 3572 PEAUTH - ok
10:53:52.0472 3572 [ b9b0a4299dd2d76a4243f75fd54dc680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
10:53:52.0472 3572 PeerDistSvc - ok
10:53:52.0472 3572 [ e495e408c93141e8fc72dc0c6046ddfa ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:53:52.0487 3572 PerfHost - ok
10:53:52.0487 3572 [ c7cf6a6e137463219e1259e3f0f0dd6c ] pla C:\Windows\system32\pla.dll
10:53:52.0503 3572 pla - ok
10:53:52.0503 3572 [ 25fbdef06c4d92815b353f6e792c8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:53:52.0518 3572 PlugPlay - ok
10:53:52.0518 3572 [ 7195581cec9bb7d12abe54036acc2e38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:53:52.0518 3572 PNRPAutoReg - ok
10:53:52.0518 3572 [ 3eac4455472cc2c97107b5291e0dcafe ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:53:52.0518 3572 PNRPsvc - ok
10:53:52.0534 3572 [ 4f15d75adf6156bf56eced6d4a55c389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:53:52.0534 3572 PolicyAgent - ok
10:53:52.0534 3572 [ 6ba9d927dded70bd1a9caded45f8b184 ] Power C:\Windows\system32\umpo.dll
10:53:52.0534 3572 Power - ok
10:53:52.0534 3572 [ f92a2c41117a11a00be01ca01a7fcde9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:53:52.0550 3572 PptpMiniport - ok
10:53:52.0550 3572 [ 0d922e23c041efb1c3fac2a6f943c9bf ] Processor C:\Windows\system32\drivers\processr.sys
10:53:52.0550 3572 Processor - ok
10:53:52.0550 3572 [ 5c78838b4d166d1a27db3a8a820c799a ] ProfSvc C:\Windows\system32\profsvc.dll
10:53:52.0550 3572 ProfSvc - ok
10:53:52.0550 3572 [ c118a82cd78818c29ab228366ebf81c3 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:53:52.0550 3572 ProtectedStorage - ok
10:53:52.0565 3572 [ 0557cf5a2556bd58e26384169d72438d ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:53:52.0565 3572 Psched - ok
10:53:52.0565 3572 [ a53a15a11ebfd21077463ee2c7afeef0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
10:53:52.0581 3572 ql2300 - ok
10:53:52.0581 3572 [ 4f6d12b51de1aaeff7dc58c4d75423c8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
10:53:52.0581 3572 ql40xx - ok
10:53:52.0596 3572 [ 906191634e99aea92c4816150bda3732 ] QWAVE C:\Windows\system32\qwave.dll
10:53:52.0596 3572 QWAVE - ok
10:53:52.0596 3572 [ 76707bb36430888d9ce9d705398adb6c ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:53:52.0596 3572 QWAVEdrv - ok
10:53:52.0596 3572 [ 5a0da8ad5762fa2d91678a8a01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:53:52.0596 3572 RasAcd - ok
10:53:52.0596 3572 [ 7ecff9b22276b73f43a99a15a6094e90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:53:52.0596 3572 RasAgileVpn - ok
10:53:52.0596 3572 [ 8f26510c5383b8dbe976de1cd00fc8c7 ] RasAuto C:\Windows\System32\rasauto.dll
10:53:52.0612 3572 RasAuto - ok
10:53:52.0612 3572 [ 471815800ae33e6f1c32fb1b97c490ca ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:53:52.0612 3572 Rasl2tp - ok
10:53:52.0612 3572 [ ee867a0870fc9e4972ba9eaad35651e2 ] RasMan C:\Windows\System32\rasmans.dll
10:53:52.0612 3572 RasMan - ok
10:53:52.0628 3572 [ 855c9b1cd4756c5e9a2aa58a15f58c25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:53:52.0628 3572 RasPppoe - ok
10:53:52.0628 3572 [ e8b1e447b008d07ff47d016c2b0eeecb ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:53:52.0628 3572 RasSstp - ok
10:53:52.0628 3572 [ 77f665941019a1594d887a74f301fa2f ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:53:52.0628 3572 rdbss - ok
10:53:52.0628 3572 [ 302da2a0539f2cf54d7c6cc30c1f2d8d ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:53:52.0628 3572 rdpbus - ok
10:53:52.0643 3572 [ cea6cc257fc9b7715f1c2b4849286d24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:53:52.0643 3572 RDPCDD - ok
10:53:52.0643 3572 [ 1b6163c503398b23ff8b939c67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
10:53:52.0643 3572 RDPDR - ok
10:53:52.0643 3572 [ bb5971a4f00659529a5c44831af22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:53:52.0643 3572 RDPENCDD - ok
10:53:52.0643 3572 [ 216f3fa57533d98e1f74ded70113177a ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:53:52.0643 3572 RDPREFMP - ok
10:53:52.0659 3572 [ e61608aa35e98999af9aaeeea6114b0a ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:53:52.0659 3572 RDPWD - ok
10:53:52.0659 3572 [ 34ed295fa0121c241bfef24764fc4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:53:52.0659 3572 rdyboost - ok
10:53:52.0659 3572 [ 254fb7a22d74e5511c73a3f6d802f192 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:53:52.0659 3572 RemoteAccess - ok
10:53:52.0674 3572 [ e4d94f24081440b5fc5aa556c7c62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:53:52.0674 3572 RemoteRegistry - ok
10:53:52.0674 3572 [ e4dc58cf7b3ea515ae917ff0d402a7bb ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:53:52.0674 3572 RpcEptMapper - ok
10:53:52.0674 3572 [ d5ba242d4cf8e384db90e6a8ed850b8c ] RpcLocator C:\Windows\system32\locator.exe
10:53:52.0674 3572 RpcLocator - ok
10:53:52.0674 3572 [ 5c627d1b1138676c0a7ab2c2c190d123 ] RpcSs C:\Windows\system32\rpcss.dll
10:53:52.0690 3572 RpcSs - ok
10:53:52.0690 3572 [ ddc86e4f8e7456261e637e3552e804ff ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:53:52.0690 3572 rspndr - ok
10:53:52.0690 3572 [ e60c0a09f997826c7627b244195ab581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
10:53:52.0690 3572 s3cap - ok
10:53:52.0690 3572 [ c118a82cd78818c29ab228366ebf81c3 ] SamSs C:\Windows\system32\lsass.exe
10:53:52.0690 3572 SamSs - ok
10:53:52.0690 3572 [ ac03af3329579fffb455aa2daabbe22b ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:53:52.0690 3572 sbp2port - ok
10:53:52.0706 3572 [ 9b7395789e3791a3b6d000fe6f8b131e ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:53:52.0706 3572 SCardSvr - ok
10:53:52.0706 3572 [ 253f38d0d7074c02ff8deb9836c97d2b ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:53:52.0706 3572 scfilter - ok
10:53:52.0721 3572 [ 262f6592c3299c005fd6bec90fc4463a ] Schedule C:\Windows\system32\schedsvc.dll
10:53:52.0721 3572 Schedule - ok
10:53:52.0721 3572 [ f17d1d393bbc69c5322fbfafaca28c7f ] SCPolicySvc C:\Windows\System32\certprop.dll
10:53:52.0721 3572 SCPolicySvc - ok
10:53:52.0737 3572 [ 6ea4234dc55346e0709560fe7c2c1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:53:52.0737 3572 SDRSVC - ok
10:53:52.0737 3572 [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:53:52.0737 3572 secdrv - ok
10:53:52.0737 3572 [ bc617a4e1b4fa8df523a061739a0bd87 ] seclogon C:\Windows\system32\seclogon.dll
10:53:52.0737 3572 seclogon - ok
10:53:52.0737 3572 [ c32ab8fa018ef34c0f113bd501436d21 ] SENS C:\Windows\System32\sens.dll
10:53:52.0737 3572 SENS - ok
10:53:52.0752 3572 [ 0336cffafaab87a11541f1cf1594b2b2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:53:52.0752 3572 SensrSvc - ok
10:53:52.0752 3572 [ cb624c0035412af0debec78c41f5ca1b ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:53:52.0752 3572 Serenum - ok
10:53:52.0752 3572 [ c1d8e28b2c2adfaec4ba89e9fda69bd6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:53:52.0752 3572 Serial - ok
10:53:52.0752 3572 [ 1c545a7d0691cc4a027396535691c3e3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
10:53:52.0752 3572 sermouse - ok
10:53:52.0768 3572 [ 0b6231bf38174a1628c4ac812cc75804 ] SessionEnv C:\Windows\system32\sessenv.dll
10:53:52.0768 3572 SessionEnv - ok
10:53:52.0768 3572 [ a554811bcd09279536440c964ae35bbf ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:53:52.0768 3572 sffdisk - ok
10:53:52.0768 3572 [ ff414f0baefeba59bc6c04b3db0b87bf ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:53:52.0768 3572 sffp_mmc - ok
10:53:52.0768 3572 [ dd85b78243a19b59f0637dcf284da63c ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:53:52.0768 3572 sffp_sd - ok
10:53:52.0768 3572 [ a9d601643a1647211a1ee2ec4e433ff4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
10:53:52.0768 3572 sfloppy - ok
10:53:52.0784 3572 [ b95f6501a2f8b2e78c697fec401970ce ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:53:52.0784 3572 SharedAccess - ok
10:53:52.0784 3572 [ aaf932b4011d14052955d4b212a4da8d ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:53:52.0784 3572 ShellHWDetection - ok
10:53:52.0799 3572 [ 843caf1e5fde1ffd5ff768f23a51e2e1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
10:53:52.0815 3572 SiSRaid2 - ok
10:53:52.0830 3572 [ 6a6c106d42e9ffff8b9fcb4f754f6da4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
10:53:52.0830 3572 SiSRaid4 - ok
10:53:52.0830 3572 [ f07af60b152221472fbdb2fecec4896d ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:53:52.0830 3572 SkypeUpdate - ok
10:53:52.0830 3572 [ 548260a7b8654e024dc30bf8a7c5baa4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:53:52.0830 3572 Smb - ok
10:53:52.0830 3572 [ 6313f223e817cc09aa41811daa7f541d ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:53:52.0830 3572 SNMPTRAP - ok
10:53:52.0846 3572 [ 12583af6cbe0050651eaf2723b3ad7b3 ] speedfan C:\Windows\syswow64\speedfan.sys
10:53:52.0846 3572 speedfan - ok
10:53:52.0846 3572 [ b9e31e5cacdfe584f34f730a677803f9 ] spldr C:\Windows\system32\drivers\spldr.sys
10:53:52.0846 3572 spldr - ok
10:53:52.0846 3572 [ b96c17b5dc1424d56eea3a99e97428cd ] Spooler C:\Windows\System32\spoolsv.exe
10:53:52.0846 3572 Spooler - ok
10:53:52.0877 3572 [ e17e0188bb90fae42d83e98707efa59c ] sppsvc C:\Windows\system32\sppsvc.exe
10:53:52.0908 3572 sppsvc - ok
10:53:52.0908 3572 [ 93d7d61317f3d4bc4f4e9f8a96a7de45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:53:52.0908 3572 sppuinotify - ok
10:53:52.0908 3572 [ 441fba48bff01fdb9d5969ebc1838f0b ] srv C:\Windows\system32\DRIVERS\srv.sys
10:53:52.0908 3572 srv - ok
10:53:52.0924 3572 [ b4adebbf5e3677cce9651e0f01f7cc28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:53:52.0924 3572 srv2 - ok
10:53:52.0924 3572 [ 27e461f0be5bff5fc737328f749538c3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:53:52.0924 3572 srvnet - ok
10:53:52.0924 3572 [ 51b52fbd583cde8aa9ba62b8b4298f33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:53:52.0924 3572 SSDPSRV - ok
10:53:52.0940 3572 [ ab7aebf58dad8daab7a6c45e6a8885cb ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:53:52.0940 3572 SstpSvc - ok
10:53:52.0940 3572 [ f3817967ed533d08327dc73bc4d5542a ] stexstor C:\Windows\system32\drivers\stexstor.sys
10:53:52.0940 3572 stexstor - ok
10:53:52.0940 3572 [ 8dd52e8e6128f4b2da92ce27402871c1 ] stisvc C:\Windows\System32\wiaservc.dll
10:53:52.0955 3572 stisvc - ok
10:53:52.0955 3572 [ 7785dc213270d2fc066538daf94087e7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
10:53:52.0955 3572 storflt - ok
10:53:52.0955 3572 [ c40841817ef57d491f22eb103da587cc ] StorSvc C:\Windows\system32\storsvc.dll
10:53:52.0955 3572 StorSvc - ok
10:53:52.0955 3572 [ d34e4943d5ac096c8edeebfd80d76e23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
10:53:52.0955 3572 storvsc - ok
10:53:52.0955 3572 [ d01ec09b6711a5f8e7e6564a4d0fbc90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
10:53:52.0955 3572 swenum - ok
10:53:52.0971 3572 [ e08e46fdd841b7184194011ca1955a0b ] swprv C:\Windows\System32\swprv.dll
10:53:52.0971 3572 swprv - ok
10:53:52.0986 3572 [ bf9ccc0bf39b418c8d0ae8b05cf95b7d ] SysMain C:\Windows\system32\sysmain.dll
10:53:53.0002 3572 SysMain - ok
10:53:53.0002 3572 [ e3c61fd7b7c2557e1f1b0b4cec713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:53:53.0002 3572 TabletInputService - ok
10:53:53.0002 3572 [ 40f0849f65d13ee87b9a9ae3c1dd6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:53:53.0002 3572 TapiSrv - ok
10:53:53.0018 3572 [ 1be03ac720f4d302ea01d40f588162f6 ] TBS C:\Windows\System32\tbssvc.dll
10:53:53.0018 3572 TBS - ok
10:53:53.0033 3572 [ acb82bda8f46c84f465c1afa517dc4b9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:53:53.0033 3572 Tcpip - ok
10:53:53.0049 3572 [ acb82bda8f46c84f465c1afa517dc4b9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:53:53.0049 3572 TCPIP6 - ok
10:53:53.0064 3572 [ df687e3d8836bfb04fcc0615bf15a519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:53:53.0064 3572 tcpipreg - ok
10:53:53.0064 3572 [ 3371d21011695b16333a3934340c4e7c ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:53:53.0064 3572 TDPIPE - ok
10:53:53.0064 3572 [ 51c5eceb1cdee2468a1748be550cfbc8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:53:53.0064 3572 TDTCP - ok
10:53:53.0064 3572 [ ddad5a7ab24d8b65f8d724f5c20fd806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:53:53.0064 3572 tdx - ok
10:53:53.0064 3572 [ 561e7e1f06895d78de991e01dd0fb6e5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
10:53:53.0064 3572 TermDD - ok
10:53:53.0080 3572 [ 2e648163254233755035b46dd7b89123 ] TermService C:\Windows\System32\termsrv.dll
10:53:53.0080 3572 TermService - ok
10:53:53.0096 3572 [ f0344071948d1a1fa732231785a0664c ] Themes C:\Windows\system32\themeservice.dll
10:53:53.0096 3572 Themes - ok
10:53:53.0096 3572 [ e40e80d0304a73e8d269f7141d77250b ] THREADORDER C:\Windows\system32\mmcss.dll
10:53:53.0096 3572 THREADORDER - ok
10:53:53.0096 3572 [ 7e7afd841694f6ac397e99d75cead49d ] TrkWks C:\Windows\System32\trkwks.dll
10:53:53.0096 3572 TrkWks - ok
10:53:53.0096 3572 [ 773212b2aaa24c1e31f10246b15b276c ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:53:53.0096 3572 TrustedInstaller - ok
10:53:53.0111 3572 [ ce18b2cdfc837c99e5fae9ca6cba5d30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:53:53.0111 3572 tssecsrv - ok
10:53:53.0111 3572 [ d11c783e3ef9a3c52c0ebe83cc5000e9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:53:53.0111 3572 TsUsbFlt - ok
10:53:53.0111 3572 [ 9cc2ccae8a84820eaecb886d477cbcb8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
10:53:53.0111 3572 TsUsbGD - ok
10:53:53.0111 3572 [ 3566a8daafa27af944f5d705eaa64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:53:53.0111 3572 tunnel - ok
10:53:53.0111 3572 [ b4dd609bd7e282bfc683cec7eaaaad67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
10:53:53.0127 3572 uagp35 - ok
10:53:53.0127 3572 [ ff4232a1a64012baa1fd97c7b67df593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:53:53.0127 3572 udfs - ok
10:53:53.0127 3572 [ 3cbdec8d06b9968aba702eba076364a1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:53:53.0127 3572 UI0Detect - ok
10:53:53.0142 3572 [ 4bfe1bc28391222894cbf1e7d0e42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:53:53.0142 3572 uliagpkx - ok
10:53:53.0142 3572 [ dc54a574663a895c8763af0fa1ff7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:53:53.0142 3572 umbus - ok
10:53:53.0142 3572 [ b2e8e8cb557b156da5493bbddcc1474d ] UmPass C:\Windows\system32\drivers\umpass.sys
10:53:53.0142 3572 UmPass - ok
10:53:53.0142 3572 [ a293dcd756d04d8492a750d03b9a297c ] UmRdpService C:\Windows\System32\umrdp.dll
10:53:53.0142 3572 UmRdpService - ok
10:53:53.0158 3572 [ 0f9e1bc7e2bea1a4108ec9736cf0c2d9 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
10:53:53.0158 3572 UNS - ok
10:53:53.0158 3572 [ d47ec6a8e81633dd18d2436b19baf6de ] upnphost C:\Windows\System32\upnphost.dll
10:53:53.0158 3572 upnphost - ok
10:53:53.0174 3572 [ 82e8f44688e6fac57b5b7c6fc7adbc2a ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
10:53:53.0174 3572 usbaudio - ok
10:53:53.0174 3572 [ 481dff26b4dca8f4cbac1f7dce1d6829 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:53:53.0174 3572 usbccgp - ok
10:53:53.0174 3572 [ af0892a803fdda7492f595368e3b68e7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:53:53.0174 3572 usbcir - ok
10:53:53.0174 3572 [ 74ee782b1d9c241efe425565854c661c ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:53:53.0174 3572 usbehci - ok
10:53:53.0189 3572 [ dc96bd9ccb8403251bcf25047573558e ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:53:53.0189 3572 usbhub - ok
10:53:53.0189 3572 [ 58e546bbaf87664fc57e0f6081e4f609 ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:53:53.0189 3572 usbohci - ok
10:53:53.0189 3572 [ 73188f58fb384e75c4063d29413cee3d ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:53:53.0189 3572 usbprint - ok
10:53:53.0189 3572 [ d76510cfa0fc09023077f22c2f979d86 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:53:53.0189 3572 USBSTOR - ok
10:53:53.0205 3572 [ 81fb2216d3a60d1284455d511797db3d ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:53:53.0205 3572 usbuhci - ok
10:53:53.0205 3572 [ edbb23cbcf2cdf727d64ff9b51a6070e ] UxSms C:\Windows\System32\uxsms.dll
10:53:53.0205 3572 UxSms - ok
10:53:53.0205 3572 [ c118a82cd78818c29ab228366ebf81c3 ] VaultSvc C:\Windows\system32\lsass.exe
10:53:53.0205 3572 VaultSvc - ok
10:53:53.0205 3572 [ c5c876ccfc083ff3b128f933823e87bd ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:53:53.0205 3572 vdrvroot - ok
10:53:53.0220 3572 [ 8d6b481601d01a456e75c3210f1830be ] vds C:\Windows\System32\vds.exe
10:53:53.0220 3572 vds - ok
10:53:53.0220 3572 [ da4da3f5e02943c2dc8c6ed875de68dd ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:53:53.0220 3572 vga - ok
10:53:53.0220 3572 [ 53e92a310193cb3c03bea963de7d9cfc ] VgaSave C:\Windows\System32\drivers\vga.sys
10:53:53.0220 3572 VgaSave - ok
10:53:53.0236 3572 [ 2ce2df28c83aeaf30084e1b1eb253cbb ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:53:53.0236 3572 vhdmp - ok
10:53:53.0252 3572 [ e8af45c4fe2457d003e1842806f38748 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
10:53:53.0252 3572 VIAHdAudAddService - ok
10:53:53.0252 3572 [ e5689d93ffe4e5d66c0178761240dd54 ] viaide C:\Windows\system32\drivers\viaide.sys
10:53:53.0252 3572 viaide - ok
10:53:53.0267 3572 [ 05d6657a9ccfd269d05d41bffdce9498 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
10:53:53.0267 3572 VIAKaraokeService - ok
10:53:53.0267 3572 [ 86ea3e79ae350fea5331a1303054005f ] vmbus C:\Windows\system32\drivers\vmbus.sys
10:53:53.0267 3572 vmbus - ok
10:53:53.0267 3572 [ 7de90b48f210d29649380545db45a187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
10:53:53.0267 3572 VMBusHID - ok
10:53:53.0267 3572 [ d2aafd421940f640b407aefaaebd91b0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:53:53.0267 3572 volmgr - ok
10:53:53.0283 3572 [ a255814907c89be58b79ef2f189b843b ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:53:53.0283 3572 volmgrx - ok
10:53:53.0283 3572 [ 0d08d2f3b3ff84e433346669b5e0f639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:53:53.0283 3572 volsnap - ok
10:53:53.0283 3572 [ 5e2016ea6ebaca03c04feac5f330d997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
10:53:53.0298 3572 vsmraid - ok
10:53:53.0298 3572 [ b60ba0bc31b0cb414593e169f6f21cc2 ] VSS C:\Windows\system32\vssvc.exe
10:53:53.0314 3572 VSS - ok
10:53:53.0314 3572 [ 36d4720b72b5c5d9cb2b9c29e9df67a1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:53:53.0314 3572 vwifibus - ok
10:53:53.0314 3572 [ 6a3d66263414ff0d6fa754c646612f3f ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:53:53.0330 3572 vwififlt - ok
10:53:53.0330 3572 [ 6a638fc4bfddc4d9b186c28c91bd1a01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
10:53:53.0330 3572 vwifimp - ok
10:53:53.0330 3572 [ 1c9d80cc3849b3788048078c26486e1a ] W32Time C:\Windows\system32\w32time.dll
10:53:53.0330 3572 W32Time - ok
10:53:53.0345 3572 [ 4e9440f4f152a7b944cb1663d3935a3e ] WacomPen C:\Windows\system32\drivers\wacompen.sys
10:53:53.0345 3572 WacomPen - ok
10:53:53.0345 3572 [ 356afd78a6ed4457169241ac3965230c ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:53:53.0345 3572 WANARP - ok
10:53:53.0345 3572 [ 356afd78a6ed4457169241ac3965230c ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:53:53.0345 3572 Wanarpv6 - ok
10:53:53.0361 3572 [ 3cec96de223e49eaae3651fcf8faea6c ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:53:53.0361 3572 WatAdminSvc - ok
10:53:53.0376 3572 [ 78f4e7f5c56cb9716238eb57da4b6a75 ] wbengine C:\Windows\system32\wbengine.exe
10:53:53.0392 3572 wbengine - ok
10:53:53.0392 3572 [ 3aa101e8edab2db4131333f4325c76a3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:53:53.0392 3572 WbioSrvc - ok
10:53:53.0408 3572 [ 7368a2afd46e5a4481d1de9d14848edd ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:53:53.0408 3572 wcncsvc - ok
10:53:53.0408 3572 [ 20f7441334b18cee52027661df4a6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:53:53.0408 3572 WcsPlugInService - ok
10:53:53.0408 3572 [ 72889e16ff12ba0f235467d6091b17dc ] Wd C:\Windows\system32\drivers\wd.sys
10:53:53.0408 3572 Wd - ok
10:53:53.0423 3572 [ 441bd2d7b4f98134c3a4f9fa570fd250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:53:53.0423 3572 Wdf01000 - ok
10:53:53.0423 3572 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:53:53.0423 3572 WdiServiceHost - ok
10:53:53.0423 3572 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:53:53.0423 3572 WdiSystemHost - ok
10:53:53.0439 3572 [ 3db6d04e1c64272f8b14eb8bc4616280 ] WebClient C:\Windows\System32\webclnt.dll
10:53:53.0439 3572 WebClient - ok
10:53:53.0439 3572 [ c749025a679c5103e575e3b48e092c43 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:53:53.0439 3572 Wecsvc - ok
10:53:53.0439 3572 [ 7e591867422dc788b9e5bd337a669a08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:53:53.0454 3572 wercplsupport - ok
10:53:53.0454 3572 [ 6d137963730144698cbd10f202e9f251 ] WerSvc C:\Windows\System32\WerSvc.dll
10:53:53.0454 3572 WerSvc - ok
10:53:53.0454 3572 [ 611b23304bf067451a9fdee01fbdd725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:53:53.0454 3572 WfpLwf - ok
10:53:53.0454 3572 [ 05ecaec3e4529a7153b3136ceb49f0ec ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:53:53.0454 3572 WIMMount - ok
10:53:53.0454 3572 WinDefend - ok
10:53:53.0454 3572 WinHttpAutoProxySvc - ok
10:53:53.0470 3572 [ 19b07e7e8915d701225da41cb3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:53:53.0470 3572 Winmgmt - ok
10:53:53.0486 3572 [ bcb1310604aa415c4508708975b3931e ] WinRM C:\Windows\system32\WsmSvc.dll
10:53:53.0501 3572 WinRM - ok
10:53:53.0517 3572 [ 4fada86e62f18a1b2f42ba18ae24e6aa ] Wlansvc C:\Windows\System32\wlansvc.dll
10:53:53.0517 3572 Wlansvc - ok
10:53:53.0517 3572 [ f6ff8944478594d0e414d3f048f0d778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:53:53.0517 3572 WmiAcpi - ok
10:53:53.0517 3572 [ 38b84c94c5a8af291adfea478ae54f93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:53:53.0532 3572 wmiApSrv - ok
10:53:53.0532 3572 WMPNetworkSvc - ok
10:53:53.0532 3572 [ 96c6e7100d724c69fcf9e7bf590d1dca ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:53:53.0532 3572 WPCSvc - ok
10:53:53.0532 3572 [ 93221146d4ebbf314c29b23cd6cc391d ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:53:53.0532 3572 WPDBusEnum - ok
10:53:53.0532 3572 [ 6bcc1d7d2fd2453957c5479a32364e52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:53:53.0532 3572 ws2ifsl - ok
10:53:53.0548 3572 [ e8b1fe6669397d1772d8196df0e57a9e ] wscsvc C:\Windows\System32\wscsvc.dll
10:53:53.0548 3572 wscsvc - ok
10:53:53.0548 3572 WSearch - ok
10:53:53.0564 3572 [ d9ef901dca379cfe914e9fa13b73b4c4 ] wuauserv C:\Windows\system32\wuaueng.dll
10:53:53.0579 3572 wuauserv - ok
10:53:53.0579 3572 [ d3381dc54c34d79b22cee0d65ba91b7c ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:53:53.0579 3572 WudfPf - ok
10:53:53.0595 3572 [ cf8d590be3373029d57af80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:53:53.0595 3572 WUDFRd - ok
10:53:53.0595 3572 [ 7a95c95b6c4cf292d689106bcae49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:53:53.0595 3572 wudfsvc - ok
10:53:53.0595 3572 [ 9a3452b3c2a46c073166c5cf49fad1ae ] WwanSvc C:\Windows\System32\wwansvc.dll
10:53:53.0595 3572 WwanSvc - ok
10:53:53.0610 3572 ================ Scan global ===============================
10:53:53.0610 3572 (ba0cd8c393e8c9f83354106093832c7b) C:\Windows\system32\basesrv.dll
10:53:53.0610 3572 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll
10:53:53.0610 3572 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll
10:53:53.0610 3572 (d6160f9d869ba3af0b787f971db56368) C:\Windows\system32\sxssrv.dll
10:53:53.0626 3572 (24acb7e5be595468e3b9aa488b9b4fcb) C:\Windows\system32\services.exe
10:53:53.0626 3572 [Global] - ok
10:53:53.0626 3572 ================ Scan MBR ==================================
10:53:53.0626 3572 MBR (0x1B8) (8e734bd7aa1d4f7e9af58df495f6cf9e) \Device\Harddisk0\DR0
10:53:53.0626 3572 \Device\Harddisk0\DR0 - ok
10:53:53.0642 3572 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
10:53:53.0642 3572 \Device\Harddisk1\DR1 - ok
10:53:53.0642 3572 ================ Scan VBR ==================================
10:53:53.0657 3572 Boot (0x1200) (532643ec7dd4582ee88b8fc7e7f513f2) \Device\Harddisk0\DR0\Partition1
10:53:53.0657 3572 \Device\Harddisk0\DR0\Partition1 - ok
10:53:53.0657 3572 Boot (0x1200) (ab16517b78c10ae98433ef738c134f12) \Device\Harddisk0\DR0\Partition2
10:53:53.0657 3572 \Device\Harddisk0\DR0\Partition2 - ok
10:53:53.0657 3572 Boot (0x1200) (cea0fcb72f8cd0ce67bd49e0b1806ed8) \Device\Harddisk1\DR1\Partition1
10:53:53.0657 3572 \Device\Harddisk1\DR1\Partition1 - ok
10:53:53.0657 3572 ============================================================
10:53:53.0657 3572 Scan finished
10:53:53.0657 3572 ============================================================
10:53:53.0657 2940 Detected object count: 0
10:53:53.0657 2940 Actual detected object count: 0
10:54:02.0518 3964 Deinitialize success
Sippowich
Active Member
 
