| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Seltsame Anwendungen nach Download - 123.dll - FacebookUpdate.exe - SearchProtect - Minibar.dll - AppsHat - ShowPasswordWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
24.11.2013, 22:43
| #1 |
 |  Seltsame Anwendungen nach Download - 123.dll - FacebookUpdate.exe - SearchProtect - Minibar.dll - AppsHat - ShowPassword Nach dem Download von: hxxp://www.dosgamesarchive.com/file/monkey/ (unter "Start download of The Secret of Monkey Island") fand ich einige merkwürdige Programme im TaskManager vor. Die Seite ist legal und für gewöhnlich auch vertrauenswürdig. Bei der Benutzung von Security Task Manager sind mir dann folgende Anwendungen aufgefallen: - 135.dll (ShowPassword Add-on [deaktiviert]) - FacebookUpdate.exe - SearchProtect (in Registry) - Minibar.dll - AppsHat (Add-on [deaktiviert]) Ich kenne mich nicht mit Viren ect. aus, also wollte ich fragen ob mein PC gefährdet ist und was ich unternehmen kann. Hier noch ein Screenshot vom Security Task Manager: hxxp://i.imgur.com/lv86j21.png Microsoft Securitiy Essentials hat (noch) nichts gefunden, ich werde ihn noch komplett durchlaufen lassen. Mich wundert sehr was es mit diesem FacebookUpdate auf sich hat, unter C:\Users\wupto\AppData\Local\Facebook\Update ist ein Installer zu finden und im FRST Log taucht es als .job und unter system32 auf. defrogger: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 21:49 on 24/11/2013 (wupto)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-11-2013
Ran by wupto (administrator) on WUPTO-PC on 24-11-2013 22:08:59
Running from C:\Users\wupto\Virenbekämpfung
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Mozilla Corporation) C:\Program Files (x86)\Aurora\firefox.exe
(Neuber Software) C:\Program Files (x86)\Security Task Manager\TaskMan.exe
(Mozilla Corporation) C:\Program Files (x86)\Aurora\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7743008 2009-04-27] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\SkyTel.exe [1833504 2009-04-27] (Realtek Semiconductor Corp.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [472984 2013-06-13] (Adobe Systems Incorporated)
HKLM-x32\...\Runonce: [dosgamesarchive] - [x]
HKLM-x32\...\Runonce: [SpUninstallCleanUp] - REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f [x]
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1820584 2013-10-30] (Valve Corporation)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20549280 2013-10-21] (Skype Technologies S.A.)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\wupto\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\wupto\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-11-17] (Spotify Ltd)
HKCU\...\Run: [Spotify] - C:\Users\wupto\AppData\Roaming\Spotify\spotify.exe [5955072 2013-11-17] (Spotify Ltd)
HKCU\...\Run: [Facebook Update] - C:\Users\wupto\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-11-09] (Facebook Inc.)
HKCU\...\Run: [AppsHat] - C:\Users\wupto\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
MountPoints2: {a3395989-235a-11e3-a77f-00270e06e4f2} - F:\autorun.exe
MountPoints2: {f3b7e5ab-0169-11e3-b155-806e6f6e6963} - D:\AUTOSTARTER.EXE
HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [ADSK DLMSession] - C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1641368 2013-02-01] (Autodesk, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Startup: C:\Users\wupto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\wupto\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?ctid=CT3312375&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP698FFE78-1A9B-417B-BB37-E2CBC517F555
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7F90D2D43C9DCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3312375&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP698FFE78-1A9B-417B-BB37-E2CBC517F555&q={searchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3312375&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP698FFE78-1A9B-417B-BB37-E2CBC517F555&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Show-Password - {418b59d2-50d7-45fa-844c-1f9a792f39d9} - C:\Program Files (x86)\Show-Password\135.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\wupto\AppData\Roaming\Mozilla\Firefox\Profiles\oh9sncb2.default
FF user.js: detected! => C:\Users\wupto\AppData\Roaming\Mozilla\Firefox\Profiles\oh9sncb2.default\user.js
FF Homepage: hxxp://www.youtube.com/feed/subscriptions|https://mail.google.com/mail/?hl=de&shva=1#inbox|https://twitter.com/|hxxp://www.rockpapershotgun.com/|hxxp://www.deviantart.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\wupto\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\wupto\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Extension: DownloadHelper - C:\Users\wupto\AppData\Roaming\Mozilla\Firefox\Profiles\oh9sncb2.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: jid0-UVAeBCfd34Kk5usS8A1CBiobvM8 - C:\Users\wupto\AppData\Roaming\Mozilla\Firefox\Profiles\oh9sncb2.default\Extensions\jid0-UVAeBCfd34Kk5usS8A1CBiobvM8@jetpack.xpi
FF Extension: Adblock Plus - C:\Users\wupto\AppData\Roaming\Mozilla\Firefox\Profiles\oh9sncb2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKCU\...\Firefox\Extensions: [{a00874d8-b590-41f7-a914-acf7a1805ded}] - C:\Program Files (x86)\Show-Password\135.xpi
FF Extension: No Name - C:\Program Files (x86)\Show-Password\135.xpi
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Aurora\firefox.exe
Chrome:
=======
CHR HomePage: http:\/\/search.conduit.com\/?ctid=CT3312375&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP698FFE78-1A9B-417B-BB37-E2CBC517F555
CHR RestoreOnStartup: "http:\/\/search.conduit.com\/?ctid=CT3312375&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP698FFE78-1A9B-417B-BB37-E2CBC517F555"]},"sync_promo":{"startup_count":7},"translate_blocked_languages":["de"
CHR Extension: (Google Docs) - C:\Users\wupto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\wupto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\wupto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\wupto\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\wupto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\wupto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [logekkkdbdidmmcgkonmmonclldogceg] - C:\Program Files (x86)\Show-Password\135.crx
==================== Services (Whitelisted) =================
R2 mi-raysat_3dsmax2013_64; C:\Program Files\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe [86016 2011-09-14] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-08-26] ()
S3 wampapache; c:\wamp\bin\apache\apache2.4.4\bin\httpd.exe [24576 2013-06-23] (Apache Software Foundation)
S3 wampmysqld; c:\wamp\bin\mysql\mysql5.6.12\bin\mysqld.exe [12867584 2013-06-23] ()
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [598808 2013-06-06] (Wacom Technology, Corp.)
==================== Drivers (Whitelisted) ====================
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-08-31] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-08-31] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-24 22:08 - 2013-11-24 22:08 - 00000000 ____D C:\FRST
2013-11-24 21:46 - 2013-11-24 22:08 - 00000000 ____D C:\Users\wupto\Virenbekämpfung
2013-11-24 21:46 - 2013-11-24 21:46 - 00000472 _____ C:\Users\wupto\Downloads\defogger_disable.log
2013-11-24 21:46 - 2013-11-24 21:46 - 00000000 _____ C:\Users\wupto\defogger_reenable
2013-11-24 21:13 - 2013-11-24 21:13 - 00229539 _____ C:\Users\wupto\Desktop\monkey.zip
2013-11-24 21:13 - 2013-11-24 21:13 - 00003052 _____ C:\Windows\System32\Tasks\Show-Password Update
2013-11-24 21:13 - 2013-11-24 21:13 - 00000404 _____ C:\Windows\Tasks\Show-Password Update.job
2013-11-24 21:13 - 2013-11-24 21:13 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
2013-11-24 21:13 - 2013-11-24 21:13 - 00000000 ____D C:\Program Files (x86)\Show-Password
2013-11-24 21:05 - 2013-11-24 21:05 - 00000000 ____D C:\Users\wupto\AppData\Local\DOSBox
2013-11-24 21:02 - 2013-11-24 21:03 - 45314918 _____ C:\Users\wupto\Downloads\Secret of Monkey Island (U).zip
2013-11-24 19:31 - 2013-11-24 19:31 - 00000044 _____ C:\Users\wupto\jagex_cl_oldschool_LIVE.dat
2013-11-24 15:34 - 2013-11-24 20:23 - 00000045 _____ C:\Users\wupto\jagex_cl_runescape_LIVE1.dat
2013-11-24 15:34 - 2013-11-24 15:34 - 00000000 ____D C:\Users\wupto\jagexcache1
2013-11-24 14:05 - 2013-11-24 14:05 - 00001977 _____ C:\Users\Public\Desktop\One Unit Whole Blood.lnk
2013-11-24 13:11 - 2013-11-24 13:22 - 301486440 _____ (GOG.com ) C:\Users\wupto\Downloads\setup_one_unit_whole_blood_2.0.0.21.exe
2013-11-24 13:03 - 2013-11-24 13:03 - 00000000 ____D C:\Program Files (x86)\DOSBox-0.74
2013-11-24 13:02 - 2013-11-24 21:08 - 00000000 ____D C:\Users\wupto\emus
2013-11-24 13:02 - 2013-11-24 13:02 - 01448809 _____ (DOSBox Team) C:\Users\wupto\Downloads\DOSBox0.74-win32-installer.exe
2013-11-23 17:11 - 2013-11-24 20:17 - 00000046 _____ C:\Users\wupto\jagex_cl_speccollect_LIVE.dat
2013-11-23 16:50 - 2013-11-24 20:47 - 00000000 ____D C:\Users\wupto\AppData\Roaming\GameMaker-Studio
2013-11-23 16:36 - 2013-11-23 16:36 - 00000000 ____D C:\Program Files (x86)\Aurora
2013-11-22 16:11 - 2013-11-22 17:18 - 00000000 ____D C:\Users\wupto\Desktop\SteamCMD
2013-11-21 22:07 - 2013-11-21 22:07 - 00000221 _____ C:\Users\wupto\Desktop\Arma 2 Operation Arrowhead.url
2013-11-21 21:58 - 2013-11-21 21:58 - 00000222 _____ C:\Users\wupto\Desktop\Arma 2 DayZ Mod.url
2013-11-21 20:04 - 2013-11-21 20:04 - 00000000 ____D C:\Users\wupto\AppData\Local\Divinity 2
2013-11-21 20:04 - 2013-11-21 20:04 - 00000000 ____D C:\ProgramData\Divinity 2
2013-11-21 20:01 - 2013-11-21 20:01 - 00000000 ____D C:\Windows\B83FC356B7C0441F8A4DD71E088E7974.TMP
2013-11-20 20:23 - 2013-11-20 20:30 - 00000000 ____D C:\Users\wupto\Desktop\Cactus Arcade
2013-11-20 20:17 - 2013-11-20 20:21 - 47990013 _____ C:\Users\wupto\Downloads\arcade.zip
2013-11-20 20:11 - 2013-11-20 20:11 - 01329197 _____ C:\Users\wupto\Downloads\I Was In The War.rar
2013-11-20 19:19 - 2013-11-20 19:19 - 00000000 ____D C:\Users\wupto\Desktop\juicy
2013-11-20 19:17 - 2013-11-20 19:18 - 02050875 _____ C:\Users\wupto\Downloads\controlconf.rar
2013-11-20 14:19 - 2013-11-20 14:19 - 01071224 _____ (Solid State Networks) C:\Users\wupto\Downloads\install_flashplayer11x32au_mssd_aaa_aih.exe
2013-11-18 21:32 - 2013-11-18 21:33 - 00000000 ____D C:\Users\wupto\.mediathek3
2013-11-18 21:32 - 2013-11-18 21:32 - 00000000 ____D C:\Users\wupto\Documents\StreamTransport
2013-11-18 21:31 - 2013-11-18 21:31 - 12839824 _____ C:\Users\wupto\Downloads\MediathekView_3.3.0.zip
2013-11-18 21:31 - 2013-11-18 21:31 - 00000000 ____D C:\Users\wupto\MediathekView
2013-11-18 21:24 - 2013-11-18 21:24 - 03331742 _____ ( ) C:\Users\wupto\Downloads\streamtransport2171_setup.exe
2013-11-18 17:58 - 2013-11-18 17:59 - 00000000 ____D C:\Users\wupto\AppData\Local\Risen
2013-11-18 17:50 - 2013-11-18 17:50 - 00000000 ____D C:\Windows\1C4551A64743409391E41477CD655043.TMP
2013-11-18 17:44 - 2013-11-18 17:44 - 00000000 ____D C:\Program Files (x86)\Deep Silver
2013-11-17 00:19 - 2013-11-17 00:20 - 00000000 ____D C:\Users\wupto\AppData\Local\GameMaker8.1
2013-11-17 00:19 - 2013-11-17 00:19 - 12725464 _____ C:\Users\wupto\Downloads\GameMaker-Installer-8.1.exe
2013-11-17 00:19 - 2013-11-17 00:19 - 00000000 ____D C:\Users\wupto\GameMaker 8.1
2013-11-17 00:19 - 2013-11-17 00:19 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameMaker 8.1
2013-11-17 00:19 - 2013-11-17 00:19 - 00000000 ____D C:\Users\wupto\AppData\Roaming\GameMaker
2013-11-14 22:59 - 2013-10-12 09:45 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-14 22:59 - 2013-10-12 09:45 - 01364992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-14 22:59 - 2013-10-12 09:45 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-14 22:59 - 2013-10-12 09:43 - 19269632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-14 22:59 - 2013-10-12 09:43 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-14 22:59 - 2013-10-12 09:43 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-14 22:59 - 2013-10-12 09:43 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-14 22:59 - 2013-10-12 09:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-14 22:59 - 2013-10-12 09:43 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-14 22:59 - 2013-10-12 09:43 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-14 22:59 - 2013-10-12 09:43 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-14 22:59 - 2013-10-12 09:43 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-14 22:59 - 2013-10-12 09:43 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-14 22:59 - 2013-10-12 09:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-14 22:59 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-14 22:59 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-14 22:59 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-14 22:59 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-14 22:59 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-14 22:59 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-14 22:59 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-14 22:59 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-14 22:59 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-14 22:59 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-14 22:59 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-14 22:59 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-14 22:59 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-14 22:59 - 2013-10-12 07:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-14 22:59 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-14 22:59 - 2013-10-12 06:44 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-14 22:59 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-14 19:12 - 2013-11-24 20:48 - 00000024 _____ C:\Users\wupto\random.dat
2013-11-14 19:12 - 2013-11-24 20:47 - 00000044 _____ C:\Users\wupto\jagex_cl_runescape_LIVE.dat
2013-11-14 19:12 - 2013-11-24 19:31 - 00000000 ____D C:\Users\wupto\jagexcache
2013-11-14 18:47 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 18:47 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 18:47 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 18:47 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-14 18:47 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-14 18:47 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 18:47 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-14 18:47 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-14 18:47 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-14 18:47 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-14 18:47 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-14 18:47 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-14 18:47 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-14 18:47 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 18:47 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-14 18:47 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-14 18:47 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-14 18:47 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-14 18:47 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-14 18:47 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-14 18:47 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-14 18:47 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-14 18:47 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-14 18:47 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-14 18:47 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-14 18:47 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-14 18:47 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-14 18:47 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-14 18:47 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-14 18:47 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-13 21:25 - 2013-11-13 21:20 - 00000000 ____D C:\Users\wupto\Desktop\dungame
2013-11-12 21:22 - 2013-11-12 21:22 - 00000000 ____D C:\ProgramData\Oracle
2013-11-12 21:21 - 2013-11-12 21:21 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-11-12 21:21 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-11-12 21:21 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-11-12 21:21 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-11-12 21:21 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-11-10 15:53 - 2011-06-01 18:15 - 00000000 ____D C:\Users\wupto\Downloads\tilesets
2013-11-10 15:53 - 2011-06-01 18:15 - 00000000 ____D C:\Users\wupto\Downloads\chardata
2013-11-10 15:53 - 2011-06-01 18:11 - 00000018 _____ C:\Users\wupto\Downloads\DD.dat
2013-11-10 15:53 - 2011-06-01 18:09 - 00005851 _____ C:\Users\wupto\Downloads\readme.txt
2013-11-10 15:53 - 2011-05-24 15:32 - 01127594 _____ C:\Users\wupto\Downloads\boss_kill.wav
2013-11-10 15:53 - 2011-05-24 15:32 - 01098732 _____ C:\Users\wupto\Downloads\startup.wav
2013-11-10 15:53 - 2011-05-24 15:32 - 00810126 _____ C:\Users\wupto\Downloads\dungeon_enter.wav
2013-11-10 15:53 - 2011-05-24 15:32 - 00723544 _____ C:\Users\wupto\Downloads\death.wav
2013-11-10 15:53 - 2011-05-24 15:32 - 00377202 _____ C:\Users\wupto\Downloads\boss_find.wav
2013-11-10 15:53 - 2011-05-24 15:32 - 00186724 _____ C:\Users\wupto\Downloads\spell.wav
2013-11-10 15:53 - 2011-05-24 15:32 - 00087640 _____ C:\Users\wupto\Downloads\fight.wav
2013-11-10 15:53 - 2011-05-24 15:32 - 00006868 _____ C:\Users\wupto\Downloads\general.wav
2013-11-10 15:53 - 2009-05-16 12:47 - 00005120 _____ C:\Users\wupto\Downloads\netread.dll
2013-11-10 15:49 - 2013-11-10 15:49 - 06480958 _____ C:\Users\wupto\Downloads\DesktopDungeons_v021.exe
2013-11-09 22:54 - 2013-11-24 19:59 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2551939517-2927700148-1210324758-1000UA.job
2013-11-09 22:54 - 2013-11-23 22:59 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2551939517-2927700148-1210324758-1000Core.job
2013-11-09 22:54 - 2013-11-09 22:54 - 00501248 _____ (Facebook Inc.) C:\Users\wupto\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
2013-11-09 22:54 - 2013-11-09 22:54 - 00003904 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2551939517-2927700148-1210324758-1000UA
2013-11-09 22:54 - 2013-11-09 22:54 - 00003536 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2551939517-2927700148-1210324758-1000Core
2013-11-09 22:54 - 2013-11-09 22:54 - 00000000 ____D C:\Users\wupto\AppData\Local\Facebook
2013-11-09 18:45 - 2013-11-09 18:45 - 00000000 ____D C:\Users\wupto\AppData\Local\unknown
2013-11-09 13:19 - 2013-11-09 23:58 - 00000000 ____D C:\Users\wupto\Desktop\dungon
2013-11-07 19:18 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2013-11-07 19:17 - 2013-11-07 19:18 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-07 19:17 - 2013-11-07 19:18 - 00000000 ____D C:\Program Files\iTunes
2013-11-07 19:17 - 2013-11-07 19:18 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-07 19:17 - 2013-11-07 19:17 - 00000000 ____D C:\Program Files\iPod
2013-11-07 19:14 - 2013-11-07 19:14 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-11-07 19:14 - 2013-11-07 19:14 - 00000000 ____D C:\Program Files\Bonjour
2013-11-07 19:14 - 2013-11-07 19:14 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-11-07 19:11 - 2013-11-07 19:14 - 100400976 _____ (Apple Inc.) C:\Users\wupto\Downloads\iTunes64Setup.exe
2013-11-07 12:54 - 2013-11-07 12:54 - 00000748 _____ C:\Users\wupto\Downloads\Manoria.sav
2013-11-07 12:53 - 2013-11-07 12:54 - 12141520 _____ () C:\Users\wupto\Downloads\manoria0.6.exe
2013-11-06 22:50 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2013-11-04 23:52 - 2013-11-04 23:58 - 00000000 ____D C:\Users\wupto\AppData\Roaming\.mojam
2013-11-03 20:26 - 2013-09-02 21:07 - 00000000 ____D C:\Users\wupto\Desktop\henrik 84 euro schulden
2013-11-03 13:50 - 2013-11-03 13:50 - 00065832 _____ C:\Users\wupto\Downloads\fsbext-master.zip
2013-11-03 13:46 - 2013-11-03 13:46 - 00055201 _____ C:\Users\wupto\Downloads\fsbext.zip
2013-11-02 17:59 - 2013-11-03 15:14 - 00000000 ____D C:\Users\wupto\Desktop\EBT
2013-11-01 23:48 - 2013-11-02 00:25 - 00000000 ____D C:\Users\wupto\Documents\Proteus
2013-11-01 14:28 - 2013-11-01 14:28 - 00000000 ____D C:\Users\wupto\.lennasinception
2013-11-01 13:06 - 2013-11-01 13:07 - 11626288 _____ C:\Users\wupto\Downloads\lennasinception_alpha4a.zip
2013-10-30 18:06 - 2013-10-30 18:06 - 00000000 ____D C:\Users\wupto\Documents\Remedy
2013-10-30 18:06 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2013-10-30 18:06 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2013-10-30 18:06 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2013-10-30 18:06 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2013-10-30 18:06 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2013-10-30 18:06 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2013-10-30 18:06 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2013-10-30 18:05 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2013-10-30 18:05 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2013-10-30 18:05 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2013-10-30 18:05 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2013-10-30 18:05 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2013-10-30 18:05 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2013-10-30 18:05 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2013-10-30 18:05 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2013-10-30 18:05 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2013-10-30 18:05 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2013-10-30 18:05 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2013-10-30 18:05 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2013-10-30 18:05 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2013-10-30 18:05 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2013-10-30 18:05 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2013-10-30 18:05 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2013-10-30 18:05 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2013-10-30 18:05 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2013-10-30 18:05 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2013-10-30 18:05 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2013-10-30 18:05 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2013-10-30 18:05 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2013-10-30 18:05 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2013-10-30 18:05 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2013-10-30 18:05 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2013-10-30 18:05 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2013-10-30 18:05 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2013-10-30 18:05 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2013-10-30 18:05 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2013-10-30 18:05 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2013-10-30 18:05 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2013-10-30 18:05 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2013-10-30 18:05 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2013-10-30 18:05 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2013-10-30 18:05 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2013-10-30 18:05 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2013-10-30 18:05 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2013-10-30 18:05 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2013-10-30 18:05 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2013-10-30 18:05 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2013-10-30 18:05 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2013-10-30 18:05 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2013-10-30 18:05 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2013-10-30 18:05 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2013-10-30 18:05 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2013-10-30 18:05 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2013-10-30 18:05 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2013-10-30 18:05 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2013-10-30 18:05 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2013-10-30 18:05 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2013-10-30 18:05 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2013-10-30 18:05 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2013-10-30 18:05 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2013-10-30 18:05 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2013-10-30 18:05 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2013-10-30 18:05 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2013-10-30 18:05 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2013-10-30 18:05 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2013-10-30 18:05 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2013-10-30 18:05 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2013-10-30 18:05 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2013-10-30 18:05 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2013-10-30 18:05 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2013-10-30 18:05 