Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: LyricsWoofer selbst entfernt, noch Reste vorhanden?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 21.07.2013, 19:10   #1
Feroc
 
LyricsWoofer selbst entfernt, noch Reste vorhanden? - Standard

LyricsWoofer selbst entfernt, noch Reste vorhanden?



Hallo,

irgendwie hatte ich mir LyricsWoofer eingefangen, aufgefallen ist es mir, da ich in Google Chrome ein unbekanntes Plugin hatte, dass mir einzelne Wörter unterstrich und diese dann zu Werbung führten.

Was ich bisher unternommen habe:
  • Entsprechendes Plugin entfernt
  • LyricsWoofer deinstalliert
  • Scan mit Avast
  • Scan mit Malwarebytes
  • Scan mit AdwCleaner

Leider habe ich nicht mehr alle Logs, hier ist aber zumindest noch das von AdwCleaner:

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v2.306 - Datei am 21/07/2013 um 19:41:28 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 8 Pro N  (64 bits)
# Benutzer : Mathias - FEROC-PC
# Bootmodus : Normal
# Ausgeführt unter : D:\Web\adwcleaner06.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\LyricsWoofer
Schlüssel Gelöscht : HKCU\Software\InstallCore

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Google Chrome v28.0.1500.72

Datei : C:\Users\Mathias\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [980 octets] - [21/07/2013 19:40:06]
AdwCleaner[S1].txt - [861 octets] - [21/07/2013 19:41:28]

########## EOF - C:\AdwCleaner[S1].txt - [920 octets] ##########
         
--- --- ---


Ich hoffe hier kann mir jemand helfen zu überprüfen, ob ich alles erwischt habe und ggf. das System komplett zu säubern.

Anbei noch die FRST.txt:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-07-2013
Ran by Mathias (administrator) on 21-07-2013 20:12:47
Running from C:\Users\Mathias\Desktop
Windows 8 Pro N (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(brother Industries Ltd) C:\Windows\SysWOW64\brsvc01a.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(brother Industries Ltd) C:\Windows\SysWOW64\brss01a.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Microsoft Corporation) C:\Users\Mathias\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Valve Corporation) E:\Spiele\Steam\Steam.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(Dropbox, Inc.) C:\Users\Mathias\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTXFISPI.EXE
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE15\CSISYN~1.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) E:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) D:\Web\mbar-1.06.0.1004\mbar\mbar.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-03] (NVIDIA Corporation)
HKLM\...\Run: [AsioReg] - REGSVR32 /S CTASIO.DLL [x]
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7477016 2013-04-25] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKCU\...\Run: [SkyDrive] - C:\Users\Mathias\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-07-02] (Microsoft Corporation)
HKCU\...\Run: [Steam] - E:\Spiele\Steam\steam.exe [1672616 2013-07-10] (Valve Corporation)
HKCU\...\RunOnce: [Uninstall C:\Users\Mathias\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64] - C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mathias\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64" [404992 2012-07-26] (Microsoft Corporation)
HKLM-x32\...\Run: [CTxfiHlp] - CTXFIHLP.EXE [24576 2012-12-18] (Creative Technology Ltd)
HKLM-x32\...\Run: [AsioReg] - REGSVR32 /S CTASIO.DLL [x]
HKLM-x32\...\Run: [KeePass 2 PreLoad] - "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload [1960448 2013-04-05] (Dominik Reichl)
HKLM-x32\...\Run: [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)
Startup: C:\Users\Mathias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BTGuard Updates.lnk
ShortcutTarget: BTGuard Updates.lnk -> C:\BTGUARD\settings.exe ()
Startup: C:\Users\Mathias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Mathias\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - E:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - E:\Programme (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\Program Files (x86)\MICROS~1\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - E:\Program Files (x86)\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Tcpip\Parameters: [DhcpNameServer] 78.42.43.62 82.212.62.62

Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Extension: (ProxTube) - C:\Users\Mathias\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.2.3_0
CHR Extension: (Magic Actions for YouTube\u2122) - C:\Users\Mathias\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif\5.8.6_0
CHR Extension: (Text URL Linker) - C:\Users\Mathias\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegfbpchoheaflicfmggkmlmcccpjpgd\1.3.0_0
CHR Extension: (Google Docs) - C:\Users\Mathias\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Mathias\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Mathias\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - C:\Users\Mathias\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5_0
CHR Extension: (Google Search) - C:\Users\Mathias\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (avast! Online Security) - C:\Users\Mathias\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0
CHR Extension: (Imgur Uploader) - C:\Users\Mathias\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgmpmjpekinnebjgnakcahjikbomnmlb\0.11_0
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Mathias\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.2.0.1_0
CHR Extension: (Ti\u00EBsto) - C:\Users\Mathias\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnmeobddjkkgkglnogihcaejaleikhdh\2_0
CHR Extension: (Gmail) - C:\Users\Mathias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 Brother XP spl Service; C:\Windows\SysWOW64\brsvc01a.exe [57344 2004-06-14] (brother Industries Ltd)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R3 Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-01] (Wondershare)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-07-21] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-07-21] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-07-21] ()
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [66800 2013-01-17] (Logitech Inc.)
R3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [36680 2013-07-21] ()
R3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [36680 2013-07-21] ()
R3 mbamswissarmy; C:\Windows\system32\drivers\mbamswissarmy.sys [162008 2013-07-21] (Malwarebytes Corporation)
R3 mbamswissarmy; C:\Windows\system32\drivers\mbamswissarmy.sys [162008 2013-07-21] (Malwarebytes Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
S3 VSPerfDrv110; E:\Programme (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-26] (Microsoft Corporation)
S3 VSPerfDrv110; E:\Programme (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-26] (Microsoft Corporation)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-21 20:10 - 2013-07-21 20:11 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-07-21 20:10 - 2013-07-21 20:10 - 00162008 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2013-07-21 20:10 - 2013-07-21 20:10 - 00036680 _____ C:\Windows\system32\Drivers\mbamchameleon.sys
2013-07-21 19:44 - 2013-07-21 19:44 - 00165376 _____ C:\Users\Mathias\Desktop\SystemLook_x64.exe
2013-07-21 19:43 - 2013-07-21 19:44 - 00000928 _____ C:\AdwCleaner[R2].txt
2013-07-21 19:41 - 2013-07-21 19:41 - 00000988 _____ C:\AdwCleaner[S1].txt
2013-07-21 19:40 - 2013-07-21 19:40 - 00000980 _____ C:\AdwCleaner[R1].txt
2013-07-21 19:32 - 2013-07-21 19:32 - 00000000 ____D C:\FRST
2013-07-21 19:31 - 2013-07-21 19:31 - 01779345 _____ (Farbar) C:\Users\Mathias\Desktop\FRST64.exe
2013-07-21 17:47 - 2013-07-21 17:47 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-07-21 17:47 - 2013-07-21 17:47 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-07-21 17:47 - 2013-07-21 17:47 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-07-21 17:47 - 2013-07-21 17:47 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-07-21 17:47 - 2013-07-21 17:47 - 00001922 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-07-21 17:47 - 2013-07-21 17:47 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-07-21 17:47 - 2013-07-21 17:47 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-07-21 17:47 - 2013-07-21 17:47 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-07-21 17:47 - 2013-07-21 17:47 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-21 17:47 - 2013-07-21 17:47 - 00000000 ____D C:\Program Files\AVAST Software
2013-07-21 17:47 - 2013-07-21 17:47 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-07-21 17:47 - 2013-05-09 10:59 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-07-21 17:47 - 2013-05-09 10:59 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-07-21 17:47 - 2013-05-09 10:59 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-07-21 17:47 - 2013-05-09 10:59 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-07-21 17:47 - 2013-05-09 10:59 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-07-21 17:47 - 2013-05-09 10:58 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-07-21 17:47 - 2013-05-09 10:58 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-07-21 17:46 - 2013-07-21 17:46 - 00000002 _____ C:\AvastSetup.log
2013-07-21 13:10 - 2013-07-21 13:11 - 00000000 ____D C:\Users\Mathias\AppData\Roaming\Origin
2013-07-21 13:10 - 2013-07-21 13:10 - 00000000 ____D C:\Users\Mathias\AppData\Local\Origin
2013-07-21 13:10 - 2013-07-21 13:10 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-07-21 13:09 - 2013-07-21 13:11 - 00000000 ____D C:\ProgramData\Origin
2013-07-21 13:09 - 2013-07-21 13:10 - 00000000 ____D C:\Program Files (x86)\Origin
2013-07-21 13:09 - 2013-07-21 13:09 - 00000979 _____ C:\Users\Public\Desktop\Origin.lnk
2013-07-21 13:09 - 2013-07-21 13:09 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-07-20 20:11 - 2013-07-20 20:11 - 00000000 ____D C:\Users\Mathias\AppData\Local\Introversion
2013-07-20 08:38 - 2013-07-20 08:39 - 00000000 ____D C:\Windows\system32\MRT
2013-07-19 14:18 - 2013-07-19 14:18 - 00002133 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2013-07-19 14:17 - 2013-07-14 03:17 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-07-19 14:17 - 2013-07-14 03:17 - 22100256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-07-19 14:17 - 2013-07-14 03:17 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-07-19 14:17 - 2013-07-14 03:17 - 15631064 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-07-19 14:17 - 2013-07-14 03:17 - 11244320 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-07-19 14:17 - 2013-07-14 03:17 - 09248072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-07-19 14:17 - 2013-07-14 03:17 - 07694808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-07-19 14:17 - 2013-07-14 03:17 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-07-19 14:17 - 2013-07-14 03:17 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-07-19 14:17 - 2013-07-14 03:17 - 02968352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-07-19 14:17 - 2013-07-14 03:17 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-07-19 14:17 - 2013-07-14 03:17 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-07-19 14:17 - 2013-07-14 03:17 - 02007328 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-07-19 14:17 - 2013-07-14 03:17 - 01882912 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432619.dll