Posts: 8
Joined: August 14th, 2012, 1:43 pm

Re: ib.adnxs.com pop up

Unread postby Sippowich » August 16th, 2012, 5:30 am

D. I use my computer just for private purpose and it is just connected to my home network.

E. OTL log file

OTL logfile created on: 16.08.2012 10:56:48 - Run 1
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\Peter\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy

7,90 Gb Total Physical Memory | 6,46 Gb Available Physical Memory | 81,81% Memory free
15,79 Gb Paging File | 14,25 Gb Available in Paging File | 90,27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 140,72 Gb Total Space | 86,89 Gb Free Space | 61,75% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 903,14 Gb Free Space | 96,95% Space Free | Partition Type: NTFS

Computer Name: HOME | User Name: Peter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.08.16 10:54:18 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Peter\Desktop\OTL.exe
PRC - [2012.07.04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
PRC - [2012.04.05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2012.04.04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.02.14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2012.01.27 11:40:44 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2011.12.16 12:30:40 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.12.16 12:30:38 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.12.16 11:02:56 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe


========== Modules (No Company Name) ==========


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012.01.10 16:09:50 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV:64bit: - [2010.04.06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.08.14 22:24:15 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.07.04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012.04.04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.02.14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2012.01.13 00:24:26 | 000,274,200 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2011.12.16 12:30:40 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.12.16 12:30:38 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011.12.16 11:02:56 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2011.12.08 16:38:24 | 000,607,456 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.04.19 04:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012.03.19 05:17:26 | 000,383,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.22 05:25:32 | 000,289,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012.01.31 04:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2012.01.27 11:39:33 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012.01.27 11:39:33 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012.01.27 11:39:33 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012.01.10 16:09:44 | 002,184,816 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2012.01.06 10:59:48 | 000,084,608 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2012.01.06 10:59:48 | 000,059,392 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2012.01.06 05:36:55 | 014,652,768 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.12.23 13:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011.12.23 13:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter)
DRV:64bit: - [2011.12.23 13:31:58 | 000,124,496 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2011.12.06 13:23:08 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011.11.10 01:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011.11.02 10:48:26 | 000,021,616 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2011.08.12 00:54:16 | 000,104,560 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.20 04:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012.02.07 17:46:12 | 000,023,816 | ---- | M] (CPUID) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys -- (cpuz135)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3616754204-2986781181-1707487272-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://at.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3616754204-2986781181-1707487272-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
IE - HKU\S-1-5-21-3616754204-2986781181-1707487272-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CA 84 B4 CB 60 79 CD 01 [binary data]
IE - HKU\S-1-5-21-3616754204-2986781181-1707487272-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3616754204-2986781181-1707487272-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3616754204-2986781181-1707487272-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "https://ixquick.com/"


