| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Virus:Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013.comWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
29.08.2013, 23:21
| #1 |
 |  Virus:Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013.com Hallo, ich habe vor ein paar Tagen dummerweise den Anhang (Name:Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013.com)einer Spam-Mail geöffnet. Als mir kurz darauf klar wurde, dass es sich dabei um einen Virus handeln könnte, obwohl Avira Anti Virus nicht reagiert hat. Ich habe mir dann kurz AVG heruntergeladen der die fragliche Datei auch sofort entfernt hat. Da ich mir danach noch nicht Sicher war ob der Virus verschwunden ist habe ich den PC mit der Systemwiederherstellung von Windows 8 auf den Stand des vorherigen Tages zurückgesetzt. Ein Freund hat mir jedoch empfohlen jetzt noch einmal Malwarebytes zu installieren,welches 20 Schädliche Programme gefunden hat. Ich wollte nun fragen ob es nötig ist den Pc neu aufzusetzen oder ob es eine andere Möglichkeit zur Behebung des Problems gibt. Hier ist das Log von Malwarebytes: Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.08.29.08 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16660 Philipp13 :: PHILIPP [Administrator] Schutz: Aktiviert 29.08.2013 23:37:11 MBAM-log-2013-08-29 (23-40-04).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 247638 Laufzeit: 2 Minute(n), 15 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 4 HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr) -> Keine Aktion durchgeführt. HKCU\Software\DataMngr (PUP.Optional.DataMngr) -> Keine Aktion durchgeführt. HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt. Infizierte Registrierungswerte: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|OMESupervisor (PUP.Optional.OfferMosquito.A) -> Daten: C:\Users\phili_000\AppData\Local\omesuperv.exe -> Keine Aktion durchgeführt. Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 5 C:\Users\phili_000\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt. C:\Users\phili_000\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt. C:\Users\phili_000\AppData\Roaming\OpenCandy\1629681C4DF544C18442DBB2C8C32040 (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt. C:\Users\phili_000\AppData\Roaming\OpenCandy\47CA984F91AD461A8C77E50FD2304D79 (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt. C:\Users\phili_000\AppData\Roaming\OpenCandy\AF9326A1C2144E8C84CFFA63B8D8DF51 (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt. Infizierte Dateien: 10 C:\Users\phili_000\AppData\Local\omesuperv.exe (PUP.Optional.OfferMosquito.A) -> Keine Aktion durchgeführt. C:\Users\phili_000\AppData\Roaming\OpenCandy\1629681C4DF544C18442DBB2C8C32040\DeltaTB.exe (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. C:\$Recycle.Bin\S-1-5-21-306031665-1921043881-1312870909-1001\$RV21ZP2.exe (PUP.Optional.Softonic) -> Keine Aktion durchgeführt. C:\$Recycle.Bin\S-1-5-21-306031665-1921043881-1312870909-1001\$RZ0D7ET.exe (PUP.Optional.Softonic) -> Keine Aktion durchgeführt. C:\Users\phili_000\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt. C:\Users\phili_000\AppData\Roaming\OpenCandy\1629681C4DF544C18442DBB2C8C32040\5471.ico (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt. C:\Users\phili_000\AppData\Roaming\OpenCandy\1629681C4DF544C18442DBB2C8C32040\EBB77268-338F-4C6A-8590-AD88FED26F4A (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt. C:\Users\phili_000\AppData\Roaming\OpenCandy\1629681C4DF544C18442DBB2C8C32040\OCBrowserHelper_1.0.6.125.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt. C:\Users\phili_000\AppData\Roaming\OpenCandy\47CA984F91AD461A8C77E50FD2304D79\speedupmypcDE.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt. C:\Users\phili_000\AppData\Roaming\OpenCandy\AF9326A1C2144E8C84CFFA63B8D8DF51\TuneUpUtilities2013-2200218_de-DE.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt. (Ende) |
|
29.08.2013, 23:39
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Virus:Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013.com Hallo und
__________________ Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
30.08.2013, 10:41
| #3 |
| | Virus:Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013.com Erst einmal Danke für die schnelle Hilfe. Hier ist FRST.txt:
__________________FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-08-2013 Ran by Philipp13 (administrator) on 30-08-2013 03:12:06 Running from C:\Users\phili_000\Downloads Windows 8 Pro (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicShellService.exe (APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe (Microsoft Corporation) C:\WINDOWS\system32\dashost.exe () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe (Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () C:\WINDOWS\SysWOW64\PnkBstrA.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (Electronic Arts) F:\Games\Origin\Origin.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Spotify Ltd) C:\Users\phili_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) C:\Users\phili_000\AppData\Roaming\Spotify\spotify.exe (Dropbox, Inc.) C:\Users\phili_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe (Apple Inc.) E:\Apple\iTunes\iTunesHelper.exe (Deutsche Telekom AG) C:\Users\phili_000\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe (APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_30.2.313.0_neutral__v10z8vjag6ke6\HP.Workflow.FleetApp.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Microsoft Corporation) C:\WINDOWS\WinStore\WSHost.exe (HP) C:\Program Files\WindowsApps\AD2F1837.HPScanandCapture_30.0.207.0_neutral__v10z8vjag6ke6\HPScanandCapture.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Microsoft Corporation) C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe (Microsoft Corporation) C:\WINDOWS\system32\wwahost.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.2.9200.20623_x64__8wekyb3d8bbwe\glcnd.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7468784 2013-02-28] (Logitech Inc.) HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation) HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-27] (NVIDIA Corporation) HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation) HKCU\...\Run: [EADM] - F:\Games\Origin\Origin.exe [3549528 2013-08-27] (Electronic Arts) HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1811880 2013-08-28] (Valve Corporation) HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20097696 2013-06-27] (Google) HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20684656 2013-07-25] (Skype Technologies S.A.) HKCU\...\Run: [DAEMON Tools Lite] - F:\Programme\DeamonTools\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd) HKCU\...\Run: [Spotify Web Helper] - C:\Users\phili_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-07-08] (Spotify Ltd) HKCU\...\Run: [SSync] - C:\Users\phili_000\AppData\Roaming\SSync\SSync.exe [36864 2013-04-10] () HKCU\...\Run: [DataMgr] - C:\Users\phili_000\AppData\Roaming\DataMgr\DataMgr.exe [168848 2013-06-26] (HTTO Group, Ltd.) HKCU\...\Run: [Spotify] - C:\Users\phili_000\AppData\Roaming\Spotify\spotify.exe [4640768 2013-07-08] (Spotify Ltd) HKCU\...\Run: [SCheck] - C:\Users\phili_000\AppData\Roaming\SCheck\SCheck.exe [36864 2013-04-10] () HKCU\...\Run: [Snoozer] - C:\Users\phili_000\AppData\Roaming\Snz\Snz.exe [1137764 2013-08-28] () HKCU\...\Run: [Intermediate] - C:\Users\phili_000\AppData\Roaming\Intermediate\Intermediate.exe [36864 2013-04-10] () HKCU\...\Run: [OMESupervisor] - C:\Users\phili_000\AppData\Local\omesuperv.exe [2218359 2013-08-28] () MountPoints2: {04ae5736-b259-11e2-be6b-f46d04af758d} - "I:\autorun.exe" MountPoints2: {3427fed2-e1b5-11e2-be85-f46d04af758d} - "H:\HTC_Sync_Manager_PC.exe" HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-06-26] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] - C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [x] HKLM-x32\...\Run: [QuickTime Task] - F:\Programme\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM-x32\...\Run: [RoccatKone+] - C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE [552960 2011-07-12] (ROCCAT GmbH) HKLM-x32\...\Run: [iTunesHelper] - E:\Apple\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1601488 2013-08-06] (APN) AppInit_DLLs: C:\PROGRA~1\NVIDIA~1\NVSTRE~1\rxinput.dll [653600 2013-07-27] (NVIDIA Corporation) AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll [593696 2013-07-27] (NVIDIA Corporation) Startup: C:\Users\phili_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\phili_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\phili_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediencenter.lnk ShortcutTarget: Mediencenter.lnk -> C:\Users\phili_000\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe (Deutsche Telekom AG) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/ URLSearchHook: (No Name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - No File SearchScopes: HKCU - {1330D0AC-9EE7-40A8-BB6A-B4B417AF7D52} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1561552&CUI=UN33696749472106621&UM=1 SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft) BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.) BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) BHO-x32: PiccShare BHO - {553318DA-D010-469E-84B1-496563CAE1C0} - C:\Users\phili_000\AppData\Local\ext_piccshare\ext_piccshare.dll (HTTO Group, Ltd) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\prxtbHots.dll (Conduit Ltd.) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft) BHO-x32: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\29.0.1547.57\npchrome_frame.dll (Google Inc.) BHO-x32: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) Toolbar: HKLM-x32 - Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\prxtbHots.dll (Conduit Ltd.) Toolbar: HKCU - No Name - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - No File Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - No File Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\29.0.1547.57\npchrome_frame.dll (Google Inc.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) Winsock: Catalog5 08 %SystemRoot%\SysWOW64\wlidNSP.dll File Not found () Winsock: Catalog5 09 %SystemRoot%\SysWOW64\wlidNSP.dll File Not found () Winsock: Catalog5-x64 08 C:\WINDOWS\system32\wlidnsp.dll [71168] (Microsoft Corporation) Winsock: Catalog5-x64 09 C:\WINDOWS\system32\wlidnsp.dll [71168] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Chrome: ======= CHR HomePage: hxxp://google.de/ CHR RestoreOnStartup: "hxxp://google.de/" CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.22\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.22\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.22\pdf.dll () CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Extension: (Google Docs) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Google Drive) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Adblock Plus) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0 CHR Extension: (Google Search) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (Tampermonkey) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\3.4.3568.10_0 CHR Extension: (PiccShare) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\docfnddcclkgokdfpnmngpiliiachclb\2.0_0 CHR Extension: (OfferMosquito) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk\0.6.1_0 CHR Extension: (Vince) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgpdhkfmndlnlmmhcalabijjpogicdpa\3_0 CHR Extension: (Speed Test) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlhbmnfdcklajeaeikfinieljfegamko\2.2_0 CHR Extension: (Isoball 3) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj\1.4.0_0 CHR Extension: (SmartVideo For YouTube\u2122) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnkdbjbjpnpjeciipoaflmpcddinpjjp\0.9927_0 CHR Extension: (DSL speedtest) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mibbfkdeofpfmkclkgjfnjppdblhpddj\1.1_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0 CHR Extension: (Auto-Reload) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofojbjgaaddibdfpmmjeonahgbacejid\8.0.5_0 CHR Extension: (Bitdefender QuickScan) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.131_0 CHR Extension: (Gmail) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 CHR HKLM-x32\...\Chrome\Extension: [aaaajpkhjdkhhnkmgfjodbkfpbmibkkk] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7\CRX\ToolbarCR.crx ==================== Services (Whitelisted) ================= S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-26] (Avira Operations GmbH & Co. KG) S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-26] (Avira Operations GmbH & Co. KG) R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [164816 2013-08-06] (APN LLC.) R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2013-04-12] (IvoSoft) R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [853800 2013-07-25] (AnchorFree Inc.) S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2013-07-24] () R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [548136 2013-07-25] () R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-01-29] (Nero AG) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14984480 2013-07-27] (NVIDIA Corporation) R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-08-06] () S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [754584 2013-06-24] (Tunngle.net GmbH) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-05-01] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130016 2013-05-01] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-05-01] (Avira Operations GmbH & Co. KG) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-05-01] (DT Soft Ltd) R1 HssDRV6; C:\Windows\system32\DRIVERS\hssdrv6.sys [46792 2013-07-24] (AnchorFree Inc.) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39712 2013-05-14] (NVIDIA Corporation) S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [203544 2013-02-06] (DEVGURU Co., LTD.(www.devguru.co.kr)) R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net) R3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.) S3 WsAudio_Device(1); C:\Windows\system32\drivers\VirtualAudio1.sys [31080 2013-01-25] (Wondershare) S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation) S3 DIRECTIO; \??\C:\Program Files\PerformanceTest\DirectIo64.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-08-30 03:11 - 2013-08-30 03:11 - 01579080 _____ (Farbar) C:\Users\phili_000\Downloads\FRST64.exe 2013-08-29 22:40 - 2013-08-29 22:40 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\phili_000\Downloads\mbam-setup-1.75.0.1300.exe 2013-08-29 22:40 - 2013-08-29 22:40 - 00001112 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-08-29 22:40 - 2013-08-29 22:40 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Malwarebytes 2013-08-29 22:40 - 2013-08-29 22:40 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-08-29 22:40 - 2013-08-29 22:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-08-29 22:40 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2013-08-29 15:52 - 2013-08-29 15:52 - 00000000 ___HD C:\Users\phili_000\Desktop\.picasaoriginals 2013-08-29 15:49 - 2013-08-29 15:49 - 14965064 _____ (Google Inc.) C:\Users\phili_000\Downloads\picasa39-setup (1).exe 2013-08-29 15:46 - 2013-08-29 15:47 - 14965064 _____ (Google Inc.) C:\Users\phili_000\Downloads\picasa39-setup.exe 2013-08-29 15:36 - 2013-08-29 15:36 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Snz 2013-08-28 20:46 - 2013-08-28 20:46 - 02218359 _____ C:\Users\phili_000\AppData\Local\omesuperv.exe 2013-08-28 20:32 - 2013-08-28 20:32 - 00000000 ____D C:\Users\phili_000\AppData\Local\Criterion Games 2013-08-28 16:05 - 2013-08-28 16:05 - 00642632 _____ (EFD Software ) C:\Users\phili_000\Downloads\hdtune_255.exe 2013-08-28 16:05 - 2013-08-28 16:05 - 00000000 ____D C:\Program Files (x86)\HD Tune 2013-08-28 15:59 - 2013-08-28 15:59 - 03629944 _____ (Microsoft Corporation) C:\Users\phili_000\Downloads\SyncToySetupPackage_v21_x64.exe 2013-08-27 20:29 - 2013-08-28 20:32 - 00017993 _____ C:\WINDOWS\DirectX.log 2013-08-24 13:15 - 2013-08-30 03:05 - 00636307 _____ C:\WINDOWS\WindowsUpdate.log 2013-08-24 00:26 - 2013-08-24 00:26 - 00000000 ___HD C:\$AVG 2013-08-24 00:26 - 2013-08-24 00:26 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\AVG2013 2013-08-24 00:26 - 2013-08-24 00:26 - 00000000 ____D C:\ProgramData\AVG2013 2013-08-24 00:26 - 2013-08-24 00:26 - 00000000 ____D C:\Program Files (x86)\AVG 2013-08-24 00:24 - 2013-08-24 13:22 - 00000000 ____D C:\ProgramData\MFAData 2013-08-24 00:24 - 2013-08-24 00:27 - 00000000 ____D C:\Users\phili_000\AppData\Local\Avg2013 2013-08-24 00:24 - 2013-08-24 00:24 - 00000000 ____D C:\Users\phili_000\AppData\Local\MFAData 2013-08-24 00:19 - 2013-08-24 00:19 - 00000000 _____ C:\ProgramData\rebootpending.txt 2013-08-24 00:18 - 2013-08-24 00:18 - 00000000 ____D C:\Program Files\Common Files\Bitdefender 2013-08-24 00:17 - 2013-08-24 00:17 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\QuickScan 2013-08-24 00:08 - 2013-08-24 00:28 - 00000000 ____D C:\Users\phili_000\Desktop\Neuer Ordner 2013-08-24 00:08 - 2013-08-24 00:08 - 00143972 _____ C:\Users\phili_000\Downloads\Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013 (2).zip 2013-08-24 00:05 - 2013-08-24 00:05 - 00143972 _____ C:\Users\phili_000\Downloads\Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013 (1).zip 2013-08-24 00:04 - 2013-08-24 00:04 - 00143972 _____ C:\Users\phili_000\Downloads\Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013.zip 2013-08-23 13:24 - 2013-08-23 13:24 - 00001156 _____ C:\Users\phili_000\Desktop\Mediencenter.lnk 2013-08-21 21:27 - 2013-08-21 21:27 - 00001051 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk 2013-08-21 21:27 - 2013-07-24 04:12 - 00046792 _____ (AnchorFree Inc.) C:\WINDOWS\system32\Drivers\hssdrv6.sys 2013-08-16 20:40 - 2013-08-16 20:41 - 189809510 _____ C:\Users\phili_000\Downloads\battlefield3_ost_flac_1376097075.zip 2013-08-15 12:29 - 2013-08-15 12:29 - 00000000 ____D C:\WINDOWS\system32\MRT 2013-08-15 12:08 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2013-08-15 12:08 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2013-08-15 12:08 - 2013-07-26 07:13 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll 2013-08-15 12:08 - 2013-07-26 07:13 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll 2013-08-15 12:08 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2013-08-15 12:08 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2013-08-15 12:08 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2013-08-15 12:08 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2013-08-15 12:08 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2013-08-15 12:08 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2013-08-15 12:08 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2013-08-15 12:08 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll 2013-08-15 12:08 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2013-08-15 12:08 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2013-08-15 12:08 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2013-08-15 12:08 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2013-08-15 12:08 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2013-08-15 12:08 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2013-08-15 12:08 - 2013-07-26 05:13 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll 2013-08-15 12:08 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2013-08-15 12:08 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2013-08-15 12:08 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2013-08-15 12:08 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2013-08-15 12:08 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2013-08-15 12:08 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll 2013-08-15 12:08 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2013-08-15 12:08 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2013-08-15 12:08 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2013-08-15 12:08 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2013-08-15 12:08 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2013-08-15 12:08 - 2013-07-26 02:54 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll 2013-08-15 12:08 - 2013-07-09 08:07 - 02233168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2013-08-15 12:08 - 2013-07-02 02:44 - 00036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys 2013-08-15 12:08 - 2013-07-02 00:08 - 00247216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys 2013-08-15 12:08 - 2013-05-24 01:02 - 01314816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2013-08-15 12:08 - 2013-05-24 00:25 - 00694272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2013-08-15 12:07 - 2013-07-13 08:18 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll 2013-08-15 12:07 - 2013-07-13 08:16 - 01889280 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll 2013-08-15 12:07 - 2013-07-13 08:16 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll 2013-08-15 12:07 - 2013-07-13 08:15 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll 2013-08-15 12:07 - 2013-07-13 08:15 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll 2013-08-15 12:07 - 2013-07-13 06:24 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll 2013-08-15 12:07 - 2013-07-13 06:23 - 01568256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll 2013-08-15 12:07 - 2013-07-13 06:23 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll 2013-08-15 12:07 - 2013-07-13 06:23 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll 2013-08-14 21:48 - 2013-08-24 13:20 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork 2013-08-14 21:48 - 2013-08-14 21:48 - 00000000 ____D C:\ProgramData\AskPartnerNetwork 2013-08-14 21:48 - 2013-08-14 21:48 - 00000000 ____D C:\ProgramData\APN 2013-08-14 21:46 - 2013-08-24 13:20 - 00000000 ____D C:\Program Files (x86)\Java 2013-08-14 21:46 - 2013-08-14 21:46 - 00263592 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe 2013-08-14 21:46 - 2013-08-14 21:46 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe 2013-08-14 21:46 - 2013-08-14 21:46 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe 2013-08-14 21:46 - 2013-08-14 21:46 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2013-08-12 21:41 - 2013-08-12 21:41 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Project Reality 2013-08-12 21:41 - 2013-05-04 22:45 - 00002387 _____ C:\Users\phili_000\Documents\PRMumbleCertificateBackup.p12 2013-08-12 21:26 - 2013-08-12 21:26 - 00000000 ____D C:\Users\phili_000\AppData\Local\Project Reality 2013-08-07 17:30 - 2013-08-24 13:21 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\ftblauncher 2013-08-06 21:05 - 2013-08-12 21:39 - 00000000 ____D C:\Users\phili_000\Documents\ProjectReality 2013-08-06 19:57 - 2013-08-24 13:20 - 00000000 ____D C:\ProgramData\Package Cache 2013-08-05 20:32 - 2013-08-05 20:32 - 00000000 ____D C:\NvidiaLogging 2013-08-05 20:32 - 2013-06-17 00:41 - 00997632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2013-08-05 20:32 - 2013-06-01 13:54 - 00194816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2013-08-05 20:32 - 2013-06-01 13:54 - 00125184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2013-08-05 20:32 - 2013-06-01 13:34 - 02391280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2013-08-05 20:32 - 2013-06-01 13:29 - 00337152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2013-08-05 20:32 - 2013-06-01 13:29 - 00213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS 2013-08-05 20:32 - 2013-06-01 13:26 - 06987008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2013-08-05 20:32 - 2013-06-01 13:26 - 00327936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys 2013-08-05 20:32 - 2013-06-01 12:24 - 02106176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2013-08-05 20:32 - 2013-06-01 11:25 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll 2013-08-05 20:32 - 2013-06-01 11:25 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll 2013-08-05 20:32 - 2013-06-01 11:24 - 01453568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2013-08-05 20:32 - 2013-06-01 11:24 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2013-08-05 20:32 - 2013-06-01 11:24 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll 2013-08-05 20:32 - 2013-06-01 11:23 - 01842176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2013-08-05 20:32 - 2013-06-01 11:23 - 00680960 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe 2013-08-05 20:32 - 2013-06-01 11:22 - 00523264 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll 2013-08-05 20:32 - 2013-06-01 11:22 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2013-08-05 20:32 - 2013-06-01 11:22 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll 2013-08-05 20:32 - 2013-06-01 11:22 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe 2013-08-05 20:32 - 2013-06-01 11:21 - 00729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2013-08-05 20:32 - 2013-06-01 11:21 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll 2013-08-05 20:32 - 2013-06-01 11:20 - 02219520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2013-08-05 20:32 - 2013-06-01 11:20 - 01527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2013-08-05 20:32 - 2013-06-01 11:20 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2013-08-05 20:32 - 2013-06-01 11:20 - 00583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll 2013-08-05 20:32 - 2013-06-01 11:19 - 00785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2013-08-05 20:32 - 2013-06-01 11:19 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll 2013-08-05 20:32 - 2013-06-01 05:08 - 00037632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthAvrcpTg.sys 2013-08-05 20:32 - 2013-05-25 00:09 - 01403296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2013-08-05 20:32 - 2013-05-25 00:09 - 01271584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2013-08-05 20:32 - 2013-05-25 00:09 - 01217352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2013-08-05 20:32 - 2013-05-25 00:09 - 01093904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2013-08-05 20:32 - 2013-05-20 02:08 - 00386642 _____ C:\WINDOWS\system32\ApnDatabase.xml 2013-08-05 20:32 - 2013-05-14 21:28 - 00039712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys 2013-08-05 20:32 - 2013-05-14 21:27 - 00029984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll 2013-08-05 20:32 - 2013-05-14 21:27 - 00028448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2013-08-05 20:31 - 2013-08-24 13:21 - 00000000 ____D C:\Users\phili_000\AppData\Local\NVIDIA 2013-08-05 20:30 - 2013-08-05 20:30 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2013-08-05 20:29 - 2013-06-21 14:06 - 25256224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll 2013-08-05 20:29 - 2013-06-21 14:06 - 21102368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2013-08-05 20:29 - 2013-06-21 14:06 - 17560352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll 2013-08-05 20:29 - 2013-06-21 14:06 - 13411896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll 2013-08-05 20:29 - 2013-06-21 14:06 - 11235104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys 2013-08-05 20:29 - 2013-06-21 14:06 - 09239344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2013-08-05 20:29 - 2013-06-21 14:06 - 07687592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2013-08-05 20:29 - 2013-06-21 14:06 - 07641832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2013-08-05 20:29 - 2013-06-21 14:06 - 06324360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2013-08-05 20:29 - 2013-06-21 14:06 - 02953504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2013-08-05 20:29 - 2013-06-21 14:06 - 02777888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2013-08-05 20:29 - 2013-06-21 14:06 - 02363680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll 2013-08-05 20:29 - 2013-06-21 14:06 - 02002720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll 2013-08-05 20:29 - 2013-06-21 14:06 - 01832224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6432049.dll 2013-08-05 20:29 - 2013-06-21 14:06 - 01511712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6432049.dll 2013-08-05 20:29 - 2013-06-21 14:06 - 00925648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll 2013-08-05 20:29 - 2013-06-21 14:06 - 00572704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2013-08-05 20:29 - 2013-06-21 14:06 - 00570656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2013-08-05 20:29 - 2013-06-21 14:06 - 00467232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2013-08-05 20:29 - 2013-06-21 14:06 - 00465184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2013-08-05 20:29 - 2013-06-21 14:06 - 00266448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll 2013-08-05 20:29 - 2013-06-21 14:06 - 00218592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll 2013-08-05 20:29 - 2013-06-21 14:06 - 00214448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll 2013-08-05 20:29 - 2013-06-21 14:06 - 00181488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll 2013-08-05 20:29 - 2013-02-25 07:27 - 00194848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2013-08-05 20:29 - 2013-02-25 07:27 - 00031520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll 2013-08-05 20:28 - 2013-08-24 13:20 - 00000000 ____D C:\NVIDIA ==================== One Month Modified Files and Folders ======= 2013-08-30 03:11 - 2013-08-30 03:11 - 01579080 _____ (Farbar) C:\Users\phili_000\Downloads\FRST64.exe 2013-08-30 03:11 - 2013-05-01 17:02 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Skype 2013-08-30 03:05 - 2013-08-24 13:15 - 00636307 _____ C:\WINDOWS\WindowsUpdate.log 2013-08-30 03:02 - 2013-05-17 21:04 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2013-08-30 03:00 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\sru 2013-08-30 02:46 - 2013-05-18 21:33 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Spotify 2013-08-30 02:37 - 2013-05-01 00:17 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2013-08-30 00:22 - 2013-05-01 00:19 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-306031665-1921043881-1312870909-1001 2013-08-29 23:40 - 2013-05-04 00:07 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\.minecraft 2013-08-29 22:40 - 2013-08-29 22:40 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\phili_000\Downloads\mbam-setup-1.75.0.1300.exe 2013-08-29 22:40 - 2013-08-29 22:40 - 00001112 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-08-29 22:40 - 2013-08-29 22:40 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Malwarebytes 2013-08-29 22:40 - 2013-08-29 22:40 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-08-29 22:40 - 2013-08-29 22:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-08-29 21:40 - 2013-05-02 20:26 - 00290184 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr 2013-08-29 21:40 - 2013-05-01 14:22 - 00290184 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe 2013-08-29 21:39 - 2013-05-01 14:22 - 00280904 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0 2013-08-29 18:48 - 2013-05-01 00:32 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\TS3Client 2013-08-29 15:52 - 2013-08-29 15:52 - 00000000 ___HD C:\Users\phili_000\Desktop\.picasaoriginals 2013-08-29 15:52 - 2013-05-01 17:03 - 00114688 ___SH C:\Users\phili_000\Desktop\Thumbs.db 2013-08-29 15:52 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent 2013-08-29 15:49 - 2013-08-29 15:49 - 14965064 _____ (Google Inc.) C:\Users\phili_000\Downloads\picasa39-setup (1).exe 2013-08-29 15:49 - 2013-05-01 00:17 - 00000000 ____D C:\Users\phili_000\AppData\Local\Google 2013-08-29 15:49 - 2013-05-01 00:17 - 00000000 ____D C:\Program Files (x86)\Google 2013-08-29 15:47 - 2013-08-29 15:46 - 14965064 _____ (Google Inc.) C:\Users\phili_000\Downloads\picasa39-setup.exe 2013-08-29 15:47 - 2013-05-01 00:08 - 00000000 ____D C:\Users\phili_000\AppData\Local\Packages 2013-08-29 15:36 - 2013-08-29 15:36 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Snz 2013-08-29 15:36 - 2013-07-13 14:18 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Intermediate 2013-08-29 15:36 - 2013-06-03 16:08 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Dropbox 2013-08-29 15:36 - 2013-05-01 15:33 - 00000000 ___RD C:\Users\phili_000\Google Drive 2013-08-29 15:36 - 2013-05-01 00:45 - 00000000 ____D C:\Program Files (x86)\Steam 2013-08-29 15:36 - 2012-07-26 12:27 - 00751892 _____ C:\WINDOWS\system32\perfh007.dat 2013-08-29 15:36 - 2012-07-26 12:27 - 00155620 _____ C:\WINDOWS\system32\perfc007.dat 2013-08-29 15:36 - 2012-07-26 09:28 - 01745416 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2013-08-29 15:35 - 2013-05-01 00:17 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2013-08-28 20:46 - 2013-08-28 20:46 - 02218359 _____ C:\Users\phili_000\AppData\Local\omesuperv.exe 2013-08-28 20:32 - 2013-08-28 20:32 - 00000000 ____D C:\Users\phili_000\AppData\Local\Criterion Games 2013-08-28 20:32 - 2013-08-27 20:29 - 00017993 _____ C:\WINDOWS\DirectX.log 2013-08-28 16:05 - 2013-08-28 16:05 - 00642632 _____ (EFD Software ) C:\Users\phili_000\Downloads\hdtune_255.exe 2013-08-28 16:05 - 2013-08-28 16:05 - 00000000 ____D C:\Program Files (x86)\HD Tune 2013-08-28 15:59 - 2013-08-28 15:59 - 03629944 _____ (Microsoft Corporation) C:\Users\phili_000\Downloads\SyncToySetupPackage_v21_x64.exe 2013-08-28 09:49 - 2013-07-02 18:22 - 00000000 ____D C:\Users\phili_000\AppData\Local\HTC MediaHub 2013-08-28 09:47 - 2013-05-01 00:12 - 00000000 ____D C:\ProgramData\NVIDIA 2013-08-28 09:47 - 2012-07-26 09:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2013-08-28 02:24 - 2013-05-17 22:39 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\uTorrent 2013-08-27 19:19 - 2013-05-18 21:33 - 00000000 ____D C:\Users\phili_000\AppData\Local\Spotify 2013-08-24 23:22 - 2013-05-23 21:23 - 00231424 ___SH C:\Users\phili_000\Downloads\Thumbs.db 2013-08-24 14:25 - 2013-05-01 00:08 - 00000000 ____D C:\Users\phili_000 2013-08-24 13:23 - 2013-06-25 17:55 - 00000000 ____D C:\ProgramData\ROCCAT 2013-08-24 13:23 - 2013-05-01 01:37 - 00000000 ____D C:\ProgramData\Avira 2013-08-24 13:22 - 2013-08-24 00:24 - 00000000 ____D C:\ProgramData\MFAData 2013-08-24 13:22 - 2013-05-22 19:36 - 00000000 ____D C:\Program Files\Bonjour 2013-08-24 13:22 - 2013-05-22 19:36 - 00000000 ____D C:\Program Files (x86)\Bonjour 2013-08-24 13:22 - 2013-05-01 00:16 - 00000000 ____D C:\Program Files\Classic Shell 2013-08-24 13:22 - 2012-07-26 10:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2013-08-24 13:21 - 2013-08-07 17:30 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\ftblauncher 2013-08-24 13:21 - 2013-08-05 20:31 - 00000000 ____D C:\Users\phili_000\AppData\Local\NVIDIA 2013-08-24 13:21 - 2013-07-13 14:18 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Common 2013-08-24 13:21 - 2013-07-12 22:51 - 00000000 ____D C:\Users\phili_000\Documents\EA Games 2013-08-24 13:21 - 2013-07-03 22:17 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Downloaded Installations 2013-08-24 13:21 - 2013-07-02 18:23 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\HTC Sync 2013-08-24 13:21 - 2013-07-02 18:23 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\HTC 2013-08-24 13:21 - 2013-06-18 16:28 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Canneverbe Limited 2013-08-24 13:21 - 2013-06-09 15:28 - 00000000 ____D C:\Users\phili_000\Documents\Fax 2013-08-24 13:21 - 2013-05-23 21:38 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\mozilla 2013-08-24 13:21 - 2013-05-23 21:26 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\4Free 2013-08-24 13:21 - 2013-05-23 18:52 - 00000000 ____D C:\Users\phili_000\AppData\Local\RapidSolution 2013-08-24 13:21 - 2013-05-17 21:03 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\GameRanger 2013-08-24 13:21 - 2013-05-13 20:50 - 00000000 ____D C:\Users\phili_000\AppData\Local\Unity 2013-08-24 13:21 - 2013-05-05 15:15 - 00000000 ____D C:\Users\phili_000\AppData\Local\PassMark 2013-08-24 13:21 - 2013-05-04 18:24 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Hotspot Shield 2013-08-24 13:21 - 2013-05-03 23:02 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2013-08-24 13:21 - 2013-05-03 13:24 - 00000000 ___RD C:\WINDOWS\BrowserChoice 2013-08-24 13:21 - 2013-05-02 20:26 - 00000000 ____D C:\Users\phili_000\AppData\Local\PunkBuster 2013-08-24 13:21 - 2013-05-01 18:13 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2013-08-24 13:21 - 2013-05-01 17:57 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\OpenCandy 2013-08-24 13:21 - 2013-05-01 17:57 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\DAEMON Tools Lite 2013-08-24 13:21 - 2013-05-01 15:31 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Telekom 2013-08-24 13:21 - 2013-05-01 00:51 - 00000000 ____D C:\Users\phili_000\Documents\my games 2013-08-24 13:21 - 2013-05-01 00:10 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Macromedia 2013-08-24 13:21 - 2013-05-01 00:08 - 00000000 ____D C:\Users\phili_000\AppData\Local\VirtualStore 2013-08-24 13:21 - 2012-07-26 12:29 - 00000000 ____D C:\WINDOWS\SKB 2013-08-24 13:21 - 2012-07-26 12:27 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm 2013-08-24 13:21 - 2012-07-26 12:27 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr 2013-08-24 13:21 - 2012-07-26 12:27 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2013-08-24 13:21 - 2012-07-26 12:27 - 00000000 ____D C:\WINDOWS\system32\winrm 2013-08-24 13:21 - 2012-07-26 12:27 - 00000000 ____D C:\WINDOWS\system32\slmgr 2013-08-24 13:21 - 2012-07-26 12:27 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ___RD C:\WINDOWS\DesktopTileResources 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\WinStore 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\Web 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\Vss 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\SysWOW64\WindowsPowerShell 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\SysWOW64\spp 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\SysWOW64\Speech 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\SysWOW64\Licenses 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\SysWOW64\InstallShield 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\SysWOW64\IME 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\SysWOW64\Com 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\WindowsPowerShell 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\spp 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\spool 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\Speech 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\MUI 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\migwiz 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\Macromed 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\Licenses 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\IME 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\Com 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\Speech 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\security 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\schemas 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\Resources 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\rescache 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\registration 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\PLA 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\Performance 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\IME 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\Help 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\Globalization 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\Branding 2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AppCompat 2013-08-24 13:21 - 2012-07-26 09:20 - 00000000 ____D C:\WINDOWS\Setup 2013-08-24 13:21 - 2012-07-26 07:38 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe 2013-08-24 13:21 - 2012-07-26 07:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2013-08-24 13:21 - 2012-07-26 07:38 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2013-08-24 13:21 - 2012-07-26 07:38 - 00000000 ____D C:\WINDOWS\system32\SMI 2013-08-24 13:21 - 2012-07-26 07:38 - 00000000 ____D C:\WINDOWS\system32\oobe 2013-08-24 13:21 - 2012-07-26 07:38 - 00000000 ____D C:\WINDOWS\system32\Dism 2013-08-24 13:21 - 2012-07-26 07:37 - 00000000 ____D C:\WINDOWS\servicing 2013-08-24 13:20 - 2013-08-14 21:48 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork 2013-08-24 13:20 - 2013-08-14 21:46 - 00000000 ____D C:\Program Files (x86)\Java 2013-08-24 13:20 - 2013-08-06 19:57 - 00000000 ____D C:\ProgramData\Package Cache 2013-08-24 13:20 - 2013-08-05 20:28 - 00000000 ____D C:\NVIDIA 2013-08-24 13:20 - 2013-07-13 14:36 - 00000000 ____D C:\Program Files (x86)\Audible 2013-08-24 13:20 - 2013-07-13 14:18 - 00000000 ____D C:\Program Files (x86)\4Free Video Converter 2013-08-24 13:20 - 2013-07-12 23:07 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA 2013-08-24 13:20 - 2013-07-11 23:16 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-08-24 13:20 - 2013-07-11 23:16 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-08-24 13:20 - 2013-07-02 19:04 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-08-24 13:20 - 2013-07-02 19:04 - 00000000 ____D C:\Program Files\iPod 2013-08-24 13:20 - 2013-07-02 18:22 - 00000000 ____D C:\Program Files (x86)\Spirent Communications 2013-08-24 13:20 - 2013-07-02 18:21 - 00000000 ____D C:\Users\phili_000\AppData\Local\Downloaded Installations 2013-08-24 13:20 - 2013-07-02 18:20 - 00000000 ____D C:\ProgramData\HTC 2013-08-24 13:20 - 2013-07-02 18:20 - 00000000 ____D C:\Program Files (x86)\HTC 2013-08-24 13:20 - 2013-06-25 19:24 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2013-08-24 13:20 - 2013-06-25 19:23 - 00000000 ____D C:\Program Files\Windows Live 2013-08-24 13:20 - 2013-06-25 19:23 - 00000000 ____D C:\Program Files (x86)\Windows Live 2013-08-24 13:20 - 2013-06-25 17:54 - 00000000 ____D C:\Program Files (x86)\ROCCAT 2013-08-24 13:20 - 2013-06-25 16:17 - 00000000 ____D C:\Program Files\GIMP 2 2013-08-24 13:20 - 2013-06-18 16:28 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP 2013-08-24 13:20 - 2013-06-15 18:37 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories 2013-08-24 13:20 - 2013-06-09 17:06 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2013-08-24 13:20 - 2013-05-31 19:04 - 00000000 ____D C:\Program Files (x86)\Futuremark 2013-08-24 13:20 - 2013-05-23 21:48 - 00000000 ____D C:\Program Files\VideoLAN 2013-08-24 13:20 - 2013-05-23 21:41 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5 2013-08-24 13:20 - 2013-05-23 18:53 - 00000000 ____D C:\ProgramData\RapidSolution 2013-08-24 13:20 - 2013-05-22 19:36 - 00000000 ____D C:\ProgramData\Apple Computer 2013-08-24 13:20 - 2013-05-22 19:36 - 00000000 ____D C:\ProgramData\Apple 2013-08-24 13:20 - 2013-05-22 19:36 - 00000000 ____D C:\Program Files\Common Files\Apple 2013-08-24 13:20 - 2013-05-22 19:36 - 00000000 ____D C:\Program Files (x86)\Apple Software Update 2013-08-24 13:20 - 2013-05-20 22:22 - 00000000 ____D C:\ProgramData\Battle.net 2013-08-24 13:20 - 2013-05-20 22:08 - 00000000 ____D C:\ProgramData\Blizzard Entertainment 2013-08-24 13:20 - 2013-05-16 20:39 - 00000000 ____D C:\Program Files (x86)\Tunngle 2013-08-24 13:20 - 2013-05-12 01:12 - 00000000 ____D C:\Program Files\Java 2013-08-24 13:20 - 2013-05-09 19:44 - 00000000 ____D C:\Program Files\WinRAR 2013-08-24 13:20 - 2013-05-05 15:15 - 00000000 ____D C:\Program Files\Realtek 2013-08-24 13:20 - 2013-05-05 15:14 - 00000000 ____D C:\Program Files (x86)\Realtek 2013-08-24 13:20 - 2013-05-04 21:33 - 00000000 ____D C:\ProgramData\Desura 2013-08-24 13:20 - 2013-05-04 20:53 - 00000000 ____D C:\Program Files (x86)\PR Mumble 2013-08-24 13:20 - 2013-05-04 18:25 - 00000000 ____D C:\Users\phili_000\AppData\Local\Conduit 2013-08-24 13:20 - 2013-05-04 18:25 - 00000000 ____D C:\Program Files (x86)\Conduit 2013-08-24 13:20 - 2013-05-04 18:24 - 00000000 ____D C:\ProgramData\Hotspot Shield 2013-08-24 13:20 - 2013-05-04 18:24 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield 2013-08-24 13:20 - 2013-05-04 00:30 - 00000000 ____D C:\Program Files\CCleaner 2013-08-24 13:20 - 2013-05-03 23:02 - 00000000 ____D C:\Program Files\Reference Assemblies 2013-08-24 13:20 - 2013-05-03 23:02 - 00000000 ____D C:\Program Files\MSBuild 2013-08-24 13:20 - 2013-05-03 23:02 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2013-08-24 13:20 - 2013-05-03 23:02 - 00000000 ____D C:\Program Files (x86)\MSBuild 2013-08-24 13:20 - 2013-05-02 20:25 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins 2013-08-24 13:20 - 2013-05-01 18:13 - 00000000 ____D C:\Program Files (x86)\Ubisoft 2013-08-24 13:20 - 2013-05-01 18:12 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-08-24 13:20 - 2013-05-01 17:01 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-08-24 13:20 - 2013-05-01 17:01 - 00000000 ____D C:\ProgramData\Skype 2013-08-24 13:20 - 2013-05-01 15:35 - 00000000 ____D C:\Users\phili_000\.swt 2013-08-24 13:20 - 2013-05-01 13:51 - 00000000 ____D C:\ProgramData\LogiShrd 2013-08-24 13:20 - 2013-05-01 13:51 - 00000000 ____D C:\Program Files\Logitech Gaming Software 2013-08-24 13:20 - 2013-05-01 01:37 - 00000000 ____D C:\Program Files (x86)\Avira 2013-08-24 13:20 - 2013-05-01 00:39 - 00000000 ____D C:\ProgramData\Electronic Arts 2013-08-24 13:20 - 2013-05-01 00:32 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client 2013-08-24 13:20 - 2013-05-01 00:12 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2013-08-24 13:20 - 2013-05-01 00:12 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2013-08-24 13:20 - 2013-05-01 00:12 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2013-08-24 13:20 - 2013-01-30 20:51 - 00000000 ___HD C:\ESD 2013-08-24 13:20 - 2012-07-26 12:29 - 00000000 ____D C:\Program Files\Windows Journal 2013-08-24 13:20 - 2012-07-26 10:12 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar 2013-08-24 13:20 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2013-08-24 13:20 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows NT 2013-08-24 13:20 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender 2013-08-24 13:20 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\System 2013-08-24 13:20 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2013-08-24 13:20 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2013-08-24 13:20 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows NT 2013-08-24 13:20 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2013-08-24 13:20 - 2012-07-26 07:37 - 00000000 __RHD C:\Users\Default 2013-08-24 00:28 - 2013-08-24 00:08 - 00000000 ____D C:\Users\phili_000\Desktop\Neuer Ordner 2013-08-24 00:27 - 2013-08-24 00:24 - 00000000 ____D C:\Users\phili_000\AppData\Local\Avg2013 2013-08-24 00:27 - 2012-07-26 07:26 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM 2013-08-24 00:26 - 2013-08-24 00:26 - 00000000 ___HD C:\$AVG 2013-08-24 00:26 - 2013-08-24 00:26 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\AVG2013 2013-08-24 00:26 - 2013-08-24 00:26 - 00000000 ____D C:\ProgramData\AVG2013 2013-08-24 00:26 - 2013-08-24 00:26 - 00000000 ____D C:\Program Files (x86)\AVG 2013-08-24 00:26 - 2013-05-01 17:58 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\TuneUp Software 2013-08-24 00:24 - 2013-08-24 00:24 - 00000000 ____D C:\Users\phili_000\AppData\Local\MFAData 2013-08-24 00:19 - 2013-08-24 00:19 - 00000000 _____ C:\ProgramData\rebootpending.txt 2013-08-24 00:18 - 2013-08-24 00:18 - 00000000 ____D C:\Program Files\Common Files\Bitdefender 2013-08-24 00:17 - 2013-08-24 00:17 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\QuickScan 2013-08-24 00:08 - 2013-08-24 00:08 - 00143972 _____ C:\Users\phili_000\Downloads\Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013 (2).zip 2013-08-24 00:05 - 2013-08-24 00:05 - 00143972 _____ C:\Users\phili_000\Downloads\Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013 (1).zip 2013-08-24 00:04 - 2013-08-24 00:04 - 00143972 _____ C:\Users\phili_000\Downloads\Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013.zip 2013-08-23 13:24 - 2013-08-23 13:24 - 00001156 _____ C:\Users\phili_000\Desktop\Mediencenter.lnk 2013-08-23 13:24 - 2013-05-01 15:31 - 00001142 _____ C:\Users\phili_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mediencenter.lnk 2013-08-21 21:27 - 2013-08-21 21:27 - 00001051 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk 2013-08-20 20:02 - 2013-05-17 21:04 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2013-08-16 20:44 - 2013-05-23 21:48 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\vlc 2013-08-16 20:41 - 2013-08-16 20:40 - 189809510 _____ C:\Users\phili_000\Downloads\battlefield3_ost_flac_1376097075.zip 2013-08-15 12:29 - 2013-08-15 12:29 - 00000000 ____D C:\WINDOWS\system32\MRT 2013-08-15 12:29 - 2013-05-02 14:30 - 78161360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2013-08-14 21:48 - 2013-08-14 21:48 - 00000000 ____D C:\ProgramData\AskPartnerNetwork 2013-08-14 21:48 - 2013-08-14 21:48 - 00000000 ____D C:\ProgramData\APN 2013-08-14 21:46 - 2013-08-14 21:46 - 00263592 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe 2013-08-14 21:46 - 2013-08-14 21:46 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe 2013-08-14 21:46 - 2013-08-14 21:46 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe 2013-08-14 21:46 - 2013-08-14 21:46 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2013-08-14 21:46 - 2013-05-01 22:35 - 00867240 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\npDeployJava1.dll 2013-08-14 21:46 - 2013-05-01 22:35 - 00789416 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\deployJava1.dll 2013-08-12 21:41 - 2013-08-12 21:41 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Project Reality 2013-08-12 21:39 - 2013-08-06 21:05 - 00000000 ____D C:\Users\phili_000\Documents\ProjectReality 2013-08-12 21:26 - 2013-08-12 21:26 - 00000000 ____D C:\Users\phili_000\AppData\Local\Project Reality 2013-08-06 19:58 - 2013-05-01 14:22 - 00076888 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe 2013-08-06 13:35 - 2012-07-26 07:26 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2013-08-05 20:32 - 2013-08-05 20:32 - 00000000 ____D C:\NvidiaLogging 2013-08-05 20:30 - 2013-08-05 20:30 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2013-08-04 18:08 - 2013-05-01 00:40 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Origin 2013-08-04 18:08 - 2013-05-01 00:40 - 00000000 ____D C:\Users\phili_000\AppData\Local\Origin Files to move or delete: ==================== C:\Users\phili_000\AppData\Local\Temp\APNSetup.exe C:\Users\phili_000\AppData\Local\Temp\Mediencenter_3.8.0.2907.exe C:\Users\phili_000\AppData\Local\Temp\Mediencenter_3.8.1.2208.exe C:\Users\phili_000\AppData\Local\Temp\SetupHelper.exe C:\Users\phili_000\AppData\Local\Temp\vlc-2.0.7-win64.exe C:\Users\phili_000\AppData\Local\Temp\_MEI87162\kernel32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI87162\mfc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI87162\mfc90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI87162\mfcm90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI87162\mfcm90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI87162\psapi.dll C:\Users\phili_000\AppData\Local\Temp\_MEI87162\python27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI87162\pythoncom27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI87162\PyWinTypes27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI87162\shell32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI87162\wxbase294u_net_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI87162\wxbase294u_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI87162\wxmsw294u_adv_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI87162\wxmsw294u_core_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI87162\wxmsw294u_html_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI87162\wxmsw294u_webview_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI81642\kernel32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI81642\mfc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI81642\mfc90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI81642\mfcm90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI81642\mfcm90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI81642\msvcp100.dll C:\Users\phili_000\AppData\Local\Temp\_MEI81642\msvcr100.dll C:\Users\phili_000\AppData\Local\Temp\_MEI81642\psapi.dll C:\Users\phili_000\AppData\Local\Temp\_MEI81642\python27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI81642\pythoncom27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI81642\PyWinTypes27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI81642\shell32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI81642\wxbase294u_net_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI81642\wxbase294u_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI81642\wxmsw294u_adv_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI81642\wxmsw294u_core_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI81642\wxmsw294u_html_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI81642\wxmsw294u_webview_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI8082\kernel32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI8082\mfc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI8082\mfc90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI8082\mfcm90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI8082\mfcm90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI8082\msvcp100.dll C:\Users\phili_000\AppData\Local\Temp\_MEI8082\msvcr100.dll C:\Users\phili_000\AppData\Local\Temp\_MEI8082\psapi.dll C:\Users\phili_000\AppData\Local\Temp\_MEI8082\python27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI8082\pythoncom27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI8082\PyWinTypes27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI8082\shell32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI8082\wxbase294u_net_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI8082\wxbase294u_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI8082\wxmsw294u_adv_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI8082\wxmsw294u_core_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI8082\wxmsw294u_html_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI8082\wxmsw294u_webview_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI80722\kernel32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI80722\mfc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI80722\mfc90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI80722\mfcm90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI80722\mfcm90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI80722\msvcp100.dll C:\Users\phili_000\AppData\Local\Temp\_MEI80722\msvcr100.dll C:\Users\phili_000\AppData\Local\Temp\_MEI80722\psapi.dll C:\Users\phili_000\AppData\Local\Temp\_MEI80722\python27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI80722\pythoncom27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI80722\PyWinTypes27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI80722\shell32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI80722\wxbase294u_net_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI80722\wxbase294u_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI80722\wxmsw294u_adv_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI80722\wxmsw294u_core_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI80722\wxmsw294u_html_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI80722\wxmsw294u_webview_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI77002\kernel32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI77002\mfc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI77002\mfc90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI77002\mfcm90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI77002\mfcm90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI77002\msvcp100.dll C:\Users\phili_000\AppData\Local\Temp\_MEI77002\msvcr100.dll C:\Users\phili_000\AppData\Local\Temp\_MEI77002\psapi.dll C:\Users\phili_000\AppData\Local\Temp\_MEI77002\python27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI77002\pythoncom27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI77002\PyWinTypes27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI77002\shell32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI77002\wxbase294u_net_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI77002\wxbase294u_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI77002\wxmsw294u_adv_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI77002\wxmsw294u_core_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI77002\wxmsw294u_html_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI77002\wxmsw294u_webview_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI76242\kernel32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI76242\mfc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI76242\mfc90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI76242\mfcm90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI76242\mfcm90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI76242\psapi.dll C:\Users\phili_000\AppData\Local\Temp\_MEI76242\python27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI76242\pythoncom27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI76242\PyWinTypes27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI76242\shell32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI76242\wxbase294u_net_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI76242\wxbase294u_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI76242\wxmsw294u_adv_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI76242\wxmsw294u_core_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI76242\wxmsw294u_html_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI76242\wxmsw294u_webview_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI74002\kernel32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI74002\mfc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI74002\mfc90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI74002\mfcm90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI74002\mfcm90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI74002\msvcp100.dll C:\Users\phili_000\AppData\Local\Temp\_MEI74002\msvcr100.dll C:\Users\phili_000\AppData\Local\Temp\_MEI74002\psapi.dll C:\Users\phili_000\AppData\Local\Temp\_MEI74002\python27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI74002\pythoncom27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI74002\PyWinTypes27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI74002\shell32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI74002\wxbase294u_net_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI74002\wxbase294u_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI74002\wxmsw294u_adv_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI74002\wxmsw294u_core_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI74002\wxmsw294u_html_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI74002\wxmsw294u_webview_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI69322\kernel32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI69322\mfc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI69322\mfc90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI69322\mfcm90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI69322\mfcm90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI69322\msvcp100.dll C:\Users\phili_000\AppData\Local\Temp\_MEI69322\msvcr100.dll C:\Users\phili_000\AppData\Local\Temp\_MEI69322\psapi.dll C:\Users\phili_000\AppData\Local\Temp\_MEI69322\python27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI69322\pythoncom27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI69322\PyWinTypes27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI69322\shell32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI69322\wxbase294u_net_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI69322\wxbase294u_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI69322\wxmsw294u_adv_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI69322\wxmsw294u_core_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI69322\wxmsw294u_html_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI69322\wxmsw294u_webview_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI65042\kernel32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI65042\mfc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI65042\mfc90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI65042\mfcm90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI65042\mfcm90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI65042\psapi.dll C:\Users\phili_000\AppData\Local\Temp\_MEI65042\python27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI65042\pythoncom27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI65042\PyWinTypes27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI65042\shell32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI65042\wxbase294u_net_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI65042\wxbase294u_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI65042\wxmsw294u_adv_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI65042\wxmsw294u_core_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI65042\wxmsw294u_html_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI65042\wxmsw294u_webview_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI64122\kernel32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI64122\mfc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI64122\mfc90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI64122\mfcm90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI64122\mfcm90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI64122\psapi.dll C:\Users\phili_000\AppData\Local\Temp\_MEI64122\python27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI64122\pythoncom27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI64122\PyWinTypes27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI64122\shell32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI64122\wxbase294u_net_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI64122\wxbase294u_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI64122\wxmsw294u_adv_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI64122\wxmsw294u_core_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI64122\wxmsw294u_html_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI64122\wxmsw294u_webview_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI63802\kernel32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI63802\mfc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI63802\mfc90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI63802\mfcm90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI63802\mfcm90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI63802\psapi.dll C:\Users\phili_000\AppData\Local\Temp\_MEI63802\python27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI63802\pythoncom27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI63802\PyWinTypes27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI63802\shell32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI63802\wxbase294u_net_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI63802\wxbase294u_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI63802\wxmsw294u_adv_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI63802\wxmsw294u_core_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI63802\wxmsw294u_html_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI63802\wxmsw294u_webview_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62922\kernel32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62922\mfc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62922\mfc90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62922\mfcm90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62922\mfcm90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62922\msvcp100.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62922\msvcr100.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62922\psapi.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62922\python27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62922\pythoncom27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62922\PyWinTypes27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62922\shell32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62922\wxbase294u_net_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62922\wxbase294u_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62922\wxmsw294u_adv_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62922\wxmsw294u_core_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62922\wxmsw294u_html_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62922\wxmsw294u_webview_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62682\kernel32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62682\mfc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62682\mfc90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62682\mfcm90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62682\mfcm90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62682\msvcp100.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62682\msvcr100.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62682\psapi.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62682\python27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62682\pythoncom27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62682\PyWinTypes27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62682\shell32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62682\wxbase294u_net_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62682\wxbase294u_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62682\wxmsw294u_adv_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62682\wxmsw294u_core_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62682\wxmsw294u_html_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI62682\wxmsw294u_webview_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI56922\kernel32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI56922\mfc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI56922\mfc90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI56922\mfcm90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI56922\mfcm90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI56922\psapi.dll C:\Users\phili_000\AppData\Local\Temp\_MEI56922\python27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI56922\pythoncom27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI56922\PyWinTypes27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI56922\shell32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI56922\wxbase294u_net_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI56922\wxbase294u_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI56922\wxmsw294u_adv_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI56922\wxmsw294u_core_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI56922\wxmsw294u_html_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI56922\wxmsw294u_webview_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI53922\kernel32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI53922\mfc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI53922\mfc90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI53922\mfcm90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI53922\mfcm90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI53922\msvcp100.dll C:\Users\phili_000\AppData\Local\Temp\_MEI53922\msvcr100.dll C:\Users\phili_000\AppData\Local\Temp\_MEI53922\psapi.dll C:\Users\phili_000\AppData\Local\Temp\_MEI53922\python27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI53922\pythoncom27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI53922\PyWinTypes27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI53922\shell32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI53922\wxbase294u_net_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI53922\wxbase294u_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI53922\wxmsw294u_adv_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI53922\wxmsw294u_core_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI53922\wxmsw294u_html_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI53922\wxmsw294u_webview_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI52642\kernel32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI52642\mfc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI52642\mfc90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI52642\mfcm90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI52642\mfcm90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI52642\msvcp100.dll C:\Users\phili_000\AppData\Local\Temp\_MEI52642\msvcr100.dll C:\Users\phili_000\AppData\Local\Temp\_MEI52642\psapi.dll C:\Users\phili_000\AppData\Local\Temp\_MEI52642\python27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI52642\pythoncom27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI52642\PyWinTypes27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI52642\shell32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI52642\wxbase294u_net_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI52642\wxbase294u_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI52642\wxmsw294u_adv_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI52642\wxmsw294u_core_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI52642\wxmsw294u_html_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI52642\wxmsw294u_webview_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI52082\kernel32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI52082\mfc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI52082\mfc90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI52082\mfcm90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI52082\mfcm90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI52082\psapi.dll C:\Users\phili_000\AppData\Local\Temp\_MEI52082\python27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI52082\pythoncom27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI52082\PyWinTypes27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI52082\shell32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI52082\wxbase294u_net_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI52082\wxbase294u_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI52082\wxmsw294u_adv_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI52082\wxmsw294u_core_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI52082\wxmsw294u_html_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI52082\wxmsw294u_webview_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI50722\kernel32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI50722\mfc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI50722\mfc90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI50722\mfcm90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI50722\mfcm90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI50722\msvcp100.dll C:\Users\phili_000\AppData\Local\Temp\_MEI50722\msvcr100.dll C:\Users\phili_000\AppData\Local\Temp\_MEI50722\psapi.dll C:\Users\phili_000\AppData\Local\Temp\_MEI50722\python27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI50722\pythoncom27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI50722\PyWinTypes27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI50722\shell32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI50722\wxbase294u_net_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI50722\wxbase294u_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI50722\wxmsw294u_adv_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI50722\wxmsw294u_core_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI50722\wxmsw294u_html_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI50722\wxmsw294u_webview_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI50362\kernel32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI50362\mfc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI50362\mfc90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI50362\mfcm90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI50362\mfcm90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI50362\psapi.dll C:\Users\phili_000\AppData\Local\Temp\_MEI50362\python27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI50362\pythoncom27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI50362\PyWinTypes27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI50362\shell32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI50362\wxbase294u_net_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI50362\wxbase294u_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI50362\wxmsw294u_adv_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI50362\wxmsw294u_core_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI50362\wxmsw294u_html_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI50362\wxmsw294u_webview_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI47002\kernel32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI47002\mfc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI47002\mfc90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI47002\mfcm90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI47002\mfcm90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI47002\msvcp100.dll C:\Users\phili_000\AppData\Local\Temp\_MEI47002\msvcr100.dll C:\Users\phili_000\AppData\Local\Temp\_MEI47002\psapi.dll C:\Users\phili_000\AppData\Local\Temp\_MEI47002\python27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI47002\pythoncom27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI47002\PyWinTypes27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI47002\shell32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI47002\wxbase294u_net_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI47002\wxbase294u_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI47002\wxmsw294u_adv_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI47002\wxmsw294u_core_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI47002\wxmsw294u_html_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI47002\wxmsw294u_webview_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI4562\kernel32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI4562\mfc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI4562\mfc90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI4562\mfcm90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI4562\mfcm90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI4562\psapi.dll C:\Users\phili_000\AppData\Local\Temp\_MEI4562\python27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI4562\pythoncom27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI4562\PyWinTypes27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI4562\shell32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI4562\wxbase294u_net_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI4562\wxbase294u_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI4562\wxmsw294u_adv_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI4562\wxmsw294u_core_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI4562\wxmsw294u_html_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI4562\wxmsw294u_webview_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI44482\kernel32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI44482\mfc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI44482\mfc90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI44482\mfcm90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI44482\mfcm90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI44482\psapi.dll C:\Users\phili_000\AppData\Local\Temp\_MEI44482\python27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI44482\pythoncom27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI44482\PyWinTypes27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI44482\shell32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI44482\wxbase294u_net_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI44482\wxbase294u_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI44482\wxmsw294u_adv_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI44482\wxmsw294u_core_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI44482\wxmsw294u_html_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI44482\wxmsw294u_webview_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI44162\kernel32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI44162\mfc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI44162\mfc90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI44162\mfcm90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI44162\mfcm90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI44162\msvcp100.dll C:\Users\phili_000\AppData\Local\Temp\_MEI44162\msvcr100.dll C:\Users\phili_000\AppData\Local\Temp\_MEI44162\psapi.dll C:\Users\phili_000\AppData\Local\Temp\_MEI44162\python27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI44162\pythoncom27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI44162\PyWinTypes27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI44162\shell32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI44162\wxbase294u_net_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI44162\wxbase294u_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI44162\wxmsw294u_adv_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI44162\wxmsw294u_core_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI44162\wxmsw294u_html_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI44162\wxmsw294u_webview_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI35962\kernel32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI35962\mfc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI35962\mfc90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI35962\mfcm90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI35962\mfcm90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI35962\msvcp100.dll C:\Users\phili_000\AppData\Local\Temp\_MEI35962\msvcr100.dll C:\Users\phili_000\AppData\Local\Temp\_MEI35962\psapi.dll C:\Users\phili_000\AppData\Local\Temp\_MEI35962\python27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI35962\pythoncom27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI35962\PyWinTypes27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI35962\shell32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI35962\wxbase294u_net_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI35962\wxbase294u_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI35962\wxmsw294u_adv_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI35962\wxmsw294u_core_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI35962\wxmsw294u_html_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI35962\wxmsw294u_webview_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI26682\kernel32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI26682\mfc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI26682\mfc90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI26682\mfcm90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI26682\mfcm90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI26682\msvcp100.dll C:\Users\phili_000\AppData\Local\Temp\_MEI26682\msvcr100.dll C:\Users\phili_000\AppData\Local\Temp\_MEI26682\psapi.dll C:\Users\phili_000\AppData\Local\Temp\_MEI26682\python27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI26682\pythoncom27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI26682\PyWinTypes27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI26682\shell32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI26682\wxbase294u_net_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI26682\wxbase294u_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI26682\wxmsw294u_adv_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI26682\wxmsw294u_core_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI26682\wxmsw294u_html_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI26682\wxmsw294u_webview_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI14042\kernel32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI14042\mfc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI14042\mfc90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI14042\mfcm90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI14042\mfcm90u.dll C:\Users\phili_000\AppData\Local\Temp\_MEI14042\msvcp100.dll C:\Users\phili_000\AppData\Local\Temp\_MEI14042\msvcr100.dll C:\Users\phili_000\AppData\Local\Temp\_MEI14042\psapi.dll C:\Users\phili_000\AppData\Local\Temp\_MEI14042\python27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI14042\pythoncom27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI14042\PyWinTypes27.dll C:\Users\phili_000\AppData\Local\Temp\_MEI14042\shell32.dll C:\Users\phili_000\AppData\Local\Temp\_MEI14042\wxbase294u_net_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI14042\wxbase294u_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI14042\wxmsw294u_adv_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI14042\wxmsw294u_core_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI14042\wxmsw294u_html_vc90.dll C:\Users\phili_000\AppData\Local\Temp\_MEI14042\wxmsw294u_webview_vc90.dll C:\Users\phili_000\AppData\Local\Temp\VSDC0AA.tmp\Microsoft Sync Framework Services\msfcheck.exe C:\Users\phili_000\AppData\Local\Temp\VSDC0AA.tmp\Microsoft Sync Framework\msfcheck.exe C:\Users\phili_000\AppData\Local\Temp\VSDC0AA.tmp\dotnetfx\dotnetchk.exe C:\Users\phili_000\AppData\Local\Temp\tmpgmvjkn\googledrivesync.exe C:\Users\phili_000\AppData\Local\Temp\Origin\~nsu.tmp\Au_.exe C:\Users\phili_000\AppData\Local\Temp\nslE7BD.tmp\NSIS_Picasa_Unicode.dll C:\Users\phili_000\AppData\Local\Temp\nsi4652.tmp\replacebf.dll C:\Users\phili_000\AppData\Local\Temp\nsi4652.tmp\sqlite3.dll C:\Users\phili_000\AppData\Local\Temp\nsi4652.tmp\uph.dll C:\Users\phili_000\AppData\Local\Temp\nsi4652.tmp\userid.dll C:\Users\phili_000\AppData\Local\Temp\nsi4604.tmp\uph.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-08-20 13:53 ==================== End Of Log ============================ --- --- --- --- --- --- --- --- --- |
|
30.08.2013, 10:42
| #4 |
| | Virus:Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013.com Und hier noch die Addition.txt: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-08-2013 Ran by Philipp13 at 2013-08-30 03:12:39 Running from C:\Users\phili_000\Downloads Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= µTorrent (x32 Version: 3.3.0.29625) 3DMark Demo (x32) 4Free Video Converter 3 (x32) Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94) Antichamber (x32) Apple Application Support (x32 Version: 2.3.4) Apple Mobile Device Support (Version: 6.1.0.13) Apple Software Update (x32 Version: 2.1.3.127) Arma 2: Operation Arrowhead (x32) Arma 3 Alpha (x32) Ask Toolbar (x32 Version: 12.3.0.7) Assassin’s Creed® III (x32) AudibleManager (x32 Version: 18414980.4759644.48.2009478984) Avira Free Antivirus (x32 Version: 13.0.0.3885) Bastion (x32) Batman: Arkham City GOTY (x32) Battlefield 1942™ (x32 Version: 1.6.20.0) Battlefield 2 (x32 Version: 1.5.0.0) Battlefield 3™ (x32 Version: 1.6.0.0) Battlefield: Bad Company™ 2 (x32 Version: 1.0.0.0) Battlelog Web Plugins (x32 Version: 2.1.7) BioShock Infinite (x32) Bonjour (Version: 3.0.0.10) Borderlands 2 (x32) Burnout Paradise: The Ultimate Box (x32) CDBurnerXP (x32 Version: 4.5.1.4003) Chivalry: Medieval Warfare (x32) Classic Shell (Version: 3.6.7) Command and Conquer: Red Alert 3 - Uprising (x32) Company of Heroes (New Steam Version) (x32) Company of Heroes (x32) Company of Heroes 2 (x32) Company of Heroes: Opposing Fronts (x32) Counter-Strike: Global Offensive (x32) Counter-Strike: Source (x32) Crysis®3 (x32 Version: 1.0.0.0) D3DX10 (x32 Version: 15.4.2368.0902) DAEMON Tools Lite (x32 Version: 4.47.1.0333) Dark Souls: Prepare to Die Edition (x32) Darksiders II (x32) Dead Space (x32) Dead Space™ 2 (x32 Version: 1.0.948.0) Die Schlacht um Mittelerde™ II (x32) Dota 2 (x32) Dragon Age: Origins - Ultimate Edition (x32) Dropbox (HKCU Version: 2.0.26) eaner (Version: 4.01) ESN Sonar (x32 Version: 0.70.4) Far Cry 3 Blood Dragon (x32 Version: 1.00) FEZ (x32) Fotogalerie (x32 Version: 16.4.3508.0205) Futuremark SystemInfo (x32 Version: 4.17.0) GameRanger (HKCU) GIMP 2.8.6 (Version: 2.8.6) Google Chrome (x32 Version: 30.0.1599.22) Google Chrome Frame (x32 Version: 65.119.72) Google Drive (x32 Version: 1.11.4865.2530) Google Update Helper (x32 Version: 1.3.21.153) Half-Life (x32) Half-Life 2 (x32) Half-Life 2: Episode One (x32) Half-Life 2: Episode Two (x32) Half-Life 2: Lost Coast (x32) HD Tune 2.55 (x32) Hotline Miami (x32) Hotspot Shield 3.11 (x32 Version: 3.11) Hotspot Shield Toolbar (x32 Version: 6.12.0.11) HTC Driver Installer (x32 Version: 4.2.0.001) HTC Sync Manager (x32 Version: 2.0.60.0) iCloud (Version: 2.1.2.8) IPTInstaller (x32 Version: 4.0.8) iTunes (Version: 11.0.4.4) Java 7 Update 21 (64-bit) (Version: 7.0.210) Java 7 Update 25 (x32 Version: 7.0.250) Java Auto Updater (x32 Version: 2.1.9.5) Java SE Development Kit 7 Update 21 (64-bit) (Version: 1.7.0.210) Junk Mail filter update (x32 Version: 16.4.3508.0205) Just Cause 2 (x32) Kerbal Space Program (x32) League of Legends (x32 Version: 1.3) Left 4 Dead 2 (x32) Logitech Gaming Software (Version: 8.45.88) Logitech Gaming Software 8.45 (Version: 8.45.88) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) Medal of Honor(TM) Multiplayer (x32) Mediencenter 3.8.1.2208 (HKCU Version: 3.8.1.2208) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft SkyDrive (HKCU Version: 16.4.6013.0910) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (x32 Version: 11.0.51106.1) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106) Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106) Microsoft Xbox 360 Accessories 1.2 (Version: 1.20.146.0) Microsoft XNA Framework Redistributable 3.1 (x32 Version: 3.1.10527.0) Mirror's Edge (x32) Movie Maker (x32 Version: 16.4.3508.0205) MSVCRT (x32 Version: 15.4.2862.0708) MSVCRT_amd64 (x32 Version: 15.4.2862.0708) MSVCRT110 (x32 Version: 16.4.1108.0727) MSVCRT110_amd64 (Version: 16.4.1109.0912) Mumble(PR edition) and Murmur(PR edition) (x32 Version: 1.1.8) My Game Long Name NVIDIA 3D Vision Controller-Treiber 320.49 (Version: 320.49) NVIDIA 3D Vision Treiber 320.49 (Version: 320.49) NVIDIA GeForce Experience 1.6 (Version: 1.6) NVIDIA Grafiktreiber 320.49 (Version: 320.49) NVIDIA HD-Audiotreiber 1.3.24.2 (Version: 1.3.24.2) NVIDIA Install Application (Version: 2.1002.131.854) NVIDIA PhysX (x32 Version: 9.13.0604) NVIDIA PhysX-Systemsoftware 9.13.0604 (Version: 9.13.0604) NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2049) NVIDIA Systemsteuerung 320.49 (Version: 320.49) NVIDIA Update 7.2.17 (Version: 7.2.17) NVIDIA Update Components (Version: 7.2.17) NVIDIA Virtual Audio 1.2.1 (Version: 1.2.1) OpenAL (x32) Origin (x32 Version: 9.1.15.109) osu! (x32 Version: 0.0.0.0) Photo Common (x32 Version: 16.4.3508.0205) Photo Gallery (x32 Version: 16.4.3508.0205) Picasa 3 (x32 Version: 3.9) PiccShare (HKCU Version: 2.0) Portal (x32) PR Mumble 1.0.0 (x32 Version: 1.0.0) Project Reality: BF2 (Version: v1.0) Project Reality: BF2 (x32 Version: v0.981) PunkBuster Services (x32 Version: 0.993) QuickTime (x32 Version: 7.74.80.86) R.U.S.E (x32) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6873) ROCCAT Kone[+] Mouse Driver (x32) Safari (x32 Version: 5.34.57.2) Saints Row: The Third (x32) SHIELD Streaming (Version: 1.05.19) Sid Meier's Civilization V (x32) SimCity™ (x32 Version: 1.0.0.0) Skype™ 6.7 (x32 Version: 6.7.102) Source SDK Base 2007 (x32) Spotify (HKCU Version: 0.9.1.57.ge7405149) StarCraft II (x32 Version: 2.0.8.25604) Steam (x32 Version: 1.0.0.0) Sublime Text 2.0.2 TeamSpeak 3 Client (Version: 3.0.10) TeamViewer 8 (x32 Version: 8.0.18051) The Elder Scrolls V: Skyrim (x32) The Walking Dead (x32) TrackMania² Stadium (x32) Tunngle beta (x32) Unity Web Player (HKCU Version: ) Uplay (x32 Version: 2.1) VLC media player 2.0.6 (Version: 2.0.6) Windows Live Communications Platform (x32 Version: 16.4.3508.0205) Windows Live Essentials (x32 Version: 16.4.3508.0205) Windows Live Installer (x32 Version: 16.4.3508.0205) Windows Live Mail (x32 Version: 16.4.3508.0205) Windows Live Messenger (x32 Version: 16.4.3508.0205) Windows Live MIME IFilter (Version: 16.4.3508.0205) Windows Live Photo Common (x32 Version: 16.4.3508.0205) Windows Live PIMT Platform (x32 Version: 16.4.3508.0205) Windows Live SOXE (x32 Version: 16.4.3508.0205) Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205) Windows Live UX Platform (x32 Version: 16.4.3508.0205) Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205) Windows Live Writer (x32 Version: 16.4.3508.0205) Windows Live Writer Resources (x32 Version: 16.4.3508.0205) WinRAR 4.20 (64-Bit) (Version: 4.20.0) ==================== Restore Points ========================= 23-08-2013 11:38:17 Geplanter Prüfpunkt 24-08-2013 11:19:23 Wiederherstellungsvorgang 27-08-2013 11:52:10 Windows Update 28-08-2013 18:32:30 DirectX wurde installiert ==================== Hosts content: ========================== 2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation) Task: {115A30F5-9629-4E2E-993E-F2EF77734558} - System32\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange => C:\Windows\System32\bfe.dll [2012-11-27] (Microsoft Corporation) Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\System32\sysmain.dll [2013-05-04] (Microsoft Corporation) Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents Task: {1FF2ADFF-CCEB-41B4-B5D6-C87511E58938} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\WSClient.dll [2012-09-20] (Microsoft Corporation) Task: {26526B00-C2CA-4623-8FA6-A90F9C81B5FA} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-20] (Adobe Systems Incorporated) Task: {26DA4FB1-0285-4FBD-A01C-15F1F61FFE80} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update Task: {307D8C75-FDA3-49D3-AA9F-DB79F405FB59} - System32\Tasks\Microsoft\Windows\Autochk\Proxy => C:\Windows\System32\acproxy.dll [2012-07-26] (Microsoft Corporation) Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation) Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon Task: {5258A4C0-1778-4765-976F-128436AF89D1} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation) Task: {67229DF8-B971-4F31-933D-0FD466D45DE1} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\System32\aepdu.dll [2012-07-26] (Microsoft Corporation) Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation) Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Task: {70C8B011-1845-43B1-96AA-5D31A16A0A84} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-306031665-1921043881-1312870909-1001 Task: {70D08626-8C21-49AA-B802-620D6F90C0C7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-01] (Google Inc.) Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode) Task: {892B8666-CEC6-447D-992D-AAEDC3F811B0} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic Task: {A442B719-F5DB-46F5-A46E-E971FE8520A8} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation) Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\WSClient.dll [2012-09-20] (Microsoft Corporation) Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan Task: {BB985BD3-46C5-410A-A415-4E01B8FE991D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-01] (Google Inc.) Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\System32\Windows.Storage.ApplicationData.dll [2012-07-26] (Microsoft Corporation) Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask Task: {E5AF74D9-4E90-4939-9741-60358E8000CA} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector => C:\Windows\System32\dfdts.dll [2012-07-26] (Microsoft Corporation) Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation) Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\System32\Startupscan.dll [2012-07-26] (Microsoft Corporation) Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM Task: {F2DC013B-5638-4373-9C9A-2E1A7A2C61D9} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task Task: {FBFE8044-138A-4DF2-A0D6-BFC87CD284D0} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\WINDOWS\system32\sc.exe [2012-07-26] (Microsoft Corporation) Task: {FFE3FD50-646E-4A64-913B-23C4187E6025} - System32\Tasks\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Alternate Data Streams (whitelisted) ========== AlternateDataStreams: C:\Users\phili_000\Desktop\Thumbs.db:encryptable AlternateDataStreams: C:\Users\phili_000\Downloads\Thumbs.db:encryptable ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (08/30/2013 00:18:06 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Error: (08/30/2013 00:18:04 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Error: (08/30/2013 00:18:04 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Error: (08/29/2013 06:26:03 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: rads_user_kernel.exe, Version: 0.0.0.0, Zeitstempel: 0x4e65c1ac Name des fehlerhaften Moduls: rads_user_kernel.exe, Version: 0.0.0.0, Zeitstempel: 0x4e65c1ac Ausnahmecode: 0xc0000005 Fehleroffset: 0x000b8554 ID des fehlerhaften Prozesses: 0x2014 Startzeit der fehlerhaften Anwendung: 0xrads_user_kernel.exe0 Pfad der fehlerhaften Anwendung: rads_user_kernel.exe1 Pfad des fehlerhaften Moduls: rads_user_kernel.exe2 Berichtskennung: rads_user_kernel.exe3 Vollständiger Name des fehlerhaften Pakets: rads_user_kernel.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: rads_user_kernel.exe5 Error: (08/29/2013 06:25:42 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: League of Legends.exe, Version: 3.10.0.246, Zeitstempel: 0x520d4875 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften Prozesses: 0xab8 Startzeit der fehlerhaften Anwendung: 0xLeague of Legends.exe0 Pfad der fehlerhaften Anwendung: League of Legends.exe1 Pfad des fehlerhaften Moduls: League of Legends.exe2 Berichtskennung: League of Legends.exe3 Vollständiger Name des fehlerhaften Pakets: League of Legends.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: League of Legends.exe5 Error: (08/29/2013 03:35:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: PHILIPP) Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2147467263. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (08/29/2013 03:35:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: PHILIPP) Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2147467263. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (08/29/2013 03:35:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: PHILIPP) Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2147467263. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (08/29/2013 02:02:53 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: PHILIPP) Description: Die App „DefaultBrowser_NOPUBLISHERID!Chrome“ wurde nicht innerhalb der vorgesehenen Zeit gestartet. Error: (08/28/2013 09:47:21 AM) (Source: NvStreamSvc) (User: ) Description: NvStreamSvcUnregistering VAD endpoint [0] System errors: ============= Error: (08/29/2013 02:15:54 AM) (Source: DCOM) (User: PHILIPP) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (08/29/2013 02:15:54 AM) (Source: DCOM) (User: PHILIPP) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (08/29/2013 02:15:54 AM) (Source: DCOM) (User: PHILIPP) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (08/29/2013 01:10:11 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (08/29/2013 01:10:11 AM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht. Error: (08/29/2013 00:46:29 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (08/29/2013 00:46:29 AM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht. Error: (08/28/2013 09:47:19 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Avira Echtzeit-Scanner" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (08/28/2013 09:47:19 AM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Echtzeit-Scanner erreicht. Error: (08/28/2013 09:47:19 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Avira Planer" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Microsoft Office Sessions: ========================= Error: (08/30/2013 00:18:06 AM) (Source: SideBySide)(User: ) Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\$Recycle.Bin\S-1-5-21-306031665-1921043881-1312870909-1001\$RV21ZP2.exe Error: (08/30/2013 00:18:04 AM) (Source: SideBySide)(User: ) Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\$Recycle.Bin\S-1-5-21-306031665-1921043881-1312870909-1001\$RZ0D7ET.exe Error: (08/30/2013 00:18:04 AM) (Source: SideBySide)(User: ) Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\$Recycle.Bin\S-1-5-21-306031665-1921043881-1312870909-1001\$RP9UJJT.exe Error: (08/29/2013 06:26:03 PM) (Source: Application Error)(User: ) Description: rads_user_kernel.exe0.0.0.04e65c1acrads_user_kernel.exe0.0.0.04e65c1acc0000005000b8554201401cea4d46cb61dcbF:\Games\lol\League of Legends\RADS\system\rads_user_kernel.exeF:\Games\lol\League of Legends\RADS\system\rads_user_kernel.exeb22b6266-10c7-11e3-be93-f46d04af758d Error: (08/29/2013 06:25:42 PM) (Source: Application Error)(User: ) Description: League of Legends.exe3.10.0.246520d4875unknown0.0.0.000000000c000000500000000ab801cea4d4641aa388F:\Games\lol\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.0.240\deploy\League of Legends.exeunknowna5f2598f-10c7-11e3-be93-f46d04af758d Error: (08/29/2013 03:35:56 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: PHILIPP) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147467263 Error: (08/29/2013 03:35:56 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: PHILIPP) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147467263 Error: (08/29/2013 03:35:56 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: PHILIPP) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147467263 Error: (08/29/2013 02:02:53 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: PHILIPP) Description: DefaultBrowser_NOPUBLISHERID!Chrome Error: (08/28/2013 09:47:21 AM) (Source: NvStreamSvc)(User: ) Description: NvStreamSvcUnregistering VAD endpoint [0] ==================== Memory info =========================== Percentage of memory in use: 41% Total physical RAM: 8168.79 MB Available physical RAM: 4816.25 MB Total Pagefile: 9384.79 MB Available Pagefile: 5084.49 MB Total Virtual: 8192 MB Available Virtual: 8191.76 MB ==================== Drives ================================ Drive c: (SSD) (Fixed) (Total:119.24 GB) (Free:33.52 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS Drive e: () (Fixed) (Total:244.04 GB) (Free:106.27 GB) NTFS Drive f: () (Fixed) (Total:687.37 GB) (Free:122.64 GB) NTFS Drive i: (PRBF2) (CDROM) (Total:6.03 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 02B4A0EB) Partition 1: (Active) - (Size=119 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 9B01FA5B) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=244 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=687 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
|
30.08.2013, 11:11
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virus:Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013.com Adware/Junkware/Toolbars entfernen 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
30.08.2013, 16:09
| #6 |
| | Virus:Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013.com AdwCleaner: Code:
ATTFilter # AdwCleaner v3.001 - Report created 30/08/2013 at 16:34:04
# Updated 24/08/2013 by Xplode
# Operating System : Windows 8 Pro (64 bits)
# Username : Philipp13 - PHILIPP
# Running from : C:\Users\phili_000\Downloads\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : APNMCP
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Hotspot Shield
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Hotspot_Shield
Folder Deleted : C:\Program Files (x86)\Hotspot Shield
Folder Deleted : C:\Users\phili_000\AppData\Local\Conduit
Folder Deleted : C:\Users\phili_000\AppData\Local\ext_piccshare
Folder Deleted : C:\Users\PHILI_~1\AppData\Local\Temp\apn
Folder Deleted : C:\Users\phili_000\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\phili_000\AppData\LocalLow\Hotspot_Shield
Folder Deleted : C:\Users\phili_000\AppData\Roaming\Babylon
Folder Deleted : C:\Users\phili_000\AppData\Roaming\Common\LuaRT
Folder Deleted : C:\Users\phili_000\AppData\Roaming\DataMgr
Folder Deleted : C:\Users\phili_000\AppData\Roaming\Intermediate
Folder Deleted : C:\Users\phili_000\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\phili_000\AppData\Roaming\SCheck
Folder Deleted : C:\Users\phili_000\AppData\Roaming\SSync
Folder Deleted : C:\Users\phili_000\AppData\Roaming\Systweak
Folder Deleted : C:\Users\phili_000\AppData\Roaming\Hotspot Shield
Folder Deleted : C:\Users\phili_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\docfnddcclkgokdfpnmngpiliiachclb
[!] Folder Deleted : C:\Users\phili_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\docfnddcclkgokdfpnmngpiliiachclb
File Deleted : C:\WINDOWS\System32\roboot64.exe
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Google\Chrome\Extensions\docfnddcclkgokdfpnmngpiliiachclb
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [DataMgr]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Intermediate]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [scheck]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [ssync]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\piccshare.bho
Key Deleted : HKLM\SOFTWARE\Classes\piccshare.bho.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Key Deleted : HKLM\SOFTWARE\5e53d88fe66eb917
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{553318DA-D010-469E-84B1-496563CAE1C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{87EAB409-97D7-4889-ACFA-C548FC6F3ECF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{671F1846-80F2-4ED8-B183-A921E6A4D5D5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{553318DA-D010-469E-84B1-496563CAE1C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{553318DA-D010-469E-84B1-496563CAE1C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{87EAB409-97D7-4889-ACFA-C548FC6F3ECF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{553318DA-D010-469E-84B1-496563CAE1C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{553318DA-D010-469E-84B1-496563CAE1C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{87EAB409-97D7-4889-ACFA-C548FC6F3ECF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{23AACA80-9C63-4072-BF8C-9967A50B658A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A4E0F68C-4B0A-4AC3-8C09-32E573AFD243}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Hotspot_Shield
Key Deleted : HKCU\Software\httogroup
Key Deleted : HKCU\Software\piccshare
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Hotspot_Shield
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\AskPartnerNetwork
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Hotspot_Shield
Key Deleted : HKLM\Software\Uniblue\DriverScanner
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\piccshare
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Hotspot_Shield Toolbar
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16660
-\\ Google Chrome v30.0.1599.22
[ File : C:\Users\phili_000\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\phili_000\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [9046 octets] - [30/08/2013 16:33:04]
AdwCleaner[S0].txt - [7115 octets] - [30/08/2013 16:34:04]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7175 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.5 (08.28.2013:1)
OS: Windows 8 Pro x64
Ran by Philipp13 on 30.08.2013 at 16:43:12,74
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
Successfully stopped: [Service] hshld
Successfully deleted: [Service] hshld
Successfully stopped: [Service] hsstrayservice
Successfully deleted: [Service] hsstrayservice
Successfully stopped: [Service] hsswd
Successfully deleted: [Service] hsswd
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\anchorfree
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\hotspotshield
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\hotspotshield
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\uniblue
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT1561552
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{1330D0AC-9EE7-40A8-BB6A-B4B417AF7D52}
~~~ Files
Successfully deleted: [File] "C:\Users\phili_000\appdata\local\ext_piccshare_uninst.exe"
Failed to delete: [File] "C:\Users\phili_000\appdata\local\google\chrome\user data\default\ext_piccshare"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\hotspot shield"
Successfully deleted: [Folder] "C:\Program Files (x86)\hotspot shield"
Successfully deleted: [Folder] "C:\WINDOWS\syswow64\ai_recyclebin"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.08.2013 at 16:45:42,44
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-08-2013
Ran by Philipp13 (administrator) on 30-08-2013 17:05:59
Running from C:\Users\phili_000\Downloads
Windows 8 Pro (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicShellService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\WINDOWS\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Electronic Arts) F:\Games\Origin\Origin.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\phili_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\phili_000\AppData\Roaming\Spotify\spotify.exe
(Dropbox, Inc.) C:\Users\phili_000\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe
(Apple Inc.) E:\Apple\iTunes\iTunesHelper.exe
(Deutsche Telekom AG) C:\Users\phili_000\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\syswow64\wwahost.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7468784 2013-02-28] (Logitech Inc.)
HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-27] (NVIDIA Corporation)
HKCU\...\Run: [EADM] - F:\Games\Origin\Origin.exe [3549528 2013-08-27] (Electronic Arts)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1811880 2013-08-28] (Valve Corporation)
HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20097696 2013-06-27] (Google)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20684656 2013-07-25] (Skype Technologies S.A.)