2013-07-19 14:17 - 2013-07-14 03:17 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432619.dll
2013-07-19 14:17 - 2013-07-14 03:17 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-07-19 14:17 - 2013-07-14 03:17 - 00632096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-07-19 14:17 - 2013-07-14 03:17 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-07-19 14:17 - 2013-07-14 03:17 - 00517408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-07-19 14:17 - 2013-07-14 03:17 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-07-19 14:17 - 2013-07-14 03:17 - 00458528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2013-07-19 14:17 - 2013-07-14 03:17 - 00388384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-07-19 14:17 - 2013-07-14 03:17 - 00387536 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-07-19 14:17 - 2013-07-14 03:17 - 00326224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-07-19 14:17 - 2013-07-14 03:17 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-07-19 14:17 - 2013-07-14 03:17 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-07-19 14:17 - 2013-06-16 14:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2013-07-19 14:17 - 2013-06-16 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2013-07-17 07:27 - 2013-06-17 00:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2013-07-17 07:27 - 2013-06-01 13:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-07-17 07:27 - 2013-06-01 13:33 - 02233600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-17 07:27 - 2013-06-01 13:26 - 06987008 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-07-17 07:27 - 2013-06-01 13:26 - 00327936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2013-07-17 07:27 - 2013-06-01 12:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-07-17 07:27 - 2013-06-01 11:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2013-07-17 07:27 - 2013-06-01 11:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2013-07-17 07:27 - 2013-06-01 11:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2013-07-17 07:27 - 2013-06-01 11:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2013-07-17 07:27 - 2013-06-01 11:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2013-07-17 07:27 - 2013-05-25 00:09 - 01403296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2013-07-17 07:27 - 2013-05-25 00:09 - 01271584 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2013-07-17 07:27 - 2013-05-20 02:08 - 00386642 _____ C:\Windows\system32\ApnDatabase.xml
2013-07-17 07:26 - 2013-06-01 13:54 - 00194816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-07-17 07:26 - 2013-06-01 13:54 - 00125184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2013-07-17 07:26 - 2013-06-01 13:29 - 00337152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2013-07-17 07:26 - 2013-06-01 13:29 - 00213248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-07-17 07:26 - 2013-06-01 11:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-07-17 07:26 - 2013-06-01 11:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2013-07-17 07:26 - 2013-06-01 11:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2013-07-17 07:26 - 2013-06-01 11:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2013-07-17 07:26 - 2013-06-01 11:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2013-07-17 07:26 - 2013-06-01 11:22 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-07-17 07:26 - 2013-06-01 11:22 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-07-17 07:26 - 2013-06-01 11:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2013-07-17 07:26 - 2013-06-01 11:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe
2013-07-17 07:26 - 2013-06-01 11:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2013-07-17 07:26 - 2013-06-01 11:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2013-07-17 07:26 - 2013-06-01 11:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2013-07-17 07:26 - 2013-06-01 11:19 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2013-07-17 07:26 - 2013-06-01 11:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll
2013-07-17 07:26 - 2013-06-01 05:08 - 00037632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys
2013-07-17 07:26 - 2013-05-25 00:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2013-07-17 07:26 - 2013-05-25 00:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2013-07-15 21:53 - 2013-07-15 21:53 - 00001347 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2013-07-15 19:32 - 2013-07-15 19:32 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-15 19:32 - 2013-07-15 19:32 - 00000000 ____D C:\Users\Mathias\AppData\Roaming\Malwarebytes
2013-07-15 19:32 - 2013-07-15 19:32 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-15 19:32 - 2013-07-15 19:32 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-15 19:32 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-07-15 17:56 - 2013-07-15 17:56 - 00362784 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-13 15:24 - 2013-07-13 15:24 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-07-12 22:28 - 2013-07-12 23:32 - 00000000 ____D C:\Users\Mathias\AppData\Local\Darksiders
2013-07-12 22:28 - 2013-07-12 22:28 - 00002105 _____ C:\Users\Public\Desktop\Darksiders Comic.lnk
2013-07-12 22:28 - 2013-07-12 22:28 - 00001957 _____ C:\Users\Public\Desktop\Darksiders SoundTrack.lnk
2013-07-12 22:28 - 2013-07-12 22:28 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-07-12 22:28 - 2013-07-12 22:28 - 00000000 ____D C:\Program Files (x86)\THQ
2013-07-12 09:56 - 2013-07-12 09:56 - 00000000 ____D C:\Users\Mathias\Documents\Apowersoft Screen Recorder Pro
2013-07-12 09:56 - 2013-06-01 13:56 - 00031920 _____ (Wondershare) C:\Windows\system32\Drivers\Apowersoft_AudioDevice.sys
2013-07-12 09:46 - 2013-07-12 09:51 - 00004520 _____ C:\Users\Mathias\AppData\Roaming\CamStudio.cfg
2013-07-12 09:46 - 2013-07-12 09:51 - 00000408 _____ C:\Users\Mathias\AppData\Roaming\CamShapes.ini
2013-07-12 09:46 - 2013-07-12 09:51 - 00000408 _____ C:\Users\Mathias\AppData\Roaming\CamLayout.ini
2013-07-12 09:46 - 2013-07-12 09:51 - 00000098 _____ C:\Users\Mathias\AppData\Roaming\Camdata.ini
2013-07-12 09:44 - 2013-07-12 09:44 - 00000000 ____D C:\Program Files (x86)\CamStudio 2.7