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012.07.27 07:44:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.08.14 18:26:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.07.28 06:47:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2012.07.27 08:04:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Peter\AppData\Roaming\mozilla\Extensions
[2012.08.16 10:30:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Peter\AppData\Roaming\mozilla\Firefox\Profiles\qx56zo0x.default\extensions
[2012.08.13 16:44:34 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Peter\AppData\Roaming\mozilla\Firefox\Profiles\qx56zo0x.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2012.07.30 11:26:15 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Peter\AppData\Roaming\mozilla\Firefox\Profiles\qx56zo0x.default\extensions\foxyproxy@eric.h.jung
[2012.08.16 10:30:39 | 000,000,000 | ---D | M] (HTTPS-Everywhere) -- C:\Users\Peter\AppData\Roaming\mozilla\Firefox\Profiles\qx56zo0x.default\extensions\https-everywhere@eff.org
[2012.07.27 08:42:46 | 000,000,000 | ---D | M] (VideoFileDownload - Download YouTube Videos) -- C:\Users\Peter\AppData\Roaming\mozilla\Firefox\Profiles\qx56zo0x.default\extensions\plugin@videofiledownload.com
[2012.08.14 18:26:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.07.27 07:44:52 | 000,000,000 | ---D | M] (AVG Do Not Track) -- C:\PROGRAM FILES (X86)\AVG\AVG2012\FIREFOX\DONOTTRACK
[2012.07.30 17:51:51 | 000,013,345 | ---- | M] () (No name found) -- C:\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QX56ZO0X.DEFAULT\EXTENSIONS\{4DC70064-89E2-4A55-8FC6-E8CDEAE3618C}.XPI
[2012.08.14 17:29:35 | 000,039,512 | ---- | M] () (No name found) -- C:\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QX56ZO0X.DEFAULT\EXTENSIONS\{B1DF372D-8B32-4C7D-B6B4-9C5B78CF6FB1}.XPI
[2012.01.21 17:10:44 | 000,138,614 | ---- | M] () (No name found) -- C:\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QX56ZO0X.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI
[2012.02.27 08:19:36 | 000,008,645 | ---- | M] () (No name found) -- C:\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QX56ZO0X.DEFAULT\EXTENSIONS\LONGURLPLEASE@TSENG.XPI
[2011.12.18 18:41:38 | 000,011,510 | ---- | M] () (No name found) -- C:\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QX56ZO0X.DEFAULT\EXTENSIONS\YOUTUBE2MP3@MONDAYX.DE.XPI
[2012.07.14 02:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.07.14 02:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.14 02:45:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.07.14 02:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.14 02:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.14 02:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.14 02:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {BA0454C5-FD30-428E-8DB9-3FF87A612F64} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{07787C27-73E5-44CD-82D0-9B2E8F3B7994}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012.08.16 10:54:25 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Peter\Desktop\OTL.exe
[2012.08.16 10:52:47 | 002,208,856 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Peter\Desktop\tdsskiller.exe
[2012.08.16 09:30:23 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.08.16 09:30:23 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.08.16 09:30:23 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.08.16 09:30:23 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.08.16 09:30:22 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.08.16 09:30:22 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.08.16 09:30:22 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.08.16 09:30:22 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.08.16 09:30:22 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.08.16 09:30:22 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.08.16 09:30:22 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.08.16 09:30:21 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.08.16 09:30:21 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.08.16 07:53:47 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.08.16 07:53:47 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.08.16 07:53:47 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012.08.16 07:53:46 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012.08.15 16:31:04 | 000,000,000 | ---D | C] -- C:\Users\Peter\.thumbnails
[2012.08.15 16:26:30 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\fontconfig
[2012.08.15 16:26:29 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\gegl-0.2
[2012.08.15 16:26:29 | 000,000,000 | ---D | C] -- C:\Users\Peter\.gimp-2.8
[2012.08.15 16:25:29 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2012.08.14 19:45:34 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Peter\Desktop\dds.scr
[2012.08.14 18:31:06 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Malwarebytes
[2012.08.14 18:30:52 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.08.14 18:30:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.08.14 18:30:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.08.14 18:30:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.08.07 10:24:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GTASA-Ultimate Editor
[2012.08.07 10:24:02 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GTASA-Ultimate Editor
[2012.08.07 10:23:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GTASA-Ultimate Editor
[2012.08.07 10:23:41 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\Setup1.exe
[2012.08.07 10:23:40 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE
[2012.08.03 11:51:39 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\pdfforge
[2012.08.03 11:51:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2012.08.03 11:51:38 | 001,071,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCTL.OCX
[2012.08.03 11:51:38 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCT2.OCX
[2012.08.03 11:51:38 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMAPI32.OCX
[2012.08.03 11:51:38 | 000,095,744 | ---- | C] (pdfforge GbR) -- C:\Windows\SysNative\pdfcmon.dll
[2012.08.03 11:51:37 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCMCDE.DLL
[2012.08.03 11:51:37 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6DE.DLL
[2012.08.03 11:51:37 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCC2DE.DLL
[2012.08.03 11:51:37 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPIDE.DLL
[2012.08.03 11:51:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFCreator
[2012.08.02 16:00:03 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\SchreibTrainer4
[2012.08.02 16:00:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Schreib-Trainer
[2012.08.02 16:00:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AB-Tools.com
[2012.08.01 14:16:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\GTA San Andreas User Files
[2012.08.01 14:04:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[2012.08.01 10:18:48 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\vlc
[2012.08.01 10:18:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012.08.01 10:18:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2012.08.01 09:51:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tmx
[2012.08.01 09:51:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\tmx5
[2012.08.01 07:31:23 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\uTorrent
[2012.07.31 18:42:01 | 000,000,000 | ---D | C] -- C:\Users\Peter\Desktop\Kochbuch
[2012.07.31 13:06:00 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\Diagnostics
[2012.07.31 12:58:38 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.07.31 12:50:43 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\ElevatedDiagnostics
[2012.07.30 15:35:19 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\7-PDFWebsiteConverter
[2012.07.30 15:35:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-PDF
[2012.07.30 15:35:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-PDF
[2012.07.29 19:19:43 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\WikidPad
[2012.07.29 17:56:54 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Macromedia
[2012.07.29 17:56:54 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\Macromedia
[2012.07.29 17:56:27 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.07.29 17:56:27 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.07.29 17:56:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012.07.29 17:56:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012.07.29 17:53:11 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Arbeit
[2012.07.29 17:46:55 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\LibreOffice
[2012.07.29 17:36:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012.07.29 17:33:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012.07.29 17:33:37 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\Google
[2012.07.29 17:25:44 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Thunderbird
[2012.07.29 17:25:44 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\Thunderbird
[2012.07.29 17:23:37 | 000,000,000 | ---D | C] -- D:\Peter\Eigene Dokumente\thunderbirdProfile
[2012.07.29 16:58:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup
[2012.07.29 16:58:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MozBackup
[2012.07.29 09:05:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WikidPad
[2012.07.29 09:05:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WikidPad
[2012.07.29 08:21:36 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Adobe
[2012.07.29 08:21:36 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\Adobe
[2012.07.29 08:21:19 | 000,000,000 | R--D | C] -- C:\Users\Peter\Documents
[2012.07.29 08:21:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 3.5
[2012.07.29 08:21:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LibreOffice 3.5
[2012.07.28 06:47:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2012.07.27 19:26:29 | 000,000,000 | ---D | C] -- D:\Peter\Eigene Dokumente\Electronic Arts
[2012.07.27 16:59:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WSE
[2012.07.27 16:59:36 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2012.07.27 16:59:36 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2012.07.27 16:59:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
[2012.07.27 16:44:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2012.07.27 16:34:58 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Skype
[2012.07.27 16:34:56 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012.07.27 16:34:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.07.27 16:34:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.07.27 16:34:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012.07.27 16:29:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012.07.27 16:29:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012.07.27 16:28:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012.07.27 13:46:12 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2012.07.27 13:46:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2012.07.27 13:46:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan
[2012.07.27 13:38:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Motherboard Monitor 5
[2012.07.27 08:55:36 | 000,000,000 | ---D | C] -- D:\Peter\Eigene Dokumente\GTA San Andreas User Files
[2012.07.27 08:55:34 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012.07.27 08:54:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012.07.27 08:54:53 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012.07.27 08:45:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games
[2012.07.27 08:42:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenApp
[2012.07.27 08:42:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\smartdl
[2012.07.27 08:40:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012.07.27 08:40:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012.07.27 08:32:41 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2012.07.27 08:32:05 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012.07.27 08:32:05 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012.07.27 08:32:05 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012.07.27 08:32:05 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012.07.27 08:32:05 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012.07.27 08:32:05 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012.07.27 08:32:05 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012.07.27 08:32:05 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012.07.27 08:32:05 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012.07.27 08:32:05 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012.07.27 08:32:05 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012.07.27 08:32:04 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012.07.27 08:32:04 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012.07.27 08:32:04 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012.07.27 08:32:04 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012.07.27 08:32:04 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012.07.27 08:32:04 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012.07.27 08:32:04 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012.07.27 08:32:04 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012.07.27 08:32:04 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012.07.27 08:32:04 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012.07.27 08:32:04 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012.07.27 08:32:04 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012.07.27 08:32:04 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012.07.27 08:32:04 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012.07.27 08:32:04 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012.07.27 08:32:04 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012.07.27 08:32:04 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012.07.27 08:32:04 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012.07.27 08:32:04 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012.07.27 08:32:04 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012.07.27 08:32:04 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012.07.27 08:32:04 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012.07.27 08:32:04 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012.07.27 08:32:04 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012.07.27 08:32:04 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012.07.27 08:32:04 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012.07.27 08:32:04 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012.07.27 08:32:04 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012.07.27 08:32:04 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012.07.27 08:32:04 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012.07.27 08:32:04 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012.07.27 08:32:04 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012.07.27 08:32:03 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012.07.27 08:32:03 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.07.27 08:32:03 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.07.27 08:32:03 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012.07.27 08:32:03 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012.07.27 08:32:03 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012.07.27 08:32:03 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012.07.27 08:32:03 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012.07.27 08:32:03 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012.07.27 08:32:03 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012.07.27 08:32:03 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012.07.27 08:32:03 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012.07.27 08:32:03 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012.07.27 08:32:03 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012.07.27 08:32:03 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012.07.27 08:32:03 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012.07.27 08:29:34 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.07.27 08:29:34 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012.07.27 08:29:34 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012.07.27 08:10:34 | 000,114,176 | ---- | C] (CPUID) -- C:\Windows\SysWow64\PCWizard.cpl
[2012.07.27 08:10:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2012.07.27 08:10:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CPUID
[2012.07.27 08:04:29 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Mozilla
[2012.07.27 08:04:29 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\Mozilla
[2012.07.27 08:04:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.07.27 07:58:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012.07.27 07:58:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012.07.27 07:46:08 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\AVG2012
[2012.07.27 07:44:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012.07.27 07:44:53 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2012.07.27 07:44:51 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012.07.27 07:44:51 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2012.07.27 07:44:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG
[2012.07.27 07:44:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2012.07.27 07:38:14 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012.07.27 07:38:14 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012.07.27 07:38:14 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012.07.27 07:38:14 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012.07.27 07:38:14 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012.07.27 07:38:14 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012.07.27 07:38:14 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012.07.27 07:38:14 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012.07.27 07:38:14 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012.07.27 07:38:14 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012.07.27 07:38:12 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012.07.27 07:38:12 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012.07.27 07:38:11 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2012.07.27 07:38:11 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2012.07.27 07:38:11 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2012.07.27 07:38:11 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2012.07.27 07:38:11 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2012.07.27 07:38:11 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2012.07.27 07:38:09 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012.07.27 07:38:09 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012.07.27 07:38:09 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.07.27 07:38:09 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.07.27 07:38:08 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012.07.27 07:38:08 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012.07.27 07:38:06 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012.07.27 07:38:06 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012.07.27 07:38:05 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012.07.27 07:38:03 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2012.07.27 07:38:03 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2012.07.27 07:38:03 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2012.07.27 07:38:03 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2012.07.27 07:37:49 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012.07.27 07:37:49 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012.07.27 07:37:49 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012.07.27 07:37:49 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012.07.27 07:37:49 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012.07.27 07:37:49 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012.07.27 07:37:49 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2012.07.27 07:37:49 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012.07.27 07:37:49 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2012.07.27 07:37:49 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012.07.27 07:37:49 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012.07.27 07:37:49 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012.07.27 07:37:49 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012.07.27 07:37:49 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012.07.27 07:37:48 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.07.27 07:37:48 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2012.07.27 07:37:48 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2012.07.27 07:37:48 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2012.07.27 07:37:47 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.07.27 07:37:47 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.07.27 07:37:20 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012.07.27 07:37:20 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012.07.27 07:37:20 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012.07.27 07:37:20 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012.07.27 07:37:18 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2012.07.27 07:37:18 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2012.07.27 07:37:18 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2012.07.27 07:37:18 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2012.07.27 07:37:18 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2012.07.27 07:37:18 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2012.07.27 07:37:18 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2012.07.27 07:37:17 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.07.27 07:37:17 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.07.27 07:37:12 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012.07.27 07:37:12 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012.07.27 07:37:12 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012.07.27 07:37:12 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012.07.27 07:37:12 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012.07.27 07:37:12 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012.07.27 07:37:12 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012.07.27 07:37:12 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012.07.27 07:37:12 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012.07.27 07:37:12 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012.07.27 07:37:12 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012.07.27 07:37:12 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012.07.27 07:37:12 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012.07.27 07:37:12 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012.07.27 07:37:12 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012.07.27 07:37:12 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012.07.27 07:37:12 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012.07.27 07:37:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012.07.27 07:37:09 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012.07.27 07:37:09 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012.07.27 07:36:53 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2012.07.27 07:36:49 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012.07.27 07:36:47 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012.07.27 07:36:47 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012.07.27 07:36:47 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012.07.27 07:36:47 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012.07.27 07:36:43 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012.07.27 07:36:43 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012.07.27 07:36:42 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012.07.27 07:36:42 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012.07.27 07:36:42 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012.07.27 07:36:15 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.07.27 07:36:15 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012.07.26 22:58:37 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012.07.26 22:26:50 | 000,000,000 | ---D | C] -- C:\Program Files\GIGABYTE
[2012.07.26 22:26:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIGABYTE
[2012.07.26 22:25:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Etron Technology
[2012.07.26 22:24:57 | 000,104,560 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\L1C62x64.sys
[2012.07.26 22:24:53 | 000,016,152 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hcs.sys
[2012.07.26 22:24:44 | 000,356,120 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hub.sys
[2012.07.26 22:24:42 | 000,787,736 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3xhc.sys
[2012.07.26 22:24:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Atheros_L1e
[2012.07.26 22:23:59 | 002,965,104 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\VIAPropPageExt.dll
[2012.07.26 22:23:59 | 002,184,816 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\drivers\viahduaa.sys
[2012.07.26 22:23:59 | 001,161,328 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\ViaKaraokeApo.dll
[2012.07.26 22:23:59 | 001,119,344 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\ViaMicArrayAPO.dll
[2012.07.26 22:23:59 | 000,677,488 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\VIASysFx.dll
[2012.07.26 22:23:59 | 000,116,848 | ---- | C] (VIA Technologies,Inc.) -- C:\Windows\SysNative\ViaKaraokePropPageExt.dll
[2012.07.26 22:23:59 | 000,095,344 | ---- | C] (VIA Technologies,Inc.) -- C:\Windows\SysNative\ViaMicArrayPropPageExt.dll
[2012.07.26 22:23:59 | 000,091,760 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\Dts2PropPageExt.dll
[2012.07.26 22:23:59 | 000,085,504 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQPropPageExt.dll
[2012.07.26 22:23:59 | 000,083,968 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQAPO.dll
[2012.07.26 22:23:59 | 000,027,760 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\ViakaraokeSrv.exe
[2012.07.26 22:23:45 | 000,414,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\difxapi.dll
[2012.07.26 22:23:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VIA
[2012.07.26 22:23:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012.07.26 22:22:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2012.07.26 22:22:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2012.07.26 22:22:27 | 000,331,264 | ---- | C] (Intel(R) Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys
[2012.07.26 22:22:27 | 000,014,848 | ---- | C] (Intel(R) Corporation) -- C:\Windows\SysNative\IntcDAuC.dll
[2012.07.26 22:22:16 | 029,022,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdfcl64.dll
[2012.07.26 22:22:16 | 023,506,944 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdfcl32.dll
[2012.07.26 22:22:16 | 014,652,768 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys
[2012.07.26 22:22:16 | 009,536,000 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igd10umd64.dll
[2012.07.26 22:22:16 | 009,007,616 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxress.dll
[2012.07.26 22:22:16 | 008,034,304 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdumd64.dll
[2012.07.26 22:22:16 | 007,740,928 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igd10umd32.dll
[2012.07.26 22:22:16 | 006,079,488 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdumd32.dll
[2012.07.26 22:22:16 | 005,886,232 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\GfxUI.exe
[2012.07.26 22:22:16 | 004,943,360 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdbcl64.dll
[2012.07.26 22:22:16 | 002,845,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdbcl32.dll
[2012.07.26 22:22:16 | 002,780,160 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmjit64.dll
[2012.07.26 22:22:16 | 002,191,872 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmjit32.dll
[2012.07.26 22:22:16 | 000,592,896 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdrcl64.dll
[2012.07.26 22:22:16 | 000,524,800 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhsip64.dll
[2012.07.26 22:22:16 | 000,520,704 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdrcl32.dll
[2012.07.26 22:22:16 | 000,519,680 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhsip32.dll
[2012.07.26 22:22:16 | 000,511,256 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe
[2012.07.26 22:22:16 | 000,440,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe
[2012.07.26 22:22:16 | 000,440,320 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrell.lrc
[2012.07.26 22:22:16 | 000,439,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc
[2012.07.26 22:22:16 | 000,439,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxresn.lrc
[2012.07.26 22:22:16 | 000,439,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrus.lrc
[2012.07.26 22:22:16 | 000,439,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrom.lrc
[2012.07.26 22:22:16 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptg.lrc
[2012.07.26 22:22:16 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrplk.lrc
[2012.07.26 22:22:16 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnld.lrc
[2012.07.26 22:22:16 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc
[2012.07.26 22:22:16 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhrv.lrc
[2012.07.26 22:22:16 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc
[2012.07.26 22:22:16 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsky.lrc
[2012.07.26 22:22:16 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhun.lrc
[2012.07.26 22:22:16 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfin.lrc
[2012.07.26 22:22:16 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcsy.lrc
[2012.07.26 22:22:16 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtrk.lrc
[2012.07.26 22:22:16 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsve.lrc
[2012.07.26 22:22:16 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrslv.lrc
[2012.07.26 22:22:16 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc
[2012.07.26 22:22:16 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnor.lrc
[2012.07.26 22:22:16 | 000,437,248 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtha.lrc
[2012.07.26 22:22:16 | 000,437,248 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdan.lrc
[2012.07.26 22:22:16 | 000,435,712 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrheb.lrc
[2012.07.26 22:22:16 | 000,435,712 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrara.lrc
[2012.07.26 22:22:16 | 000,432,128 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc
[2012.07.26 22:22:16 | 000,430,592 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc
[2012.07.26 22:22:16 | 000,429,056 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc
[2012.07.26 22:22:16 | 000,429,056 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdev.dll
[2012.07.26 22:22:16 | 000,428,544 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc
[2012.07.26 22:22:16 | 000,410,624 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll
[2012.07.26 22:22:16 | 000,398,104 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe
[2012.07.26 22:22:16 | 000,386,048 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpph.dll
[2012.07.26 22:22:16 | 000,320,000 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll
[2012.07.26 22:22:16 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrenu.lrc
[2012.07.26 22:22:16 | 000,274,200 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\IntelCpHeciSvc.exe
[2012.07.26 22:22:16 | 000,248,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe
[2012.07.26 22:22:16 | 000,246,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmrt32.dll
[2012.07.26 22:22:16 | 000,244,224 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhcp64.dll
[2012.07.26 22:22:16 | 000,236,032 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\IntelOpenCL64.dll
[2012.07.26 22:22:16 | 000,219,136 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmrt64.dll
[2012.07.26 22:22:16 | 000,201,728 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhcp32.dll
[2012.07.26 22:22:16 | 000,188,416 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\IntelOpenCL32.dll
[2012.07.26 22:22:16 | 000,184,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\difx64.exe
[2012.07.26 22:22:16 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\gfxSrvc.dll
[2012.07.26 22:22:16 | 000,170,264 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe
[2012.07.26 22:22:16 | 000,142,336 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll
[2012.07.26 22:22:16 | 000,126,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl
[2012.07.26 22:22:16 | 000,110,592 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hccutils.dll
[2012.07.26 22:22:16 | 000,090,112 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxCoIn_v2618.dll
[2012.07.26 22:22:16 | 000,062,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.dll
[2012.07.26 22:22:16 | 000,052,736 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012.07.26 22:22:16 | 000,051,200 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012.07.26 22:22:16 | 000,028,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll
[2012.07.26 22:22:16 | 000,025,088 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll
[2012.07.26 22:21:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2012.07.26 22:20:57 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012.07.26 22:20:51 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2012.07.26 22:20:50 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012.07.26 22:20:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2012.07.26 22:20:39 | 000,000,000 | ---D | C] -- C:\Intel
[2012.07.26 22:20:37 | 000,060,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys
[2012.07.26 22:20:26 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012.07.26 22:20:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012.07.26 22:20:26 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\InstallShield
[2012.07.26 22:09:27 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012.07.26 22:09:27 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012.07.26 22:06:42 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.07.26 22:06:42 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012.07.26 22:06:42 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.07.26 22:06:41 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012.07.26 22:06:41 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012.07.26 22:06:41 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012.07.26 22:06:40 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012.07.26 22:06:40 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012.07.26 22:05:38 | 000,000,000 | R--D | C] -- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.07.26 22:05:38 | 000,000,000 | R--D | C] -- C:\Users\Peter\Searches
[2012.07.26 22:05:38 | 000,000,000 | R--D | C] -- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.07.26 22:05:32 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Identities
[2012.07.26 22:05:31 | 000,000,000 | R--D | C] -- C:\Users\Peter\Contacts
[2012.07.26 22:05:31 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\VirtualStore
[2012.07.26 22:05:29 | 000,000,000 | --SD | C] -- C:\Users\Peter\AppData\Roaming\Microsoft
[2012.07.26 22:05:29 | 000,000,000 | R--D | C] -- C:\Users\Peter\Saved Games
[2012.07.26 22:05:29 | 000,000,000 | R--D | C] -- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.07.26 22:05:29 | 000,000,000 | R--D | C] -- C:\Users\Peter\Links
[2012.07.26 22:05:29 | 000,000,000 | R--D | C] -- C:\Users\Peter\Favorites
[2012.07.26 22:05:29 | 000,000,000 | R--D | C] -- C:\Users\Peter\Desktop
[2012.07.26 22:05:29 | 000,000,000 | R--D | C] -- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\Vorlagen
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\AppData\Local\Verlauf
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\AppData\Local\Temporary Internet Files
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\Startmenü
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\SendTo
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\Recent
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\Netzwerkumgebung
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\Lokale Einstellungen
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\Eigene Dateien
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\Druckumgebung
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\Cookies
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\AppData\Local\Anwendungsdaten
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\Anwendungsdaten
[2012.07.26 22:05:29 | 000,000,000 | -H-D | C] -- C:\Users\Peter\AppData
[2012.07.26 22:05:29 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\Temp
[2012.07.26 22:05:29 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\Microsoft
[2012.07.26 22:05:29 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Media Center Programs
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\Programme
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2012.07.26 22:05:22 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012.07.26 21:59:28 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012.07.26 21:59:20 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 30 Days ==========

[2012.08.16 10:55:59 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.16 10:55:59 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.16 10:55:59 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.16 10:55:59 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.16 10:55:59 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.16 10:54:18 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Peter\Desktop\OTL.exe
[2012.08.16 10:52:35 | 002,208,856 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Peter\Desktop\tdsskiller.exe
[2012.08.16 10:51:53 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.16 10:51:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.16 10:51:42 | 2064,162,815 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.16 10:51:05 | 000,022,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.16 10:51:05 | 000,022,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.16 10:44:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.16 10:35:06 | 103,922,008 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012.08.16 10:29:45 | 000,310,088 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.16 09:24:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.15 16:38:42 | 000,003,575 | ---- | M] () -- C:\Users\Peter\AppData\Local\recently-used.xbel
[2012.08.14 22:24:15 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.08.14 22:24:15 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.08.14 19:45:25 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Peter\Desktop\dds.scr
[2012.08.13 18:54:15 | 000,089,539 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012.08.07 10:23:41 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\Setup1.exe
[2012.08.07 10:23:40 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE
[2012.08.01 10:18:23 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.08.01 09:53:08 | 000,001,928 | ---- | M] () -- C:\Users\Public\Desktop\tmx englisch 5.lnk
[2012.08.01 09:51:14 | 000,001,926 | ---- | M] () -- C:\Users\Public\Desktop\tmx spanisch 5.lnk
[2012.07.31 12:58:36 | 414,110,061 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.07.30 15:35:19 | 000,001,218 | ---- | M] () -- C:\Users\Public\Desktop\7-PDF Website Converter.lnk
[2012.07.30 07:09:16 | 000,002,561 | ---- | M] () -- C:\Windows\diagwrn.xml
[2012.07.30 07:09:16 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2012.07.29 16:58:54 | 000,001,031 | ---- | M] () -- C:\Users\Public\Desktop\MozBackup.lnk
[2012.07.28 06:47:38 | 000,002,090 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2012.07.27 17:20:20 | 000,002,260 | ---- | M] () -- C:\Users\Public\Desktop\Die Sims™ 3 Luxus-Accessoires.lnk
[2012.07.27 17:12:45 | 000,002,268 | ---- | M] () -- C:\Users\Public\Desktop\Die Sims™ 3 Einfach tierisch.lnk
[2012.07.27 16:59:31 | 000,002,090 | ---- | M] () -- C:\Users\Public\Desktop\Die Sims™ 3.lnk
[2012.07.27 16:34:56 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.07.27 16:29:07 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.07.27 13:46:12 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2012.07.27 08:41:11 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.07.27 08:32:05 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012.07.27 08:32:05 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012.07.27 08:32:05 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012.07.27 08:32:05 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012.07.27 08:32:05 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012.07.27 08:32:05 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012.07.27 08:32:05 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012.07.27 08:32:05 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012.07.27 08:32:05 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012.07.27 08:32:05 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012.07.27 08:32:05 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012.07.27 08:32:04 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012.07.27 08:32:04 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012.07.27 08:32:04 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012.07.27 08:32:04 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012.07.27 08:32:04 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012.07.27 08:32:04 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012.07.27 08:32:04 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012.07.27 08:32:04 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012.07.27 08:32:04 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012.07.27 08:32:04 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012.07.27 08:32:04 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012.07.27 08:32:04 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012.07.27 08:32:04 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012.07.27 08:32:04 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012.07.27 08:32:04 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012.07.27 08:32:04 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012.07.27 08:32:04 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012.07.27 08:32:04 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012.07.27 08:32:04 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012.07.27 08:32:04 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012.07.27 08:32:04 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012.07.27 08:32:04 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012.07.27 08:32:04 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012.07.27 08:32:04 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.07.27 08:32:04 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012.07.27 08:32:04 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012.07.27 08:32:04 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012.07.27 08:32:04 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012.07.27 08:32:04 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012.07.27 08:32:04 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012.07.27 08:32:04 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012.07.27 08:32:04 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012.07.27 08:32:04 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012.07.27 08:32:03 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012.07.27 08:32:03 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.07.27 08:32:03 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.07.27 08:32:03 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012.07.27 08:32:03 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012.07.27 08:32:03 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012.07.27 08:32:03 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012.07.27 08:32:03 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012.07.27 08:32:03 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012.07.27 08:32:03 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012.07.27 08:32:03 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012.07.27 08:32:03 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012.07.27 08:32:03 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012.07.27 08:32:03 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012.07.27 08:32:03 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012.07.27 08:32:03 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012.07.27 08:32:03 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012.07.27 07:44:54 | 000,000,981 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012.07.27 07:44:53 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2012.07.27 07:44:53 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2012.07.26 22:24:54 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2012.07.26 22:24:14 | 000,001,206 | ---- | M] () -- C:\Users\Public\Desktop\HD VDeck.lnk
[2012.07.26 22:19:09 | 000,000,010 | ---- | M] () -- C:\Windows\GSetup.ini
[2012.07.26 22:00:46 | 000,177,271 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012.07.26 22:00:46 | 000,177,271 | ---- | M] () -- C:\Windows\SysNative\license.rtf