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2013-10-30 18:05 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2013-10-30 18:05 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2013-10-30 18:05 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2013-10-30 18:05 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2013-10-30 18:05 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2013-10-30 18:05 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2013-10-30 18:05 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2013-10-30 18:05 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2013-10-30 18:05 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2013-10-30 18:05 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2013-10-30 18:05 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2013-10-30 18:05 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2013-10-30 18:05 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2013-10-30 18:05 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2013-10-30 18:05 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2013-10-30 18:05 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2013-10-30 18:05 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2013-10-30 18:05 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2013-10-30 18:05 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2013-10-30 18:05 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2013-10-30 18:05 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2013-10-30 18:05 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2013-10-30 18:05 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2013-10-30 18:05 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2013-10-30 18:05 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2013-10-30 18:05 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2013-10-30 18:05 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2013-10-30 18:05 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2013-10-30 18:05 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2013-10-30 18:05 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2013-10-30 18:05 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2013-10-30 18:05 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2013-10-30 18:05 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2013-10-30 18:05 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2013-10-30 18:05 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2013-10-30 18:05 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2013-10-30 18:05 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2013-10-30 18:05 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2013-10-30 18:05 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2013-10-30 18:05 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2013-10-30 18:05 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2013-10-30 18:05 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2013-10-30 18:05 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2013-10-30 18:05 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2013-10-30 18:05 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2013-10-30 18:05 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2013-10-30 18:05 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2013-10-30 18:05 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2013-10-30 18:05 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2013-10-30 18:05 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2013-10-30 18:05 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2013-10-30 18:05 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2013-10-30 18:05 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2013-10-30 18:05 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2013-10-30 18:05 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2013-10-30 18:05 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2013-10-30 18:05 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2013-10-30 18:05 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2013-10-30 18:05 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2013-10-30 18:05 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2013-10-30 18:05 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2013-10-30 18:05 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2013-10-30 18:05 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2013-10-30 18:05 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2013-10-30 18:05 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2013-10-30 18:05 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2013-10-30 18:05 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2013-10-30 18:05 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2013-10-30 18:05 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2013-10-30 18:05 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2013-10-30 18:05 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2013-10-30 18:05 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2013-10-30 18:05 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2013-10-30 18:05 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2013-10-30 18:05 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2013-10-30 18:05 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2013-10-30 18:05 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2013-10-30 18:05 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2013-10-30 18:05 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2013-10-30 18:05 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2013-10-30 18:05 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2013-10-30 18:05 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2013-10-30 18:05 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2013-10-30 18:05 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2013-10-30 18:05 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2013-10-30 18:05 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2013-10-30 18:05 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2013-10-30 18:05 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2013-10-30 18:05 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2013-10-30 18:05 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2013-10-30 18:05 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2013-10-30 18:05 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2013-10-30 18:05 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2013-10-30 18:05 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2013-10-30 18:05 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2013-10-30 18:04 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2013-10-30 18:04 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2013-10-30 18:04 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2013-10-30 18:04 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2013-10-30 18:04 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2013-10-30 18:04 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2013-10-30 18:04 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2013-10-30 18:04 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2013-10-30 18:04 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2013-10-30 18:04 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2013-10-30 18:04 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2013-10-30 18:04 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2013-10-29 11:22 - 2013-10-29 11:24 - 00000000 ____D C:\Program Files (x86)\3D-Fahrschule Demo
2013-10-29 11:22 - 2013-10-29 11:22 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3D-Fahrschule Demo
2013-10-29 11:20 - 2013-10-29 11:21 - 38687661 _____ C:\Users\wupto\Downloads\drive5-DE.exe
2013-10-28 14:14 - 2013-10-28 14:14 - 00015157 _____ C:\Users\wupto\Downloads\dungeon_sn.zip
2013-10-28 14:12 - 2013-10-28 14:12 - 00020128 _____ C:\Users\wupto\Downloads\carolingia.zip
2013-10-28 14:09 - 2013-10-28 14:09 - 00092555 _____ C:\Users\wupto\Downloads\bilbo_hand.zip
2013-10-27 02:19 - 2013-10-27 02:19 - 00586994 _____ C:\Users\wupto\Downloads\codeshooter_crashesterribly_sowhat.zip
2013-10-27 02:11 - 2013-10-27 02:11 - 01134847 _____ (Herrios ) C:\Users\wupto\Downloads\ClickNinja.exe
2013-10-27 01:57 - 2013-10-27 01:57 - 00000000 ____D C:\Users\wupto\AppData\Local\2playersplatformer3
2013-10-27 01:56 - 2013-10-27 01:56 - 05728768 _____ (Lumenus Team ) C:\Users\wupto\Downloads\Duaalsus_0.0.2.10.exe
2013-10-26 23:12 - 2013-10-26 23:12 - 00000132 _____ C:\Users\wupto\AppData\Roaming\Adobe Targa-Format CC - Voreinstellungen
2013-10-26 13:26 - 2013-10-26 22:10 - 00000000 ____D C:\Users\wupto\WoWModelViewer_7.0.5
2013-10-26 13:23 - 2013-10-26 13:23 - 06326430 _____ C:\Users\wupto\Downloads\WMV_Binary_v0705_Win32.zip
2013-10-25 22:59 - 2013-10-25 22:59 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2010
2013-10-25 22:59 - 2013-10-25 22:59 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2010
2013-10-25 19:15 - 2013-11-04 23:49 - 00000000 ____D C:\Users\wupto\skyrim gedönse
2013-10-25 16:03 - 2013-10-27 18:10 - 00000000 ____D C:\Nexus
2013-10-25 16:03 - 2013-10-25 16:03 - 00000890 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2013-10-25 16:03 - 2013-10-25 16:03 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2013-10-25 15:57 - 2013-10-27 18:10 - 00000000 ____D C:\Users\wupto\AppData\Local\Skyrim
2013-10-25 15:53 - 2013-10-25 16:03 - 00000000 ____D C:\Users\wupto\AppData\Local\Black_Tree_Gaming
2013-10-25 15:53 - 2013-10-25 15:53 - 00000000 ____D C:\Users\wupto\Documents\Nexus Mod Manager
2013-10-25 15:35 - 2013-10-25 15:36 - 04123248 _____ (Black Tree Gaming ) C:\Users\wupto\Downloads\Nexus Mod Manager-0.45.6.exe
==================== One Month Modified Files and Folders =======
2013-11-24 22:11 - 2013-08-10 12:02 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Skype
2013-11-24 22:08 - 2013-11-24 22:08 - 00000000 ____D C:\FRST
2013-11-24 22:08 - 2013-11-24 21:46 - 00000000 ____D C:\Users\wupto\Virenbekämpfung
2013-11-24 22:05 - 2013-09-15 19:15 - 00000000 ____D C:\ProgramData\SecTaskMan
2013-11-24 21:46 - 2013-11-24 21:46 - 00000472 _____ C:\Users\wupto\Downloads\defogger_disable.log
2013-11-24 21:46 - 2013-11-24 21:46 - 00000000 _____ C:\Users\wupto\defogger_reenable
2013-11-24 21:46 - 2013-08-10 04:14 - 00000000 ____D C:\Users\wupto
2013-11-24 21:38 - 2013-08-10 12:06 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-24 21:34 - 2013-08-10 12:35 - 00000000 ____D C:\Users\wupto\Documents\screens
2013-11-24 21:28 - 2009-07-14 05:51 - 00069827 _____ C:\Windows\setupact.log
2013-11-24 21:22 - 2013-09-21 20:43 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2013-11-24 21:14 - 2013-09-15 21:04 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-24 21:13 - 2013-11-24 21:13 - 00229539 _____ C:\Users\wupto\Desktop\monkey.zip
2013-11-24 21:13 - 2013-11-24 21:13 - 00003052 _____ C:\Windows\System32\Tasks\Show-Password Update
2013-11-24 21:13 - 2013-11-24 21:13 - 00000404 _____ C:\Windows\Tasks\Show-Password Update.job
2013-11-24 21:13 - 2013-11-24 21:13 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
2013-11-24 21:13 - 2013-11-24 21:13 - 00000000 ____D C:\Program Files (x86)\Show-Password
2013-11-24 21:08 - 2013-11-24 13:02 - 00000000 ____D C:\Users\wupto\emus
2013-11-24 21:05 - 2013-11-24 21:05 - 00000000 ____D C:\Users\wupto\AppData\Local\DOSBox
2013-11-24 21:03 - 2013-11-24 21:02 - 45314918 _____ C:\Users\wupto\Downloads\Secret of Monkey Island (U).zip
2013-11-24 20:56 - 2013-08-10 04:10 - 01837829 _____ C:\Windows\WindowsUpdate.log
2013-11-24 20:51 - 2013-08-10 04:50 - 00000000 ____D C:\Program Files (x86)\Steam
2013-11-24 20:48 - 2013-11-14 19:12 - 00000024 _____ C:\Users\wupto\random.dat
2013-11-24 20:47 - 2013-11-23 16:50 - 00000000 ____D C:\Users\wupto\AppData\Roaming\GameMaker-Studio
2013-11-24 20:47 - 2013-11-14 19:12 - 00000044 _____ C:\Users\wupto\jagex_cl_runescape_LIVE.dat
2013-11-24 20:47 - 2013-08-10 14:30 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Dropbox
2013-11-24 20:23 - 2013-11-24 15:34 - 00000045 _____ C:\Users\wupto\jagex_cl_runescape_LIVE1.dat
2013-11-24 20:17 - 2013-11-23 17:11 - 00000046 _____ C:\Users\wupto\jagex_cl_speccollect_LIVE.dat
2013-11-24 19:59 - 2013-11-09 22:54 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2551939517-2927700148-1210324758-1000UA.job
2013-11-24 19:31 - 2013-11-24 19:31 - 00000044 _____ C:\Users\wupto\jagex_cl_oldschool_LIVE.dat
2013-11-24 19:31 - 2013-11-14 19:12 - 00000000 ____D C:\Users\wupto\jagexcache
2013-11-24 16:57 - 2013-08-11 14:27 - 00000586 _____ C:\Users\wupto\Neues Textdokument.txt
2013-11-24 15:34 - 2013-11-24 15:34 - 00000000 ____D C:\Users\wupto\jagexcache1
2013-11-24 14:05 - 2013-11-24 14:05 - 00001977 _____ C:\Users\Public\Desktop\One Unit Whole Blood.lnk
2013-11-24 14:04 - 2013-10-02 18:05 - 00000000 ____D C:\GOG Games
2013-11-24 13:30 - 2013-08-10 20:33 - 00000132 _____ C:\Users\wupto\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2013-11-24 13:22 - 2013-11-24 13:11 - 301486440 _____ (GOG.com ) C:\Users\wupto\Downloads\setup_one_unit_whole_blood_2.0.0.21.exe
2013-11-24 13:03 - 2013-11-24 13:03 - 00000000 ____D C:\Program Files (x86)\DOSBox-0.74
2013-11-24 13:02 - 2013-11-24 13:02 - 01448809 _____ (DOSBox Team) C:\Users\wupto\Downloads\DOSBox0.74-win32-installer.exe
2013-11-24 12:38 - 2013-10-18 22:52 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Spotify
2013-11-24 12:38 - 2013-08-10 04:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-24 12:37 - 2013-08-10 14:35 - 00000000 ___RD C:\Users\wupto\Dropbox
2013-11-24 12:36 - 2013-09-15 21:04 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-24 12:31 - 2009-07-14 05:45 - 00015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-24 12:31 - 2009-07-14 05:45 - 00015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-24 12:24 - 2013-08-10 04:37 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-24 12:24 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-24 02:00 - 2013-08-10 12:03 - 00000000 ____D C:\Users\wupto\AppData\Local\Adobe
2013-11-23 22:59 - 2013-11-09 22:54 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2551939517-2927700148-1210324758-1000Core.job
2013-11-23 16:51 - 2013-08-19 22:13 - 00000000 ____D C:\Users\wupto\AppData\Local\GameMaker-Studio
2013-11-23 16:36 - 2013-11-23 16:36 - 00000000 ____D C:\Program Files (x86)\Aurora
2013-11-23 16:21 - 2013-10-18 22:56 - 00000000 ____D C:\Users\wupto\AppData\Local\Spotify
2013-11-22 17:18 - 2013-11-22 16:11 - 00000000 ____D C:\Users\wupto\Desktop\SteamCMD
2013-11-22 15:14 - 2013-09-04 13:36 - 00000000 ____D C:\Users\wupto\Desktop\Hammerwatch Art
2013-11-21 22:07 - 2013-11-21 22:07 - 00000221 _____ C:\Users\wupto\Desktop\Arma 2 Operation Arrowhead.url
2013-11-21 21:58 - 2013-11-21 21:58 - 00000222 _____ C:\Users\wupto\Desktop\Arma 2 DayZ Mod.url
2013-11-21 20:04 - 2013-11-21 20:04 - 00000000 ____D C:\Users\wupto\AppData\Local\Divinity 2
2013-11-21 20:04 - 2013-11-21 20:04 - 00000000 ____D C:\ProgramData\Divinity 2
2013-11-21 20:01 - 2013-11-21 20:01 - 00000000 ____D C:\Windows\B83FC356B7C0441F8A4DD71E088E7974.TMP
2013-11-21 20:01 - 2013-08-10 17:11 - 00561097 _____ C:\Windows\DirectX.log
2013-11-21 20:00 - 2013-08-10 17:06 - 00000000 ____D C:\Users\wupto\Documents\3D-CoatV4
2013-11-20 20:30 - 2013-11-20 20:23 - 00000000 ____D C:\Users\wupto\Desktop\Cactus Arcade
2013-11-20 20:21 - 2013-11-20 20:17 - 47990013 _____ C:\Users\wupto\Downloads\arcade.zip
2013-11-20 20:14 - 2013-09-23 15:59 - 00000000 ____D C:\Users\wupto\AppData\Roaming\vlc
2013-11-20 20:11 - 2013-11-20 20:11 - 01329197 _____ C:\Users\wupto\Downloads\I Was In The War.rar
2013-11-20 19:19 - 2013-11-20 19:19 - 00000000 ____D C:\Users\wupto\Desktop\juicy
2013-11-20 19:19 - 2013-08-10 12:43 - 00000000 ___RD C:\Users\wupto\Desktop\Games
2013-11-20 19:18 - 2013-11-20 19:17 - 02050875 _____ C:\Users\wupto\Downloads\controlconf.rar
2013-11-20 14:19 - 2013-11-20 14:19 - 01071224 _____ (Solid State Networks) C:\Users\wupto\Downloads\install_flashplayer11x32au_mssd_aaa_aih.exe
2013-11-19 15:54 - 2013-08-11 11:43 - 00035726 _____ C:\Windows\PFRO.log
2013-11-19 11:21 - 2013-08-10 04:55 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-18 21:33 - 2013-11-18 21:32 - 00000000 ____D C:\Users\wupto\.mediathek3
2013-11-18 21:32 - 2013-11-18 21:32 - 00000000 ____D C:\Users\wupto\Documents\StreamTransport
2013-11-18 21:31 - 2013-11-18 21:31 - 12839824 _____ C:\Users\wupto\Downloads\MediathekView_3.3.0.zip
2013-11-18 21:31 - 2013-11-18 21:31 - 00000000 ____D C:\Users\wupto\MediathekView
2013-11-18 21:24 - 2013-11-18 21:24 - 03331742 _____ ( ) C:\Users\wupto\Downloads\streamtransport2171_setup.exe
2013-11-18 21:21 - 2013-08-11 14:49 - 00000000 ____D C:\Users\wupto\dwhelper
2013-11-18 20:20 - 2013-08-10 12:35 - 00000399 _____ C:\Users\wupto\Desktop\films u should watch.txt
2013-11-18 19:36 - 2013-08-10 14:14 - 00000000 ____D C:\Users\wupto\Desktop\TO DO
2013-11-18 18:35 - 2013-08-10 12:40 - 00000000 ____D C:\Users\wupto\Documents\my games
2013-11-18 17:59 - 2013-11-18 17:58 - 00000000 ____D C:\Users\wupto\AppData\Local\Risen
2013-11-18 17:50 - 2013-11-18 17:50 - 00000000 ____D C:\Windows\1C4551A64743409391E41477CD655043.TMP
2013-11-18 17:44 - 2013-11-18 17:44 - 00000000 ____D C:\Program Files (x86)\Deep Silver
2013-11-18 17:44 - 2013-08-10 04:26 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-18 14:17 - 2013-09-14 14:48 - 00000000 ____D C:\Windows\System32\Tasks\Games
2013-11-17 22:26 - 2013-08-10 04:52 - 00001912 _____ C:\Windows\epplauncher.mif
2013-11-17 22:25 - 2013-08-10 04:51 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-17 22:25 - 2013-08-10 04:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-11-17 16:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-17 01:29 - 2009-07-14 18:58 - 00699188 _____ C:\Windows\system32\perfh007.dat
2013-11-17 01:29 - 2009-07-14 18:58 - 00149328 _____ C:\Windows\system32\perfc007.dat
2013-11-17 01:29 - 2009-07-14 06:13 - 01619672 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-17 00:20 - 2013-11-17 00:19 - 00000000 ____D C:\Users\wupto\AppData\Local\GameMaker8.1
2013-11-17 00:19 - 2013-11-17 00:19 - 12725464 _____ C:\Users\wupto\Downloads\GameMaker-Installer-8.1.exe
2013-11-17 00:19 - 2013-11-17 00:19 - 00000000 ____D C:\Users\wupto\GameMaker 8.1
2013-11-17 00:19 - 2013-11-17 00:19 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameMaker 8.1
2013-11-17 00:19 - 2013-11-17 00:19 - 00000000 ____D C:\Users\wupto\AppData\Roaming\GameMaker
2013-11-17 00:19 - 2013-08-19 22:15 - 00000000 ____D C:\Users\wupto\AppData\Local\YoYo_Games_Ltd
2013-11-13 21:20 - 2013-11-13 21:25 - 00000000 ____D C:\Users\wupto\Desktop\dungame
2013-11-12 21:22 - 2013-11-12 21:22 - 00000000 ____D C:\ProgramData\Oracle
2013-11-12 21:21 - 2013-11-12 21:21 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-11-12 21:21 - 2013-08-11 16:36 - 00000000 ____D C:\Program Files (x86)\Java
2013-11-10 20:33 - 2013-08-10 12:35 - 00000000 ____D C:\Users\wupto\Desktop\ART
2013-11-10 16:11 - 2013-09-21 19:00 - 00000000 ____D C:\Program Files (x86)\Cube World
2013-11-10 15:49 - 2013-11-10 15:49 - 06480958 _____ C:\Users\wupto\Downloads\DesktopDungeons_v021.exe
2013-11-09 23:58 - 2013-11-09 13:19 - 00000000 ____D C:\Users\wupto\Desktop\dungon
2013-11-09 22:54 - 2013-11-09 22:54 - 00501248 _____ (Facebook Inc.) C:\Users\wupto\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
2013-11-09 22:54 - 2013-11-09 22:54 - 00003904 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2551939517-2927700148-1210324758-1000UA
2013-11-09 22:54 - 2013-11-09 22:54 - 00003536 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2551939517-2927700148-1210324758-1000Core
2013-11-09 22:54 - 2013-11-09 22:54 - 00000000 ____D C:\Users\wupto\AppData\Local\Facebook
2013-11-09 18:45 - 2013-11-09 18:45 - 00000000 ____D C:\Users\wupto\AppData\Local\unknown
2013-11-07 19:19 - 2013-08-23 18:36 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Apple Computer
2013-11-07 19:18 - 2013-11-07 19:17 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-07 19:18 - 2013-11-07 19:17 - 00000000 ____D C:\Program Files\iTunes
2013-11-07 19:18 - 2013-11-07 19:17 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-07 19:18 - 2013-08-23 18:36 - 00000000 ____D C:\Users\wupto\AppData\Local\Apple Computer
2013-11-07 19:17 - 2013-11-07 19:17 - 00000000 ____D C:\Program Files\iPod
2013-11-07 19:17 - 2013-08-26 13:39 - 00000000 ____D C:\ProgramData\Apple Computer
2013-11-07 19:15 - 2013-08-26 13:36 - 00000000 ____D C:\ProgramData\Apple
2013-11-07 19:14 - 2013-11-07 19:14 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-11-07 19:14 - 2013-11-07 19:14 - 00000000 ____D C:\Program Files\Bonjour
2013-11-07 19:14 - 2013-11-07 19:14 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-11-07 19:14 - 2013-11-07 19:11 - 100400976 _____ (Apple Inc.) C:\Users\wupto\Downloads\iTunes64Setup.exe
2013-11-07 12:54 - 2013-11-07 12:54 - 00000748 _____ C:\Users\wupto\Downloads\Manoria.sav
2013-11-07 12:54 - 2013-11-07 12:53 - 12141520 _____ () C:\Users\wupto\Downloads\manoria0.6.exe
2013-11-06 16:52 - 2013-08-23 18:37 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Unity
2013-11-06 16:19 - 2013-08-10 04:15 - 00000000 ___RD C:\Users\wupto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-06 16:18 - 2013-08-10 14:35 - 00001017 _____ C:\Users\wupto\Desktop\Dropbox.lnk
2013-11-06 16:18 - 2013-08-10 14:31 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-11-06 16:17 - 2013-08-10 12:02 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-06 16:17 - 2013-08-10 12:02 - 00000000 ____D C:\ProgramData\Skype
2013-11-05 19:08 - 2013-09-19 14:53 - 00000000 ____D C:\Users\wupto\Documents\Klei
2013-11-04 23:58 - 2013-11-04 23:52 - 00000000 ____D C:\Users\wupto\AppData\Roaming\.mojam
2013-11-04 23:49 - 2013-10-25 19:15 - 00000000 ____D C:\Users\wupto\skyrim gedönse
2013-11-04 23:41 - 2013-10-04 01:43 - 00001418 _____ C:\Users\wupto\Desktop\3D-Coat.lnk
2013-11-04 23:41 - 2013-08-30 20:39 - 00001521 _____ C:\Users\wupto\Desktop\Flash.lnk
2013-11-04 23:41 - 2013-08-28 14:07 - 00001219 _____ C:\Users\wupto\Desktop\After Effects.lnk
2013-11-04 23:41 - 2013-08-26 12:13 - 00001103 _____ C:\Users\wupto\Desktop\Premiere Pro.lnk
2013-11-04 23:41 - 2013-08-20 11:48 - 00000953 _____ C:\Users\wupto\Desktop\Eclipse.lnk
2013-11-04 23:41 - 2013-08-10 18:46 - 00001708 _____ C:\Users\wupto\Desktop\Photoshop.lnk
2013-11-03 19:13 - 2013-08-10 12:36 - 00000000 ____D C:\Users\wupto\Desktop\Modelling
2013-11-03 15:14 - 2013-11-02 17:59 - 00000000 ____D C:\Users\wupto\Desktop\EBT
2013-11-03 14:39 - 2013-08-21 12:03 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Audacity
2013-11-03 13:50 - 2013-11-03 13:50 - 00065832 _____ C:\Users\wupto\Downloads\fsbext-master.zip
2013-11-03 13:46 - 2013-11-03 13:46 - 00055201 _____ C:\Users\wupto\Downloads\fsbext.zip
2013-11-03 02:37 - 2013-08-23 18:51 - 00000000 ____D C:\Users\wupto\Documents\New Unity Project
2013-11-02 17:21 - 2013-08-23 18:36 - 00000000 ____D C:\ProgramData\Unity
2013-11-02 00:25 - 2013-11-01 23:48 - 00000000 ____D C:\Users\wupto\Documents\Proteus
2013-11-01 14:28 - 2013-11-01 14:28 - 00000000 ____D C:\Users\wupto\.lennasinception
2013-11-01 13:07 - 2013-11-01 13:06 - 11626288 _____ C:\Users\wupto\Downloads\lennasinception_alpha4a.zip
2013-10-31 00:36 - 2013-09-21 20:41 - 00000000 ____D C:\Users\wupto\AppData\Roaming\BitTorrent
2013-10-30 23:58 - 2013-08-10 12:17 - 00000000 ____D C:\Users\wupto\021342323232342342
2013-10-30 18:06 - 2013-10-30 18:06 - 00000000 ____D C:\Users\wupto\Documents\Remedy
2013-10-29 11:24 - 2013-10-29 11:22 - 00000000 ____D C:\Program Files (x86)\3D-Fahrschule Demo
2013-10-29 11:22 - 2013-10-29 11:22 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3D-Fahrschule Demo
2013-10-29 11:21 - 2013-10-29 11:20 - 38687661 _____ C:\Users\wupto\Downloads\drive5-DE.exe
2013-10-29 10:54 - 2009-07-14 05:45 - 04948096 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-28 14:16 - 2013-08-10 04:52 - 00062392 _____ C:\Users\wupto\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-28 14:14 - 2013-10-28 14:14 - 00015157 _____ C:\Users\wupto\Downloads\dungeon_sn.zip
2013-10-28 14:12 - 2013-10-28 14:12 - 00020128 _____ C:\Users\wupto\Downloads\carolingia.zip
2013-10-28 14:09 - 2013-10-28 14:09 - 00092555 _____ C:\Users\wupto\Downloads\bilbo_hand.zip
2013-10-27 18:10 - 2013-10-25 16:03 - 00000000 ____D C:\Nexus
2013-10-27 18:10 - 2013-10-25 15:57 - 00000000 ____D C:\Users\wupto\AppData\Local\Skyrim
2013-10-27 02:19 - 2013-10-27 02:19 - 00586994 _____ C:\Users\wupto\Downloads\codeshooter_crashesterribly_sowhat.zip
2013-10-27 02:11 - 2013-10-27 02:11 - 01134847 _____ (Herrios ) C:\Users\wupto\Downloads\ClickNinja.exe
2013-10-27 01:57 - 2013-10-27 01:57 - 00000000 ____D C:\Users\wupto\AppData\Local\2playersplatformer3
2013-10-27 01:56 - 2013-10-27 01:56 - 05728768 _____ (Lumenus Team ) C:\Users\wupto\Downloads\Duaalsus_0.0.2.10.exe
2013-10-26 23:12 - 2013-10-26 23:12 - 00000132 _____ C:\Users\wupto\AppData\Roaming\Adobe Targa-Format CC - Voreinstellungen
2013-10-26 22:10 - 2013-10-26 13:26 - 00000000 ____D C:\Users\wupto\WoWModelViewer_7.0.5
2013-10-26 13:23 - 2013-10-26 13:23 - 06326430 _____ C:\Users\wupto\Downloads\WMV_Binary_v0705_Win32.zip