2013-07-12 09:26 - 2013-07-12 09:53 - 00000000 ____D C:\Users\Mathias\AppData\Roaming\GitHub
2013-07-12 09:26 - 2013-07-12 09:53 - 00000000 ____D C:\Users\Mathias\AppData\Local\GitHub
2013-07-12 09:26 - 2013-07-12 09:27 - 00000000 ____D C:\Users\Mathias\Documents\GitHub
2013-07-12 09:26 - 2013-07-12 09:26 - 00002184 _____ C:\Users\Mathias\Desktop\Git Shell.lnk
2013-07-12 09:26 - 2013-07-12 09:26 - 00000308 _____ C:\Users\Mathias\Desktop\GitHub.appref-ms
2013-07-12 09:26 - 2013-07-12 09:26 - 00000000 ____D C:\Users\Mathias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2013-07-12 09:26 - 2013-07-12 09:26 - 00000000 ____D C:\Users\Mathias\.ssh
2013-07-12 09:03 - 2013-07-12 09:03 - 01882872 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-07-12 09:02 - 2013-07-12 09:02 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2013-07-12 09:02 - 2012-07-06 04:02 - 01166440 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2013-07-12 09:02 - 2012-07-06 04:02 - 00778856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2013-07-12 09:02 - 2012-07-06 04:02 - 00124040 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-07-12 09:02 - 2012-07-06 04:02 - 00102528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-07-12 09:02 - 2012-07-06 04:02 - 00035400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2013-07-12 09:02 - 2012-07-06 04:02 - 00035400 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2013-07-12 08:51 - 2013-07-12 08:51 - 00000209 _____ C:\Users\Mathias\Desktop\Scribblenauts Unlimited.url
2013-07-11 07:42 - 2013-07-11 07:42 - 00000000 ___RD C:\Users\Mathias\AppData\Roaming\Brother
2013-07-10 19:15 - 2013-07-10 19:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-10 17:40 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-10 17:40 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-10 17:40 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-10 17:40 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-10 17:40 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-10 17:40 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-10 17:40 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-10 17:40 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-10 17:40 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-10 17:40 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-10 17:40 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-10 17:40 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-10 17:40 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-10 17:40 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-10 17:40 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-10 17:40 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-10 17:40 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-10 17:40 - 2013-06-01 11:25 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 17:40 - 2013-06-01 11:21 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-10 17:40 - 2013-05-31 01:14 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-10 17:40 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 17:40 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-10 17:40 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 17:40 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-04 17:20 - 2013-07-04 17:20 - 00000000 ____D C:\Users\Mathias\AppData\Roaming\TightVNC
2013-07-04 17:20 - 2013-07-04 17:20 - 00000000 ____D C:\Program Files\TightVNC
2013-07-03 20:21 - 2013-07-03 20:21 - 00000000 ____D C:\Program Files\RealVNC
2013-07-01 21:35 - 2013-07-01 21:35 - 00000600 _____ C:\Users\Mathias\AppData\Local\PUTTY.RND
2013-07-01 18:31 - 2013-07-01 18:31 - 00002210 _____ C:\Users\Mathias\Desktop\vServerWindows.rdp
2013-07-01 18:28 - 2013-07-06 12:54 - 00002210 ____H C:\Users\Mathias\Documents\Default.rdp
2013-06-30 18:44 - 2013-07-16 23:05 - 00000000 ____D C:\Users\Mathias\AppData\Roaming\TS3Client
2013-06-30 18:44 - 2013-06-30 18:44 - 00001162 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2013-06-30 18:44 - 2013-06-30 18:44 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-06-30 17:01 - 2013-06-30 17:01 - 00006703 _____ C:\Users\Mathias\AppData\Local\recently-used.xbel
2013-06-30 13:01 - 2013-06-30 13:01 - 00001041 _____ C:\Users\Mathias\Desktop\Dropbox.lnk
2013-06-30 13:00 - 2013-06-30 13:00 - 00000000 ____D C:\Users\Mathias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-06-30 11:14 - 2013-07-21 19:43 - 00000000 ____D C:\Users\Mathias\AppData\Roaming\Dropbox
2013-06-25 21:49 - 2013-06-25 21:49 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-06-25 21:48 - 2013-07-14 03:17 - 29335328 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-06-25 21:48 - 2013-06-21 14:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-06-25 21:48 - 2013-06-21 14:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-06-25 18:39 - 2013-06-25 18:39 - 00000000 ____D C:\Users\Mathias\Documents\Benutzerdefinierte Office-Vorlagen
2013-06-22 18:55 - 2013-06-22 18:55 - 00295152 _____ C:\Windows\Minidump\062213-20872-01.dmp
2013-06-22 18:53 - 2013-06-22 18:53 - 00295208 _____ C:\Windows\Minidump\062213-20935-01.dmp
2013-06-22 17:42 - 2013-06-22 17:42 - 00000000 ____D C:\Users\Mathias\.thumbnails
2013-06-22 17:37 - 2013-06-22 18:56 - 00000000 ____D C:\Users\Mathias\AppData\Local\Adobe
2013-06-22 17:37 - 2013-06-22 17:39 - 00000000 ____D C:\ProgramData\Adobe
2013-06-22 16:38 - 2013-06-22 18:55 - 583637848 _____ C:\Windows\MEMORY.DMP
2013-06-22 16:38 - 2013-06-22 18:55 - 00000000 ____D C:\Windows\Minidump
2013-06-22 16:38 - 2013-06-22 16:38 - 00295248 _____ C:\Windows\Minidump\062213-26239-01.dmp
2013-06-22 10:44 - 2013-06-22 10:44 - 00000000 ____D C:\Users\Mathias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BTGuard
2013-06-22 10:43 - 2013-07-21 19:10 - 00000000 ____D C:\BTGUARD
2013-06-22 09:52 - 2013-07-12 09:26 - 00000000 ____D C:\Users\Mathias\AppData\Local\Deployment
2013-06-22 09:52 - 2013-06-22 09:52 - 00000000 ____D C:\Users\Mathias\AppData\Local\Apps\2.0
2013-06-21 21:36 - 2013-06-21 21:36 - 00000000 ____D C:\ProgramData\Battle.net
2013-06-21 21:28 - 2013-07-11 19:31 - 00000000 ____D C:\Users\Mathias\Documents\Arduino
2013-06-21 21:28 - 2013-06-21 21:28 - 00004360 _____ C:\Windows\DPINST.LOG
2013-06-21 21:28 - 2013-06-21 21:28 - 00000991 _____ C:\Users\Public\Desktop\Arduino.lnk
2013-06-21 21:28 - 2013-06-21 21:28 - 00000000 ____D C:\Users\Mathias\AppData\Roaming\Arduino
2013-06-21 21:27 - 2013-06-21 21:28 - 00000000 ____D C:\Program Files (x86)\Arduino
2013-06-21 14:27 - 2013-06-21 14:27 - 00001610 _____ C:\Users\Public\Desktop\Path of Exile.lnk
2013-06-21 07:16 - 2013-05-16 00:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll

==================== One Month Modified Files and Folders =======

2013-07-21 20:11 - 2013-07-21 20:10 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-07-21 20:10 - 2013-07-21 20:10 - 00162008 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2013-07-21 20:10 - 2013-07-21 20:10 - 00036680 _____ C:\Windows\system32\Drivers\mbamchameleon.sys
2013-07-21 20:00 - 2012-07-26 10:13 - 00000000 ____D C:\Windows\system32\sru
2013-07-21 19:59 - 2013-06-01 23:44 - 00001130 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-21 19:53 - 2013-06-18 15:06 - 00005140 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for FEROC-PC-Mathias Feroc-PC
2013-07-21 19:48 - 2013-06-01 23:48 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2841808154-1528440975-758703612-1001
2013-07-21 19:48 - 2012-07-26 12:24 - 00828878 _____ C:\Windows\system32\perfh007.dat
2013-07-21 19:48 - 2012-07-26 12:24 - 00188018 _____ C:\Windows\system32\perfc007.dat
2013-07-21 19:48 - 2012-07-26 09:27 - 01949368 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-21 19:44 - 2013-07-21 19:44 - 00165376 _____ C:\Users\Mathias\Desktop\SystemLook_x64.exe
2013-07-21 19:44 - 2013-07-21 19:43 - 00000928 _____ C:\AdwCleaner[R2].txt
2013-07-21 19:43 - 2013-06-30 11:14 - 00000000 ____D C:\Users\Mathias\AppData\Roaming\Dropbox
2013-07-21 19:43 - 2013-06-18 15:09 - 00000000 ___RD C:\Users\Mathias\SkyDrive
2013-07-21 19:43 - 2013-06-01 23:44 - 00001126 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-21 19:43 - 2013-06-01 23:34 - 00000000 ____D C:\Users\Mathias\AppData\Local\Packages
2013-07-21 19:43 - 2012-07-26 10:13 - 00000000 ____D C:\Windows\AUInstallAgent
2013-07-21 19:42 - 2013-06-01 23:38 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-21 19:42 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-21 19:42 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-07-21 19:41 - 2013-07-21 19:41 - 00000988 _____ C:\AdwCleaner[S1].txt
2013-07-21 19:40 - 2013-07-21 19:40 - 00000980 _____ C:\AdwCleaner[R1].txt
2013-07-21 19:32 - 2013-07-21 19:32 - 00000000 ____D C:\FRST
2013-07-21 19:31 - 2013-07-21 19:31 - 01779345 _____ (Farbar) C:\Users\Mathias\Desktop\FRST64.exe
2013-07-21 19:21 - 2013-06-09 12:41 - 00000000 ____D C:\Users\Mathias\.VirtualBox
2013-07-21 19:10 - 2013-06-22 10:43 - 00000000 ____D C:\BTGUARD
2013-07-21 19:08 - 2013-06-01 23:31 - 00057102 _____ C:\Windows\PFRO.log
2013-07-21 19:00 - 2013-06-12 08:32 - 00000000 ____D C:\Users\Mathias\AppData\Roaming\.purple
2013-07-21 17:47 - 2013-07-21 17:47 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-07-21 17:47 - 2013-07-21 17:47 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-07-21 17:47 - 2013-07-21 17:47 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-07-21 17:47 - 2013-07-21 17:47 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-07-21 17:47 - 2013-07-21 17:47 - 00001922 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-07-21 17:47 - 2013-07-21 17:47 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-07-21 17:47 - 2013-07-21 17:47 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-07-21 17:47 - 2013-07-21 17:47 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-07-21 17:47 - 2013-07-21 17:47 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-21 17:47 - 2013-07-21 17:47 - 00000000 ____D C:\Program Files\AVAST Software
2013-07-21 17:47 - 2013-07-21 17:47 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-07-21 17:46 - 2013-07-21 17:46 - 00000002 _____ C:\AvastSetup.log
2013-07-21 13:19 - 2013-06-02 15:59 - 00000000 ____D C:\Users\Mathias\AppData\Roaming\KeePass
2013-07-21 13:11 - 2013-07-21 13:10 - 00000000 ____D C:\Users\Mathias\AppData\Roaming\Origin
2013-07-21 13:11 - 2013-07-21 13:09 - 00000000 ____D C:\ProgramData\Origin
2013-07-21 13:10 - 2013-07-21 13:10 - 00000000 ____D C:\Users\Mathias\AppData\Local\Origin
2013-07-21 13:10 - 2013-07-21 13:10 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-07-21 13:10 - 2013-07-21 13:09 - 00000000 ____D C:\Program Files (x86)\Origin
2013-07-21 13:09 - 2013-07-21 13:09 - 00000979 _____ C:\Users\Public\Desktop\Origin.lnk
2013-07-21 13:09 - 2013-07-21 13:09 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-07-21 10:13 - 2013-06-01 23:34 - 01837847 _____ C:\Windows\WindowsUpdate.log
2013-07-20 20:11 - 2013-07-20 20:11 - 00000000 ____D C:\Users\Mathias\AppData\Local\Introversion
2013-07-20 08:39 - 2013-07-20 08:38 - 00000000 ____D C:\Windows\system32\MRT
2013-07-19 14:23 - 2013-06-12 13:44 - 00000000 ____D C:\Users\Mathias\Documents\Visual Studio 2012
2013-07-19 14:18 - 2013-07-19 14:18 - 00002133 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2013-07-19 14:18 - 2013-06-01 23:37 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-19 14:18 - 2012-07-26 09:21 - 00021484 _____ C:\Windows\setupact.log
2013-07-18 08:22 - 2013-06-02 00:03 - 00001702 _____ C:\Users\Mathias\Desktop\MPC-HC x64.lnk
2013-07-18 08:22 - 2013-06-02 00:03 - 00000000 ____D C:\Program Files\MPC-HC
2013-07-16 23:05 - 2013-06-30 18:44 - 00000000 ____D C:\Users\Mathias\AppData\Roaming\TS3Client
2013-07-16 21:25 - 2013-06-07 19:53 - 00073135 _____ C:\Windows\DirectX.log
2013-07-15 21:53 - 2013-07-15 21:53 - 00001347 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2013-07-15 19:32 - 2013-07-15 19:32 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-15 19:32 - 2013-07-15 19:32 - 00000000 ____D C:\Users\Mathias\AppData\Roaming\Malwarebytes
2013-07-15 19:32 - 2013-07-15 19:32 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-15 19:32 - 2013-07-15 19:32 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-15 18:52 - 2012-07-26 10:13 - 00000000 ____D C:\Windows\rescache