========== Files Created - No Company Name ==========

[2012.08.16 10:35:06 | 103,922,008 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012.08.15 16:38:42 | 000,003,575 | ---- | C] () -- C:\Users\Peter\AppData\Local\recently-used.xbel
[2012.08.15 16:25:41 | 000,000,892 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2012.08.14 18:26:13 | 000,001,146 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.08.13 18:54:15 | 000,089,539 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012.08.03 15:37:25 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.01 10:18:23 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.08.01 09:53:08 | 000,001,928 | ---- | C] () -- C:\Users\Public\Desktop\tmx englisch 5.lnk
[2012.08.01 09:51:14 | 000,001,926 | ---- | C] () -- C:\Users\Public\Desktop\tmx spanisch 5.lnk
[2012.08.01 08:50:41 | 139,804,145 | ---- | C] () -- C:\Users\Public\Documents\tmx_s5k.exe
[2012.07.31 12:58:36 | 414,110,061 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.07.30 15:35:19 | 000,001,218 | ---- | C] () -- C:\Users\Public\Desktop\7-PDF Website Converter.lnk
[2012.07.30 07:03:53 | 000,002,561 | ---- | C] () -- C:\Windows\diagwrn.xml
[2012.07.30 07:03:53 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2012.07.29 17:33:39 | 000,001,108 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.29 17:33:39 | 000,001,104 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.29 16:58:54 | 000,001,031 | ---- | C] () -- C:\Users\Public\Desktop\MozBackup.lnk
[2012.07.28 06:47:38 | 000,002,102 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2012.07.28 06:47:38 | 000,002,090 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2012.07.27 17:20:20 | 000,002,260 | ---- | C] () -- C:\Users\Public\Desktop\Die Sims™ 3 Luxus-Accessoires.lnk
[2012.07.27 17:12:45 | 000,002,268 | ---- | C] () -- C:\Users\Public\Desktop\Die Sims™ 3 Einfach tierisch.lnk
[2012.07.27 16:59:31 | 000,002,090 | ---- | C] () -- C:\Users\Public\Desktop\Die Sims™ 3.lnk
[2012.07.27 16:34:56 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.07.27 16:29:07 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.07.27 16:29:06 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012.07.27 13:46:12 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2012.07.27 08:41:11 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.07.27 08:32:04 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.07.27 08:32:03 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012.07.27 07:44:54 | 000,000,981 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012.07.27 07:44:53 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2012.07.27 07:44:53 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2012.07.26 22:26:50 | 000,031,272 | ---- | C] () -- C:\Windows\SysNative\AppleChargerSrv.exe
[2012.07.26 22:26:50 | 000,021,616 | ---- | C] () -- C:\Windows\SysNative\drivers\AppleCharger.sys
[2012.07.26 22:24:54 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2012.07.26 22:24:14 | 000,001,218 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD VDeck.lnk
[2012.07.26 22:24:14 | 000,001,206 | ---- | C] () -- C:\Users\Public\Desktop\HD VDeck.lnk
[2012.07.26 22:22:16 | 017,165,312 | ---- | C] () -- C:\Windows\SysNative\ig7icd64.dll
[2012.07.26 22:22:16 | 012,978,688 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
[2012.07.26 22:22:16 | 001,981,696 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa
[2012.07.26 22:22:16 | 000,734,772 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012.07.26 22:22:16 | 000,734,772 | ---- | C] () -- C:\Windows\SysNative\igkrng700.bin
[2012.07.26 22:22:16 | 000,557,476 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012.07.26 22:22:16 | 000,557,476 | ---- | C] () -- C:\Windows\SysNative\igfcg700m.bin
[2012.07.26 22:22:16 | 000,221,099 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2012.07.26 22:22:16 | 000,207,830 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2012.07.26 22:22:16 | 000,191,775 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2012.07.26 22:22:16 | 000,164,334 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2012.07.26 22:22:16 | 000,161,613 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources
[2012.07.26 22:22:16 | 000,157,226 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2012.07.26 22:22:16 | 000,148,033 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2012.07.26 22:22:16 | 000,146,675 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources
[2012.07.26 22:22:16 | 000,145,687 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2012.07.26 22:22:16 | 000,145,579 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2012.07.26 22:22:16 | 000,144,338 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ro-RO.resources
[2012.07.26 22:22:16 | 000,143,805 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2012.07.26 22:22:16 | 000,143,155 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2012.07.26 22:22:16 | 000,142,664 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2012.07.26 22:22:16 | 000,142,335 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2012.07.26 22:22:16 | 000,142,189 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2012.07.26 22:22:16 | 000,141,644 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2012.07.26 22:22:16 | 000,141,435 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2012.07.26 22:22:16 | 000,140,923 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2012.07.26 22:22:16 | 000,140,885 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2012.07.26 22:22:16 | 000,140,549 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2012.07.26 22:22:16 | 000,140,122 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2012.07.26 22:22:16 | 000,139,487 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hr-HR.resources
[2012.07.26 22:22:16 | 000,136,451 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2012.07.26 22:22:16 | 000,136,369 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2012.07.26 22:22:16 | 000,135,868 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2012.07.26 22:22:16 | 000,131,317 | ---- | C] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2012.07.26 22:22:16 | 000,124,962 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2012.07.26 22:22:16 | 000,123,467 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2012.07.26 22:22:16 | 000,094,208 | ---- | C] () -- C:\Windows\SysNative\IccLibDll_x64.dll
[2012.07.26 22:22:16 | 000,079,360 | ---- | C] () -- C:\Windows\SysNative\igdde64.dll
[2012.07.26 22:22:16 | 000,059,425 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp
[2012.07.26 22:22:16 | 000,059,398 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp
[2012.07.26 22:22:16 | 000,059,230 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp
[2012.07.26 22:22:16 | 000,059,104 | ---- | C] () -- C:\Windows\SysNative\iglhxc64_dev.vp
[2012.07.26 22:22:16 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.07.26 22:22:16 | 000,058,796 | ---- | C] () -- C:\Windows\SysNative\iglhxg64_dev.vp
[2012.07.26 22:22:16 | 000,058,109 | ---- | C] () -- C:\Windows\SysNative\iglhxo64_dev.vp
[2012.07.26 22:22:16 | 000,018,488 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
[2012.07.26 22:22:16 | 000,009,216 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2012.07.26 22:22:16 | 000,000,264 | ---- | C] () -- C:\Windows\SysNative\GfxUI.exe.config
[2012.07.26 22:21:08 | 000,015,128 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2012.07.26 22:19:09 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2012.07.26 22:05:39 | 000,001,409 | ---- | C] () -- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012.07.26 22:05:38 | 000,001,443 | ---- | C] () -- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.07.26 22:00:41 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012.07.26 22:00:39 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012.07.26 21:59:20 | 2064,162,815 | -HS- | C] () -- C:\hiberfil.sys
[2011.12.08 16:14:58 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

========== LOP Check ==========

[2012.07.27 16:37:47 | 000,000,000 | ---D | M] -- C:\Users\Franziska\AppData\Roaming\AVG2012
[2012.07.28 06:47:39 | 000,000,000 | ---D | M] -- C:\Users\Franziska\AppData\Roaming\Thunderbird
[2012.08.02 18:23:04 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\7-PDFWebsiteConverter
[2012.07.27 07:46:08 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\AVG2012
[2012.07.29 17:46:55 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\LibreOffice
[2012.08.03 11:51:39 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\pdfforge
[2012.08.02 22:22:24 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\SchreibTrainer4
[2012.07.29 17:25:44 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Thunderbird
[2012.08.16 07:57:23 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\uTorrent
[2012.07.29 19:19:44 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\WikidPad
[2009.07.14 07:08:49 | 000,017,010 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
Sippowich
Active Member
 
Posts: 8
Joined: August 14th, 2012, 1:43 pm

Re: ib.adnxs.com pop up

Unread postby Sippowich » August 16th, 2012, 5:33 am

F. Extras log file

OTL logfile created on: 16.08.2012 10:56:48 - Run 1
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\Peter\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy

7,90 Gb Total Physical Memory | 6,46 Gb Available Physical Memory | 81,81% Memory free
15,79 Gb Paging File | 14,25 Gb Available in Paging File | 90,27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 140,72 Gb Total Space | 86,89 Gb Free Space | 61,75% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 903,14 Gb Free Space | 96,95% Space Free | Partition Type: NTFS

Computer Name: HOME | User Name: Peter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.08.16 10:54:18 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Peter\Desktop\OTL.exe
PRC - [2012.07.04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
PRC - [2012.04.05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2012.04.04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.02.14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2012.01.27 11:40:44 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2011.12.16 12:30:40 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.12.16 12:30:38 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.12.16 11:02:56 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe


========== Modules (No Company Name) ==========


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012.01.10 16:09:50 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV:64bit: - [2010.04.06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.08.14 22:24:15 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.07.04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012.04.04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.02.14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2012.01.13 00:24:26 | 000,274,200 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2011.12.16 12:30:40 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.12.16 12:30:38 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011.12.16 11:02:56 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2011.12.08 16:38:24 | 000,607,456 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.04.19 04:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012.03.19 05:17:26 | 000,383,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.22 05:25:32 | 000,289,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012.01.31 04:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2012.01.27 11:39:33 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012.01.27 11:39:33 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012.01.27 11:39:33 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012.01.10 16:09:44 | 002,184,816 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2012.01.06 10:59:48 | 000,084,608 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2012.01.06 10:59:48 | 000,059,392 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2012.01.06 05:36:55 | 014,652,768 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.12.23 13:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011.12.23 13:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter)
DRV:64bit: - [2011.12.23 13:31:58 | 000,124,496 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2011.12.06 13:23:08 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011.11.10 01:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011.11.02 10:48:26 | 000,021,616 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2011.08.12 00:54:16 | 000,104,560 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.20 04:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012.02.07 17:46:12 | 000,023,816 | ---- | M] (CPUID) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys -- (cpuz135)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3616754204-2986781181-1707487272-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://at.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3616754204-2986781181-1707487272-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
IE - HKU\S-1-5-21-3616754204-2986781181-1707487272-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CA 84 B4 CB 60 79 CD 01 [binary data]
IE - HKU\S-1-5-21-3616754204-2986781181-1707487272-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3616754204-2986781181-1707487272-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3616754204-2986781181-1707487272-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "https://ixquick.com/"


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012.07.27 07:44:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.08.14 18:26:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.07.28 06:47:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2012.07.27 08:04:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Peter\AppData\Roaming\mozilla\Extensions
[2012.08.16 10:30:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Peter\AppData\Roaming\mozilla\Firefox\Profiles\qx56zo0x.default\extensions
[2012.08.13 16:44:34 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Peter\AppData\Roaming\mozilla\Firefox\Profiles\qx56zo0x.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2012.07.30 11:26:15 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Peter\AppData\Roaming\mozilla\Firefox\Profiles\qx56zo0x.default\extensions\foxyproxy@eric.h.jung
[2012.08.16 10:30:39 | 000,000,000 | ---D | M] (HTTPS-Everywhere) -- C:\Users\Peter\AppData\Roaming\mozilla\Firefox\Profiles\qx56zo0x.default\extensions\https-everywhere@eff.org
[2012.07.27 08:42:46 | 000,000,000 | ---D | M] (VideoFileDownload - Download YouTube Videos) -- C:\Users\Peter\AppData\Roaming\mozilla\Firefox\Profiles\qx56zo0x.default\extensions\plugin@videofiledownload.com
[2012.08.14 18:26:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.07.27 07:44:52 | 000,000,000 | ---D | M] (AVG Do Not Track) -- C:\PROGRAM FILES (X86)\AVG\AVG2012\FIREFOX\DONOTTRACK
[2012.07.30 17:51:51 | 000,013,345 | ---- | M] () (No name found) -- C:\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QX56ZO0X.DEFAULT\EXTENSIONS\{4DC70064-89E2-4A55-8FC6-E8CDEAE3618C}.XPI
[2012.08.14 17:29:35 | 000,039,512 | ---- | M] () (No name found) -- C:\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QX56ZO0X.DEFAULT\EXTENSIONS\{B1DF372D-8B32-4C7D-B6B4-9C5B78CF6FB1}.XPI
[2012.01.21 17:10:44 | 000,138,614 | ---- | M] () (No name found) -- C:\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QX56ZO0X.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI
[2012.02.27 08:19:36 | 000,008,645 | ---- | M] () (No name found) -- C:\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QX56ZO0X.DEFAULT\EXTENSIONS\LONGURLPLEASE@TSENG.XPI
[2011.12.18 18:41:38 | 000,011,510 | ---- | M] () (No name found) -- C:\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QX56ZO0X.DEFAULT\EXTENSIONS\YOUTUBE2MP3@MONDAYX.DE.XPI
[2012.07.14 02:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.07.14 02:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.14 02:45:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.07.14 02:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.14 02:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.14 02:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.14 02:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {BA0454C5-FD30-428E-8DB9-3FF87A612F64} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{07787C27-73E5-44CD-82D0-9B2E8F3B7994}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012.08.16 10:54:25 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Peter\Desktop\OTL.exe
[2012.08.16 10:52:47 | 002,208,856 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Peter\Desktop\tdsskiller.exe
[2012.08.16 09:30:23 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.08.16 09:30:23 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.08.16 09:30:23 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.08.16 09:30:23 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.08.16 09:30:22 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.08.16 09:30:22 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.08.16 09:30:22 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.08.16 09:30:22 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.08.16 09:30:22 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.08.16 09:30:22 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.08.16 09:30:22 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.08.16 09:30:21 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.08.16 09:30:21 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.08.16 07:53:47 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.08.16 07:53:47 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.08.16 07:53:47 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012.08.16 07:53:46 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012.08.15 16:31:04 | 000,000,000 | ---D | C] -- C:\Users\Peter\.thumbnails
[2012.08.15 16:26:30 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\fontconfig
[2012.08.15 16:26:29 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\gegl-0.2
[2012.08.15 16:26:29 | 000,000,000 | ---D | C] -- C:\Users\Peter\.gimp-2.8
[2012.08.15 16:25:29 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2012.08.14 19:45:34 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Peter\Desktop\dds.scr
[2012.08.14 18:31:06 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Malwarebytes
[2012.08.14 18:30:52 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.08.14 18:30:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.08.14 18:30:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.08.14 18:30:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.08.07 10:24:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GTASA-Ultimate Editor
[2012.08.07 10:24:02 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GTASA-Ultimate Editor
[2012.08.07 10:23:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GTASA-Ultimate Editor
[2012.08.07 10:23:41 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\Setup1.exe
[2012.08.07 10:23:40 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE
[2012.08.03 11:51:39 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\pdfforge
[2012.08.03 11:51:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2012.08.03 11:51:38 | 001,071,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCTL.OCX
[2012.08.03 11:51:38 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCT2.OCX
[2012.08.03 11:51:38 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMAPI32.OCX
[2012.08.03 11:51:38 | 000,095,744 | ---- | C] (pdfforge GbR) -- C:\Windows\SysNative\pdfcmon.dll
[2012.08.03 11:51:37 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCMCDE.DLL
[2012.08.03 11:51:37 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6DE.DLL
[2012.08.03 11:51:37 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCC2DE.DLL
[2012.08.03 11:51:37 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPIDE.DLL
[2012.08.03 11:51:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFCreator
[2012.08.02 16:00:03 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\SchreibTrainer4
[2012.08.02 16:00:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Schreib-Trainer
[2012.08.02 16:00:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AB-Tools.com
[2012.08.01 14:16:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\GTA San Andreas User Files
[2012.08.01 14:04:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[2012.08.01 10:18:48 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\vlc
[2012.08.01 10:18:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012.08.01 10:18:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2012.08.01 09:51:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tmx
[2012.08.01 09:51:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\tmx5
[2012.08.01 07:31:23 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\uTorrent
[2012.07.31 18:42:01 | 000,000,000 | ---D | C] -- C:\Users\Peter\Desktop\Kochbuch
[2012.07.31 13:06:00 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\Diagnostics
[2012.07.31 12:58:38 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.07.31 12:50:43 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\ElevatedDiagnostics
[2012.07.30 15:35:19 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\7-PDFWebsiteConverter
[2012.07.30 15:35:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-PDF
[2012.07.30 15:35:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-PDF
[2012.07.29 19:19:43 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\WikidPad
[2012.07.29 17:56:54 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Macromedia
[2012.07.29 17:56:54 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\Macromedia
[2012.07.29 17:56:27 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.07.29 17:56:27 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.07.29 17:56:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012.07.29 17:56:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012.07.29 17:53:11 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Arbeit
[2012.07.29 17:46:55 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\LibreOffice
[2012.07.29 17:36:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012.07.29 17:33:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012.07.29 17:33:37 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\Google
[2012.07.29 17:25:44 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Thunderbird
[2012.07.29 17:25:44 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\Thunderbird
[2012.07.29 17:23:37 | 000,000,000 | ---D | C] -- D:\Peter\Eigene Dokumente\thunderbirdProfile
[2012.07.29 16:58:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup
[2012.07.29 16:58:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MozBackup
[2012.07.29 09:05:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WikidPad
[2012.07.29 09:05:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WikidPad
[2012.07.29 08:21:36 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Adobe
[2012.07.29 08:21:36 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\Adobe
[2012.07.29 08:21:19 | 000,000,000 | R--D | C] -- C:\Users\Peter\Documents
[2012.07.29 08:21:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 3.5
[2012.07.29 08:21:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LibreOffice 3.5
[2012.07.28 06:47:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2012.07.27 19:26:29 | 000,000,000 | ---D | C] -- D:\Peter\Eigene Dokumente\Electronic Arts
[2012.07.27 16:59:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WSE
[2012.07.27 16:59:36 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2012.07.27 16:59:36 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2012.07.27 16:59:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
[2012.07.27 16:44:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2012.07.27 16:34:58 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Skype
[2012.07.27 16:34:56 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012.07.27 16:34:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.07.27 16:34:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.07.27 16:34:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012.07.27 16:29:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012.07.27 16:29:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012.07.27 16:28:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012.07.27 13:46:12 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2012.07.27 13:46:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2012.07.27 13:46:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan
[2012.07.27 13:38:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Motherboard Monitor 5
[2012.07.27 08:55:36 | 000,000,000 | ---D | C] -- D:\Peter\Eigene Dokumente\GTA San Andreas User Files
[2012.07.27 08:55:34 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012.07.27 08:54:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012.07.27 08:54:53 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012.07.27 08:45:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games
[2012.07.27 08:42:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenApp
[2012.07.27 08:42:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\smartdl
[2012.07.27 08:40:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012.07.27 08:40:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012.07.27 08:32:41 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2012.07.27 08:32:05 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012.07.27 08:32:05 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012.07.27 08:32:05 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012.07.27 08:32:05 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012.07.27 08:32:05 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012.07.27 08:32:05 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012.07.27 08:32:05 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012.07.27 08:32:05 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012.07.27 08:32:05 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012.07.27 08:32:05 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012.07.27 08:32:05 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012.07.27 08:32:04 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012.07.27 08:32:04 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012.07.27 08:32:04 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012.07.27 08:32:04 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012.07.27 08:32:04 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012.07.27 08:32:04 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012.07.27 08:32:04 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012.07.27 08:32:04 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012.07.27 08:32:04 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012.07.27 08:32:04 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012.07.27 08:32:04 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012.07.27 08:32:04 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012.07.27 08:32:04 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012.07.27 08:32:04 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012.07.27 08:32:04 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012.07.27 08:32:04 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012.07.27 08:32:04 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012.07.27 08:32:04 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012.07.27 08:32:04 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012.07.27 08:32:04 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012.07.27 08:32:04 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012.07.27 08:32:04 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012.07.27 08:32:04 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012.07.27 08:32:04 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012.07.27 08:32:04 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012.07.27 08:32:04 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012.07.27 08:32:04 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012.07.27 08:32:04 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012.07.27 08:32:04 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012.07.27 08:32:04 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012.07.27 08:32:04 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012.07.27 08:32:04 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012.07.27 08:32:03 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012.07.27 08:32:03 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.07.27 08:32:03 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.07.27 08:32:03 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012.07.27 08:32:03 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012.07.27 08:32:03 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012.07.27 08:32:03 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012.07.27 08:32:03 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012.07.27 08:32:03 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012.07.27 08:32:03 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012.07.27 08:32:03 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012.07.27 08:32:03 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012.07.27 08:32:03 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012.07.27 08:32:03 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012.07.27 08:32:03 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012.07.27 08:32:03 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012.07.27 08:29:34 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.07.27 08:29:34 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012.07.27 08:29:34 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012.07.27 08:10:34 | 000,114,176 | ---- | C] (CPUID) -- C:\Windows\SysWow64\PCWizard.cpl
[2012.07.27 08:10:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2012.07.27 08:10:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CPUID
[2012.07.27 08:04:29 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Mozilla
[2012.07.27 08:04:29 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\Mozilla
[2012.07.27 08:04:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.07.27 07:58:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012.07.27 07:58:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012.07.27 07:46:08 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\AVG2012
[2012.07.27 07:44:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012.07.27 07:44:53 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2012.07.27 07:44:51 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012.07.27 07:44:51 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2012.07.27 07:44:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG
[2012.07.27 07:44:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2012.07.27 07:38:14 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012.07.27 07:38:14 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012.07.27 07:38:14 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012.07.27 07:38:14 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012.07.27 07:38:14 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012.07.27 07:38:14 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012.07.27 07:38:14 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012.07.27 07:38:14 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012.07.27 07:38:14 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012.07.27 07:38:14 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012.07.27 07:38:12 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012.07.27 07:38:12 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012.07.27 07:38:11 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2012.07.27 07:38:11 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2012.07.27 07:38:11 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2012.07.27 07:38:11 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2012.07.27 07:38:11 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2012.07.27 07:38:11 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2012.07.27 07:38:09 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012.07.27 07:38:09 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012.07.27 07:38:09 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.07.27 07:38:09 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.07.27 07:38:08 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012.07.27 07:38:08 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012.07.27 07:38:06 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012.07.27 07:38:06 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012.07.27 07:38:05 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012.07.27 07:38:03 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2012.07.27 07:38:03 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2012.07.27 07:38:03 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2012.07.27 07:38:03 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2012.07.27 07:37:49 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012.07.27 07:37:49 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012.07.27 07:37:49 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012.07.27 07:37:49 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012.07.27 07:37:49 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012.07.27 07:37:49 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012.07.27 07:37:49 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2012.07.27 07:37:49 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012.07.27 07:37:49 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2012.07.27 07:37:49 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012.07.27 07:37:49 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012.07.27 07:37:49 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012.07.27 07:37:49 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012.07.27 07:37:49 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012.07.27 07:37:48 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.07.27 07:37:48 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2012.07.27 07:37:48 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2012.07.27 07:37:48 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2012.07.27 07:37:47 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.07.27 07:37:47 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.07.27 07:37:20 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012.07.27 07:37:20 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012.07.27 07:37:20 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012.07.27 07:37:20 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012.07.27 07:37:18 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2012.07.27 07:37:18 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2012.07.27 07:37:18 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2012.07.27 07:37:18 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2012.07.27 07:37:18 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2012.07.27 07:37:18 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2012.07.27 07:37:18 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2012.07.27 07:37:17 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.07.27 07:37:17 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.07.27 07:37:12 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012.07.27 07:37:12 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012.07.27 07:37:12 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012.07.27 07:37:12 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012.07.27 07:37:12 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012.07.27 07:37:12 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012.07.27 07:37:12 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012.07.27 07:37:12 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012.07.27 07:37:12 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012.07.27 07:37:12 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012.07.27 07:37:12 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012.07.27 07:37:12 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012.07.27 07:37:12 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012.07.27 07:37:12 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012.07.27 07:37:12 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012.07.27 07:37:12 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012.07.27 07:37:12 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012.07.27 07:37:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012.07.27 07:37:09 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012.07.27 07:37:09 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012.07.27 07:36:53 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2012.07.27 07:36:49 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012.07.27 07:36:47 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012.07.27 07:36:47 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012.07.27 07:36:47 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012.07.27 07:36:47 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012.07.27 07:36:43 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012.07.27 07:36:43 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012.07.27 07:36:42 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012.07.27 07:36:42 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012.07.27 07:36:42 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012.07.27 07:36:15 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.07.27 07:36:15 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012.07.26 22:58:37 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012.07.26 22:26:50 | 000,000,000 | ---D | C] -- C:\Program Files\GIGABYTE
[2012.07.26 22:26:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIGABYTE
[2012.07.26 22:25:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Etron Technology
[2012.07.26 22:24:57 | 000,104,560 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\L1C62x64.sys
[2012.07.26 22:24:53 | 000,016,152 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hcs.sys
[2012.07.26 22:24:44 | 000,356,120 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hub.sys
[2012.07.26 22:24:42 | 000,787,736 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3xhc.sys
[2012.07.26 22:24:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Atheros_L1e
[2012.07.26 22:23:59 | 002,965,104 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\VIAPropPageExt.dll
[2012.07.26 22:23:59 | 002,184,816 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\drivers\viahduaa.sys
[2012.07.26 22:23:59 | 001,161,328 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\ViaKaraokeApo.dll
[2012.07.26 22:23:59 | 001,119,344 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\ViaMicArrayAPO.dll
[2012.07.26 22:23:59 | 000,677,488 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\VIASysFx.dll
[2012.07.26 22:23:59 | 000,116,848 | ---- | C] (VIA Technologies,Inc.) -- C:\Windows\SysNative\ViaKaraokePropPageExt.dll
[2012.07.26 22:23:59 | 000,095,344 | ---- | C] (VIA Technologies,Inc.) -- C:\Windows\SysNative\ViaMicArrayPropPageExt.dll
[2012.07.26 22:23:59 | 000,091,760 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\Dts2PropPageExt.dll
[2012.07.26 22:23:59 | 000,085,504 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQPropPageExt.dll
[2012.07.26 22:23:59 | 000,083,968 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQAPO.dll
[2012.07.26 22:23:59 | 000,027,760 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\ViakaraokeSrv.exe
[2012.07.26 22:23:45 | 000,414,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\difxapi.dll
[2012.07.26 22:23:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VIA
[2012.07.26 22:23:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012.07.26 22:22:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2012.07.26 22:22:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2012.07.26 22:22:27 | 000,331,264 | ---- | C] (Intel(R) Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys
[2012.07.26 22:22:27 | 000,014,848 | ---- | C] (Intel(R) Corporation) -- C:\Windows\SysNative\IntcDAuC.dll
[2012.07.26 22:22:16 | 029,022,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdfcl64.dll
[2012.07.26 22:22:16 | 023,506,944 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdfcl32.dll
[2012.07.26 22:22:16 | 014,652,768 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys
[2012.07.26 22:22:16 | 009,536,000 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igd10umd64.dll
[2012.07.26 22:22:16 | 009,007,616 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxress.dll
[2012.07.26 22:22:16 | 008,034,304 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdumd64.dll
[2012.07.26 22:22:16 | 007,740,928 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igd10umd32.dll
[2012.07.26 22:22:16 | 006,079,488 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdumd32.dll
[2012.07.26 22:22:16 | 005,886,232 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\GfxUI.exe
[2012.07.26 22:22:16 | 004,943,360 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdbcl64.dll
[2012.07.26 22:22:16 | 002,845,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdbcl32.dll
[2012.07.26 22:22:16 | 002,780,160 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmjit64.dll
[2012.07.26 22:22:16 | 002,191,872 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmjit32.dll
[2012.07.26 22:22:16 | 000,592,896 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdrcl64.dll
[2012.07.26 22:22:16 | 000,524,800 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhsip64.dll
[2012.07.26 22:22:16 | 000,520,704 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdrcl32.dll
[2012.07.26 22:22:16 | 000,519,680 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhsip32.dll
[2012.07.26 22:22:16 | 000,511,256 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe
[2012.07.26 22:22:16 | 000,440,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe
[2012.07.26 22:22:16 | 000,440,320 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrell.lrc
[2012.07.26 22:22:16 | 000,439,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc
[2012.07.26 22:22:16 | 000,439,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxresn.lrc
[2012.07.26 22:22:16 | 000,439,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrus.lrc
[2012.07.26 22:22:16 | 000,439,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrom.lrc
[2012.07.26 22:22:16 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptg.lrc
[2012.07.26 22:22:16 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrplk.lrc
[2012.07.26 22:22:16 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnld.lrc
[2012.07.26 22:22:16 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc
[2012.07.26 22:22:16 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhrv.lrc
[2012.07.26 22:22:16 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc
[2012.07.26 22:22:16 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsky.lrc
[2012.07.26 22:22:16 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhun.lrc
[2012.07.26 22:22:16 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfin.lrc
[2012.07.26 22:22:16 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcsy.lrc
[2012.07.26 22:22:16 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtrk.lrc
[2012.07.26 22:22:16 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsve.lrc
[2012.07.26 22:22:16 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrslv.lrc
[2012.07.26 22:22:16 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc
[2012.07.26 22:22:16 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnor.lrc
[2012.07.26 22:22:16 | 000,437,248 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtha.lrc
[2012.07.26 22:22:16 | 000,437,248 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdan.lrc
[2012.07.26 22:22:16 | 000,435,712 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrheb.lrc
[2012.07.26 22:22:16 | 000,435,712 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrara.lrc
[2012.07.26 22:22:16 | 000,432,128 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc
[2012.07.26 22:22:16 | 000,430,592 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc
[2012.07.26 22:22:16 | 000,429,056 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc
[2012.07.26 22:22:16 | 000,429,056 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdev.dll
[2012.07.26 22:22:16 | 000,428,544 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc
[2012.07.26 22:22:16 | 000,410,624 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll
[2012.07.26 22:22:16 | 000,398,104 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe
[2012.07.26 22:22:16 | 000,386,048 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpph.dll
[2012.07.26 22:22:16 | 000,320,000 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll
[2012.07.26 22:22:16 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrenu.lrc
[2012.07.26 22:22:16 | 000,274,200 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\IntelCpHeciSvc.exe
[2012.07.26 22:22:16 | 000,248,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe
[2012.07.26 22:22:16 | 000,246,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmrt32.dll
[2012.07.26 22:22:16 | 000,244,224 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhcp64.dll
[2012.07.26 22:22:16 | 000,236,032 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\IntelOpenCL64.dll
[2012.07.26 22:22:16 | 000,219,136 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmrt64.dll
[2012.07.26 22:22:16 | 000,201,728 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhcp32.dll
[2012.07.26 22:22:16 | 000,188,416 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\IntelOpenCL32.dll
[2012.07.26 22:22:16 | 000,184,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\difx64.exe
[2012.07.26 22:22:16 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\gfxSrvc.dll
[2012.07.26 22:22:16 | 000,170,264 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe
[2012.07.26 22:22:16 | 000,142,336 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll
[2012.07.26 22:22:16 | 000,126,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl
[2012.07.26 22:22:16 | 000,110,592 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hccutils.dll
[2012.07.26 22:22:16 | 000,090,112 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxCoIn_v2618.dll
[2012.07.26 22:22:16 | 000,062,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.dll
[2012.07.26 22:22:16 | 000,052,736 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012.07.26 22:22:16 | 000,051,200 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012.07.26 22:22:16 | 000,028,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll
[2012.07.26 22:22:16 | 000,025,088 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll
[2012.07.26 22:21:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2012.07.26 22:20:57 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012.07.26 22:20:51 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2012.07.26 22:20:50 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012.07.26 22:20:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2012.07.26 22:20:39 | 000,000,000 | ---D | C] -- C:\Intel
[2012.07.26 22:20:37 | 000,060,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys
[2012.07.26 22:20:26 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012.07.26 22:20:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012.07.26 22:20:26 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\InstallShield
[2012.07.26 22:09:27 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012.07.26 22:09:27 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012.07.26 22:06:42 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.07.26 22:06:42 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012.07.26 22:06:42 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.07.26 22:06:41 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012.07.26 22:06:41 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012.07.26 22:06:41 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012.07.26 22:06:40 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012.07.26 22:06:40 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012.07.26 22:05:38 | 000,000,000 | R--D | C] -- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.07.26 22:05:38 | 000,000,000 | R--D | C] -- C:\Users\Peter\Searches
[2012.07.26 22:05:38 | 000,000,000 | R--D | C] -- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.07.26 22:05:32 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Identities
[2012.07.26 22:05:31 | 000,000,000 | R--D | C] -- C:\Users\Peter\Contacts
[2012.07.26 22:05:31 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\VirtualStore
[2012.07.26 22:05:29 | 000,000,000 | --SD | C] -- C:\Users\Peter\AppData\Roaming\Microsoft
[2012.07.26 22:05:29 | 000,000,000 | R--D | C] -- C:\Users\Peter\Saved Games
[2012.07.26 22:05:29 | 000,000,000 | R--D | C] -- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.07.26 22:05:29 | 000,000,000 | R--D | C] -- C:\Users\Peter\Links
[2012.07.26 22:05:29 | 000,000,000 | R--D | C] -- C:\Users\Peter\Favorites
[2012.07.26 22:05:29 | 000,000,000 | R--D | C] -- C:\Users\Peter\Desktop
[2012.07.26 22:05:29 | 000,000,000 | R--D | C] -- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\Vorlagen
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\AppData\Local\Verlauf
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\AppData\Local\Temporary Internet Files
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\Startmenü
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\SendTo
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\Recent
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\Netzwerkumgebung
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\Lokale Einstellungen
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\Eigene Dateien
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\Druckumgebung
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\Cookies
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\AppData\Local\Anwendungsdaten
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\Anwendungsdaten
[2012.07.26 22:05:29 | 000,000,000 | -H-D | C] -- C:\Users\Peter\AppData
[2012.07.26 22:05:29 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\Temp
[2012.07.26 22:05:29 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\Microsoft
[2012.07.26 22:05:29 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Media Center Programs
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\Programme
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2012.07.26 22:05:22 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012.07.26 21:59:28 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012.07.26 21:59:20 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 30 Days ==========