2013-10-25 22:59 - 2013-10-25 22:59 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2010
2013-10-25 22:59 - 2013-10-25 22:59 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2010
2013-10-25 21:39 - 2013-10-13 13:23 - 00000000 ____D C:\Users\wupto\AppData\Local\Paint.NET
2013-10-25 16:03 - 2013-10-25 16:03 - 00000890 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2013-10-25 16:03 - 2013-10-25 16:03 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2013-10-25 16:03 - 2013-10-25 15:53 - 00000000 ____D C:\Users\wupto\AppData\Local\Black_Tree_Gaming
2013-10-25 15:57 - 2013-10-02 18:50 - 00000000 ____D C:\Users\wupto\Documents\Witcher 2
2013-10-25 15:53 - 2013-10-25 15:53 - 00000000 ____D C:\Users\wupto\Documents\Nexus Mod Manager
2013-10-25 15:36 - 2013-10-25 15:35 - 04123248 _____ (Black Tree Gaming ) C:\Users\wupto\Downloads\Nexus Mod Manager-0.45.6.exe
2013-10-25 14:06 - 2013-09-28 10:32 - 00000000 ____D C:\Users\wupto\Documents\3dsMax
Files to move or delete:
====================
C:\Users\wupto\jagex_cl_oldschool_LIVE.dat
C:\Users\wupto\jagex_cl_runescape_LIVE.dat
C:\Users\wupto\jagex_cl_runescape_LIVE1.dat
C:\Users\wupto\jagex_cl_speccollect_LIVE.dat
C:\Users\wupto\random.dat
Some content of TEMP:
====================
C:\Users\wupto\AppData\Local\Temp\AcDeltree.exe
C:\Users\wupto\AppData\Local\Temp\appshat-distribution.exe
C:\Users\wupto\AppData\Local\Temp\biclient.exe
C:\Users\wupto\AppData\Local\Temp\comver.dll
C:\Users\wupto\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\wupto\AppData\Local\Temp\DLMGuardian.exe
C:\Users\wupto\AppData\Local\Temp\GameuxInstallHelper.dll
C:\Users\wupto\AppData\Local\Temp\Gw2.exe
C:\Users\wupto\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\wupto\AppData\Local\Temp\nsh9500.exe
C:\Users\wupto\AppData\Local\Temp\nsh9723.exe
C:\Users\wupto\AppData\Local\Temp\nsjA85D.exe
C:\Users\wupto\AppData\Local\Temp\nss4347.exe
C:\Users\wupto\AppData\Local\Temp\nsx4589.exe
C:\Users\wupto\AppData\Local\Temp\Setup-Wacom.exe
C:\Users\wupto\AppData\Local\Temp\Show-Password_1030-8100.exe
C:\Users\wupto\AppData\Local\Temp\SkypeSetup.exe
C:\Users\wupto\AppData\Local\Temp\sonarinst.exe
C:\Users\wupto\AppData\Local\Temp\SPSetup.exe
C:\Users\wupto\AppData\Local\Temp\ubiC810.tmp.exe
C:\Users\wupto\AppData\Local\Temp\uttD611.tmp.exe
C:\Users\wupto\AppData\Local\Temp\xmlUpdater.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-11-20 14:13
==================== End Of Log ============================
--- --- --- Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-11-2013
Ran by wupto at 2013-11-24 22:15:16
Running from C:\Users\wupto\Virenbekämpfung
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
Tools for .Net 3.5 - DEU Lang Pack (x32 Version: 3.11.50727)
Tools for .Net 3.5 (x32 Version: 3.11.50727)
3D-Fahrschule Demo (x32 Version: )
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
A Virus Named TOM (x32)
Adobe After Effects CC (x32 Version: 12)
Adobe AIR (x32 Version: 3.8.0.870)
Adobe Creative Cloud (x32 Version: 2.1.2.232)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Flash Professional CC (x32 Version: 13.0)
Adobe Muse (x32 Version: 5.0)
Adobe Muse (x32 Version: 5.0.704)
Adobe Photoshop CC (x32 Version: 14.0)
Adobe Premiere Pro CC (x32 Version: 7.0.0)
Age of Empires II: HD Edition (x32)
Akamai NetSession Interface (HKCU)
Alan Wake (x32)
Alan Wake's American Nightmare (x32)
Android SDK Tools (x32 Version: 1.16)
Angry Video Game Nerd Adventures (x32)
ANNO 1404 (x32 Version: 1.00.0000)
Anno 1404 (x32 Version: 1.00.0000)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
Arma 2: DayZ Mod (x32)
Arma 2: Operation Arrowhead (x32)
Audacity 2.0.3 (x32 Version: 2.0.3)
Audiosurf (x32)
Aurora 27.0a2 (x86 de) (x32 Version: 27.0a2)
Autodesk 3ds Max 2013 64-bit (Version: 15.0.0.347)
Autodesk Backburner 2013.0.0 (x32 Version: 2013.0.0)
Autodesk DirectConnect 2013 64-bit (Version: 7.0.28.0)
Autodesk Download Manager (x32 Version: 2.0.6.0)
Autodesk Essential Skills Movies for 3ds Max 2013 64-bit (Version: 1.0.0.1)
Autodesk FBX Plug-in 2013.1 - 3ds Max 2013 64-bit
Autodesk Inventor Server Engine for 3ds Max 2013 64-bit (Version: 15.0)
Autodesk Material Library 2013 (x32 Version: 3.0.13)
Autodesk Material Library Base Resolution Image Library 2013 (x32 Version: 3.0.13)
Autodesk Material Library Medium Resolution Image Library 2013 (x32 Version: 3.0.13)
Autodesk Revit Interoperability for 3ds Max and 3ds Max Design 2013 64-bit (Version: 1.0.0.1)
Battlefield 3™ (x32 Version: 1.6.0.0)
Battlelog Web Plugins (x32 Version: 2.1.7)
BeamNG.drive (HKCU Version: 0.3.0.5)
BeamNG.drive-0.3 (remove only) (HKCU)
BeamNG-Techdemo-0.3 (remove only) (HKCU)
BioShock Infinite (x32)
BitTorrent (HKCU Version: 7.8.1.30016)
Blood Bowl: Legendary Edition (x32)
Bonjour (Version: 3.0.0.10)
Brothers - A Tale of Two Sons (x32)
Brütal Legend (x32)
Burnout Paradise: The Ultimate Box (x32)
Castle Story (x32)
Cave Story+ (x32)
Cheat Engine 6.3 (x32)
Chivalry: Medieval Warfare (x32)
Chivalry: Medieval Warfare Beta (x32)
Cities XL Platinum (x32)
Clonk Endeavour 4.95.5 (x32 Version: 4.95.5)
CodeBlocks (HKCU Version: 12.11)
Command and Conquer: Red Alert 3 - Uprising (x32)
Composite 2013 64-bit (Version: 8.0.0)
Confrontation (x32)
Crysis 2 Maximum Edition (x32)
Cube World version 0.0.1 (x32 Version: 0.0.1)
Dark Souls: Prepare to Die Edition (x32)
Dead Space (x32)
Delver (x32)
Desura (x32 Version: 100.53)
Die ersten 10 Jahre (x32 Version: 1.00.0000)
Divinity II: Developer's Cut (x32)
Don't Starve (x32)
Dota 2 (x32)
Dropbox (HKCU Version: 2.4.6)
Eets Munchies (x32)
Eldritch (x32)
Entity Framework Designer für Visual Studio 2012 - DEU (x32 Version: 11.1.20702.00)
Erforderliche Komponenten für SSDT (x32 Version: 11.0.2100.60)
ESN Sonar (x32 Version: 0.70.4)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)
FEZ (x32)
Finalizer deinstallieren (x32 Version: 2.1.10716.1601)
Finalizer installieren (x32 Version: 2.1.10716.1601)
Folk Tale (x32)
Fraps (remove only) (x32)
Free Studio version 2013 (x32 Version: 6.1.10.812)
FTL: Faster Than Light (x32)
Game of Thrones (x32)
GameMaker 8.1 (HKCU)
GameMaker: Studio (x32)
GameMaker-Studio 1.1 (HKCU)
GameSpy Arcade (x32)
Garry's Mod (x32)
GDC 0.24.svn.r229 (x32 Version: 0.24.svn.r229)
Gnomoria (x32)
Google Chrome (x32 Version: 31.0.1650.57)
Google Earth Plug-in (x32 Version: 7.1.1.1888)
Google Update Helper (x32 Version: 1.3.21.165)
GraphicsGale FreeEdition version 1.93.24 (x32)
Guild Wars 2 (x32)
Hack n Slash Prototype (x32)
IIS 8.0 Express (Version: 8.0.1557)
IIS Express Application Compatibility Database for x64
IIS Express Application Compatibility Database for x86
Indie Game: The Movie (x32)
Install Finalizer (x32 Version: 2.1.10716.1601)
Intel(R) Network Connections 14.2.100.0 (Version: 14.2.100.0)
iTunes (Version: 11.1.3.8)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Java SE Development Kit 7 Update 25 (64-bit) (Version: 1.7.0.250)
Kerbal Space Program (x32)
Language Pack (DEU) für freigegebene Windows Azure-Komponenten für Microsoft Visual Studio 2012 - v1.0 (x32 Version: 1.0.10712.1601)
Magic 2014 (x32)
Magic The Gathering Online (HKCU Version: 3.4.78.338)
Mark of the Ninja (x32)
Marmoset Toolbag (x32)
Medal of Honor(TM) Multiplayer (x32)
Medal of Honor(TM) Single Player (x32)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (x32 Version: 4.5.50709)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (x32 Version: 4.5.50709)
Microsoft .NET Framework 4.5 SDK (x32 Version: 4.5.50709)
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000)
Microsoft ASP.NET and Web Frameworks 2012.2 - DEU (x32 Version: 2.1.20219.0)
Microsoft ASP.NET and Web Frameworks 2012.2 (x32 Version: 2.1.20219.0)
Microsoft ASP.NET MVC 3 - DEU (x32 Version: 3.0.20105.0)
Microsoft ASP.NET MVC 3 - Visual Studio Express 2012 for Web (x32 Version: 3.0.30710.0)
Microsoft ASP.NET MVC 3 (x32 Version: 3.0.20105.0)
Microsoft ASP.NET MVC 3 -Visual Studio Express 2012 for Web Tools Update - DEU (x32 Version: 3.0.30710.0)
Microsoft ASP.NET MVC 4 - Visual Studio Express 2012 for Web - DEU (x32 Version: 4.1.20219.0)
Microsoft ASP.NET MVC 4 - Visual Studio Express 2012 for Web - ENU (x32 Version: 4.1.20219.0)
Microsoft ASP.NET MVC 4 Runtime - DEU (x32 Version: 4.0.20710.0)
Microsoft ASP.NET MVC 4 Runtime (x32 Version: 4.0.20710.0)
Microsoft ASP.NET Visual Studio 2012 Finalizer (x32 Version: 4.1.20219.0)
Microsoft ASP.NET Visual Studio 2012 Uninstall Finalizer (x32 Version: 4.1.20219.0)
Microsoft ASP.NET Web Pages - DEU (x32 Version: 1.0.20105.0)
Microsoft ASP.NET Web Pages - Visual Studio Express 2012 for Web - DEU (x32 Version: 1.0.20710.0)
Microsoft ASP.NET Web Pages - Visual Studio Express 2012 for Web (x32 Version: 1.0.20710.0)
Microsoft ASP.NET Web Pages (x32 Version: 1.0.20105.0)
Microsoft ASP.NET Web Pages 2 - Visual Studio Express 2012 for Web - DEU (x32 Version: 4.1.20219.0)
Microsoft ASP.NET Web Pages 2 - Visual Studio Express 2012 for Web - ENU (x32 Version: 4.1.20219.0)
Microsoft ASP.NET Web Pages 2 Runtime - DEU (x32 Version: 2.0.20710.0)
Microsoft ASP.NET Web Pages 2 Runtime (x32 Version: 2.0.20715.0)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (x32 Version: 3.5.30730.0)
Microsoft Help Viewer 1.0 (Version: 1.0.30319)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319)
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727)
Microsoft Help Viewer 2.0 Language Pack - DEU (x32 Version: 2.0.50727)
Microsoft NuGet - Visual Studio Express 2012 for Web (x32 Version: 2.0.30625.9003)
Microsoft Security Client (Version: 4.4.0304.0)
Microsoft Security Essentials (Version: 4.4.304.0)
Microsoft SQL Server 2012 Command Line Utilities (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Data-Tier App Framework (Version: 11.1.2807.0)
Microsoft SQL Server 2012 Data-Tier App Framework (x32 Version: 11.1.2807.0)
Microsoft SQL Server 2012 Express LocalDB (Version: 11.0.2318.0)
Microsoft SQL Server 2012 Management Objects (x32 Version: 11.0.2100.60)
Microsoft SQL Server 2012 Management Objects (x64) (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Native Client (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (Version: 11.0.2100.60)
Microsoft SQL Server 2012 T-SQL Language Service (x32 Version: 11.0.2100.60)
Microsoft SQL Server Compact 3.5 SP2 DEU (x32 Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (Version: 4.0.8876.1)
Microsoft SQL Server Data Tools - DEU (11.1.20905.0) (x32 Version: 11.1.20905.0)
Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20905.0) (x32 Version: 11.1.20905.0)
Microsoft SQL Server System CLR Types (x32 Version: 10.50.1600.1)
Microsoft SQL Server System CLR Types (x64) (Version: 10.50.1600.1)
Microsoft System CLR Types for SQL Server 2012 (x32 Version: 11.0.2100.60)
Microsoft System CLR Types for SQL Server 2012 (x64) (Version: 11.0.2100.60)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2010 Express - DEU (x32 Version: 10.0.30319)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (Version: 10.0.30319)
Microsoft Visual Studio 2012 Express Prerequisites x64 - DEU (Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Minimum) (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell-(Mindest)-Ressourcen (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Tools für SQL Server Compact 4.0 SP1 DEU (x32 Version: 4.0.8876.1)
Microsoft Visual Studio 2012-Vorbereitung (x32 Version: 11.0.50727)
Microsoft Visual Studio Express 2012 for Web - ENU (x32 Version: 11.0.50727)
Microsoft Visual Studio Express 2012 für das Web - DEU (x32 Version: 11.0.50727)
Microsoft Visual Studio Express 2012 für das Web - DEU (x32 Version: 11.0.50727.26)
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - DEU (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (x32 Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - DEU (x32 Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (x32 Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 XAML UI Designer deu Resources (x32 Version: 11.0.50727)
Microsoft Web Deploy 3.0 (Version: 3.1236.1631)
Microsoft Web Deploy dbSqlPackage Provider - DEU (x32 Version: 10.3.20225.0)
Microsoft Web Developer Tools 2012.2.1 - Visual Studio Express 2012 for Web - deu (x32 Version: 1.3.40412.0)
Microsoft Web Developer Tools 2012.2.1 - Visual Studio Express 2012 for Web (x32 Version: 1.3.40412.0)
Microsoft Web Platform Installer 4.6 (Version: 4.0.40719.0)
Microsoft XNA Framework Redistributable 4.0 (x32 Version: 4.0.20823.0)
Microsoft XNA Framework Redistributable 4.0 Refresh (x32 Version: 4.0.30901.0)
Mirror's Edge (x32)
Mozilla Maintenance Service (x32 Version: 27.0a2)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (x32 Version: 4.20.9818.0)
Nexus Mod Manager (Version: 0.45.6)
Northland (x32)
Notepad++ (x32 Version: 6.4.5)
Nuclear Throne (x32)
NVIDIA 3D Vision Controller-Treiber 305.27 (Version: 305.27)
NVIDIA 3D Vision Treiber 311.06 (Version: 311.06)
NVIDIA Grafiktreiber 311.06 (Version: 311.06)
NVIDIA HD-Audiotreiber 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.108.688)
NVIDIA Photoshop Plug-ins 64 bit (x32 Version: 8.50)
NVIDIA PhysX (x32 Version: 9.12.0613)
NVIDIA PhysX-Systemsoftware 9.12.0613 (Version: 9.12.0613)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106)
NVIDIA Systemsteuerung 311.06 (Version: 311.06)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
One Unit Whole Blood (x32 Version: 2.0.0.21)
Open Broadcaster Software (x32)
OpenAL (x32)
Orcs Must Die! 2 (x32)
Origin (x32 Version: 9.3.7.2735)
Paint.NET v3.5.11 (Version: 3.61.0)
Path of Exile (x32)
PDF Settings CC (x32 Version: 12.0)
Populous (x32 Version: 1.0.0.0)
Project Zomboid (x32)
Proteus (x32)
PunkBuster Services (x32 Version: 0.991)
QuickTime (x32 Version: 7.74.80.86)
RAW - Realms of Ancient War (x32)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5841)
Risen (x32 Version: 1.00.0000)
Rocketbirds: Hardboiled Chicken (x32)
Rogue Legacy (x32)
Sauerbraten (x32)
Scribblenauts Unlimited (x32)
Scrolls (x32 Version: 1.0.0)
Security Task Manager 1.8g (x32 Version: 1.8g)
Shelter (x32)
Show-Password (x32)
Sir, You Are Being Hunted (x32)
Skype™ 6.10 (x32 Version: 6.10.104)
Spelunky (x32)
Spotify (HKCU Version: 0.9.6.72.ge389c074)
Steam (x32 Version: 1.0.0.0)
Stronghold (x32)
Stronghold 2 (x32)
Stronghold Crusader + Extreme (x32)
Super Meat Boy (x32)
Surgeon Simulator 2013 (x32)
Team Fortress 2 (x32)
Terraria (x32)
The Binding of Isaac (x32)
The Elder Scrolls V: Skyrim (x32)
The Kings of the Dark Age (x32)
The Witcher 2 - Assassins of Kings Enhanced Edition (x32 Version: 3.4.0.25)
Total War: ROME II (x32)
Total War: SHOGUN 2 (x32)
Ultima Online Classic Client (x32 Version: )
Uninstall Finalizer (x32 Version: 2.1.10716.1601)
Unity (x32 Version: )
Unity Web Player (HKCU Version: )
Update for (KB2504637) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1)
Update for Microsoft Visual Studio 2012 (KB2781514) (x32 Version: 11.0.51219)
VirtualCloneDrive (x32)
VLC media player 2.0.7 (Version: 2.0.7)
Volgarr the Viking (x32)
Wacom (Version: 5.3.2-1)
Wacom Tablett (Version: 6.3.6w3)
WampServer 2.4 (x32)
War of the Vikings Alpha (x32)
WebTablet FB Plugin 32 bit (x32 Version: 2.1.0.3)
WebTablet FB Plugin 64 bit (Version: 2.1.0.3)
Windows Azure Authoring Tools - v2.1 (Version: 2.1.6493.1)
Windows Azure Emulator - v2.1 (Version: 2.1.6493.1)
Windows Azure Libraries for .NET – v2.1 (Version: 2.1.0717.110)
Windows Azure Shared Components for Microsoft Visual Studio 2012 - v1.0 (x32 Version: 1.0.10712.1601)
Windows Azure Tools for Microsoft Visual Studio 2012 - v2.1 (x32 Version: 2.1.10716.1601)
Windows Azure Tools for Microsoft Visual Studio 2012 Core (x32 Version: 2.1.10716.1601)
Windows Azure Tools für Microsoft Visual Studio 2012 Core Language Pack (DEU) (x32 Version: 2.1.10716.1601)
Windows Azure Tools für Microsoft Visual Studio 2012 Language Pack (DEU) - v2.1 (x32 Version: 2.1.10716.1601)
WinRAR 5.00 (64-bit) (Version: 5.00.0)
World of Warcraft (x32 Version: 5.4.0.17399)
ZBrush 4R5 (x32 Version: 4R5)
==================== Restore Points =========================
23-11-2013 20:26:45 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2009-07-14 03:34 - 2013-09-15 19:40 - 00000851 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {2FFCCE00-EED9-4741-A54A-ACA10765DDA5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-15] (Google Inc.)
Task: {30B95056-B715-4C6D-8FBD-E5CEC5FDA21E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2551939517-2927700148-1210324758-1000UA => C:\Users\wupto\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-09] (Facebook Inc.)
Task: {35450B56-C6A0-4F9C-B64D-D22305831520} - System32\Tasks\AdobeAAMUpdater-1.0-wupto-PC-wupto => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2013-06-13] (Adobe Systems Incorporated)
Task: {5E389F8D-30F7-40EB-9829-169A15DD2C32} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {67868DA3-B460-4872-A4FF-0CE576B5A53A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-15] (Google Inc.)
Task: {A4E3E3D3-B4F5-45D1-B073-B0D693D1F6DB} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2551939517-2927700148-1210324758-1000Core => C:\Users\wupto\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-09] (Facebook Inc.)
Task: {C0CF59B3-E6CA-44A3-9123-31416A25D5D8} - System32\Tasks\Show-Password Update => C:\Program Files (x86)\Show-Password\Show_Password.exe [2013-11-24] ()
Task: {ED177A2E-D68F-4483-8671-63FF9C1D42D9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2551939517-2927700148-1210324758-1000Core.job => C:\Users\wupto\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2551939517-2927700148-1210324758-1000UA.job => C:\Users\wupto\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Show-Password Update.job => C:\Program Files (x86)\Show-Password\Show_Password.exe
==================== Loaded Modules (whitelisted) =============
2013-08-30 09:01 - 2013-08-30 09:01 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-08-21 10:56 - 2012-12-11 12:07 - 01184640 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2013-08-23 10:49 - 2013-06-06 18:31 - 01185048 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-07-01 07:20 - 2013-10-24 18:45 - 00691200 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-07-26 13:46 - 2013-10-30 20:25 - 01123240 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-07-15 13:32 - 2013-10-23 21:07 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2013-07-26 13:46 - 2013-10-30 20:25 - 00121256 _____ () C:\Program Files (x86)\Steam\bin\audio.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 00071680 _____ () C:\Program Files (x86)\Steam\bin\mssmp3.asi
2013-06-14 14:49 - 2013-06-15 00:49 - 00153088 _____ () C:\Program Files (x86)\Steam\bin\mssvoice.asi
2013-11-23 16:36 - 2013-11-23 16:36 - 03551856 _____ () C:\Program Files (x86)\Aurora\mozjs.dll
2013-10-09 13:38 - 2013-10-09 13:38 - 16233864 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:3817184C
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/23/2013 09:20:18 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (11/23/2013 09:00:29 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (11/23/2013 08:29:09 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (11/23/2013 04:13:13 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Creative Cloud.exe, Version: 2.1.2.232, Zeitstempel: 0x5225b76b
Name des fehlerhaften Moduls: HEX.dll, Version: 2.1.2.232, Zeitstempel: 0x5225f71a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00015e33
ID des fehlerhaften Prozesses: 0x13d0
Startzeit der fehlerhaften Anwendung: 0xCreative Cloud.exe0
Pfad der fehlerhaften Anwendung: Creative Cloud.exe1
Pfad des fehlerhaften Moduls: Creative Cloud.exe2
Berichtskennung: Creative Cloud.exe3
Error: (11/22/2013 02:24:53 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (11/22/2013 01:43:16 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Creative Cloud.exe, Version: 2.1.2.232, Zeitstempel: 0x5225b76b
Name des fehlerhaften Moduls: HEX.dll, Version: 2.1.2.232, Zeitstempel: 0x5225f71a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00015e33
ID des fehlerhaften Prozesses: 0x11b4
Startzeit der fehlerhaften Anwendung: 0xCreative Cloud.exe0
Pfad der fehlerhaften Anwendung: Creative Cloud.exe1
Pfad des fehlerhaften Moduls: Creative Cloud.exe2
Berichtskennung: Creative Cloud.exe3
Error: (11/21/2013 08:01:44 PM) (Source: MsiInstaller) (User: wupto-PC)
Description: Produkt: NVIDIA PhysX -- Installation terminated
Error: (11/21/2013 03:14:55 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (11/20/2013 09:49:42 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 27.0.0.5070, Zeitstempel: 0x528a0503
Name des fehlerhaften Moduls: xul.dll, Version: 27.0.0.5070, Zeitstempel: 0x528a04d0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0010d628
ID des fehlerhaften Prozesses: 0x134c
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Error: (11/20/2013 08:16:14 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: I Was In The War.exe, Version: 0.0.0.0, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: I Was In The War.exe, Version: 0.0.0.0, Zeitstempel: 0x2a425e19
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000418a
ID des fehlerhaften Prozesses: 0x1a00
Startzeit der fehlerhaften Anwendung: 0xI Was In The War.exe0
Pfad der fehlerhaften Anwendung: I Was In The War.exe1
Pfad des fehlerhaften Moduls: I Was In The War.exe2
Berichtskennung: I Was In The War.exe3
System errors:
=============
Error: (11/24/2013 00:26:35 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (11/24/2013 00:26:35 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (11/23/2013 09:24:48 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (11/23/2013 04:20:55 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.163.364.0
Aktualisierungsquelle: %NT-AUTORITÄT59
Aktualisierungsphase: 4.4.0304.00
Quellpfad: 4.4.0304.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (11/23/2013 04:12:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (11/23/2013 04:12:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (11/22/2013 01:39:13 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (11/22/2013 01:39:13 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (11/21/2013 00:07:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (11/21/2013 00:07:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Microsoft Office Sessions:
=========================
Error: (11/23/2013 09:20:18 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Autodesk\Composite 2013\python\lib\distutils\command\wininst-8_d.exe
Error: (11/23/2013 09:00:29 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Autodesk\Composite 2013\python\lib\distutils\command\wininst-8_d.exe
Error: (11/23/2013 08:29:09 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Autodesk\Composite 2013\python\lib\distutils\command\wininst-8_d.exe
Error: (11/23/2013 04:13:13 PM) (Source: Application Error)(User: )
Description: Creative Cloud.exe2.1.2.2325225b76bHEX.dll2.1.2.2325225f71ac000000500015e3313d001cee85e4ce1ccdbC:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exeC:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\HEX.dllc53993ad-5451-11e3-9186-00270e06e4f2
Error: (11/22/2013 02:24:53 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Autodesk\Composite 2013\python\lib\distutils\command\wininst-8_d.exe
Error: (11/22/2013 01:43:16 PM) (Source: Application Error)(User: )
Description: Creative Cloud.exe2.1.2.2325225b76bHEX.dll2.1.2.2325225f71ac000000500015e3311b401cee7802a30dea0C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exeC:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\HEX.dlla7f53d50-5373-11e3-97b2-00270e06e4f2
Error: (11/21/2013 08:01:44 PM) (Source: MsiInstaller)(User: wupto-PC)
Description: Produkt: NVIDIA PhysX -- Installation terminated(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (11/21/2013 03:14:55 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Autodesk\Composite 2013\python\lib\distutils\command\wininst-8_d.exe
Error: (11/20/2013 09:49:42 PM) (Source: Application Error)(User: )
Description: firefox.exe27.0.0.5070528a0503xul.dll27.0.0.5070528a04d0c00000050010d628134c01cee5f30ba420d8C:\Program Files (x86)\Aurora\firefox.exeC:\Program Files (x86)\Aurora\xul.dll472477f7-5225-11e3-bf12-00270e06e4f2
Error: (11/20/2013 08:16:14 PM) (Source: Application Error)(User: )
Description: I Was In The War.exe0.0.0.02a425e19I Was In The War.exe0.0.0.02a425e19c00000050000418a1a0001cee624f990262cC:\Users\wupto\Desktop\I Was In The War\I Was In The War.exeC:\Users\wupto\Desktop\I Was In The War\I Was In The War.exe386f2ab2-5218-11e3-bf12-00270e06e4f2
==================== Memory info ===========================
Percentage of memory in use: 30%
Total physical RAM: 12278.45 MB
Available physical RAM: 8556.06 MB
Total Pagefile: 24555.09 MB
Available Pagefile: 20727.2 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:395.39 GB) NTFS
Drive d: (RISEN) (CDROM) (Total:3.19 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 0004F85C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-11-24 22:32:34
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1 WDC_WD10EADS-00M2B0 rev.01.00A01 931,51GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\wupto\AppData\Local\Temp\ugloqpow.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff80002def000 45 bytes [01, 00, 00, 00, 00, 00, 00, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575 fffff80002def02f 16 bytes [00, 3F, 00, 00, 00, 3E, 00, ...]