2013-07-15 17:56 - 2013-07-15 17:56 - 00362784 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-14 03:23 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-07-14 03:17 - 2013-07-19 14:17 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-07-14 03:17 - 2013-07-19 14:17 - 22100256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-07-14 03:17 - 2013-07-19 14:17 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-07-14 03:17 - 2013-07-19 14:17 - 15631064 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-07-14 03:17 - 2013-07-19 14:17 - 11244320 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-07-14 03:17 - 2013-07-19 14:17 - 09248072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-07-14 03:17 - 2013-07-19 14:17 - 07694808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-07-14 03:17 - 2013-07-19 14:17 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-07-14 03:17 - 2013-07-19 14:17 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-07-14 03:17 - 2013-07-19 14:17 - 02968352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-07-14 03:17 - 2013-07-19 14:17 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-07-14 03:17 - 2013-07-19 14:17 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-07-14 03:17 - 2013-07-19 14:17 - 02007328 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-07-14 03:17 - 2013-07-19 14:17 - 01882912 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432619.dll
2013-07-14 03:17 - 2013-07-19 14:17 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432619.dll
2013-07-14 03:17 - 2013-07-19 14:17 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-07-14 03:17 - 2013-07-19 14:17 - 00632096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-07-14 03:17 - 2013-07-19 14:17 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-07-14 03:17 - 2013-07-19 14:17 - 00517408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-07-14 03:17 - 2013-07-19 14:17 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-07-14 03:17 - 2013-07-19 14:17 - 00458528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2013-07-14 03:17 - 2013-07-19 14:17 - 00388384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-07-14 03:17 - 2013-07-19 14:17 - 00387536 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-07-14 03:17 - 2013-07-19 14:17 - 00326224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-07-14 03:17 - 2013-07-19 14:17 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-07-14 03:17 - 2013-07-19 14:17 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-07-14 03:17 - 2013-06-25 21:48 - 29335328 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-07-14 03:17 - 2013-06-01 23:37 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-07-14 03:17 - 2013-06-01 23:37 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-07-14 03:17 - 2013-02-26 00:32 - 15890648 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-07-14 03:17 - 2013-02-26 00:32 - 13621504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-07-14 03:17 - 2013-02-26 00:32 - 12880928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-07-14 03:17 - 2013-02-26 00:32 - 02985648 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-07-14 03:17 - 2013-02-26 00:32 - 02630304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-07-14 03:17 - 2013-02-26 00:32 - 01412832 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-07-14 03:17 - 2013-02-26 00:32 - 00022581 _____ C:\Windows\system32\nvinfo.pb
2013-07-13 21:49 - 2013-06-01 23:37 - 06598432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-07-13 21:49 - 2013-06-01 23:37 - 03447072 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-07-13 21:48 - 2013-06-01 23:37 - 03274475 _____ C:\Windows\system32\nvcoproc.bin
2013-07-13 21:48 - 2013-06-01 23:37 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-07-13 21:48 - 2013-06-01 23:37 - 00911136 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-07-13 21:48 - 2013-06-01 23:37 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-07-13 21:48 - 2013-06-01 23:37 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-07-13 15:24 - 2013-07-13 15:24 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-07-13 08:54 - 2013-06-01 23:44 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-13 08:54 - 2013-06-01 23:44 - 00003866 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-12 23:32 - 2013-07-12 22:28 - 00000000 ____D C:\Users\Mathias\AppData\Local\Darksiders
2013-07-12 22:28 - 2013-07-12 22:28 - 00002105 _____ C:\Users\Public\Desktop\Darksiders Comic.lnk
2013-07-12 22:28 - 2013-07-12 22:28 - 00001957 _____ C:\Users\Public\Desktop\Darksiders SoundTrack.lnk
2013-07-12 22:28 - 2013-07-12 22:28 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-07-12 22:28 - 2013-07-12 22:28 - 00000000 ____D C:\Program Files (x86)\THQ
2013-07-12 22:28 - 2013-06-07 20:35 - 00000000 ____D C:\Users\Mathias\Documents\My Games
2013-07-12 09:56 - 2013-07-12 09:56 - 00000000 ____D C:\Users\Mathias\Documents\Apowersoft Screen Recorder Pro
2013-07-12 09:53 - 2013-07-12 09:26 - 00000000 ____D C:\Users\Mathias\AppData\Roaming\GitHub
2013-07-12 09:53 - 2013-07-12 09:26 - 00000000 ____D C:\Users\Mathias\AppData\Local\GitHub
2013-07-12 09:51 - 2013-07-12 09:46 - 00004520 _____ C:\Users\Mathias\AppData\Roaming\CamStudio.cfg
2013-07-12 09:51 - 2013-07-12 09:46 - 00000408 _____ C:\Users\Mathias\AppData\Roaming\CamShapes.ini
2013-07-12 09:51 - 2013-07-12 09:46 - 00000408 _____ C:\Users\Mathias\AppData\Roaming\CamLayout.ini
2013-07-12 09:51 - 2013-07-12 09:46 - 00000098 _____ C:\Users\Mathias\AppData\Roaming\Camdata.ini
2013-07-12 09:44 - 2013-07-12 09:44 - 00000000 ____D C:\Program Files (x86)\CamStudio 2.7
2013-07-12 09:27 - 2013-07-12 09:26 - 00000000 ____D C:\Users\Mathias\Documents\GitHub
2013-07-12 09:26 - 2013-07-12 09:26 - 00002184 _____ C:\Users\Mathias\Desktop\Git Shell.lnk
2013-07-12 09:26 - 2013-07-12 09:26 - 00000308 _____ C:\Users\Mathias\Desktop\GitHub.appref-ms
2013-07-12 09:26 - 2013-07-12 09:26 - 00000000 ____D C:\Users\Mathias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2013-07-12 09:26 - 2013-07-12 09:26 - 00000000 ____D C:\Users\Mathias\.ssh
2013-07-12 09:26 - 2013-06-22 09:52 - 00000000 ____D C:\Users\Mathias\AppData\Local\Deployment
2013-07-12 09:26 - 2013-06-01 23:34 - 00000000 ____D C:\Users\Mathias
2013-07-12 09:03 - 2013-07-12 09:03 - 01882872 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-07-12 09:02 - 2013-07-12 09:02 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2013-07-12 09:02 - 2013-06-12 13:41 - 00000000 ____D C:\Program Files\MSBuild
2013-07-12 08:51 - 2013-07-12 08:51 - 00000209 _____ C:\Users\Mathias\Desktop\Scribblenauts Unlimited.url
2013-07-12 07:29 - 2013-06-13 18:51 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-12 07:29 - 2013-06-13 18:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-11 22:17 - 2012-07-26 12:26 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-11 19:31 - 2013-06-21 21:28 - 00000000 ____D C:\Users\Mathias\Documents\Arduino
2013-07-11 07:42 - 2013-07-11 07:42 - 00000000 ___RD C:\Users\Mathias\AppData\Roaming\Brother
2013-07-11 07:42 - 2013-06-08 10:27 - 00000453 _____ C:\Windows\BRWMARK.INI
2013-07-10 19:22 - 2013-06-01 23:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-10 19:18 - 2012-07-26 07:26 - 00000167 _____ C:\Windows\win.ini
2013-07-10 19:15 - 2013-07-10 19:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-06 12:54 - 2013-07-01 18:28 - 00002210 ____H C:\Users\Mathias\Documents\Default.rdp
2013-07-04 17:20 - 2013-07-04 17:20 - 00000000 ____D C:\Users\Mathias\AppData\Roaming\TightVNC
2013-07-04 17:20 - 2013-07-04 17:20 - 00000000 ____D C:\Program Files\TightVNC
2013-07-03 20:21 - 2013-07-03 20:21 - 00000000 ____D C:\Program Files\RealVNC
2013-07-02 19:03 - 2013-06-18 15:09 - 00002283 _____ C:\Users\Mathias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2013-07-01 22:08 - 2013-06-12 13:35 - 00000000 ____D C:\ProgramData\Package Cache
2013-07-01 21:35 - 2013-07-01 21:35 - 00000600 _____ C:\Users\Mathias\AppData\Local\PUTTY.RND
2013-07-01 18:31 - 2013-07-01 18:31 - 00002210 _____ C:\Users\Mathias\Desktop\vServerWindows.rdp
2013-06-30 18:44 - 2013-06-30 18:44 - 00001162 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2013-06-30 18:44 - 2013-06-30 18:44 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-06-30 17:03 - 2013-06-15 11:11 - 00000000 ____D C:\Users\Mathias\.gimp-2.8
2013-06-30 17:01 - 2013-06-30 17:01 - 00006703 _____ C:\Users\Mathias\AppData\Local\recently-used.xbel
2013-06-30 13:01 - 2013-06-30 13:01 - 00001041 _____ C:\Users\Mathias\Desktop\Dropbox.lnk
2013-06-30 13:00 - 2013-06-30 13:00 - 00000000 ____D C:\Users\Mathias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-06-30 13:00 - 2013-06-01 23:34 - 00000000 ___RD C:\Users\Mathias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-06-28 00:04 - 2012-07-26 10:15 - 00693112 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-28 00:04 - 2012-07-26 10:15 - 00078200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-26 19:39 - 2013-06-12 13:35 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2013-06-26 19:37 - 2013-06-12 13:42 - 00000000 ____D C:\ProgramData\Windows App Certification Kit
2013-06-25 21:49 - 2013-06-25 21:49 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-06-25 18:39 - 2013-06-25 18:39 - 00000000 ____D C:\Users\Mathias\Documents\Benutzerdefinierte Office-Vorlagen
2013-06-24 00:57 - 2013-06-03 17:54 - 78277128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-06-22 18:56 - 2013-06-22 17:37 - 00000000 ____D C:\Users\Mathias\AppData\Local\Adobe
2013-06-22 18:55 - 2013-06-22 18:55 - 00295152 _____ C:\Windows\Minidump\062213-20872-01.dmp
2013-06-22 18:55 - 2013-06-22 16:38 - 583637848 _____ C:\Windows\MEMORY.DMP
2013-06-22 18:55 - 2013-06-22 16:38 - 00000000 ____D C:\Windows\Minidump
2013-06-22 18:53 - 2013-06-22 18:53 - 00295208 _____ C:\Windows\Minidump\062213-20935-01.dmp
2013-06-22 17:42 - 2013-06-22 17:42 - 00000000 ____D C:\Users\Mathias\.thumbnails
2013-06-22 17:39 - 2013-06-22 17:37 - 00000000 ____D C:\ProgramData\Adobe
2013-06-22 16:38 - 2013-06-22 16:38 - 00295248 _____ C:\Windows\Minidump\062213-26239-01.dmp
2013-06-22 16:38 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2013-06-22 10:44 - 2013-06-22 10:44 - 00000000 ____D C:\Users\Mathias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BTGuard
2013-06-22 09:52 - 2013-06-22 09:52 - 00000000 ____D C:\Users\Mathias\AppData\Local\Apps\2.0
2013-06-21 21:36 - 2013-06-21 21:36 - 00000000 ____D C:\ProgramData\Battle.net
2013-06-21 21:28 - 2013-06-21 21:28 - 00004360 _____ C:\Windows\DPINST.LOG
2013-06-21 21:28 - 2013-06-21 21:28 - 00000991 _____ C:\Users\Public\Desktop\Arduino.lnk
2013-06-21 21:28 - 2013-06-21 21:28 - 00000000 ____D C:\Users\Mathias\AppData\Roaming\Arduino
2013-06-21 21:28 - 2013-06-21 21:27 - 00000000 ____D C:\Program Files (x86)\Arduino
2013-06-21 14:27 - 2013-06-21 14:27 - 00001610 _____ C:\Users\Public\Desktop\Path of Exile.lnk
2013-06-21 14:06 - 2013-06-25 21:48 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-06-21 14:06 - 2013-06-25 21:48 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2013-07-17 07:27] - [2013-06-01 13:34] - 2391280 ____A (Microsoft Corporation) 0E8E6463F81C80AFBED533E0F1F8895D

C:\Windows\SysWOW64\explorer.exe
[2013-07-17 07:27] - [2013-06-01 12:24] - 2106176 ____A (Microsoft Corporation) EAFE46B0292D2BD2467835E2ACF717CC

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2013-07-17 07:27] - [2013-06-01 13:26] - 0327936 ____A (Microsoft Corporation) 78A5BBA3819FFFC62FFEC3E2220D102D



LastRegBack: 2013-07-21 09:40

==================== End Of Log ============================
         
--- --- ---

Geändert von Feroc (21.07.2013 um 19:16 Uhr)

Alt 21.07.2013, 19:54   #2
schrauber
/// the machine
/// TB-Ausbilder
 

LyricsWoofer selbst entfernt, noch Reste vorhanden? - Standard

LyricsWoofer selbst entfernt, noch Reste vorhanden?



hi,

sieht gut aus. hast Du noch Probleme?
__________________

__________________

Alt 21.07.2013, 19:59   #3
Feroc
 
LyricsWoofer selbst entfernt, noch Reste vorhanden? - Standard

LyricsWoofer selbst entfernt, noch Reste vorhanden?



Zitat:
Zitat von schrauber Beitrag anzeigen
hi,

sieht gut aus. hast Du noch Probleme?
Aktuell nicht.

Heute Mittag wurde ein alter Mail-Account von mir gekapert und hat einen netten Link an mein Adressbuch verschickt:

ACHTUNG - SPAM LINK:
entfernt

Deshalb wollte ich noch einmal sicher gehen. Ich weiß nicht einmal, ob LyricsWoofer überhaupt dazu im Stande ist ein System auch auszuspionieren oder ob ich einfach nur Pech hatte mit dem Mailaccount (ziemlich alt, Kennwort so gut wie nie geändert, aber halt zum Synchronisieren mit Chrome genutzt).
__________________

Geändert von schrauber (21.07.2013 um 21:24 Uhr)

Alt 21.07.2013, 21:24   #4
schrauber
/// the machine
/// TB-Ausbilder
 

LyricsWoofer selbst entfernt, noch Reste vorhanden? - Standard

LyricsWoofer selbst entfernt, noch Reste vorhanden?



Ich hab den Link mal entfernt

Emails sind nie sicher, hat damit nix zu tun
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu LyricsWoofer selbst entfernt, noch Reste vorhanden?
78.42.43.62, adblock, appdatalow, benutzer, betriebssystem, browser, code, datei, dateien, dienste, entfernt, erwischt, explorer, farbar, farbar recovery scan tool, frst.txt, gelöscht, google, internet, internet browser, internet explorer, komplett, launch, lyricswoofer, löschen, minidump, modus, nicht mehr, ordner, registrierungsdatenbank, scan, software, unbekanntes, visual studio, web, werbung, windows, windows 8 pro, windowsapps, wörter



Ähnliche Themen: LyricsWoofer selbst entfernt, noch Reste vorhanden?


  1. Nationzoom eingefangen und entfernt, nach ESET noch infizierte Dateien vorhanden
    Log-Analyse und Auswertung - 18.12.2013 (3)
  2. GVU Trojaner entfernt - noch Reste vorhanden?
    Plagegeister aller Art und deren Bekämpfung - 20.01.2013 (21)
  3. System progressive protection - noch Reste vorhanden?
    Log-Analyse und Auswertung - 08.01.2013 (2)
  4. Chatzum Virus vom PC entfernt - Restbestände noch vorhanden?
    Plagegeister aller Art und deren Bekämpfung - 27.10.2012 (8)
  5. Bundestrojaner evtl . noch vorhanden, ComboFix + Malwarebytes ausgeführt, Logfiles vorhanden
    Log-Analyse und Auswertung - 27.07.2012 (5)
  6. Polizei Virus Österreich - sind noch Reste auf meinem PC?
    Log-Analyse und Auswertung - 09.07.2012 (6)
  7. Abnow versucht zu entfernen - Reste vorhanden?
    Log-Analyse und Auswertung - 10.04.2012 (31)
  8. BKA Trojaner 3.04 Systemwiederherstellung aktiviert noch Reste vom Trojaner vorhanden ?
    Log-Analyse und Auswertung - 09.04.2012 (22)
  9. Abnow entfernt. Reste vorhanden?
    Log-Analyse und Auswertung - 30.03.2012 (7)
  10. noch Reste von Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 21.03.2012 (1)
  11. Systemfix und Win 7 internet Security - hoffentlich bald alle reste entfernt?
    Log-Analyse und Auswertung - 08.12.2011 (7)
  12. Data Recovery entfernt. In Startmenü, auf Desktop und Rundll sind noch vorhanden.
    Log-Analyse und Auswertung - 24.09.2011 (6)
  13. Malware protection entfernt - noch Reste auf Rechner?
    Log-Analyse und Auswertung - 25.07.2011 (15)
  14. Noch thinkpoint Reste nach Systemwiederherstellung
    Alles rund um Windows - 09.04.2011 (3)
  15. WinSpywareProtect entfernt - andere Malware noch vorhanden
    Log-Analyse und Auswertung - 21.05.2008 (11)
  16. Zlob: Noch reste auf dem Comp oder bin ich ihn los??
    Plagegeister aller Art und deren Bekämpfung - 24.07.2007 (11)
  17. smid.fraud.c entfernt, aber Reste noch da
    Log-Analyse und Auswertung - 16.07.2005 (3)

Zum Thema LyricsWoofer selbst entfernt, noch Reste vorhanden? - Hallo, irgendwie hatte ich mir LyricsWoofer eingefangen, aufgefallen ist es mir, da ich in Google Chrome ein unbekanntes Plugin hatte, dass mir einzelne Wörter unterstrich und diese dann zu Werbung - LyricsWoofer selbst entfernt, noch Reste vorhanden?...
Archiv
Du betrachtest: LyricsWoofer selbst entfernt, noch Reste vorhanden? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.