[2012.08.16 10:55:59 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.16 10:55:59 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.16 10:55:59 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.16 10:55:59 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.16 10:55:59 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.16 10:54:18 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Peter\Desktop\OTL.exe
[2012.08.16 10:52:35 | 002,208,856 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Peter\Desktop\tdsskiller.exe
[2012.08.16 10:51:53 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.16 10:51:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.16 10:51:42 | 2064,162,815 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.16 10:51:05 | 000,022,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.16 10:51:05 | 000,022,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.16 10:44:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.16 10:35:06 | 103,922,008 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012.08.16 10:29:45 | 000,310,088 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.16 09:24:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.15 16:38:42 | 000,003,575 | ---- | M] () -- C:\Users\Peter\AppData\Local\recently-used.xbel
[2012.08.14 22:24:15 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.08.14 22:24:15 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.08.14 19:45:25 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Peter\Desktop\dds.scr
[2012.08.13 18:54:15 | 000,089,539 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012.08.07 10:23:41 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\Setup1.exe
[2012.08.07 10:23:40 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE
[2012.08.01 10:18:23 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.08.01 09:53:08 | 000,001,928 | ---- | M] () -- C:\Users\Public\Desktop\tmx englisch 5.lnk
[2012.08.01 09:51:14 | 000,001,926 | ---- | M] () -- C:\Users\Public\Desktop\tmx spanisch 5.lnk
[2012.07.31 12:58:36 | 414,110,061 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.07.30 15:35:19 | 000,001,218 | ---- | M] () -- C:\Users\Public\Desktop\7-PDF Website Converter.lnk
[2012.07.30 07:09:16 | 000,002,561 | ---- | M] () -- C:\Windows\diagwrn.xml
[2012.07.30 07:09:16 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2012.07.29 16:58:54 | 000,001,031 | ---- | M] () -- C:\Users\Public\Desktop\MozBackup.lnk
[2012.07.28 06:47:38 | 000,002,090 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2012.07.27 17:20:20 | 000,002,260 | ---- | M] () -- C:\Users\Public\Desktop\Die Sims™ 3 Luxus-Accessoires.lnk
[2012.07.27 17:12:45 | 000,002,268 | ---- | M] () -- C:\Users\Public\Desktop\Die Sims™ 3 Einfach tierisch.lnk
[2012.07.27 16:59:31 | 000,002,090 | ---- | M] () -- C:\Users\Public\Desktop\Die Sims™ 3.lnk
[2012.07.27 16:34:56 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.07.27 16:29:07 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.07.27 13:46:12 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2012.07.27 08:41:11 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.07.27 08:32:05 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012.07.27 08:32:05 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012.07.27 08:32:05 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012.07.27 08:32:05 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012.07.27 08:32:05 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012.07.27 08:32:05 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012.07.27 08:32:05 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012.07.27 08:32:05 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012.07.27 08:32:05 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012.07.27 08:32:05 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012.07.27 08:32:05 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012.07.27 08:32:04 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012.07.27 08:32:04 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012.07.27 08:32:04 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012.07.27 08:32:04 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012.07.27 08:32:04 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012.07.27 08:32:04 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012.07.27 08:32:04 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012.07.27 08:32:04 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012.07.27 08:32:04 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012.07.27 08:32:04 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012.07.27 08:32:04 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012.07.27 08:32:04 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012.07.27 08:32:04 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012.07.27 08:32:04 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012.07.27 08:32:04 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012.07.27 08:32:04 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012.07.27 08:32:04 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012.07.27 08:32:04 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012.07.27 08:32:04 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012.07.27 08:32:04 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012.07.27 08:32:04 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012.07.27 08:32:04 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012.07.27 08:32:04 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012.07.27 08:32:04 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.07.27 08:32:04 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012.07.27 08:32:04 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012.07.27 08:32:04 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012.07.27 08:32:04 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012.07.27 08:32:04 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012.07.27 08:32:04 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012.07.27 08:32:04 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012.07.27 08:32:04 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012.07.27 08:32:04 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012.07.27 08:32:03 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012.07.27 08:32:03 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.07.27 08:32:03 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.07.27 08:32:03 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012.07.27 08:32:03 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012.07.27 08:32:03 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012.07.27 08:32:03 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012.07.27 08:32:03 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012.07.27 08:32:03 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012.07.27 08:32:03 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012.07.27 08:32:03 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012.07.27 08:32:03 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012.07.27 08:32:03 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012.07.27 08:32:03 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012.07.27 08:32:03 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012.07.27 08:32:03 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012.07.27 08:32:03 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012.07.27 07:44:54 | 000,000,981 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012.07.27 07:44:53 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2012.07.27 07:44:53 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2012.07.26 22:24:54 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2012.07.26 22:24:14 | 000,001,206 | ---- | M] () -- C:\Users\Public\Desktop\HD VDeck.lnk
[2012.07.26 22:19:09 | 000,000,010 | ---- | M] () -- C:\Windows\GSetup.ini
[2012.07.26 22:00:46 | 000,177,271 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012.07.26 22:00:46 | 000,177,271 | ---- | M] () -- C:\Windows\SysNative\license.rtf

========== Files Created - No Company Name ==========

[2012.08.16 10:35:06 | 103,922,008 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012.08.15 16:38:42 | 000,003,575 | ---- | C] () -- C:\Users\Peter\AppData\Local\recently-used.xbel
[2012.08.15 16:25:41 | 000,000,892 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2012.08.14 18:26:13 | 000,001,146 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.08.13 18:54:15 | 000,089,539 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012.08.03 15:37:25 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.01 10:18:23 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.08.01 09:53:08 | 000,001,928 | ---- | C] () -- C:\Users\Public\Desktop\tmx englisch 5.lnk
[2012.08.01 09:51:14 | 000,001,926 | ---- | C] () -- C:\Users\Public\Desktop\tmx spanisch 5.lnk
[2012.08.01 08:50:41 | 139,804,145 | ---- | C] () -- C:\Users\Public\Documents\tmx_s5k.exe
[2012.07.31 12:58:36 | 414,110,061 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.07.30 15:35:19 | 000,001,218 | ---- | C] () -- C:\Users\Public\Desktop\7-PDF Website Converter.lnk
[2012.07.30 07:03:53 | 000,002,561 | ---- | C] () -- C:\Windows\diagwrn.xml
[2012.07.30 07:03:53 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2012.07.29 17:33:39 | 000,001,108 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.29 17:33:39 | 000,001,104 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.29 16:58:54 | 000,001,031 | ---- | C] () -- C:\Users\Public\Desktop\MozBackup.lnk
[2012.07.28 06:47:38 | 000,002,102 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2012.07.28 06:47:38 | 000,002,090 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2012.07.27 17:20:20 | 000,002,260 | ---- | C] () -- C:\Users\Public\Desktop\Die Sims™ 3 Luxus-Accessoires.lnk
[2012.07.27 17:12:45 | 000,002,268 | ---- | C] () -- C:\Users\Public\Desktop\Die Sims™ 3 Einfach tierisch.lnk
[2012.07.27 16:59:31 | 000,002,090 | ---- | C] () -- C:\Users\Public\Desktop\Die Sims™ 3.lnk
[2012.07.27 16:34:56 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.07.27 16:29:07 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.07.27 16:29:06 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012.07.27 13:46:12 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2012.07.27 08:41:11 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.07.27 08:32:04 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.07.27 08:32:03 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012.07.27 07:44:54 | 000,000,981 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012.07.27 07:44:53 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2012.07.27 07:44:53 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2012.07.26 22:26:50 | 000,031,272 | ---- | C] () -- C:\Windows\SysNative\AppleChargerSrv.exe
[2012.07.26 22:26:50 | 000,021,616 | ---- | C] () -- C:\Windows\SysNative\drivers\AppleCharger.sys
[2012.07.26 22:24:54 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2012.07.26 22:24:14 | 000,001,218 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD VDeck.lnk
[2012.07.26 22:24:14 | 000,001,206 | ---- | C] () -- C:\Users\Public\Desktop\HD VDeck.lnk
[2012.07.26 22:22:16 | 017,165,312 | ---- | C] () -- C:\Windows\SysNative\ig7icd64.dll
[2012.07.26 22:22:16 | 012,978,688 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
[2012.07.26 22:22:16 | 001,981,696 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa
[2012.07.26 22:22:16 | 000,734,772 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012.07.26 22:22:16 | 000,734,772 | ---- | C] () -- C:\Windows\SysNative\igkrng700.bin
[2012.07.26 22:22:16 | 000,557,476 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012.07.26 22:22:16 | 000,557,476 | ---- | C] () -- C:\Windows\SysNative\igfcg700m.bin
[2012.07.26 22:22:16 | 000,221,099 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2012.07.26 22:22:16 | 000,207,830 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2012.07.26 22:22:16 | 000,191,775 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2012.07.26 22:22:16 | 000,164,334 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2012.07.26 22:22:16 | 000,161,613 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources
[2012.07.26 22:22:16 | 000,157,226 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2012.07.26 22:22:16 | 000,148,033 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2012.07.26 22:22:16 | 000,146,675 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources
[2012.07.26 22:22:16 | 000,145,687 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2012.07.26 22:22:16 | 000,145,579 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2012.07.26 22:22:16 | 000,144,338 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ro-RO.resources
[2012.07.26 22:22:16 | 000,143,805 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2012.07.26 22:22:16 | 000,143,155 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2012.07.26 22:22:16 | 000,142,664 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2012.07.26 22:22:16 | 000,142,335 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2012.07.26 22:22:16 | 000,142,189 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2012.07.26 22:22:16 | 000,141,644 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2012.07.26 22:22:16 | 000,141,435 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2012.07.26 22:22:16 | 000,140,923 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2012.07.26 22:22:16 | 000,140,885 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2012.07.26 22:22:16 | 000,140,549 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2012.07.26 22:22:16 | 000,140,122 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2012.07.26 22:22:16 | 000,139,487 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hr-HR.resources
[2012.07.26 22:22:16 | 000,136,451 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2012.07.26 22:22:16 | 000,136,369 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2012.07.26 22:22:16 | 000,135,868 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2012.07.26 22:22:16 | 000,131,317 | ---- | C] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2012.07.26 22:22:16 | 000,124,962 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2012.07.26 22:22:16 | 000,123,467 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2012.07.26 22:22:16 | 000,094,208 | ---- | C] () -- C:\Windows\SysNative\IccLibDll_x64.dll
[2012.07.26 22:22:16 | 000,079,360 | ---- | C] () -- C:\Windows\SysNative\igdde64.dll
[2012.07.26 22:22:16 | 000,059,425 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp
[2012.07.26 22:22:16 | 000,059,398 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp
[2012.07.26 22:22:16 | 000,059,230 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp
[2012.07.26 22:22:16 | 000,059,104 | ---- | C] () -- C:\Windows\SysNative\iglhxc64_dev.vp
[2012.07.26 22:22:16 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.07.26 22:22:16 | 000,058,796 | ---- | C] () -- C:\Windows\SysNative\iglhxg64_dev.vp
[2012.07.26 22:22:16 | 000,058,109 | ---- | C] () -- C:\Windows\SysNative\iglhxo64_dev.vp
[2012.07.26 22:22:16 | 000,018,488 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
[2012.07.26 22:22:16 | 000,009,216 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2012.07.26 22:22:16 | 000,000,264 | ---- | C] () -- C:\Windows\SysNative\GfxUI.exe.config
[2012.07.26 22:21:08 | 000,015,128 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2012.07.26 22:19:09 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2012.07.26 22:05:39 | 000,001,409 | ---- | C] () -- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012.07.26 22:05:38 | 000,001,443 | ---- | C] () -- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.07.26 22:00:41 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012.07.26 22:00:39 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012.07.26 21:59:20 | 2064,162,815 | -HS- | C] () -- C:\hiberfil.sys
[2011.12.08 16:14:58 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