---- User code sections - GMER 2.1 ----
.text C:\Windows\SysWOW64\PnkBstrA.exe[1288] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 0000000072c01a22 2 bytes [C0, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1288] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 0000000072c01ad0 2 bytes [C0, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1288] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 0000000072c01b08 2 bytes [C0, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1288] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 0000000072c01bba 2 bytes [C0, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1288] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 0000000072c01bda 2 bytes [C0, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1288] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000767e1465 2 bytes [7E, 76]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1288] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000767e14bb 2 bytes [7E, 76]
.text ... * 2
---- EOF - GMER 2.1 ----
Geändert von laubori (24.11.2013 um 22:58 Uhr) |
|
25.11.2013, 07:28
| #2 | |
| /// the machine /// TB-Ausbilder    | Seltsame Anwendungen nach Download - 123.dll - FacebookUpdate.exe - SearchProtect - Minibar.dll - AppsHat - ShowPassword hi,
__________________Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ |
|
25.11.2013, 14:29
| #3 |
| | Seltsame Anwendungen nach Download - 123.dll - FacebookUpdate.exe - SearchProtect - Minibar.dll - AppsHat - ShowPassword hi, schonmal danke für die hilfe, hier der log:
__________________er hat ein paar von mir erstellte dateien gelöscht, ist nicht so wichtig (alles in c:\users\wupto\021342323232342342) die zahl hat ihm wohl nicht gefallen  Code:
ATTFilter ComboFix 13-11-23.02 - wupto 25.11.2013 14:09:38.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.12278.9853 [GMT 1:00]
ausgeführt von:: c:\users\wupto\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\wupto\021342323232342342
c:\users\wupto\021342323232342342\23593\42390859028623.rar
c:\users\wupto\021342323232342342\23593\video.mp4
c:\users\wupto\021342323232342342\mememe.psd
c:\windows\SysWow64\FlashPlayerApp.exe
c:\windows\SysWow64\frapsvid.dll
c:\windows\SysWow64\tmp4E79.tmp
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-10-25 bis 2013-11-25 ))))))))))))))))))))))))))))))
.
.
2013-11-25 13:20 . 2013-11-25 13:20 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-11-25 13:20 . 2013-11-25 13:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-25 12:48 . 2013-11-08 03:12 10285968 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{308CD048-177E-441B-A42F-D61EF561604A}\mpengine.dll
2013-11-24 21:08 . 2013-11-24 21:08 -------- d-----w- C:\FRST
2013-11-24 20:46 . 2013-11-24 21:32 -------- d-----w- c:\users\wupto\Virenbekämpfung
2013-11-24 20:13 . 2013-11-24 20:13 -------- d-----w- c:\program files (x86)\Show-Password
2013-11-24 20:05 . 2013-11-24 20:05 -------- d-----w- c:\users\wupto\AppData\Local\DOSBox
2013-11-24 12:03 . 2013-11-24 12:03 -------- d-----w- c:\program files (x86)\DOSBox-0.74
2013-11-24 12:02 . 2013-11-24 20:08 -------- d-----w- c:\users\wupto\emus
2013-11-24 11:36 . 2013-11-08 03:12 10285968 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-11-23 15:50 . 2013-11-24 19:47 -------- d-----w- c:\users\wupto\AppData\Roaming\GameMaker-Studio
2013-11-23 15:36 . 2013-11-25 13:03 -------- d-----w- c:\program files (x86)\Aurora
2013-11-21 19:04 . 2013-11-21 19:04 -------- d-----w- c:\programdata\Divinity 2
2013-11-21 19:04 . 2013-11-21 19:04 -------- d-----w- c:\users\wupto\AppData\Local\Divinity 2
2013-11-21 19:01 . 2013-11-21 19:01 -------- d-----w- c:\windows\B83FC356B7C0441F8A4DD71E088E7974.TMP
2013-11-21 17:51 . 2013-11-21 17:51 -------- d-----w- c:\programdata\Logs
2013-11-18 20:32 . 2013-11-18 20:33 -------- d-----w- c:\users\wupto\.mediathek3
2013-11-18 20:31 . 2013-11-18 20:31 -------- d-----w- c:\users\wupto\MediathekView
2013-11-18 16:58 . 2013-11-18 16:59 -------- d-----w- c:\users\wupto\AppData\Local\Risen
2013-11-18 16:50 . 2013-11-18 16:50 -------- d-----w- c:\windows\1C4551A64743409391E41477CD655043.TMP
2013-11-18 16:50 . 2013-11-21 19:01 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2013-11-18 16:44 . 2013-11-18 16:44 -------- d-----w- c:\program files (x86)\Deep Silver
2013-11-16 23:19 . 2013-11-16 23:20 -------- d-----w- c:\users\wupto\AppData\Local\GameMaker8.1
2013-11-16 23:19 . 2013-11-16 23:19 -------- d-----w- c:\users\wupto\AppData\Roaming\GameMaker
2013-11-16 23:19 . 2013-11-16 23:19 -------- d-----w- c:\users\wupto\GameMaker 8.1
2013-11-14 18:12 . 2013-11-24 18:31 -------- d-----w- c:\users\wupto\jagexcache
2013-11-12 20:22 . 2013-11-12 20:22 -------- d-----w- c:\programdata\Oracle
2013-11-12 20:22 . 2013-11-12 20:22 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-11-12 20:21 . 2013-10-08 06:50 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-11-09 21:54 . 2013-11-09 21:54 -------- d-----w- c:\users\wupto\AppData\Local\Facebook
2013-11-09 17:45 . 2013-11-09 17:45 -------- d-----w- c:\users\wupto\AppData\Local\unknown
2013-11-07 18:18 . 2013-11-07 18:18 -------- dc----w- c:\windows\system32\DRVSTORE
2013-11-07 18:18 . 2012-08-21 12:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2013-11-07 18:17 . 2013-11-07 18:17 -------- d-----w- c:\program files\iPod
2013-11-07 18:17 . 2013-11-07 18:18 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-07 18:17 . 2013-11-07 18:18 -------- d-----w- c:\program files\iTunes
2013-11-07 18:17 . 2013-11-07 18:18 -------- d-----w- c:\program files (x86)\iTunes
2013-11-07 18:14 . 2013-11-07 18:14 -------- d-----w- c:\program files\Common Files\Apple
2013-11-07 18:14 . 2013-11-07 18:14 -------- d-----w- c:\program files\Bonjour
2013-11-07 18:14 . 2013-11-07 18:14 -------- d-----w- c:\program files (x86)\Bonjour
2013-11-07 11:49 . 2013-10-19 09:06 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{716E4644-BBBB-4086-9784-F382CF2BE61F}\gapaengine.dll
2013-11-06 21:50 . 2010-05-26 10:41 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll
2013-11-04 22:52 . 2013-11-04 22:58 -------- d-----w- c:\users\wupto\AppData\Roaming\.mojam
2013-11-01 13:28 . 2013-11-01 13:28 -------- d-----w- c:\users\wupto\.lennasinception
2013-10-30 17:06 . 2010-06-02 03:55 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2013-10-30 17:06 . 2010-06-02 03:55 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_5.dll
2013-10-30 17:06 . 2010-06-02 03:55 527192 ----a-w- c:\windows\SysWow64\XAudio2_7.dll
2013-10-30 17:06 . 2010-06-02 03:55 518488 ----a-w- c:\windows\system32\XAudio2_7.dll
2013-10-30 17:06 . 2010-06-02 03:55 239960 ----a-w- c:\windows\SysWow64\xactengine3_7.dll
2013-10-30 17:06 . 2010-06-02 03:55 176984 ----a-w- c:\windows\system32\xactengine3_7.dll
2013-10-30 17:06 . 2010-05-26 10:41 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2013-10-30 17:04 . 2006-02-03 07:43 3830992 ----a-w- c:\windows\system32\d3dx9_29.dll
2013-10-30 17:04 . 2005-12-05 17:09 3815120 ----a-w- c:\windows\system32\d3dx9_28.dll
2013-10-30 17:04 . 2005-07-22 18:59 3807440 ----a-w- c:\windows\system32\d3dx9_27.dll
2013-10-30 17:04 . 2005-05-26 14:34 3767504 ----a-w- c:\windows\system32\d3dx9_26.dll
2013-10-30 17:04 . 2005-05-26 14:34 2297552 ----a-w- c:\windows\SysWow64\d3dx9_26.dll
2013-10-30 17:04 . 2005-03-18 16:19 3823312 ----a-w- c:\windows\system32\d3dx9_25.dll
2013-10-30 17:04 . 2005-02-05 18:45 3544272 ----a-w- c:\windows\system32\d3dx9_24.dll
2013-10-29 10:22 . 2013-10-29 10:24 -------- d-----w- c:\program files (x86)\3D-Fahrschule Demo
2013-10-27 00:57 . 2013-10-27 00:57 -------- d-----w- c:\users\wupto\AppData\Local\2playersplatformer3
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-19 10:21 . 2013-08-10 03:55 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-10-25 21:59 . 2013-10-24 15:36 113440 ----a-w- c:\programdata\Microsoft\VCExpress\10.0\1031\ResourceCache.dll
2013-10-19 09:06 . 2013-08-21 07:54 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-10-09 12:38 . 2013-08-10 11:06 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-08 21:28 . 2013-09-01 20:52 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2013-10-08 21:28 . 2013-09-01 20:52 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2013-10-08 21:28 . 2013-09-01 20:52 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2013-10-08 21:28 . 2013-09-01 20:52 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-09-28 20:24 . 2013-09-28 20:24 151552 ----a-w- c:\windows\SysWow64\nvRegDev.dll
2013-09-28 20:24 . 2013-09-28 20:24 61440 ----a-w- c:\windows\SysWow64\nvPhotoshopUtil.dll
2013-09-28 20:24 . 2013-09-28 20:24 40960 ----a-w- c:\windows\SysWow64\nvISWOW64.dll
2013-09-27 08:53 . 2013-09-27 08:53 248240 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-09-27 08:53 . 2013-06-18 19:50 134944 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-09-08 02:30 . 2013-10-09 11:05 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:27 . 2013-10-09 11:05 327168 ----a-w- c:\windows\system32\mswsock.dll
2013-09-08 02:03 . 2013-10-09 11:05 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2013-09-04 12:12 . 2013-10-09 10:58 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-09-04 12:11 . 2013-10-09 10:58 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-09-04 12:11 . 2013-10-09 10:58 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-09-04 12:11 . 2013-10-09 10:58 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-09-04 12:11 . 2013-10-09 10:58 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-09-04 12:11 . 2013-10-09 10:58 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-09-04 12:11 . 2013-10-09 10:58 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-08-31 10:13 . 2013-08-31 10:13 314016 ----a-w- c:\windows\system32\drivers\atksgt.sys
2013-08-31 10:13 . 2013-08-31 10:13 43680 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2013-08-29 02:17 . 2013-10-09 11:05 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-29 02:16 . 2013-10-09 11:05 1732032 ----a-w- c:\windows\system32\ntdll.dll
2013-08-29 02:16 . 2013-10-09 11:05 243712 ----a-w- c:\windows\system32\wow64.dll
2013-08-29 02:16 . 2013-10-09 11:05 859648 ----a-w- c:\windows\system32\tdh.dll
2013-08-29 02:13 . 2013-10-09 11:05 878080 ----a-w- c:\windows\system32\advapi32.dll
2013-08-29 01:51 . 2013-10-09 11:05 3969472 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51 . 2013-10-09 11:05 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50 . 2013-10-09 11:05 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-08-29 01:50 . 2013-10-09 11:05 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2013-08-29 01:50 . 2013-10-09 11:05 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2013-08-29 01:48 . 2013-10-09 11:05 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2013-08-29 01:48 . 2013-10-09 11:05 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-29 00:49 . 2013-10-09 11:05 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-08-29 00:49 . 2013-10-09 11:05 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-08-29 00:49 . 2013-10-09 11:05 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-08-29 00:49 . 2013-10-09 11:05 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-08-28 20:35 . 2013-08-26 18:05 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-08-28 20:35 . 2013-08-26 17:02 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-08-28 20:34 . 2013-08-26 17:02 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-08-28 01:21 . 2013-10-09 11:05 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-08-28 01:12 . 2013-10-09 11:04 461312 ----a-w- c:\windows\system32\scavengeui.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{418b59d2-50d7-45fa-844c-1f9a792f39d9}]
2013-11-24 20:13 136704 ----a-w- c:\program files (x86)\Show-Password\135.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\wupto\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\wupto\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\wupto\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-10-30 1820584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-10-21 20549280]
"Akamai NetSession Interface"="c:\users\wupto\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
"Spotify Web Helper"="c:\users\wupto\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-11-17 1168896]
"Spotify"="c:\users\wupto\AppData\Roaming\Spotify\spotify.exe" [2013-11-17 5955072]
"Facebook Update"="c:\users\wupto\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2013-11-09 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2013-09-03 2237328]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"ADSK DLMSession"="c:\program files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe" [2013-02-01 1641368]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2013-03-10 88984]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-01 152392]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\users\wupto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\wupto\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-11-1 29769432]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 mi-raysat_3dsmax2013_64;mental ray 3.10 Satellite for Autodesk 3ds Max 2013 64-bit;c:\program files\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe;c:\program files\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 Desura Install Service;Desura Install Service;c:\program files (x86)\Common Files\Desura\desura_service.exe;c:\program files (x86)\Common Files\Desura\desura_service.exe [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys;c:\windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WacHidRouter;Wacom Hid Router;c:\windows\system32\DRIVERS\wachidrouter.sys;c:\windows\SYSNATIVE\DRIVERS\wachidrouter.sys [x]
R3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys;c:\windows\SYSNATIVE\DRIVERS\wacomrouterfilter.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 WTabletServiceCon;Wacom Consumer Service;c:\program files\Tablet\Pen\WTabletServiceCon.exe;c:\program files\Tablet\Pen\WTabletServiceCon.exe [x]
S2 WTabletServicePro;Wacom Professional Service;c:\program files\Tablet\Wacom\WTabletServicePro.exe;c:\program files\Tablet\Wacom\WTabletServicePro.exe [x]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1k62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-11-16 10:14 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-11-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-10 12:38]
.
2013-11-24 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2551939517-2927700148-1210324758-1000Core.job
- c:\users\wupto\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-09 21:54]
.
2013-11-25 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2551939517-2927700148-1210324758-1000UA.job
- c:\users\wupto\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-09 21:54]
.
2013-11-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-09-15 20:04]
.
2013-11-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-09-15 20:04]
.
2013-11-25 c:\windows\Tasks\Show-Password Update.job
- c:\program files (x86)\Show-Password\Show_Password.exe [2013-11-24 20:13]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2013-08-30 08:01 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2013-08-30 08:01 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2013-08-30 08:01 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\wupto\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\wupto\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\wupto\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\wupto\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-04-27 7743008]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-04-27 1833504]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-06-13 472984]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.conduit.com/?ctid=CT3312375&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP698FFE78-1A9B-417B-BB37-E2CBC517F555
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>;*.local
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
FF - ProfilePath - c:\users\wupto\AppData\Roaming\Mozilla\Firefox\Profiles\oh9sncb2.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.youtube.com/feed/subscriptions|https://mail.google.com/mail/?hl=de&shva=1#inbox|https://twitter.com/|hxxp://www.rockpapershotgun.com/|hxxp://www.deviantart.com/
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AppsHat - c:\users\wupto\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-GDC - c:\mingw\uninst.exe
AddRemove-UnityWebPlayer - c:\users\wupto\AppData\Local\Unity\WebPlayer\Uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-11-25 14:22:56
ComboFix-quarantined-files.txt 2013-11-25 13:22
.
Vor Suchlauf: 17 Verzeichnis(se), 424.405.958.656 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 431.709.315.072 Bytes frei
.
- - End Of File - - EFC96CED15B019840724A9A13E7AF200
A36C5E4F47E84449FF07ED3517B43A31
|
|
26.11.2013, 10:03
| #4 |
| /// the machine /// TB-Ausbilder | Seltsame Anwendungen nach Download - 123.dll - FacebookUpdate.exe - SearchProtect - Minibar.dll - AppsHat - ShowPassword Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
26.11.2013, 16:48
| #5 |
| | Seltsame Anwendungen nach Download - 123.dll - FacebookUpdate.exe - SearchProtect - Minibar.dll - AppsHat - ShowPassword Malwarebytes (Full-Scan): Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.11.26.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16736 wupto :: WUPTO-PC [Administrator] Schutz: Aktiviert 26.11.2013 12:41:15 mbam-log-2013-11-26 (12-41-15).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 879169 Laufzeit: 2 Stunde(n), 40 Minute(n), 45 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\Users\wupto\Desktop\Games & so\Wanderlust\39dll.dll (PUP.HackTool.DDoS) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.11.26.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16736 wupto :: WUPTO-PC [Administrator] Schutz: Deaktiviert 26.11.2013 11:50:49 mbam-log-2013-11-26 (11-50-49).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 234990 Laufzeit: 7 Minute(n), 51 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 1 HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.Conduit.A) -> Bösartig: (hxxp://search.conduit.com/?ctid=CT3312375&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP698FFE78-1A9B-417B-BB37-E2CBC517F555) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt. Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\Users\wupto\Downloads\SoftonicDownloader_for_openal.exe (PUP.Optional.Softonic) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter # AdwCleaner v3.013 - Bericht erstellt am 26/11/2013 um 12:17:32
# Updated 24/11/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : wupto - WUPTO-PC
# Gestartet von : C:\Users\wupto\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Windows\SysWOW64\Searchprotect
Ordner Gelöscht : C:\Users\wupto\AppData\LocalLow\Minibar
Datei Gelöscht : C:\Users\wupto\AppData\Roaming\Mozilla\Firefox\Profiles\oh9sncb2.default\user.js
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Webplayer
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Show-Password
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16736
-\\ Mozilla Firefox v
[ Datei : C:\Users\wupto\AppData\Roaming\Mozilla\Firefox\Profiles\oh9sncb2.default\prefs.js ]
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://www.youtube.com/feed/subscriptions|hxxps://mail.google.com/mail/?hl=de&shva=1#inbox|hxxps://twitter.com/|hxxp://www.rockpapershotgun.com/|hxxp://www.devia[...]
Zeile gelöscht : user_pref("extensions.kango.storage.m2_k1", "0");
Zeile gelöscht : user_pref("extensions.kango.storage.m2_k2", "0");
Zeile gelöscht : user_pref("extensions.kango.storage.m2_k3", "0");
Zeile gelöscht : user_pref("extensions.kango.storage.m2_k4", "1385468056894");
Zeile gelöscht : user_pref("extensions.kango.storage.m2_k5", "1385324129825");
Zeile gelöscht : user_pref("extensions.kango.storage.minibar.config", "{\"name\":\"Apps Hat\",\"description\":\"Apps Hat\",\"button\":{\"tooltip\":\"Visit AppsHat.com\",\"icon\":\"hxxp://www.bigspeedpro.com/button/%af[...]
Zeile gelöscht : user_pref("extensions.kango.storage.nero_options", "\"{\\\"m1\\\":{\\\"ads\\\":{\\\"n1\\\":{\\\"url\\\":\\\"//ulayout.com/nero/hatter/google_post_results_728x90.html?aff_slug=appshat\\\",\\\"width\\\"[...]
Zeile gelöscht : user_pref("extensions.kango.storage.ui.button.iconCache", "\"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABMAAAATCAYAAAByUDbMAAADlElEQVQ4jb3S3U9adxwG8F/BuooQAQscXj0cOIC8nANUPYjoHDClvqAoZ04gpqsZKmrUV[...]
-\\ Google Chrome v31.0.1650.57
[ Datei : C:\Users\wupto\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht : homepage
Gelöscht : urls_to_restore_on_startup
*************************
AdwCleaner[R0].txt - [3065 octets] - [26/11/2013 12:14:53]
AdwCleaner[S0].txt - [2645 octets] - [26/11/2013 12:17:32]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2705 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by wupto on 26.11.2013 at 12:25:59,17
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.11.2013 at 12:32:01,80
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-11-2013 01 Ran by wupto (administrator) on WUPTO-PC on 26-11-2013 16:44:58 Running from C:\Users\wupto\Virenbekämpfung Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe () C:\Program Files\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe (Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe (Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Akamai Technologies, Inc.) C:\Users\wupto\AppData\Local\Akamai\netsession_win.exe (Spotify Ltd) C:\Users\wupto\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Akamai Technologies, Inc.) C:\Users\wupto\AppData\Local\Akamai\netsession_win.exe (Dropbox, Inc.) C:\Users\wupto\AppData\Roaming\Dropbox\bin\Dropbox.exe (Autodesk, Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe (Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe (Mozilla Corporation) C:\Program Files (x86)\Aurora\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Aurora\plugin-container.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe (YoYo Games Ltd) C:\Users\wupto\AppData\Roaming\GameMaker-Studio\5piceIDE.exe (Spotify Ltd) C:\Users\wupto\AppData\Roaming\Spotify\spotify.exe () C:\Users\wupto\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\wupto\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\wupto\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\wupto\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\wupto\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\wupto\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\wupto\AppData\Roaming\Spotify\Data\SpotifyHelper.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7743008 2009-04-27] (Realtek Semiconductor) HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\SkyTel.exe [1833504 2009-04-27] (Realtek Semiconductor Corp.) HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [472984 2013-06-13] (Adobe Systems Incorporated) HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] - rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation) HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1820584 2013-10-30] (Valve Corporation) HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.) HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\wupto\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.) HKCU\...\Run: [Spotify Web Helper] - C:\Users\wupto\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-11-17] (Spotify Ltd) HKCU\...\Run: [Spotify] - C:\Users\wupto\AppData\Roaming\Spotify\spotify.exe [5955072 2013-11-17] (Spotify Ltd) HKCU\...\Run: [Facebook Update] - C:\Users\wupto\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-11-09] (Facebook Inc.) HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-09-03] (Adobe Systems Incorporated) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM-x32\...\Run: [ADSK DLMSession] - C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1641368 2013-02-01] (Autodesk, Inc.) HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) Startup: C:\Users\wupto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\wupto\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7F90D2D43C9DCE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Show-Password - {418b59d2-50d7-45fa-844c-1f9a792f39d9} - C:\Program Files (x86)\Show-Password\135.dll No File BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\wupto\AppData\Roaming\Mozilla\Firefox\Profiles\oh9sncb2.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll () FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB) FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\wupto\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\wupto\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Extension: DownloadHelper - C:\Users\wupto\AppData\Roaming\Mozilla\Firefox\Profiles\oh9sncb2.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} FF Extension: jid0-UVAeBCfd34Kk5usS8A1CBiobvM8 - C:\Users\wupto\AppData\Roaming\Mozilla\Firefox\Profiles\oh9sncb2.default\Extensions\jid0-UVAeBCfd34Kk5usS8A1CBiobvM8@jetpack.xpi FF Extension: Adblock Plus - C:\Users\wupto\AppData\Roaming\Mozilla\Firefox\Profiles\oh9sncb2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF HKCU\...\Firefox\Extensions: [{a00874d8-b590-41f7-a914-acf7a1805ded}] - C:\Program Files (x86)\Show-Password\135.xpi FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Aurora\firefox.exe Chrome: ======= CHR HomePage: hxxp://www.google.com CHR RestoreOnStartup: "hxxp://www.google.com" CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll () CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems) CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB) CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (Unity Player) - C:\Users\wupto\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll No File CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll No File CHR Extension: (Google Docs) - C:\Users\wupto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Google Drive) - C:\Users\wupto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\wupto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\wupto\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (Show-Password) - C:\Users\wupto\AppData\Local\Google\Chrome\User Data\Default\Extensions\logekkkdbdidmmcgkonmmonclldogceg\1.135_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\wupto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 CHR Extension: (Gmail) - C:\Users\wupto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 CHR HKLM-x32\...\Chrome\Extension: [logekkkdbdidmmcgkonmmonclldogceg] - C:\Program Files (x86)\Show-Password\135.crx ==================== Services (Whitelisted) ================= R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 mi-raysat_3dsmax2013_64; C:\Program Files\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe [86016 2011-09-14] () R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation) S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation) R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-08-26] () S3 wampapache; c:\wamp\bin\apache\apache2.4.4\bin\httpd.exe [24576 2013-06-23] (Apache Software Foundation) S3 wampmysqld; c:\wamp\bin\mysql\mysql5.6.12\bin\mysqld.exe [12867584 2013-06-23] () R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.) R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [598808 2013-06-06] (Wacom Technology, Corp.) ==================== Drivers (Whitelisted) ==================== R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-08-31] () R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-08-31] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation) S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) S3 catchme; \??\C:\ComboFix\catchme.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-11-26 12:32 - 2013-11-26 12:32 - 00000695 _____ C:\Users\wupto\Desktop\JRT.txt 2013-11-26 12:25 - 2013-11-26 12:25 - 01034531 _____ (Thisisu) C:\Users\wupto\Desktop\JRT.exe 2013-11-26 12:25 - 2013-11-26 12:25 - 00000000 ____D C:\Windows\ERUNT 2013-11-26 12:14 - 2013-11-26 12:17 - 00000000 ____D C:\AdwCleaner 2013-11-26 12:12 - 2013-11-26 12:12 - 01091882 _____ C:\Users\wupto\Desktop\adwcleaner.exe 2013-11-26 11:47 - 2013-11-26 11:47 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-11-26 11:47 - 2013-11-26 11:47 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Malwarebytes 2013-11-26 11:46 - 2013-11-26 11:47 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-11-26 11:46 - 2013-11-26 11:46 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-11-26 11:46 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-11-26 11:45 - 2013-11-26 11:45 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\wupto\Downloads\mbam-setup-1.75.0.1300.exe 2013-11-25 22:08 - 2013-11-25 22:08 - 00000000 ____D C:\Program Files (x86)\Aurora 2013-11-25 19:27 - 2013-11-25 19:27 - 00001892 _____ C:\Users\wupto\Desktop\GameMaker-Studio 1.2.lnk 2013-11-25 18:27 - 2013-11-25 18:27 - 00000000 ____D C:\Users\wupto\AppData\Local\daten 2013-11-25 18:17 - 2013-11-26 14:16 - 00000000 ____D C:\Users\wupto\AppData\Roaming\GameMaker-Studio 2013-11-25 18:01 - 2013-11-25 18:01 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameMaker-Studio 1.2 2013-11-25 18:00 - 2013-11-25 18:01 - 00000000 ____D C:\Users\wupto\GameMaker-Studio 1.2 2013-11-25 17:49 - 2013-11-25 17:57 - 187622368 _____ C:\Users\wupto\Downloads\GMStudio-Installer.exe 2013-11-25 17:45 - 2013-11-25 19:46 - 00000000 ____D C:\daten 2013-11-25 14:39 - 2013-11-25 14:39 - 00000000 ____D C:\Windows\Sun 2013-11-25 14:22 - 2013-11-25 14:22 - 00027498 _____ C:\ComboFix.txt 2013-11-25 14:07 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe 2013-11-25 14:07 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe 2013-11-25 14:07 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2013-11-25 14:07 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2013-11-25 14:07 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2013-11-25 14:07 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe 2013-11-25 14:07 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe 2013-11-25 14:07 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe 2013-11-25 14:04 - 2013-11-25 14:22 - 00000000 ____D C:\Qoobox 2013-11-25 14:03 - 2013-11-25 14:21 - 00000000 ____D C:\Windows\erdnt 2013-11-25 13:57 - 2013-11-25 13:58 - 05149261 ____R (Swearware) C:\Users\wupto\Desktop\ComboFix.exe 2013-11-24 22:08 - 2013-11-24 22:08 - 00000000 ____D C:\FRST 2013-11-24 21:46 - 2013-11-26 16:44 - 00000000 ____D C:\Users\wupto\Virenbekämpfung 2013-11-24 21:46 - 2013-11-24 21:46 - 00000472 _____ C:\Users\wupto\Downloads\defogger_disable.log 2013-11-24 21:13 - 2013-11-26 12:19 - 00000404 _____ C:\Windows\Tasks\Show-Password Update.job 2013-11-24 21:13 - 2013-11-24 21:13 - 00229539 _____ C:\Users\wupto\Desktop\monkey.zip 2013-11-24 21:13 - 2013-11-24 21:13 - 00003052 _____ C:\Windows\System32\Tasks\Show-Password Update 2013-11-24 21:05 - 2013-11-24 21:05 - 00000000 ____D C:\Users\wupto\AppData\Local\DOSBox 2013-11-24 21:02 - 2013-11-24 21:03 - 45314918 _____ C:\Users\wupto\Downloads\Secret of Monkey Island (U).zip 2013-11-24 19:31 - 2013-11-24 19:31 - 00000044 _____ C:\Users\wupto\jagex_cl_oldschool_LIVE.dat 2013-11-24 15:34 - 2013-11-25 14:46 - 00000045 _____ C:\Users\wupto\jagex_cl_runescape_LIVE1.dat 2013-11-24 15:34 - 2013-11-24 15:34 - 00000000 ____D C:\Users\wupto\jagexcache1 2013-11-24 14:05 - 2013-11-24 14:05 - 00001977 _____ C:\Users\Public\Desktop\One Unit Whole Blood.lnk 2013-11-24 13:11 - 2013-11-24 13:22 - 301486440 _____ (GOG.com ) C:\Users\wupto\Downloads\setup_one_unit_whole_blood_2.0.0.21.exe 2013-11-24 13:03 - 2013-11-24 13:03 - 00000000 ____D C:\Program Files (x86)\DOSBox-0.74 2013-11-24 13:02 - 2013-11-24 21:08 - 00000000 ____D C:\Users\wupto\emus 2013-11-24 13:02 - 2013-11-24 13:02 - 01448809 _____ (DOSBox Team) C:\Users\wupto\Downloads\DOSBox0.74-win32-installer.exe 2013-11-23 17:11 - 2013-11-24 20:17 - 00000046 _____ C:\Users\wupto\jagex_cl_speccollect_LIVE.dat 2013-11-22 16:11 - 2013-11-22 17:18 - 00000000 ____D C:\Users\wupto\Desktop\SteamCMD 2013-11-21 22:07 - 2013-11-21 22:07 - 00000221 _____ C:\Users\wupto\Desktop\Arma 2 Operation Arrowhead.url 2013-11-21 21:58 - 2013-11-21 21:58 - 00000222 _____ C:\Users\wupto\Desktop\Arma 2 DayZ Mod.url 2013-11-21 20:04 - 2013-11-21 20:04 - 00000000 ____D C:\Users\wupto\AppData\Local\Divinity 2 2013-11-21 20:04 - 2013-11-21 20:04 - 00000000 ____D C:\ProgramData\Divinity 2 2013-11-21 20:01 - 2013-11-21 20:01 - 00000000 ____D C:\Windows\B83FC356B7C0441F8A4DD71E088E7974.TMP 2013-11-20 20:23 - 2013-11-20 20:30 - 00000000 ____D C:\Users\wupto\Desktop\Cactus Arcade 2013-11-20 20:17 - 2013-11-20 20:21 - 47990013 _____ C:\Users\wupto\Downloads\arcade.zip 2013-11-20 20:11 - 2013-11-20 20:11 - 01329197 _____ C:\Users\wupto\Downloads\I Was In The War.rar 2013-11-20 19:19 - 2013-11-20 19:19 - 00000000 ____D C:\Users\wupto\Desktop\juicy 2013-11-20 19:17 - 2013-11-20 19:18 - 02050875 _____ C:\Users\wupto\Downloads\controlconf.rar 2013-11-20 14:19 - 2013-11-20 14:19 - 01071224 _____ (Solid State Networks) C:\Users\wupto\Downloads\install_flashplayer11x32au_mssd_aaa_aih.exe 2013-11-18 21:32 - 2013-11-18 21:33 - 00000000 ____D C:\Users\wupto\.mediathek3 2013-11-18 21:32 - 2013-11-18 21:32 - 00000000 ____D C:\Users\wupto\Documents\StreamTransport 2013-11-18 21:31 - 2013-11-18 21:31 - 12839824 _____ C:\Users\wupto\Downloads\MediathekView_3.3.0.zip 2013-11-18 21:31 - 2013-11-18 21:31 - 00000000 ____D C:\Users\wupto\MediathekView 2013-11-18 21:24 - 2013-11-18 21:24 - 03331742 _____ ( ) C:\Users\wupto\Downloads\streamtransport2171_setup.exe 2013-11-18 17:58 - 2013-11-18 17:59 - 00000000 ____D C:\Users\wupto\AppData\Local\Risen 2013-11-18 17:50 - 2013-11-18 17:50 - 00000000 ____D C:\Windows\1C4551A64743409391E41477CD655043.TMP 2013-11-18 17:44 - 2013-11-18 17:44 - 00000000 ____D C:\Program Files (x86)\Deep Silver 2013-11-17 00:19 - 2013-11-17 00:20 - 00000000 ____D C:\Users\wupto\AppData\Local\GameMaker8.1 2013-11-17 00:19 - 2013-11-17 00:19 - 12725464 _____ C:\Users\wupto\Downloads\GameMaker-Installer-8.1.exe 2013-11-17 00:19 - 2013-11-17 00:19 - 00000000 ____D C:\Users\wupto\GameMaker 8.1 2013-11-17 00:19 - 2013-11-17 00:19 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameMaker 8.1 2013-11-17 00:19 - 2013-11-17 00:19 - 00000000 ____D C:\Users\wupto\AppData\Roaming\GameMaker 2013-11-14 22:59 - 2013-10-12 09:45 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-11-14 22:59 - 2013-10-12 09:45 - 01364992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-11-14 22:59 - 2013-10-12 09:45 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-11-14 22:59 - 2013-10-12 09:43 - 19269632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-11-14 22:59 - 2013-10-12 09:43 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-11-14 22:59 - 2013-10-12 09:43 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-11-14 22:59 - 2013-10-12 09:43 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-11-14 22:59 - 2013-10-12 09:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-11-14 22:59 - 2013-10-12 09:43 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-11-14 22:59 - 2013-10-12 09:43 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-11-14 22:59 - 2013-10-12 09:43 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-11-14 22:59 - 2013-10-12 09:43 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-11-14 22:59 - 2013-10-12 09:43 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-11-14 22:59 - 2013-10-12 09:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-11-14 22:59 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-11-14 22:59 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-11-14 22:59 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-11-14 22:59 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-11-14 22:59 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-11-14 22:59 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-11-14 22:59 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-11-14 22:59 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-11-14 22:59 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-11-14 22:59 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-11-14 22:59 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-11-14 22:59 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-11-14 22:59 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-11-14 22:59 - 2013-10-12 07:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-11-14 22:59 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-11-14 22:59 - 2013-10-12 06:44 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-11-14 22:59 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-11-14 19:12 - 2013-11-26 14:30 - 00000024 _____ C:\Users\wupto\random.dat 2013-11-14 19:12 - 2013-11-26 14:25 - 00000044 _____ C:\Users\wupto\jagex_cl_runescape_LIVE.dat 2013-11-14 19:12 - 2013-11-24 19:31 - 00000000 ____D C:\Users\wupto\jagexcache 2013-11-14 18:47 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2013-11-14 18:47 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2013-11-14 18:47 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2013-11-14 18:47 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2013-11-14 18:47 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2013-11-14 18:47 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-11-14 18:47 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-11-14 18:47 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2013-11-14 18:47 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2013-11-14 18:47 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2013-11-14 18:47 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2013-11-14 18:47 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-11-14 18:47 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2013-11-14 18:47 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2013-11-14 18:47 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2013-11-14 18:47 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2013-11-14 18:47 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2013-11-14 18:47 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2013-11-14 18:47 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2013-11-14 18:47 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2013-11-14 18:47 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2013-11-14 18:47 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2013-11-14 18:47 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2013-11-14 18:47 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2013-11-14 18:47 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2013-11-14 18:47 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2013-11-14 18:47 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2013-11-14 18:47 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2013-11-14 18:47 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2013-11-14 18:47 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2013-11-13 21:25 - 2013-11-13 21:20 - 00000000 ____D C:\Users\wupto\Desktop\dungame 2013-11-12 21:22 - 2013-11-12 21:22 - 00000000 ____D C:\ProgramData\Oracle 2013-11-12 21:21 - 2013-11-12 21:21 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log 2013-11-12 21:21 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-11-12 21:21 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-11-12 21:21 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-11-12 21:21 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-11-10 15:53 - 2011-06-01 18:15 - 00000000 ____D C:\Users\wupto\Downloads\tilesets 2013-11-10 15:53 - 2011-06-01 18:15 - 00000000 ____D C:\Users\wupto\Downloads\chardata 2013-11-10 15:53 - 2011-06-01 18:11 - 00000018 _____ C:\Users\wupto\Downloads\DD.dat 2013-11-10 15:53 - 2011-06-01 18:09 - 00005851 _____ C:\Users\wupto\Downloads\readme.txt 2013-11-10 15:53 - 2011-05-24 15:32 - 01127594 _____ C:\Users\wupto\Downloads\boss_kill.wav 2013-11-10 15:53 - 2011-05-24 15:32 - 01098732 _____ C:\Users\wupto\Downloads\startup.wav 2013-11-10 15:53 - 2011-05-24 15:32 - 00810126 _____ C:\Users\wupto\Downloads\dungeon_enter.wav 2013-11-10 15:53 - 2011-05-24 15:32 - 00723544 _____ C:\Users\wupto\Downloads\death.wav 2013-11-10 15:53 - 2011-05-24 15:32 - 00377202 _____ C:\Users\wupto\Downloads\boss_find.wav 2013-11-10 15:53 - 2011-05-24 15:32 - 00186724 _____ C:\Users\wupto\Downloads\spell.wav 2013-11-10 15:53 - 2011-05-24 15:32 - 00087640 _____ C:\Users\wupto\Downloads\fight.wav 2013-11-10 15:53 - 2011-05-24 15:32 - 00006868 _____ C:\Users\wupto\Downloads\general.wav 2013-11-10 15:53 - 2009-05-16 12:47 - 00005120 _____ C:\Users\wupto\Downloads\netread.dll 2013-11-10 15:49 - 2013-11-10 15:49 - 06480958 _____ C:\Users\wupto\Downloads\DesktopDungeons_v021.exe 2013-11-09 22:54 - 2013-11-26 13:59 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2551939517-2927700148-1210324758-1000UA.job 2013-11-09 22:54 - 2013-11-25 22:59 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2551939517-2927700148-1210324758-1000Core.job 2013-11-09 22:54 - 2013-11-09 22:54 - 00501248 _____ (Facebook Inc.) C:\Users\wupto\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe 2013-11-09 22:54 - 2013-11-09 22:54 - 00003904 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2551939517-2927700148-1210324758-1000UA 2013-11-09 22:54 - 2013-11-09 22:54 - 00003536 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2551939517-2927700148-1210324758-1000Core 2013-11-09 22:54 - 2013-11-09 22:54 - 00000000 ____D C:\Users\wupto\AppData\Local\Facebook 2013-11-09 18:45 - 2013-11-09 18:45 - 00000000 ____D C:\Users\wupto\AppData\Local\unknown 2013-11-09 13:19 - 2013-11-09 23:58 - 00000000 ____D C:\Users\wupto\Desktop\dungon 2013-11-07 19:18 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys 2013-11-07 19:17 - 2013-11-07 19:18 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-11-07 19:17 - 2013-11-07 19:18 - 00000000 ____D C:\Program Files\iTunes 2013-11-07 19:17 - 2013-11-07 19:18 - 00000000 ____D C:\Program Files (x86)\iTunes 2013-11-07 19:17 - 2013-11-07 19:17 - 00000000 ____D C:\Program Files\iPod 2013-11-07 19:14 - 2013-11-07 19:14 - 00000000 ____D C:\Program Files\Common Files\Apple 2013-11-07 19:14 - 2013-11-07 19:14 - 00000000 ____D C:\Program Files\Bonjour 2013-11-07 19:14 - 2013-11-07 19:14 - 00000000 ____D C:\Program Files (x86)\Bonjour 2013-11-07 19:11 - 2013-11-07 19:14 - 100400976 _____ (Apple Inc.) C:\Users\wupto\Downloads\iTunes64Setup.exe 2013-11-07 12:54 - 2013-11-07 12:54 - 00000748 _____ C:\Users\wupto\Downloads\Manoria.sav 2013-11-07 12:53 - 2013-11-07 12:54 - 12141520 _____ () C:\Users\wupto\Downloads\manoria0.6.exe 2013-11-06 22:50 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2013-11-04 23:52 - 2013-11-04 23:58 - 00000000 ____D C:\Users\wupto\AppData\Roaming\.mojam 2013-11-03 20:26 - 2013-09-02 21:07 - 00000000 ____D C:\Users\wupto\Desktop\henrik 84 euro schulden 2013-11-03 13:50 - 2013-11-03 13:50 - 00065832 _____ C:\Users\wupto\Downloads\fsbext-master.zip 2013-11-03 13:46 - 2013-11-03 13:46 - 00055201 _____ C:\Users\wupto\Downloads\fsbext.zip 2013-11-02 17:59 - 2013-11-03 15:14 - 00000000 ____D C:\Users\wupto\Desktop\EBT 2013-11-01 23:48 - 2013-11-02 00:25 - 00000000 ____D C:\Users\wupto\Documents\Proteus 2013-11-01 14:28 - 2013-11-01 14:28 - 00000000 ____D C:\Users\wupto\.lennasinception 2013-11-01 13:06 - 2013-11-01 13:07 - 11626288 _____ C:\Users\wupto\Downloads\lennasinception_alpha4a.zip 2013-10-30 18:06 - 2013-10-30 18:06 - 00000000 ____D C:\Users\wupto\Documents\Remedy 2013-10-30 18:06 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll 2013-10-30 18:06 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2013-10-30 18:06 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll 2013-10-30 18:06 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2013-10-30 18:06 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2013-10-30 18:06 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll 2013-10-30 18:06 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2013-10-30 18:05 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2013-10-30 18:05 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll 2013-10-30 18:05 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2013-10-30 18:05 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll 2013-10-30 18:05 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2013-10-30 18:05 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2013-10-30 18:05 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll 2013-10-30 18:05 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll 2013-10-30 18:05 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll 2013-10-30 18:05 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll 2013-10-30 18:05 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll 2013-10-30 18:05 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll 2013-10-30 18:05 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll 2013-10-30 18:05 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll 2013-10-30 18:05 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll 2013-10-30 18:05 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll 2013-10-30 18:05 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll 2013-10-30 18:05 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll 2013-10-30 18:05 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll 2013-10-30 18:05 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll 2013-10-30 18:05 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll 2013-10-30 18:05 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll 2013-10-30 18:05 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll 2013-10-30 18:05 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll 2013-10-30 18:05 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll 2013-10-30 18:05 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll 2013-10-30 18:05 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll 2013-10-30 18:05 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll 2013-10-30 18:05 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll 2013-10-30 18:05 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll 2013-10-30 18:05 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll 2013-10-30 18:05 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll 2013-10-30 18:05 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll 2013-10-30 18:05 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll 2013-10-30 18:05 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll 2013-10-30 18:05 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll 2013-10-30 18:05 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll 2013-10-30 18:05 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll 2013-10-30 18:05 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll 2013-10-30 18:05 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll 2013-10-30 18:05 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll 2013-10-30 18:05 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll 2013-10-30 18:05 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll 2013-10-30 18:05 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll 2013-10-30 18:05 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll 2013-10-30 18:05 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll 2013-10-30 18:05 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll 2013-10-30 18:05 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll 2013-10-30 18:05 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll 2013-10-30 18:05 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll 2013-10-30 18:05 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll 2013-10-30 18:05 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll 2013-10-30 18:05 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll 2013-10-30 18:05 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll 2013-10-30 18:05 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll 2013-10-30 18:05 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll 2013-10-30 18:05 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll 2013-10-30 18:05 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll 2013-10-30 18:05 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll 2013-10-30 18:05 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll 2013-10-30 18:05 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll 2013-10-30 18:05 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll 2013-10-30 18:05 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll 2013-10-30 18:05 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll 2013-10-30 18:05 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll 2013-10-30 18:05 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll 2013-10-30 18:05 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll 2013-10-30 18:05 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll 2013-10-30 18:05 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll 2013-10-30 18:05 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll 2013-10-30 18:05 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll 2013-10-30 18:05 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll 2013-10-30 18:05 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll 2013-10-30 18:05 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll 2013-10-30 18:05 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll 2013-10-30 18:05 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll 2013-10-30 18:05 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll 2013-10-30 18:05 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll 2013-10-30 18:05 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll 2013-10-30 18:05 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll 2013-10-30 18:05 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll 2013-10-30 18:05 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll 2013-10-30 18:05 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll 2013-10-30 18:05 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll 2013-10-30 18:05 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll 2013-10-30 18:05 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll 2013-10-30 18:05 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll 2013-10-30 18:05 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll 2013-10-30 18:05 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll 2013-10-30 18:05 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll 2013-10-30 18:05 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll 2013-10-30 18:05 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll 2013-10-30 18:05 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll 2013-10-30 18:05 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll 2013-10-30 18:05 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll 2013-10-30 18:05 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll 2013-10-30 18:05 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll 2013-10-30 18:05 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll 2013-10-30 18:05 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll 2013-10-30 18:05 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll 2013-10-30 18:05 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll 2013-10-30 18:05 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll 2013-10-30 18:05 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll 2013-10-30 18:05 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll 2013-10-30 18:05 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll 2013-10-30 18:05 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll 2013-10-30 18:05 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll 2013-10-30 18:05 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll 2013-10-30 18:05 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll 2013-10-30 18:05 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll 2013-10-30 18:05 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll 2013-10-30 18:05 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll 2013-10-30 18:05 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll 2013-10-30 18:05 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll 2013-10-30 18:05 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll 2013-10-30 18:05 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll 2013-10-30 18:05 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll 2013-10-30 18:05 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll 2013-10-30 18:05 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll 2013-10-30 18:05 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll 2013-10-30 18:05 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll 2013-10-30 18:05 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll 2013-10-30 18:05 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll 2013-10-30 18:05 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll 2013-10-30 18:05 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll 2013-10-30 18:05 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll 2013-10-30 18:05 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll 2013-10-30 18:05 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll 2013-10-30 18:05 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll 2013-10-30 18:05 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll 2013-10-30 18:05 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll 2013-10-30 18:05 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll 2013-10-30 18:05 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll 2013-10-30 18:05 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll 2013-10-30 18:05 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll 2013-10-30 18:05 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll 2013-10-30 18:05 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll 2013-10-30 18:05 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll 2013-10-30 18:05 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll 2013-10-30 18:05 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll 2013-10-30 18:05 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll 2013-10-30 18:05 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll 2013-10-30 18:05 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll 2013-10-30 18:05 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll 2013-10-30 18:05 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll 2013-10-30 18:05 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll 2013-10-30 18:05 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll 2013-10-30 18:05 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll 2013-10-30 18:05 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll 2013-10-30 18:05 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll 2013-10-30 18:05 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll 2013-10-30 18:05 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll 2013-10-30 18:05 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll 2013-10-30 18:05 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll 2013-10-30 18:05 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll 2013-10-30 18:05 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll 2013-10-30 18:05 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll 2013-10-30 18:05 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll 2013-10-30 18:05 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll 2013-10-30 18:04 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll 2013-10-30 18:04 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll 2013-10-30 18:04 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll 2013-10-30 18:04 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll 2013-10-30 18:04 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll 2013-10-30 18:04 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll 2013-10-30 18:04 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll 2013-10-30 18:04 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll 2013-10-30 18:04 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll 2013-10-30 18:04 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll 2013-10-30 18:04 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll 2013-10-30 18:04 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll 2013-10-29 11:22 - 2013-10-29 11:24 - 00000000 ____D C:\Program Files (x86)\3D-Fahrschule Demo 2013-10-29 11:22 - 2013-10-29 11:22 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3D-Fahrschule Demo 2013-10-29 11:20 - 2013-10-29 11:21 - 38687661 _____ C:\Users\wupto\Downloads\drive5-DE.exe 2013-10-28 14:14 - 2013-10-28 14:14 - 00015157 _____ C:\Users\wupto\Downloads\dungeon_sn.zip 2013-10-28 14:12 - 2013-10-28 14:12 - 00020128 _____ C:\Users\wupto\Downloads\carolingia.zip 2013-10-28 14:09 - 2013-10-28 14:09 - 00092555 _____ C:\Users\wupto\Downloads\bilbo_hand.zip 2013-10-27 02:19 - 2013-10-27 02:19 - 00586994 _____ C:\Users\wupto\Downloads\codeshooter_crashesterribly_sowhat.zip 2013-10-27 02:11 - 2013-10-27 02:11 - 01134847 _____ (Herrios ) C:\Users\wupto\Downloads\ClickNinja.exe 2013-10-27 01:57 - 2013-10-27 01:57 - 00000000 ____D C:\Users\wupto\AppData\Local\2playersplatformer3 2013-10-27 01:56 - 2013-10-27 01:56 - 05728768 _____ (Lumenus Team ) C:\Users\wupto\Downloads\Duaalsus_0.0.2.10.exe ==================== One Month Modified Files and Folders ======= 2013-11-26 16:44 - 2013-11-24 21:46 - 00000000 ____D C:\Users\wupto\Virenbekämpfung 2013-11-26 16:38 - 2013-08-10 12:06 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-11-26 16:19 - 2013-08-10 12:02 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Skype 2013-11-26 16:14 - 2013-09-15 21:04 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-11-26 15:00 - 2013-08-10 04:10 - 01328368 _____ C:\Windows\WindowsUpdate.log 2013-11-26 14:50 - 2013-10-18 22:52 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Spotify 2013-11-26 14:30 - 2013-11-14 19:12 - 00000024 _____ C:\Users\wupto\random.dat 2013-11-26 14:25 - 2013-11-14 19:12 - 00000044 _____ C:\Users\wupto\jagex_cl_runescape_LIVE.dat 2013-11-26 14:20 - 2013-08-10 14:30 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Dropbox 2013-11-26 14:16 - 2013-11-25 18:17 - 00000000 ____D C:\Users\wupto\AppData\Roaming\GameMaker-Studio 2013-11-26 13:59 - 2013-11-09 22:54 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2551939517-2927700148-1210324758-1000UA.job 2013-11-26 13:19 - 2013-08-25 18:01 - 00000000 ____D C:\Users\wupto\AppData\Roaming\DVDVideoSoft 2013-11-26 12:43 - 2009-07-14 05:51 - 00071563 _____ C:\Windows\setupact.log 2013-11-26 12:32 - 2013-11-26 12:32 - 00000695 _____ C:\Users\wupto\Desktop\JRT.txt 2013-11-26 12:27 - 2009-07-14 05:45 - 00015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-11-26 12:27 - 2009-07-14 05:45 - 00015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-11-26 12:25 - 2013-11-26 12:25 - 01034531 _____ (Thisisu) C:\Users\wupto\Desktop\JRT.exe 2013-11-26 12:25 - 2013-11-26 12:25 - 00000000 ____D C:\Windows\ERUNT 2013-11-26 12:21 - 2013-08-10 14:35 - 00000000 ___RD C:\Users\wupto\Dropbox 2013-11-26 12:20 - 2013-09-15 19:15 - 00000000 ____D C:\ProgramData\SecTaskMan 2013-11-26 12:20 - 2013-08-10 04:50 - 00000000 ____D C:\Program Files (x86)\Steam 2013-11-26 12:19 - 2013-11-24 21:13 - 00000404 _____ C:\Windows\Tasks\Show-Password Update.job 2013-11-26 12:19 - 2013-09-15 21:04 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-11-26 12:18 - 2013-08-10 04:37 - 00000000 ____D C:\ProgramData\NVIDIA 2013-11-26 12:18 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-11-26 12:17 - 2013-11-26 12:14 - 00000000 ____D C:\AdwCleaner 2013-11-26 12:12 - 2013-11-26 12:12 - 01091882 _____ C:\Users\wupto\Desktop\adwcleaner.exe 2013-11-26 12:01 - 2013-08-11 11:43 - 00037902 _____ C:\Windows\PFRO.log 2013-11-26 12:01 - 2013-08-10 04:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-11-26 11:47 - 2013-11-26 11:47 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-11-26 11:47 - 2013-11-26 11:47 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Malwarebytes 2013-11-26 11:47 - 2013-11-26 11:46 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-11-26 11:46 - 2013-11-26 11:46 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-11-26 11:46 - 2013-08-10 12:03 - 00000000 ____D C:\Users\wupto\AppData\Local\Adobe 2013-11-26 11:45 - 2013-11-26 11:45 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\wupto\Downloads\mbam-setup-1.75.0.1300.exe 2013-11-25 22:59 - 2013-11-09 22:54 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2551939517-2927700148-1210324758-1000Core.job 2013-11-25 22:35 - 2013-08-10 12:35 - 00000000 ____D C:\Users\wupto\Documents\screens 2013-11-25 22:08 - 2013-11-25 22:08 - 00000000 ____D C:\Program Files (x86)\Aurora 2013-11-25 19:46 - 2013-11-25 17:45 - 00000000 ____D C:\daten 2013-11-25 19:29 - 2013-10-24 16:26 - 00000000 ____D C:\Users\wupto\workspacecpp 2013-11-25 19:29 - 2013-08-10 12:17 - 00000000 ____D C:\Users\wupto\workspace 2013-11-25 19:27 - 2013-11-25 19:27 - 00001892 _____ C:\Users\wupto\Desktop\GameMaker-Studio 1.2.lnk 2013-11-25 18:27 - 2013-11-25 18:27 - 00000000 ____D C:\Users\wupto\AppData\Local\daten 2013-11-25 18:19 - 2013-08-19 22:13 - 00000000 ____D C:\Users\wupto\AppData\Local\GameMaker-Studio 2013-11-25 18:03 - 2013-08-10 04:14 - 00000000 ____D C:\Users\wupto 2013-11-25 18:02 - 2013-08-10 12:02 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-11-25 18:02 - 2013-08-10 12:02 - 00000000 ____D C:\ProgramData\Skype 2013-11-25 18:01 - 2013-11-25 18:01 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameMaker-Studio 1.2 2013-11-25 18:01 - 2013-11-25 18:00 - 00000000 ____D C:\Users\wupto\GameMaker-Studio 1.2 2013-11-25 17:57 - 2013-11-25 17:49 - 187622368 _____ C:\Users\wupto\Downloads\GMStudio-Installer.exe 2013-11-25 17:49 - 2013-08-30 15:10 - 00000000 ____D C:\Users\wupto\AppData\Local\Apps\2.0 2013-11-25 17:45 - 2013-08-20 11:48 - 00000000 ____D C:\Program Files\eclipse 2013-11-25 14:46 - 2013-11-24 15:34 - 00000045 _____ C:\Users\wupto\jagex_cl_runescape_LIVE1.dat 2013-11-25 14:39 - 2013-11-25 14:39 - 00000000 ____D C:\Windows\Sun 2013-11-25 14:22 - 2013-11-25 14:22 - 00027498 _____ C:\ComboFix.txt 2013-11-25 14:22 - 2013-11-25 14:04 - 00000000 ____D C:\Qoobox 2013-11-25 14:22 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default 2013-11-25 14:21 - 2013-11-25 14:03 - 00000000 ____D C:\Windows\erdnt 2013-11-25 14:20 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini 2013-11-25 13:58 - 2013-11-25 13:57 - 05149261 ____R (Swearware) C:\Users\wupto\Desktop\ComboFix.exe 2013-11-25 13:41 - 2013-10-18 22:56 - 00000000 ____D C:\Users\wupto\AppData\Local\Spotify 2013-11-24 22:08 - 2013-11-24 22:08 - 00000000 ____D C:\FRST 2013-11-24 21:46 - 2013-11-24 21:46 - 00000472 _____ C:\Users\wupto\Downloads\defogger_disable.log 2013-11-24 21:13 - 2013-11-24 21:13 - 00229539 _____ C:\Users\wupto\Desktop\monkey.zip 2013-11-24 21:13 - 2013-11-24 21:13 - 00003052 _____ C:\Windows\System32\Tasks\Show-Password Update 2013-11-24 21:08 - 2013-11-24 13:02 - 00000000 ____D C:\Users\wupto\emus 2013-11-24 21:05 - 2013-11-24 21:05 - 00000000 ____D C:\Users\wupto\AppData\Local\DOSBox 2013-11-24 21:03 - 2013-11-24 21:02 - 45314918 _____ C:\Users\wupto\Downloads\Secret of Monkey Island (U).zip 2013-11-24 20:17 - 2013-11-23 17:11 - 00000046 _____ C:\Users\wupto\jagex_cl_speccollect_LIVE.dat 2013-11-24 19:31 - 2013-11-24 19:31 - 00000044 _____ C:\Users\wupto\jagex_cl_oldschool_LIVE.dat 2013-11-24 19:31 - 2013-11-14 19:12 - 00000000 ____D C:\Users\wupto\jagexcache 2013-11-24 16:57 - 2013-08-11 14:27 - 00000586 _____ C:\Users\wupto\Neues Textdokument.txt 2013-11-24 15:34 - 2013-11-24 15:34 - 00000000 ____D C:\Users\wupto\jagexcache1 2013-11-24 14:05 - 2013-11-24 14:05 - 00001977 _____ C:\Users\Public\Desktop\One Unit Whole Blood.lnk 2013-11-24 14:04 - 2013-10-02 18:05 - 00000000 ____D C:\GOG Games 2013-11-24 13:30 - 2013-08-10 20:33 - 00000132 _____ C:\Users\wupto\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen 2013-11-24 13:22 - 2013-11-24 13:11 - 301486440 _____ (GOG.com ) C:\Users\wupto\Downloads\setup_one_unit_whole_blood_2.0.0.21.exe 2013-11-24 13:03 - 2013-11-24 13:03 - 00000000 ____D C:\Program Files (x86)\DOSBox-0.74 2013-11-24 13:02 - 2013-11-24 13:02 - 01448809 _____ (DOSBox Team) C:\Users\wupto\Downloads\DOSBox0.74-win32-installer.exe 2013-11-22 17:18 - 2013-11-22 16:11 - 00000000 ____D C:\Users\wupto\Desktop\SteamCMD 2013-11-22 15:14 - 2013-09-04 13:36 - 00000000 ____D C:\Users\wupto\Desktop\Hammerwatch Art 2013-11-21 22:07 - 2013-11-21 22:07 - 00000221 _____ C:\Users\wupto\Desktop\Arma 2 Operation Arrowhead.url 2013-11-21 21:58 - 2013-11-21 21:58 - 00000222 _____ C:\Users\wupto\Desktop\Arma 2 DayZ Mod.url 2013-11-21 20:04 - 2013-11-21 20:04 - 00000000 ____D C:\Users\wupto\AppData\Local\Divinity 2 2013-11-21 20:04 - 2013-11-21 20:04 - 00000000 ____D C:\ProgramData\Divinity 2 2013-11-21 20:01 - 2013-11-21 20:01 - 00000000 ____D C:\Windows\B83FC356B7C0441F8A4DD71E088E7974.TMP 2013-11-21 20:01 - 2013-08-10 17:11 - 00561097 _____ C:\Windows\DirectX.log 2013-11-21 20:00 - 2013-08-10 17:06 - 00000000 ____D C:\Users\wupto\Documents\3D-CoatV4 2013-11-20 20:30 - 2013-11-20 20:23 - 00000000 ____D C:\Users\wupto\Desktop\Cactus Arcade 2013-11-20 20:21 - 2013-11-20 20:17 - 47990013 _____ C:\Users\wupto\Downloads\arcade.zip 2013-11-20 20:14 - 2013-09-23 15:59 - 00000000 ____D C:\Users\wupto\AppData\Roaming\vlc 2013-11-20 20:11 - 2013-11-20 20:11 - 01329197 _____ C:\Users\wupto\Downloads\I Was In The War.rar 2013-11-20 19:19 - 2013-11-20 19:19 - 00000000 ____D C:\Users\wupto\Desktop\juicy 2013-11-20 19:19 - 2013-08-10 12:43 - 00000000 ___RD C:\Users\wupto\Desktop\Games 2013-11-20 19:18 - 2013-11-20 19:17 - 02050875 _____ C:\Users\wupto\Downloads\controlconf.rar 2013-11-20 14:19 - 2013-11-20 14:19 - 01071224 _____ (Solid State Networks) C:\Users\wupto\Downloads\install_flashplayer11x32au_mssd_aaa_aih.exe 2013-11-19 11:21 - 2013-08-10 04:55 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2013-11-18 21:33 - 2013-11-18 21:32 - 00000000 ____D C:\Users\wupto\.mediathek3 2013-11-18 21:32 - 2013-11-18 21:32 - 00000000 ____D C:\Users\wupto\Documents\StreamTransport 2013-11-18 21:31 - 2013-11-18 21:31 - 12839824 _____ C:\Users\wupto\Downloads\MediathekView_3.3.0.zip 2013-11-18 21:31 - 2013-11-18 21:31 - 00000000 ____D C:\Users\wupto\MediathekView 2013-11-18 21:24 - 2013-11-18 21:24 - 03331742 _____ ( ) C:\Users\wupto\Downloads\streamtransport2171_setup.exe 2013-11-18 21:21 - 2013-08-11 14:49 - 00000000 ____D C:\Users\wupto\dwhelper 2013-11-18 20:20 - 2013-08-10 12:35 - 00000399 _____ C:\Users\wupto\Desktop\films u should watch.txt 2013-11-18 19:36 - 2013-08-10 14:14 - 00000000 ____D C:\Users\wupto\Desktop\TO DO 2013-11-18 18:35 - 2013-08-10 12:40 - 00000000 ____D C:\Users\wupto\Documents\my games 2013-11-18 17:59 - 2013-11-18 17:58 - 00000000 ____D C:\Users\wupto\AppData\Local\Risen 2013-11-18 17:50 - 2013-11-18 17:50 - 00000000 ____D C:\Windows\1C4551A64743409391E41477CD655043.TMP 2013-11-18 17:44 - 2013-11-18 17:44 - 00000000 ____D C:\Program Files (x86)\Deep Silver 2013-11-18 17:44 - 2013-08-10 04:26 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-11-18 14:17 - 2013-09-14 14:48 - 00000000 ____D C:\Windows\System32\Tasks\Games 2013-11-17 22:26 - 2013-08-10 04:52 - 00001912 _____ C:\Windows\epplauncher.mif 2013-11-17 22:25 - 2013-08-10 04:51 - 00000000 ____D C:\Program Files\Microsoft Security Client 2013-11-17 22:25 - 2013-08-10 04:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client 2013-11-17 16:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2013-11-17 01:29 - 2009-07-14 18:58 - 00699188 _____ C:\Windows\system32\perfh007.dat 2013-11-17 01:29 - 2009-07-14 18:58 - 00149328 _____ C:\Windows\system32\perfc007.dat 2013-11-17 01:29 - 2009-07-14 06:13 - 01619672 _____ C:\Windows\system32\PerfStringBackup.INI 2013-11-17 00:20 - 2013-11-17 00:19 - 00000000 ____D C:\Users\wupto\AppData\Local\GameMaker8.1 2013-11-17 00:19 - 2013-11-17 00:19 - 12725464 _____ C:\Users\wupto\Downloads\GameMaker-Installer-8.1.exe 2013-11-17 00:19 - 2013-11-17 00:19 - 00000000 ____D C:\Users\wupto\GameMaker 8.1 2013-11-17 00:19 - 2013-11-17 00:19 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameMaker 8.1 2013-11-17 00:19 - 2013-11-17 00:19 - 00000000 ____D C:\Users\wupto\AppData\Roaming\GameMaker 2013-11-17 00:19 - 2013-08-19 22:15 - 00000000 ____D C:\Users\wupto\AppData\Local\YoYo_Games_Ltd 2013-11-13 21:20 - 2013-11-13 21:25 - 00000000 ____D C:\Users\wupto\Desktop\dungame 2013-11-12 21:22 - 2013-11-12 21:22 - 00000000 ____D C:\ProgramData\Oracle 2013-11-12 21:21 - 2013-11-12 21:21 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log 2013-11-12 21:21 - 2013-08-11 16:36 - 00000000 ____D C:\Program Files (x86)\Java 2013-11-10 20:33 - 2013-08-10 12:35 - 00000000 ____D C:\Users\wupto\Desktop\ART 2013-11-10 16:11 - 2013-09-21 19:00 - 00000000 ____D C:\Program Files (x86)\Cube World 2013-11-10 15:49 - 2013-11-10 15:49 - 06480958 _____ C:\Users\wupto\Downloads\DesktopDungeons_v021.exe 2013-11-09 23:58 - 2013-11-09 13:19 - 00000000 ____D C:\Users\wupto\Desktop\dungon 2013-11-09 22:54 - 2013-11-09 22:54 - 00501248 _____ (Facebook Inc.) C:\Users\wupto\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe 2013-11-09 22:54 - 2013-11-09 22:54 - 00003904 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2551939517-2927700148-1210324758-1000UA 2013-11-09 22:54 - 2013-11-09 22:54 - 00003536 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2551939517-2927700148-1210324758-1000Core 2013-11-09 22:54 - 2013-11-09 22:54 - 00000000 ____D C:\Users\wupto\AppData\Local\Facebook 2013-11-09 18:45 - 2013-11-09 18:45 - 00000000 ____D C:\Users\wupto\AppData\Local\unknown 2013-11-07 19:19 - 2013-08-23 18:36 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Apple Computer 2013-11-07 19:18 - 2013-11-07 19:17 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-11-07 19:18 - 2013-11-07 19:17 - 00000000 ____D C:\Program Files\iTunes 2013-11-07 19:18 - 2013-11-07 19:17 - 00000000 ____D C:\Program Files (x86)\iTunes 2013-11-07 19:18 - 2013-08-23 18:36 - 00000000 ____D C:\Users\wupto\AppData\Local\Apple Computer 2013-11-07 19:17 - 2013-11-07 19:17 - 00000000 ____D C:\Program Files\iPod 2013-11-07 19:17 - 2013-08-26 13:39 - 00000000 ____D C:\ProgramData\Apple Computer 2013-11-07 19:15 - 2013-08-26 13:36 - 00000000 ____D C:\ProgramData\Apple 2013-11-07 19:14 - 2013-11-07 19:14 - 00000000 ____D C:\Program Files\Common Files\Apple 2013-11-07 19:14 - 2013-11-07 19:14 - 00000000 ____D C:\Program Files\Bonjour 2013-11-07 19:14 - 2013-11-07 19:14 - 00000000 ____D C:\Program Files (x86)\Bonjour 2013-11-07 19:14 - 2013-11-07 19:11 - 100400976 _____ (Apple Inc.) C:\Users\wupto\Downloads\iTunes64Setup.exe 2013-11-07 12:54 - 2013-11-07 12:54 - 00000748 _____ C:\Users\wupto\Downloads\Manoria.sav 2013-11-07 12:54 - 2013-11-07 12:53 - 12141520 _____ () C:\Users\wupto\Downloads\manoria0.6.exe 2013-11-06 16:52 - 2013-08-23 18:37 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Unity 2013-11-06 16:19 - 2013-08-10 04:15 - 00000000 ___RD C:\Users\wupto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-11-06 16:18 - 2013-08-10 14:35 - 00001017 _____ C:\Users\wupto\Desktop\Dropbox.lnk 2013-11-06 16:18 - 2013-08-10 14:31 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2013-11-05 19:08 - 2013-09-19 14:53 - 00000000 ____D C:\Users\wupto\Documents\Klei 2013-11-04 23:58 - 2013-11-04 23:52 - 00000000 ____D C:\Users\wupto\AppData\Roaming\.mojam 2013-11-04 23:49 - 2013-10-25 19:15 - 00000000 ____D C:\Users\wupto\skyrim gedönse 2013-11-04 23:41 - 2013-10-04 01:43 - 00001418 _____ C:\Users\wupto\Desktop\3D-Coat.lnk 2013-11-04 23:41 - 2013-08-30 20:39 - 00001521 _____ C:\Users\wupto\Desktop\Flash.lnk 2013-11-04 23:41 - 2013-08-28 14:07 - 00001219 _____ C:\Users\wupto\Desktop\After Effects.lnk 2013-11-04 23:41 - 2013-08-26 12:13 - 00001103 _____ C:\Users\wupto\Desktop\Premiere Pro.lnk 2013-11-04 23:41 - 2013-08-20 11:48 - 00000953 _____ C:\Users\wupto\Desktop\Eclipse.lnk 2013-11-04 23:41 - 2013-08-10 18:46 - 00001708 _____ C:\Users\wupto\Desktop\Photoshop.lnk 2013-11-03 19:13 - 2013-08-10 12:36 - 00000000 ____D C:\Users\wupto\Desktop\Modelling 2013-11-03 15:14 - 2013-11-02 17:59 - 00000000 ____D C:\Users\wupto\Desktop\EBT 2013-11-03 14:39 - 2013-08-21 12:03 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Audacity 2013-11-03 13:50 - 2013-11-03 13:50 - 00065832 _____ C:\Users\wupto\Downloads\fsbext-master.zip 2013-11-03 13:46 - 2013-11-03 13:46 - 00055201 _____ C:\Users\wupto\Downloads\fsbext.zip 2013-11-03 02:37 - 2013-08-23 18:51 - 00000000 ____D C:\Users\wupto\Documents\New Unity Project 2013-11-02 17:21 - 2013-08-23 18:36 - 00000000 ____D C:\ProgramData\Unity 2013-11-02 00:25 - 2013-11-01 23:48 - 00000000 ____D C:\Users\wupto\Documents\Proteus 2013-11-01 14:28 - 2013-11-01 14:28 - 00000000 ____D C:\Users\wupto\.lennasinception 2013-11-01 13:07 - 2013-11-01 13:06 - 11626288 _____ C:\Users\wupto\Downloads\lennasinception_alpha4a.zip 2013-10-31 00:36 - 2013-09-21 20:41 - 00000000 ____D C:\Users\wupto\AppData\Roaming\BitTorrent 2013-10-30 18:06 - 2013-10-30 18:06 - 00000000 ____D C:\Users\wupto\Documents\Remedy 2013-10-29 11:24 - 2013-10-29 11:22 - 00000000 ____D C:\Program Files (x86)\3D-Fahrschule Demo 2013-10-29 11:22 - 2013-10-29 11:22 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3D-Fahrschule Demo 2013-10-29 11:21 - 2013-10-29 11:20 - 38687661 _____ C:\Users\wupto\Downloads\drive5-DE.exe 2013-10-29 10:54 - 2009-07-14 05:45 - 04948096 _____ C:\Windows\system32\FNTCACHE.DAT 2013-10-28 14:16 - 2013-08-10 04:52 - 00062392 _____ C:\Users\wupto\AppData\Local\GDIPFONTCACHEV1.DAT 2013-10-28 14:14 - 2013-10-28 14:14 - 00015157 _____ C:\Users\wupto\Downloads\dungeon_sn.zip 2013-10-28 14:12 - 2013-10-28 14:12 - 00020128 _____ C:\Users\wupto\Downloads\carolingia.zip 2013-10-28 14:09 - 2013-10-28 14:09 - 00092555 _____ C:\Users\wupto\Downloads\bilbo_hand.zip 2013-10-27 18:10 - 2013-10-25 16:03 - 00000000 ____D C:\Nexus 2013-10-27 18:10 - 2013-10-25 15:57 - 00000000 ____D C:\Users\wupto\AppData\Local\Skyrim 2013-10-27 02:19 - 2013-10-27 02:19 - 00586994 _____ C:\Users\wupto\Downloads\codeshooter_crashesterribly_sowhat.zip 2013-10-27 02:11 - 2013-10-27 02:11 - 01134847 _____ (Herrios ) C:\Users\wupto\Downloads\ClickNinja.exe 2013-10-27 01:57 - 2013-10-27 01:57 - 00000000 ____D C:\Users\wupto\AppData\Local\2playersplatformer3 2013-10-27 01:56 - 2013-10-27 01:56 - 05728768 _____ (Lumenus Team ) C:\Users\wupto\Downloads\Duaalsus_0.0.2.10.exe Files to move or delete: ==================== C:\Users\wupto\jagex_cl_oldschool_LIVE.dat C:\Users\wupto\jagex_cl_runescape_LIVE.dat C:\Users\wupto\jagex_cl_runescape_LIVE1.dat C:\Users\wupto\jagex_cl_speccollect_LIVE.dat C:\Users\wupto\random.dat Some content of TEMP: ==================== C:\Users\wupto\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-11-20 14:13 ==================== End Of Log ============================ --- --- --- --- --- --- Laut Security Task Manager läuft 135.dll noch immer. |
|
27.11.2013, 10:05
| #6 | |
| /// the machine /// TB-Ausbilder | Seltsame Anwendungen nach Download - 123.dll - FacebookUpdate.exe - SearchProtect - Minibar.dll - AppsHat - ShowPasswordZitat:
__________________ --> Seltsame Anwendungen nach Download - 123.dll - FacebookUpdate.exe - SearchProtect - Minibar.dll - AppsHat - ShowPassword |
|
27.11.2013, 16:19
| #7 |
| | Seltsame Anwendungen nach Download - 123.dll - FacebookUpdate.exe - SearchProtect - Minibar.dll - AppsHat - ShowPassword Nein, eben genau das war seit der Installation des Downloads da. Könnte ja auch ein Fehler vom Security Task Manager sein, da der angegebene Ordnerpfad nicht mehr existiert (habe ihn gelöscht). Im normalen Task Manager steht nichts von 135.dll (aber da sind wohl sowieso keine dll's eingetragen). |
|
28.11.2013, 10:06
| #8 |
| /// the machine /// TB-Ausbilder | Seltsame Anwendungen nach Download - 123.dll - FacebookUpdate.exe - SearchProtect - Minibar.dll - AppsHat - ShowPassword Revo Uninstaller - Download - Filepony damit alles deinstallieren was Du nicht kennst, Reste entfernen lassen. Dann bitte ein frisches FRST log.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
28.11.2013, 15:43
| #9 |
| | Seltsame Anwendungen nach Download - 123.dll - FacebookUpdate.exe - SearchProtect - Minibar.dll - AppsHat - ShowPassword Habe Show-Password darunter gefunden, die Deinstallation ist aber fehlgeschlagen (wahrscheinlich weil ich den Ordner bereits gelöscht habe). Alle Registry-Einträge gelöscht aber es läuft noch immer, evtl. startet es sich mit dem Browser, da es ja auch ein Addon ist. Im Firefox wird es nicht mehr angezeit, aber noch im Internet Explorer: hxxp://i.imgur.com/BWTg1mz.png FRST: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-11-2013 01
Ran by wupto (administrator) on WUPTO-PC on 28-11-2013 15:38:45
Running from C:\Users\wupto\Virenbekämpfung
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Program Files\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Akamai Technologies, Inc.) C:\Users\wupto\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\wupto\AppData\Local\Akamai\netsession_win.exe
(Spotify Ltd) C:\Users\wupto\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Dropbox, Inc.) C:\Users\wupto\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Autodesk, Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Adobe Systems, Incorporated) C:\Program Files\Adobe\Adobe Photoshop CC (64 Bit)\Photoshop.exe
(Mozilla Corporation) C:\Program Files (x86)\Aurora\firefox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Mozilla Corporation) C:\Program Files (x86)\Aurora\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7743008 2009-04-27] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\SkyTel.exe [1833504 2009-04-27] (Realtek Semiconductor Corp.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [472984 2013-06-13] (Adobe Systems Incorporated)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1820584 2013-10-30] (Valve Corporation)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\wupto\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\wupto\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-11-17] (Spotify Ltd)
HKCU\...\Run: [Spotify] - C:\Users\wupto\AppData\Roaming\Spotify\spotify.exe [5955072 2013-11-17] (Spotify Ltd)
HKCU\...\Run: [Facebook Update] - C:\Users\wupto\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-11-09] (Facebook Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [ADSK DLMSession] - C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1641368 2013-02-01] (Autodesk, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Startup: C:\Users\wupto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\wupto\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7F90D2D43C9DCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Show-Password - {418b59d2-50d7-45fa-844c-1f9a792f39d9} - C:\Program Files (x86)\Show-Password\135.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\wupto\AppData\Roaming\Mozilla\Firefox\Profiles\oh9sncb2.default
FF Homepage: hxxp://www.youtube.com/feed/subscriptions|https://mail.google.com/mail/u/0/?hl=de&shva=1#inbox|https://twitter.com/|hxxp://www.deviantart.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\wupto\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Extension: DownloadHelper - C:\Users\wupto\AppData\Roaming\Mozilla\Firefox\Profiles\oh9sncb2.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: jid0-UVAeBCfd34Kk5usS8A1CBiobvM8 - C:\Users\wupto\AppData\Roaming\Mozilla\Firefox\Profiles\oh9sncb2.default\Extensions\jid0-UVAeBCfd34Kk5usS8A1CBiobvM8@jetpack.xpi
FF Extension: Adblock Plus - C:\Users\wupto\AppData\Roaming\Mozilla\Firefox\Profiles\oh9sncb2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKCU\...\Firefox\Extensions: [{a00874d8-b590-41f7-a914-acf7a1805ded}] - C:\Program Files (x86)\Show-Password\135.xpi
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Aurora\firefox.exe
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Unity Player) - C:\Users\wupto\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Extension: (Google Docs) - C:\Users\wupto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\wupto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\wupto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\wupto\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Show-Password) - C:\Users\wupto\AppData\Local\Google\Chrome\User Data\Default\Extensions\logekkkdbdidmmcgkonmmonclldogceg\1.135_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\wupto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\wupto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [logekkkdbdidmmcgkonmmonclldogceg] - C:\Program Files (x86)\Show-Password\135.crx
==================== Services (Whitelisted) =================
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 mi-raysat_3dsmax2013_64; C:\Program Files\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe [86016 2011-09-14] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-08-26] ()
S3 wampapache; c:\wamp\bin\apache\apache2.4.4\bin\httpd.exe [24576 2013-06-23] (Apache Software Foundation)
S3 wampmysqld; c:\wamp\bin\mysql\mysql5.6.12\bin\mysqld.exe [12867584 2013-06-23] ()
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [598808 2013-06-06] (Wacom Technology, Corp.)
==================== Drivers (Whitelisted) ====================
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-08-31] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-08-31] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-28 14:59 - 2013-11-28 14:59 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\wupto\Downloads\revosetup95.exe
2013-11-28 14:59 - 2013-11-28 14:59 - 00001268 _____ C:\Users\wupto\Desktop\Revo Uninstaller.lnk
2013-11-28 14:59 - 2013-11-28 14:59 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-11-27 20:17 - 2013-11-27 20:17 - 00000000 ____D C:\Program Files (x86)\Aurora
2013-11-27 16:25 - 2013-11-27 16:25 - 00000000 ____D C:\Program Files (x86)\Security Task Manager
2013-11-27 16:24 - 2013-11-27 16:24 - 02094432 _____ C:\Users\wupto\Downloads\SecurityTaskManager_Setup-1.8d.exe
2013-11-26 23:39 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-26 23:36 - 2013-11-26 23:36 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 23:36 - 2013-11-26 23:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 23:36 - 2013-11-26 23:36 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 23:36 - 2013-11-26 23:36 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 23:36 - 2013-11-26 23:36 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 23:36 - 2013-11-26 23:36 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-26 23:36 - 2013-11-26 23:36 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 23:36 - 2013-11-26 23:36 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 23:36 - 2013-11-26 23:36 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-26 23:36 - 2013-11-26 23:36 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 23:36 - 2013-11-26 23:36 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 23:36 - 2013-11-26 23:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-26 23:36 - 2013-11-26 23:36 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 23:36 - 2013-11-26 23:36 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-26 23:36 - 2013-11-26 23:36 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 23:36 - 2013-11-26 23:36 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-26 23:36 - 2013-11-26 23:36 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 23:36 - 2013-11-26 23:36 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 23:36 - 2013-11-26 23:36 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 23:36 - 2013-11-26 23:36 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 23:36 - 2013-11-26 23:36 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-26 23:36 - 2013-11-26 23:36 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-26 23:36 - 2013-11-26 23:36 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-26 23:36 - 2013-11-26 23:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 23:36 - 2013-11-26 23:36 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-26 23:36 - 2013-11-26 23:36 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 23:36 - 2013-11-26 23:36 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-26 23:36 - 2013-11-26 23:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 23:34 - 2013-11-26 23:39 - 00009961 _____ C:\Windows\IE11_main.log
2013-11-26 21:34 - 2013-11-26 21:34 - 00001236 _____ C:\Users\wupto\Downloads\laubori.dat
2013-11-26 21:34 - 2013-11-26 21:34 - 00001191 _____ C:\Users\wupto\Downloads\ScrouwL.dat
2013-11-26 21:34 - 2013-11-26 21:34 - 00000982 _____ C:\Users\wupto\Downloads\SanDroidx.dat
2013-11-26 19:23 - 2013-11-26 19:25 - 00000000 ____D C:\Users\wupto\MINECRAFT STUFF
2013-11-26 12:32 - 2013-11-26 12:32 - 00000695 _____ C:\Users\wupto\Desktop\JRT.txt
2013-11-26 12:25 - 2013-11-26 12:25 - 01034531 _____ (Thisisu) C:\Users\wupto\Desktop\JRT.exe
2013-11-26 12:25 - 2013-11-26 12:25 - 00000000 ____D C:\Windows\ERUNT
2013-11-26 12:14 - 2013-11-26 12:17 - 00000000 ____D C:\AdwCleaner
2013-11-26 12:12 - 2013-11-26 12:12 - 01091882 _____ C:\Users\wupto\Desktop\adwcleaner.exe
2013-11-26 11:47 - 2013-11-26 11:47 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-26 11:47 - 2013-11-26 11:47 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Malwarebytes
2013-11-26 11:46 - 2013-11-26 11:47 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-26 11:46 - 2013-11-26 11:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-26 11:46 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-26 11:45 - 2013-11-26 11:45 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\wupto\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-25 19:27 - 2013-11-25 19:27 - 00001892 _____ C:\Users\wupto\Desktop\GameMaker-Studio 1.2.lnk
2013-11-25 18:27 - 2013-11-25 18:27 - 00000000 ____D C:\Users\wupto\AppData\Local\daten
2013-11-25 18:17 - 2013-11-26 23:33 - 00000000 ____D C:\Users\wupto\AppData\Roaming\GameMaker-Studio
2013-11-25 18:01 - 2013-11-25 18:01 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameMaker-Studio 1.2
2013-11-25 18:00 - 2013-11-25 18:01 - 00000000 ____D C:\Users\wupto\GameMaker-Studio 1.2
2013-11-25 17:49 - 2013-11-25 17:57 - 187622368 _____ C:\Users\wupto\Downloads\GMStudio-Installer.exe
2013-11-25 17:45 - 2013-11-25 19:46 - 00000000 ____D C:\daten
2013-11-25 14:39 - 2013-11-25 14:39 - 00000000 ____D C:\Windows\Sun
2013-11-25 14:22 - 2013-11-25 14:22 - 00027498 _____ C:\ComboFix.txt
2013-11-25 14:07 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-11-25 14:07 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-11-25 14:07 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-11-25 14:07 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-11-25 14:07 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-11-25 14:07 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-11-25 14:07 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-11-25 14:07 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-11-25 14:04 - 2013-11-25 14:22 - 00000000 ____D C:\Qoobox
2013-11-25 14:03 - 2013-11-25 14:21 - 00000000 ____D C:\Windows\erdnt
2013-11-25 13:57 - 2013-11-25 13:58 - 05149261 ____R (Swearware) C:\Users\wupto\Desktop\ComboFix.exe
2013-11-24 22:08 - 2013-11-24 22:08 - 00000000 ____D C:\FRST
2013-11-24 21:46 - 2013-11-28 15:38 - 00000000 ____D C:\Users\wupto\Virenbekämpfung
2013-11-24 21:46 - 2013-11-24 21:46 - 00000472 _____ C:\Users\wupto\Downloads\defogger_disable.log
2013-11-24 21:13 - 2013-11-28 14:47 - 00000404 _____ C:\Windows\Tasks\Show-Password Update.job
2013-11-24 21:13 - 2013-11-24 21:13 - 00229539 _____ C:\Users\wupto\Desktop\monkey.zip
2013-11-24 21:13 - 2013-11-24 21:13 - 00003052 _____ C:\Windows\System32\Tasks\Show-Password Update
2013-11-24 21:05 - 2013-11-24 21:05 - 00000000 ____D C:\Users\wupto\AppData\Local\DOSBox
2013-11-24 21:02 - 2013-11-24 21:03 - 45314918 _____ C:\Users\wupto\Downloads\Secret of Monkey Island (U).zip
2013-11-24 19:31 - 2013-11-24 19:31 - 00000044 _____ C:\Users\wupto\jagex_cl_oldschool_LIVE.dat
2013-11-24 15:34 - 2013-11-25 14:46 - 00000045 _____ C:\Users\wupto\jagex_cl_runescape_LIVE1.dat
2013-11-24 15:34 - 2013-11-24 15:34 - 00000000 ____D C:\Users\wupto\jagexcache1
2013-11-24 14:05 - 2013-11-24 14:05 - 00001977 _____ C:\Users\Public\Desktop\One Unit Whole Blood.lnk
2013-11-24 13:11 - 2013-11-24 13:22 - 301486440 _____ (GOG.com ) C:\Users\wupto\Downloads\setup_one_unit_whole_blood_2.0.0.21.exe
2013-11-24 13:03 - 2013-11-24 13:03 - 00000000 ____D C:\Program Files (x86)\DOSBox-0.74
2013-11-24 13:02 - 2013-11-24 21:08 - 00000000 ____D C:\Users\wupto\emus
2013-11-24 13:02 - 2013-11-24 13:02 - 01448809 _____ (DOSBox Team) C:\Users\wupto\Downloads\DOSBox0.74-win32-installer.exe
2013-11-23 17:11 - 2013-11-24 20:17 - 00000046 _____ C:\Users\wupto\jagex_cl_speccollect_LIVE.dat
2013-11-22 16:11 - 2013-11-22 17:18 - 00000000 ____D C:\Users\wupto\Desktop\SteamCMD
2013-11-21 22:07 - 2013-11-21 22:07 - 00000221 _____ C:\Users\wupto\Desktop\Arma 2 Operation Arrowhead.url
2013-11-21 21:58 - 2013-11-21 21:58 - 00000222 _____ C:\Users\wupto\Desktop\Arma 2 DayZ Mod.url
2013-11-21 20:04 - 2013-11-21 20:04 - 00000000 ____D C:\Users\wupto\AppData\Local\Divinity 2
2013-11-21 20:04 - 2013-11-21 20:04 - 00000000 ____D C:\ProgramData\Divinity 2
2013-11-21 20:01 - 2013-11-21 20:01 - 00000000 ____D C:\Windows\B83FC356B7C0441F8A4DD71E088E7974.TMP
2013-11-20 20:23 - 2013-11-20 20:30 - 00000000 ____D C:\Users\wupto\Desktop\Cactus Arcade
2013-11-20 20:17 - 2013-11-20 20:21 - 47990013 _____ C:\Users\wupto\Downloads\arcade.zip
2013-11-20 20:11 - 2013-11-20 20:11 - 01329197 _____ C:\Users\wupto\Downloads\I Was In The War.rar
2013-11-20 19:19 - 2013-11-20 19:19 - 00000000 ____D C:\Users\wupto\Desktop\juicy
2013-11-20 19:17 - 2013-11-20 19:18 - 02050875 _____ C:\Users\wupto\Downloads\controlconf.rar
2013-11-20 14:19 - 2013-11-20 14:19 - 01071224 _____ (Solid State Networks) C:\Users\wupto\Downloads\install_flashplayer11x32au_mssd_aaa_aih.exe
2013-11-18 21:32 - 2013-11-18 21:33 - 00000000 ____D C:\Users\wupto\.mediathek3
2013-11-18 21:32 - 2013-11-18 21:32 - 00000000 ____D C:\Users\wupto\Documents\StreamTransport
2013-11-18 21:31 - 2013-11-18 21:31 - 12839824 _____ C:\Users\wupto\Downloads\MediathekView_3.3.0.zip
2013-11-18 21:31 - 2013-11-18 21:31 - 00000000 ____D C:\Users\wupto\MediathekView
2013-11-18 21:24 - 2013-11-18 21:24 - 03331742 _____ ( ) C:\Users\wupto\Downloads\streamtransport2171_setup.exe
2013-11-18 17:58 - 2013-11-18 17:59 - 00000000 ____D C:\Users\wupto\AppData\Local\Risen
2013-11-18 17:50 - 2013-11-18 17:50 - 00000000 ____D C:\Windows\1C4551A64743409391E41477CD655043.TMP
2013-11-18 17:44 - 2013-11-18 17:44 - 00000000 ____D C:\Program Files (x86)\Deep Silver
2013-11-17 00:19 - 2013-11-17 00:20 - 00000000 ____D C:\Users\wupto\AppData\Local\GameMaker8.1
2013-11-17 00:19 - 2013-11-17 00:19 - 12725464 _____ C:\Users\wupto\Downloads\GameMaker-Installer-8.1.exe
2013-11-17 00:19 - 2013-11-17 00:19 - 00000000 ____D C:\Users\wupto\GameMaker 8.1
2013-11-17 00:19 - 2013-11-17 00:19 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameMaker 8.1
2013-11-17 00:19 - 2013-11-17 00:19 - 00000000 ____D C:\Users\wupto\AppData\Roaming\GameMaker
2013-11-14 19:12 - 2013-11-26 14:30 - 00000024 _____ C:\Users\wupto\random.dat
2013-11-14 19:12 - 2013-11-26 14:25 - 00000044 _____ C:\Users\wupto\jagex_cl_runescape_LIVE.dat
2013-11-14 19:12 - 2013-11-24 19:31 - 00000000 ____D C:\Users\wupto\jagexcache
2013-11-14 18:47 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 18:47 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 18:47 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 18:47 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-14 18:47 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-14 18:47 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 18:47 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-14 18:47 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-14 18:47 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-14 18:47 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-14 18:47 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-14 18:47 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-14 18:47 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-14 18:47 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 18:47 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-14 18:47 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-14 18:47 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-14 18:47 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-14 18:47 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-14 18:47 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-14 18:47 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-14 18:47 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-14 18:47 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-14 18:47 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-14 18:47 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-14 18:47 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-14 18:47 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-14 18:47 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-14 18:47 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-14 18:47 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-13 21:25 - 2013-11-13 21:20 - 00000000 ____D C:\Users\wupto\Desktop\dungame
2013-11-12 21:22 - 2013-11-12 21:22 - 00000000 ____D C:\ProgramData\Oracle
2013-11-12 21:21 - 2013-11-12 21:21 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-11-12 21:21 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-11-12 21:21 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-11-12 21:21 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-11-12 21:21 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-11-10 15:53 - 2011-06-01 18:15 - 00000000 ____D C:\Users\wupto\Downloads\tilesets
2013-11-10 15:53 - 2011-06-01 18:15 - 00000000 ____D C:\Users\wupto\Downloads\chardata
2013-11-10 15:53 - 2011-06-01 18:11 - 00000018 _____ C:\Users\wupto\Downloads\DD.dat
2013-11-10 15:53 - 2011-06-01 18:09 - 00005851 _____ C:\Users\wupto\Downloads\readme.txt
2013-11-10 15:53 - 2011-05-24 15:32 - 01127594 _____ C:\Users\wupto\Downloads\boss_kill.wav
2013-11-10 15:53 - 2011-05-24 15:32 - 01098732 _____ C:\Users\wupto\Downloads\startup.wav
2013-11-10 15:53 - 2011-05-24 15:32 - 00810126 _____ C:\Users\wupto\Downloads\dungeon_enter.wav
2013-11-10 15:53 - 2011-05-24 15:32 - 00723544 _____ C:\Users\wupto\Downloads\death.wav
2013-11-10 15:53 - 2011-05-24 15:32 - 00377202 _____ C:\Users\wupto\Downloads\boss_find.wav
2013-11-10 15:53 - 2011-05-24 15:32 - 00186724 _____ C:\Users\wupto\Downloads\spell.wav
2013-11-10 15:53 - 2011-05-24 15:32 - 00087640 _____ C:\Users\wupto\Downloads\fight.wav
2013-11-10 15:53 - 2011-05-24 15:32 - 00006868 _____ C:\Users\wupto\Downloads\general.wav
2013-11-10 15:53 - 2009-05-16 12:47 - 00005120 _____ C:\Users\wupto\Downloads\netread.dll
2013-11-10 15:49 - 2013-11-10 15:49 - 06480958 _____ C:\Users\wupto\Downloads\DesktopDungeons_v021.exe
2013-11-09 22:54 - 2013-11-28 15:25 - 00000000 ____D C:\Users\wupto\AppData\Local\Facebook
2013-11-09 22:54 - 2013-11-27 22:59 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2551939517-2927700148-1210324758-1000UA.job
2013-11-09 22:54 - 2013-11-27 22:59 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2551939517-2927700148-1210324758-1000Core.job
2013-11-09 22:54 - 2013-11-09 22:54 - 00501248 _____ (Facebook Inc.) C:\Users\wupto\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
2013-11-09 22:54 - 2013-11-09 22:54 - 00003904 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2551939517-2927700148-1210324758-1000UA
2013-11-09 22:54 - 2013-11-09 22:54 - 00003536 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2551939517-2927700148-1210324758-1000Core
2013-11-09 18:45 - 2013-11-09 18:45 - 00000000 ____D C:\Users\wupto\AppData\Local\unknown
2013-11-09 13:19 - 2013-11-09 23:58 - 00000000 ____D C:\Users\wupto\Desktop\dungon
2013-11-07 19:18 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2013-11-07 19:17 - 2013-11-07 19:18 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-07 19:17 - 2013-11-07 19:18 - 00000000 ____D C:\Program Files\iTunes
2013-11-07 19:17 - 2013-11-07 19:18 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-07 19:17 - 2013-11-07 19:17 - 00000000 ____D C:\Program Files\iPod
2013-11-07 19:14 - 2013-11-07 19:14 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-11-07 19:14 - 2013-11-07 19:14 - 00000000 ____D C:\Program Files\Bonjour
2013-11-07 19:14 - 2013-11-07 19:14 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-11-07 19:11 - 2013-11-07 19:14 - 100400976 _____ (Apple Inc.) C:\Users\wupto\Downloads\iTunes64Setup.exe
2013-11-07 12:54 - 2013-11-07 12:54 - 00000748 _____ C:\Users\wupto\Downloads\Manoria.sav
2013-11-07 12:53 - 2013-11-07 12:54 - 12141520 _____ () C:\Users\wupto\Downloads\manoria0.6.exe
2013-11-06 22:50 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2013-11-04 23:52 - 2013-11-04 23:58 - 00000000 ____D C:\Users\wupto\AppData\Roaming\.mojam
2013-11-03 20:26 - 2013-09-02 21:07 - 00000000 ____D C:\Users\wupto\Desktop\henrik 84 euro schulden
2013-11-03 13:50 - 2013-11-03 13:50 - 00065832 _____ C:\Users\wupto\Downloads\fsbext-master.zip
2013-11-03 13:46 - 2013-11-03 13:46 - 00055201 _____ C:\Users\wupto\Downloads\fsbext.zip
2013-11-02 17:59 - 2013-11-03 15:14 - 00000000 ____D C:\Users\wupto\Desktop\EBT
2013-11-01 23:48 - 2013-11-02 00:25 - 00000000 ____D C:\Users\wupto\Documents\Proteus
2013-11-01 14:28 - 2013-11-01 14:28 - 00000000 ____D C:\Users\wupto\.lennasinception
2013-11-01 13:06 - 2013-11-01 13:07 - 11626288 _____ C:\Users\wupto\Downloads\lennasinception_alpha4a.zip
2013-10-30 18:06 - 2013-10-30 18:06 - 00000000 ____D C:\Users\wupto\Documents\Remedy
2013-10-30 18:06 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2013-10-30 18:06 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2013-10-30 18:06 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2013-10-30 18:06 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2013-10-30 18:06 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2013-10-30 18:06 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2013-10-30 18:06 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2013-10-30 18:05 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2013-10-30 18:05 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2013-10-30 18:05 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2013-10-30 18:05 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2013-10-30 18:05 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2013-10-30 18:05 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2013-10-30 18:05 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2013-10-30 18:05 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2013-10-30 18:05 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2013-10-30 18:05 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2013-10-30 18:05 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2013-10-30 18:05 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2013-10-30 18:05 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2013-10-30 18:05 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2013-10-30 18:05 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2013-10-30 18:05 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2013-10-30 18:05 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2013-10-30 18:05 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2013-10-30 18:05 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2013-10-30 18:05 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2013-10-30 18:05 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2013-10-30 18:05 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2013-10-30 18:05 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2013-10-30 18:05 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2013-10-30 18:05 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2013-10-30 18:05 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2013-10-30 18:05 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2013-10-30 18:05 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2013-10-30 18:05 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2013-10-30 18:05 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2013-10-30 18:05 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2013-10-30 18:05 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2013-10-30 18:05 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2013-10-30 18:05 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2013-10-30 18:05 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2013-10-30 18:05 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2013-10-30 18:05 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2013-10-30 18:05 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2013-10-30 18:05 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2013-10-30 18:05 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2013-10-30 18:05 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2013-10-30 18:05 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2013-10-30 18:05 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2013-10-30 18:05 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2013-10-30 18:05 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2013-10-30 18:05 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2013-10-30 18:05 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2013-10-30 18:05 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2013-10-30 18:05 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2013-10-30 18:05 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2013-10-30 18:05 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2013-10-30 18:05 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2013-10-30 18:05 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2013-10-30 18:05 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2013-10-30 18:05 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2013-10-30 18:05 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2013-10-30 18:05 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2013-10-30 18:05 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2013-10-30 18:05 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2013-10-30 18:05 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2013-10-30 18:05 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2013-10-30 18:05 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2013-10-30 18:05 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2013-10-30 18:05 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2013-10-30 18:05 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2013-10-30 18:05 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2013-10-30 18:05 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2013-10-30 18:05 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2013-10-30 18:05 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2013-10-30 18:05 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2013-10-30 18:05 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2013-10-30 18:05 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2013-10-30 18:05 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2013-10-30 18:05 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2013-10-30 18:05 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2013-10-30 18:05 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2013-10-30 18:05 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2013-10-30 18:05 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2013-10-30 18:05 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2013-10-30 18:05 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2013-10-30 18:05 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2013-10-30 18:05 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2013-10-30 18:05 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2013-10-30 18:05 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2013-10-30 18:05 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2013-10-30 18:05 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2013-10-30 18:05 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2013-10-30 18:05 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2013-10-30 18:05 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2013-10-30 18:05 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2013-10-30 18:05 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2013-10-30 18:05 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2013-10-30 18:05 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2013-10-30 18:05 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2013-10-30 18:05 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2013-10-30 18:05 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2013-10-30 18:05 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2013-10-30 18:05 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2013-10-30 18:05 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2013-10-30 18:05 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2013-10-30 18:05 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2013-10-30 18:05 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2013-10-30 18:05 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2013-10-30 18:05 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2013-10-30 18:05 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2013-10-30 18:05 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2013-10-30 18:05 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2013-10-30 18:05 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2013-10-30 18:05 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2013-10-30 18:05 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2013-10-30 18:05 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2013-10-30 18:05 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2013-10-30 18:05 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2013-10-30 18:05 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2013-10-30 18:05 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2013-10-30 18:05 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2013-10-30 18:05 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2013-10-30 18:05 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2013-10-30 18:05 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2013-10-30 18:05 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2013-10-30 18:05 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2013-10-30 18:05 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2013-10-30 18:05 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2013-10-30 18:05 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2013-10-30 18:05 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2013-10-30 18:05 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2013-10-30 18:05 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2013-10-30 18:05 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2013-10-30 18:05 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2013-10-30 18:05 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2013-10-30 18:05 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2013-10-30 18:05 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2013-10-30 18:05 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2013-10-30 18:05 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2013-10-30 18:05 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2013-10-30 18:05 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2013-10-30 18:05 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2013-10-30 18:05 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2013-10-30 18:05 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2013-10-30 18:05 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2013-10-30 18:05 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2013-10-30 18:05 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2013-10-30 18:05 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2013-10-30 18:05 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2013-10-30 18:05 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2013-10-30 18:05 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2013-10-30 18:05 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2013-10-30 18:05 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2013-10-30 18:05 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2013-10-30 18:05 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2013-10-30 18:05 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2013-10-30 18:05 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2013-10-30 18:05 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2013-10-30 18:05 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2013-10-30 18:05 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2013-10-30 18:05 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2013-10-30 18:05 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2013-10-30 18:05 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2013-10-30 18:05 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2013-10-30 18:04 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2013-10-30 18:04 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2013-10-30 18:04 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2013-10-30 18:04 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2013-10-30 18:04 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2013-10-30 18:04 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2013-10-30 18:04 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2013-10-30 18:04 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2013-10-30 18:04 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2013-10-30 18:04 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2013-10-30 18:04 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2013-10-30 18:04 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2013-10-29 11:22 - 2013-10-29 11:24 - 00000000 ____D C:\Program Files (x86)\3D-Fahrschule Demo
2013-10-29 11:22 - 2013-10-29 11:22 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3D-Fahrschule Demo
2013-10-29 11:20 - 2013-10-29 11:21 - 38687661 _____ C:\Users\wupto\Downloads\drive5-DE.exe
==================== One Month Modified Files and Folders =======
2013-11-28 15:39 - 2013-08-10 12:02 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Skype
2013-11-28 15:38 - 2013-11-24 21:46 - 00000000 ____D C:\Users\wupto\Virenbekämpfung
2013-11-28 15:38 - 2013-08-10 12:06 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-28 15:32 - 2013-09-14 14:48 - 00000000 ____D C:\Windows\System32\Tasks\Games
2013-11-28 15:25 - 2013-11-09 22:54 - 00000000 ____D C:\Users\wupto\AppData\Local\Facebook
2013-11-28 15:17 - 2013-09-15 19:15 - 00000000 ____D C:\ProgramData\SecTaskMan
2013-11-28 15:14 - 2013-09-15 21:04 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-28 15:02 - 2009-07-14 05:51 - 00073131 _____ C:\Windows\setupact.log
2013-11-28 14:59 - 2013-11-28 14:59 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\wupto\Downloads\revosetup95.exe
2013-11-28 14:59 - 2013-11-28 14:59 - 00001268 _____ C:\Users\wupto\Desktop\Revo Uninstaller.lnk
2013-11-28 14:59 - 2013-11-28 14:59 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-11-28 14:49 - 2013-10-18 22:52 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Spotify
2013-11-28 14:49 - 2013-08-10 04:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-28 14:47 - 2013-11-24 21:13 - 00000404 _____ C:\Windows\Tasks\Show-Password Update.job
2013-11-28 14:47 - 2013-09-15 21:04 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-28 14:47 - 2013-08-10 14:35 - 00000000 ___RD C:\Users\wupto\Dropbox
2013-11-28 14:47 - 2013-08-10 14:30 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Dropbox
2013-11-28 14:47 - 2013-08-10 12:03 - 00000000 ____D C:\Users\wupto\AppData\Local\Adobe
2013-11-28 14:45 - 2013-08-10 04:10 - 02007123 _____ C:\Windows\WindowsUpdate.log
2013-11-28 14:42 - 2009-07-14 05:45 - 00015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-28 14:42 - 2009-07-14 05:45 - 00015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-28 14:34 - 2013-08-10 04:37 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-28 14:34 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-27 23:17 - 2013-08-10 04:50 - 00000000 ____D C:\Program Files (x86)\Steam
2013-11-27 22:59 - 2013-11-09 22:54 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2551939517-2927700148-1210324758-1000UA.job
2013-11-27 22:59 - 2013-11-09 22:54 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2551939517-2927700148-1210324758-1000Core.job
2013-11-27 20:51 - 2013-08-10 12:43 - 00000000 ___RD C:\Users\wupto\Desktop\Games
2013-11-27 20:17 - 2013-11-27 20:17 - 00000000 ____D C:\Program Files (x86)\Aurora
2013-11-27 20:02 - 2013-08-10 12:35 - 00000000 ____D C:\Users\wupto\Documents\screens
2013-11-27 19:21 - 2013-08-10 12:35 - 00000408 _____ C:\Users\wupto\Desktop\films u should watch.txt
2013-11-27 16:25 - 2013-11-27 16:25 - 00000000 ____D C:\Program Files (x86)\Security Task Manager
2013-11-27 16:24 - 2013-11-27 16:24 - 02094432 _____ C:\Users\wupto\Downloads\SecurityTaskManager_Setup-1.8d.exe
2013-11-27 08:12 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-27 06:46 - 2013-08-10 04:16 - 00001425 _____ C:\Users\wupto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-27 06:43 - 2013-08-11 11:43 - 00038258 _____ C:\Windows\PFRO.log
2013-11-27 06:43 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-26 23:39 - 2013-11-26 23:34 - 00009961 _____ C:\Windows\IE11_main.log
2013-11-26 23:36 - 2013-11-26 23:36 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 23:36 - 2013-11-26 23:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 23:36 - 2013-11-26 23:36 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 23:36 - 2013-11-26 23:36 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 23:36 - 2013-11-26 23:36 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 23:36 - 2013-11-26 23:36 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-26 23:36 - 2013-11-26 23:36 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 23:36 - 2013-11-26 23:36 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 23:36 - 2013-11-26 23:36 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-26 23:36 - 2013-11-26 23:36 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 23:36 - 2013-11-26 23:36 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 23:36 - 2013-11-26 23:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-26 23:36 - 2013-11-26 23:36 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 23:36 - 2013-11-26 23:36 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-26 23:36 - 2013-11-26 23:36 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 23:36 - 2013-11-26 23:36 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-26 23:36 - 2013-11-26 23:36 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 23:36 - 2013-11-26 23:36 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 23:36 - 2013-11-26 23:36 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 23:36 - 2013-11-26 23:36 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 23:36 - 2013-11-26 23:36 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-26 23:36 - 2013-11-26 23:36 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-26 23:36 - 2013-11-26 23:36 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-26 23:36 - 2013-11-26 23:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-26 23:36 - 2013-11-26 23:36 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 23:36 - 2013-11-26 23:36 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-26 23:36 - 2013-11-26 23:36 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 23:36 - 2013-11-26 23:36 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-26 23:36 - 2013-11-26 23:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 23:33 - 2013-11-25 18:17 - 00000000 ____D C:\Users\wupto\AppData\Roaming\GameMaker-Studio
2013-11-26 21:34 - 2013-11-26 21:34 - 00001236 _____ C:\Users\wupto\Downloads\laubori.dat
2013-11-26 21:34 - 2013-11-26 21:34 - 00001191 _____ C:\Users\wupto\Downloads\ScrouwL.dat
2013-11-26 21:34 - 2013-11-26 21:34 - 00000982 _____ C:\Users\wupto\Downloads\SanDroidx.dat
2013-11-26 19:52 - 2013-08-10 20:43 - 00000000 ____D C:\Users\wupto\AppData\Roaming\FileZilla
2013-11-26 19:25 - 2013-11-26 19:23 - 00000000 ____D C:\Users\wupto\MINECRAFT STUFF
2013-11-26 19:24 - 2013-08-10 04:14 - 00000000 ____D C:\Users\wupto
2013-11-26 19:13 - 2013-08-11 16:37 - 00000000 ____D C:\Users\wupto\AppData\Roaming\.minecraft
2013-11-26 17:24 - 2013-08-10 20:33 - 00000132 _____ C:\Users\wupto\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2013-11-26 14:30 - 2013-11-14 19:12 - 00000024 _____ C:\Users\wupto\random.dat
2013-11-26 14:25 - 2013-11-14 19:12 - 00000044 _____ C:\Users\wupto\jagex_cl_runescape_LIVE.dat
2013-11-26 13:19 - 2013-08-25 18:01 - 00000000 ____D C:\Users\wupto\AppData\Roaming\DVDVideoSoft
2013-11-26 12:32 - 2013-11-26 12:32 - 00000695 _____ C:\Users\wupto\Desktop\JRT.txt
2013-11-26 12:25 - 2013-11-26 12:25 - 01034531 _____ (Thisisu) C:\Users\wupto\Desktop\JRT.exe
2013-11-26 12:25 - 2013-11-26 12:25 - 00000000 ____D C:\Windows\ERUNT
2013-11-26 12:17 - 2013-11-26 12:14 - 00000000 ____D C:\AdwCleaner
2013-11-26 12:12 - 2013-11-26 12:12 - 01091882 _____ C:\Users\wupto\Desktop\adwcleaner.exe
2013-11-26 11:47 - 2013-11-26 11:47 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-26 11:47 - 2013-11-26 11:47 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Malwarebytes
2013-11-26 11:47 - 2013-11-26 11:46 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-26 11:46 - 2013-11-26 11:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-26 11:45 - 2013-11-26 11:45 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\wupto\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-25 19:46 - 2013-11-25 17:45 - 00000000 ____D C:\daten
2013-11-25 19:29 - 2013-10-24 16:26 - 00000000 ____D C:\Users\wupto\workspacecpp
2013-11-25 19:29 - 2013-08-10 12:17 - 00000000 ____D C:\Users\wupto\workspace
2013-11-25 19:27 - 2013-11-25 19:27 - 00001892 _____ C:\Users\wupto\Desktop\GameMaker-Studio 1.2.lnk
2013-11-25 18:27 - 2013-11-25 18:27 - 00000000 ____D C:\Users\wupto\AppData\Local\daten
2013-11-25 18:19 - 2013-08-19 22:13 - 00000000 ____D C:\Users\wupto\AppData\Local\GameMaker-Studio
2013-11-25 18:02 - 2013-08-10 12:02 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-25 18:02 - 2013-08-10 12:02 - 00000000 ____D C:\ProgramData\Skype
2013-11-25 18:01 - 2013-11-25 18:01 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameMaker-Studio 1.2
2013-11-25 18:01 - 2013-11-25 18:00 - 00000000 ____D C:\Users\wupto\GameMaker-Studio 1.2
2013-11-25 17:57 - 2013-11-25 17:49 - 187622368 _____ C:\Users\wupto\Downloads\GMStudio-Installer.exe
2013-11-25 17:49 - 2013-08-30 15:10 - 00000000 ____D C:\Users\wupto\AppData\Local\Apps\2.0
2013-11-25 17:45 - 2013-08-20 11:48 - 00000000 ____D C:\Program Files\eclipse
2013-11-25 14:46 - 2013-11-24 15:34 - 00000045 _____ C:\Users\wupto\jagex_cl_runescape_LIVE1.dat
2013-11-25 14:39 - 2013-11-25 14:39 - 00000000 ____D C:\Windows\Sun
2013-11-25 14:22 - 2013-11-25 14:22 - 00027498 _____ C:\ComboFix.txt
2013-11-25 14:22 - 2013-11-25 14:04 - 00000000 ____D C:\Qoobox
2013-11-25 14:22 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2013-11-25 14:21 - 2013-11-25 14:03 - 00000000 ____D C:\Windows\erdnt
2013-11-25 14:20 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-11-25 13:58 - 2013-11-25 13:57 - 05149261 ____R (Swearware) C:\Users\wupto\Desktop\ComboFix.exe
2013-11-25 13:41 - 2013-10-18 22:56 - 00000000 ____D C:\Users\wupto\AppData\Local\Spotify
2013-11-24 22:08 - 2013-11-24 22:08 - 00000000 ____D C:\FRST
2013-11-24 21:46 - 2013-11-24 21:46 - 00000472 _____ C:\Users\wupto\Downloads\defogger_disable.log
2013-11-24 21:13 - 2013-11-24 21:13 - 00229539 _____ C:\Users\wupto\Desktop\monkey.zip
2013-11-24 21:13 - 2013-11-24 21:13 - 00003052 _____ C:\Windows\System32\Tasks\Show-Password Update
2013-11-24 21:08 - 2013-11-24 13:02 - 00000000 ____D C:\Users\wupto\emus
2013-11-24 21:05 - 2013-11-24 21:05 - 00000000 ____D C:\Users\wupto\AppData\Local\DOSBox
2013-11-24 21:03 - 2013-11-24 21:02 - 45314918 _____ C:\Users\wupto\Downloads\Secret of Monkey Island (U).zip
2013-11-24 20:17 - 2013-11-23 17:11 - 00000046 _____ C:\Users\wupto\jagex_cl_speccollect_LIVE.dat
2013-11-24 19:31 - 2013-11-24 19:31 - 00000044 _____ C:\Users\wupto\jagex_cl_oldschool_LIVE.dat
2013-11-24 19:31 - 2013-11-14 19:12 - 00000000 ____D C:\Users\wupto\jagexcache
2013-11-24 16:57 - 2013-08-11 14:27 - 00000586 _____ C:\Users\wupto\Neues Textdokument.txt
2013-11-24 15:34 - 2013-11-24 15:34 - 00000000 ____D C:\Users\wupto\jagexcache1
2013-11-24 14:05 - 2013-11-24 14:05 - 00001977 _____ C:\Users\Public\Desktop\One Unit Whole Blood.lnk
2013-11-24 14:04 - 2013-10-02 18:05 - 00000000 ____D C:\GOG Games
2013-11-24 13:22 - 2013-11-24 13:11 - 301486440 _____ (GOG.com ) C:\Users\wupto\Downloads\setup_one_unit_whole_blood_2.0.0.21.exe
2013-11-24 13:03 - 2013-11-24 13:03 - 00000000 ____D C:\Program Files (x86)\DOSBox-0.74
2013-11-24 13:02 - 2013-11-24 13:02 - 01448809 _____ (DOSBox Team) C:\Users\wupto\Downloads\DOSBox0.74-win32-installer.exe
2013-11-22 17:18 - 2013-11-22 16:11 - 00000000 ____D C:\Users\wupto\Desktop\SteamCMD
2013-11-22 15:14 - 2013-09-04 13:36 - 00000000 ____D C:\Users\wupto\Desktop\Hammerwatch Art
2013-11-21 22:07 - 2013-11-21 22:07 - 00000221 _____ C:\Users\wupto\Desktop\Arma 2 Operation Arrowhead.url
2013-11-21 21:58 - 2013-11-21 21:58 - 00000222 _____ C:\Users\wupto\Desktop\Arma 2 DayZ Mod.url
2013-11-21 20:04 - 2013-11-21 20:04 - 00000000 ____D C:\Users\wupto\AppData\Local\Divinity 2
2013-11-21 20:04 - 2013-11-21 20:04 - 00000000 ____D C:\ProgramData\Divinity 2
2013-11-21 20:01 - 2013-11-21 20:01 - 00000000 ____D C:\Windows\B83FC356B7C0441F8A4DD71E088E7974.TMP
2013-11-21 20:01 - 2013-08-10 17:11 - 00561097 _____ C:\Windows\DirectX.log
2013-11-21 20:00 - 2013-08-10 17:06 - 00000000 ____D C:\Users\wupto\Documents\3D-CoatV4
2013-11-20 20:30 - 2013-11-20 20:23 - 00000000 ____D C:\Users\wupto\Desktop\Cactus Arcade
2013-11-20 20:21 - 2013-11-20 20:17 - 47990013 _____ C:\Users\wupto\Downloads\arcade.zip
2013-11-20 20:14 - 2013-09-23 15:59 - 00000000 ____D C:\Users\wupto\AppData\Roaming\vlc
2013-11-20 20:11 - 2013-11-20 20:11 - 01329197 _____ C:\Users\wupto\Downloads\I Was In The War.rar
2013-11-20 19:19 - 2013-11-20 19:19 - 00000000 ____D C:\Users\wupto\Desktop\juicy
2013-11-20 19:18 - 2013-11-20 19:17 - 02050875 _____ C:\Users\wupto\Downloads\controlconf.rar
2013-11-20 14:19 - 2013-11-20 14:19 - 01071224 _____ (Solid State Networks) C:\Users\wupto\Downloads\install_flashplayer11x32au_mssd_aaa_aih.exe
2013-11-19 11:21 - 2013-08-10 04:55 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-18 21:33 - 2013-11-18 21:32 - 00000000 ____D C:\Users\wupto\.mediathek3
2013-11-18 21:32 - 2013-11-18 21:32 - 00000000 ____D C:\Users\wupto\Documents\StreamTransport
2013-11-18 21:31 - 2013-11-18 21:31 - 12839824 _____ C:\Users\wupto\Downloads\MediathekView_3.3.0.zip
2013-11-18 21:31 - 2013-11-18 21:31 - 00000000 ____D C:\Users\wupto\MediathekView
2013-11-18 21:24 - 2013-11-18 21:24 - 03331742 _____ ( ) C:\Users\wupto\Downloads\streamtransport2171_setup.exe
2013-11-18 21:21 - 2013-08-11 14:49 - 00000000 ____D C:\Users\wupto\dwhelper
2013-11-18 19:36 - 2013-08-10 14:14 - 00000000 ____D C:\Users\wupto\Desktop\TO DO
2013-11-18 18:35 - 2013-08-10 12:40 - 00000000 ____D C:\Users\wupto\Documents\my games
2013-11-18 17:59 - 2013-11-18 17:58 - 00000000 ____D C:\Users\wupto\AppData\Local\Risen
2013-11-18 17:50 - 2013-11-18 17:50 - 00000000 ____D C:\Windows\1C4551A64743409391E41477CD655043.TMP
2013-11-18 17:44 - 2013-11-18 17:44 - 00000000 ____D C:\Program Files (x86)\Deep Silver
2013-11-18 17:44 - 2013-08-10 04:26 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-17 22:26 - 2013-08-10 04:52 - 00001912 _____ C:\Windows\epplauncher.mif
2013-11-17 22:25 - 2013-08-10 04:51 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-17 22:25 - 2013-08-10 04:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-11-17 01:29 - 2009-07-14 18:58 - 00699188 _____ C:\Windows\system32\perfh007.dat
2013-11-17 01:29 - 2009-07-14 18:58 - 00149328 _____ C:\Windows\system32\perfc007.dat
2013-11-17 01:29 - 2009-07-14 06:13 - 01619672 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-17 00:20 - 2013-11-17 00:19 - 00000000 ____D C:\Users\wupto\AppData\Local\GameMaker8.1
2013-11-17 00:19 - 2013-11-17 00:19 - 12725464 _____ C:\Users\wupto\Downloads\GameMaker-Installer-8.1.exe
2013-11-17 00:19 - 2013-11-17 00:19 - 00000000 ____D C:\Users\wupto\GameMaker 8.1
2013-11-17 00:19 - 2013-11-17 00:19 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameMaker 8.1
2013-11-17 00:19 - 2013-11-17 00:19 - 00000000 ____D C:\Users\wupto\AppData\Roaming\GameMaker
2013-11-17 00:19 - 2013-08-19 22:15 - 00000000 ____D C:\Users\wupto\AppData\Local\YoYo_Games_Ltd
2013-11-13 21:20 - 2013-11-13 21:25 - 00000000 ____D C:\Users\wupto\Desktop\dungame
2013-11-12 21:22 - 2013-11-12 21:22 - 00000000 ____D C:\ProgramData\Oracle
2013-11-12 21:21 - 2013-11-12 21:21 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-11-12 21:21 - 2013-08-11 16:36 - 00000000 ____D C:\Program Files (x86)\Java
2013-11-10 20:33 - 2013-08-10 12:35 - 00000000 ____D C:\Users\wupto\Desktop\ART
2013-11-10 16:11 - 2013-09-21 19:00 - 00000000 ____D C:\Program Files (x86)\Cube World
2013-11-10 15:49 - 2013-11-10 15:49 - 06480958 _____ C:\Users\wupto\Downloads\DesktopDungeons_v021.exe
2013-11-09 23:58 - 2013-11-09 13:19 - 00000000 ____D C:\Users\wupto\Desktop\dungon
2013-11-09 22:54 - 2013-11-09 22:54 - 00501248 _____ (Facebook Inc.) C:\Users\wupto\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
2013-11-09 22:54 - 2013-11-09 22:54 - 00003904 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2551939517-2927700148-1210324758-1000UA
2013-11-09 22:54 - 2013-11-09 22:54 - 00003536 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2551939517-2927700148-1210324758-1000Core
2013-11-09 18:45 - 2013-11-09 18:45 - 00000000 ____D C:\Users\wupto\AppData\Local\unknown
2013-11-07 19:19 - 2013-08-23 18:36 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Apple Computer
2013-11-07 19:18 - 2013-11-07 19:17 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-07 19:18 - 2013-11-07 19:17 - 00000000 ____D C:\Program Files\iTunes
2013-11-07 19:18 - 2013-11-07 19:17 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-07 19:18 - 2013-08-23 18:36 - 00000000 ____D C:\Users\wupto\AppData\Local\Apple Computer
2013-11-07 19:17 - 2013-11-07 19:17 - 00000000 ____D C:\Program Files\iPod
2013-11-07 19:17 - 2013-08-26 13:39 - 00000000 ____D C:\ProgramData\Apple Computer
2013-11-07 19:15 - 2013-08-26 13:36 - 00000000 ____D C:\ProgramData\Apple
2013-11-07 19:14 - 2013-11-07 19:14 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-11-07 19:14 - 2013-11-07 19:14 - 00000000 ____D C:\Program Files\Bonjour
2013-11-07 19:14 - 2013-11-07 19:14 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-11-07 19:14 - 2013-11-07 19:11 - 100400976 _____ (Apple Inc.) C:\Users\wupto\Downloads\iTunes64Setup.exe
2013-11-07 12:54 - 2013-11-07 12:54 - 00000748 _____ C:\Users\wupto\Downloads\Manoria.sav
2013-11-07 12:54 - 2013-11-07 12:53 - 12141520 _____ () C:\Users\wupto\Downloads\manoria0.6.exe
2013-11-06 16:52 - 2013-08-23 18:37 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Unity
2013-11-06 16:19 - 2013-08-10 04:15 - 00000000 ___RD C:\Users\wupto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-06 16:18 - 2013-08-10 14:35 - 00001017 _____ C:\Users\wupto\Desktop\Dropbox.lnk
2013-11-06 16:18 - 2013-08-10 14:31 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-11-05 19:08 - 2013-09-19 14:53 - 00000000 ____D C:\Users\wupto\Documents\Klei
2013-11-04 23:58 - 2013-11-04 23:52 - 00000000 ____D C:\Users\wupto\AppData\Roaming\.mojam
2013-11-04 23:49 - 2013-10-25 19:15 - 00000000 ____D C:\Users\wupto\skyrim gedönse
2013-11-04 23:41 - 2013-10-04 01:43 - 00001418 _____ C:\Users\wupto\Desktop\3D-Coat.lnk
2013-11-04 23:41 - 2013-08-30 20:39 - 00001521 _____ C:\Users\wupto\Desktop\Flash.lnk
2013-11-04 23:41 - 2013-08-28 14:07 - 00001219 _____ C:\Users\wupto\Desktop\After Effects.lnk
2013-11-04 23:41 - 2013-08-26 12:13 - 00001103 _____ C:\Users\wupto\Desktop\Premiere Pro.lnk
2013-11-04 23:41 - 2013-08-20 11:48 - 00000953 _____ C:\Users\wupto\Desktop\Eclipse.lnk
2013-11-04 23:41 - 2013-08-10 18:46 - 00001708 _____ C:\Users\wupto\Desktop\Photoshop.lnk
2013-11-03 19:13 - 2013-08-10 12:36 - 00000000 ____D C:\Users\wupto\Desktop\Modelling
2013-11-03 15:14 - 2013-11-02 17:59 - 00000000 ____D C:\Users\wupto\Desktop\EBT
2013-11-03 14:39 - 2013-08-21 12:03 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Audacity
2013-11-03 13:50 - 2013-11-03 13:50 - 00065832 _____ C:\Users\wupto\Downloads\fsbext-master.zip
2013-11-03 13:46 - 2013-11-03 13:46 - 00055201 _____ C:\Users\wupto\Downloads\fsbext.zip
2013-11-03 02:37 - 2013-08-23 18:51 - 00000000 ____D C:\Users\wupto\Documents\New Unity Project
2013-11-02 17:21 - 2013-08-23 18:36 - 00000000 ____D C:\ProgramData\Unity
2013-11-02 00:25 - 2013-11-01 23:48 - 00000000 ____D C:\Users\wupto\Documents\Proteus
2013-11-01 14:28 - 2013-11-01 14:28 - 00000000 ____D C:\Users\wupto\.lennasinception
2013-11-01 13:07 - 2013-11-01 13:06 - 11626288 _____ C:\Users\wupto\Downloads\lennasinception_alpha4a.zip
2013-10-31 00:36 - 2013-09-21 20:41 - 00000000 ____D C:\Users\wupto\AppData\Roaming\BitTorrent
2013-10-30 18:06 - 2013-10-30 18:06 - 00000000 ____D C:\Users\wupto\Documents\Remedy
2013-10-29 11:24 - 2013-10-29 11:22 - 00000000 ____D C:\Program Files (x86)\3D-Fahrschule Demo
2013-10-29 11:22 - 2013-10-29 11:22 - 00000000 ____D C:\Users\wupto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3D-Fahrschule Demo
2013-10-29 11:21 - 2013-10-29 11:20 - 38687661 _____ C:\Users\wupto\Downloads\drive5-DE.exe
2013-10-29 10:54 - 2009-07-14 05:45 - 04948096 _____ C:\Windows\system32\FNTCACHE.DAT
Files to move or delete:
====================
C:\Users\wupto\jagex_cl_oldschool_LIVE.dat
C:\Users\wupto\jagex_cl_runescape_LIVE.dat
C:\Users\wupto\jagex_cl_runescape_LIVE1.dat
C:\Users\wupto\jagex_cl_speccollect_LIVE.dat
C:\Users\wupto\random.dat
Some content of TEMP:
====================
C:\Users\wupto\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-11-20 14:13
==================== End Of Log ============================
|
|
29.11.2013, 08:52
| #10 |
| /// the machine /// TB-Ausbilder | Seltsame Anwendungen nach Download - 123.dll - FacebookUpdate.exe - SearchProtect - Minibar.dll - AppsHat - ShowPassword Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter BHO-x32: Show-Password - {418b59d2-50d7-45fa-844c-1f9a792f39d9} - C:\Program Files (x86)\Show-Password\135.dll No File
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Sollte weg sein
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
29.11.2013, 14:11
| #11 |
| | Seltsame Anwendungen nach Download - 123.dll - FacebookUpdate.exe - SearchProtect - Minibar.dll - AppsHat - ShowPasswordCode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-11-2013 01
Ran by wupto at 2013-11-29 14:09:32 Run:1
Running from C:\Users\wupto\Virenbekämpfung
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
BHO-x32: Show-Password - {418b59d2-50d7-45fa-844c-1f9a792f39d9} - C:\Program Files (x86)\Show-Password\135.dll No File
*****************
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{418b59d2-50d7-45fa-844c-1f9a792f39d9} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{418b59d2-50d7-45fa-844c-1f9a792f39d9} => Key deleted successfully.
==== End of Fixlog ====
|
|
30.11.2013, 16:40
| #12 |
| /// the machine /// TB-Ausbilder | Seltsame Anwendungen nach Download - 123.dll - FacebookUpdate.exe - SearchProtect - Minibar.dll - AppsHat - ShowPassword Fertig Die Reihenfolge ist hier entscheidend.
Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.12.2013, 13:44
| #13 |
| | Seltsame Anwendungen nach Download - 123.dll - FacebookUpdate.exe - SearchProtect - Minibar.dll - AppsHat - ShowPassword Alles klar, hat sich erledigt, vielen dank nochmal! |
|
02.12.2013, 10:27
| #14 |
| /// the machine /// TB-Ausbilder | Seltsame Anwendungen nach Download - 123.dll - FacebookUpdate.exe - SearchProtect - Minibar.dll - AppsHat - ShowPassword Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Seltsame Anwendungen nach Download - 123.dll - FacebookUpdate.exe - SearchProtect - Minibar.dll - AppsHat - ShowPassword |
| 123.dll, 32 bit, adblock, addon, akamai, anwendungen, defender, euro, flash player, frage, homepage, launch, msiinstaller, nach download, pc gefährdet, plug-in, programme, pup.hacktool.ddos, pup.optional.conduit.a, pup.optional.softonic, realtek, refresh, scan, security, services.exe, show-password, software, spotify web helper, svchost.exe, system, tablet, taskmanager, vikings, virus |