HKCU\...\Run: [DAEMON Tools Lite] - F:\Programme\DeamonTools\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\phili_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-07-08] (Spotify Ltd)
HKCU\...\Run: [Spotify] - C:\Users\phili_000\AppData\Roaming\Spotify\spotify.exe [4640768 2013-07-08] (Spotify Ltd)
HKCU\...\Run: [Snoozer] - C:\Users\phili_000\AppData\Roaming\Snz\Snz.exe [1137764 2013-08-28] ()
HKCU\...\Run: [OMESupervisor] - C:\Users\phili_000\AppData\Local\omesuperv.exe [2218359 2013-08-28] ()
MountPoints2: {04ae5736-b259-11e2-be6b-f46d04af758d} - "I:\autorun.exe"
MountPoints2: {3427fed2-e1b5-11e2-be85-f46d04af758d} - "H:\HTC_Sync_Manager_PC.exe"
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-06-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] - C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [x]
HKLM-x32\...\Run: [QuickTime Task] - F:\Programme\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [RoccatKone+] - C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE [552960 2011-07-12] (ROCCAT GmbH)
HKLM-x32\...\Run: [iTunesHelper] - E:\Apple\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
AppInit_DLLs: C:\PROGRA~1\NVIDIA~1\NVSTRE~1\rxinput.dll [653600 2013-07-27] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll [593696 2013-07-27] (NVIDIA Corporation)
Startup: C:\Users\phili_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\phili_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\phili_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediencenter.lnk
ShortcutTarget: Mediencenter.lnk -> C:\Users\phili_000\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe (Deutsche Telekom AG)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft)
BHO-x32: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\29.0.1547.57\npchrome_frame.dll (Google Inc.)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - No File
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\29.0.1547.57\npchrome_frame.dll (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 08 %SystemRoot%\SysWOW64\wlidNSP.dll File Not found ()
Winsock: Catalog5 09 %SystemRoot%\SysWOW64\wlidNSP.dll File Not found ()
Winsock: Catalog5-x64 08 C:\WINDOWS\system32\wlidnsp.dll [71168] (Microsoft Corporation)
Winsock: Catalog5-x64 09 C:\WINDOWS\system32\wlidnsp.dll [71168] (Microsoft Corporation)
Chrome:
=======
CHR HomePage: hxxp://google.de/
CHR RestoreOnStartup: "hxxp://google.de/"
CHR Extension: (Google Docs) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_1
CHR Extension: (Google Drive) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1
CHR Extension: (YouTube) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1
CHR Extension: (Adblock Plus) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_1
CHR Extension: (Google Search) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1
CHR Extension: (Tampermonkey) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\3.4.3568.10_1
CHR Extension: (OfferMosquito) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk\0.6.2_1
CHR Extension: (Vince) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgpdhkfmndlnlmmhcalabijjpogicdpa\3_1
CHR Extension: (Speed Test) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlhbmnfdcklajeaeikfinieljfegamko\2.2_1
CHR Extension: (Isoball 3) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj\1.4.0_1
CHR Extension: (SmartVideo For YouTube\u2122) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnkdbjbjpnpjeciipoaflmpcddinpjjp\0.9927_1
CHR Extension: (DSL speedtest) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mibbfkdeofpfmkclkgjfnjppdblhpddj\1.1_1
CHR Extension: (Chrome In-App Payments service) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_1
CHR Extension: (Auto-Reload) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofojbjgaaddibdfpmmjeonahgbacejid\8.0.5_1
CHR Extension: (Gmail) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [aaaajpkhjdkhhnkmgfjodbkfpbmibkkk] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7\CRX\ToolbarCR.crx
==================== Services (Whitelisted) =================
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-26] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-26] (Avira Operations GmbH & Co. KG)
R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2013-04-12] (IvoSoft)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-01-29] (Nero AG)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14984480 2013-07-27] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-08-06] ()
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [754584 2013-06-24] (Tunngle.net GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-05-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130016 2013-05-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-05-01] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-05-01] (DT Soft Ltd)
R1 HssDRV6; C:\Windows\system32\DRIVERS\hssdrv6.sys [46792 2013-07-24] (AnchorFree Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39712 2013-05-14] (NVIDIA Corporation)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [203544 2013-02-06] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
S3 WsAudio_Device(1); C:\Windows\system32\drivers\VirtualAudio1.sys [31080 2013-01-25] (Wondershare)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)
S3 DIRECTIO; \??\C:\Program Files\PerformanceTest\DirectIo64.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-30 16:42 - 2013-08-30 16:42 - 00000000 ____D C:\WINDOWS\ERUNT
2013-08-30 16:41 - 2013-08-30 16:41 - 00007263 _____ C:\Users\phili_000\Desktop\AdwCleaner[S0].txt
2013-08-30 16:33 - 2013-08-30 16:34 - 00000000 ____D C:\AdwCleaner
2013-08-30 13:59 - 2013-08-30 13:59 - 01023533 _____ (Thisisu) C:\Users\phili_000\Downloads\JRT.exe
2013-08-30 13:59 - 2013-08-30 13:59 - 00994642 _____ C:\Users\phili_000\Downloads\adwcleaner.exe
2013-08-30 03:12 - 2013-08-30 03:12 - 00030111 _____ C:\Users\phili_000\Downloads\Addition.txt
2013-08-30 03:12 - 2013-08-30 03:12 - 00000000 ____D C:\FRST
2013-08-30 03:11 - 2013-08-30 03:11 - 01579080 _____ (Farbar) C:\Users\phili_000\Downloads\FRST64.exe
2013-08-29 22:40 - 2013-08-29 22:40 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\phili_000\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-29 22:40 - 2013-08-29 22:40 - 00001112 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-29 22:40 - 2013-08-29 22:40 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Malwarebytes
2013-08-29 22:40 - 2013-08-29 22:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-29 22:40 - 2013-08-29 22:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-29 22:40 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-08-29 15:52 - 2013-08-29 15:52 - 00000000 ___HD C:\Users\phili_000\Desktop\.picasaoriginals
2013-08-29 15:49 - 2013-08-29 15:49 - 14965064 _____ (Google Inc.) C:\Users\phili_000\Downloads\picasa39-setup (1).exe
2013-08-29 15:46 - 2013-08-29 15:47 - 14965064 _____ (Google Inc.) C:\Users\phili_000\Downloads\picasa39-setup.exe
2013-08-29 15:36 - 2013-08-29 15:36 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Snz
2013-08-28 20:46 - 2013-08-28 20:46 - 02218359 _____ C:\Users\phili_000\AppData\Local\omesuperv.exe
2013-08-28 20:32 - 2013-08-28 20:32 - 00000000 ____D C:\Users\phili_000\AppData\Local\Criterion Games
2013-08-28 16:05 - 2013-08-28 16:05 - 00642632 _____ (EFD Software ) C:\Users\phili_000\Downloads\hdtune_255.exe
2013-08-28 16:05 - 2013-08-28 16:05 - 00000000 ____D C:\Program Files (x86)\HD Tune
2013-08-28 15:59 - 2013-08-28 15:59 - 03629944 _____ (Microsoft Corporation) C:\Users\phili_000\Downloads\SyncToySetupPackage_v21_x64.exe
2013-08-27 20:29 - 2013-08-28 20:32 - 00017993 _____ C:\WINDOWS\DirectX.log
2013-08-24 13:15 - 2013-08-30 17:00 - 00758451 _____ C:\WINDOWS\WindowsUpdate.log
2013-08-24 00:26 - 2013-08-24 00:26 - 00000000 ___HD C:\$AVG
2013-08-24 00:26 - 2013-08-24 00:26 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\AVG2013
2013-08-24 00:26 - 2013-08-24 00:26 - 00000000 ____D C:\ProgramData\AVG2013
2013-08-24 00:26 - 2013-08-24 00:26 - 00000000 ____D C:\Program Files (x86)\AVG
2013-08-24 00:24 - 2013-08-24 13:22 - 00000000 ____D C:\ProgramData\MFAData
2013-08-24 00:24 - 2013-08-24 00:27 - 00000000 ____D C:\Users\phili_000\AppData\Local\Avg2013
2013-08-24 00:24 - 2013-08-24 00:24 - 00000000 ____D C:\Users\phili_000\AppData\Local\MFAData
2013-08-24 00:19 - 2013-08-24 00:19 - 00000000 _____ C:\ProgramData\rebootpending.txt
2013-08-24 00:18 - 2013-08-24 00:18 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2013-08-24 00:17 - 2013-08-24 00:17 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\QuickScan
2013-08-24 00:08 - 2013-08-24 00:28 - 00000000 ____D C:\Users\phili_000\Desktop\Neuer Ordner
2013-08-24 00:08 - 2013-08-24 00:08 - 00143972 _____ C:\Users\phili_000\Downloads\Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013 (2).zip
2013-08-24 00:05 - 2013-08-24 00:05 - 00143972 _____ C:\Users\phili_000\Downloads\Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013 (1).zip
2013-08-24 00:04 - 2013-08-24 00:04 - 00143972 _____ C:\Users\phili_000\Downloads\Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013.zip
2013-08-23 13:24 - 2013-08-23 13:24 - 00001156 _____ C:\Users\phili_000\Desktop\Mediencenter.lnk
2013-08-21 21:27 - 2013-08-21 21:27 - 00001051 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
2013-08-21 21:27 - 2013-07-24 04:12 - 00046792 _____ (AnchorFree Inc.) C:\WINDOWS\system32\Drivers\hssdrv6.sys
2013-08-16 20:40 - 2013-08-16 20:41 - 189809510 _____ C:\Users\phili_000\Downloads\battlefield3_ost_flac_1376097075.zip
2013-08-15 12:29 - 2013-08-15 12:29 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-08-15 12:08 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-08-15 12:08 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-08-15 12:08 - 2013-07-26 07:13 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2013-08-15 12:08 - 2013-07-26 07:13 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2013-08-15 12:08 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-08-15 12:08 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-08-15 12:08 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-08-15 12:08 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-08-15 12:08 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-08-15 12:08 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2013-08-15 12:08 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2013-08-15 12:08 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2013-08-15 12:08 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2013-08-15 12:08 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2013-08-15 12:08 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2013-08-15 12:08 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2013-08-15 12:08 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-08-15 12:08 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-08-15 12:08 - 2013-07-26 05:13 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2013-08-15 12:08 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-08-15 12:08 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-08-15 12:08 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-08-15 12:08 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2013-08-15 12:08 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2013-08-15 12:08 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2013-08-15 12:08 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2013-08-15 12:08 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2013-08-15 12:08 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-08-15 12:08 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2013-08-15 12:08 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2013-08-15 12:08 - 2013-07-26 02:54 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2013-08-15 12:08 - 2013-07-09 08:07 - 02233168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2013-08-15 12:08 - 2013-07-02 02:44 - 00036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2013-08-15 12:08 - 2013-07-02 00:08 - 00247216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2013-08-15 12:08 - 2013-05-24 01:02 - 01314816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2013-08-15 12:08 - 2013-05-24 00:25 - 00694272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2013-08-15 12:07 - 2013-07-13 08:18 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2013-08-15 12:07 - 2013-07-13 08:16 - 01889280 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2013-08-15 12:07 - 2013-07-13 08:16 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2013-08-15 12:07 - 2013-07-13 08:15 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2013-08-15 12:07 - 2013-07-13 08:15 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2013-08-15 12:07 - 2013-07-13 06:24 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2013-08-15 12:07 - 2013-07-13 06:23 - 01568256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2013-08-15 12:07 - 2013-07-13 06:23 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2013-08-15 12:07 - 2013-07-13 06:23 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2013-08-14 21:46 - 2013-08-24 13:20 - 00000000 ____D C:\Program Files (x86)\Java
2013-08-14 21:46 - 2013-08-14 21:46 - 00263592 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2013-08-14 21:46 - 2013-08-14 21:46 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2013-08-14 21:46 - 2013-08-14 21:46 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2013-08-14 21:46 - 2013-08-14 21:46 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2013-08-12 21:41 - 2013-08-12 21:41 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Project Reality
2013-08-12 21:41 - 2013-05-04 22:45 - 00002387 _____ C:\Users\phili_000\Documents\PRMumbleCertificateBackup.p12
2013-08-12 21:26 - 2013-08-12 21:26 - 00000000 ____D C:\Users\phili_000\AppData\Local\Project Reality
2013-08-07 17:30 - 2013-08-24 13:21 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\ftblauncher
2013-08-06 21:05 - 2013-08-12 21:39 - 00000000 ____D C:\Users\phili_000\Documents\ProjectReality
2013-08-06 19:57 - 2013-08-24 13:20 - 00000000 ____D C:\ProgramData\Package Cache
2013-08-05 20:32 - 2013-08-05 20:32 - 00000000 ____D C:\NvidiaLogging
2013-08-05 20:32 - 2013-06-17 00:41 - 00997632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2013-08-05 20:32 - 2013-06-01 13:54 - 00194816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2013-08-05 20:32 - 2013-06-01 13:54 - 00125184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2013-08-05 20:32 - 2013-06-01 13:34 - 02391280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2013-08-05 20:32 - 2013-06-01 13:29 - 00337152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-08-05 20:32 - 2013-06-01 13:29 - 00213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2013-08-05 20:32 - 2013-06-01 13:26 - 06987008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-08-05 20:32 - 2013-06-01 13:26 - 00327936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2013-08-05 20:32 - 2013-06-01 12:24 - 02106176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2013-08-05 20:32 - 2013-06-01 11:25 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2013-08-05 20:32 - 2013-06-01 11:25 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2013-08-05 20:32 - 2013-06-01 11:24 - 01453568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2013-08-05 20:32 - 2013-06-01 11:24 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2013-08-05 20:32 - 2013-06-01 11:24 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2013-08-05 20:32 - 2013-06-01 11:23 - 01842176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-08-05 20:32 - 2013-06-01 11:23 - 00680960 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2013-08-05 20:32 - 2013-06-01 11:22 - 00523264 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2013-08-05 20:32 - 2013-06-01 11:22 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2013-08-05 20:32 - 2013-06-01 11:22 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2013-08-05 20:32 - 2013-06-01 11:22 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe
2013-08-05 20:32 - 2013-06-01 11:21 - 00729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2013-08-05 20:32 - 2013-06-01 11:21 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2013-08-05 20:32 - 2013-06-01 11:20 - 02219520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-08-05 20:32 - 2013-06-01 11:20 - 01527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2013-08-05 20:32 - 2013-06-01 11:20 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2013-08-05 20:32 - 2013-06-01 11:20 - 00583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2013-08-05 20:32 - 2013-06-01 11:19 - 00785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2013-08-05 20:32 - 2013-06-01 11:19 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2013-08-05 20:32 - 2013-06-01 05:08 - 00037632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthAvrcpTg.sys
2013-08-05 20:32 - 2013-05-25 00:09 - 01403296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2013-08-05 20:32 - 2013-05-25 00:09 - 01271584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2013-08-05 20:32 - 2013-05-25 00:09 - 01217352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2013-08-05 20:32 - 2013-05-25 00:09 - 01093904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2013-08-05 20:32 - 2013-05-20 02:08 - 00386642 _____ C:\WINDOWS\system32\ApnDatabase.xml
2013-08-05 20:32 - 2013-05-14 21:28 - 00039712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2013-08-05 20:32 - 2013-05-14 21:27 - 00029984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2013-08-05 20:32 - 2013-05-14 21:27 - 00028448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2013-08-05 20:31 - 2013-08-24 13:21 - 00000000 ____D C:\Users\phili_000\AppData\Local\NVIDIA
2013-08-05 20:30 - 2013-08-05 20:30 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-08-05 20:29 - 2013-06-21 14:06 - 25256224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 21102368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 17560352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 13411896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 11235104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2013-08-05 20:29 - 2013-06-21 14:06 - 09239344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 07687592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 07641832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 06324360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 02953504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 02777888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 02363680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 02002720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 01832224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6432049.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 01511712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6432049.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 00925648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 00572704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 00570656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 00467232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 00465184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 00266448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 00218592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 00214448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 00181488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2013-08-05 20:29 - 2013-02-25 07:27 - 00194848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2013-08-05 20:29 - 2013-02-25 07:27 - 00031520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2013-08-05 20:28 - 2013-08-24 13:20 - 00000000 ____D C:\NVIDIA
==================== One Month Modified Files and Folders =======
2013-08-30 17:02 - 2013-05-17 21:04 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-08-30 17:00 - 2013-08-24 13:15 - 00758451 _____ C:\WINDOWS\WindowsUpdate.log
2013-08-30 17:00 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\sru
2013-08-30 16:49 - 2013-05-01 00:19 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-306031665-1921043881-1312870909-1001
2013-08-30 16:45 - 2013-08-30 16:45 - 00001845 _____ C:\Users\phili_000\Desktop\JRT.txt
2013-08-30 16:42 - 2013-08-30 16:42 - 00000000 ____D C:\WINDOWS\ERUNT
2013-08-30 16:41 - 2013-08-30 16:41 - 00007263 _____ C:\Users\phili_000\Desktop\AdwCleaner[S0].txt
2013-08-30 16:41 - 2013-07-02 18:22 - 00000000 ____D C:\Users\phili_000\AppData\Local\HTC MediaHub
2013-08-30 16:41 - 2013-06-03 16:08 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Dropbox
2013-08-30 16:41 - 2013-05-18 21:33 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Spotify
2013-08-30 16:41 - 2013-05-01 17:02 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Skype
2013-08-30 16:41 - 2013-05-01 15:33 - 00000000 ___RD C:\Users\phili_000\Google Drive
2013-08-30 16:41 - 2013-05-01 00:45 - 00000000 ____D C:\Program Files (x86)\Steam
2013-08-30 16:41 - 2013-05-01 00:17 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-30 16:40 - 2012-07-26 12:27 - 00751892 _____ C:\WINDOWS\system32\perfh007.dat
2013-08-30 16:40 - 2012-07-26 12:27 - 00155620 _____ C:\WINDOWS\system32\perfc007.dat
2013-08-30 16:40 - 2012-07-26 09:28 - 01745416 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-08-30 16:37 - 2013-05-01 00:17 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-30 16:35 - 2013-05-01 00:12 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-30 16:35 - 2012-07-26 09:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-08-30 16:35 - 2012-07-26 07:26 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2013-08-30 16:34 - 2013-08-30 16:33 - 00000000 ____D C:\AdwCleaner
2013-08-30 16:34 - 2013-07-13 14:18 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Common
2013-08-30 16:31 - 2013-05-01 00:32 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\TS3Client
2013-08-30 15:53 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-08-30 14:24 - 2013-05-04 00:07 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\.minecraft
2013-08-30 13:59 - 2013-08-30 13:59 - 01023533 _____ (Thisisu) C:\Users\phili_000\Downloads\JRT.exe
2013-08-30 13:59 - 2013-08-30 13:59 - 00994642 _____ C:\Users\phili_000\Downloads\adwcleaner.exe
2013-08-30 11:28 - 2013-05-18 21:33 - 00000000 ____D C:\Users\phili_000\AppData\Local\Spotify
2013-08-30 03:12 - 2013-08-30 03:12 - 00030111 _____ C:\Users\phili_000\Downloads\Addition.txt
2013-08-30 03:12 - 2013-08-30 03:12 - 00000000 ____D C:\FRST
2013-08-30 03:11 - 2013-08-30 03:11 - 01579080 _____ (Farbar) C:\Users\phili_000\Downloads\FRST64.exe
2013-08-29 22:40 - 2013-08-29 22:40 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\phili_000\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-29 22:40 - 2013-08-29 22:40 - 00001112 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-29 22:40 - 2013-08-29 22:40 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Malwarebytes
2013-08-29 22:40 - 2013-08-29 22:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-29 22:40 - 2013-08-29 22:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-29 21:40 - 2013-05-02 20:26 - 00290184 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2013-08-29 21:40 - 2013-05-01 14:22 - 00290184 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2013-08-29 21:39 - 2013-05-01 14:22 - 00280904 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2013-08-29 15:52 - 2013-08-29 15:52 - 00000000 ___HD C:\Users\phili_000\Desktop\.picasaoriginals
2013-08-29 15:52 - 2013-05-01 17:03 - 00114688 ___SH C:\Users\phili_000\Desktop\Thumbs.db
2013-08-29 15:49 - 2013-08-29 15:49 - 14965064 _____ (Google Inc.) C:\Users\phili_000\Downloads\picasa39-setup (1).exe
2013-08-29 15:49 - 2013-05-01 00:17 - 00000000 ____D C:\Users\phili_000\AppData\Local\Google
2013-08-29 15:49 - 2013-05-01 00:17 - 00000000 ____D C:\Program Files (x86)\Google
2013-08-29 15:47 - 2013-08-29 15:46 - 14965064 _____ (Google Inc.) C:\Users\phili_000\Downloads\picasa39-setup.exe
2013-08-29 15:47 - 2013-05-01 00:08 - 00000000 ____D C:\Users\phili_000\AppData\Local\Packages
2013-08-29 15:36 - 2013-08-29 15:36 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Snz
2013-08-28 20:46 - 2013-08-28 20:46 - 02218359 _____ C:\Users\phili_000\AppData\Local\omesuperv.exe
2013-08-28 20:32 - 2013-08-28 20:32 - 00000000 ____D C:\Users\phili_000\AppData\Local\Criterion Games
2013-08-28 20:32 - 2013-08-27 20:29 - 00017993 _____ C:\WINDOWS\DirectX.log
2013-08-28 16:05 - 2013-08-28 16:05 - 00642632 _____ (EFD Software ) C:\Users\phili_000\Downloads\hdtune_255.exe
2013-08-28 16:05 - 2013-08-28 16:05 - 00000000 ____D C:\Program Files (x86)\HD Tune
2013-08-28 15:59 - 2013-08-28 15:59 - 03629944 _____ (Microsoft Corporation) C:\Users\phili_000\Downloads\SyncToySetupPackage_v21_x64.exe
2013-08-28 02:24 - 2013-05-17 22:39 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\uTorrent
2013-08-24 23:22 - 2013-05-23 21:23 - 00231424 ___SH C:\Users\phili_000\Downloads\Thumbs.db
2013-08-24 14:25 - 2013-05-01 00:08 - 00000000 ____D C:\Users\phili_000
2013-08-24 13:23 - 2013-06-25 17:55 - 00000000 ____D C:\ProgramData\ROCCAT
2013-08-24 13:23 - 2013-05-01 01:37 - 00000000 ____D C:\ProgramData\Avira
2013-08-24 13:22 - 2013-08-24 00:24 - 00000000 ____D C:\ProgramData\MFAData
2013-08-24 13:22 - 2013-05-22 19:36 - 00000000 ____D C:\Program Files\Bonjour
2013-08-24 13:22 - 2013-05-22 19:36 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-08-24 13:22 - 2013-05-01 00:16 - 00000000 ____D C:\Program Files\Classic Shell
2013-08-24 13:22 - 2012-07-26 10:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2013-08-24 13:21 - 2013-08-07 17:30 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\ftblauncher
2013-08-24 13:21 - 2013-08-05 20:31 - 00000000 ____D C:\Users\phili_000\AppData\Local\NVIDIA
2013-08-24 13:21 - 2013-07-12 22:51 - 00000000 ____D C:\Users\phili_000\Documents\EA Games
2013-08-24 13:21 - 2013-07-03 22:17 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Downloaded Installations
2013-08-24 13:21 - 2013-07-02 18:23 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\HTC Sync
2013-08-24 13:21 - 2013-07-02 18:23 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\HTC
2013-08-24 13:21 - 2013-06-18 16:28 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Canneverbe Limited
2013-08-24 13:21 - 2013-06-09 15:28 - 00000000 ____D C:\Users\phili_000\Documents\Fax
2013-08-24 13:21 - 2013-05-23 21:38 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\mozilla
2013-08-24 13:21 - 2013-05-23 21:26 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\4Free
2013-08-24 13:21 - 2013-05-23 18:52 - 00000000 ____D C:\Users\phili_000\AppData\Local\RapidSolution
2013-08-24 13:21 - 2013-05-17 21:03 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\GameRanger
2013-08-24 13:21 - 2013-05-13 20:50 - 00000000 ____D C:\Users\phili_000\AppData\Local\Unity
2013-08-24 13:21 - 2013-05-05 15:15 - 00000000 ____D C:\Users\phili_000\AppData\Local\PassMark
2013-08-24 13:21 - 2013-05-03 23:02 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2013-08-24 13:21 - 2013-05-03 13:24 - 00000000 ___RD C:\WINDOWS\BrowserChoice
2013-08-24 13:21 - 2013-05-02 20:26 - 00000000 ____D C:\Users\phili_000\AppData\Local\PunkBuster
2013-08-24 13:21 - 2013-05-01 18:13 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2013-08-24 13:21 - 2013-05-01 17:57 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\DAEMON Tools Lite
2013-08-24 13:21 - 2013-05-01 15:31 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Telekom
2013-08-24 13:21 - 2013-05-01 00:51 - 00000000 ____D C:\Users\phili_000\Documents\my games
2013-08-24 13:21 - 2013-05-01 00:10 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Macromedia
2013-08-24 13:21 - 2013-05-01 00:08 - 00000000 ____D C:\Users\phili_000\AppData\Local\VirtualStore
2013-08-24 13:21 - 2012-07-26 12:29 - 00000000 ____D C:\WINDOWS\SKB
2013-08-24 13:21 - 2012-07-26 12:27 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2013-08-24 13:21 - 2012-07-26 12:27 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2013-08-24 13:21 - 2012-07-26 12:27 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2013-08-24 13:21 - 2012-07-26 12:27 - 00000000 ____D C:\WINDOWS\system32\winrm
2013-08-24 13:21 - 2012-07-26 12:27 - 00000000 ____D C:\WINDOWS\system32\slmgr
2013-08-24 13:21 - 2012-07-26 12:27 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ___RD C:\WINDOWS\DesktopTileResources
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\WinStore
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\Web
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\Vss
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\SysWOW64\WindowsPowerShell
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\SysWOW64\spp
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\SysWOW64\Speech
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\SysWOW64\Licenses
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\WindowsPowerShell
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\spp
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\spool
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\Speech
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\MUI
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\migwiz
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\Macromed
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\Licenses
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\IME
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\Com
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\Speech
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\security
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\schemas
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\Resources
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\rescache
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\registration
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\PLA
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\Performance
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\IME
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\Help
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\Globalization
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\Branding
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AppCompat
2013-08-24 13:21 - 2012-07-26 09:20 - 00000000 ____D C:\WINDOWS\Setup
2013-08-24 13:21 - 2012-07-26 07:38 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2013-08-24 13:21 - 2012-07-26 07:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2013-08-24 13:21 - 2012-07-26 07:38 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2013-08-24 13:21 - 2012-07-26 07:38 - 00000000 ____D C:\WINDOWS\system32\SMI
2013-08-24 13:21 - 2012-07-26 07:38 - 00000000 ____D C:\WINDOWS\system32\oobe
2013-08-24 13:21 - 2012-07-26 07:38 - 00000000 ____D C:\WINDOWS\system32\Dism
2013-08-24 13:21 - 2012-07-26 07:37 - 00000000 ____D C:\WINDOWS\servicing
2013-08-24 13:20 - 2013-08-14 21:46 - 00000000 ____D C:\Program Files (x86)\Java
2013-08-24 13:20 - 2013-08-06 19:57 - 00000000 ____D C:\ProgramData\Package Cache
2013-08-24 13:20 - 2013-08-05 20:28 - 00000000 ____D C:\NVIDIA
2013-08-24 13:20 - 2013-07-13 14:36 - 00000000 ____D C:\Program Files (x86)\Audible
2013-08-24 13:20 - 2013-07-13 14:18 - 00000000 ____D C:\Program Files (x86)\4Free Video Converter
2013-08-24 13:20 - 2013-07-12 23:07 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2013-08-24 13:20 - 2013-07-11 23:16 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-08-24 13:20 - 2013-07-11 23:16 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-08-24 13:20 - 2013-07-02 19:04 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-24 13:20 - 2013-07-02 19:04 - 00000000 ____D C:\Program Files\iPod
2013-08-24 13:20 - 2013-07-02 18:22 - 00000000 ____D C:\Program Files (x86)\Spirent Communications
2013-08-24 13:20 - 2013-07-02 18:21 - 00000000 ____D C:\Users\phili_000\AppData\Local\Downloaded Installations
2013-08-24 13:20 - 2013-07-02 18:20 - 00000000 ____D C:\ProgramData\HTC
2013-08-24 13:20 - 2013-07-02 18:20 - 00000000 ____D C:\Program Files (x86)\HTC
2013-08-24 13:20 - 2013-06-25 19:24 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-08-24 13:20 - 2013-06-25 19:23 - 00000000 ____D C:\Program Files\Windows Live
2013-08-24 13:20 - 2013-06-25 19:23 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-08-24 13:20 - 2013-06-25 17:54 - 00000000 ____D C:\Program Files (x86)\ROCCAT
2013-08-24 13:20 - 2013-06-25 16:17 - 00000000 ____D C:\Program Files\GIMP 2
2013-08-24 13:20 - 2013-06-18 16:28 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2013-08-24 13:20 - 2013-06-15 18:37 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories
2013-08-24 13:20 - 2013-06-09 17:06 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-08-24 13:20 - 2013-05-31 19:04 - 00000000 ____D C:\Program Files (x86)\Futuremark
2013-08-24 13:20 - 2013-05-23 21:48 - 00000000 ____D C:\Program Files\VideoLAN
2013-08-24 13:20 - 2013-05-23 21:41 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5
2013-08-24 13:20 - 2013-05-23 18:53 - 00000000 ____D C:\ProgramData\RapidSolution
2013-08-24 13:20 - 2013-05-22 19:36 - 00000000 ____D C:\ProgramData\Apple Computer
2013-08-24 13:20 - 2013-05-22 19:36 - 00000000 ____D C:\ProgramData\Apple
2013-08-24 13:20 - 2013-05-22 19:36 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-08-24 13:20 - 2013-05-22 19:36 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-08-24 13:20 - 2013-05-20 22:22 - 00000000 ____D C:\ProgramData\Battle.net
2013-08-24 13:20 - 2013-05-20 22:08 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2013-08-24 13:20 - 2013-05-16 20:39 - 00000000 ____D C:\Program Files (x86)\Tunngle
2013-08-24 13:20 - 2013-05-12 01:12 - 00000000 ____D C:\Program Files\Java
2013-08-24 13:20 - 2013-05-09 19:44 - 00000000 ____D C:\Program Files\WinRAR
2013-08-24 13:20 - 2013-05-05 15:15 - 00000000 ____D C:\Program Files\Realtek
2013-08-24 13:20 - 2013-05-05 15:14 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-08-24 13:20 - 2013-05-04 21:33 - 00000000 ____D C:\ProgramData\Desura
2013-08-24 13:20 - 2013-05-04 20:53 - 00000000 ____D C:\Program Files (x86)\PR Mumble
2013-08-24 13:20 - 2013-05-04 00:30 - 00000000 ____D C:\Program Files\CCleaner
2013-08-24 13:20 - 2013-05-03 23:02 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-08-24 13:20 - 2013-05-03 23:02 - 00000000 ____D C:\Program Files\MSBuild
2013-08-24 13:20 - 2013-05-03 23:02 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-08-24 13:20 - 2013-05-03 23:02 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-08-24 13:20 - 2013-05-02 20:25 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-08-24 13:20 - 2013-05-01 18:13 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-08-24 13:20 - 2013-05-01 18:12 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-08-24 13:20 - 2013-05-01 17:01 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-08-24 13:20 - 2013-05-01 17:01 - 00000000 ____D C:\ProgramData\Skype
2013-08-24 13:20 - 2013-05-01 15:35 - 00000000 ____D C:\Users\phili_000\.swt
2013-08-24 13:20 - 2013-05-01 13:51 - 00000000 ____D C:\ProgramData\LogiShrd
2013-08-24 13:20 - 2013-05-01 13:51 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2013-08-24 13:20 - 2013-05-01 01:37 - 00000000 ____D C:\Program Files (x86)\Avira
2013-08-24 13:20 - 2013-05-01 00:39 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-08-24 13:20 - 2013-05-01 00:32 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2013-08-24 13:20 - 2013-05-01 00:12 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-08-24 13:20 - 2013-05-01 00:12 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-08-24 13:20 - 2013-05-01 00:12 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-08-24 13:20 - 2013-01-30 20:51 - 00000000 ___HD C:\ESD
2013-08-24 13:20 - 2012-07-26 12:29 - 00000000 ____D C:\Program Files\Windows Journal
2013-08-24 13:20 - 2012-07-26 10:12 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2013-08-24 13:20 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-08-24 13:20 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows NT
2013-08-24 13:20 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-08-24 13:20 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\System
2013-08-24 13:20 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-08-24 13:20 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-08-24 13:20 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows NT
2013-08-24 13:20 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-08-24 13:20 - 2012-07-26 07:37 - 00000000 __RHD C:\Users\Default
2013-08-24 00:28 - 2013-08-24 00:08 - 00000000 ____D C:\Users\phili_000\Desktop\Neuer Ordner
2013-08-24 00:27 - 2013-08-24 00:24 - 00000000 ____D C:\Users\phili_000\AppData\Local\Avg2013
2013-08-24 00:27 - 2012-07-26 07:26 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2013-08-24 00:26 - 2013-08-24 00:26 - 00000000 ___HD C:\$AVG
2013-08-24 00:26 - 2013-08-24 00:26 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\AVG2013
2013-08-24 00:26 - 2013-08-24 00:26 - 00000000 ____D C:\ProgramData\AVG2013
2013-08-24 00:26 - 2013-08-24 00:26 - 00000000 ____D C:\Program Files (x86)\AVG
2013-08-24 00:26 - 2013-05-01 17:58 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\TuneUp Software
2013-08-24 00:24 - 2013-08-24 00:24 - 00000000 ____D C:\Users\phili_000\AppData\Local\MFAData
2013-08-24 00:19 - 2013-08-24 00:19 - 00000000 _____ C:\ProgramData\rebootpending.txt
2013-08-24 00:18 - 2013-08-24 00:18 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2013-08-24 00:17 - 2013-08-24 00:17 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\QuickScan
2013-08-24 00:08 - 2013-08-24 00:08 - 00143972 _____ C:\Users\phili_000\Downloads\Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013 (2).zip
2013-08-24 00:05 - 2013-08-24 00:05 - 00143972 _____ C:\Users\phili_000\Downloads\Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013 (1).zip
2013-08-24 00:04 - 2013-08-24 00:04 - 00143972 _____ C:\Users\phili_000\Downloads\Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013.zip
2013-08-23 13:24 - 2013-08-23 13:24 - 00001156 _____ C:\Users\phili_000\Desktop\Mediencenter.lnk
2013-08-23 13:24 - 2013-05-01 15:31 - 00001142 _____ C:\Users\phili_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mediencenter.lnk
2013-08-21 21:27 - 2013-08-21 21:27 - 00001051 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
2013-08-20 20:02 - 2013-05-17 21:04 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-08-16 20:44 - 2013-05-23 21:48 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\vlc
2013-08-16 20:41 - 2013-08-16 20:40 - 189809510 _____ C:\Users\phili_000\Downloads\battlefield3_ost_flac_1376097075.zip
2013-08-15 12:29 - 2013-08-15 12:29 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-08-15 12:29 - 2013-05-02 14:30 - 78161360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-08-14 21:46 - 2013-08-14 21:46 - 00263592 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2013-08-14 21:46 - 2013-08-14 21:46 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2013-08-14 21:46 - 2013-08-14 21:46 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2013-08-14 21:46 - 2013-08-14 21:46 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2013-08-14 21:46 - 2013-05-01 22:35 - 00867240 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\npDeployJava1.dll
2013-08-14 21:46 - 2013-05-01 22:35 - 00789416 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\deployJava1.dll
2013-08-12 21:41 - 2013-08-12 21:41 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Project Reality
2013-08-12 21:39 - 2013-08-06 21:05 - 00000000 ____D C:\Users\phili_000\Documents\ProjectReality
2013-08-12 21:26 - 2013-08-12 21:26 - 00000000 ____D C:\Users\phili_000\AppData\Local\Project Reality
2013-08-06 19:58 - 2013-05-01 14:22 - 00076888 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2013-08-05 20:32 - 2013-08-05 20:32 - 00000000 ____D C:\NvidiaLogging
2013-08-05 20:30 - 2013-08-05 20:30 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-08-04 18:08 - 2013-05-01 00:40 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Origin
2013-08-04 18:08 - 2013-05-01 00:40 - 00000000 ____D C:\Users\phili_000\AppData\Local\Origin
Files to move or delete:
====================
C:\Users\phili_000\AppData\Local\Temp\APNSetup.exe
C:\Users\phili_000\AppData\Local\Temp\Mediencenter_3.8.0.2907.exe
C:\Users\phili_000\AppData\Local\Temp\Mediencenter_3.8.1.2208.exe
C:\Users\phili_000\AppData\Local\Temp\Quarantine.exe
C:\Users\phili_000\AppData\Local\Temp\SetupHelper.exe
C:\Users\phili_000\AppData\Local\Temp\vlc-2.0.7-win64.exe
C:\Users\phili_000\AppData\Local\Temp\_MEI87162\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI87162\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI87162\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI87162\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI87162\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI87162\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI87162\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI87162\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI87162\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI87162\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI87162\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI87162\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI87162\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI87162\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI87162\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI87162\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI76242\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI76242\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI76242\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI76242\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI76242\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI76242\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI76242\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI76242\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI76242\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI76242\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI76242\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI76242\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI76242\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI76242\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI76242\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI76242\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65042\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65042\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65042\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65042\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65042\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65042\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65042\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65042\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65042\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65042\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65042\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65042\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65042\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65042\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65042\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65042\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI64122\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI64122\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI64122\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI64122\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI64122\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI64122\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI64122\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI64122\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI64122\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI64122\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI64122\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI64122\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI64122\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI64122\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI64122\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI64122\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI63802\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI63802\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI63802\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI63802\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI63802\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI63802\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI63802\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI63802\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI63802\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI63802\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI63802\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI63802\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI63802\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI63802\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI63802\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI63802\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI56922\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI56922\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI56922\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI56922\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI56922\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI56922\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI56922\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI56922\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI56922\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI56922\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI56922\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI56922\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI56922\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI56922\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI56922\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI56922\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52082\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52082\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52082\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52082\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52082\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52082\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52082\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52082\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52082\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52082\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52082\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52082\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52082\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52082\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52082\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52082\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50362\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50362\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50362\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50362\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50362\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50362\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50362\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50362\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50362\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50362\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50362\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50362\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50362\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50362\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50362\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50362\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI4562\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI4562\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI4562\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI4562\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI4562\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI4562\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI4562\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI4562\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI4562\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI4562\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI4562\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI4562\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI4562\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI4562\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI4562\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI4562\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44482\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44482\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44482\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44482\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44482\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44482\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44482\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44482\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44482\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44482\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44482\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44482\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44482\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44482\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44482\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44482\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\VSDC0AA.tmp\Microsoft Sync Framework Services\msfcheck.exe
C:\Users\phili_000\AppData\Local\Temp\VSDC0AA.tmp\Microsoft Sync Framework\msfcheck.exe
C:\Users\phili_000\AppData\Local\Temp\VSDC0AA.tmp\dotnetfx\dotnetchk.exe
C:\Users\phili_000\AppData\Local\Temp\tmpgmvjkn\googledrivesync.exe
C:\Users\phili_000\AppData\Local\Temp\Origin\~nsu.tmp\Au_.exe
C:\Users\phili_000\AppData\Local\Temp\nsw2B3F.tmp\userid.dll
C:\Users\phili_000\AppData\Local\Temp\nsvD108.tmp\sqlite3.dll
C:\Users\phili_000\AppData\Local\Temp\nsvD108.tmp\userid.dll
C:\Users\phili_000\AppData\Local\Temp\nsi4652.tmp\replacebf.dll
C:\Users\phili_000\AppData\Local\Temp\nsi4652.tmp\sqlite3.dll
C:\Users\phili_000\AppData\Local\Temp\nsi4652.tmp\uph.dll
C:\Users\phili_000\AppData\Local\Temp\nsi4652.tmp\userid.dll
C:\Users\phili_000\AppData\Local\Temp\nsi4604.tmp\uph.dll
C:\Users\phili_000\AppData\Local\Temp\nse7B13.tmp\sqlite3.dll
C:\Users\phili_000\AppData\Local\Temp\nse7B13.tmp\userid.dll
C:\Users\phili_000\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-20 13:53
==================== End Of Log ============================
--- --- --- |
|
01.09.2013, 15:34
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virus:Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013.com Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKCU\...\Run: [Snoozer] - C:\Users\phili_000\AppData\Roaming\Snz\Snz.exe [1137764 2013-08-28] ()
HKCU\...\Run: [OMESupervisor] - C:\Users\phili_000\AppData\Local\omesuperv.exe [2218359 2013-08-28] ()
C:\Users\phili_000\AppData\Local\omesuperv.exe
C:\Users\phili_000\AppData\Roaming\Snz
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.09.2013, 21:02
| #8 |
| | Virus:Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013.com Hier der Inhalt von Fixlog.txt Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-09-2013 05
Ran by Philipp13 at 2013-09-02 22:01:24 Run:1
Running from C:\Users\phili_000\Downloads
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKCU\...\Run: [Snoozer] - C:\Users\phili_000\AppData\Roaming\Snz\Snz.exe [1137764 2013-08-28] ()
HKCU\...\Run: [OMESupervisor] - C:\Users\phili_000\AppData\Local\omesuperv.exe [2218359 2013-08-28] ()
C:\Users\phili_000\AppData\Local\omesuperv.exe
C:\Users\phili_000\AppData\Roaming\Snz
*****************
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Snoozer => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\OMESupervisor => Value deleted successfully.
C:\Users\phili_000\AppData\Local\omesuperv.exe => Moved successfully.
C:\Users\phili_000\AppData\Roaming\Snz => Moved successfully.
==== End of Fixlog ====
|
|
02.09.2013, 21:07
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virus:Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013.com Ein frisches Log mit FRST bitte Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.09.2013, 21:11
| #10 |
| | Virus:Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013.com Hier die FRST.txt: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-09-2013 05
Ran by Philipp13 (administrator) on PHILIPP on 02-09-2013 22:10:29
Running from C:\Users\phili_000\Downloads
Windows 8 Pro (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicShellService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\WINDOWS\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Electronic Arts) F:\Games\Origin\Origin.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\phili_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\phili_000\AppData\Roaming\Spotify\spotify.exe
(Dropbox, Inc.) C:\Users\phili_000\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe
(Apple Inc.) E:\Apple\iTunes\iTunesHelper.exe
(Deutsche Telekom AG) C:\Users\phili_000\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7468784 2013-02-28] (Logitech Inc.)
HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-27] (NVIDIA Corporation)
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKCU\...\Run: [EADM] - F:\Games\Origin\Origin.exe [3549528 2013-08-27] (Electronic Arts)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1811880 2013-08-28] (Valve Corporation)
HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20097696 2013-06-27] (Google)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20684656 2013-07-25] (Skype Technologies S.A.)
HKCU\...\Run: [DAEMON Tools Lite] - F:\Programme\DeamonTools\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\phili_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-07-08] (Spotify Ltd)
HKCU\...\Run: [Spotify] - C:\Users\phili_000\AppData\Roaming\Spotify\spotify.exe [4640768 2013-07-08] (Spotify Ltd)
MountPoints2: {04ae5736-b259-11e2-be6b-f46d04af758d} - "I:\autorun.exe"
MountPoints2: {3427fed2-e1b5-11e2-be85-f46d04af758d} - "H:\HTC_Sync_Manager_PC.exe"
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-06-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] - C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [x]
HKLM-x32\...\Run: [QuickTime Task] - F:\Programme\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [RoccatKone+] - C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE [552960 2011-07-12] (ROCCAT GmbH)
HKLM-x32\...\Run: [iTunesHelper] - E:\Apple\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
AppInit_DLLs: C:\PROGRA~1\NVIDIA~1\NVSTRE~1\rxinput.dll [653600 2013-07-27] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll [593696 2013-07-27] (NVIDIA Corporation)
Startup: C:\Users\phili_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\phili_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\phili_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediencenter.lnk
ShortcutTarget: Mediencenter.lnk -> C:\Users\phili_000\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe (Deutsche Telekom AG)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft)
BHO-x32: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\29.0.1547.57\npchrome_frame.dll (Google Inc.)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - No File
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\29.0.1547.57\npchrome_frame.dll (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 08 %SystemRoot%\SysWOW64\wlidNSP.dll File Not found ()
Winsock: Catalog5 09 %SystemRoot%\SysWOW64\wlidNSP.dll File Not found ()
Winsock: Catalog5-x64 08 C:\WINDOWS\system32\wlidnsp.dll [71168] (Microsoft Corporation)
Winsock: Catalog5-x64 09 C:\WINDOWS\system32\wlidnsp.dll [71168] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Chrome:
=======
CHR HomePage: hxxp://google.de/
CHR RestoreOnStartup: "hxxp://google.de/"
CHR Extension: (Google Docs) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_1
CHR Extension: (Google Drive) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1
CHR Extension: (YouTube) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1
CHR Extension: (Adblock Plus) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_1
CHR Extension: (Google Search) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1
CHR Extension: (Tampermonkey) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\3.4.3568.10_1
CHR Extension: (OfferMosquito) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk\0.6.2_0
CHR Extension: (Vince) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgpdhkfmndlnlmmhcalabijjpogicdpa\3_1
CHR Extension: (Speed Test) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlhbmnfdcklajeaeikfinieljfegamko\2.2_1
CHR Extension: (Isoball 3) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj\1.4.0_1
CHR Extension: (SmartVideo For YouTube\u2122) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnkdbjbjpnpjeciipoaflmpcddinpjjp\0.9927_1
CHR Extension: (DSL speedtest) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mibbfkdeofpfmkclkgjfnjppdblhpddj\1.1_1
CHR Extension: (Chrome In-App Payments service) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_1
CHR Extension: (Auto-Reload) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofojbjgaaddibdfpmmjeonahgbacejid\8.0.5_1
CHR Extension: (Gmail) - C:\Users\PHILI_~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [aaaajpkhjdkhhnkmgfjodbkfpbmibkkk] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7\CRX\ToolbarCR.crx
==================== Services (Whitelisted) =================
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-26] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-26] (Avira Operations GmbH & Co. KG)
R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2013-04-12] (IvoSoft)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-01-29] (Nero AG)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14984480 2013-07-27] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-08-06] ()
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [754584 2013-06-24] (Tunngle.net GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-05-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130016 2013-05-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-05-01] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-05-01] (DT Soft Ltd)
R1 HssDRV6; C:\Windows\system32\DRIVERS\hssdrv6.sys [46792 2013-07-24] (AnchorFree Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39712 2013-05-14] (NVIDIA Corporation)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [203544 2013-02-06] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
S3 WsAudio_Device(1); C:\Windows\system32\drivers\VirtualAudio1.sys [31080 2013-01-25] (Wondershare)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)
S3 DIRECTIO; \??\C:\Program Files\PerformanceTest\DirectIo64.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-02 22:04 - 2013-09-02 22:06 - 00000000 ____D C:\Users\phili_000\Desktop\Uni Vorkurs Mathe
2013-08-30 22:12 - 2013-08-30 22:26 - 00000000 ____D C:\Users\phili_000\Documents\BFBC2
2013-08-30 16:45 - 2013-08-30 16:45 - 00001845 _____ C:\Users\phili_000\Downloads\JRT.txt
2013-08-30 16:42 - 2013-08-30 16:42 - 00000000 ____D C:\WINDOWS\ERUNT
2013-08-30 16:41 - 2013-08-30 16:41 - 00007263 _____ C:\Users\phili_000\Downloads\AdwCleaner[S0].txt
2013-08-30 16:33 - 2013-08-30 16:34 - 00000000 ____D C:\AdwCleaner
2013-08-30 13:59 - 2013-08-30 13:59 - 01023533 _____ (Thisisu) C:\Users\phili_000\Downloads\JRT.exe
2013-08-30 13:59 - 2013-08-30 13:59 - 00994642 _____ C:\Users\phili_000\Downloads\adwcleaner.exe
2013-08-30 03:12 - 2013-08-30 03:12 - 00030111 _____ C:\Users\phili_000\Downloads\Addition.txt
2013-08-30 03:12 - 2013-08-30 03:12 - 00000000 ____D C:\FRST
2013-08-29 22:40 - 2013-08-29 22:40 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\phili_000\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-29 22:40 - 2013-08-29 22:40 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Malwarebytes
2013-08-29 22:40 - 2013-08-29 22:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-29 22:40 - 2013-08-29 22:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-29 22:40 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-08-29 15:52 - 2013-08-29 15:52 - 00000000 ___HD C:\Users\phili_000\Desktop\.picasaoriginals
2013-08-29 15:49 - 2013-08-29 15:49 - 14965064 _____ (Google Inc.) C:\Users\phili_000\Downloads\picasa39-setup (1).exe
2013-08-29 15:46 - 2013-08-29 15:47 - 14965064 _____ (Google Inc.) C:\Users\phili_000\Downloads\picasa39-setup.exe
2013-08-28 20:32 - 2013-08-28 20:32 - 00000000 ____D C:\Users\phili_000\AppData\Local\Criterion Games
2013-08-28 16:05 - 2013-08-28 16:05 - 00642632 _____ (EFD Software ) C:\Users\phili_000\Downloads\hdtune_255.exe
2013-08-28 16:05 - 2013-08-28 16:05 - 00000000 ____D C:\Program Files (x86)\HD Tune
2013-08-28 15:59 - 2013-08-28 15:59 - 03629944 _____ (Microsoft Corporation) C:\Users\phili_000\Downloads\SyncToySetupPackage_v21_x64.exe
2013-08-27 20:29 - 2013-08-28 20:32 - 00017993 _____ C:\WINDOWS\DirectX.log
2013-08-24 13:15 - 2013-08-31 18:35 - 00853231 _____ C:\WINDOWS\WindowsUpdate.log
2013-08-24 00:26 - 2013-08-24 00:26 - 00000000 ___HD C:\$AVG
2013-08-24 00:26 - 2013-08-24 00:26 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\AVG2013
2013-08-24 00:26 - 2013-08-24 00:26 - 00000000 ____D C:\ProgramData\AVG2013
2013-08-24 00:26 - 2013-08-24 00:26 - 00000000 ____D C:\Program Files (x86)\AVG
2013-08-24 00:24 - 2013-08-24 13:22 - 00000000 ____D C:\ProgramData\MFAData
2013-08-24 00:24 - 2013-08-24 00:27 - 00000000 ____D C:\Users\phili_000\AppData\Local\Avg2013
2013-08-24 00:24 - 2013-08-24 00:24 - 00000000 ____D C:\Users\phili_000\AppData\Local\MFAData
2013-08-24 00:19 - 2013-08-24 00:19 - 00000000 _____ C:\ProgramData\rebootpending.txt
2013-08-24 00:18 - 2013-08-24 00:18 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2013-08-24 00:17 - 2013-08-24 00:17 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\QuickScan
2013-08-24 00:08 - 2013-08-24 00:08 - 00143972 _____ C:\Users\phili_000\Downloads\Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013 (2).zip
2013-08-24 00:05 - 2013-08-24 00:05 - 00143972 _____ C:\Users\phili_000\Downloads\Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013 (1).zip
2013-08-24 00:04 - 2013-08-24 00:04 - 00143972 _____ C:\Users\phili_000\Downloads\Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013.zip
2013-08-21 21:27 - 2013-07-24 04:12 - 00046792 _____ (AnchorFree Inc.) C:\WINDOWS\system32\Drivers\hssdrv6.sys
2013-08-16 20:40 - 2013-08-16 20:41 - 189809510 _____ C:\Users\phili_000\Downloads\battlefield3_ost_flac_1376097075.zip
2013-08-15 12:29 - 2013-08-15 12:29 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-08-15 12:08 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-08-15 12:08 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-08-15 12:08 - 2013-07-26 07:13 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2013-08-15 12:08 - 2013-07-26 07:13 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2013-08-15 12:08 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-08-15 12:08 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-08-15 12:08 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-08-15 12:08 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-08-15 12:08 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-08-15 12:08 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2013-08-15 12:08 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2013-08-15 12:08 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2013-08-15 12:08 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2013-08-15 12:08 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2013-08-15 12:08 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2013-08-15 12:08 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2013-08-15 12:08 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-08-15 12:08 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-08-15 12:08 - 2013-07-26 05:13 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2013-08-15 12:08 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-08-15 12:08 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-08-15 12:08 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-08-15 12:08 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2013-08-15 12:08 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2013-08-15 12:08 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2013-08-15 12:08 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2013-08-15 12:08 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2013-08-15 12:08 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-08-15 12:08 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2013-08-15 12:08 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2013-08-15 12:08 - 2013-07-26 02:54 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2013-08-15 12:08 - 2013-07-09 08:07 - 02233168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2013-08-15 12:08 - 2013-07-02 02:44 - 00036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2013-08-15 12:08 - 2013-07-02 00:08 - 00247216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2013-08-15 12:08 - 2013-05-24 01:02 - 01314816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2013-08-15 12:08 - 2013-05-24 00:25 - 00694272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2013-08-15 12:07 - 2013-07-13 08:18 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2013-08-15 12:07 - 2013-07-13 08:16 - 01889280 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2013-08-15 12:07 - 2013-07-13 08:16 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2013-08-15 12:07 - 2013-07-13 08:15 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2013-08-15 12:07 - 2013-07-13 08:15 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2013-08-15 12:07 - 2013-07-13 06:24 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2013-08-15 12:07 - 2013-07-13 06:23 - 01568256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2013-08-15 12:07 - 2013-07-13 06:23 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2013-08-15 12:07 - 2013-07-13 06:23 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2013-08-14 21:46 - 2013-08-24 13:20 - 00000000 ____D C:\Program Files (x86)\Java
2013-08-14 21:46 - 2013-08-14 21:46 - 00263592 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2013-08-14 21:46 - 2013-08-14 21:46 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2013-08-14 21:46 - 2013-08-14 21:46 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2013-08-14 21:46 - 2013-08-14 21:46 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2013-08-12 21:41 - 2013-08-12 21:41 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Project Reality
2013-08-12 21:41 - 2013-05-04 22:45 - 00002387 _____ C:\Users\phili_000\Documents\PRMumbleCertificateBackup.p12
2013-08-12 21:26 - 2013-08-12 21:26 - 00000000 ____D C:\Users\phili_000\AppData\Local\Project Reality
2013-08-07 17:30 - 2013-08-24 13:21 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\ftblauncher
2013-08-06 21:05 - 2013-08-12 21:39 - 00000000 ____D C:\Users\phili_000\Documents\ProjectReality
2013-08-06 19:57 - 2013-08-24 13:20 - 00000000 ____D C:\ProgramData\Package Cache
2013-08-05 20:32 - 2013-08-05 20:32 - 00000000 ____D C:\NvidiaLogging
2013-08-05 20:32 - 2013-06-17 00:41 - 00997632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2013-08-05 20:32 - 2013-06-01 13:54 - 00194816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2013-08-05 20:32 - 2013-06-01 13:54 - 00125184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2013-08-05 20:32 - 2013-06-01 13:34 - 02391280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2013-08-05 20:32 - 2013-06-01 13:29 - 00337152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-08-05 20:32 - 2013-06-01 13:29 - 00213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2013-08-05 20:32 - 2013-06-01 13:26 - 06987008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-08-05 20:32 - 2013-06-01 13:26 - 00327936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2013-08-05 20:32 - 2013-06-01 12:24 - 02106176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2013-08-05 20:32 - 2013-06-01 11:25 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2013-08-05 20:32 - 2013-06-01 11:25 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2013-08-05 20:32 - 2013-06-01 11:24 - 01453568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2013-08-05 20:32 - 2013-06-01 11:24 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2013-08-05 20:32 - 2013-06-01 11:24 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2013-08-05 20:32 - 2013-06-01 11:23 - 01842176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-08-05 20:32 - 2013-06-01 11:23 - 00680960 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2013-08-05 20:32 - 2013-06-01 11:22 - 00523264 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2013-08-05 20:32 - 2013-06-01 11:22 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2013-08-05 20:32 - 2013-06-01 11:22 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2013-08-05 20:32 - 2013-06-01 11:22 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe
2013-08-05 20:32 - 2013-06-01 11:21 - 00729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2013-08-05 20:32 - 2013-06-01 11:21 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2013-08-05 20:32 - 2013-06-01 11:20 - 02219520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-08-05 20:32 - 2013-06-01 11:20 - 01527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2013-08-05 20:32 - 2013-06-01 11:20 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2013-08-05 20:32 - 2013-06-01 11:20 - 00583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2013-08-05 20:32 - 2013-06-01 11:19 - 00785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2013-08-05 20:32 - 2013-06-01 11:19 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2013-08-05 20:32 - 2013-06-01 05:08 - 00037632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthAvrcpTg.sys
2013-08-05 20:32 - 2013-05-25 00:09 - 01403296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2013-08-05 20:32 - 2013-05-25 00:09 - 01271584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2013-08-05 20:32 - 2013-05-25 00:09 - 01217352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2013-08-05 20:32 - 2013-05-25 00:09 - 01093904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2013-08-05 20:32 - 2013-05-20 02:08 - 00386642 _____ C:\WINDOWS\system32\ApnDatabase.xml
2013-08-05 20:32 - 2013-05-14 21:28 - 00039712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2013-08-05 20:32 - 2013-05-14 21:27 - 00029984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2013-08-05 20:32 - 2013-05-14 21:27 - 00028448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2013-08-05 20:31 - 2013-08-24 13:21 - 00000000 ____D C:\Users\phili_000\AppData\Local\NVIDIA
2013-08-05 20:30 - 2013-08-05 20:30 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-08-05 20:29 - 2013-06-21 14:06 - 25256224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 21102368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 17560352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 13411896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 11235104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2013-08-05 20:29 - 2013-06-21 14:06 - 09239344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 07687592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 07641832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 06324360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 02953504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 02777888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 02363680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 02002720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 01832224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6432049.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 01511712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6432049.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 00925648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 00572704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 00570656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 00467232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 00465184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 00266448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 00218592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 00214448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2013-08-05 20:29 - 2013-06-21 14:06 - 00181488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2013-08-05 20:29 - 2013-02-25 07:27 - 00194848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2013-08-05 20:29 - 2013-02-25 07:27 - 00031520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2013-08-05 20:28 - 2013-08-24 13:20 - 00000000 ____D C:\NVIDIA
==================== One Month Modified Files and Folders =======
2013-09-02 22:06 - 2013-09-02 22:04 - 00000000 ____D C:\Users\phili_000\Desktop\Uni Vorkurs Mathe
2013-09-02 22:02 - 2013-05-17 21:04 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-09-02 22:02 - 2013-05-01 00:32 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\TS3Client
2013-09-02 22:00 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\sru
2013-09-02 21:53 - 2013-05-01 17:02 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Skype
2013-09-02 21:37 - 2013-05-01 00:17 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-02 20:43 - 2013-05-04 00:07 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\.minecraft
2013-09-02 18:45 - 2013-05-02 20:26 - 00290184 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2013-09-02 18:45 - 2013-05-01 14:22 - 00290184 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2013-09-02 18:44 - 2013-05-01 14:22 - 00280904 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2013-09-02 18:20 - 2013-05-18 21:33 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Spotify
2013-09-02 16:45 - 2013-05-01 00:19 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-306031665-1921043881-1312870909-1001
2013-09-02 14:37 - 2013-05-01 00:17 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-02 11:35 - 2013-06-03 16:08 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Dropbox
2013-09-02 11:35 - 2013-05-01 15:33 - 00000000 ___RD C:\Users\phili_000\Google Drive
2013-09-02 11:35 - 2013-05-01 00:45 - 00000000 ____D C:\Program Files (x86)\Steam
2013-09-02 11:32 - 2012-07-26 12:27 - 00751892 _____ C:\WINDOWS\system32\perfh007.dat
2013-09-02 11:32 - 2012-07-26 12:27 - 00155620 _____ C:\WINDOWS\system32\perfc007.dat
2013-09-02 11:32 - 2012-07-26 09:28 - 01745416 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-08-31 21:05 - 2013-07-02 18:22 - 00000000 ____D C:\Users\phili_000\AppData\Local\HTC MediaHub
2013-08-31 21:00 - 2013-05-01 00:12 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-31 21:00 - 2012-07-26 09:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-08-31 18:35 - 2013-08-24 13:15 - 00853231 _____ C:\WINDOWS\WindowsUpdate.log
2013-08-30 22:26 - 2013-08-30 22:12 - 00000000 ____D C:\Users\phili_000\Documents\BFBC2
2013-08-30 22:26 - 2013-05-02 20:26 - 00000000 ____D C:\Users\phili_000\AppData\Local\PunkBuster
2013-08-30 16:45 - 2013-08-30 16:45 - 00001845 _____ C:\Users\phili_000\Downloads\JRT.txt
2013-08-30 16:42 - 2013-08-30 16:42 - 00000000 ____D C:\WINDOWS\ERUNT
2013-08-30 16:41 - 2013-08-30 16:41 - 00007263 _____ C:\Users\phili_000\Downloads\AdwCleaner[S0].txt
2013-08-30 16:35 - 2012-07-26 07:26 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2013-08-30 16:34 - 2013-08-30 16:33 - 00000000 ____D C:\AdwCleaner
2013-08-30 16:34 - 2013-07-13 14:18 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Common
2013-08-30 15:53 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-08-30 13:59 - 2013-08-30 13:59 - 01023533 _____ (Thisisu) C:\Users\phili_000\Downloads\JRT.exe
2013-08-30 13:59 - 2013-08-30 13:59 - 00994642 _____ C:\Users\phili_000\Downloads\adwcleaner.exe
2013-08-30 11:28 - 2013-05-18 21:33 - 00000000 ____D C:\Users\phili_000\AppData\Local\Spotify
2013-08-30 03:12 - 2013-08-30 03:12 - 00030111 _____ C:\Users\phili_000\Downloads\Addition.txt
2013-08-30 03:12 - 2013-08-30 03:12 - 00000000 ____D C:\FRST
2013-08-29 22:40 - 2013-08-29 22:40 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\phili_000\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-29 22:40 - 2013-08-29 22:40 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Malwarebytes
2013-08-29 22:40 - 2013-08-29 22:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-29 22:40 - 2013-08-29 22:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-29 15:52 - 2013-08-29 15:52 - 00000000 ___HD C:\Users\phili_000\Desktop\.picasaoriginals
2013-08-29 15:52 - 2013-05-01 17:03 - 00114688 ___SH C:\Users\phili_000\Desktop\Thumbs.db
2013-08-29 15:49 - 2013-08-29 15:49 - 14965064 _____ (Google Inc.) C:\Users\phili_000\Downloads\picasa39-setup (1).exe
2013-08-29 15:49 - 2013-05-01 00:17 - 00000000 ____D C:\Users\phili_000\AppData\Local\Google
2013-08-29 15:49 - 2013-05-01 00:17 - 00000000 ____D C:\Program Files (x86)\Google
2013-08-29 15:47 - 2013-08-29 15:46 - 14965064 _____ (Google Inc.) C:\Users\phili_000\Downloads\picasa39-setup.exe
2013-08-29 15:47 - 2013-05-01 00:08 - 00000000 ____D C:\Users\phili_000\AppData\Local\Packages
2013-08-28 20:32 - 2013-08-28 20:32 - 00000000 ____D C:\Users\phili_000\AppData\Local\Criterion Games
2013-08-28 20:32 - 2013-08-27 20:29 - 00017993 _____ C:\WINDOWS\DirectX.log
2013-08-28 16:05 - 2013-08-28 16:05 - 00642632 _____ (EFD Software ) C:\Users\phili_000\Downloads\hdtune_255.exe
2013-08-28 16:05 - 2013-08-28 16:05 - 00000000 ____D C:\Program Files (x86)\HD Tune
2013-08-28 15:59 - 2013-08-28 15:59 - 03629944 _____ (Microsoft Corporation) C:\Users\phili_000\Downloads\SyncToySetupPackage_v21_x64.exe
2013-08-28 02:24 - 2013-05-17 22:39 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\uTorrent
2013-08-24 23:22 - 2013-05-23 21:23 - 00231424 ___SH C:\Users\phili_000\Downloads\Thumbs.db
2013-08-24 14:25 - 2013-05-01 00:08 - 00000000 ____D C:\Users\phili_000
2013-08-24 13:23 - 2013-06-25 17:55 - 00000000 ____D C:\ProgramData\ROCCAT
2013-08-24 13:23 - 2013-05-01 01:37 - 00000000 ____D C:\ProgramData\Avira
2013-08-24 13:22 - 2013-08-24 00:24 - 00000000 ____D C:\ProgramData\MFAData
2013-08-24 13:22 - 2013-05-22 19:36 - 00000000 ____D C:\Program Files\Bonjour
2013-08-24 13:22 - 2013-05-22 19:36 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-08-24 13:22 - 2013-05-01 00:16 - 00000000 ____D C:\Program Files\Classic Shell
2013-08-24 13:22 - 2012-07-26 10:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2013-08-24 13:21 - 2013-08-07 17:30 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\ftblauncher
2013-08-24 13:21 - 2013-08-05 20:31 - 00000000 ____D C:\Users\phili_000\AppData\Local\NVIDIA
2013-08-24 13:21 - 2013-07-12 22:51 - 00000000 ____D C:\Users\phili_000\Documents\EA Games
2013-08-24 13:21 - 2013-07-03 22:17 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Downloaded Installations
2013-08-24 13:21 - 2013-07-02 18:23 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\HTC Sync
2013-08-24 13:21 - 2013-07-02 18:23 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\HTC
2013-08-24 13:21 - 2013-06-18 16:28 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Canneverbe Limited
2013-08-24 13:21 - 2013-06-09 15:28 - 00000000 ____D C:\Users\phili_000\Documents\Fax
2013-08-24 13:21 - 2013-05-23 21:38 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\mozilla
2013-08-24 13:21 - 2013-05-23 21:26 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\4Free
2013-08-24 13:21 - 2013-05-23 18:52 - 00000000 ____D C:\Users\phili_000\AppData\Local\RapidSolution
2013-08-24 13:21 - 2013-05-17 21:03 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\GameRanger
2013-08-24 13:21 - 2013-05-13 20:50 - 00000000 ____D C:\Users\phili_000\AppData\Local\Unity
2013-08-24 13:21 - 2013-05-05 15:15 - 00000000 ____D C:\Users\phili_000\AppData\Local\PassMark
2013-08-24 13:21 - 2013-05-03 23:02 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2013-08-24 13:21 - 2013-05-03 13:24 - 00000000 ___RD C:\WINDOWS\BrowserChoice
2013-08-24 13:21 - 2013-05-01 18:13 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2013-08-24 13:21 - 2013-05-01 17:57 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\DAEMON Tools Lite
2013-08-24 13:21 - 2013-05-01 15:31 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Telekom
2013-08-24 13:21 - 2013-05-01 00:51 - 00000000 ____D C:\Users\phili_000\Documents\my games
2013-08-24 13:21 - 2013-05-01 00:10 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Macromedia
2013-08-24 13:21 - 2013-05-01 00:08 - 00000000 ____D C:\Users\phili_000\AppData\Local\VirtualStore
2013-08-24 13:21 - 2012-07-26 12:29 - 00000000 ____D C:\WINDOWS\SKB
2013-08-24 13:21 - 2012-07-26 12:27 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2013-08-24 13:21 - 2012-07-26 12:27 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2013-08-24 13:21 - 2012-07-26 12:27 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2013-08-24 13:21 - 2012-07-26 12:27 - 00000000 ____D C:\WINDOWS\system32\winrm
2013-08-24 13:21 - 2012-07-26 12:27 - 00000000 ____D C:\WINDOWS\system32\slmgr
2013-08-24 13:21 - 2012-07-26 12:27 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ___RD C:\WINDOWS\DesktopTileResources
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\WinStore
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\Web
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\Vss
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\SysWOW64\WindowsPowerShell
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\SysWOW64\spp
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\SysWOW64\Speech
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\SysWOW64\Licenses
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\WindowsPowerShell
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\spp
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\spool
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\Speech
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\MUI
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\migwiz
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\Macromed
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\Licenses
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\IME
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\Com
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\Speech
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\security
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\schemas
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\Resources
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\rescache
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\registration
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\PLA
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\Performance
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\IME
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\Help
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\Globalization
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\Branding
2013-08-24 13:21 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AppCompat
2013-08-24 13:21 - 2012-07-26 09:20 - 00000000 ____D C:\WINDOWS\Setup
2013-08-24 13:21 - 2012-07-26 07:38 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2013-08-24 13:21 - 2012-07-26 07:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2013-08-24 13:21 - 2012-07-26 07:38 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2013-08-24 13:21 - 2012-07-26 07:38 - 00000000 ____D C:\WINDOWS\system32\SMI
2013-08-24 13:21 - 2012-07-26 07:38 - 00000000 ____D C:\WINDOWS\system32\oobe
2013-08-24 13:21 - 2012-07-26 07:38 - 00000000 ____D C:\WINDOWS\system32\Dism
2013-08-24 13:21 - 2012-07-26 07:37 - 00000000 ____D C:\WINDOWS\servicing
2013-08-24 13:20 - 2013-08-14 21:46 - 00000000 ____D C:\Program Files (x86)\Java
2013-08-24 13:20 - 2013-08-06 19:57 - 00000000 ____D C:\ProgramData\Package Cache
2013-08-24 13:20 - 2013-08-05 20:28 - 00000000 ____D C:\NVIDIA
2013-08-24 13:20 - 2013-07-13 14:36 - 00000000 ____D C:\Program Files (x86)\Audible
2013-08-24 13:20 - 2013-07-13 14:18 - 00000000 ____D C:\Program Files (x86)\4Free Video Converter
2013-08-24 13:20 - 2013-07-12 23:07 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2013-08-24 13:20 - 2013-07-11 23:16 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-08-24 13:20 - 2013-07-11 23:16 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-08-24 13:20 - 2013-07-02 19:04 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-24 13:20 - 2013-07-02 19:04 - 00000000 ____D C:\Program Files\iPod
2013-08-24 13:20 - 2013-07-02 18:22 - 00000000 ____D C:\Program Files (x86)\Spirent Communications
2013-08-24 13:20 - 2013-07-02 18:21 - 00000000 ____D C:\Users\phili_000\AppData\Local\Downloaded Installations
2013-08-24 13:20 - 2013-07-02 18:20 - 00000000 ____D C:\ProgramData\HTC
2013-08-24 13:20 - 2013-07-02 18:20 - 00000000 ____D C:\Program Files (x86)\HTC
2013-08-24 13:20 - 2013-06-25 19:24 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-08-24 13:20 - 2013-06-25 19:23 - 00000000 ____D C:\Program Files\Windows Live
2013-08-24 13:20 - 2013-06-25 19:23 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-08-24 13:20 - 2013-06-25 17:54 - 00000000 ____D C:\Program Files (x86)\ROCCAT
2013-08-24 13:20 - 2013-06-25 16:17 - 00000000 ____D C:\Program Files\GIMP 2
2013-08-24 13:20 - 2013-06-18 16:28 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2013-08-24 13:20 - 2013-06-15 18:37 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories
2013-08-24 13:20 - 2013-06-09 17:06 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-08-24 13:20 - 2013-05-31 19:04 - 00000000 ____D C:\Program Files (x86)\Futuremark
2013-08-24 13:20 - 2013-05-23 21:48 - 00000000 ____D C:\Program Files\VideoLAN
2013-08-24 13:20 - 2013-05-23 21:41 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5
2013-08-24 13:20 - 2013-05-23 18:53 - 00000000 ____D C:\ProgramData\RapidSolution
2013-08-24 13:20 - 2013-05-22 19:36 - 00000000 ____D C:\ProgramData\Apple Computer
2013-08-24 13:20 - 2013-05-22 19:36 - 00000000 ____D C:\ProgramData\Apple
2013-08-24 13:20 - 2013-05-22 19:36 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-08-24 13:20 - 2013-05-22 19:36 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-08-24 13:20 - 2013-05-20 22:22 - 00000000 ____D C:\ProgramData\Battle.net
2013-08-24 13:20 - 2013-05-20 22:08 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2013-08-24 13:20 - 2013-05-16 20:39 - 00000000 ____D C:\Program Files (x86)\Tunngle
2013-08-24 13:20 - 2013-05-12 01:12 - 00000000 ____D C:\Program Files\Java
2013-08-24 13:20 - 2013-05-09 19:44 - 00000000 ____D C:\Program Files\WinRAR
2013-08-24 13:20 - 2013-05-05 15:15 - 00000000 ____D C:\Program Files\Realtek
2013-08-24 13:20 - 2013-05-05 15:14 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-08-24 13:20 - 2013-05-04 21:33 - 00000000 ____D C:\ProgramData\Desura
2013-08-24 13:20 - 2013-05-04 20:53 - 00000000 ____D C:\Program Files (x86)\PR Mumble
2013-08-24 13:20 - 2013-05-04 00:30 - 00000000 ____D C:\Program Files\CCleaner
2013-08-24 13:20 - 2013-05-03 23:02 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-08-24 13:20 - 2013-05-03 23:02 - 00000000 ____D C:\Program Files\MSBuild
2013-08-24 13:20 - 2013-05-03 23:02 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-08-24 13:20 - 2013-05-03 23:02 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-08-24 13:20 - 2013-05-02 20:25 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-08-24 13:20 - 2013-05-01 18:13 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-08-24 13:20 - 2013-05-01 18:12 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-08-24 13:20 - 2013-05-01 17:01 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-08-24 13:20 - 2013-05-01 17:01 - 00000000 ____D C:\ProgramData\Skype
2013-08-24 13:20 - 2013-05-01 15:35 - 00000000 ____D C:\Users\phili_000\.swt
2013-08-24 13:20 - 2013-05-01 13:51 - 00000000 ____D C:\ProgramData\LogiShrd
2013-08-24 13:20 - 2013-05-01 13:51 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2013-08-24 13:20 - 2013-05-01 01:37 - 00000000 ____D C:\Program Files (x86)\Avira
2013-08-24 13:20 - 2013-05-01 00:39 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-08-24 13:20 - 2013-05-01 00:32 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2013-08-24 13:20 - 2013-05-01 00:12 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-08-24 13:20 - 2013-05-01 00:12 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-08-24 13:20 - 2013-05-01 00:12 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-08-24 13:20 - 2013-01-30 20:51 - 00000000 ___HD C:\ESD
2013-08-24 13:20 - 2012-07-26 12:29 - 00000000 ____D C:\Program Files\Windows Journal
2013-08-24 13:20 - 2012-07-26 10:12 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2013-08-24 13:20 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-08-24 13:20 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows NT
2013-08-24 13:20 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-08-24 13:20 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\System
2013-08-24 13:20 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-08-24 13:20 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-08-24 13:20 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows NT
2013-08-24 13:20 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-08-24 13:20 - 2012-07-26 07:37 - 00000000 __RHD C:\Users\Default
2013-08-24 00:27 - 2013-08-24 00:24 - 00000000 ____D C:\Users\phili_000\AppData\Local\Avg2013
2013-08-24 00:27 - 2012-07-26 07:26 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2013-08-24 00:26 - 2013-08-24 00:26 - 00000000 ___HD C:\$AVG
2013-08-24 00:26 - 2013-08-24 00:26 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\AVG2013
2013-08-24 00:26 - 2013-08-24 00:26 - 00000000 ____D C:\ProgramData\AVG2013
2013-08-24 00:26 - 2013-08-24 00:26 - 00000000 ____D C:\Program Files (x86)\AVG
2013-08-24 00:26 - 2013-05-01 17:58 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\TuneUp Software
2013-08-24 00:24 - 2013-08-24 00:24 - 00000000 ____D C:\Users\phili_000\AppData\Local\MFAData
2013-08-24 00:19 - 2013-08-24 00:19 - 00000000 _____ C:\ProgramData\rebootpending.txt
2013-08-24 00:18 - 2013-08-24 00:18 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2013-08-24 00:17 - 2013-08-24 00:17 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\QuickScan
2013-08-24 00:08 - 2013-08-24 00:08 - 00143972 _____ C:\Users\phili_000\Downloads\Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013 (2).zip
2013-08-24 00:05 - 2013-08-24 00:05 - 00143972 _____ C:\Users\phili_000\Downloads\Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013 (1).zip
2013-08-24 00:04 - 2013-08-24 00:04 - 00143972 _____ C:\Users\phili_000\Downloads\Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013.zip
2013-08-23 13:24 - 2013-05-01 15:31 - 00001142 _____ C:\Users\phili_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mediencenter.lnk
2013-08-20 20:02 - 2013-05-17 21:04 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-08-16 20:44 - 2013-05-23 21:48 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\vlc
2013-08-16 20:41 - 2013-08-16 20:40 - 189809510 _____ C:\Users\phili_000\Downloads\battlefield3_ost_flac_1376097075.zip
2013-08-15 12:29 - 2013-08-15 12:29 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-08-15 12:29 - 2013-05-02 14:30 - 78161360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-08-14 21:46 - 2013-08-14 21:46 - 00263592 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2013-08-14 21:46 - 2013-08-14 21:46 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2013-08-14 21:46 - 2013-08-14 21:46 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2013-08-14 21:46 - 2013-08-14 21:46 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2013-08-14 21:46 - 2013-05-01 22:35 - 00867240 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\npDeployJava1.dll
2013-08-14 21:46 - 2013-05-01 22:35 - 00789416 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\deployJava1.dll
2013-08-12 21:41 - 2013-08-12 21:41 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Project Reality
2013-08-12 21:39 - 2013-08-06 21:05 - 00000000 ____D C:\Users\phili_000\Documents\ProjectReality
2013-08-12 21:26 - 2013-08-12 21:26 - 00000000 ____D C:\Users\phili_000\AppData\Local\Project Reality
2013-08-06 19:58 - 2013-05-01 14:22 - 00076888 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2013-08-05 20:32 - 2013-08-05 20:32 - 00000000 ____D C:\NvidiaLogging
2013-08-05 20:30 - 2013-08-05 20:30 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-08-04 18:08 - 2013-05-01 00:40 - 00000000 ____D C:\Users\phili_000\AppData\Roaming\Origin
2013-08-04 18:08 - 2013-05-01 00:40 - 00000000 ____D C:\Users\phili_000\AppData\Local\Origin
Files to move or delete:
====================
C:\Users\phili_000\AppData\Local\Temp\APNSetup.exe
C:\Users\phili_000\AppData\Local\Temp\Mediencenter_3.8.0.2907.exe
C:\Users\phili_000\AppData\Local\Temp\Mediencenter_3.8.1.2208.exe
C:\Users\phili_000\AppData\Local\Temp\Quarantine.exe
C:\Users\phili_000\AppData\Local\Temp\SetupHelper.exe
C:\Users\phili_000\AppData\Local\Temp\vlc-2.0.7-win64.exe
C:\Users\phili_000\AppData\Local\Temp\_MEI87162\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI87162\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI87162\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI87162\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI87162\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI87162\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI87162\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI87162\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI87162\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI87162\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI87162\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI87162\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI87162\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI87162\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI87162\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI87162\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI81642\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI8082\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI80722\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI77002\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI76242\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI76242\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI76242\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI76242\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI76242\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI76242\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI76242\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI76242\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI76242\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI76242\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI76242\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI76242\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI76242\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI76242\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI76242\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI76242\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI74002\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI69322\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65842\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65042\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65042\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65042\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65042\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65042\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65042\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65042\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65042\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65042\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65042\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65042\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65042\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65042\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65042\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65042\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI65042\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI64122\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI64122\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI64122\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI64122\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI64122\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI64122\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI64122\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI64122\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI64122\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI64122\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI64122\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI64122\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI64122\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI64122\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI64122\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI64122\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI63802\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI63802\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI63802\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI63802\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI63802\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI63802\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI63802\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI63802\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI63802\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI63802\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI63802\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI63802\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI63802\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI63802\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI63802\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI63802\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62922\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI62682\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI56922\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI56922\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI56922\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI56922\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI56922\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI56922\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI56922\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI56922\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI56922\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI56922\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI56922\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI56922\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI56922\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI56922\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI56922\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI56922\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI53922\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52802\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52802\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52802\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52802\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52802\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52802\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52802\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52802\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52802\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52802\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52802\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52802\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52802\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52802\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52802\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52802\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52802\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52802\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52642\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52082\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52082\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52082\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52082\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52082\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52082\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52082\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52082\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52082\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52082\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52082\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52082\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52082\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52082\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52082\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI52082\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50722\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50562\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50362\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50362\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50362\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50362\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50362\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50362\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50362\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50362\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50362\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50362\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50362\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50362\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50362\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50362\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50362\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI50362\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47522\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI47002\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI4562\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI4562\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI4562\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI4562\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI4562\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI4562\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI4562\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI4562\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI4562\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI4562\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI4562\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI4562\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI4562\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI4562\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI4562\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI4562\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44602\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44602\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44602\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44602\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44602\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44602\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44602\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44602\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44602\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44602\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44602\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44602\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44602\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44602\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44602\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44602\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44602\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44602\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44482\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44482\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44482\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44482\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44482\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44482\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44482\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44482\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44482\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44482\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44482\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44482\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44482\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44482\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44482\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44482\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI44162\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI42882\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI42882\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI42882\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI42882\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI42882\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI42882\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI42882\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI42882\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI42882\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI42882\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI42882\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI42882\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI42882\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI42882\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI42882\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI42882\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI42882\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI42882\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI35962\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI26682\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI14042\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI129962\kernel32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI129962\mfc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI129962\mfc90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI129962\mfcm90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI129962\mfcm90u.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI129962\msvcp100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI129962\msvcr100.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI129962\psapi.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI129962\python27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI129962\pythoncom27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI129962\PyWinTypes27.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI129962\shell32.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI129962\wxbase294u_net_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI129962\wxbase294u_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI129962\wxmsw294u_adv_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI129962\wxmsw294u_core_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI129962\wxmsw294u_html_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\_MEI129962\wxmsw294u_webview_vc90.dll
C:\Users\phili_000\AppData\Local\Temp\VSDC0AA.tmp\Microsoft Sync Framework Services\msfcheck.exe
C:\Users\phili_000\AppData\Local\Temp\VSDC0AA.tmp\Microsoft Sync Framework\msfcheck.exe
C:\Users\phili_000\AppData\Local\Temp\VSDC0AA.tmp\dotnetfx\dotnetchk.exe
C:\Users\phili_000\AppData\Local\Temp\tmpgmvjkn\googledrivesync.exe
C:\Users\phili_000\AppData\Local\Temp\Origin\~nsu.tmp\Au_.exe
C:\Users\phili_000\AppData\Local\Temp\nsw2B3F.tmp\userid.dll
C:\Users\phili_000\AppData\Local\Temp\nsvD108.tmp\sqlite3.dll
C:\Users\phili_000\AppData\Local\Temp\nsvD108.tmp\userid.dll
C:\Users\phili_000\AppData\Local\Temp\nsoC62D.tmp\replacebf.dll
C:\Users\phili_000\AppData\Local\Temp\nsoC62D.tmp\sqlite3.dll
C:\Users\phili_000\AppData\Local\Temp\nsoC62D.tmp\userid.dll
C:\Users\phili_000\AppData\Local\Temp\nsn26C0.tmp\sqlite3.dll
C:\Users\phili_000\AppData\Local\Temp\nsn26C0.tmp\userid.dll
C:\Users\phili_000\AppData\Local\Temp\nsm8ACF.tmp\sqlite3.dll
C:\Users\phili_000\AppData\Local\Temp\nsm8ACF.tmp\userid.dll
C:\Users\phili_000\AppData\Local\Temp\nslB786.tmp\replacebf.dll
C:\Users\phili_000\AppData\Local\Temp\nslB786.tmp\sqlite3.dll
C:\Users\phili_000\AppData\Local\Temp\nslB786.tmp\userid.dll
C:\Users\phili_000\AppData\Local\Temp\nsi4652.tmp\replacebf.dll
C:\Users\phili_000\AppData\Local\Temp\nsi4652.tmp\sqlite3.dll
C:\Users\phili_000\AppData\Local\Temp\nsi4652.tmp\uph.dll
C:\Users\phili_000\AppData\Local\Temp\nsi4652.tmp\userid.dll
C:\Users\phili_000\AppData\Local\Temp\nsi4604.tmp\uph.dll
C:\Users\phili_000\AppData\Local\Temp\nse7B13.tmp\sqlite3.dll
C:\Users\phili_000\AppData\Local\Temp\nse7B13.tmp\userid.dll
C:\Users\phili_000\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-31 12:39
==================== End Of Log ============================
|
|
02.09.2013, 21:41
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virus:Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013.com Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes Anti-Malware (MBAM) Hinweis: Denk bitte vorher daran, Malwarebytes Anti-Malware über den Updatebutton zu aktualisieren! Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.09.2013, 13:43
| #12 |
| | Virus:Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013.com Hier das Malwarebytes Log: Code:
ATTFilter Philipp13 :: PHILIPP [Administrator]
Schutz: Aktiviert
03.09.2013 14:10:53
MBAM-log-2013-09-03 (14-13-25).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 248962
Laufzeit: 2 Minute(n), 3 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 2
C:\$Recycle.Bin\S-1-5-21-306031665-1921043881-1312870909-1001\$RV21ZP2.exe (PUP.Optional.Softonic) -> Keine Aktion durchgeführt.
C:\$Recycle.Bin\S-1-5-21-306031665-1921043881-1312870909-1001\$RZ0D7ET.exe (PUP.Optional.Softonic) -> Keine Aktion durchgeführt.
(Ende)
|
|
03.09.2013, 14:18
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virus:Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013.com Papierkorb leeren und Finger weg von Softonic! Softonic ist eine Toolbar- und Adwareschleuder! Finger weg! Software lädt man sich mit oberster Priorität direkt vom Hersteller oder von Filepony aber nicht von solchen Toolbarklitschen wie Softonic! Was ist mit ESET?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.09.2013, 14:23
| #14 |
| | Virus:Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013.com Und hier ist noch eset: Code:
ATTFilter C:\Users\phili_000\Downloads\Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013 (1).zip Win32/Trustezeb.E trojan
C:\Users\phili_000\Downloads\Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013 (2).zip Win32/Trustezeb.E trojan
C:\Users\phili_000\Downloads\Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013.zip Win32/Trustezeb.E trojan
|
|
03.09.2013, 14:39
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virus:Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013.com Wieso räumst du deinen Downloadordner nicht mal auf?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Virus:Forderung der stornierten Zahlung Ihrer Bestellung 23.08.2013.com |
| administrator, anti-malware, autostart, b.exe, dateien, explorer, malwarebytes, microsoft, programme, pup.optional.babylon.a, pup.optional.datamngr, pup.optional.delta.a, pup.optional.offermosquito.a, pup.optional.opencandy, pup.optional.softonic, roaming, systemwiederherstellung, verschwunden, windows, zahlung |
Linear-Darstellung