========== LOP Check ==========

[2012.07.27 16:37:47 | 000,000,000 | ---D | M] -- C:\Users\Franziska\AppData\Roaming\AVG2012
[2012.07.28 06:47:39 | 000,000,000 | ---D | M] -- C:\Users\Franziska\AppData\Roaming\Thunderbird
[2012.08.02 18:23:04 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\7-PDFWebsiteConverter
[2012.07.27 07:46:08 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\AVG2012
[2012.07.29 17:46:55 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\LibreOffice
[2012.08.03 11:51:39 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\pdfforge
[2012.08.02 22:22:24 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\SchreibTrainer4
[2012.07.29 17:25:44 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Thunderbird
[2012.08.16 07:57:23 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\uTorrent
[2012.07.29 19:19:44 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\WikidPad
[2009.07.14 07:08:49 | 000,017,010 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >


G. I can't see the behaviour described in my first post anymore. So that is a good sign.


Thank you very much,
Sippowich
Sippowich
Active Member
 
Posts: 8
Joined: August 14th, 2012, 1:43 pm

Re: ib.adnxs.com pop up

Unread postby pgmigg » August 16th, 2012, 11:07 am

Hello Sippowich,

Good job! ;)
F. Extras log file
Unfortunately, see here, you mistakenly posted twice the OTL.txt log file. Please find on the Desktop and post the Extras.txt log file too...
G. I can't see the behaviour described in my first post anymore. So that is a good sign.
Actually by asking you to run OTL and TDSSKiller scans we did not fix anything and absence of symptoms does not mean that everything is clear.

Your recent logs contains evidences of some infection and I am going to provide you additional steps to clean and fix...

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: ib.adnxs.com pop up

Unread postby Sippowich » August 16th, 2012, 11:59 am

Sorry for that mistake.

I had to run the scan again do you need the new otl log also?

I post it just in case:

OTL logfile created on: 16.08.2012 17:51:28 - Run 2
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\Peter\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy

7,90 Gb Total Physical Memory | 6,50 Gb Available Physical Memory | 82,26% Memory free
15,79 Gb Paging File | 14,33 Gb Available in Paging File | 90,76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 140,72 Gb Total Space | 86,54 Gb Free Space | 61,50% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 903,13 Gb Free Space | 96,95% Space Free | Partition Type: NTFS

Computer Name: HOME | User Name: Peter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.08.16 10:54:18 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Peter\Desktop\OTL.exe
PRC - [2012.08.14 21:24:28 | 000,686,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_271_ActiveX.exe
PRC - [2012.07.04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
PRC - [2012.04.05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2012.04.04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.02.14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2012.01.27 11:40:44 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2011.12.16 12:30:40 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.12.16 12:30:38 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.12.16 11:02:56 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe


========== Modules (No Company Name) ==========


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012.01.10 16:09:50 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV:64bit: - [2010.04.06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.08.14 22:24:15 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.07.04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012.04.04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.02.14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2012.01.13 00:24:26 | 000,274,200 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2011.12.16 12:30:40 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.12.16 12:30:38 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011.12.16 11:02:56 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2011.12.08 16:38:24 | 000,607,456 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.04.19 04:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012.03.19 05:17:26 | 000,383,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.22 05:25:32 | 000,289,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012.01.31 04:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2012.01.27 11:39:33 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012.01.27 11:39:33 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012.01.27 11:39:33 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012.01.10 16:09:44 | 002,184,816 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2012.01.06 10:59:48 | 000,084,608 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2012.01.06 10:59:48 | 000,059,392 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2012.01.06 05:36:55 | 014,652,768 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.12.23 13:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011.12.23 13:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter)
DRV:64bit: - [2011.12.23 13:31:58 | 000,124,496 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2011.12.06 13:23:08 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011.11.10 01:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011.11.02 10:48:26 | 000,021,616 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2011.08.12 00:54:16 | 000,104,560 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.20 04:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012.02.07 17:46:12 | 000,023,816 | ---- | M] (CPUID) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys -- (cpuz135)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3616754204-2986781181-1707487272-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://at.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3616754204-2986781181-1707487272-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
IE - HKU\S-1-5-21-3616754204-2986781181-1707487272-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CA 84 B4 CB 60 79 CD 01 [binary data]
IE - HKU\S-1-5-21-3616754204-2986781181-1707487272-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3616754204-2986781181-1707487272-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3616754204-2986781181-1707487272-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "https://ixquick.com/"


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012.07.27 07:44:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.08.14 18:26:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.07.28 06:47:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2012.07.27 08:04:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Peter\AppData\Roaming\mozilla\Extensions
[2012.08.16 10:30:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Peter\AppData\Roaming\mozilla\Firefox\Profiles\qx56zo0x.default\extensions
[2012.08.13 16:44:34 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Peter\AppData\Roaming\mozilla\Firefox\Profiles\qx56zo0x.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2012.07.30 11:26:15 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Peter\AppData\Roaming\mozilla\Firefox\Profiles\qx56zo0x.default\extensions\foxyproxy@eric.h.jung
[2012.08.16 10:30:39 | 000,000,000 | ---D | M] (HTTPS-Everywhere) -- C:\Users\Peter\AppData\Roaming\mozilla\Firefox\Profiles\qx56zo0x.default\extensions\https-everywhere@eff.org
[2012.07.27 08:42:46 | 000,000,000 | ---D | M] (VideoFileDownload - Download YouTube Videos) -- C:\Users\Peter\AppData\Roaming\mozilla\Firefox\Profiles\qx56zo0x.default\extensions\plugin@videofiledownload.com
[2012.08.14 18:26:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.07.27 07:44:52 | 000,000,000 | ---D | M] (AVG Do Not Track) -- C:\PROGRAM FILES (X86)\AVG\AVG2012\FIREFOX\DONOTTRACK
[2012.01.21 17:10:44 | 000,138,614 | ---- | M] () (No name found) -- C:\USERS\PETER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QX56ZO0X.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI
[2012.07.14 02:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.07.14 02:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.14 02:45:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.07.14 02:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.14 02:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.14 02:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.14 02:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {BA0454C5-FD30-428E-8DB9-3FF87A612F64} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{07787C27-73E5-44CD-82D0-9B2E8F3B7994}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012.08.16 10:54:25 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Peter\Desktop\OTL.exe
[2012.08.16 10:52:47 | 002,208,856 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Peter\Desktop\tdsskiller.exe
[2012.08.16 09:30:23 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.08.16 09:30:23 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.08.16 09:30:23 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.08.16 09:30:23 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.08.16 09:30:22 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.08.16 09:30:22 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.08.16 09:30:22 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.08.16 09:30:22 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.08.16 09:30:22 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.08.16 09:30:22 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.08.16 09:30:22 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.08.16 09:30:21 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.08.16 09:30:21 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.08.16 07:53:47 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.08.16 07:53:47 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.08.16 07:53:47 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012.08.16 07:53:46 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012.08.15 16:31:04 | 000,000,000 | ---D | C] -- C:\Users\Peter\.thumbnails
[2012.08.15 16:26:30 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\fontconfig
[2012.08.15 16:26:29 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\gegl-0.2
[2012.08.15 16:26:29 | 000,000,000 | ---D | C] -- C:\Users\Peter\.gimp-2.8
[2012.08.15 16:25:29 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2012.08.14 19:45:34 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Peter\Desktop\dds.scr
[2012.08.14 18:31:06 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Malwarebytes
[2012.08.14 18:30:52 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.08.14 18:30:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.08.14 18:30:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.08.14 18:30:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.08.07 10:24:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GTASA-Ultimate Editor
[2012.08.07 10:24:02 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GTASA-Ultimate Editor
[2012.08.07 10:23:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GTASA-Ultimate Editor
[2012.08.07 10:23:41 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\Setup1.exe
[2012.08.07 10:23:40 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE
[2012.08.03 11:51:39 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\pdfforge
[2012.08.03 11:51:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2012.08.03 11:51:38 | 001,071,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCTL.OCX
[2012.08.03 11:51:38 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCT2.OCX
[2012.08.03 11:51:38 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMAPI32.OCX
[2012.08.03 11:51:38 | 000,095,744 | ---- | C] (pdfforge GbR) -- C:\Windows\SysNative\pdfcmon.dll
[2012.08.03 11:51:37 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCMCDE.DLL
[2012.08.03 11:51:37 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6DE.DLL
[2012.08.03 11:51:37 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCC2DE.DLL
[2012.08.03 11:51:37 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPIDE.DLL
[2012.08.03 11:51:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFCreator
[2012.08.02 16:00:03 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\SchreibTrainer4
[2012.08.02 16:00:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Schreib-Trainer
[2012.08.02 16:00:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AB-Tools.com
[2012.08.01 14:16:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\GTA San Andreas User Files
[2012.08.01 14:04:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[2012.08.01 10:18:48 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\vlc
[2012.08.01 10:18:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012.08.01 10:18:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2012.08.01 09:51:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tmx
[2012.08.01 09:51:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\tmx5
[2012.08.01 07:31:23 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\uTorrent
[2012.07.31 18:42:01 | 000,000,000 | ---D | C] -- C:\Users\Peter\Desktop\Kochbuch
[2012.07.31 13:06:00 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\Diagnostics
[2012.07.31 12:58:38 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.07.31 12:50:43 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\ElevatedDiagnostics
[2012.07.30 15:35:19 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\7-PDFWebsiteConverter
[2012.07.30 15:35:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-PDF
[2012.07.30 15:35:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-PDF
[2012.07.29 19:19:43 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\WikidPad
[2012.07.29 17:56:54 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Macromedia
[2012.07.29 17:56:54 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\Macromedia
[2012.07.29 17:56:27 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.07.29 17:56:27 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.07.29 17:56:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012.07.29 17:56:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012.07.29 17:53:11 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Arbeit
[2012.07.29 17:46:55 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\LibreOffice
[2012.07.29 17:36:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012.07.29 17:33:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012.07.29 17:33:37 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\Google
[2012.07.29 17:25:44 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Thunderbird
[2012.07.29 17:25:44 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\Thunderbird
[2012.07.29 17:23:37 | 000,000,000 | ---D | C] -- D:\Peter\Eigene Dokumente\thunderbirdProfile
[2012.07.29 16:58:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup
[2012.07.29 16:58:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MozBackup
[2012.07.29 09:05:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WikidPad
[2012.07.29 09:05:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WikidPad
[2012.07.29 08:21:36 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Adobe
[2012.07.29 08:21:36 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\Adobe
[2012.07.29 08:21:19 | 000,000,000 | R--D | C] -- C:\Users\Peter\Documents
[2012.07.29 08:21:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 3.5
[2012.07.29 08:21:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LibreOffice 3.5
[2012.07.28 06:47:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2012.07.27 19:26:29 | 000,000,000 | ---D | C] -- D:\Peter\Eigene Dokumente\Electronic Arts
[2012.07.27 16:59:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WSE
[2012.07.27 16:59:36 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2012.07.27 16:59:36 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2012.07.27 16:59:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
[2012.07.27 16:44:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2012.07.27 16:34:58 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Skype
[2012.07.27 16:34:56 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012.07.27 16:34:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.07.27 16:34:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.07.27 16:34:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012.07.27 16:29:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012.07.27 16:29:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012.07.27 16:28:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012.07.27 13:46:12 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2012.07.27 13:46:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2012.07.27 13:46:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan
[2012.07.27 13:38:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Motherboard Monitor 5
[2012.07.27 08:55:36 | 000,000,000 | ---D | C] -- D:\Peter\Eigene Dokumente\GTA San Andreas User Files
[2012.07.27 08:55:34 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012.07.27 08:54:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012.07.27 08:54:53 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012.07.27 08:45:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games
[2012.07.27 08:42:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenApp
[2012.07.27 08:42:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\smartdl
[2012.07.27 08:40:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012.07.27 08:40:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012.07.27 08:32:41 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2012.07.27 08:32:05 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012.07.27 08:32:05 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012.07.27 08:32:05 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012.07.27 08:32:05 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012.07.27 08:32:05 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012.07.27 08:32:05 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012.07.27 08:32:05 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012.07.27 08:32:05 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012.07.27 08:32:05 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012.07.27 08:32:05 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012.07.27 08:32:05 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012.07.27 08:32:04 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012.07.27 08:32:04 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012.07.27 08:32:04 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012.07.27 08:32:04 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012.07.27 08:32:04 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012.07.27 08:32:04 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012.07.27 08:32:04 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012.07.27 08:32:04 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012.07.27 08:32:04 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012.07.27 08:32:04 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012.07.27 08:32:04 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012.07.27 08:32:04 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012.07.27 08:32:04 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012.07.27 08:32:04 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012.07.27 08:32:04 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012.07.27 08:32:04 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012.07.27 08:32:04 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012.07.27 08:32:04 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012.07.27 08:32:04 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012.07.27 08:32:04 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012.07.27 08:32:04 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012.07.27 08:32:04 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012.07.27 08:32:04 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012.07.27 08:32:04 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012.07.27 08:32:04 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012.07.27 08:32:04 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012.07.27 08:32:04 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012.07.27 08:32:04 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012.07.27 08:32:04 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012.07.27 08:32:04 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012.07.27 08:32:04 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012.07.27 08:32:04 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012.07.27 08:32:03 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012.07.27 08:32:03 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.07.27 08:32:03 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.07.27 08:32:03 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012.07.27 08:32:03 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012.07.27 08:32:03 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012.07.27 08:32:03 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012.07.27 08:32:03 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012.07.27 08:32:03 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012.07.27 08:32:03 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012.07.27 08:32:03 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012.07.27 08:32:03 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012.07.27 08:32:03 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012.07.27 08:32:03 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012.07.27 08:32:03 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012.07.27 08:32:03 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012.07.27 08:29:34 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.07.27 08:29:34 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012.07.27 08:29:34 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012.07.27 08:10:34 | 000,114,176 | ---- | C] (CPUID) -- C:\Windows\SysWow64\PCWizard.cpl
[2012.07.27 08:10:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2012.07.27 08:10:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CPUID
[2012.07.27 08:04:29 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Mozilla
[2012.07.27 08:04:29 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\Mozilla
[2012.07.27 08:04:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.07.27 07:58:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012.07.27 07:58:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012.07.27 07:46:08 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\AVG2012
[2012.07.27 07:44:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012.07.27 07:44:53 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2012.07.27 07:44:51 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012.07.27 07:44:51 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2012.07.27 07:44:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG
[2012.07.27 07:44:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2012.07.27 07:38:14 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012.07.27 07:38:14 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012.07.27 07:38:14 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012.07.27 07:38:14 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012.07.27 07:38:14 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012.07.27 07:38:14 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012.07.27 07:38:14 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012.07.27 07:38:14 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012.07.27 07:38:14 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012.07.27 07:38:14 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012.07.27 07:38:12 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012.07.27 07:38:12 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012.07.27 07:38:11 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2012.07.27 07:38:11 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2012.07.27 07:38:11 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2012.07.27 07:38:11 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2012.07.27 07:38:11 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2012.07.27 07:38:11 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2012.07.27 07:38:09 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012.07.27 07:38:09 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012.07.27 07:38:09 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.07.27 07:38:09 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.07.27 07:38:08 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012.07.27 07:38:08 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012.07.27 07:38:06 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012.07.27 07:38:06 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012.07.27 07:38:05 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012.07.27 07:38:03 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2012.07.27 07:38:03 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2012.07.27 07:38:03 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2012.07.27 07:38:03 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2012.07.27 07:37:49 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012.07.27 07:37:49 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012.07.27 07:37:49 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012.07.27 07:37:49 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012.07.27 07:37:49 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012.07.27 07:37:49 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012.07.27 07:37:49 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2012.07.27 07:37:49 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012.07.27 07:37:49 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2012.07.27 07:37:49 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012.07.27 07:37:49 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012.07.27 07:37:49 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012.07.27 07:37:49 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012.07.27 07:37:49 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012.07.27 07:37:48 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.07.27 07:37:48 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2012.07.27 07:37:48 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2012.07.27 07:37:48 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2012.07.27 07:37:47 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.07.27 07:37:47 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.07.27 07:37:20 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012.07.27 07:37:20 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012.07.27 07:37:20 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012.07.27 07:37:20 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012.07.27 07:37:18 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2012.07.27 07:37:18 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2012.07.27 07:37:18 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2012.07.27 07:37:18 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2012.07.27 07:37:18 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2012.07.27 07:37:18 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2012.07.27 07:37:18 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2012.07.27 07:37:17 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.07.27 07:37:17 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.07.27 07:37:12 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012.07.27 07:37:12 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012.07.27 07:37:12 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012.07.27 07:37:12 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012.07.27 07:37:12 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012.07.27 07:37:12 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012.07.27 07:37:12 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012.07.27 07:37:12 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012.07.27 07:37:12 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012.07.27 07:37:12 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012.07.27 07:37:12 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012.07.27 07:37:12 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012.07.27 07:37:12 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012.07.27 07:37:12 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012.07.27 07:37:12 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012.07.27 07:37:12 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012.07.27 07:37:12 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012.07.27 07:37:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012.07.27 07:37:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012.07.27 07:37:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012.07.27 07:37:09 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012.07.27 07:37:09 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012.07.27 07:36:53 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2012.07.27 07:36:49 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012.07.27 07:36:47 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012.07.27 07:36:47 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012.07.27 07:36:47 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012.07.27 07:36:47 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012.07.27 07:36:43 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012.07.27 07:36:43 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012.07.27 07:36:42 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012.07.27 07:36:42 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012.07.27 07:36:42 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012.07.27 07:36:15 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.07.27 07:36:15 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012.07.26 22:58:37 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012.07.26 22:26:50 | 000,000,000 | ---D | C] -- C:\Program Files\GIGABYTE
[2012.07.26 22:26:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIGABYTE
[2012.07.26 22:25:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Etron Technology
[2012.07.26 22:24:57 | 000,104,560 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\L1C62x64.sys
[2012.07.26 22:24:53 | 000,016,152 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hcs.sys
[2012.07.26 22:24:44 | 000,356,120 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hub.sys
[2012.07.26 22:24:42 | 000,787,736 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3xhc.sys
[2012.07.26 22:24:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Atheros_L1e
[2012.07.26 22:23:59 | 002,965,104 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\VIAPropPageExt.dll
[2012.07.26 22:23:59 | 002,184,816 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\drivers\viahduaa.sys
[2012.07.26 22:23:59 | 001,161,328 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\ViaKaraokeApo.dll
[2012.07.26 22:23:59 | 001,119,344 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\ViaMicArrayAPO.dll
[2012.07.26 22:23:59 | 000,677,488 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\VIASysFx.dll
[2012.07.26 22:23:59 | 000,116,848 | ---- | C] (VIA Technologies,Inc.) -- C:\Windows\SysNative\ViaKaraokePropPageExt.dll
[2012.07.26 22:23:59 | 000,095,344 | ---- | C] (VIA Technologies,Inc.) -- C:\Windows\SysNative\ViaMicArrayPropPageExt.dll
[2012.07.26 22:23:59 | 000,091,760 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\Dts2PropPageExt.dll
[2012.07.26 22:23:59 | 000,085,504 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQPropPageExt.dll
[2012.07.26 22:23:59 | 000,083,968 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQAPO.dll
[2012.07.26 22:23:59 | 000,027,760 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\ViakaraokeSrv.exe
[2012.07.26 22:23:45 | 000,414,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\difxapi.dll
[2012.07.26 22:23:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VIA
[2012.07.26 22:23:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012.07.26 22:22:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2012.07.26 22:22:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2012.07.26 22:22:27 | 000,331,264 | ---- | C] (Intel(R) Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys
[2012.07.26 22:22:27 | 000,014,848 | ---- | C] (Intel(R) Corporation) -- C:\Windows\SysNative\IntcDAuC.dll
[2012.07.26 22:22:16 | 029,022,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdfcl64.dll
[2012.07.26 22:22:16 | 023,506,944 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdfcl32.dll
[2012.07.26 22:22:16 | 014,652,768 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys
[2012.07.26 22:22:16 | 009,536,000 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igd10umd64.dll
[2012.07.26 22:22:16 | 009,007,616 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxress.dll
[2012.07.26 22:22:16 | 008,034,304 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdumd64.dll
[2012.07.26 22:22:16 | 007,740,928 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igd10umd32.dll
[2012.07.26 22:22:16 | 006,079,488 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdumd32.dll
[2012.07.26 22:22:16 | 005,886,232 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\GfxUI.exe
[2012.07.26 22:22:16 | 004,943,360 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdbcl64.dll
[2012.07.26 22:22:16 | 002,845,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdbcl32.dll
[2012.07.26 22:22:16 | 002,780,160 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmjit64.dll
[2012.07.26 22:22:16 | 002,191,872 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmjit32.dll
[2012.07.26 22:22:16 | 000,592,896 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdrcl64.dll
[2012.07.26 22:22:16 | 000,524,800 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhsip64.dll
[2012.07.26 22:22:16 | 000,520,704 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdrcl32.dll
[2012.07.26 22:22:16 | 000,519,680 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhsip32.dll
[2012.07.26 22:22:16 | 000,511,256 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe
[2012.07.26 22:22:16 | 000,440,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe
[2012.07.26 22:22:16 | 000,440,320 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrell.lrc
[2012.07.26 22:22:16 | 000,439,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc
[2012.07.26 22:22:16 | 000,439,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxresn.lrc
[2012.07.26 22:22:16 | 000,439,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrus.lrc
[2012.07.26 22:22:16 | 000,439,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrom.lrc
[2012.07.26 22:22:16 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptg.lrc
[2012.07.26 22:22:16 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrplk.lrc
[2012.07.26 22:22:16 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnld.lrc
[2012.07.26 22:22:16 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc
[2012.07.26 22:22:16 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhrv.lrc
[2012.07.26 22:22:16 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc
[2012.07.26 22:22:16 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsky.lrc
[2012.07.26 22:22:16 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhun.lrc
[2012.07.26 22:22:16 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfin.lrc
[2012.07.26 22:22:16 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcsy.lrc
[2012.07.26 22:22:16 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtrk.lrc
[2012.07.26 22:22:16 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsve.lrc
[2012.07.26 22:22:16 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrslv.lrc
[2012.07.26 22:22:16 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc
[2012.07.26 22:22:16 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnor.lrc
[2012.07.26 22:22:16 | 000,437,248 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtha.lrc
[2012.07.26 22:22:16 | 000,437,248 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdan.lrc
[2012.07.26 22:22:16 | 000,435,712 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrheb.lrc
[2012.07.26 22:22:16 | 000,435,712 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrara.lrc
[2012.07.26 22:22:16 | 000,432,128 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc
[2012.07.26 22:22:16 | 000,430,592 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc
[2012.07.26 22:22:16 | 000,429,056 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc
[2012.07.26 22:22:16 | 000,429,056 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdev.dll
[2012.07.26 22:22:16 | 000,428,544 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc
[2012.07.26 22:22:16 | 000,410,624 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll
[2012.07.26 22:22:16 | 000,398,104 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe
[2012.07.26 22:22:16 | 000,386,048 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpph.dll
[2012.07.26 22:22:16 | 000,320,000 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll
[2012.07.26 22:22:16 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrenu.lrc
[2012.07.26 22:22:16 | 000,274,200 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\IntelCpHeciSvc.exe
[2012.07.26 22:22:16 | 000,248,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe
[2012.07.26 22:22:16 | 000,246,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmrt32.dll
[2012.07.26 22:22:16 | 000,244,224 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhcp64.dll
[2012.07.26 22:22:16 | 000,236,032 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\IntelOpenCL64.dll
[2012.07.26 22:22:16 | 000,219,136 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmrt64.dll
[2012.07.26 22:22:16 | 000,201,728 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhcp32.dll
[2012.07.26 22:22:16 | 000,188,416 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\IntelOpenCL32.dll
[2012.07.26 22:22:16 | 000,184,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\difx64.exe
[2012.07.26 22:22:16 | 000,172,032 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\gfxSrvc.dll
[2012.07.26 22:22:16 | 000,170,264 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe
[2012.07.26 22:22:16 | 000,142,336 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll
[2012.07.26 22:22:16 | 000,126,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl
[2012.07.26 22:22:16 | 000,110,592 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hccutils.dll
[2012.07.26 22:22:16 | 000,090,112 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxCoIn_v2618.dll
[2012.07.26 22:22:16 | 000,062,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.dll
[2012.07.26 22:22:16 | 000,052,736 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012.07.26 22:22:16 | 000,051,200 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012.07.26 22:22:16 | 000,028,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll
[2012.07.26 22:22:16 | 000,025,088 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll
[2012.07.26 22:21:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2012.07.26 22:20:57 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012.07.26 22:20:51 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2012.07.26 22:20:50 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012.07.26 22:20:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2012.07.26 22:20:39 | 000,000,000 | ---D | C] -- C:\Intel
[2012.07.26 22:20:37 | 000,060,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys
[2012.07.26 22:20:26 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012.07.26 22:20:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012.07.26 22:20:26 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\InstallShield
[2012.07.26 22:09:27 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012.07.26 22:09:27 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012.07.26 22:06:42 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.07.26 22:06:42 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012.07.26 22:06:42 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.07.26 22:06:41 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012.07.26 22:06:41 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012.07.26 22:06:41 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012.07.26 22:06:40 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012.07.26 22:06:40 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012.07.26 22:05:38 | 000,000,000 | R--D | C] -- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.07.26 22:05:38 | 000,000,000 | R--D | C] -- C:\Users\Peter\Searches
[2012.07.26 22:05:38 | 000,000,000 | R--D | C] -- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.07.26 22:05:32 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Identities
[2012.07.26 22:05:31 | 000,000,000 | R--D | C] -- C:\Users\Peter\Contacts
[2012.07.26 22:05:31 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\VirtualStore
[2012.07.26 22:05:29 | 000,000,000 | --SD | C] -- C:\Users\Peter\AppData\Roaming\Microsoft
[2012.07.26 22:05:29 | 000,000,000 | R--D | C] -- C:\Users\Peter\Saved Games
[2012.07.26 22:05:29 | 000,000,000 | R--D | C] -- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.07.26 22:05:29 | 000,000,000 | R--D | C] -- C:\Users\Peter\Links
[2012.07.26 22:05:29 | 000,000,000 | R--D | C] -- C:\Users\Peter\Favorites
[2012.07.26 22:05:29 | 000,000,000 | R--D | C] -- C:\Users\Peter\Desktop
[2012.07.26 22:05:29 | 000,000,000 | R--D | C] -- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\Vorlagen
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\AppData\Local\Verlauf
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\AppData\Local\Temporary Internet Files
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\Startmenü
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\SendTo
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\Recent
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\Netzwerkumgebung
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\Lokale Einstellungen
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\Eigene Dateien
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\Druckumgebung
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\Cookies
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\AppData\Local\Anwendungsdaten
[2012.07.26 22:05:29 | 000,000,000 | -HSD | C] -- C:\Users\Peter\Anwendungsdaten
[2012.07.26 22:05:29 | 000,000,000 | -H-D | C] -- C:\Users\Peter\AppData
[2012.07.26 22:05:29 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\Temp
[2012.07.26 22:05:29 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Local\Microsoft
[2012.07.26 22:05:29 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Media Center Programs
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\Programme
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2012.07.26 22:05:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2012.07.26 22:05:22 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012.07.26 21:59:28 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012.07.26 21:59:20 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 30 Days ==========

[2012.08.16 17:44:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.16 17:44:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.16 17:24:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.16 15:39:35 | 000,022,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.16 15:39:35 | 000,022,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.16 15:36:42 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.16 15:36:42 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.16 15:36:42 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.16 15:36:42 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.16 15:36:42 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.16 15:32:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.16 15:32:29 | 2064,162,815 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.16 10:54:18 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Peter\Desktop\OTL.exe
[2012.08.16 10:52:35 | 002,208,856 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Peter\Desktop\tdsskiller.exe
[2012.08.16 10:35:06 | 103,922,008 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012.08.16 10:29:45 | 000,310,088 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.15 16:38:42 | 000,003,575 | ---- | M] () -- C:\Users\Peter\AppData\Local\recently-used.xbel
[2012.08.14 22:24:15 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.08.14 22:24:15 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.08.14 19:45:25 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Peter\Desktop\dds.scr
[2012.08.13 18:54:15 | 000,089,539 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012.08.07 10:23:41 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\Setup1.exe
[2012.08.07 10:23:40 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE
[2012.08.01 10:18:23 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.08.01 09:53:08 | 000,001,928 | ---- | M] () -- C:\Users\Public\Desktop\tmx englisch 5.lnk
[2012.08.01 09:51:14 | 000,001,926 | ---- | M] () -- C:\Users\Public\Desktop\tmx spanisch 5.lnk
[2012.07.31 12:58:36 | 414,110,061 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.07.30 15:35:19 | 000,001,218 | ---- | M] () -- C:\Users\Public\Desktop\7-PDF Website Converter.lnk
[2012.07.30 07:09:16 | 000,002,561 | ---- | M] () -- C:\Windows\diagwrn.xml
[2012.07.30 07:09:16 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2012.07.29 16:58:54 | 000,001,031 | ---- | M] () -- C:\Users\Public\Desktop\MozBackup.lnk
[2012.07.28 06:47:38 | 000,002,090 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2012.07.27 17:20:20 | 000,002,260 | ---- | M] () -- C:\Users\Public\Desktop\Die Sims™ 3 Luxus-Accessoires.lnk
[2012.07.27 17:12:45 | 000,002,268 | ---- | M] () -- C:\Users\Public\Desktop\Die Sims™ 3 Einfach tierisch.lnk
[2012.07.27 16:59:31 | 000,002,090 | ---- | M] () -- C:\Users\Public\Desktop\Die Sims™ 3.lnk
[2012.07.27 16:34:56 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.07.27 16:29:07 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.07.27 13:46:12 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2012.07.27 08:41:11 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.07.27 08:32:05 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012.07.27 08:32:05 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012.07.27 08:32:05 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012.07.27 08:32:05 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012.07.27 08:32:05 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012.07.27 08:32:05 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012.07.27 08:32:05 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012.07.27 08:32:05 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012.07.27 08:32:05 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012.07.27 08:32:05 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012.07.27 08:32:05 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012.07.27 08:32:04 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012.07.27 08:32:04 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012.07.27 08:32:04 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012.07.27 08:32:04 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012.07.27 08:32:04 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012.07.27 08:32:04 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012.07.27 08:32:04 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012.07.27 08:32:04 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012.07.27 08:32:04 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012.07.27 08:32:04 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012.07.27 08:32:04 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012.07.27 08:32:04 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012.07.27 08:32:04 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012.07.27 08:32:04 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012.07.27 08:32:04 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012.07.27 08:32:04 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012.07.27 08:32:04 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012.07.27 08:32:04 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012.07.27 08:32:04 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012.07.27 08:32:04 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012.07.27 08:32:04 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012.07.27 08:32:04 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012.07.27 08:32:04 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012.07.27 08:32:04 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.07.27 08:32:04 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012.07.27 08:32:04 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012.07.27 08:32:04 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012.07.27 08:32:04 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012.07.27 08:32:04 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012.07.27 08:32:04 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012.07.27 08:32:04 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012.07.27 08:32:04 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012.07.27 08:32:04 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012.07.27 08:32:03 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012.07.27 08:32:03 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.07.27 08:32:03 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.07.27 08:32:03 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012.07.27 08:32:03 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012.07.27 08:32:03 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012.07.27 08:32:03 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012.07.27 08:32:03 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012.07.27 08:32:03 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012.07.27 08:32:03 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012.07.27 08:32:03 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012.07.27 08:32:03 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012.07.27 08:32:03 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012.07.27 08:32:03 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012.07.27 08:32:03 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012.07.27 08:32:03 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012.07.27 08:32:03 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012.07.27 07:44:54 | 000,000,981 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012.07.27 07:44:53 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2012.07.27 07:44:53 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2012.07.26 22:24:54 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2012.07.26 22:24:14 | 000,001,206 | ---- | M] () -- C:\Users\Public\Desktop\HD VDeck.lnk
[2012.07.26 22:19:09 | 000,000,010 | ---- | M] () -- C:\Windows\GSetup.ini
[2012.07.26 22:00:46 | 000,177,271 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012.07.26 22:00:46 | 000,177,271 | ---- | M] () -- C:\Windows\SysNative\license.rtf

========== Files Created - No Company Name ==========

[2012.08.16 10:35:06 | 103,922,008 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012.08.15 16:38:42 | 000,003,575 | ---- | C] () -- C:\Users\Peter\AppData\Local\recently-used.xbel
[2012.08.15 16:25:41 | 000,000,892 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2012.08.14 18:26:13 | 000,001,146 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.08.13 18:54:15 | 000,089,539 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012.08.03 15:37:25 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.01 10:18:23 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.08.01 09:53:08 | 000,001,928 | ---- | C] () -- C:\Users\Public\Desktop\tmx englisch 5.lnk
[2012.08.01 09:51:14 | 000,001,926 | ---- | C] () -- C:\Users\Public\Desktop\tmx spanisch 5.lnk
[2012.08.01 08:50:41 | 139,804,145 | ---- | C] () -- C:\Users\Public\Documents\tmx_s5k.exe
[2012.07.31 12:58:36 | 414,110,061 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.07.30 15:35:19 | 000,001,218 | ---- | C] () -- C:\Users\Public\Desktop\7-PDF Website Converter.lnk
[2012.07.30 07:03:53 | 000,002,561 | ---- | C] () -- C:\Windows\diagwrn.xml
[2012.07.30 07:03:53 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2012.07.29 17:33:39 | 000,001,108 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.29 17:33:39 | 000,001,104 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.29 16:58:54 | 000,001,031 | ---- | C] () -- C:\Users\Public\Desktop\MozBackup.lnk
[2012.07.28 06:47:38 | 000,002,102 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2012.07.28 06:47:38 | 000,002,090 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2012.07.27 17:20:20 | 000,002,260 | ---- | C] () -- C:\Users\Public\Desktop\Die Sims™ 3 Luxus-Accessoires.lnk
[2012.07.27 17:12:45 | 000,002,268 | ---- | C] () -- C:\Users\Public\Desktop\Die Sims™ 3 Einfach tierisch.lnk
[2012.07.27 16:59:31 | 000,002,090 | ---- | C] () -- C:\Users\Public\Desktop\Die Sims™ 3.lnk
[2012.07.27 16:34:56 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.07.27 16:29:07 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.07.27 16:29:06 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012.07.27 13:46:12 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2012.07.27 08:41:11 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.07.27 08:32:04 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.07.27 08:32:03 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012.07.27 07:44:54 | 000,000,981 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012.07.27 07:44:53 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2012.07.27 07:44:53 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2012.07.26 22:26:50 | 000,031,272 | ---- | C] () -- C:\Windows\SysNative\AppleChargerSrv.exe
[2012.07.26 22:26:50 | 000,021,616 | ---- | C] () -- C:\Windows\SysNative\drivers\AppleCharger.sys
[2012.07.26 22:24:54 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2012.07.26 22:24:14 | 000,001,218 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD VDeck.lnk
[2012.07.26 22:24:14 | 000,001,206 | ---- | C] () -- C:\Users\Public\Desktop\HD VDeck.lnk
[2012.07.26 22:22:16 | 017,165,312 | ---- | C] () -- C:\Windows\SysNative\ig7icd64.dll
[2012.07.26 22:22:16 | 012,978,688 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
[2012.07.26 22:22:16 | 001,981,696 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa
[2012.07.26 22:22:16 | 000,734,772 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012.07.26 22:22:16 | 000,734,772 | ---- | C] () -- C:\Windows\SysNative\igkrng700.bin
[2012.07.26 22:22:16 | 000,557,476 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012.07.26 22:22:16 | 000,557,476 | ---- | C] () -- C:\Windows\SysNative\igfcg700m.bin
[2012.07.26 22:22:16 | 000,221,099 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2012.07.26 22:22:16 | 000,207,830 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2012.07.26 22:22:16 | 000,191,775 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2012.07.26 22:22:16 | 000,164,334 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2012.07.26 22:22:16 | 000,161,613 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources
[2012.07.26 22:22:16 | 000,157,226 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2012.07.26 22:22:16 | 000,148,033 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2012.07.26 22:22:16 | 000,146,675 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources
[2012.07.26 22:22:16 | 000,145,687 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2012.07.26 22:22:16 | 000,145,579 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2012.07.26 22:22:16 | 000,144,338 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ro-RO.resources
[2012.07.26 22:22:16 | 000,143,805 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2012.07.26 22:22:16 | 000,143,155 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2012.07.26 22:22:16 | 000,142,664 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2012.07.26 22:22:16 | 000,142,335 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2012.07.26 22:22:16 | 000,142,189 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2012.07.26 22:22:16 | 000,141,644 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2012.07.26 22:22:16 | 000,141,435 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2012.07.26 22:22:16 | 000,140,923 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2012.07.26 22:22:16 | 000,140,885 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2012.07.26 22:22:16 | 000,140,549 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2012.07.26 22:22:16 | 000,140,122 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2012.07.26 22:22:16 | 000,139,487 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hr-HR.resources
[2012.07.26 22:22:16 | 000,136,451 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2012.07.26 22:22:16 | 000,136,369 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2012.07.26 22:22:16 | 000,135,868 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2012.07.26 22:22:16 | 000,131,317 | ---- | C] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2012.07.26 22:22:16 | 000,124,962 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2012.07.26 22:22:16 | 000,123,467 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2012.07.26 22:22:16 | 000,094,208 | ---- | C] () -- C:\Windows\SysNative\IccLibDll_x64.dll
[2012.07.26 22:22:16 | 000,079,360 | ---- | C] () -- C:\Windows\SysNative\igdde64.dll
[2012.07.26 22:22:16 | 000,059,425 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp
[2012.07.26 22:22:16 | 000,059,398 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp
[2012.07.26 22:22:16 | 000,059,230 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp
[2012.07.26 22:22:16 | 000,059,104 | ---- | C] () -- C:\Windows\SysNative\iglhxc64_dev.vp
[2012.07.26 22:22:16 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.07.26 22:22:16 | 000,058,796 | ---- | C] () -- C:\Windows\SysNative\iglhxg64_dev.vp
[2012.07.26 22:22:16 | 000,058,109 | ---- | C] () -- C:\Windows\SysNative\iglhxo64_dev.vp
[2012.07.26 22:22:16 | 000,018,488 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
[2012.07.26 22:22:16 | 000,009,216 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2012.07.26 22:22:16 | 000,000,264 | ---- | C] () -- C:\Windows\SysNative\GfxUI.exe.config
[2012.07.26 22:21:08 | 000,015,128 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2012.07.26 22:19:09 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2012.07.26 22:05:39 | 000,001,409 | ---- | C] () -- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012.07.26 22:05:38 | 000,001,443 | ---- | C] () -- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.07.26 22:00:41 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012.07.26 22:00:39 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012.07.26 21:59:20 | 2064,162,815 | -HS- | C] () -- C:\hiberfil.sys
[2011.12.08 16:14:58 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

========== LOP Check ==========

[2012.07.27 16:37:47 | 000,000,000 | ---D | M] -- C:\Users\Franziska\AppData\Roaming\AVG2012
[2012.07.28 06:47:39 | 000,000,000 | ---D | M] -- C:\Users\Franziska\AppData\Roaming\Thunderbird
[2012.08.02 18:23:04 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\7-PDFWebsiteConverter
[2012.07.27 07:46:08 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\AVG2012
[2012.07.29 17:46:55 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\LibreOffice
[2012.08.03 11:51:39 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\pdfforge
[2012.08.02 22:22:24 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\SchreibTrainer4
[2012.07.29 17:25:44 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Thunderbird
[2012.08.16 07:57:23 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\uTorrent
[2012.07.29 19:19:44 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\WikidPad
[2009.07.14 07:08:49 | 000,017,514 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
Sippowich
Active Member
 
Posts: 8
Joined: August 14th, 2012, 1:43 pm

Re: ib.adnxs.com pop up

Unread postby Sippowich » August 16th, 2012, 12:01 pm

and the extra log file:

OTL Extras logfile created on: 16.08.2012 17:51:29 - Run 2
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\Peter\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy

7,90 Gb Total Physical Memory | 6,50 Gb Available Physical Memory | 82,26% Memory free
15,79 Gb Paging File | 14,33 Gb Available in Paging File | 90,76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 140,72 Gb Total Space | 86,54 Gb Free Space | 61,50% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 903,13 Gb Free Space | 96,95% Space Free | Partition Type: NTFS

Computer Name: HOME | User Name: Peter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3616754204-2986781181-1707487272-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01C53E9F-13FE-497D-81CB-3D5019501298}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0AAD95F3-59ED-4F6F-A54F-7BF10CCBA58F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{202DAAF1-B5B2-4D22-BD67-B4860594C8CA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2236097B-2C27-4BD2-80B8-6B548ACCF19E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2632FACB-989C-4B8D-A366-515B687A5057}" = rport=137 | protocol=17 | dir=out | app=system |
"{2B9AECB0-EDB9-4151-A8B3-D7842A1449D6}" = lport=137 | protocol=17 | dir=in | app=system |
"{467D23DC-1952-4490-B898-344C26B4FEF3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{491D7239-9AF9-4CDD-9265-4066D5ECF622}" = lport=445 | protocol=6 | dir=in | app=system |
"{6395A85E-151D-448E-AEAD-D115AAB5D380}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{69D6BFF6-A393-4F24-98DC-81CD49F02BE3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{70D1875E-D1FF-4CA0-BA10-2E153EA95AA1}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{75429305-D6A6-4360-9E82-6195510AEB4A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8E7DA590-4385-4F9A-A2E5-B5244DFB8490}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9B579899-5349-45A2-9F82-140832A3BBD1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9D11D4AA-756D-4478-BCB6-511C204A8714}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A51D7E50-0B55-4B85-AD37-3FADFD0B979C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AB52AC58-5A89-4419-9446-89EF3426D047}" = lport=10243 | protocol=6 | dir=in | app=system |
"{ACDFE21C-82CC-4AFF-8ABD-7C2E12532D94}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B2D8542D-E073-45CD-BCF9-F9D4320AE324}" = rport=139 | protocol=6 | dir=out | app=system |
"{B9E260BB-E0EC-468A-9E8C-1D6BCB8C2260}" = rport=445 | protocol=6 | dir=out | app=system |
"{BC200D21-488A-4F80-8A3C-903A2DABC59B}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{CC5CE164-BC86-4C91-BA21-5A8B67404596}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{D6926193-A699-4659-877D-C30EF4F57592}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D80D8837-591B-4E5E-9F7E-82C98018B143}" = lport=139 | protocol=6 | dir=in | app=system |
"{E5D32D96-FD62-4860-BBAE-47AE66D2631D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EB244B25-B086-4A95-BA7C-D3B6B3968AE6}" = rport=138 | protocol=17 | dir=out | app=system |
"{EC370CB0-F131-4795-898F-AB9B5677D77E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{ECB13447-E873-4CEC-8AD2-34948DB3F275}" = rport=10243 | protocol=6 | dir=out | app=system |
"{F02357E3-472B-479E-9349-91B03F940717}" = lport=138 | protocol=17 | dir=in | app=system |
"{F819965F-8DF2-4BC5-8E01-4EBC2A8F1E9D}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{FBCEB09B-F3B8-4220-A53F-F8E4BD181E20}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B841CC5-D4BD-4277-83DD-1B94ECE36CAC}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0CCBAF31-8569-4651-AB25-5963ED4345C8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2282729A-9AC4-4798-889C-864C9A85281B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{29C15B44-2D65-4628-9175-1AC928AF51A6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3028E2A1-F9C5-4981-9138-697F91A36829}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{3709C91F-2A07-43A8-84EA-4CA2EFC010B7}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{3F788B78-9BB5-4CE4-ADC4-F7EFF449C911}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{427F27D7-23EE-435E-82C7-DE52E66104BE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4595F401-0917-4EC7-97EE-5B397AF8BD00}" = protocol=17 | dir=in | app=d:\peter\downloads\cnet2_wikidpad-2_1_exe.exe |
"{511E6DDF-5963-4135-AE5D-0365CB07DD61}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{62B3BB95-D65C-4C1A-8CA8-C6E71AC5C269}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6C6057A9-C719-4B4A-9BD9-FFB67FDBF380}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{70C41569-9E73-4694-8462-DBC2CE228232}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{79AFF625-63FE-4DFF-A167-8499C6264333}" = protocol=6 | dir=in | app=d:\peter\downloads\cnet2_wikidpad-2_1_exe.exe |
"{7CE545E8-14AB-4BE8-BB9F-45F0D05059DB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{833375CB-5DA3-42A1-A15F-81A767D82726}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{86F949E9-4824-4740-9B85-B2FA4CEF4C0B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9FC4FE20-2322-4A3F-9055-5F7B894448FA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A2D084BB-68E6-47DE-9A43-81C3159F3785}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{A5E51867-D84A-438C-B385-9F08A313AB88}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AA11F550-8DC7-4F99-A06E-089960579F87}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B5CF922A-522D-422F-B7A2-231B0AF47F80}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{C3D79EEB-DB7B-4BE0-95C4-85BD9FF1819F}" = protocol=6 | dir=out | app=system |
"{C5BD65A4-9E6C-47FB-A05F-B0BD326DE982}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{DE677D7D-CAC8-4051-87A1-FBE5D009B50C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E507CC7E-CCD1-409D-88AD-9DBF147D7C00}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{ED5FFD86-6D7F-4834-9C69-E910D617CB11}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{EDBFA080-77E1-44E8-8C07-CC35E528DF9B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F1BB9EF6-3AF8-4B12-96D1-93C41960D7E6}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{F5A153E8-D8F6-4ED3-AEF5-28E92C402822}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{FDDBEEA7-C990-4B89-A7CD-F2983AB30666}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{3C8159DD-1890-4625-A5B2-E3D8D78D4486}" = AVG 2012
"{6199B534-A1B6-46ED-873B-97B0ECF8F81E}" = Intel® Trusted Connect Service Client
"{A108BD40-0A8C-4385-8874-74C4B6086CC3}" = AVG 2012
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"AVG" = AVG 2012
"GIMP-2_is1" = GIMP 2.8.0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22A83C29-58A8-4CAB-8EDC-918D74F8429E}_is1" = WikidPad 2.1
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.1102.1
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = Die Sims™ 3 Luxus-Accessoires
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{89286F5B-4B78-41DE-9982-B7AD010DE01B}" = *tmx englisch
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{B1F9C834-0594-4563-B344-4ED9599A5945}" = LibreOffice 3.5
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = Die Sims™ 3 Einfach tierisch
"{CECDEFF3-354E-4D1D-B69D-E3B1590AA807}" = *tmx spanisch
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"7-PDF Website Converter_is1" = 7-PDF Website Converter Version 1.0.6 (Build 164)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"Mozilla Thunderbird 14.0 (x86 de)" = Mozilla Thunderbird 14.0 (x86 de)
"PC Wizard 2012_is1" = PC Wizard 2012.2.1
"Schreib-Trainer_is1" = Schreib-Trainer 4.1.3
"SpeedFan" = SpeedFan (remove only)
"ST6UNST #1" = GTASA-Ultimate Editor
"vfd-ob" = VideoFileDownload
"VLC media player" = VLC media player 2.0.3

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 14.08.2012 23:06:06 | Computer Name = Home | Source = WinMgmt | ID = 10
Description =

Error - 15.08.2012 01:46:56 | Computer Name = Home | Source = WinMgmt | ID = 10
Description =

Error - 15.08.2012 02:28:31 | Computer Name = Home | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der
Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.

Error - 15.08.2012 17:03:18 | Computer Name = Home | Source = WinMgmt | ID = 10
Description =

Error - 16.08.2012 01:49:11 | Computer Name = Home | Source = WinMgmt | ID = 10
Description =

Error - 16.08.2012 04:29:46 | Computer Name = Home | Source = WinMgmt | ID = 10
Description =

Error - 16.08.2012 04:46:22 | Computer Name = Home | Source = WinMgmt | ID = 10
Description =

Error - 16.08.2012 04:53:34 | Computer Name = Home | Source = WinMgmt | ID = 10
Description =

Error - 16.08.2012 07:15:33 | Computer Name = Home | Source = WinMgmt | ID = 10
Description =

Error - 16.08.2012 09:34:21 | Computer Name = Home | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 16.08.2012 03:26:24 | Computer Name = Home | Source = NetBT | ID = 4321
Description = Der Name "HOME :0" konnte nicht auf der Schnittstelle mit
IP-Adresse 10.0.0.1 registriert werden. Der Computer mit IP-Adresse 10.0.0.138 hat
nicht zugelassen, dass dieser Computer diesen Namen verwendet.

Error - 16.08.2012 04:29:46 | Computer Name = Home | Source = NetBT | ID = 4321
Description = Der Name "HOME :0" konnte nicht auf der Schnittstelle mit
IP-Adresse 10.0.0.1 registriert werden. Der Computer mit IP-Adresse 10.0.0.138 hat
nicht zugelassen, dass dieser Computer diesen Namen verwendet.

Error - 16.08.2012 04:46:26 | Computer Name = Home | Source = NetBT | ID = 4321
Description = Der Name "HOME :0" konnte nicht auf der Schnittstelle mit
IP-Adresse 10.0.0.1 registriert werden. Der Computer mit IP-Adresse 10.0.0.138 hat
nicht zugelassen, dass dieser Computer diesen Namen verwendet.

Error - 16.08.2012 04:51:49 | Computer Name = Home | Source = NetBT | ID = 4321
Description = Der Name "HOME :0" konnte nicht auf der Schnittstelle mit
IP-Adresse 10.0.0.1 registriert werden. Der Computer mit IP-Adresse 10.0.0.138 hat
nicht zugelassen, dass dieser Computer diesen Namen verwendet.

Error - 16.08.2012 05:34:12 | Computer Name = Home | Source = NetBT | ID = 4321
Description = Der Name "HOME :0" konnte nicht auf der Schnittstelle mit
IP-Adresse 10.0.0.1 registriert werden. Der Computer mit IP-Adresse 10.0.0.138 hat
nicht zugelassen, dass dieser Computer diesen Namen verwendet.

Error - 16.08.2012 06:18:46 | Computer Name = Home | Source = NetBT | ID = 4321
Description = Der Name "HOME :0" konnte nicht auf der Schnittstelle mit
IP-Adresse 10.0.0.1 registriert werden. Der Computer mit IP-Adresse 10.0.0.138 hat
nicht zugelassen, dass dieser Computer diesen Namen verwendet.

Error - 16.08.2012 07:13:47 | Computer Name = Home | Source = NetBT | ID = 4321
Description = Der Name "HOME :0" konnte nicht auf der Schnittstelle mit
IP-Adresse 10.0.0.1 registriert werden. Der Computer mit IP-Adresse 10.0.0.138 hat
nicht zugelassen, dass dieser Computer diesen Namen verwendet.

Error - 16.08.2012 09:32:36 | Computer Name = Home | Source = NetBT | ID = 4321
Description = Der Name "HOME :0" konnte nicht auf der Schnittstelle mit
IP-Adresse 10.0.0.1 registriert werden. Der Computer mit IP-Adresse 10.0.0.138 hat
nicht zugelassen, dass dieser Computer diesen Namen verwendet.

Error - 16.08.2012 10:49:34 | Computer Name = Home | Source = NetBT | ID = 4321
Description = Der Name "HOME :0" konnte nicht auf der Schnittstelle mit
IP-Adresse 10.0.0.1 registriert werden. Der Computer mit IP-Adresse 10.0.0.138 hat
nicht zugelassen, dass dieser Computer diesen Namen verwendet.

Error - 16.08.2012 11:50:59 | Computer Name = Home | Source = NetBT | ID = 4321
Description = Der Name "HOME :0" konnte nicht auf der Schnittstelle mit
IP-Adresse 10.0.0.1 registriert werden. Der Computer mit IP-Adresse 10.0.0.138 hat
nicht zugelassen, dass dieser Computer diesen Namen verwendet.


< End of report >
Sippowich
Active Member
 
Posts: 8
Joined: August 14th, 2012, 1:43 pm

Re: ib.adnxs.com pop up

Unread postby pgmigg » August 16th, 2012, 1:36 pm

Hello Sippowich,

Thank you and let continue our treatment...

Step 1.
OTL - Run Fix Script
You should still have OTL.exe on your desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Underneath Output at the top, make sure Standard Output is selected.
  3. Copy and Paste the following code into the Image text box. Do not include the word Code
    Code: Select all
    :OTL
    O2 - BHO: (no name) - {BA0454C5-FD30-428E-8DB9-3FF87A612F64} - No CLSID value found.
    
    :Files
    C:\ProgramData\Spybot - Search & Destroy
    C:\Program Files (x86)\Spybot - Search & Destroy
    ipconfig /flushdns /c
    
    :Commands
    [EMPTYTEMP]
    [EMPTYFLASH]
    [EMPTYJAVA]
    [CREATERESTOREPOINT]
    
  4. Click under the Custom Scan/Fixes box and paste the copied text.
  5. Click the Run Fix button. If prompted... click OK.
  6. OTL may ask to reboot the machine. Please do so if asked.
  7. Let the program run unhindered and reboot the PC when it is done.
    When the computer reboots, and you start your usual account, a Notepad text file will appear.
  8. Copy the contents of that file and post it in your next reply. The log can also be found, based on the date/time it was created, as C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log

Step 2.
Malwarebytes' Anti-Malware (MBAM) Full Scan
Your logs indicates that you already have MBAM on your computer.
  1. Please start MBAM .
    You must be connected to the Internet to obtain any updates.
  2. Press the Update tab. Then press the Check for Updates...button. <<---Important!
    Once any updates are installed or you get the message that you are up-to-date
  3. Press the Scanner tab...
  4. Select FULL SCAN this time... then press the Scan button. This scan will take a while, so please be patient.
    When the scan finishes...
  5. Check all items except any items (if present) in the C:\System Volume Information folder... then click on Remove Selected.
  6. Let MBAM remove what it can... if there are files to be deleted on reboot... please reboot the machine so MBAM can finish the removal.
    If you rebooted, then you'll need to start MBAM again.
  7. Press the LOG... tab. Locate the most current log file.
    Please copy and paste the most recent log (from this new run) in your next reply.

Step 3.
ESET online scannner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

  1. Firstly please Disable any Antivirus you have active, as shown in This topic.
  2. Note: Don't forget to re-enable it after the scan.
  3. Next please click on the following link to open a new window to ESET online scannner
  4. Then click on: Image
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  5. Select the option YES, I accept the Terms of Use then click on: Image
  6. When prompted allow the Add-On/Active X to install.
  7. Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  8. Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  9. Now click on: Image
  10. The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  11. When completed the Online Scan will begin automatically.
  12. Do not touch either the mouse or keyboard during the scan otherwise it may stall.
  13. When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  14. Now click on: Image
  15. Use notepad to open the log file located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  16. Copy and paste that log as a reply to this topic.

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of the C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log log file after OTL FixScript run
  3. Contents of the most recent MBAM Log file.
  4. Contents of scan results from C:\Program Files\ESET\EsetOnlineScanner\log.txt file.
  5. Do you see any changes in computer behavior?

Please do not hesitate to divide the post into multiple if it is too long...

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: ib.adnxs.com pop up

Unread postby Sippowich » August 16th, 2012, 3:50 pm

Well, I have done the next steps now.

A. No problems wie the execution.

B. OTL FixScript moved files log

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0454C5-FD30-428E-8DB9-3FF87A612F64}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BA0454C5-FD30-428E-8DB9-3FF87A612F64}\ not found.
========== FILES ==========
C:\ProgramData\Spybot - Search & Destroy\Recovery folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy\Logs folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy folder moved successfully.
C:\Program Files (x86)\Spybot - Search & Destroy folder moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Peter\Desktop\cmd.bat deleted successfully.
C:\Users\Peter\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Franziska
->Temp folder emptied: 39933 bytes
->Temporary Internet Files folder emptied: 2908354 bytes
->FireFox cache emptied: 66587906 bytes
->Flash cache emptied: 492 bytes

User: Peter
->Temp folder emptied: 3707069 bytes
->Temporary Internet Files folder emptied: 264519887 bytes
->FireFox cache emptied: 1232735116 bytes
->Flash cache emptied: 976 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3424372 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36081758 bytes
RecycleBin emptied: 15444154959 bytes

Total Files Cleaned = 16.264,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Franziska
->Flash cache emptied: 0 bytes

User: Peter
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Franziska

User: Peter

User: Public

Total Java Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.57.0 log created on 08162012_204533

Files\Folders moved on Reboot...
C:\Users\Peter\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...
File C:\Users\Peter\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!

Registry entries deleted on Reboot...




C. MBAM log file:

Malwarebytes Anti-Malware 1.62.0.1300
http://www.malwarebytes.org

Datenbank Version: v2012.08.16.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Peter :: HOME [Administrator]

16.08.2012 20:51:16
mbam-log-2012-08-16 (20-51-16).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 307391
Laufzeit: 5 Minute(n), 8 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)




D. ESET log file

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK


the log is quite short?
it found 2 threats:
D:\Peter\Downloads\cnet2_WikidPad-2_1_exe.exe a variant of Win32/InstallCore.D application
D:\Peter\Downloads\PDFCreator-1_4_3_setup.exe Win32/OpenCandy application



E. The behaviour is like described in my second post.


Again thank you!
Sippowich
Active Member
 
Posts: 8
Joined: August 14th, 2012, 1:43 pm

Re: ib.adnxs.com pop up

Unread postby pgmigg » August 16th, 2012, 4:22 pm

Hello Sippowich,

Your latest set of logs appear to be clean! :cheers:
This is my general post for when your logs show no more signs of malware.
Before I give you instructions how to keep your computer clean and secure, you need to make a few additional steps

Step 1.
Latest Java Installation Needed!

Attention: Print these instructions or copy them. You will be closing your browser!!

DOWNLOAD LATEST VERSION
  1. Get the latest version (7u6) of Java Runtime Environment (JRE)... © Sun Microsystems, Inc.
  2. Click the "Download JRE" button to the right.
  3. Check "Accept License Agreement "
  4. Locate the entry for Windows x64, click on the associated file name, then save the file to your Desktop.

INSTALL Java
  1. Close all open applications (standard), especially your browser.
  2. From Desktop please right-click on jre-7u6-windows-x64.exe select "Run As Administrator..." to install the newest version.
  3. Follow the on-screen directions. When installation is completed successfully, please reboot your computer normally.
  4. Once the computer has been restarted, you can delete the "downloaded" installation file from your desktop.

OPTIONAL:
To prevent some unnecessary JAVA components from running when you boot your computer each time...
  1. Go to Control Panel and click on the JAVA icon.
  2. Press the Advanced tab and find the JRE Auto-Download sub-menu.
  3. CHECK "Never Auto-Download". (You can check for updates manually.)
  4. Press Apply and OK, then close the Java Control Panel and exit Control Panel.

Step 2.
OTL - Run Fix Script
You should still have OTL on your desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Copy and Paste the following code into the Image text box. Do not include the word Code
    Code: Select all
    :Files
    D:\Peter\Downloads\cnet2_WikidPad-2_1_exe.exe
    D:\Peter\Downloads\PDFCreator-1_4_3_setup.exe
    
    :Commands
    [EMPTYTEMP]
    [CLEARALLRESTOREPOINTS]
    

  3. Click under the Custom Scan/Fixes box and paste the copied text.
  4. Click the Run Fix button. If prompted... click OK.
  5. OTL may ask to reboot the machine. Please do so if asked.

Step 3.
OTL - Cleanup
  1. Right click on OTL.exe select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Press the CleanUp button.
  3. When done, you will be prompted to reboot your system to finish file removal, please select OK to reboot your computer.


Then:
Please don't forget to enable all your defense software!

Finally, please click HERE to find a short guide to staying safer online.

Please don't hesitate to ask any additional questions.

Stay Safe! ;)
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: ib.adnxs.com pop up

Unread postby Sippowich » August 17th, 2012, 12:10 am

Hey pgmigg,

I just executed the last steps without problems.
Now I am reading the guide.

Thank you for the p2p hint, I didn't think about that :(

Anyway, thank you for all the help the last days. You guys do a great job here!
I hope I won't need it anymore :)

Greetings
Sippowich
Sippowich
Active Member
 
Posts: 8
Joined: August 14th, 2012, 1:43 pm

Re: ib.adnxs.com pop up

Unread postby pgmigg » August 17th, 2012, 12:28 am

You are very welcome, Sippowich! :D

Stay Safe! ;)
pgmigg
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: ib.adnxs.com pop up

Unread postby NonSuch » August 17th, 2012, 2:14 am

As this issue appears to be resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 28747
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 388 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware