| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Adware.Lollipop.D erkannt bei Download von Chip & Co.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
13.12.2013, 21:02
| #1 |
| |  Adware.Lollipop.D erkannt bei Download von Chip & Co. Guten Tag und Besten Dank für die Unterstützung! Ich bekomme seit einiger Zeit bei jedem Downloadversuch bei chip.de die folgende Meldung von meinem ESET. Bedrohung erkanntDabei kommt es nicht auf den Browser an (mit Firefox und Chrome probiert). Dabei Verwende ich Windows 8.1 64bit sowie die jeweils neusten Versionen der Browser. Versucht habe ich bereits adwcleaner.exe jrt.exe securitycheck.exe Log-Files (ich konnte nur die Logs vom adw... finden): (1/3)AdwCleaner[R0].txt Code:
ATTFilter # AdwCleaner v3.015 - Bericht erstellt am 13/12/2013 um 16:52:21
# Updated 10/12/2013 von Xplode
# Betriebssystem : Windows 8.1 Pro (64 bits)
# Benutzername : USERNAME - ANONYM-BOB13
# Gestartet von : C:\Users\USERNAME\Desktop\adwcleaner.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gefunden : C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\Extensions\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}
Ordner Gefunden : C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\Extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}
Ordner Gefunden C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\CT2851647
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : [x64] HKCU\Software\Conduit
Schlüssel Gefunden : HKLM\Software\Conduit
***** [ Browser ] *****
-\\ Internet Explorer v0.0.0.0
-\\ Mozilla Firefox v25.0.1 (de)
[ Datei : C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\prefs.js ]
Zeile gefunden : user_pref("CT2851647.FF19Solved", "true");
Zeile gefunden : user_pref("CT2851647.UserID", "UN33801629824512603");
Zeile gefunden : user_pref("CT2851647.fullUserID", "UN33801629824512603.IN.20131116173951");
Zeile gefunden : user_pref("CT2851647.installDate", "16/11/2013 17:39:52");
Zeile gefunden : user_pref("CT2851647.installSessionId", "-1");
Zeile gefunden : user_pref("CT2851647.installSp", "FALSE");
Zeile gefunden : user_pref("CT2851647.installerVersion", "1.7.0.9");
Zeile gefunden : user_pref("CT2851647.searchRevert", "FALSE");
Zeile gefunden : user_pref("CT2851647.searchUserMode", "1");
Zeile gefunden : user_pref("CT2851647.versionFromInstaller", "10.20.0.13");
Zeile gefunden : user_pref("CT2851647.xpeMode", "0");
Zeile gefunden : user_pref("smartbar.machineId", "EVUBXPR0W5STPT+/H4KFYI7REFGX/WOA8BZHNAVQDYGOGAYDNS0ZMR6+J5Z3D4/B+FRLDXSGWCEWR67IL06TRW");
*************************
AdwCleaner[R0].txt - [2125 octets] - [13/12/2013 16:52:21]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2185 octets] ##########
Code:
ATTFilter # AdwCleaner v3.015 - Bericht erstellt am 13/12/2013 um 16:53:01
# Updated 10/12/2013 von Xplode
# Betriebssystem : Windows 8.1 Pro (64 bits)
# Benutzername : USERNAME - ANONYM-BOB13
# Gestartet von : C:\Users\USERNAME\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\CT2851647
Ordner Gelöscht : C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\Extensions\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKLM\Software\Conduit
***** [ Browser ] *****
-\\ Internet Explorer v0.0.0.0
-\\ Mozilla Firefox v25.0.1 (de)
[ Datei : C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\prefs.js ]
Zeile gelöscht : user_pref("CT2851647.FF19Solved", "true");
Zeile gelöscht : user_pref("CT2851647.UserID", "UN33801629824512603");
Zeile gelöscht : user_pref("CT2851647.fullUserID", "UN33801629824512603.IN.20131116173951");
Zeile gelöscht : user_pref("CT2851647.installDate", "16/11/2013 17:39:52");
Zeile gelöscht : user_pref("CT2851647.installSessionId", "-1");
Zeile gelöscht : user_pref("CT2851647.installSp", "FALSE");
Zeile gelöscht : user_pref("CT2851647.installerVersion", "1.7.0.9");
Zeile gelöscht : user_pref("CT2851647.searchRevert", "FALSE");
Zeile gelöscht : user_pref("CT2851647.searchUserMode", "1");
Zeile gelöscht : user_pref("CT2851647.versionFromInstaller", "10.20.0.13");
Zeile gelöscht : user_pref("CT2851647.xpeMode", "0");
Zeile gelöscht : user_pref("smartbar.machineId", "EVUBXPR0W5STPT+/H4KFYI7REFGX/WOA8BZHNAVQDYGOGAYDNS0ZMR6+J5Z3D4/B+FRLDXSGWCEWR67IL06TRW");
*************************
AdwCleaner[R0].txt - [2269 octets] - [13/12/2013 16:52:21]
AdwCleaner[S0].txt - [1999 octets] - [13/12/2013 16:53:01]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2059 octets] ##########
Siehe Anhang. Ich hoffe diese Informationen reichen. Besten Dank für die Unterstützung! Freundliche Grüsse aguy |
|
14.12.2013, 06:41
| #2 |
| /// the machine /// TB-Ausbilder    | Adware.Lollipop.D erkannt bei Download von Chip & Co. hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
14.12.2013, 15:37
| #3 |
| | Adware.Lollipop.D erkannt bei Download von Chip & Co. There you go:
__________________(1/2)FRST.txt siehe Anhang (2/2)Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-12-2013 01
Ran by USERNAME at 2013-12-14 15:31:45
Running from C:\Users\USERNAME\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
==================== Installed Programs ======================
µTorrent (HKCU Version: 3.3.2.30303)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170)
Battlefield 4™ (x32 Version: 1.0.0.1)
Battlelog Web Plugins (x32 Version: 2.3.2)
BioShock Infinite (x32)
Build Tools - amd64 (Version: 12.0.21005)
Build Tools - x86 (x32 Version: 12.0.21005)
Buildtools-Sprachressourcen - amd64 (Version: 12.0.21005)
Buildtools-Sprachressourcen - x86 (x32 Version: 12.0.21005)
CCleaner (Version: 4.07)
Classic Shell (Version: 4.0.2)
Dropbox (HKCU Version: 2.4.7)
Entity Framework Tools for Visual Studio 2013 (x32 Version: 12.0.20912.0)
Erforderliche Komponenten für SSDT (x32 Version: 11.1.3000.0)
ESET NOD32 Antivirus (Version: 7.0.302.26)
ESN Sonar (x32 Version: 0.70.4)
Fences 2 (x32 Version: 2.01)
FLAC 1.2.1b (remove only) (x32 Version: 1.2.1b)
foobar2000 v1.2.9 (x32 Version: 1.2.9)
Foxit Reader (x32 Version: 6.0.4.719)
Fraps (x32)
FreeMind (x32 Version: 1.0.0)
Geeks3D FurMark 1.12.0 (x32)
GIMP 2.8.8 (Version: 2.8.8)
Google Chrome (x32 Version: 31.0.1650.63)
Google Drive (x32 Version: 1.12.5329.1887)
Google Earth (x32 Version: 7.1.2.2041)
Google Update Helper (x32 Version: 1.3.22.3)
Greenshot 1.1.6.2779 (Version: 1.1.6.2779)
IrfanView (remove only) (x32 Version: 4.36)
Java 7 Update 45 (64-bit) (Version: 7.0.450)
Logitech Gaming Software (Version: 8.45.88)
Logitech Gaming Software 8.50 (Version: 8.50.281)
MakeMKV v1.8.6 (x32 Version: v1.8.6)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (x32 Version: 4.5.50710)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (x32 Version: 4.5.50710)
Microsoft .NET Framework 4.5 SDK (x32 Version: 4.5.50710)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (x32 Version: 4.5.50932)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (x32 Version: 4.5.51641)
Microsoft .NET Framework 4.5.1 SDK (x32 Version: 4.5.51641)
Microsoft C++ REST SDK for Visual Studio 2013 (x32 Version: 1.0)
Microsoft Help Viewer 2.1 (x32 Version: 2.1.21005)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (x32 Version: 2.1.21005)
Microsoft NuGet - Visual Studio Express 2013 for Windows Desktop (x32 Version: 2.7.40911.287)
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017)
Microsoft Office 365 Home Premium - de-de (Version: 15.0.4551.1011)
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017)
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017)
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft SkyDrive (HKCU Version: 17.0.2015.0811)
Microsoft SQL Server 2012 Command Line Utilities (Version: 11.1.3000.0)
Microsoft SQL Server 2012 Data-Tier App Framework (x32 Version: 11.1.2902.0)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (Version: 11.1.2902.0)
Microsoft SQL Server 2012 Express LocalDB (Version: 11.1.3000.0)
Microsoft SQL Server 2012 Management Objects (x32 Version: 11.1.3000.0)
Microsoft SQL Server 2012 Management Objects (x64) (Version: 11.1.3000.0)
Microsoft SQL Server 2012 Native Client (Version: 11.1.3000.0)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (Version: 11.1.3000.0)
Microsoft SQL Server 2012 T-SQL-Sprachdienst (x32 Version: 11.1.3000.0)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (Version: 4.0.8876.1)
Microsoft SQL Server Data Tools - DEU (12.0.30919.1) (x32 Version: 12.0.30919.1)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (x32 Version: 12.0.30919.1)
Microsoft Team Foundation Server 2013 Object Model (x64) (Version: 12.0.21005)
Microsoft Team Foundation Server 2013-Objektmodell Sprachpaket (x64) - DEU (Version: 12.0.21005)
Microsoft Visio MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Visio Professional 2013 (Version: 15.0.4420.1017)
Microsoft Visual C++ x64 Libraries (x32 Version: 12.0.21005)
Microsoft Visual C++ x86 Libraries (x32 Version: 12.0.21005)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610)
Microsoft Visual C++ 2013 32bit Compilers - DEU Resources (x32 Version: 12.0.21005)
Microsoft Visual C++ 2013 Core Libraries (x32 Version: 12.0.21005)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005)
Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 (Version: 12.0.21005)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005)
Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 (x32 Version: 12.0.21005)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005)
Microsoft Visual C++ 2013 x86-x64 Compilers (x32 Version: 12.0.21005)
Microsoft Visual Studio 2013 Express Prerequisites x64 - DEU (Version: 12.0.21005)
Microsoft Visual Studio 2013 Shell (Minimum) (x32 Version: 12.0.21005)
Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies (x32 Version: 12.0.21005)
Microsoft Visual Studio 2013 Shell-(Mindest)-Ressourcen (x32 Version: 12.0.21005)
Microsoft Visual Studio 2013 Team Explorer Sprachpaket - DEU (x32 Version: 12.0.21005)
Microsoft Visual Studio 2013-Vorbereitung (x32 Version: 12.0.21005)
Microsoft Visual Studio Express 2013 for Windows Desktop (x32 Version: 12.0.21005)
Microsoft Visual Studio Express 2013 für Windows Desktop - DEU (x32 Version: 12.0.21005)
Microsoft Visual Studio Express 2013 für Windows Desktop - DEU (x32 Version: 12.0.21005.13)
Microsoft Visual Studio Ultimate 2013 XAML UI Designer Core (x32 Version: 12.0.21005)
Microsoft Visual Studio Ultimate 2013 XAML UI Designer deu Resources (x32 Version: 12.0.21005)
Microsoft-System-CLR-Typen für SQL Server 2012 (x32 Version: 11.1.3366.16)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (Version: 11.1.3366.16)
Mirror's Edge™ (x32 Version: 1.0.1.0)
Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1)
Notepad++ (x32 Version: 6.5.1)
NVIDIA Grafiktreiber 331.65 (Version: 331.65)
NVIDIA Install Application (Version: 2.1002.140.952)
NVIDIA PhysX (x32 Version: 9.13.0725)
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725)
NVIDIA Systemsteuerung 331.65 (Version: 331.65)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4551.1011)
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1011)
Office 15 Click-to-Run Localization Component (Version: 15.0.4551.1011)
Origin (x32 Version: 9.3.10.4710)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (x32 Version: 4.5.50932)
Project64 1.6 (x32 Version: 1.6)
PunkBuster Services (x32 Version: 0.993)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6853)
ROCCAT Kone Pure Mouse Driver (x32)
Shelter (x32 Version: 2.0.0.0)
Sonic & All-Stars Racing Transformed (x32)
Stardock Fences 2 (x32 Version: 2.11)
Steam (x32 Version: 1.0.0.0)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005)
Update for (KB2504637) (x32 Version: 1)
VirtualCloneDrive (x32 Version: 5.4.7.0)
VLC media player 2.1.1 (Version: 2.1.1)
Windows Software Development Kit (x32 Version: 8.100.25984)
Windows Software Development Kit DirectX x64 Remote (Version: 8.100.25984)
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.100.25984)
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.100.25984)
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.100.25984)
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.100.25984)
Windows XP Targeting with C++ (x32 Version: 11.0.51106)
==================== Restore Points =========================
21-11-2013 18:41:36 Windows Modules Installer
29-11-2013 05:58:24 Geplanter Prüfpunkt
30-11-2013 17:05:30 DirectX wurde installiert
01-12-2013 23:27:31 DirectX wurde installiert
07-12-2013 14:03:54 DirectX wurde installiert
11-12-2013 19:26:06 Windows Update
13-12-2013 20:11:28 Installed Project64 1.6
==================== Hosts content: ==========================
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {03E80925-9D94-4683-B275-F957AAB46337} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {102A65D2-2B30-4B67-9841-52BE11E33E77} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\System32\MRT.exe [2013-11-07] (Microsoft Corporation)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2FBC84F8-D1D1-4CDF-84C1-D80205FA9188} - System32\Tasks\FRAPS => C:\Fraps\fraps.exe [2013-02-26] (Beepa P/L)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\System32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {4410FE05-B64C-4269-947E-BC8042427AFB} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-11-02] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {584C623B-8DF2-4D6D-9984-82C71A0D568F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {5F71C606-FF27-45F2-BEE1-DD7D5E8AB6B3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\microsoft shared\OFFICE15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => C:\Windows\System32\AppXDeploymentClient.dll [2013-09-30] (Microsoft Corporation)
Task: {96AAE6BB-B345-47B5-81AE-AA1DDE6E78A2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-16] (Google Inc.)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {BC50B7F2-A124-47D3-85F6-19E860BAC4E7} - System32\Tasks\Microsoft Office 15 Sync Maintenance for ANONYM-BOB13-USERNAME anonym-bob13 => C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE [2013-12-13] (Microsoft Corporation)
Task: {BE274BC3-5608-4FD1-8E02-3A7341899834} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2013-12-13] (Microsoft Corporation)
Task: {C01FBA9C-2FE5-445C-A268-11989AAB63D4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-16] (Google Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E5408337-83C1-4D0F-9BEE-819DF5F3A863} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EB807DA2-A4DA-4612-9E63-EB904FBE93AB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-11-14 16:53 - 2013-12-13 21:05 - 00030720 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.01\PEbiosinterface32.dll
2013-11-14 16:53 - 2012-05-07 17:04 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.01\ATKEX.dll
2013-10-24 09:45 - 2013-11-06 22:48 - 00691200 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-10-30 11:25 - 2013-12-11 20:40 - 01135016 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-10-23 12:07 - 2013-11-06 22:48 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-06-14 15:49 - 2013-06-15 00:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2013-06-14 15:49 - 2013-06-15 00:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2013-06-14 15:49 - 2013-06-15 00:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\USERNAME\AppData\Roaming\Dropbox\bin\libcef.dll
2013-11-16 22:01 - 2012-06-23 14:54 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\hiddriver.dll
2013-12-13 21:07 - 2013-12-13 21:07 - 00098816 _____ () C:\Users\USERNAME\AppData\Local\Temp\_MEI44962\win32api.pyd
2013-12-13 21:07 - 2013-12-13 21:07 - 00110080 _____ () C:\Users\USERNAME\AppData\Local\Temp\_MEI44962\pywintypes27.dll
2013-12-13 21:07 - 2013-12-13 21:07 - 00364544 _____ () C:\Users\USERNAME\AppData\Local\Temp\_MEI44962\pythoncom27.dll
2013-12-13 21:07 - 2013-12-13 21:07 - 00044032 _____ () C:\Users\USERNAME\AppData\Local\Temp\_MEI44962\_socket.pyd
2013-12-13 21:07 - 2013-12-13 21:07 - 01153024 _____ () C:\Users\USERNAME\AppData\Local\Temp\_MEI44962\_ssl.pyd
2013-12-13 21:07 - 2013-12-13 21:07 - 00320512 _____ () C:\Users\USERNAME\AppData\Local\Temp\_MEI44962\win32com.shell.shell.pyd
2013-12-13 21:07 - 2013-12-13 21:07 - 00711680 _____ () C:\Users\USERNAME\AppData\Local\Temp\_MEI44962\_hashlib.pyd
2013-12-13 21:07 - 2013-12-13 21:07 - 01175040 _____ () C:\Users\USERNAME\AppData\Local\Temp\_MEI44962\wx._core_.pyd
2013-12-13 21:07 - 2013-12-13 21:07 - 00805888 _____ () C:\Users\USERNAME\AppData\Local\Temp\_MEI44962\wx._gdi_.pyd
2013-12-13 21:07 - 2013-12-13 21:07 - 00811008 _____ () C:\Users\USERNAME\AppData\Local\Temp\_MEI44962\wx._windows_.pyd
2013-12-13 21:07 - 2013-12-13 21:07 - 01062400 _____ () C:\Users\USERNAME\AppData\Local\Temp\_MEI44962\wx._controls_.pyd
2013-12-13 21:07 - 2013-12-13 21:07 - 00735232 _____ () C:\Users\USERNAME\AppData\Local\Temp\_MEI44962\wx._misc_.pyd
2013-12-13 21:07 - 2013-12-13 21:07 - 00128512 _____ () C:\Users\USERNAME\AppData\Local\Temp\_MEI44962\_elementtree.pyd
2013-12-13 21:07 - 2013-12-13 21:07 - 00127488 _____ () C:\Users\USERNAME\AppData\Local\Temp\_MEI44962\pyexpat.pyd
2013-12-13 21:07 - 2013-12-13 21:07 - 00557056 _____ () C:\Users\USERNAME\AppData\Local\Temp\_MEI44962\pysqlite2._sqlite.pyd
2013-12-13 21:07 - 2013-12-13 21:07 - 00087040 _____ () C:\Users\USERNAME\AppData\Local\Temp\_MEI44962\_ctypes.pyd
2013-12-13 21:07 - 2013-12-13 21:07 - 00119808 _____ () C:\Users\USERNAME\AppData\Local\Temp\_MEI44962\win32file.pyd
2013-12-13 21:07 - 2013-12-13 21:07 - 00108544 _____ () C:\Users\USERNAME\AppData\Local\Temp\_MEI44962\win32security.pyd
2013-12-13 21:07 - 2013-12-13 21:07 - 00018432 _____ () C:\Users\USERNAME\AppData\Local\Temp\_MEI44962\win32event.pyd
2013-12-13 21:07 - 2013-12-13 21:07 - 00038912 _____ () C:\Users\USERNAME\AppData\Local\Temp\_MEI44962\win32inet.pyd
2013-12-13 21:07 - 2013-12-13 21:07 - 00122368 _____ () C:\Users\USERNAME\AppData\Local\Temp\_MEI44962\wx._wizard.pyd
2013-12-13 21:07 - 2013-12-13 21:07 - 00686080 _____ () C:\Users\USERNAME\AppData\Local\Temp\_MEI44962\unicodedata.pyd
2013-12-13 21:07 - 2013-12-13 21:07 - 00026624 _____ () C:\Users\USERNAME\AppData\Local\Temp\_MEI44962\_multiprocessing.pyd
2013-12-13 21:07 - 2013-12-13 21:07 - 00070656 _____ () C:\Users\USERNAME\AppData\Local\Temp\_MEI44962\wx._html2.pyd
2013-12-13 21:07 - 2013-12-13 21:07 - 00010240 _____ () C:\Users\USERNAME\AppData\Local\Temp\_MEI44962\select.pyd
2013-12-13 21:07 - 2013-12-13 21:07 - 00025600 _____ () C:\Users\USERNAME\AppData\Local\Temp\_MEI44962\win32pdh.pyd
2013-12-13 21:07 - 2013-12-13 21:07 - 00504832 _____ () C:\Users\USERNAME\AppData\Local\Temp\_MEI44962\windows._cacheinvalidation.pyd
2013-12-13 21:07 - 2013-12-13 21:07 - 00011264 _____ () C:\Users\USERNAME\AppData\Local\Temp\_MEI44962\win32crypt.pyd
2013-12-13 21:07 - 2013-12-13 21:07 - 00035840 _____ () C:\Users\USERNAME\AppData\Local\Temp\_MEI44962\win32process.pyd
2013-12-13 21:07 - 2013-12-13 21:07 - 00017408 _____ () C:\Users\USERNAME\AppData\Local\Temp\_MEI44962\win32profile.pyd
2013-12-13 21:07 - 2013-12-13 21:07 - 00022528 _____ () C:\Users\USERNAME\AppData\Local\Temp\_MEI44962\win32ts.pyd
2013-11-16 13:29 - 2013-11-16 13:29 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\USERNAME\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name: WD SES Device USB Device
Description: WD SES Device USB Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: TUSB3410 Boot Device
Description: TUSB3410 Boot Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/14/2013 01:51:51 AM) (Source: Application Hang) (User: )
Description: Programm uTorrent.exe, Version 3.3.2.30303 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 11dc
Startzeit: 01cef83eeab08910
Endzeit: 24504
Anwendungspfad: C:\Users\USERNAME\AppData\Roaming\uTorrent\uTorrent.exe
Berichts-ID: c587fd7a-6459-11e3-8270-74d02b2b7ea4
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/14/2013 01:51:26 AM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 25.0.1.5064 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 11f0
Startzeit: 01cef83efee044d3
Endzeit: 15
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: c6333045-6459-11e3-8270-74d02b2b7ea4
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/14/2013 01:51:26 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 25.0.1.5064, Zeitstempel: 0x5282f18a
Name des fehlerhaften Moduls: mozalloc.dll, Version: 25.0.1.5064, Zeitstempel: 0x5282c493
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000119c
ID des fehlerhaften Prozesses: 0x1700
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5
Error: (12/13/2013 09:21:04 PM) (Source: Perflib) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (12/13/2013 09:11:29 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (12/11/2013 08:26:07 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (12/08/2013 11:30:41 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: fraps.exe, Version: 3.5.99.15619, Zeitstempel: 0x512c5c3f
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.16408, Zeitstempel: 0x523d45fa
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000e2fd8
ID des fehlerhaften Prozesses: 0xd44
Startzeit der fehlerhaften Anwendung: 0xfraps.exe0
Pfad der fehlerhaften Anwendung: fraps.exe1
Pfad des fehlerhaften Moduls: fraps.exe2
Berichtskennung: fraps.exe3
Vollständiger Name des fehlerhaften Pakets: fraps.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: fraps.exe5
Error: (12/08/2013 00:18:28 PM) (Source: Application Hang) (User: )
Description: Programm javaw.exe, Version 7.0.450.18 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: dac
Startzeit: 01cef4070260f7af
Endzeit: 7
Anwendungspfad: C:\Program Files\Java\jre7\bin\javaw.exe
Berichts-ID: 73c66708-5ffa-11e3-826a-74d02b2b7ea4
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/08/2013 11:19:37 AM) (Source: Perflib) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (12/08/2013 10:31:25 AM) (Source: Application Hang) (User: )
Description: Programm integratedoffice.exe, Version 15.0.4551.1001 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1010
Startzeit: 01cef3f8364b2008
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
Berichts-ID: 80a09907-5feb-11e3-8268-74d02b2b7ea4
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
System errors:
=============
Error: (12/13/2013 09:05:48 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/13/2013 09:05:10 PM) (Source: DCOM) (User: ANONYM-BOB13)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Error: (12/13/2013 09:05:10 PM) (Source: DCOM) (User: ANONYM-BOB13)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Error: (12/13/2013 04:57:19 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/13/2013 04:56:41 PM) (Source: DCOM) (User: ANONYM-BOB13)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Error: (12/13/2013 04:56:41 PM) (Source: DCOM) (User: ANONYM-BOB13)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Error: (12/13/2013 04:54:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (12/13/2013 04:54:48 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (12/13/2013 04:54:05 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/13/2013 04:53:30 PM) (Source: DCOM) (User: ANONYM-BOB13)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Microsoft Office Sessions:
=========================
Error: (12/14/2013 01:51:51 AM) (Source: Application Hang)(User: )
Description: uTorrent.exe3.3.2.3030311dc01cef83eeab0891024504C:\Users\USERNAME\AppData\Roaming\uTorrent\uTorrent.exec587fd7a-6459-11e3-8270-74d02b2b7ea4
Error: (12/14/2013 01:51:26 AM) (Source: Application Hang)(User: )
Description: firefox.exe25.0.1.506411f001cef83efee044d315C:\Program Files (x86)\Mozilla Firefox\firefox.exec6333045-6459-11e3-8270-74d02b2b7ea4
Error: (12/14/2013 01:51:26 AM) (Source: Application Error)(User: )
Description: plugin-container.exe25.0.1.50645282f18amozalloc.dll25.0.1.50645282c493800000030000119c170001cef83f01529ca9C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlldbdd0f53-6459-11e3-8270-74d02b2b7ea4
Error: (12/13/2013 09:21:04 PM) (Source: Perflib)(User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (12/13/2013 09:11:29 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
Error: (12/11/2013 08:26:07 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
Error: (12/08/2013 11:30:41 PM) (Source: Application Error)(User: )
Description: fraps.exe3.5.99.15619512c5c3fntdll.dll6.3.9600.16408523d45fac0000374000e2fd8d4401cef405473c94b7C:\Fraps\fraps.exeC:\WINDOWS\SYSTEM32\ntdll.dll5e40c073-6058-11e3-826a-74d02b2b7ea4
Error: (12/08/2013 00:18:28 PM) (Source: Application Hang)(User: )
Description: javaw.exe7.0.450.18dac01cef4070260f7af7C:\Program Files\Java\jre7\bin\javaw.exe73c66708-5ffa-11e3-826a-74d02b2b7ea4
Error: (12/08/2013 11:19:37 AM) (Source: Perflib)(User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (12/08/2013 10:31:25 AM) (Source: Application Hang)(User: )
Description: integratedoffice.exe15.0.4551.1001101001cef3f8364b20084294967295C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe80a09907-5feb-11e3-8268-74d02b2b7ea4
==================== Memory info ===========================
Percentage of memory in use: 39%
Total physical RAM: 16322.62 MB
Available physical RAM: 9912.24 MB
Total Pagefile: 18754.62 MB
Available Pagefile: 15998.98 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: (8) (Fixed) (Total:238.47 GB) (Free:168.16 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (fast) (Fixed) (Total:465.76 GB) (Free:244.91 GB) NTFS
Drive e: (slow) (Fixed) (Total:3726.03 GB) (Free:1677.38 GB) NTFS
Drive g: (bob 3.0) (Fixed) (Total:2794.49 GB) (Free:2762.36 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: 5775C0CD)
Partition 1: (Active) - (Size=238 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 023E0D06)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 02D3949D)
Partition 1: (Not Active) - (Size=-198625402368) - (Type=42)
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 02D3949C)
Partition 1: (Not Active) - (Size=-198625402368) - (Type=42)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 4.
==================== End Of Log ============================
|
|
15.12.2013, 07:32
| #4 |
| /// the machine /// TB-Ausbilder | Adware.Lollipop.D erkannt bei Download von Chip & Co. Hi, Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
15.12.2013, 14:52
| #5 |
| | Adware.Lollipop.D erkannt bei Download von Chip & Co. Hallo, Ist mir vollkommen bewusst, doch die max. Anzahl Zeichen wurde erreicht, somit musste ich es als Anhang posten. Nun aber, wie gewünscht aufgeteilt: Teil 1/2 Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-12-2013 01
Ran by USERNAME (administrator) on ANONYM-BOB13 on 14-12-2013 15:30:58
Running from C:\Users\USERNAME\Desktop
Windows 8.1 Pro (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Beepa P/L) C:\Fraps\fraps.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OFFICE15\CSISYNCCLIENT.EXE
(Beepa P/L) C:\Fraps\fraps64.dat
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Dropbox, Inc.) C:\Users\USERNAME\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(BitTorrent Inc.) C:\Users\USERNAME\AppData\Roaming\uTorrent\uTorrent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7156296 2013-03-05] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5618456 2013-09-12] (ESET)
HKLM\...\Run: [Greenshot] - C:\Program Files\Greenshot\Greenshot.exe [495616 2013-10-27] (Greenshot)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM\...\Run: [Fences] - C:\Program Files (x86)\Stardock\Fences\Fences.exe [4013744 2013-07-11] (Stardock Corporation)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)
HKCU\...\Run: [uTorrent] - C:\Users\USERNAME\AppData\Roaming\uTorrent\uTorrent.exe [1142864 2013-11-16] (BitTorrent Inc.)
HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20133824 2013-09-25] (Google)
MountPoints2: {79334044-5d9f-11e3-8267-74d02b2b7ea4} - "F:\SETUP.EXE"
HKLM-x32\...\Run: [RoccatKonePure] - C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.exe [561152 2013-06-10] (ROCCAT GmbH)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
Startup: C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\USERNAME\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fences.lnk
ShortcutTarget: Fences.lnk -> C:\Program Files (x86)\Stardock\Fences\Fences.exe (Stardock Corporation)
Startup: C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe (No File)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5C20E76453E1CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,de-CH;q=0.8,de;q=0.6,fr-CH;q=0.4,fr;q=0.2
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: LastPass - C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\Extensions\support@lastpass.com
FF Extension: jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E - C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\Extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi
FF Extension: jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI - C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi
FF Extension: jid1-qQSMEVsYTOjgYA - C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\Extensions\jid1-qQSMEVsYTOjgYA@jetpack.xpi
FF Extension: omnibar - C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\Extensions\omnibar@ajitk.com.xpi
FF Extension: s3google - C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\Extensions\s3google@translator.xpi
FF Extension: aios - C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi
FF Extension: noscript - C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\Extensions\{ab4b5718-3998-4a2c-91ae-18a7c2db513e}.xpi
FF Extension: Adblock Plus - C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
Chrome:
=======
CHR DefaultSearchKeyword: google.ch
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding}
CHR Extension: (Google Docs) - C:\Users\USERNAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\USERNAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\USERNAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\USERNAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\USERNAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\USERNAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
==================== Services (Whitelisted) =================
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe [927232 2012-10-29] ()
R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [103424 2013-02-14] (Creative Technology Ltd)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1337752 2013-09-12] (ESET)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-11-02] (Microsoft Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWow64\PnkBstrA.exe [76888 2013-11-14] ()
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2012-05-07] ()
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 cthda; C:\Windows\system32\drivers\cthda.sys [1044760 2013-02-14] (Creative Technology Ltd)
R3 cthdb; C:\Windows\system32\DRIVERS\cthdb.sys [28440 2013-02-14] (Creative Technology Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-14] (Microsoft Corporation)
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-09-30] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-07-26] (Intel Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146272 2013-08-22] (Microsoft Corporation)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [204568 2013-08-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2013-08-22] (Microsoft Corporation)
S4 nvpciflt; \SystemRoot\system32\DRIVERS\nvpciflt.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-14 15:30 - 2013-12-14 15:30 - 00017197 _____ C:\Users\USERNAME\Desktop\FRST.txt
2013-12-14 15:30 - 2013-12-14 15:30 - 00000000 ____D C:\FRST
2013-12-13 21:11 - 2013-12-13 21:13 - 00000000 ____D C:\Program Files (x86)\Project64 1.6
2013-12-13 21:11 - 2013-12-13 21:11 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6
2013-12-13 20:40 - 2013-12-13 21:07 - 00002196 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-13 17:13 - 2013-12-13 17:13 - 00377856 _____ C:\Users\USERNAME\Desktop\gmer_2.1.19163.exe
2013-12-13 17:13 - 2013-12-13 17:13 - 00050477 _____ C:\Users\USERNAME\Desktop\Defogger.exe
2013-12-13 17:13 - 2013-12-13 17:12 - 01927462 _____ (Farbar) C:\Users\USERNAME\Desktop\FRST64.exe
2013-12-13 17:09 - 2013-12-13 17:09 - 00000269 _____ C:\Users\USERNAME\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten - Trojaner-Board.URL
2013-12-13 16:58 - 2013-12-13 16:58 - 00000644 _____ C:\Users\USERNAME\Desktop\JRT.txt
2013-12-13 16:55 - 2013-12-13 16:55 - 00000000 ____D C:\WINDOWS\ERUNT
2013-12-13 16:52 - 2013-12-13 16:53 - 00000000 ____D C:\AdwCleaner
2013-12-13 16:51 - 2013-12-13 16:51 - 00891200 _____ C:\Users\USERNAME\Desktop\SecurityCheck.exe
2013-12-13 16:49 - 2013-12-13 16:49 - 01034531 _____ (Thisisu) C:\Users\USERNAME\Desktop\JRT.exe
2013-12-13 16:47 - 2013-12-13 16:47 - 01226802 _____ C:\Users\USERNAME\Desktop\adwcleaner.exe
2013-12-11 02:23 - 2013-10-19 09:53 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2013-12-11 02:23 - 2013-10-19 08:14 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2013-12-11 02:23 - 2013-10-15 09:54 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2013-12-11 02:23 - 2013-10-15 09:03 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2013-12-11 02:22 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-12-11 02:22 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-12-11 02:22 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-12-11 02:22 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-12-11 02:22 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-12-11 02:22 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-12-11 02:22 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-12-11 02:22 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-12-11 02:22 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-12-11 02:22 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-12-11 02:22 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-12-11 02:22 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-12-11 02:22 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-12-11 02:22 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2013-12-11 02:22 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2013-12-11 02:22 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-12-11 02:22 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-12-11 02:21 - 2013-11-08 08:21 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-12-08 15:20 - 2013-12-08 21:23 - 00000000 ____D C:\Users\USERNAME\.freemind
2013-12-08 15:20 - 2013-12-08 15:20 - 00001132 _____ C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\FreeMind.lnk
2013-12-08 15:20 - 2013-12-08 15:20 - 00001108 _____ C:\Users\USERNAME\Desktop\FreeMind.lnk
2013-12-08 15:20 - 2013-12-08 15:20 - 00000000 ____D C:\Program Files (x86)\FreeMind
2013-12-08 14:36 - 2013-12-08 14:36 - 00002233 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-08 12:23 - 2013-12-08 12:23 - 62093799 _____ C:\Users\USERNAME\Desktop\Sphax PureBDcraft 256x MC17.zip
2013-12-08 12:15 - 2013-12-08 12:15 - 00000043 _____ C:\Users\USERNAME\Desktop\Minecraft.bat
2013-12-08 10:52 - 2013-12-08 10:53 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-08 10:52 - 2013-12-08 10:52 - 00000000 ____D C:\WINDOWS\PCHEALTH
2013-12-08 10:52 - 2013-12-08 10:52 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Microsoft Help
2013-12-08 10:52 - 2013-12-08 10:52 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2013-12-08 10:52 - 2013-12-08 10:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-12-08 10:52 - 2013-12-08 10:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-12-08 10:50 - 2013-12-08 10:50 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2013-12-08 10:43 - 2013-12-08 10:52 - 00000000 ____D C:\Program Files\Microsoft Office
2013-12-08 10:38 - 2013-12-13 16:27 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-12-08 10:31 - 2013-12-08 10:35 - 00000000 ____D C:\Program Files\office.tmp
2013-12-07 14:27 - 2013-12-07 14:27 - 00000222 _____ C:\Users\USERNAME\Desktop\Sonic & All-Stars Racing Transformed.url
2013-12-07 11:55 - 2013-12-07 11:38 - 604772257 _____ C:\Users\USERNAME\Desktop\Minecraft.zip
2013-12-07 11:33 - 2013-12-08 12:22 - 115988950 _____ C:\Users\USERNAME\Desktop\Sphax PureBDcraft 512x MC17.zip
2013-12-05 17:45 - 2013-12-05 17:45 - 00000690 _____ C:\Users\USERNAME\Desktop\Shelter.lnk
2013-12-05 17:45 - 2013-12-05 17:45 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Might and Delight
2013-12-05 17:44 - 2013-12-05 17:44 - 00001271 _____ C:\Users\Public\Desktop\Virtual CloneDrive.lnk
2013-12-05 17:44 - 2013-12-05 17:44 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2013-12-05 17:44 - 2013-12-05 17:15 - 639774576 _____ C:\Users\USERNAME\Desktop\wmt-shelter.bin
2013-12-05 17:44 - 2013-12-05 17:13 - 00000077 _____ C:\Users\USERNAME\Desktop\wmt-shelter.cue
2013-12-05 17:09 - 2013-12-05 17:09 - 00005112 _____ C:\Users\USERNAME\Desktop\shelter-walmart.nfo
2013-12-05 01:08 - 2013-12-05 01:08 - 00233984 _____ C:\Users\USERNAME\Desktop\VGABIOS.rom
2013-12-05 01:08 - 2013-07-03 06:34 - 00015648 _____ C:\WINDOWS\system32\Drivers\nvflash.sys
2013-12-05 01:02 - 2013-12-05 01:02 - 00000000 ____D C:\Users\USERNAME\Desktop\Setup32_ThunderMaster_NV_1_9h
2013-12-05 00:13 - 2013-12-05 00:13 - 00000283 _____ C:\Users\USERNAME\Desktop\[BF4] I have multiple fixes that make the game 90% improved, no more DX error's. Battlefield.URL
2013-12-01 22:05 - 2013-12-01 22:05 - 00002512 _____ C:\Users\USERNAME\Desktop\Word 2013.lnk
2013-11-22 13:22 - 2013-12-07 15:04 - 00257314 _____ C:\WINDOWS\DirectX.log
2013-11-22 13:18 - 2013-11-22 13:19 - 00002192 _____ C:\WINDOWS\setupact.log
2013-11-22 13:18 - 2013-11-22 13:18 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-11-22 13:17 - 2013-12-13 21:05 - 00002516 _____ C:\WINDOWS\PFRO.log
2013-11-21 22:33 - 2013-12-14 14:54 - 01091320 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-21 18:06 - 2013-12-13 01:19 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\vlc
2013-11-21 18:06 - 2013-11-21 18:06 - 00000888 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-11-21 18:06 - 2013-11-21 18:06 - 00000000 ____D C:\Program Files\VideoLAN
2013-11-20 21:22 - 2013-11-20 21:22 - 00001907 _____ C:\Users\Public\Desktop\IrfanView Thumbnails.lnk
2013-11-20 21:22 - 2013-11-20 21:22 - 00001015 _____ C:\Users\Public\Desktop\IrfanView.lnk
2013-11-20 21:22 - 2013-11-20 21:22 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\IrfanView
2013-11-20 21:22 - 2013-11-20 21:22 - 00000000 ____D C:\Program Files (x86)\IrfanView
2013-11-20 20:06 - 2013-11-25 21:40 - 00000000 ____D C:\Users\USERNAME\.MakeMKV
2013-11-17 15:14 - 2013-11-17 15:14 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Stardock_Corporation
2013-11-17 15:13 - 2013-11-17 15:31 - 00000000 ____D C:\Program Files (x86)\Stardock
2013-11-17 15:13 - 2013-11-17 15:13 - 00002047 _____ C:\Users\USERNAME\Desktop\Customize Fences.lnk
2013-11-17 15:08 - 2013-11-17 15:08 - 00000966 _____ C:\Users\USERNAME\Desktop\eclipse.lnk
2013-11-17 15:07 - 2013-11-17 15:07 - 00000000 ____D C:\Program Files\eclipse
2013-11-17 15:05 - 2013-11-17 15:15 - 00000000 ____D C:\Users\USERNAME\.gimp-2.8
2013-11-17 15:05 - 2013-11-17 15:05 - 00000000 ____D C:\Users\USERNAME\AppData\Local\gegl-0.2
2013-11-17 14:57 - 2013-11-17 14:57 - 00000000 ____D C:\Program Files (x86)\FLAC
2013-11-17 14:29 - 2013-11-17 14:29 - 00000000 ____D C:\Program Files (x86)\Geeks3D
2013-11-17 13:59 - 2013-11-17 14:00 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Foxit Software
2013-11-17 13:59 - 2013-11-17 13:59 - 00002071 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2013-11-17 13:59 - 2013-11-17 13:59 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2013-11-17 13:59 - 2013-06-09 21:59 - 00216064 _____ C:\WINDOWS\SysWOW64\gcapi_dll.dll
2013-11-17 12:23 - 2013-11-17 12:23 - 00000000 ____D C:\ProgramData\ROCCAT
2013-11-16 22:25 - 2013-11-16 22:25 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Logitech
2013-11-16 22:25 - 2013-11-16 22:25 - 00000000 ____D C:\ProgramData\LogiShrd
2013-11-16 22:25 - 2013-11-16 22:25 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2013-11-16 22:24 - 2013-11-16 22:24 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Logitech
2013-11-16 22:24 - 2013-11-16 22:24 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Logishrd
2013-11-16 22:01 - 2013-11-16 22:01 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-16 22:01 - 2013-11-16 22:01 - 00000000 ____D C:\Program Files (x86)\ROCCAT
2013-11-16 21:10 - 2013-11-16 21:10 - 00000220 _____ C:\Users\USERNAME\Desktop\BioShock Infinite.url
2013-11-16 21:00 - 2013-12-13 21:07 - 00003148 _____ C:\WINDOWS\System32\Tasks\FRAPS
2013-11-16 21:00 - 2013-11-16 21:00 - 00000571 _____ C:\Users\Public\Desktop\Fraps.lnk
2013-11-16 21:00 - 2013-11-16 21:00 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Greenshot
2013-11-16 21:00 - 2013-11-16 21:00 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Greenshot
2013-11-16 21:00 - 2013-11-16 21:00 - 00000000 ____D C:\Program Files\Greenshot
2013-11-16 20:58 - 2013-11-16 20:58 - 00000897 _____ C:\Users\Public\Desktop\GIMP 2.lnk
2013-11-16 20:58 - 2013-11-16 20:58 - 00000000 ____D C:\Program Files\GIMP 2
2013-11-16 20:52 - 2013-11-16 20:52 - 00002774 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2013-11-16 20:52 - 2013-11-16 20:52 - 00000835 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-11-16 20:52 - 2013-11-16 20:52 - 00000000 ____D C:\Program Files\CCleaner
2013-11-16 20:39 - 2013-11-17 15:29 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Stardock
2013-11-16 20:39 - 2013-11-16 20:39 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Stardock
2013-11-16 20:39 - 2013-11-16 20:39 - 00000000 ____D C:\ProgramData\Stardock
2013-11-16 20:37 - 2013-12-07 14:27 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-11-16 20:17 - 2013-11-16 20:17 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\NVIDIA
2013-11-16 20:15 - 2013-11-16 20:15 - 00000000 ____D C:\Users\USERNAME\AppData\Local\ESET
2013-11-16 20:12 - 2013-12-12 20:07 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\.minecraft
2013-11-16 20:12 - 2013-11-16 20:12 - 00675988 _____ C:\Users\USERNAME\Desktop\Minecraft.exe
2013-11-16 20:08 - 2013-12-14 01:52 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\ClassicShell
2013-11-16 20:03 - 2013-12-01 14:21 - 00000000 ____D C:\ProgramData\ClassicShell
2013-11-16 20:02 - 2013-12-13 21:07 - 00000000 ___RD C:\Users\USERNAME\Dropbox
2013-11-16 20:02 - 2013-11-16 20:02 - 00001053 _____ C:\Users\USERNAME\Desktop\Dropbox.lnk
2013-11-16 19:50 - 2013-11-16 19:50 - 00000000 ____D C:\ProgramData\Oracle
2013-11-16 19:50 - 2013-11-16 19:49 - 00312744 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-11-16 19:49 - 2013-11-16 19:49 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-11-16 19:49 - 2013-11-16 19:49 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-11-16 19:49 - 2013-11-16 19:49 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2013-11-16 19:49 - 2013-11-16 19:49 - 00000000 ____D C:\Program Files\Java
2013-11-16 19:47 - 2013-11-16 19:47 - 00000000 ____D C:\Program Files\Classic Shell
2013-11-16 19:47 - 2013-11-16 19:47 - 00000000 ____D C:\Program Files\7-Zip
2013-11-16 19:46 - 2013-11-16 19:46 - 00001008 _____ C:\Users\USERNAME\Desktop\MakeMKV.lnk
2013-11-16 19:46 - 2013-11-16 19:46 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MakeMKV
2013-11-16 19:46 - 2013-11-16 19:46 - 00000000 ____D C:\Program Files (x86)\MakeMKV
2013-11-16 19:45 - 2013-11-16 19:45 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Notepad++
2013-11-16 19:45 - 2013-11-16 19:45 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2013-11-16 19:45 - 2013-11-16 19:45 - 00000000 ____D C:\Program Files (x86)\Notepad++
2013-11-16 19:37 - 2013-11-16 19:37 - 00002061 _____ C:\Users\Public\Desktop\Google Slides.lnk
2013-11-16 19:37 - 2013-11-16 19:37 - 00002057 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2013-11-16 19:37 - 2013-11-16 19:37 - 00002045 _____ C:\Users\Public\Desktop\Google Docs.lnk
2013-11-16 19:37 - 2013-11-16 19:37 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-11-16 19:36 - 2013-12-14 14:47 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-16 19:36 - 2013-12-13 22:16 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Dropbox
2013-11-16 19:36 - 2013-12-13 21:07 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-16 19:36 - 2013-12-13 20:40 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Google
2013-11-16 19:36 - 2013-12-13 20:40 - 00000000 ____D C:\Program Files (x86)\Google
2013-11-16 19:36 - 2013-12-04 18:42 - 00004108 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2013-11-16 19:36 - 2013-12-04 18:42 - 00003872 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2013-11-16 19:33 - 2013-11-16 19:33 - 00000000 ____D C:\ProgramData\ESET
2013-11-16 19:33 - 2013-11-16 19:33 - 00000000 ____D C:\Program Files\ESET
2013-11-16 18:57 - 2013-12-13 21:17 - 00005156 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for ANONYM-BOB13-USERNAME anonym-bob13
2013-11-16 18:57 - 2013-11-16 18:57 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive
2013-11-16 18:56 - 2013-11-16 18:56 - 00000000 ____D C:\WINDOWS\SysWOW64\Visual Studio 2013
2013-11-16 18:56 - 2013-11-16 18:56 - 00000000 ____D C:\ProgramData\NuGet
2013-11-16 18:56 - 2013-11-16 18:56 - 00000000 ____D C:\Program Files (x86)\NuGet
2013-11-16 18:50 - 2013-11-16 18:50 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf
2013-11-16 18:49 - 2013-11-16 18:50 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2013-11-16 18:48 - 2013-11-16 18:56 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2013-11-16 18:48 - 2013-11-16 18:56 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2013-11-16 18:48 - 2013-11-16 18:54 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2013-11-16 18:48 - 2013-11-16 18:48 - 00000000 ____D C:\WINDOWS\SysWOW64\1033
2013-11-16 18:48 - 2013-11-16 18:48 - 00000000 ____D C:\WINDOWS\SysWOW64\1031
2013-11-16 18:48 - 2013-11-16 18:48 - 00000000 ____D C:\WINDOWS\system32\1033
2013-11-16 18:48 - 2013-11-16 18:48 - 00000000 ____D C:\WINDOWS\system32\1031
2013-11-16 18:48 - 2013-11-16 18:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2013-11-16 18:47 - 2013-11-16 18:55 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2013-11-16 18:47 - 2013-11-16 18:47 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2013-11-16 18:47 - 2013-11-16 18:47 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-11-16 17:49 - 2013-11-16 17:49 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-11-16 17:49 - 2013-11-16 17:49 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-16 17:49 - 2013-11-16 17:49 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-11-16 17:49 - 2013-10-23 11:30 - 00061216 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2013-11-16 17:49 - 2013-10-23 11:30 - 00053024 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2013-11-16 17:49 - 2013-10-23 09:20 - 06669600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2013-11-16 17:49 - 2013-10-23 09:20 - 03489568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2013-11-16 17:49 - 2013-10-23 09:20 - 03426956 _____ C:\WINDOWS\system32\nvcoproc.bin
2013-11-16 17:49 - 2013-10-23 09:20 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2013-11-16 17:49 - 2013-10-23 09:20 - 00922912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2013-11-16 17:49 - 2013-10-23 09:20 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2013-11-16 17:49 - 2013-10-23 09:20 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2013-11-16 17:47 - 2013-12-14 14:37 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-11-16 17:47 - 2013-12-10 19:37 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-11-16 17:47 - 2013-11-16 17:47 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Macromedia
2013-11-16 17:47 - 2013-10-23 11:30 - 30344480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2013-11-16 17:47 - 2013-10-23 11:30 - 25257248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2013-11-16 17:47 - 2013-10-23 11:30 - 22933792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2013-11-16 17:47 - 2013-10-23 11:30 - 18286416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2013-11-16 17:47 - 2013-10-23 11:30 - 18199872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2013-11-16 17:47 - 2013-10-23 11:30 - 17560352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2013-11-16 17:47 - 2013-10-23 11:30 - 15855568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2013-11-16 17:47 - 2013-10-23 11:30 - 15212336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2013-11-16 17:47 - 2013-10-23 11:30 - 12572960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2013-11-16 17:47 - 2013-10-23 11:30 - 11426568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2013-11-16 17:47 - 2013-10-23 11:30 - 11374520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2013-11-16 17:47 - 2013-10-23 11:30 - 09524088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2013-11-16 17:47 - 2013-10-23 11:30 - 09480328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2013-11-16 17:47 - 2013-10-23 11:30 - 03131680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2013-11-16 17:47 - 2013-10-23 11:30 - 03124512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2013-11-16 17:47 - 2013-10-23 11:30 - 03067560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2013-11-16 17:47 - 2013-10-23 11:30 - 02946848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2013-11-16 17:47 - 2013-10-23 11:30 - 02747168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2013-11-16 17:47 - 2013-10-23 11:30 - 02695200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2013-11-16 17:47 - 2013-10-23 11:30 - 01884448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433165.dll
2013-11-16 17:47 - 2013-10-23 11:30 - 01511712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433165.dll
2013-11-16 17:47 - 2013-10-23 11:30 - 01435504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2013-11-16 17:47 - 2013-10-23 11:30 - 01241376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2013-11-16 17:47 - 2013-10-23 11:30 - 00696096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2013-11-16 17:47 - 2013-10-23 11:30 - 00655136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2013-11-16 17:47 - 2013-10-23 11:30 - 00599840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2013-11-16 17:47 - 2013-10-23 11:30 - 00560416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2013-11-16 17:47 - 2013-10-23 11:30 - 00479520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2013-11-16 17:47 - 2013-10-23 11:30 - 00405280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2013-11-16 17:47 - 2013-10-23 11:30 - 00317472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2013-11-16 17:47 - 2013-10-23 11:30 - 00266984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2013-11-16 17:47 - 2013-10-23 11:30 - 00168616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2013-11-16 17:47 - 2013-10-23 11:30 - 00141336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2013-11-16 17:47 - 2013-10-23 11:30 - 00023287 _____ C:\WINDOWS\system32\nvinfo.pb
2013-11-16 17:41 - 2013-11-16 17:46 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Adobe
2013-11-16 17:39 - 2013-11-16 17:39 - 00000861 _____ C:\Users\USERNAME\Desktop\µTorrent.lnk
2013-11-16 17:39 - 2013-11-16 17:39 - 00000841 _____ C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2013-11-16 17:38 - 2013-12-14 15:30 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\uTorrent
2013-11-16 16:53 - 2013-12-13 01:36 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\foobar2000
2013-11-16 16:53 - 2013-11-16 16:53 - 00001048 _____ C:\Users\Public\Desktop\foobar2000.lnk
2013-11-16 16:53 - 2013-11-16 16:53 - 00000000 ____D C:\Program Files (x86)\foobar2000
2013-11-16 13:29 - 2013-11-16 17:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-16 13:13 - 2013-11-16 13:13 - 00000000 ___RD C:\WINDOWS\BrowserChoice
2013-11-16 13:13 - 2013-11-16 13:13 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-11-16 13:13 - 2013-11-07 16:00 - 82896128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-11-16 12:57 - 2013-11-16 12:57 - 00000000 __RHD C:\Users\USERNAME\AppData\Roaming\SecuROM
2013-11-16 12:45 - 2013-05-02 16:29 - 00278800 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2013-11-14 17:53 - 2013-11-16 20:52 - 00000000 ___DC C:\WINDOWS\Panther
2013-11-14 17:53 - 2013-11-16 12:38 - 00000000 ____D C:\Windows.old
2013-11-14 17:52 - 2013-11-14 17:52 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 18577408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 13176320 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 11674112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-11-14 17:52 - 2013-11-14 17:52 - 06639616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 05769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 04599808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 04104704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 03934208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 03532288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 02801664 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 02551640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2013-11-14 17:52 - 2013-11-14 17:52 - 02328872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2013-11-14 17:52 - 2013-11-14 17:52 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 02134120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 02065448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2013-11-14 17:52 - 2013-11-14 17:52 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01799944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01704448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-11-14 17:52 - 2013-11-14 17:52 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01362944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01341288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01286552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01147904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01067080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01019392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01018960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01011712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00977408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00883184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00872840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00708616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00700928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2013-11-14 17:52 - 2013-11-14 17:52 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00578952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00523096 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2013-11-14 17:52 - 2013-11-14 17:52 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2013-11-14 17:52 - 2013-11-14 17:52 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00481392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00465960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2013-11-14 17:52 - 2013-11-14 17:52 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00391512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00385528 _____ C:\WINDOWS\system32\ApnDatabase.xml
2013-11-14 17:52 - 2013-11-14 17:52 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-11-14 17:52 - 2013-11-14 17:52 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00380656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00371032 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-11-14 17:52 - 2013-11-14 17:52 - 00345552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2013-11-14 17:52 - 2013-11-14 17:52 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-11-14 17:52 - 2013-11-14 17:52 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00317616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00270848 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2013-11-14 17:52 - 2013-11-14 17:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00258904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2013-11-14 17:52 - 2013-11-14 17:52 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00235960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\miutils.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\miutils.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00171864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_8086.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msched.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2013-11-14 17:52 - 2013-11-14 17:52 - 00104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00096088 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedapplauncher.exe
2013-11-14 17:52 - 2013-11-14 17:52 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00088272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2013-11-14 17:52 - 2013-11-14 17:52 - 00057176 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2013-11-14 17:52 - 2013-11-14 17:52 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2013-11-14 17:52 - 2013-11-14 17:52 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ftp.exe
2013-11-14 17:52 - 2013-11-14 17:52 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ftp.exe
2013-11-14 17:52 - 2013-11-14 17:52 - 00044936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2013-11-14 17:52 - 2013-11-14 17:52 - 00031064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2013-11-14 17:51 - 2013-11-14 17:51 - 01943536 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2013-11-14 17:51 - 2013-11-14 17:51 - 01581968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2013-11-14 17:51 - 2013-11-14 17:51 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2013-11-14 17:51 - 2013-11-14 17:51 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2013-11-14 17:51 - 2013-11-14 17:51 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2013-11-14 17:51 - 2013-11-14 17:51 - 00136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2013-11-14 17:50 - 2013-11-16 18:48 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-11-14 17:50 - 2013-11-14 17:50 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2013-11-14 17:50 - 2013-11-14 17:50 - 00377856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2013-11-14 17:50 - 2013-11-14 17:50 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2013-11-14 17:50 - 2013-11-14 17:50 - 00155480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2013-11-14 17:50 - 2013-11-14 17:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2013-11-14 17:50 - 2013-11-14 17:50 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2013-11-14 17:50 - 2013-11-14 17:50 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2013-11-14 17:50 - 2013-11-14 17:50 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2013-11-14 17:50 - 2013-11-14 17:50 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2013-11-14 17:50 - 2013-11-14 17:50 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2013-11-14 17:50 - 2013-11-14 17:50 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2013-11-14 17:50 - 2013-11-14 17:50 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2013-11-14 17:50 - 2013-11-14 17:50 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2013-11-14 17:50 - 2013-11-14 17:50 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2013-11-14 17:50 - 2013-11-14 17:50 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2013-11-14 17:50 - 2013-11-14 17:50 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2013-11-14 17:50 - 2013-11-14 17:50 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-11-14 17:50 - 2013-11-14 17:50 - 00000000 ____D C:\Program Files\MSBuild
2013-11-14 17:50 - 2013-11-14 17:50 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-11-14 17:50 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2013-11-14 17:50 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2013-11-14 17:50 - 2013-08-03 05:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2013-11-14 17:50 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2013-11-14 17:50 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-11-14 17:50 - 2013-08-03 05:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2013-11-14 17:47 - 2013-11-14 17:47 - 00008192 __RSH C:\BOOTSECT.BAK
2013-11-14 17:33 - 2013-11-14 17:33 - 00000000 ____D C:\Users\USERNAME\AppData\Local\PunkBuster
2013-11-14 17:28 - 2013-12-09 00:04 - 00214392 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2013-11-14 17:28 - 2013-12-05 17:36 - 00214392 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2013-11-14 17:28 - 2013-11-30 16:22 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-11-14 17:28 - 2013-11-14 17:28 - 00076888 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2013-11-14 17:28 - 2013-11-14 17:28 - 00000710 _____ C:\Users\Public\Desktop\Battlefield 4(64 bit).lnk
2013-11-14 17:28 - 2013-11-14 17:28 - 00000000 ____D C:\Users\USERNAME\AppData\Local\ESN
2013-11-14 17:27 - 2013-12-13 21:07 - 00000000 ____D C:\Program Files (x86)\Steam
2013-11-14 17:27 - 2013-11-16 18:56 - 00000000 ____D C:\ProgramData\Package Cache
2013-11-14 17:27 - 2013-11-14 17:27 - 00000930 _____ C:\Users\Public\Desktop\Steam.lnk
2013-11-14 17:27 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2013-11-14 17:27 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2013-11-14 17:27 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2013-11-14 17:27 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2013-11-14 17:27 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2013-11-14 17:27 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2013-11-14 17:27 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2013-11-14 17:27 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2013-11-14 17:27 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2013-11-14 17:27 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2013-11-14 17:27 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2013-11-14 17:27 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2013-11-14 17:27 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2013-11-14 17:27 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2013-11-14 17:27 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2013-11-14 17:27 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2013-11-14 17:27 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2013-11-14 17:27 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2013-11-14 17:27 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2013-11-14 17:27 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2013-11-14 17:27 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2013-11-14 17:27 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2013-11-14 17:27 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2013-11-14 17:27 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2013-11-14 17:27 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2013-11-14 17:27 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2013-11-14 17:27 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2013-11-14 17:27 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2013-11-14 17:27 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2013-11-14 17:27 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2013-11-14 17:27 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2013-11-14 17:27 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2013-11-14 17:27 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2013-11-14 17:27 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2013-11-14 17:27 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2013-11-14 17:27 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2013-11-14 17:27 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2013-11-14 17:27 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2013-11-14 17:27 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2013-11-14 17:27 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2013-11-14 17:27 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2013-11-14 17:27 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2013-11-14 17:27 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2013-11-14 17:27 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2013-11-14 17:27 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2013-11-14 17:27 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2013-11-14 17:27 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2013-11-14 17:27 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2013-11-14 17:27 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2013-11-14 17:27 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2013-11-14 17:27 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2013-11-14 17:27 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2013-11-14 17:27 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2013-11-14 17:27 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2013-11-14 17:27 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2013-11-14 17:27 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2013-11-14 17:27 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2013-11-14 17:27 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2013-11-14 17:27 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2013-11-14 17:27 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2013-11-14 17:27 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2013-11-14 17:27 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2013-11-14 17:27 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2013-11-14 17:27 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2013-11-14 17:27 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2013-11-14 17:27 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2013-11-14 17:27 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2013-11-14 17:27 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2013-11-14 17:27 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2013-11-14 17:27 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2013-11-14 17:27 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2013-11-14 17:27 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2013-11-14 17:27 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2013-11-14 17:27 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2013-11-14 17:27 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2013-11-14 17:27 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2013-11-14 17:27 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2013-11-14 17:27 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2013-11-14 17:27 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2013-11-14 17:27 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2013-11-14 17:27 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2013-11-14 17:27 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2013-11-14 17:27 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2013-11-14 17:27 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2013-11-14 17:27 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2013-11-14 17:27 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2013-11-14 17:27 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2013-11-14 17:27 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2013-11-14 17:27 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2013-11-14 17:27 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2013-11-14 17:27 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2013-11-14 17:27 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2013-11-14 17:27 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2013-11-14 17:27 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2013-11-14 17:27 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2013-11-14 17:27 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2013-11-14 17:27 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2013-11-14 17:27 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2013-11-14 17:27 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2013-11-14 17:27 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2013-11-14 17:27 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2013-11-14 17:27 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2013-11-14 17:27 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2013-11-14 17:27 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2013-11-14 17:27 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2013-11-14 17:27 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2013-11-14 17:27 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2013-11-14 17:27 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2013-11-14 17:27 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2013-11-14 17:27 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2013-11-14 17:27 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2013-11-14 17:27 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2013-11-14 17:27 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2013-11-14 17:27 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2013-11-14 17:27 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2013-11-14 17:27 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2013-11-14 17:27 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2013-11-14 17:27 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2013-11-14 17:27 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2013-11-14 17:27 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2013-11-14 17:27 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2013-11-14 17:27 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2013-11-14 17:27 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2013-11-14 17:27 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2013-11-14 17:27 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2013-11-14 17:27 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2013-11-14 17:27 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2013-11-14 17:27 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2013-11-14 17:27 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2013-11-14 17:27 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2013-11-14 17:27 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2013-11-14 17:27 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2013-11-14 17:27 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2013-11-14 17:27 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2013-11-14 17:27 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2013-11-14 17:27 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2013-11-14 17:27 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2013-11-14 17:27 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2013-11-14 17:27 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2013-11-14 17:27 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2013-11-14 17:27 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2013-11-14 17:27 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2013-11-14 17:27 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2013-11-14 17:27 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2013-11-14 17:27 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2013-11-14 17:27 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2013-11-14 17:27 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2013-11-14 17:27 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2013-11-14 17:27 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2013-11-14 17:27 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2013-11-14 17:27 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2013-11-14 17:27 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2013-11-14 17:27 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2013-11-14 17:27 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2013-11-14 17:27 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2013-11-14 17:27 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2013-11-14 17:27 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2013-11-14 17:27 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2013-11-14 17:27 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2013-11-14 17:27 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2013-11-14 17:27 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2013-11-14 17:27 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2013-11-14 17:27 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2013-11-14 17:27 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2013-11-14 17:27 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2013-11-14 17:27 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2013-11-14 17:27 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2013-11-14 17:27 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2013-11-14 17:27 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2013-11-14 17:27 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2013-11-14 17:27 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2013-11-14 17:27 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2013-11-14 17:27 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2013-11-14 17:27 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2013-11-14 17:27 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2013-11-14 17:27 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2013-11-14 17:27 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2013-11-14 17:27 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2013-11-14 17:27 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2013-11-14 17:27 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2013-11-14 17:27 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2013-11-14 17:27 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2013-11-14 17:17 - 2013-11-14 17:17 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-11-14 17:16 - 2013-11-14 17:31 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Origin
2013-11-14 17:16 - 2013-11-14 17:31 - 00000000 ____D C:\ProgramData\Origin
2013-11-14 17:16 - 2013-11-14 17:31 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-11-14 17:16 - 2013-11-14 17:17 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Origin
2013-11-14 17:16 - 2013-11-14 17:16 - 00000996 _____ C:\Users\Public\Desktop\Origin.lnk
2013-11-14 17:15 - 2013-12-08 23:29 - 00000000 ____D C:\Program Files (x86)\Origin
2013-11-14 17:10 - 2013-12-13 21:20 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3419439862-1036738529-1644555537-1001
2013-11-14 17:07 - 2013-11-14 23:26 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Mozilla
2013-11-14 17:07 - 2013-11-14 17:07 - 00001164 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-11-14 17:07 - 2013-11-14 17:07 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Mozilla
2013-11-14 17:07 - 2013-11-14 17:07 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Macromedia
2013-11-14 17:07 - 2013-11-14 17:07 - 00000000 ____D C:\ProgramData\Mozilla
2013-11-14 17:04 - 2013-11-21 18:39 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Packages
2013-11-14 17:04 - 2013-11-17 15:13 - 00000000 ___RD C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-14 17:04 - 2013-11-17 12:23 - 00000000 ____D C:\Users\USERNAME\AppData\Local\VirtualStore
2013-11-14 17:04 - 2013-11-14 17:04 - 00000020 ___SH C:\Users\USERNAME\ntuser.ini
2013-11-14 17:04 - 2013-11-14 17:04 - 00000000 ___RD C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-14 17:04 - 2013-11-14 17:04 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Adobe
2013-11-14 17:04 - 2013-11-14 17:04 - 00000000 ____D C:\Users\USERNAME\AppData\Local\PackageStaging
2013-11-14 17:00 - 2013-12-08 15:20 - 00000000 ____D C:\Users\USERNAME
2013-11-14 17:00 - 2013-11-14 17:00 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2013-11-14 17:00 - 2013-11-14 17:00 - 00011433 _____ C:\WINDOWS\diagerr.xml
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\USERNAME\Vorlagen
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\USERNAME\Startmenü
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\USERNAME\Netzwerkumgebung
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\USERNAME\Lokale Einstellungen
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\USERNAME\Eigene Dateien
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\USERNAME\Druckumgebung
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\USERNAME\AppData\Local\Verlauf
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\USERNAME\AppData\Local\Anwendungsdaten
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\USERNAME\Anwendungsdaten
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 ____D C:\WINDOWS\CSC
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 ____D C:\Users\Public\Creative
2013-11-14 17:00 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-11-14 17:00 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-11-14 17:00 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-11-14 17:00 - 2013-08-22 16:36 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-11-14 16:55 - 2013-11-14 16:55 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-11-14 16:54 - 2013-11-16 17:49 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-11-14 16:54 - 2013-11-16 17:49 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-11-14 16:54 - 2013-11-14 16:56 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2013-11-14 16:54 - 2013-11-14 16:54 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2013-11-14 16:54 - 2013-11-14 16:54 - 00000000 ____D C:\Program Files\Realtek
2013-11-14 16:53 - 2013-11-14 16:53 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-11-14 16:53 - 2013-11-14 16:53 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf
2013-11-14 16:53 - 2013-11-14 16:53 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2013-11-14 16:53 - 2013-11-14 16:53 - 00000000 ____D C:\Program Files\ASUS
2013-11-14 16:53 - 2013-11-14 16:53 - 00000000 ____D C:\Program Files (x86)\ASUS
2013-11-14 16:53 - 2012-05-07 17:04 - 00028672 _____ (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll
2013-11-14 16:53 - 2012-05-07 17:04 - 00013440 _____ C:\WINDOWS\SysWOW64\Drivers\AsIO.sys
2013-11-14 16:43 - 2013-11-14 16:43 - 06026916 _____ ( ) C:\Users\USERNAME\Desktop\FreeMind-Windows-Installer-0.9.0-min.exe
|
|
15.12.2013, 14:57
| #6 |
| | Adware.Lollipop.D erkannt bei Download von Chip & Co. Teil 2/2 Code:
ATTFilter ==================== One Month Modified Files and Folders =======
2013-12-14 15:30 - 2013-12-14 15:30 - 00017197 _____ C:\Users\USERNAME\Desktop\FRST.txt
2013-12-14 15:30 - 2013-12-14 15:30 - 00000000 ____D C:\FRST
2013-12-14 15:30 - 2013-11-16 17:38 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\uTorrent
2013-12-14 15:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2013-12-14 14:54 - 2013-11-21 22:33 - 01091320 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-14 14:47 - 2013-11-16 19:36 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-14 14:37 - 2013-11-16 17:47 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-12-14 01:52 - 2013-11-16 20:08 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\ClassicShell
2013-12-13 22:16 - 2013-11-16 19:36 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Dropbox
2013-12-13 21:20 - 2013-11-14 17:10 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3419439862-1036738529-1644555537-1001
2013-12-13 21:17 - 2013-11-16 18:57 - 00005156 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for ANONYM-BOB13-USERNAME anonym-bob13
2013-12-13 21:13 - 2013-12-13 21:11 - 00000000 ____D C:\Program Files (x86)\Project64 1.6
2013-12-13 21:12 - 2013-09-30 05:14 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-13 21:12 - 2013-09-30 04:56 - 00764340 _____ C:\WINDOWS\system32\perfh007.dat
2013-12-13 21:12 - 2013-09-30 04:56 - 00159160 _____ C:\WINDOWS\system32\perfc007.dat
2013-12-13 21:11 - 2013-12-13 21:11 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6
2013-12-13 21:07 - 2013-12-13 20:40 - 00002196 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-13 21:07 - 2013-11-16 21:00 - 00003148 _____ C:\WINDOWS\System32\Tasks\FRAPS
2013-12-13 21:07 - 2013-11-16 20:02 - 00000000 ___RD C:\Users\USERNAME\Dropbox
2013-12-13 21:07 - 2013-11-16 19:36 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-13 21:07 - 2013-11-14 17:27 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-13 21:07 - 2013-11-03 15:25 - 00000000 ____D C:\Fraps
2013-12-13 21:07 - 2013-10-14 13:53 - 00000000 ___RD C:\Users\USERNAME\Google Drive
2013-12-13 21:07 - 2013-09-02 17:37 - 00000000 __RDO C:\Users\USERNAME\SkyDrive
2013-12-13 21:05 - 2013-11-22 13:17 - 00002516 _____ C:\WINDOWS\PFRO.log
2013-12-13 21:05 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-13 21:05 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2013-12-13 20:40 - 2013-11-16 19:36 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Google
2013-12-13 20:40 - 2013-11-16 19:36 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-13 17:13 - 2013-12-13 17:13 - 00377856 _____ C:\Users\USERNAME\Desktop\gmer_2.1.19163.exe
2013-12-13 17:13 - 2013-12-13 17:13 - 00050477 _____ C:\Users\USERNAME\Desktop\Defogger.exe
2013-12-13 17:12 - 2013-12-13 17:13 - 01927462 _____ (Farbar) C:\Users\USERNAME\Desktop\FRST64.exe
2013-12-13 17:09 - 2013-12-13 17:09 - 00000269 _____ C:\Users\USERNAME\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten - Trojaner-Board.URL
2013-12-13 16:58 - 2013-12-13 16:58 - 00000644 _____ C:\Users\USERNAME\Desktop\JRT.txt
2013-12-13 16:55 - 2013-12-13 16:55 - 00000000 ____D C:\WINDOWS\ERUNT
2013-12-13 16:53 - 2013-12-13 16:52 - 00000000 ____D C:\AdwCleaner
2013-12-13 16:51 - 2013-12-13 16:51 - 00891200 _____ C:\Users\USERNAME\Desktop\SecurityCheck.exe
2013-12-13 16:49 - 2013-12-13 16:49 - 01034531 _____ (Thisisu) C:\Users\USERNAME\Desktop\JRT.exe
2013-12-13 16:47 - 2013-12-13 16:47 - 01226802 _____ C:\Users\USERNAME\Desktop\adwcleaner.exe
2013-12-13 16:27 - 2013-12-08 10:38 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-12-13 16:15 - 2013-08-22 15:44 - 00473728 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-13 01:36 - 2013-11-16 16:53 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\foobar2000
2013-12-13 01:19 - 2013-11-21 18:06 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\vlc
2013-12-12 20:07 - 2013-11-16 20:12 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\.minecraft
2013-12-12 05:22 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2013-12-10 19:54 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2013-12-10 19:37 - 2013-11-16 17:47 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-12-09 00:04 - 2013-11-14 17:28 - 00214392 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2013-12-08 23:29 - 2013-11-14 17:15 - 00000000 ____D C:\Program Files (x86)\Origin
2013-12-08 21:23 - 2013-12-08 15:20 - 00000000 ____D C:\Users\USERNAME\.freemind
2013-12-08 15:20 - 2013-12-08 15:20 - 00001132 _____ C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\FreeMind.lnk
2013-12-08 15:20 - 2013-12-08 15:20 - 00001108 _____ C:\Users\USERNAME\Desktop\FreeMind.lnk
2013-12-08 15:20 - 2013-12-08 15:20 - 00000000 ____D C:\Program Files (x86)\FreeMind
2013-12-08 15:20 - 2013-11-14 17:00 - 00000000 ____D C:\Users\USERNAME
2013-12-08 14:36 - 2013-12-08 14:36 - 00002233 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-08 12:23 - 2013-12-08 12:23 - 62093799 _____ C:\Users\USERNAME\Desktop\Sphax PureBDcraft 256x MC17.zip
2013-12-08 12:22 - 2013-12-07 11:33 - 115988950 _____ C:\Users\USERNAME\Desktop\Sphax PureBDcraft 512x MC17.zip
2013-12-08 12:15 - 2013-12-08 12:15 - 00000043 _____ C:\Users\USERNAME\Desktop\Minecraft.bat
2013-12-08 10:53 - 2013-12-08 10:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-08 10:53 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-12-08 10:52 - 2013-12-08 10:52 - 00000000 ____D C:\WINDOWS\PCHEALTH
2013-12-08 10:52 - 2013-12-08 10:52 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Microsoft Help
2013-12-08 10:52 - 2013-12-08 10:52 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2013-12-08 10:52 - 2013-12-08 10:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-12-08 10:52 - 2013-12-08 10:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-12-08 10:52 - 2013-12-08 10:43 - 00000000 ____D C:\Program Files\Microsoft Office
2013-12-08 10:50 - 2013-12-08 10:50 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2013-12-08 10:35 - 2013-12-08 10:31 - 00000000 ____D C:\Program Files\office.tmp
2013-12-07 15:04 - 2013-11-22 13:22 - 00257314 _____ C:\WINDOWS\DirectX.log
2013-12-07 14:27 - 2013-12-07 14:27 - 00000222 _____ C:\Users\USERNAME\Desktop\Sonic & All-Stars Racing Transformed.url
2013-12-07 14:27 - 2013-11-16 20:37 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-12-07 11:38 - 2013-12-07 11:55 - 604772257 _____ C:\Users\USERNAME\Desktop\Minecraft.zip
2013-12-05 17:45 - 2013-12-05 17:45 - 00000690 _____ C:\Users\USERNAME\Desktop\Shelter.lnk
2013-12-05 17:45 - 2013-12-05 17:45 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Might and Delight
2013-12-05 17:44 - 2013-12-05 17:44 - 00001271 _____ C:\Users\Public\Desktop\Virtual CloneDrive.lnk
2013-12-05 17:44 - 2013-12-05 17:44 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2013-12-05 17:36 - 2013-11-14 17:28 - 00214392 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2013-12-05 17:15 - 2013-12-05 17:44 - 639774576 _____ C:\Users\USERNAME\Desktop\wmt-shelter.bin
2013-12-05 17:13 - 2013-12-05 17:44 - 00000077 _____ C:\Users\USERNAME\Desktop\wmt-shelter.cue
2013-12-05 17:09 - 2013-12-05 17:09 - 00005112 _____ C:\Users\USERNAME\Desktop\shelter-walmart.nfo
2013-12-05 01:08 - 2013-12-05 01:08 - 00233984 _____ C:\Users\USERNAME\Desktop\VGABIOS.rom
2013-12-05 01:02 - 2013-12-05 01:02 - 00000000 ____D C:\Users\USERNAME\Desktop\Setup32_ThunderMaster_NV_1_9h
2013-12-05 00:13 - 2013-12-05 00:13 - 00000283 _____ C:\Users\USERNAME\Desktop\[BF4] I have multiple fixes that make the game 90% improved, no more DX error's. Battlefield.URL
2013-12-04 18:42 - 2013-11-16 19:36 - 00004108 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-04 18:42 - 2013-11-16 19:36 - 00003872 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-04 01:05 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-12-04 01:05 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-01 22:05 - 2013-12-01 22:05 - 00002512 _____ C:\Users\USERNAME\Desktop\Word 2013.lnk
2013-12-01 14:21 - 2013-11-16 20:03 - 00000000 ____D C:\ProgramData\ClassicShell
2013-11-30 16:22 - 2013-11-14 17:28 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-11-26 12:54 - 2013-12-11 02:22 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-11-26 11:11 - 2013-12-11 02:22 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-11-26 10:41 - 2013-12-11 02:22 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-11-26 09:57 - 2013-12-11 02:22 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-11-26 09:38 - 2013-12-11 02:22 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-11-26 09:35 - 2013-12-11 02:22 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-11-26 09:16 - 2013-12-11 02:22 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-11-26 09:02 - 2013-12-11 02:22 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-11-26 08:48 - 2013-12-11 02:22 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-11-26 08:32 - 2013-12-11 02:22 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-11-26 08:26 - 2013-12-11 02:22 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-11-26 08:07 - 2013-12-11 02:22 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-11-26 07:40 - 2013-12-11 02:22 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-11-26 07:34 - 2013-12-11 02:22 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2013-11-26 07:34 - 2013-12-11 02:22 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2013-11-26 07:33 - 2013-12-11 02:22 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-11-26 07:27 - 2013-12-11 02:22 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-11-25 21:40 - 2013-11-20 20:06 - 00000000 ____D C:\Users\USERNAME\.MakeMKV
2013-11-22 13:19 - 2013-11-22 13:18 - 00002192 _____ C:\WINDOWS\setupact.log
2013-11-22 13:18 - 2013-11-22 13:18 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-11-21 22:29 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2013-11-21 18:39 - 2013-11-14 17:04 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Packages
2013-11-21 18:06 - 2013-11-21 18:06 - 00000888 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-11-21 18:06 - 2013-11-21 18:06 - 00000000 ____D C:\Program Files\VideoLAN
2013-11-21 02:06 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2013-11-20 21:22 - 2013-11-20 21:22 - 00001907 _____ C:\Users\Public\Desktop\IrfanView Thumbnails.lnk
2013-11-20 21:22 - 2013-11-20 21:22 - 00001015 _____ C:\Users\Public\Desktop\IrfanView.lnk
2013-11-20 21:22 - 2013-11-20 21:22 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\IrfanView
2013-11-20 21:22 - 2013-11-20 21:22 - 00000000 ____D C:\Program Files (x86)\IrfanView
2013-11-17 15:31 - 2013-11-17 15:13 - 00000000 ____D C:\Program Files (x86)\Stardock
2013-11-17 15:29 - 2013-11-16 20:39 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Stardock
2013-11-17 15:15 - 2013-11-17 15:05 - 00000000 ____D C:\Users\USERNAME\.gimp-2.8
2013-11-17 15:14 - 2013-11-17 15:14 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Stardock_Corporation
2013-11-17 15:13 - 2013-11-17 15:13 - 00002047 _____ C:\Users\USERNAME\Desktop\Customize Fences.lnk
2013-11-17 15:13 - 2013-11-14 17:04 - 00000000 ___RD C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-17 15:08 - 2013-11-17 15:08 - 00000966 _____ C:\Users\USERNAME\Desktop\eclipse.lnk
2013-11-17 15:07 - 2013-11-17 15:07 - 00000000 ____D C:\Program Files\eclipse
2013-11-17 15:05 - 2013-11-17 15:05 - 00000000 ____D C:\Users\USERNAME\AppData\Local\gegl-0.2
2013-11-17 14:57 - 2013-11-17 14:57 - 00000000 ____D C:\Program Files (x86)\FLAC
2013-11-17 14:29 - 2013-11-17 14:29 - 00000000 ____D C:\Program Files (x86)\Geeks3D
2013-11-17 14:00 - 2013-11-17 13:59 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Foxit Software
2013-11-17 13:59 - 2013-11-17 13:59 - 00002071 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2013-11-17 13:59 - 2013-11-17 13:59 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2013-11-17 12:23 - 2013-11-17 12:23 - 00000000 ____D C:\ProgramData\ROCCAT
2013-11-17 12:23 - 2013-11-14 17:04 - 00000000 ____D C:\Users\USERNAME\AppData\Local\VirtualStore
2013-11-16 22:25 - 2013-11-16 22:25 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Logitech
2013-11-16 22:25 - 2013-11-16 22:25 - 00000000 ____D C:\ProgramData\LogiShrd
2013-11-16 22:25 - 2013-11-16 22:25 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2013-11-16 22:24 - 2013-11-16 22:24 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Logitech
2013-11-16 22:24 - 2013-11-16 22:24 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Logishrd
2013-11-16 22:01 - 2013-11-16 22:01 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-16 22:01 - 2013-11-16 22:01 - 00000000 ____D C:\Program Files (x86)\ROCCAT
2013-11-16 21:10 - 2013-11-16 21:10 - 00000220 _____ C:\Users\USERNAME\Desktop\BioShock Infinite.url
2013-11-16 21:00 - 2013-11-16 21:00 - 00000571 _____ C:\Users\Public\Desktop\Fraps.lnk
2013-11-16 21:00 - 2013-11-16 21:00 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Greenshot
2013-11-16 21:00 - 2013-11-16 21:00 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Greenshot
2013-11-16 21:00 - 2013-11-16 21:00 - 00000000 ____D C:\Program Files\Greenshot
2013-11-16 20:58 - 2013-11-16 20:58 - 00000897 _____ C:\Users\Public\Desktop\GIMP 2.lnk
2013-11-16 20:58 - 2013-11-16 20:58 - 00000000 ____D C:\Program Files\GIMP 2
2013-11-16 20:52 - 2013-11-16 20:52 - 00002774 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2013-11-16 20:52 - 2013-11-16 20:52 - 00000835 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-11-16 20:52 - 2013-11-16 20:52 - 00000000 ____D C:\Program Files\CCleaner
2013-11-16 20:52 - 2013-11-14 17:53 - 00000000 ___DC C:\WINDOWS\Panther
2013-11-16 20:39 - 2013-11-16 20:39 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Stardock
2013-11-16 20:39 - 2013-11-16 20:39 - 00000000 ____D C:\ProgramData\Stardock
2013-11-16 20:17 - 2013-11-16 20:17 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\NVIDIA
2013-11-16 20:15 - 2013-11-16 20:15 - 00000000 ____D C:\Users\USERNAME\AppData\Local\ESET
2013-11-16 20:12 - 2013-11-16 20:12 - 00675988 _____ C:\Users\USERNAME\Desktop\Minecraft.exe
2013-11-16 20:02 - 2013-11-16 20:02 - 00001053 _____ C:\Users\USERNAME\Desktop\Dropbox.lnk
2013-11-16 19:50 - 2013-11-16 19:50 - 00000000 ____D C:\ProgramData\Oracle
2013-11-16 19:49 - 2013-11-16 19:50 - 00312744 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-11-16 19:49 - 2013-11-16 19:49 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-11-16 19:49 - 2013-11-16 19:49 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-11-16 19:49 - 2013-11-16 19:49 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2013-11-16 19:49 - 2013-11-16 19:49 - 00000000 ____D C:\Program Files\Java
2013-11-16 19:47 - 2013-11-16 19:47 - 00000000 ____D C:\Program Files\Classic Shell
2013-11-16 19:47 - 2013-11-16 19:47 - 00000000 ____D C:\Program Files\7-Zip
2013-11-16 19:46 - 2013-11-16 19:46 - 00001008 _____ C:\Users\USERNAME\Desktop\MakeMKV.lnk
2013-11-16 19:46 - 2013-11-16 19:46 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MakeMKV
2013-11-16 19:46 - 2013-11-16 19:46 - 00000000 ____D C:\Program Files (x86)\MakeMKV
2013-11-16 19:45 - 2013-11-16 19:45 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Notepad++
2013-11-16 19:45 - 2013-11-16 19:45 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2013-11-16 19:45 - 2013-11-16 19:45 - 00000000 ____D C:\Program Files (x86)\Notepad++
2013-11-16 19:37 - 2013-11-16 19:37 - 00002061 _____ C:\Users\Public\Desktop\Google Slides.lnk
2013-11-16 19:37 - 2013-11-16 19:37 - 00002057 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2013-11-16 19:37 - 2013-11-16 19:37 - 00002045 _____ C:\Users\Public\Desktop\Google Docs.lnk
2013-11-16 19:37 - 2013-11-16 19:37 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-11-16 19:33 - 2013-11-16 19:33 - 00000000 ____D C:\ProgramData\ESET
2013-11-16 19:33 - 2013-11-16 19:33 - 00000000 ____D C:\Program Files\ESET
2013-11-16 18:57 - 2013-11-16 18:57 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive
2013-11-16 18:56 - 2013-11-16 18:56 - 00000000 ____D C:\WINDOWS\SysWOW64\Visual Studio 2013
2013-11-16 18:56 - 2013-11-16 18:56 - 00000000 ____D C:\ProgramData\NuGet
2013-11-16 18:56 - 2013-11-16 18:56 - 00000000 ____D C:\Program Files (x86)\NuGet
2013-11-16 18:56 - 2013-11-16 18:48 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2013-11-16 18:56 - 2013-11-16 18:48 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2013-11-16 18:56 - 2013-11-14 17:27 - 00000000 ____D C:\ProgramData\Package Cache
2013-11-16 18:55 - 2013-11-16 18:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2013-11-16 18:54 - 2013-11-16 18:48 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2013-11-16 18:50 - 2013-11-16 18:50 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf
2013-11-16 18:50 - 2013-11-16 18:49 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2013-11-16 18:48 - 2013-11-16 18:48 - 00000000 ____D C:\WINDOWS\SysWOW64\1033
2013-11-16 18:48 - 2013-11-16 18:48 - 00000000 ____D C:\WINDOWS\SysWOW64\1031
2013-11-16 18:48 - 2013-11-16 18:48 - 00000000 ____D C:\WINDOWS\system32\1033
2013-11-16 18:48 - 2013-11-16 18:48 - 00000000 ____D C:\WINDOWS\system32\1031
2013-11-16 18:48 - 2013-11-16 18:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2013-11-16 18:48 - 2013-11-14 17:50 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-11-16 18:47 - 2013-11-16 18:47 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2013-11-16 18:47 - 2013-11-16 18:47 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-11-16 17:49 - 2013-11-16 17:49 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-11-16 17:49 - 2013-11-16 17:49 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-16 17:49 - 2013-11-16 17:49 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-11-16 17:49 - 2013-11-14 16:54 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-11-16 17:49 - 2013-11-14 16:54 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-11-16 17:49 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Help
2013-11-16 17:47 - 2013-11-16 17:47 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Macromedia
2013-11-16 17:46 - 2013-11-16 17:41 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Adobe
2013-11-16 17:39 - 2013-11-16 17:39 - 00000861 _____ C:\Users\USERNAME\Desktop\µTorrent.lnk
2013-11-16 17:39 - 2013-11-16 17:39 - 00000841 _____ C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2013-11-16 17:39 - 2013-11-16 13:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-16 16:53 - 2013-11-16 16:53 - 00001048 _____ C:\Users\Public\Desktop\foobar2000.lnk
2013-11-16 16:53 - 2013-11-16 16:53 - 00000000 ____D C:\Program Files (x86)\foobar2000
2013-11-16 13:13 - 2013-11-16 13:13 - 00000000 ___RD C:\WINDOWS\BrowserChoice
2013-11-16 13:13 - 2013-11-16 13:13 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-11-16 12:57 - 2013-11-16 12:57 - 00000000 __RHD C:\Users\USERNAME\AppData\Roaming\SecuROM
2013-11-16 12:38 - 2013-11-14 17:53 - 00000000 ____D C:\Windows.old
2013-11-14 23:26 - 2013-11-14 17:07 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Mozilla
2013-11-14 17:53 - 2013-08-22 16:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2013-11-14 17:52 - 2013-11-14 17:52 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 18577408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 13176320 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 11674112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-11-14 17:52 - 2013-11-14 17:52 - 06639616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 05769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 04599808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 04104704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 03934208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 03532288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 02801664 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 02551640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2013-11-14 17:52 - 2013-11-14 17:52 - 02328872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2013-11-14 17:52 - 2013-11-14 17:52 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 02134120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 02065448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2013-11-14 17:52 - 2013-11-14 17:52 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01799944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01704448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-11-14 17:52 - 2013-11-14 17:52 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01362944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01341288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01286552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01147904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01067080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01019392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01018960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 01011712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00977408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00883184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00872840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00708616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00700928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2013-11-14 17:52 - 2013-11-14 17:52 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00578952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00523096 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2013-11-14 17:52 - 2013-11-14 17:52 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2013-11-14 17:52 - 2013-11-14 17:52 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00481392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00465960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2013-11-14 17:52 - 2013-11-14 17:52 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00391512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00385528 _____ C:\WINDOWS\system32\ApnDatabase.xml
2013-11-14 17:52 - 2013-11-14 17:52 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-11-14 17:52 - 2013-11-14 17:52 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00380656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00371032 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-11-14 17:52 - 2013-11-14 17:52 - 00345552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2013-11-14 17:52 - 2013-11-14 17:52 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-11-14 17:52 - 2013-11-14 17:52 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00317616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00270848 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2013-11-14 17:52 - 2013-11-14 17:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00258904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2013-11-14 17:52 - 2013-11-14 17:52 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00235960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\miutils.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\miutils.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00171864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_8086.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msched.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2013-11-14 17:52 - 2013-11-14 17:52 - 00104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00096088 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedapplauncher.exe
2013-11-14 17:52 - 2013-11-14 17:52 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00088272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2013-11-14 17:52 - 2013-11-14 17:52 - 00057176 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2013-11-14 17:52 - 2013-11-14 17:52 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2013-11-14 17:52 - 2013-11-14 17:52 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ftp.exe
2013-11-14 17:52 - 2013-11-14 17:52 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ftp.exe
2013-11-14 17:52 - 2013-11-14 17:52 - 00044936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2013-11-14 17:52 - 2013-11-14 17:52 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2013-11-14 17:52 - 2013-11-14 17:52 - 00031064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2013-11-14 17:52 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2013-11-14 17:52 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore
2013-11-14 17:52 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\migwiz
2013-11-14 17:52 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Camera
2013-11-14 17:51 - 2013-11-14 17:51 - 01943536 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2013-11-14 17:51 - 2013-11-14 17:51 - 01581968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2013-11-14 17:51 - 2013-11-14 17:51 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2013-11-14 17:51 - 2013-11-14 17:51 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2013-11-14 17:51 - 2013-11-14 17:51 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2013-11-14 17:51 - 2013-11-14 17:51 - 00136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2013-11-14 17:50 - 2013-11-14 17:50 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2013-11-14 17:50 - 2013-11-14 17:50 - 00377856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2013-11-14 17:50 - 2013-11-14 17:50 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2013-11-14 17:50 - 2013-11-14 17:50 - 00155480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2013-11-14 17:50 - 2013-11-14 17:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2013-11-14 17:50 - 2013-11-14 17:50 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2013-11-14 17:50 - 2013-11-14 17:50 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2013-11-14 17:50 - 2013-11-14 17:50 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2013-11-14 17:50 - 2013-11-14 17:50 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2013-11-14 17:50 - 2013-11-14 17:50 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2013-11-14 17:50 - 2013-11-14 17:50 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2013-11-14 17:50 - 2013-11-14 17:50 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2013-11-14 17:50 - 2013-11-14 17:50 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2013-11-14 17:50 - 2013-11-14 17:50 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2013-11-14 17:50 - 2013-11-14 17:50 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2013-11-14 17:50 - 2013-11-14 17:50 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2013-11-14 17:50 - 2013-11-14 17:50 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-11-14 17:50 - 2013-11-14 17:50 - 00000000 ____D C:\Program Files\MSBuild
2013-11-14 17:50 - 2013-11-14 17:50 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-11-14 17:50 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2013-11-14 17:50 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\MUI
2013-11-14 17:47 - 2013-11-14 17:47 - 00008192 __RSH C:\BOOTSECT.BAK
2013-11-14 17:33 - 2013-11-14 17:33 - 00000000 ____D C:\Users\USERNAME\AppData\Local\PunkBuster
2013-11-14 17:31 - 2013-11-14 17:16 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Origin
2013-11-14 17:31 - 2013-11-14 17:16 - 00000000 ____D C:\ProgramData\Origin
2013-11-14 17:31 - 2013-11-14 17:16 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-11-14 17:28 - 2013-11-14 17:28 - 00076888 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2013-11-14 17:28 - 2013-11-14 17:28 - 00000710 _____ C:\Users\Public\Desktop\Battlefield 4(64 bit).lnk
2013-11-14 17:28 - 2013-11-14 17:28 - 00000000 ____D C:\Users\USERNAME\AppData\Local\ESN
2013-11-14 17:27 - 2013-11-14 17:27 - 00000930 _____ C:\Users\Public\Desktop\Steam.lnk
2013-11-14 17:26 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\restore
2013-11-14 17:17 - 2013-11-14 17:17 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-11-14 17:17 - 2013-11-14 17:16 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Origin
2013-11-14 17:16 - 2013-11-14 17:16 - 00000996 _____ C:\Users\Public\Desktop\Origin.lnk
2013-11-14 17:07 - 2013-11-14 17:07 - 00001164 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-11-14 17:07 - 2013-11-14 17:07 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Mozilla
2013-11-14 17:07 - 2013-11-14 17:07 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Macromedia
2013-11-14 17:07 - 2013-11-14 17:07 - 00000000 ____D C:\ProgramData\Mozilla
2013-11-14 17:04 - 2013-11-14 17:04 - 00000020 ___SH C:\Users\USERNAME\ntuser.ini
2013-11-14 17:04 - 2013-11-14 17:04 - 00000000 ___RD C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-14 17:04 - 2013-11-14 17:04 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Adobe
2013-11-14 17:04 - 2013-11-14 17:04 - 00000000 ____D C:\Users\USERNAME\AppData\Local\PackageStaging
2013-11-14 17:00 - 2013-11-14 17:00 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2013-11-14 17:00 - 2013-11-14 17:00 - 00011433 _____ C:\WINDOWS\diagerr.xml
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\USERNAME\Vorlagen
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\USERNAME\Startmenü
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\USERNAME\Netzwerkumgebung
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\USERNAME\Lokale Einstellungen
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\USERNAME\Eigene Dateien
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\USERNAME\Druckumgebung
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\USERNAME\AppData\Local\Verlauf
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\USERNAME\AppData\Local\Anwendungsdaten
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\USERNAME\Anwendungsdaten
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 ____D C:\WINDOWS\CSC
2013-11-14 17:00 - 2013-11-14 17:00 - 00000000 ____D C:\Users\Public\Creative
2013-11-14 17:00 - 2013-08-22 16:36 - 00000000 __RHD C:\Users\Public\Libraries
2013-11-14 17:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\Recovery
2013-11-14 17:00 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows NT
2013-11-14 17:00 - 2013-08-22 14:36 - 00000000 __RHD C:\Users\Default
2013-11-14 16:58 - 2013-06-22 22:30 - 00000000 __SHD C:\Recovery
2013-11-14 16:56 - 2013-11-14 16:54 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2013-11-14 16:55 - 2013-11-14 16:55 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-11-14 16:54 - 2013-11-14 16:54 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2013-11-14 16:54 - 2013-11-14 16:54 - 00000000 ____D C:\Program Files\Realtek
2013-11-14 16:53 - 2013-11-14 16:53 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-11-14 16:53 - 2013-11-14 16:53 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf
2013-11-14 16:53 - 2013-11-14 16:53 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2013-11-14 16:53 - 2013-11-14 16:53 - 00000000 ____D C:\Program Files\ASUS
2013-11-14 16:53 - 2013-11-14 16:53 - 00000000 ____D C:\Program Files (x86)\ASUS
2013-11-14 16:43 - 2013-11-14 16:43 - 06026916 _____ ( ) C:\Users\USERNAME\Desktop\FreeMind-Windows-Installer-0.9.0-min.exe
Some content of TEMP:
====================
C:\Users\USERNAME\AppData\Local\Temp\Checkupdate.exe
C:\Users\USERNAME\AppData\Local\Temp\drm_dyndata_7380015.dll
C:\Users\USERNAME\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\USERNAME\AppData\Local\Temp\gcapi_dll.dll
C:\Users\USERNAME\AppData\Local\Temp\gtapi_signed.dll
C:\Users\USERNAME\AppData\Local\Temp\OfficeSetup.exe
C:\Users\USERNAME\AppData\Local\Temp\Quarantine.exe
C:\Users\USERNAME\AppData\Local\Temp\sonarinst.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-10 19:54
==================== End Of Log ============================
|
|
16.12.2013, 09:32
| #7 |
| /// the machine /// TB-Ausbilder | Adware.Lollipop.D erkannt bei Download von Chip & Co. Ds Problem ist das ich keine Anhänge laden kann, so ist es viel besser  Downloade Dir bitte  Malwarebytes Anti-Malware
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
17.12.2013, 00:11
| #8 |
| | Adware.Lollipop.D erkannt bei Download von Chip & Co. Hallo, Malwarebytes-Quick-Scan ausgeführt. Popup, eine Verbindung zu einer potenziell gefährlichen Webseite geblockt wurde. Hat nichts gefunden.JRT ausgeführt. 1 "böses" Modul gefunden, soll nach Neustart gelöscht worden seinFRST ausgeführt. Hier nun die Logs: Malwarebytes: Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.12.16.08 Windows 8 x64 NTFS Internet Explorer 11.0.9600.16476 Fabian :: ANONYM-BOB13 [Administrator] Schutz: Deaktiviert 16.12.2013 23:48:24 mbam-log-2013-12-16 (23-48-24).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 241801 Laufzeit: 1 Minute(n), 36 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 8.1 Pro x64
Ran by Fabian on 16.12.2013 at 23:56:01,41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.12.2013 at 23:57:31,83
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-12-2013 02
Ran by USERNAME (administrator) on ANONYM-BOB13 on 16-12-2013 23:59:37
Running from C:\Users\USERNAME\Desktop
Windows 8.1 Pro (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Beepa P/L) C:\Fraps\fraps.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE
(Beepa P/L) C:\Fraps\fraps64.dat
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(BitTorrent Inc.) C:\Users\USERNAME\AppData\Roaming\uTorrent\uTorrent.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.exe
(Dropbox, Inc.) C:\Users\USERNAME\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) \\?\C:\WINDOWS\system32\wbem\WMIADAP.EXE
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7156296 2013-03-05] (Realtek Semiconductor)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5618456 2013-09-12] (ESET)
HKLM\...\Run: [Greenshot] - C:\Program Files\Greenshot\Greenshot.exe [495616 2013-10-27] (Greenshot)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM\...\Run: [Fences] - C:\Program Files (x86)\Stardock\Fences\Fences.exe [4013744 2013-07-11] (Stardock Corporation)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)
HKCU\...\Run: [uTorrent] - C:\Users\USERNAME\AppData\Roaming\uTorrent\uTorrent.exe [1142864 2013-11-16] (BitTorrent Inc.)
HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20203904 2013-12-06] (Google)
MountPoints2: {79334044-5d9f-11e3-8267-74d02b2b7ea4} - "F:\setup.exe"
HKLM-x32\...\Run: [RoccatKonePure] - C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.exe [561152 2013-06-10] (ROCCAT GmbH)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
Startup: C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\USERNAME\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fences.lnk
ShortcutTarget: Fences.lnk -> C:\Program Files (x86)\Stardock\Fences\Fences.exe (Stardock Corporation)
Startup: C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe (No File)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5C20E76453E1CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,de-CH;q=0.8,de;q=0.6,fr-CH;q=0.4,fr;q=0.2
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: LastPass - C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\Extensions\support@lastpass.com
FF Extension: jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E - C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\Extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi
FF Extension: jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI - C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi
FF Extension: jid1-qQSMEVsYTOjgYA - C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\Extensions\jid1-qQSMEVsYTOjgYA@jetpack.xpi
FF Extension: omnibar - C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\Extensions\omnibar@ajitk.com.xpi
FF Extension: s3google - C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\Extensions\s3google@translator.xpi
FF Extension: aios - C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi
FF Extension: noscript - C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\Extensions\{ab4b5718-3998-4a2c-91ae-18a7c2db513e}.xpi
FF Extension: Adblock Plus - C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
Chrome:
=======
CHR DefaultSearchKeyword: google.ch
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding}
CHR Extension: (Google Docs) - C:\Users\USERNAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\USERNAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\USERNAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\USERNAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\USERNAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\USERNAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
==================== Services (Whitelisted) =================
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe [927232 2012-10-29] ()
R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [103424 2013-02-14] (Creative Technology Ltd)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1337752 2013-09-12] (ESET)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15125280 2013-11-14] (NVIDIA Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-11-02] (Microsoft Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWow64\PnkBstrA.exe [76888 2013-11-14] ()
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2012-05-07] ()
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 cthda; C:\Windows\system32\drivers\cthda.sys [1044760 2013-02-14] (Creative Technology Ltd)
R3 cthdb; C:\Windows\system32\DRIVERS\cthdb.sys [28440 2013-02-14] (Creative Technology Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-09-30] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-07-26] (Intel Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-11-14] (NVIDIA Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [204568 2013-08-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2013-08-22] (Microsoft Corporation)
S4 nvpciflt; \SystemRoot\system32\DRIVERS\nvpciflt.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-16 23:59 - 2013-12-16 23:59 - 00000000 ____D C:\Users\USERNAME\Desktop\FRST-OlderVersion
2013-12-16 23:57 - 2013-12-16 23:57 - 00000644 _____ C:\Users\USERNAME\Desktop\JRT.txt
2013-12-16 23:40 - 2013-12-16 23:40 - 00001126 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-16 23:40 - 2013-12-16 23:40 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Malwarebytes
2013-12-16 23:40 - 2013-12-16 23:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-16 23:40 - 2013-12-16 23:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-16 23:40 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-12-16 21:44 - 2013-12-16 21:44 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-12-16 21:44 - 2013-12-16 21:44 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2013-12-16 21:44 - 2013-12-16 21:44 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2013-12-16 21:44 - 2013-12-16 21:44 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2013-12-16 21:44 - 2013-12-16 21:44 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2013-12-16 21:44 - 2013-12-16 21:44 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2013-12-16 21:44 - 2013-12-16 21:44 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2013-12-16 21:44 - 2013-12-16 21:44 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-16 21:44 - 2013-12-16 21:44 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2013-12-16 21:44 - 2013-12-16 21:44 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2013-12-16 21:44 - 2013-12-16 21:44 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2013-12-16 21:44 - 2013-12-15 13:48 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\Google
2013-12-16 21:44 - 2013-11-14 12:57 - 01064224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2013-12-16 21:44 - 2013-11-14 12:57 - 00955168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2013-12-16 21:44 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-12-16 21:44 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-12-16 21:44 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-12-16 21:44 - 2013-08-22 16:36 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-12-16 21:43 - 2013-12-16 21:43 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2013-12-16 21:43 - 2013-11-14 12:57 - 00039200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2013-12-16 21:43 - 2013-11-14 12:57 - 00029984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2013-12-16 21:43 - 2013-11-14 12:57 - 00028960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 25257248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 22951200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 18208624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 17560352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 12613408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2013-12-16 21:43 - 2013-11-14 12:56 - 11600432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 11514624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 09691888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 09619872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 03132704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 03125024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 02947872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 02747680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 01884448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433182.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 01511712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433182.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 01242400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 00707360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 00657184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 00609568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 00562464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 00479520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 00405280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 00357152 _____ C:\WINDOWS\system32\NvIFROpenGL.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 00317472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 00314656 _____ C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 00266984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 00168616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 00141336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2013-12-16 21:42 - 2013-12-16 21:42 - 00000000 ____D C:\NVIDIA
2013-12-15 19:54 - 2013-12-15 19:54 - 00000583 _____ C:\Users\Public\Desktop\Call of Duty Ghosts.lnk
2013-12-15 17:56 - 2013-12-15 17:56 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\bizarre creations
2013-12-15 17:52 - 2013-12-15 17:52 - 00000917 _____ C:\Users\USERNAME\Desktop\Blur.lnk
2013-12-15 17:34 - 2013-12-15 19:56 - 00000000 ____D C:\ProgramData\Steam
2013-12-15 17:34 - 2013-12-15 17:34 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\MKKE
2013-12-15 17:11 - 2013-12-15 17:11 - 00000932 _____ C:\Users\Public\Desktop\Mortal Kombat Complete Edition.lnk
2013-12-15 17:10 - 2013-12-15 17:10 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2013-12-15 16:09 - 2013-12-15 16:09 - 00006238 _____ C:\Users\USERNAME\Desktop\Splitscreen.xlsx
2013-12-15 13:48 - 2013-12-15 13:48 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2013-12-15 13:48 - 2013-12-15 13:48 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2013-12-15 13:41 - 2013-11-12 00:41 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-15 13:41 - 2013-11-12 00:40 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-15 13:41 - 2013-11-12 00:27 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-12-15 13:41 - 2013-11-12 00:24 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-12-15 13:41 - 2013-11-11 03:48 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2013-12-15 13:41 - 2013-11-09 12:55 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-12-15 13:41 - 2013-11-09 07:37 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2013-12-15 13:41 - 2013-11-09 06:56 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2013-12-15 13:41 - 2013-11-08 11:26 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2013-12-15 13:41 - 2013-11-08 06:23 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appmgr.dll
2013-12-15 13:41 - 2013-11-08 05:43 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2013-12-15 13:41 - 2013-11-08 05:42 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appmgr.dll
2013-12-15 13:41 - 2013-11-08 05:28 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-12-15 13:41 - 2013-11-08 05:26 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-12-15 13:41 - 2013-11-08 05:16 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2013-12-15 13:41 - 2013-11-08 05:15 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2013-12-15 13:41 - 2013-11-08 05:07 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2013-12-15 13:41 - 2013-11-08 04:41 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-12-15 13:41 - 2013-11-08 04:36 - 04105216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-12-15 13:41 - 2013-11-08 04:14 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-12-15 13:41 - 2013-11-05 15:19 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2013-12-15 13:41 - 2013-11-05 15:03 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2013-12-15 13:41 - 2013-11-05 14:57 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2013-12-15 13:41 - 2013-11-05 14:33 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2013-12-15 13:41 - 2013-11-05 14:32 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2013-12-15 13:41 - 2013-11-05 14:17 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2013-12-15 13:41 - 2013-11-04 18:13 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-12-15 13:41 - 2013-11-04 18:13 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-12-15 13:41 - 2013-11-04 14:07 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2013-12-15 13:41 - 2013-11-04 12:50 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-12-15 13:41 - 2013-11-04 11:32 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2013-12-15 13:41 - 2013-11-04 03:28 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2013-12-15 13:41 - 2013-11-04 02:30 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-12-15 13:41 - 2013-11-01 12:39 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2013-12-15 13:41 - 2013-11-01 07:08 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2013-12-15 13:41 - 2013-11-01 06:57 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2013-12-15 13:41 - 2013-10-31 01:58 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-12-15 13:41 - 2013-10-31 01:42 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-12-15 13:41 - 2013-10-31 01:33 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2013-12-15 13:41 - 2013-10-31 01:33 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2013-12-15 13:41 - 2013-10-31 01:33 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2013-12-15 13:41 - 2013-10-31 01:33 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2013-12-15 13:41 - 2013-10-26 02:54 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2013-12-15 13:41 - 2013-10-24 10:31 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2013-12-15 13:41 - 2013-10-24 10:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2013-12-15 13:41 - 2013-10-17 12:21 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2013-12-15 13:41 - 2013-10-17 11:36 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2013-12-15 13:41 - 2013-10-05 15:21 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-12-15 13:41 - 2013-10-05 15:21 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-12-15 13:41 - 2013-10-05 13:05 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-12-15 13:41 - 2013-10-05 13:05 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-12-14 15:38 - 2013-12-14 15:38 - 00001069 _____ C:\Users\Public\Desktop\Start Sonic & All-Stars Racing Transformed.lnk
2013-12-14 15:38 - 2013-12-14 15:38 - 00001004 _____ C:\Users\Public\Desktop\Launcher Sonic & All-Stars Racing Transformed.lnk
2013-12-14 15:37 - 2013-12-14 15:37 - 00020727 _____ C:\Users\USERNAME\Desktop\FRST.zip
2013-12-14 15:31 - 2013-12-14 15:36 - 00031517 _____ C:\Users\USERNAME\Desktop\Addition.txt
2013-12-14 15:30 - 2013-12-16 23:59 - 00018727 _____ C:\Users\USERNAME\Desktop\FRST.txt
2013-12-14 15:30 - 2013-12-16 23:59 - 00000000 ____D C:\FRST
2013-12-13 21:11 - 2013-12-13 21:13 - 00000000 ____D C:\Program Files (x86)\Project64 1.6
2013-12-13 21:11 - 2013-12-13 21:11 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6
2013-12-13 20:40 - 2013-12-16 23:57 - 00002196 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-13 17:13 - 2013-12-16 23:59 - 01927940 _____ (Farbar) C:\Users\USERNAME\Desktop\FRST64.exe
2013-12-13 17:13 - 2013-12-13 17:13 - 00377856 _____ C:\Users\USERNAME\Desktop\gmer_2.1.19163.exe
2013-12-13 17:13 - 2013-12-13 17:13 - 00050477 _____ C:\Users\USERNAME\Desktop\Defogger.exe
2013-12-13 17:09 - 2013-12-13 17:09 - 00000269 _____ C:\Users\USERNAME\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten - Trojaner-Board.URL
2013-12-13 16:55 - 2013-12-13 16:55 - 00000000 ____D C:\WINDOWS\ERUNT
2013-12-13 16:52 - 2013-12-13 16:53 - 00000000 ____D C:\AdwCleaner
2013-12-13 16:51 - 2013-12-13 16:51 - 00891200 _____ C:\Users\USERNAME\Desktop\SecurityCheck.exe
2013-12-13 16:49 - 2013-12-13 16:49 - 01034531 _____ (Thisisu) C:\Users\USERNAME\Desktop\JRT.exe
2013-12-13 16:47 - 2013-12-13 16:47 - 01226802 _____ C:\Users\USERNAME\Desktop\adwcleaner.exe
2013-12-11 02:23 - 2013-10-19 09:53 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2013-12-11 02:23 - 2013-10-19 08:14 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2013-12-11 02:23 - 2013-10-15 09:54 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2013-12-11 02:23 - 2013-10-15 09:03 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2013-12-11 02:22 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-12-11 02:22 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-12-11 02:22 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-12-11 02:22 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-12-11 02:22 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-12-11 02:22 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-12-11 02:22 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-12-11 02:22 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-12-11 02:22 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-12-11 02:22 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-12-11 02:22 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-12-11 02:22 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-12-11 02:22 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-12-11 02:22 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2013-12-11 02:22 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2013-12-11 02:22 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-12-11 02:22 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-12-11 02:21 - 2013-11-08 08:21 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-12-08 15:20 - 2013-12-08 21:23 - 00000000 ____D C:\Users\USERNAME\.freemind
2013-12-08 15:20 - 2013-12-08 15:20 - 00001132 _____ C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\FreeMind.lnk
2013-12-08 15:20 - 2013-12-08 15:20 - 00001108 _____ C:\Users\USERNAME\Desktop\FreeMind.lnk
2013-12-08 15:20 - 2013-12-08 15:20 - 00000000 ____D C:\Program Files (x86)\FreeMind
2013-12-08 14:36 - 2013-12-08 14:36 - 00002233 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-08 12:23 - 2013-12-08 12:23 - 62093799 _____ C:\Users\USERNAME\Desktop\Sphax PureBDcraft 256x MC17.zip
2013-12-08 10:52 - 2013-12-08 10:53 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-08 10:52 - 2013-12-08 10:52 - 00000000 ____D C:\WINDOWS\PCHEALTH
2013-12-08 10:52 - 2013-12-08 10:52 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Microsoft Help
2013-12-08 10:52 - 2013-12-08 10:52 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2013-12-08 10:52 - 2013-12-08 10:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-12-08 10:52 - 2013-12-08 10:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-12-08 10:50 - 2013-12-08 10:50 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2013-12-08 10:43 - 2013-12-08 10:52 - 00000000 ____D C:\Program Files\Microsoft Office
2013-12-08 10:38 - 2013-12-13 16:27 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-12-08 10:31 - 2013-12-08 10:35 - 00000000 ____D C:\Program Files\office.tmp
2013-12-07 11:55 - 2013-12-07 11:38 - 604772257 _____ C:\Users\USERNAME\Desktop\Minecraft.zip
2013-12-07 11:33 - 2013-12-08 12:22 - 115988950 _____ C:\Users\USERNAME\Desktop\Sphax PureBDcraft 512x MC17.zip
2013-12-05 17:45 - 2013-12-05 17:45 - 00000690 _____ C:\Users\USERNAME\Desktop\Shelter.lnk
2013-12-05 17:45 - 2013-12-05 17:45 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Might and Delight
2013-12-05 17:44 - 2013-12-05 17:44 - 00001271 _____ C:\Users\Public\Desktop\Virtual CloneDrive.lnk
2013-12-05 17:44 - 2013-12-05 17:44 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2013-12-05 17:44 - 2013-12-05 17:15 - 639774576 _____ C:\Users\USERNAME\Desktop\wmt-shelter.bin
2013-12-05 17:44 - 2013-12-05 17:13 - 00000077 _____ C:\Users\USERNAME\Desktop\wmt-shelter.cue
2013-12-05 17:09 - 2013-12-05 17:09 - 00005112 _____ C:\Users\USERNAME\Desktop\shelter-walmart.nfo
2013-12-05 01:08 - 2013-12-05 01:08 - 00233984 _____ C:\Users\USERNAME\Desktop\VGABIOS.rom
2013-12-05 01:08 - 2013-07-03 06:34 - 00015648 _____ C:\WINDOWS\system32\Drivers\nvflash.sys
2013-12-05 01:02 - 2013-12-05 01:02 - 00000000 ____D C:\Users\USERNAME\Desktop\Setup32_ThunderMaster_NV_1_9h
2013-12-05 00:13 - 2013-12-05 00:13 - 00000283 _____ C:\Users\USERNAME\Desktop\[BF4] I have multiple fixes that make the game 90% improved, no more DX error's. Battlefield.URL
2013-11-22 13:22 - 2013-12-07 15:04 - 00257314 _____ C:\WINDOWS\DirectX.log
2013-11-22 13:18 - 2013-12-16 21:44 - 00002604 _____ C:\WINDOWS\setupact.log
2013-11-22 13:18 - 2013-11-22 13:18 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-11-22 13:17 - 2013-12-13 21:05 - 00002516 _____ C:\WINDOWS\PFRO.log
2013-11-21 22:33 - 2013-12-16 22:52 - 01383715 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-21 18:06 - 2013-12-13 01:19 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\vlc
2013-11-21 18:06 - 2013-11-21 18:06 - 00000888 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-11-21 18:06 - 2013-11-21 18:06 - 00000000 ____D C:\Program Files\VideoLAN
2013-11-20 21:22 - 2013-11-20 21:22 - 00001907 _____ C:\Users\Public\Desktop\IrfanView Thumbnails.lnk
2013-11-20 21:22 - 2013-11-20 21:22 - 00001015 _____ C:\Users\Public\Desktop\IrfanView.lnk
2013-11-20 21:22 - 2013-11-20 21:22 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\IrfanView
2013-11-20 21:22 - 2013-11-20 21:22 - 00000000 ____D C:\Program Files (x86)\IrfanView
2013-11-20 20:06 - 2013-11-25 21:40 - 00000000 ____D C:\Users\USERNAME\.MakeMKV
2013-11-17 15:14 - 2013-11-17 15:14 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Stardock_Corporation
2013-11-17 15:13 - 2013-11-17 15:31 - 00000000 ____D C:\Program Files (x86)\Stardock
2013-11-17 15:13 - 2013-11-17 15:13 - 00002047 _____ C:\Users\USERNAME\Desktop\Customize Fences.lnk
2013-11-17 15:08 - 2013-11-17 15:08 - 00000966 _____ C:\Users\USERNAME\Desktop\eclipse.lnk
2013-11-17 15:07 - 2013-11-17 15:07 - 00000000 ____D C:\Program Files\eclipse
2013-11-17 15:05 - 2013-11-17 15:15 - 00000000 ____D C:\Users\USERNAME\.gimp-2.8
2013-11-17 15:05 - 2013-11-17 15:05 - 00000000 ____D C:\Users\USERNAME\AppData\Local\gegl-0.2
2013-11-17 14:57 - 2013-11-17 14:57 - 00000000 ____D C:\Program Files (x86)\FLAC
2013-11-17 14:29 - 2013-11-17 14:29 - 00000000 ____D C:\Program Files (x86)\Geeks3D
2013-11-17 13:59 - 2013-11-17 14:00 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Foxit Software
2013-11-17 13:59 - 2013-11-17 13:59 - 00002071 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2013-11-17 13:59 - 2013-11-17 13:59 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2013-11-17 13:59 - 2013-06-09 21:59 - 00216064 _____ C:\WINDOWS\SysWOW64\gcapi_dll.dll
2013-11-17 12:23 - 2013-11-17 12:23 - 00000000 ____D C:\ProgramData\ROCCAT
2013-11-16 22:25 - 2013-11-16 22:25 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Logitech
2013-11-16 22:25 - 2013-11-16 22:25 - 00000000 ____D C:\ProgramData\LogiShrd
2013-11-16 22:25 - 2013-11-16 22:25 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2013-11-16 22:24 - 2013-11-16 22:24 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Logitech
2013-11-16 22:24 - 2013-11-16 22:24 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Logishrd
2013-11-16 22:01 - 2013-11-16 22:01 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-16 22:01 - 2013-11-16 22:01 - 00000000 ____D C:\Program Files (x86)\ROCCAT
2013-11-16 21:10 - 2013-11-16 21:10 - 00000220 _____ C:\Users\USERNAME\Desktop\BioShock Infinite.url
2013-11-16 21:00 - 2013-12-16 23:55 - 00003148 _____ C:\WINDOWS\System32\Tasks\FRAPS
2013-11-16 21:00 - 2013-11-16 21:00 - 00000571 _____ C:\Users\Public\Desktop\Fraps.lnk
2013-11-16 21:00 - 2013-11-16 21:00 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Greenshot
2013-11-16 21:00 - 2013-11-16 21:00 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Greenshot
2013-11-16 21:00 - 2013-11-16 21:00 - 00000000 ____D C:\Program Files\Greenshot
2013-11-16 20:58 - 2013-11-16 20:58 - 00000897 _____ C:\Users\Public\Desktop\GIMP 2.lnk
2013-11-16 20:58 - 2013-11-16 20:58 - 00000000 ____D C:\Program Files\GIMP 2
2013-11-16 20:52 - 2013-11-16 20:52 - 00002774 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2013-11-16 20:52 - 2013-11-16 20:52 - 00000835 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-11-16 20:52 - 2013-11-16 20:52 - 00000000 ____D C:\Program Files\CCleaner
2013-11-16 20:39 - 2013-11-17 15:29 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Stardock
2013-11-16 20:39 - 2013-11-16 20:39 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Stardock
2013-11-16 20:39 - 2013-11-16 20:39 - 00000000 ____D C:\ProgramData\Stardock
2013-11-16 20:37 - 2013-12-15 22:04 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-11-16 20:17 - 2013-11-16 20:17 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\NVIDIA
2013-11-16 20:15 - 2013-11-16 20:15 - 00000000 ____D C:\Users\USERNAME\AppData\Local\ESET
2013-11-16 20:12 - 2013-12-15 22:11 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\.minecraft
2013-11-16 20:12 - 2013-11-16 20:12 - 00675988 _____ C:\Users\USERNAME\Desktop\Minecraft.exe
2013-11-16 20:08 - 2013-12-16 23:47 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\ClassicShell
2013-11-16 20:03 - 2013-12-01 14:21 - 00000000 ____D C:\ProgramData\ClassicShell
2013-11-16 20:02 - 2013-12-16 23:56 - 00000000 ___RD C:\Users\USERNAME\Dropbox
2013-11-16 20:02 - 2013-11-16 20:02 - 00001053 _____ C:\Users\USERNAME\Desktop\Dropbox.lnk
2013-11-16 19:50 - 2013-11-16 19:50 - 00000000 ____D C:\ProgramData\Oracle
2013-11-16 19:50 - 2013-11-16 19:49 - 00312744 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-11-16 19:49 - 2013-11-16 19:49 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-11-16 19:49 - 2013-11-16 19:49 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-11-16 19:49 - 2013-11-16 19:49 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2013-11-16 19:49 - 2013-11-16 19:49 - 00000000 ____D C:\Program Files\Java
2013-11-16 19:47 - 2013-11-16 19:47 - 00000000 ____D C:\Program Files\Classic Shell
2013-11-16 19:47 - 2013-11-16 19:47 - 00000000 ____D C:\Program Files\7-Zip
2013-11-16 19:46 - 2013-11-16 19:46 - 00001008 _____ C:\Users\USERNAME\Desktop\MakeMKV.lnk
2013-11-16 19:46 - 2013-11-16 19:46 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MakeMKV
2013-11-16 19:46 - 2013-11-16 19:46 - 00000000 ____D C:\Program Files (x86)\MakeMKV
2013-11-16 19:45 - 2013-11-16 19:45 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Notepad++
2013-11-16 19:45 - 2013-11-16 19:45 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2013-11-16 19:45 - 2013-11-16 19:45 - 00000000 ____D C:\Program Files (x86)\Notepad++
2013-11-16 19:37 - 2013-12-15 13:48 - 00002059 _____ C:\Users\Public\Desktop\Google Slides.lnk
2013-11-16 19:37 - 2013-12-15 13:48 - 00002057 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2013-11-16 19:37 - 2013-12-15 13:48 - 00002047 _____ C:\Users\Public\Desktop\Google Docs.lnk
2013-11-16 19:37 - 2013-11-16 19:37 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-11-16 19:36 - 2013-12-16 23:56 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Dropbox
2013-11-16 19:36 - 2013-12-16 23:55 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-16 19:36 - 2013-12-16 23:47 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-16 19:36 - 2013-12-13 20:40 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Google
2013-11-16 19:36 - 2013-12-13 20:40 - 00000000 ____D C:\Program Files (x86)\Google
2013-11-16 19:36 - 2013-12-04 18:42 - 00004108 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2013-11-16 19:36 - 2013-12-04 18:42 - 00003872 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2013-11-16 19:33 - 2013-11-16 19:33 - 00000000 ____D C:\ProgramData\ESET
2013-11-16 19:33 - 2013-11-16 19:33 - 00000000 ____D C:\Program Files\ESET
2013-11-16 18:57 - 2013-12-16 23:55 - 00005156 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for ANONYM-BOB13-USERNAME anonym-bob13
2013-11-16 18:57 - 2013-11-16 18:57 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive
2013-11-16 18:56 - 2013-11-16 18:56 - 00000000 ____D C:\WINDOWS\SysWOW64\Visual Studio 2013
2013-11-16 18:56 - 2013-11-16 18:56 - 00000000 ____D C:\ProgramData\NuGet
2013-11-16 18:56 - 2013-11-16 18:56 - 00000000 ____D C:\Program Files (x86)\NuGet
2013-11-16 18:50 - 2013-11-16 18:50 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf
2013-11-16 18:49 - 2013-11-16 18:50 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2013-11-16 18:48 - 2013-11-16 18:56 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2013-11-16 18:48 - 2013-11-16 18:56 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2013-11-16 18:48 - 2013-11-16 18:54 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2013-11-16 18:48 - 2013-11-16 18:48 - 00000000 ____D C:\WINDOWS\SysWOW64\1033
2013-11-16 18:48 - 2013-11-16 18:48 - 00000000 ____D C:\WINDOWS\SysWOW64\1031
2013-11-16 18:48 - 2013-11-16 18:48 - 00000000 ____D C:\WINDOWS\system32\1033
2013-11-16 18:48 - 2013-11-16 18:48 - 00000000 ____D C:\WINDOWS\system32\1031
2013-11-16 18:48 - 2013-11-16 18:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2013-11-16 18:47 - 2013-11-16 18:55 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2013-11-16 18:47 - 2013-11-16 18:47 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2013-11-16 18:47 - 2013-11-16 18:47 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-11-16 17:49 - 2013-12-16 21:45 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-11-16 17:49 - 2013-12-16 21:44 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-16 17:49 - 2013-11-16 17:49 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-11-16 17:49 - 2013-11-14 12:56 - 00061216 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2013-11-16 17:49 - 2013-11-14 12:56 - 00053024 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2013-11-16 17:49 - 2013-11-11 16:02 - 06674208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2013-11-16 17:49 - 2013-11-11 16:02 - 03490080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2013-11-16 17:49 - 2013-11-11 16:01 - 03467927 _____ C:\WINDOWS\system32\nvcoproc.bin
2013-11-16 17:49 - 2013-11-11 16:01 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2013-11-16 17:49 - 2013-11-11 16:01 - 00922912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2013-11-16 17:49 - 2013-11-11 16:01 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2013-11-16 17:49 - 2013-11-11 16:01 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2013-11-16 17:47 - 2013-12-16 23:37 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-11-16 17:47 - 2013-12-10 19:37 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-11-16 17:47 - 2013-11-16 17:47 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Macromedia
2013-11-16 17:47 - 2013-11-14 12:56 - 30361888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2013-11-16 17:47 - 2013-11-14 12:56 - 18293608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2013-11-16 17:47 - 2013-11-14 12:56 - 15862272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2013-11-16 17:47 - 2013-11-14 12:56 - 15218504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2013-11-16 17:47 - 2013-11-14 12:56 - 03069608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2013-11-16 17:47 - 2013-11-14 12:56 - 02697248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2013-11-16 17:47 - 2013-11-14 12:56 - 01436528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2013-11-16 17:47 - 2013-11-14 12:56 - 00023754 _____ C:\WINDOWS\system32\nvinfo.pb
2013-11-16 17:47 - 2013-10-23 11:30 - 01884448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433165.dll
2013-11-16 17:47 - 2013-10-23 11:30 - 01511712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433165.dll
2013-11-16 17:41 - 2013-11-16 17:46 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Adobe
2013-11-16 17:39 - 2013-11-16 17:39 - 00000861 _____ C:\Users\USERNAME\Desktop\µTorrent.lnk
2013-11-16 17:39 - 2013-11-16 17:39 - 00000841 _____ C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2013-11-16 17:38 - 2013-12-16 23:57 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\uTorrent
2013-11-16 16:53 - 2013-12-16 00:40 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\foobar2000
2013-11-16 16:53 - 2013-11-16 16:53 - 00001048 _____ C:\Users\Public\Desktop\foobar2000.lnk
2013-11-16 16:53 - 2013-11-16 16:53 - 00000000 ____D C:\Program Files (x86)\foobar2000
2013-11-16 13:29 - 2013-11-16 17:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-16 13:13 - 2013-12-15 13:47 - 90708896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-11-16 13:13 - 2013-12-15 13:47 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-11-16 13:13 - 2013-11-16 13:13 - 00000000 ___RD C:\WINDOWS\BrowserChoice
2013-11-16 12:57 - 2013-11-16 12:57 - 00000000 __RHD C:\Users\USERNAME\AppData\Roaming\SecuROM
2013-11-16 12:45 - 2013-05-02 16:29 - 00278800 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
==================== One Month Modified Files and Folders =======
2013-12-16 23:59 - 2013-12-16 23:59 - 00000000 ____D C:\Users\USERNAME\Desktop\FRST-OlderVersion
2013-12-16 23:59 - 2013-12-14 15:30 - 00018727 _____ C:\Users\USERNAME\Desktop\FRST.txt
2013-12-16 23:59 - 2013-12-14 15:30 - 00000000 ____D C:\FRST
2013-12-16 23:59 - 2013-12-13 17:13 - 01927940 _____ (Farbar) C:\Users\USERNAME\Desktop\FRST64.exe
2013-12-16 23:59 - 2013-11-21 22:33 - 01383715 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-16 23:57 - 2013-12-16 23:57 - 00000644 _____ C:\Users\USERNAME\Desktop\JRT.txt
2013-12-16 23:57 - 2013-12-13 20:40 - 00002196 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-16 23:57 - 2013-11-16 17:38 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\uTorrent
2013-12-16 23:56 - 2013-11-16 20:02 - 00000000 ___RD C:\Users\USERNAME\Dropbox
2013-12-16 23:56 - 2013-11-16 19:36 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Dropbox
2013-12-16 23:56 - 2013-10-14 13:53 - 00000000 ___RD C:\Users\USERNAME\Google Drive
2013-12-16 23:55 - 2013-11-16 21:00 - 00003148 _____ C:\WINDOWS\System32\Tasks\FRAPS
2013-12-16 23:55 - 2013-11-16 19:36 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-16 23:55 - 2013-11-16 18:57 - 00005156 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for ANONYM-BOB13-USERNAME anonym-bob13
2013-12-16 23:55 - 2013-11-14 17:27 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-16 23:55 - 2013-11-03 15:25 - 00000000 ____D C:\Fraps
2013-12-16 23:55 - 2013-09-02 17:37 - 00000000 __RDO C:\Users\USERNAME\SkyDrive
2013-12-16 23:55 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-16 23:54 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2013-12-16 23:47 - 2013-11-16 20:08 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\ClassicShell
2013-12-16 23:47 - 2013-11-16 19:36 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-16 23:45 - 2013-11-14 17:10 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3419439862-1036738529-1644555537-1001
2013-12-16 23:40 - 2013-12-16 23:40 - 00001126 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-16 23:40 - 2013-12-16 23:40 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Malwarebytes
2013-12-16 23:40 - 2013-12-16 23:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-16 23:40 - 2013-12-16 23:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-16 23:37 - 2013-11-16 17:47 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-12-16 23:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2013-12-16 22:48 - 2013-11-14 17:28 - 00214392 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2013-12-16 21:48 - 2013-09-30 05:14 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-16 21:48 - 2013-09-30 04:56 - 00764340 _____ C:\WINDOWS\system32\perfh007.dat
2013-12-16 21:48 - 2013-09-30 04:56 - 00159160 _____ C:\WINDOWS\system32\perfc007.dat
2013-12-16 21:47 - 2013-11-14 17:28 - 00214392 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2013-12-16 21:45 - 2013-11-16 17:49 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-12-16 21:44 - 2013-12-16 21:44 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-12-16 21:44 - 2013-12-16 21:44 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2013-12-16 21:44 - 2013-12-16 21:44 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2013-12-16 21:44 - 2013-12-16 21:44 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2013-12-16 21:44 - 2013-12-16 21:44 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2013-12-16 21:44 - 2013-12-16 21:44 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2013-12-16 21:44 - 2013-12-16 21:44 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2013-12-16 21:44 - 2013-12-16 21:44 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-16 21:44 - 2013-12-16 21:44 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2013-12-16 21:44 - 2013-12-16 21:44 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2013-12-16 21:44 - 2013-12-16 21:44 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2013-12-16 21:44 - 2013-11-22 13:18 - 00002604 _____ C:\WINDOWS\setupact.log
2013-12-16 21:44 - 2013-11-16 17:49 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-16 21:44 - 2013-11-14 16:54 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-12-16 21:44 - 2013-11-14 16:54 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-12-16 21:43 - 2013-12-16 21:43 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2013-12-16 21:42 - 2013-12-16 21:42 - 00000000 ____D C:\NVIDIA
2013-12-16 21:24 - 2013-11-14 17:15 - 00000000 ____D C:\Program Files (x86)\Origin
2013-12-16 20:05 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2013-12-16 17:05 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2013-12-16 16:34 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2013-12-16 16:34 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore
2013-12-16 16:34 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2013-12-16 16:34 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\FileManager
2013-12-16 16:34 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Camera
2013-12-16 00:40 - 2013-11-16 16:53 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\foobar2000
2013-12-15 22:11 - 2013-11-16 20:12 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\.minecraft
2013-12-15 22:04 - 2013-11-16 20:37 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-12-15 19:56 - 2013-12-15 17:34 - 00000000 ____D C:\ProgramData\Steam
2013-12-15 19:54 - 2013-12-15 19:54 - 00000583 _____ C:\Users\Public\Desktop\Call of Duty Ghosts.lnk
2013-12-15 17:56 - 2013-12-15 17:56 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\bizarre creations
2013-12-15 17:52 - 2013-12-15 17:52 - 00000917 _____ C:\Users\USERNAME\Desktop\Blur.lnk
2013-12-15 17:34 - 2013-12-15 17:34 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\MKKE
2013-12-15 17:11 - 2013-12-15 17:11 - 00000932 _____ C:\Users\Public\Desktop\Mortal Kombat Complete Edition.lnk
2013-12-15 17:10 - 2013-12-15 17:10 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2013-12-15 16:09 - 2013-12-15 16:09 - 00006238 _____ C:\Users\USERNAME\Desktop\Splitscreen.xlsx
2013-12-15 13:48 - 2013-12-16 21:44 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\Google
2013-12-15 13:48 - 2013-12-15 13:48 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2013-12-15 13:48 - 2013-12-15 13:48 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2013-12-15 13:48 - 2013-11-16 19:37 - 00002059 _____ C:\Users\Public\Desktop\Google Slides.lnk
2013-12-15 13:48 - 2013-11-16 19:37 - 00002057 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2013-12-15 13:48 - 2013-11-16 19:37 - 00002047 _____ C:\Users\Public\Desktop\Google Docs.lnk
2013-12-15 13:47 - 2013-11-16 13:13 - 90708896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-15 13:47 - 2013-11-16 13:13 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-14 15:38 - 2013-12-14 15:38 - 00001069 _____ C:\Users\Public\Desktop\Start Sonic & All-Stars Racing Transformed.lnk
2013-12-14 15:38 - 2013-12-14 15:38 - 00001004 _____ C:\Users\Public\Desktop\Launcher Sonic & All-Stars Racing Transformed.lnk
2013-12-14 15:37 - 2013-12-14 15:37 - 00020727 _____ C:\Users\USERNAME\Desktop\FRST.zip
2013-12-14 15:36 - 2013-12-14 15:31 - 00031517 _____ C:\Users\USERNAME\Desktop\Addition.txt
2013-12-13 21:13 - 2013-12-13 21:11 - 00000000 ____D C:\Program Files (x86)\Project64 1.6
2013-12-13 21:11 - 2013-12-13 21:11 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6
2013-12-13 21:05 - 2013-11-22 13:17 - 00002516 _____ C:\WINDOWS\PFRO.log
2013-12-13 20:40 - 2013-11-16 19:36 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Google
2013-12-13 20:40 - 2013-11-16 19:36 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-13 17:13 - 2013-12-13 17:13 - 00377856 _____ C:\Users\USERNAME\Desktop\gmer_2.1.19163.exe
2013-12-13 17:13 - 2013-12-13 17:13 - 00050477 _____ C:\Users\USERNAME\Desktop\Defogger.exe
2013-12-13 17:09 - 2013-12-13 17:09 - 00000269 _____ C:\Users\USERNAME\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten - Trojaner-Board.URL
2013-12-13 16:55 - 2013-12-13 16:55 - 00000000 ____D C:\WINDOWS\ERUNT
2013-12-13 16:53 - 2013-12-13 16:52 - 00000000 ____D C:\AdwCleaner
2013-12-13 16:51 - 2013-12-13 16:51 - 00891200 _____ C:\Users\USERNAME\Desktop\SecurityCheck.exe
2013-12-13 16:49 - 2013-12-13 16:49 - 01034531 _____ (Thisisu) C:\Users\USERNAME\Desktop\JRT.exe
2013-12-13 16:47 - 2013-12-13 16:47 - 01226802 _____ C:\Users\USERNAME\Desktop\adwcleaner.exe
2013-12-13 16:27 - 2013-12-08 10:38 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-12-13 16:15 - 2013-08-22 15:44 - 00473728 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-13 01:19 - 2013-11-21 18:06 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\vlc
2013-12-10 19:37 - 2013-11-16 17:47 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-12-08 21:23 - 2013-12-08 15:20 - 00000000 ____D C:\Users\USERNAME\.freemind
2013-12-08 15:20 - 2013-12-08 15:20 - 00001132 _____ C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\FreeMind.lnk
2013-12-08 15:20 - 2013-12-08 15:20 - 00001108 _____ C:\Users\USERNAME\Desktop\FreeMind.lnk
2013-12-08 15:20 - 2013-12-08 15:20 - 00000000 ____D C:\Program Files (x86)\FreeMind
2013-12-08 15:20 - 2013-11-14 17:00 - 00000000 ____D C:\Users\USERNAME
2013-12-08 14:36 - 2013-12-08 14:36 - 00002233 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-08 12:23 - 2013-12-08 12:23 - 62093799 _____ C:\Users\USERNAME\Desktop\Sphax PureBDcraft 256x MC17.zip
2013-12-08 12:22 - 2013-12-07 11:33 - 115988950 _____ C:\Users\USERNAME\Desktop\Sphax PureBDcraft 512x MC17.zip
2013-12-08 10:53 - 2013-12-08 10:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-08 10:53 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-12-08 10:52 - 2013-12-08 10:52 - 00000000 ____D C:\WINDOWS\PCHEALTH
2013-12-08 10:52 - 2013-12-08 10:52 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Microsoft Help
2013-12-08 10:52 - 2013-12-08 10:52 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2013-12-08 10:52 - 2013-12-08 10:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-12-08 10:52 - 2013-12-08 10:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-12-08 10:52 - 2013-12-08 10:43 - 00000000 ____D C:\Program Files\Microsoft Office
2013-12-08 10:50 - 2013-12-08 10:50 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2013-12-08 10:35 - 2013-12-08 10:31 - 00000000 ____D C:\Program Files\office.tmp
2013-12-07 15:04 - 2013-11-22 13:22 - 00257314 _____ C:\WINDOWS\DirectX.log
2013-12-07 11:38 - 2013-12-07 11:55 - 604772257 _____ C:\Users\USERNAME\Desktop\Minecraft.zip
2013-12-05 17:45 - 2013-12-05 17:45 - 00000690 _____ C:\Users\USERNAME\Desktop\Shelter.lnk
2013-12-05 17:45 - 2013-12-05 17:45 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Might and Delight
2013-12-05 17:44 - 2013-12-05 17:44 - 00001271 _____ C:\Users\Public\Desktop\Virtual CloneDrive.lnk
2013-12-05 17:44 - 2013-12-05 17:44 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2013-12-05 17:15 - 2013-12-05 17:44 - 639774576 _____ C:\Users\USERNAME\Desktop\wmt-shelter.bin
2013-12-05 17:13 - 2013-12-05 17:44 - 00000077 _____ C:\Users\USERNAME\Desktop\wmt-shelter.cue
2013-12-05 17:09 - 2013-12-05 17:09 - 00005112 _____ C:\Users\USERNAME\Desktop\shelter-walmart.nfo
2013-12-05 01:08 - 2013-12-05 01:08 - 00233984 _____ C:\Users\USERNAME\Desktop\VGABIOS.rom
2013-12-05 01:02 - 2013-12-05 01:02 - 00000000 ____D C:\Users\USERNAME\Desktop\Setup32_ThunderMaster_NV_1_9h
2013-12-05 00:13 - 2013-12-05 00:13 - 00000283 _____ C:\Users\USERNAME\Desktop\[BF4] I have multiple fixes that make the game 90% improved, no more DX error's. Battlefield.URL
2013-12-04 18:42 - 2013-11-16 19:36 - 00004108 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-04 18:42 - 2013-11-16 19:36 - 00003872 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-04 01:05 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-12-04 01:05 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-01 14:21 - 2013-11-16 20:03 - 00000000 ____D C:\ProgramData\ClassicShell
2013-11-30 16:22 - 2013-11-14 17:28 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-11-26 12:54 - 2013-12-11 02:22 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-11-26 11:11 - 2013-12-11 02:22 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-11-26 10:41 - 2013-12-11 02:22 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-11-26 09:57 - 2013-12-11 02:22 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-11-26 09:38 - 2013-12-11 02:22 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-11-26 09:35 - 2013-12-11 02:22 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-11-26 09:16 - 2013-12-11 02:22 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-11-26 09:02 - 2013-12-11 02:22 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-11-26 08:48 - 2013-12-11 02:22 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-11-26 08:32 - 2013-12-11 02:22 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-11-26 08:26 - 2013-12-11 02:22 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-11-26 08:07 - 2013-12-11 02:22 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-11-26 07:40 - 2013-12-11 02:22 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-11-26 07:34 - 2013-12-11 02:22 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2013-11-26 07:34 - 2013-12-11 02:22 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2013-11-26 07:33 - 2013-12-11 02:22 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-11-26 07:27 - 2013-12-11 02:22 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-11-25 21:40 - 2013-11-20 20:06 - 00000000 ____D C:\Users\USERNAME\.MakeMKV
2013-11-22 13:18 - 2013-11-22 13:18 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-11-21 22:29 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2013-11-21 18:39 - 2013-11-14 17:04 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Packages
2013-11-21 18:06 - 2013-11-21 18:06 - 00000888 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-11-21 18:06 - 2013-11-21 18:06 - 00000000 ____D C:\Program Files\VideoLAN
2013-11-21 02:06 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2013-11-20 21:22 - 2013-11-20 21:22 - 00001907 _____ C:\Users\Public\Desktop\IrfanView Thumbnails.lnk
2013-11-20 21:22 - 2013-11-20 21:22 - 00001015 _____ C:\Users\Public\Desktop\IrfanView.lnk
2013-11-20 21:22 - 2013-11-20 21:22 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\IrfanView
2013-11-20 21:22 - 2013-11-20 21:22 - 00000000 ____D C:\Program Files (x86)\IrfanView
2013-11-17 15:31 - 2013-11-17 15:13 - 00000000 ____D C:\Program Files (x86)\Stardock
2013-11-17 15:29 - 2013-11-16 20:39 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Stardock
2013-11-17 15:15 - 2013-11-17 15:05 - 00000000 ____D C:\Users\USERNAME\.gimp-2.8
2013-11-17 15:14 - 2013-11-17 15:14 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Stardock_Corporation
2013-11-17 15:13 - 2013-11-17 15:13 - 00002047 _____ C:\Users\USERNAME\Desktop\Customize Fences.lnk
2013-11-17 15:13 - 2013-11-14 17:04 - 00000000 ___RD C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-17 15:08 - 2013-11-17 15:08 - 00000966 _____ C:\Users\USERNAME\Desktop\eclipse.lnk
2013-11-17 15:07 - 2013-11-17 15:07 - 00000000 ____D C:\Program Files\eclipse
2013-11-17 15:05 - 2013-11-17 15:05 - 00000000 ____D C:\Users\USERNAME\AppData\Local\gegl-0.2
2013-11-17 14:57 - 2013-11-17 14:57 - 00000000 ____D C:\Program Files (x86)\FLAC
2013-11-17 14:29 - 2013-11-17 14:29 - 00000000 ____D C:\Program Files (x86)\Geeks3D
2013-11-17 14:00 - 2013-11-17 13:59 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Foxit Software
2013-11-17 13:59 - 2013-11-17 13:59 - 00002071 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2013-11-17 13:59 - 2013-11-17 13:59 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2013-11-17 12:23 - 2013-11-17 12:23 - 00000000 ____D C:\ProgramData\ROCCAT
2013-11-17 12:23 - 2013-11-14 17:04 - 00000000 ____D C:\Users\USERNAME\AppData\Local\VirtualStore
2013-11-16 22:25 - 2013-11-16 22:25 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Logitech
2013-11-16 22:25 - 2013-11-16 22:25 - 00000000 ____D C:\ProgramData\LogiShrd
2013-11-16 22:25 - 2013-11-16 22:25 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2013-11-16 22:24 - 2013-11-16 22:24 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Logitech
2013-11-16 22:24 - 2013-11-16 22:24 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Logishrd
2013-11-16 22:01 - 2013-11-16 22:01 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-16 22:01 - 2013-11-16 22:01 - 00000000 ____D C:\Program Files (x86)\ROCCAT
2013-11-16 21:10 - 2013-11-16 21:10 - 00000220 _____ C:\Users\USERNAME\Desktop\BioShock Infinite.url
2013-11-16 21:00 - 2013-11-16 21:00 - 00000571 _____ C:\Users\Public\Desktop\Fraps.lnk
2013-11-16 21:00 - 2013-11-16 21:00 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Greenshot
2013-11-16 21:00 - 2013-11-16 21:00 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Greenshot
2013-11-16 21:00 - 2013-11-16 21:00 - 00000000 ____D C:\Program Files\Greenshot
2013-11-16 20:58 - 2013-11-16 20:58 - 00000897 _____ C:\Users\Public\Desktop\GIMP 2.lnk
2013-11-16 20:58 - 2013-11-16 20:58 - 00000000 ____D C:\Program Files\GIMP 2
2013-11-16 20:52 - 2013-11-16 20:52 - 00002774 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2013-11-16 20:52 - 2013-11-16 20:52 - 00000835 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-11-16 20:52 - 2013-11-16 20:52 - 00000000 ____D C:\Program Files\CCleaner
2013-11-16 20:52 - 2013-11-14 17:53 - 00000000 ___DC C:\WINDOWS\Panther
2013-11-16 20:39 - 2013-11-16 20:39 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Stardock
2013-11-16 20:39 - 2013-11-16 20:39 - 00000000 ____D C:\ProgramData\Stardock
2013-11-16 20:17 - 2013-11-16 20:17 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\NVIDIA
2013-11-16 20:15 - 2013-11-16 20:15 - 00000000 ____D C:\Users\USERNAME\AppData\Local\ESET
2013-11-16 20:12 - 2013-11-16 20:12 - 00675988 _____ C:\Users\USERNAME\Desktop\Minecraft.exe
2013-11-16 20:02 - 2013-11-16 20:02 - 00001053 _____ C:\Users\USERNAME\Desktop\Dropbox.lnk
2013-11-16 19:50 - 2013-11-16 19:50 - 00000000 ____D C:\ProgramData\Oracle
2013-11-16 19:49 - 2013-11-16 19:50 - 00312744 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-11-16 19:49 - 2013-11-16 19:49 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-11-16 19:49 - 2013-11-16 19:49 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-11-16 19:49 - 2013-11-16 19:49 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2013-11-16 19:49 - 2013-11-16 19:49 - 00000000 ____D C:\Program Files\Java
2013-11-16 19:47 - 2013-11-16 19:47 - 00000000 ____D C:\Program Files\Classic Shell
2013-11-16 19:47 - 2013-11-16 19:47 - 00000000 ____D C:\Program Files\7-Zip
2013-11-16 19:46 - 2013-11-16 19:46 - 00001008 _____ C:\Users\USERNAME\Desktop\MakeMKV.lnk
2013-11-16 19:46 - 2013-11-16 19:46 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MakeMKV
2013-11-16 19:46 - 2013-11-16 19:46 - 00000000 ____D C:\Program Files (x86)\MakeMKV
2013-11-16 19:45 - 2013-11-16 19:45 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Notepad++
2013-11-16 19:45 - 2013-11-16 19:45 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2013-11-16 19:45 - 2013-11-16 19:45 - 00000000 ____D C:\Program Files (x86)\Notepad++
2013-11-16 19:37 - 2013-11-16 19:37 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-11-16 19:33 - 2013-11-16 19:33 - 00000000 ____D C:\ProgramData\ESET
2013-11-16 19:33 - 2013-11-16 19:33 - 00000000 ____D C:\Program Files\ESET
2013-11-16 18:57 - 2013-11-16 18:57 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive
2013-11-16 18:56 - 2013-11-16 18:56 - 00000000 ____D C:\WINDOWS\SysWOW64\Visual Studio 2013
2013-11-16 18:56 - 2013-11-16 18:56 - 00000000 ____D C:\ProgramData\NuGet
2013-11-16 18:56 - 2013-11-16 18:56 - 00000000 ____D C:\Program Files (x86)\NuGet
2013-11-16 18:56 - 2013-11-16 18:48 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2013-11-16 18:56 - 2013-11-16 18:48 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2013-11-16 18:56 - 2013-11-14 17:27 - 00000000 ____D C:\ProgramData\Package Cache
2013-11-16 18:55 - 2013-11-16 18:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2013-11-16 18:54 - 2013-11-16 18:48 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2013-11-16 18:50 - 2013-11-16 18:50 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf
2013-11-16 18:50 - 2013-11-16 18:49 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2013-11-16 18:48 - 2013-11-16 18:48 - 00000000 ____D C:\WINDOWS\SysWOW64\1033
2013-11-16 18:48 - 2013-11-16 18:48 - 00000000 ____D C:\WINDOWS\SysWOW64\1031
2013-11-16 18:48 - 2013-11-16 18:48 - 00000000 ____D C:\WINDOWS\system32\1033
2013-11-16 18:48 - 2013-11-16 18:48 - 00000000 ____D C:\WINDOWS\system32\1031
2013-11-16 18:48 - 2013-11-16 18:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2013-11-16 18:48 - 2013-11-14 17:50 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-11-16 18:47 - 2013-11-16 18:47 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2013-11-16 18:47 - 2013-11-16 18:47 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-11-16 17:49 - 2013-11-16 17:49 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-11-16 17:49 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Help
2013-11-16 17:47 - 2013-11-16 17:47 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Macromedia
2013-11-16 17:46 - 2013-11-16 17:41 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Adobe
2013-11-16 17:39 - 2013-11-16 17:39 - 00000861 _____ C:\Users\USERNAME\Desktop\µTorrent.lnk
2013-11-16 17:39 - 2013-11-16 17:39 - 00000841 _____ C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2013-11-16 17:39 - 2013-11-16 13:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-16 16:53 - 2013-11-16 16:53 - 00001048 _____ C:\Users\Public\Desktop\foobar2000.lnk
2013-11-16 16:53 - 2013-11-16 16:53 - 00000000 ____D C:\Program Files (x86)\foobar2000
2013-11-16 13:13 - 2013-11-16 13:13 - 00000000 ___RD C:\WINDOWS\BrowserChoice
2013-11-16 12:57 - 2013-11-16 12:57 - 00000000 __RHD C:\Users\USERNAME\AppData\Roaming\SecuROM
2013-11-16 12:38 - 2013-11-14 17:53 - 00000000 ____D C:\Windows.old
Some content of TEMP:
====================
C:\Users\USERNAME\AppData\Local\Temp\Checkupdate.exe
C:\Users\USERNAME\AppData\Local\Temp\drm_dyndata_7380015.dll
C:\Users\USERNAME\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\USERNAME\AppData\Local\Temp\gcapi_dll.dll
C:\Users\USERNAME\AppData\Local\Temp\gtapi_signed.dll
C:\Users\USERNAME\AppData\Local\Temp\OfficeSetup.exe
C:\Users\USERNAME\AppData\Local\Temp\Quarantine.exe
C:\Users\USERNAME\AppData\Local\Temp\sonarinst.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-10 19:54
==================== End Of Log ============================
Und die Meldungen von Malwarebytes erscheinen weiterhin... Ich bin ja nicht der Spezialist, aber das Problem scheint nicht gelöst zu sein. Schier vergessen: ESET, wurde bei den JRT Prozesses pausiert, auch nach dem Neustart, sobald es möglich war. Hier ein Bild der Meldung:  aguy |
|
17.12.2013, 12:13
| #9 |
| /// the machine /// TB-Ausbilder | Adware.Lollipop.D erkannt bei Download von Chip & Co. Wann genau kommt die Meldung?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
17.12.2013, 22:31
| #10 |
| | Adware.Lollipop.D erkannt bei Download von Chip & Co. Ca. pro Minute einmal. Teils kommt lange keine, und dann gleich mehrere aufs Mal, die IP (aus der Meldung), wechselt jedes mal.  Soll ich mal mit den Sysinternals-Toos anhand des folgenden Videos versuchen? hxxp://channel9.msdn.com/Events/TechEd/NorthAmerica/2012/SIA302 Oder hast du die Lösung griffbereit? (Bitte, bitte, bitte....) UPDATE: Die IP-Adressen wiederholen sich, der Pool dieser scheint aber recht gross zu sein. Zusätzlich hat JRT wieder ein bösartiges Modul gefunden.  und dieses Mal scheint er auch etwas gemacht zu haben: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 8.1 Pro x64
Ran by USERNAME on 17.12.2013 at 19:05:59,01
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.12.2013 at 19:11:21,28
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
UPDATE: Noch etwas ist mir aufgefallen, sobald ich den Resourcenmanager starte, erscheinen diese Meldungen nicht mehr. gruss aguy UPDATE: Die Meldungen von der blockierten Verbindung erscheinen gar nicht mehr! UND Ich habe herausgefunden, dass Project64 -> das Programm welches ich herunterladen wollte, eine Spyware Toolbar enthält, welche man aber bei der Installation abwählen kann. hxxp://atariage.com/forums/topic/216681-project64-without-spyware/ Bitte um entschuldigung, dass ich dies nicht schon früher gefunden habe. Es war aber trotzdem ganz gut, da ja doch noch etwas auf meinem Rechner war, welches nun weg zu sein Mir ist aber noch etwas letztes aufgefallen: Mein Festplatte hatte gerade eben in regelmässigen Abständen stark geratert. Als ich den Taskmanager öffnete, hat diese noch 2-3 Mal den Rhytmus fortgesetzt und ist seither wieder Stumm. Vielleicht relevant? Vielleicht Windows Search Index Aktualisierung? Wäre aber auch komisch, da das System auf einer SSD liegt, und dort eigentlich keine neuen Daten vorhanden sind. aguy das (hoffentlich letzte) dazugehörige FRST-log FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-12-2013 02
Ran by USERNAME (administrator) on ANONYM-BOB13 on 17-12-2013 22:28:51
Running from C:\Users\USERNAME\Desktop
Windows 8.1 Pro (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OFFICE15\CSISYNCCLIENT.EXE
(Beepa P/L) C:\Fraps\fraps.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Beepa P/L) C:\Fraps\fraps64.dat
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Dropbox, Inc.) C:\Users\USERNAME\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Sysinternals - www.sysinternals.com) C:\SysinternalsSuite\Desktops.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\livecomm.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7156296 2013-03-05] (Realtek Semiconductor)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5618456 2013-09-12] (ESET)
HKLM\...\Run: [Greenshot] - C:\Program Files\Greenshot\Greenshot.exe [495616 2013-10-27] (Greenshot)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM\...\Run: [Fences] - C:\Program Files (x86)\Stardock\Fences\Fences.exe [4013744 2013-07-11] (Stardock Corporation)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)
HKCU\...\Run: [uTorrent] - C:\Users\USERNAME\AppData\Roaming\uTorrent\uTorrent.exe [1142864 2013-11-16] (BitTorrent Inc.)
HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20203904 2013-12-06] (Google)
MountPoints2: {79334044-5d9f-11e3-8267-74d02b2b7ea4} - "F:\setup.exe"
HKLM-x32\...\Run: [RoccatKonePure] - C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.exe [561152 2013-06-10] (ROCCAT GmbH)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
Startup: C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\USERNAME\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fences.lnk
ShortcutTarget: Fences.lnk -> C:\Program Files (x86)\Stardock\Fences\Fences.exe (Stardock Corporation)
Startup: C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe (No File)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5C20E76453E1CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,de-CH;q=0.8,de;q=0.6,fr-CH;q=0.4,fr;q=0.2
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: LastPass - C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\Extensions\support@lastpass.com
FF Extension: jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E - C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\Extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi
FF Extension: jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI - C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi
FF Extension: jid1-qQSMEVsYTOjgYA - C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\Extensions\jid1-qQSMEVsYTOjgYA@jetpack.xpi
FF Extension: omnibar - C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\Extensions\omnibar@ajitk.com.xpi
FF Extension: s3google - C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\Extensions\s3google@translator.xpi
FF Extension: aios - C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi
FF Extension: noscript - C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\Extensions\{ab4b5718-3998-4a2c-91ae-18a7c2db513e}.xpi
FF Extension: Adblock Plus - C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\66b1ckwl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
Chrome:
=======
CHR DefaultSearchKeyword: google.ch
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding}
CHR Extension: (Google Docs) - C:\Users\USERNAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\USERNAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\USERNAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\USERNAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\USERNAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\USERNAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
==================== Services (Whitelisted) =================
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe [927232 2012-10-29] ()
R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [103424 2013-02-14] (Creative Technology Ltd)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1337752 2013-09-12] (ESET)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-11-02] (Microsoft Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWow64\PnkBstrA.exe [76888 2013-11-14] ()
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2012-05-07] ()
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 cthda; C:\Windows\system32\drivers\cthda.sys [1044760 2013-02-14] (Creative Technology Ltd)
R3 cthdb; C:\Windows\system32\DRIVERS\cthdb.sys [28440 2013-02-14] (Creative Technology Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-09-30] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-07-26] (Intel Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [204568 2013-08-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2013-08-22] (Microsoft Corporation)
S4 nvpciflt; \SystemRoot\system32\DRIVERS\nvpciflt.sys [x]
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-17 19:37 - 2013-12-17 19:58 - 00007622 _____ C:\Users\USERNAME\AppData\Local\resmon.resmoncfg
2013-12-17 19:11 - 2013-12-17 19:27 - 00000755 _____ C:\Users\USERNAME\Desktop\JRT.txt
2013-12-16 23:59 - 2013-12-17 22:12 - 00000000 ____D C:\Users\USERNAME\Desktop\FRST-OlderVersion
2013-12-16 23:40 - 2013-12-16 23:40 - 00001126 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-16 23:40 - 2013-12-16 23:40 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Malwarebytes
2013-12-16 23:40 - 2013-12-16 23:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-16 23:40 - 2013-12-16 23:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-16 23:40 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-12-16 21:43 - 2013-12-16 21:43 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2013-12-16 21:43 - 2013-11-14 12:56 - 25257248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 22951200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 18208624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 17560352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 12613408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2013-12-16 21:43 - 2013-11-14 12:56 - 11600432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 11514624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 09691888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 09619872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 03132704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 03125024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 02947872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 02747680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 01884448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433182.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 01511712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433182.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 01242400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 00707360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 00657184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 00609568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 00562464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 00479520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 00405280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 00357152 _____ C:\WINDOWS\system32\NvIFROpenGL.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 00317472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 00314656 _____ C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 00266984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 00168616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2013-12-16 21:43 - 2013-11-14 12:56 - 00141336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2013-12-16 21:42 - 2013-12-16 21:42 - 00000000 ____D C:\NVIDIA
2013-12-15 19:54 - 2013-12-15 19:54 - 00000583 _____ C:\Users\Public\Desktop\Call of Duty Ghosts.lnk
2013-12-15 17:56 - 2013-12-15 17:56 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\bizarre creations
2013-12-15 17:52 - 2013-12-15 17:52 - 00000917 _____ C:\Users\USERNAME\Desktop\Blur.lnk
2013-12-15 17:34 - 2013-12-15 19:56 - 00000000 ____D C:\ProgramData\Steam
2013-12-15 17:34 - 2013-12-15 17:34 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\MKKE
2013-12-15 17:11 - 2013-12-15 17:11 - 00000932 _____ C:\Users\Public\Desktop\Mortal Kombat Complete Edition.lnk
2013-12-15 17:10 - 2013-12-15 17:10 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2013-12-15 16:09 - 2013-12-15 16:09 - 00006238 _____ C:\Users\USERNAME\Desktop\Splitscreen.xlsx
2013-12-15 13:48 - 2013-12-15 13:48 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2013-12-15 13:48 - 2013-12-15 13:48 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2013-12-15 13:41 - 2013-11-12 00:41 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-15 13:41 - 2013-11-12 00:40 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-15 13:41 - 2013-11-12 00:27 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-12-15 13:41 - 2013-11-12 00:24 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-12-15 13:41 - 2013-11-11 03:48 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2013-12-15 13:41 - 2013-11-09 12:55 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-12-15 13:41 - 2013-11-09 07:37 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2013-12-15 13:41 - 2013-11-09 06:56 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2013-12-15 13:41 - 2013-11-08 11:26 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2013-12-15 13:41 - 2013-11-08 06:23 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appmgr.dll
2013-12-15 13:41 - 2013-11-08 05:43 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2013-12-15 13:41 - 2013-11-08 05:42 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appmgr.dll
2013-12-15 13:41 - 2013-11-08 05:28 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-12-15 13:41 - 2013-11-08 05:26 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-12-15 13:41 - 2013-11-08 05:16 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2013-12-15 13:41 - 2013-11-08 05:15 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2013-12-15 13:41 - 2013-11-08 05:07 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2013-12-15 13:41 - 2013-11-08 04:41 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-12-15 13:41 - 2013-11-08 04:36 - 04105216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-12-15 13:41 - 2013-11-08 04:14 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-12-15 13:41 - 2013-11-05 15:19 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2013-12-15 13:41 - 2013-11-05 15:03 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2013-12-15 13:41 - 2013-11-05 14:57 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2013-12-15 13:41 - 2013-11-05 14:33 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2013-12-15 13:41 - 2013-11-05 14:32 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2013-12-15 13:41 - 2013-11-05 14:17 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2013-12-15 13:41 - 2013-11-04 18:13 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-12-15 13:41 - 2013-11-04 18:13 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-12-15 13:41 - 2013-11-04 14:07 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2013-12-15 13:41 - 2013-11-04 12:50 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-12-15 13:41 - 2013-11-04 11:32 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2013-12-15 13:41 - 2013-11-04 03:28 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2013-12-15 13:41 - 2013-11-04 02:30 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-12-15 13:41 - 2013-11-01 12:39 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2013-12-15 13:41 - 2013-11-01 07:08 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2013-12-15 13:41 - 2013-11-01 06:57 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2013-12-15 13:41 - 2013-10-31 01:58 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-12-15 13:41 - 2013-10-31 01:42 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-12-15 13:41 - 2013-10-31 01:33 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2013-12-15 13:41 - 2013-10-31 01:33 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2013-12-15 13:41 - 2013-10-31 01:33 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2013-12-15 13:41 - 2013-10-31 01:33 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2013-12-15 13:41 - 2013-10-26 02:54 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2013-12-15 13:41 - 2013-10-24 10:31 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2013-12-15 13:41 - 2013-10-24 10:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2013-12-15 13:41 - 2013-10-17 12:21 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2013-12-15 13:41 - 2013-10-17 11:36 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2013-12-15 13:41 - 2013-10-05 15:21 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-12-15 13:41 - 2013-10-05 15:21 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-12-15 13:41 - 2013-10-05 13:05 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-12-15 13:41 - 2013-10-05 13:05 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-12-14 15:38 - 2013-12-14 15:38 - 00001069 _____ C:\Users\Public\Desktop\Start Sonic & All-Stars Racing Transformed.lnk
2013-12-14 15:38 - 2013-12-14 15:38 - 00001004 _____ C:\Users\Public\Desktop\Launcher Sonic & All-Stars Racing Transformed.lnk
2013-12-14 15:37 - 2013-12-14 15:37 - 00020727 _____ C:\Users\USERNAME\Desktop\FRST.zip
2013-12-14 15:31 - 2013-12-14 15:36 - 00031517 _____ C:\Users\USERNAME\Desktop\Addition.txt
2013-12-14 15:30 - 2013-12-17 22:28 - 00017777 _____ C:\Users\USERNAME\Desktop\FRST.txt
2013-12-14 15:30 - 2013-12-17 22:12 - 00000000 ____D C:\FRST
2013-12-13 21:11 - 2013-12-13 21:13 - 00000000 ____D C:\Program Files (x86)\Project64 1.6
2013-12-13 21:11 - 2013-12-13 21:11 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6
2013-12-13 20:40 - 2013-12-17 19:31 - 00002196 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-13 17:13 - 2013-12-17 22:12 - 01928214 _____ (Farbar) C:\Users\USERNAME\Desktop\FRST64.exe
2013-12-13 17:13 - 2013-12-13 17:13 - 00377856 _____ C:\Users\USERNAME\Desktop\gmer_2.1.19163.exe
2013-12-13 17:13 - 2013-12-13 17:13 - 00050477 _____ C:\Users\USERNAME\Desktop\Defogger.exe
2013-12-13 17:09 - 2013-12-13 17:09 - 00000269 _____ C:\Users\USERNAME\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten - Trojaner-Board.URL
2013-12-13 16:55 - 2013-12-13 16:55 - 00000000 ____D C:\WINDOWS\ERUNT
2013-12-13 16:52 - 2013-12-13 16:53 - 00000000 ____D C:\AdwCleaner
2013-12-13 16:51 - 2013-12-13 16:51 - 00891200 _____ C:\Users\USERNAME\Desktop\SecurityCheck.exe
2013-12-13 16:49 - 2013-12-13 16:49 - 01034531 _____ (Thisisu) C:\Users\USERNAME\Desktop\JRT.exe
2013-12-13 16:47 - 2013-12-13 16:47 - 01226802 _____ C:\Users\USERNAME\Desktop\adwcleaner.exe
2013-12-11 02:23 - 2013-10-19 09:53 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2013-12-11 02:23 - 2013-10-19 08:14 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2013-12-11 02:23 - 2013-10-15 09:54 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2013-12-11 02:23 - 2013-10-15 09:03 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2013-12-11 02:22 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-12-11 02:22 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-12-11 02:22 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-12-11 02:22 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-12-11 02:22 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-12-11 02:22 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-12-11 02:22 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-12-11 02:22 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-12-11 02:22 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-12-11 02:22 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-12-11 02:22 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-12-11 02:22 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-12-11 02:22 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-12-11 02:22 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2013-12-11 02:22 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2013-12-11 02:22 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-12-11 02:22 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-12-11 02:21 - 2013-11-08 08:21 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-12-08 15:20 - 2013-12-08 21:23 - 00000000 ____D C:\Users\USERNAME\.freemind
2013-12-08 15:20 - 2013-12-08 15:20 - 00001132 _____ C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\FreeMind.lnk
2013-12-08 15:20 - 2013-12-08 15:20 - 00001108 _____ C:\Users\USERNAME\Desktop\FreeMind.lnk
2013-12-08 15:20 - 2013-12-08 15:20 - 00000000 ____D C:\Program Files (x86)\FreeMind
2013-12-08 14:36 - 2013-12-08 14:36 - 00002233 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-08 12:23 - 2013-12-08 12:23 - 62093799 _____ C:\Users\USERNAME\Desktop\Sphax PureBDcraft 256x MC17.zip
2013-12-08 10:52 - 2013-12-08 10:53 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-08 10:52 - 2013-12-08 10:52 - 00000000 ____D C:\WINDOWS\PCHEALTH
2013-12-08 10:52 - 2013-12-08 10:52 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Microsoft Help
2013-12-08 10:52 - 2013-12-08 10:52 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2013-12-08 10:52 - 2013-12-08 10:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-12-08 10:52 - 2013-12-08 10:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-12-08 10:50 - 2013-12-08 10:50 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2013-12-08 10:43 - 2013-12-08 10:52 - 00000000 ____D C:\Program Files\Microsoft Office
2013-12-08 10:38 - 2013-12-13 16:27 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-12-08 10:31 - 2013-12-08 10:35 - 00000000 ____D C:\Program Files\office.tmp
2013-12-07 11:55 - 2013-12-07 11:38 - 604772257 _____ C:\Users\USERNAME\Desktop\Minecraft.zip
2013-12-07 11:33 - 2013-12-08 12:22 - 115988950 _____ C:\Users\USERNAME\Desktop\Sphax PureBDcraft 512x MC17.zip
2013-12-05 17:45 - 2013-12-05 17:45 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Might and Delight
2013-12-05 17:44 - 2013-12-05 17:44 - 00001271 _____ C:\Users\Public\Desktop\Virtual CloneDrive.lnk
2013-12-05 17:44 - 2013-12-05 17:44 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2013-12-05 17:44 - 2013-12-05 17:15 - 639774576 _____ C:\Users\USERNAME\Desktop\wmt-shelter.bin
2013-12-05 17:44 - 2013-12-05 17:13 - 00000077 _____ C:\Users\USERNAME\Desktop\wmt-shelter.cue
2013-12-05 17:09 - 2013-12-05 17:09 - 00005112 _____ C:\Users\USERNAME\Desktop\shelter-walmart.nfo
2013-12-05 01:08 - 2013-12-05 01:08 - 00233984 _____ C:\Users\USERNAME\Desktop\VGABIOS.rom
2013-12-05 01:08 - 2013-07-03 06:34 - 00015648 _____ C:\WINDOWS\system32\Drivers\nvflash.sys
2013-12-05 01:02 - 2013-12-05 01:02 - 00000000 ____D C:\Users\USERNAME\Desktop\Setup32_ThunderMaster_NV_1_9h
2013-12-05 00:13 - 2013-12-05 00:13 - 00000283 _____ C:\Users\USERNAME\Desktop\[BF4] I have multiple fixes that make the game 90% improved, no more DX error's. Battlefield.URL
2013-11-22 13:22 - 2013-12-07 15:04 - 00257314 _____ C:\WINDOWS\DirectX.log
2013-11-22 13:18 - 2013-12-16 21:44 - 00002604 _____ C:\WINDOWS\setupact.log
2013-11-22 13:18 - 2013-11-22 13:18 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-11-22 13:17 - 2013-12-13 21:05 - 00002516 _____ C:\WINDOWS\PFRO.log
2013-11-21 22:33 - 2013-12-17 22:04 - 01478913 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-21 18:06 - 2013-12-13 01:19 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\vlc
2013-11-21 18:06 - 2013-11-21 18:06 - 00000888 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-11-21 18:06 - 2013-11-21 18:06 - 00000000 ____D C:\Program Files\VideoLAN
2013-11-20 21:22 - 2013-11-20 21:22 - 00001907 _____ C:\Users\Public\Desktop\IrfanView Thumbnails.lnk
2013-11-20 21:22 - 2013-11-20 21:22 - 00001015 _____ C:\Users\Public\Desktop\IrfanView.lnk
2013-11-20 21:22 - 2013-11-20 21:22 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\IrfanView
2013-11-20 21:22 - 2013-11-20 21:22 - 00000000 ____D C:\Program Files (x86)\IrfanView
2013-11-20 20:06 - 2013-11-25 21:40 - 00000000 ____D C:\Users\USERNAME\.MakeMKV
2013-11-17 15:14 - 2013-11-17 15:14 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Stardock_Corporation
2013-11-17 15:13 - 2013-11-17 15:31 - 00000000 ____D C:\Program Files (x86)\Stardock
2013-11-17 15:13 - 2013-11-17 15:13 - 00002047 _____ C:\Users\USERNAME\Desktop\Customize Fences.lnk
2013-11-17 15:08 - 2013-11-17 15:08 - 00000966 _____ C:\Users\USERNAME\Desktop\eclipse.lnk
2013-11-17 15:07 - 2013-11-17 15:07 - 00000000 ____D C:\Program Files\eclipse
2013-11-17 15:05 - 2013-11-17 15:15 - 00000000 ____D C:\Users\USERNAME\.gimp-2.8
2013-11-17 15:05 - 2013-11-17 15:05 - 00000000 ____D C:\Users\USERNAME\AppData\Local\gegl-0.2
2013-11-17 14:57 - 2013-11-17 14:57 - 00000000 ____D C:\Program Files (x86)\FLAC
2013-11-17 14:29 - 2013-11-17 14:29 - 00000000 ____D C:\Program Files (x86)\Geeks3D
2013-11-17 13:59 - 2013-11-17 14:00 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Foxit Software
2013-11-17 13:59 - 2013-11-17 13:59 - 00002071 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2013-11-17 13:59 - 2013-11-17 13:59 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2013-11-17 13:59 - 2013-06-09 21:59 - 00216064 _____ C:\WINDOWS\SysWOW64\gcapi_dll.dll
2013-11-17 12:23 - 2013-11-17 12:23 - 00000000 ____D C:\ProgramData\ROCCAT
==================== One Month Modified Files and Folders =======
2013-12-17 22:28 - 2013-12-14 15:30 - 00017777 _____ C:\Users\USERNAME\Desktop\FRST.txt
2013-12-17 22:12 - 2013-12-16 23:59 - 00000000 ____D C:\Users\USERNAME\Desktop\FRST-OlderVersion
2013-12-17 22:12 - 2013-12-14 15:30 - 00000000 ____D C:\FRST
2013-12-17 22:12 - 2013-12-13 17:13 - 01928214 _____ (Farbar) C:\Users\USERNAME\Desktop\FRST64.exe
2013-12-17 22:04 - 2013-11-21 22:33 - 01478913 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-17 22:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2013-12-17 21:47 - 2013-11-16 19:36 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-17 20:53 - 2013-11-16 18:57 - 00005156 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for ANONYM-BOB13-USERNAME anonym-bob13
2013-12-17 20:37 - 2013-11-16 17:47 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-12-17 20:04 - 2013-11-14 17:10 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3419439862-1036738529-1644555537-1001
2013-12-17 19:58 - 2013-12-17 19:37 - 00007622 _____ C:\Users\USERNAME\AppData\Local\resmon.resmoncfg
2013-12-17 19:56 - 2013-11-16 20:08 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\ClassicShell
2013-12-17 19:53 - 2013-11-16 17:38 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\uTorrent
2013-12-17 19:47 - 2013-11-16 17:49 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-12-17 19:47 - 2013-11-16 17:49 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-17 19:47 - 2013-11-14 17:27 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-17 19:47 - 2013-11-14 16:54 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-12-17 19:47 - 2013-11-14 16:54 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-12-17 19:35 - 2013-09-30 05:14 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-17 19:35 - 2013-09-30 04:56 - 00764340 _____ C:\WINDOWS\system32\perfh007.dat
2013-12-17 19:35 - 2013-09-30 04:56 - 00159160 _____ C:\WINDOWS\system32\perfc007.dat
2013-12-17 19:31 - 2013-12-13 20:40 - 00002196 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-17 19:30 - 2013-11-16 20:02 - 00000000 ___RD C:\Users\USERNAME\Dropbox
2013-12-17 19:30 - 2013-11-16 19:36 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Dropbox
2013-12-17 19:30 - 2013-10-14 13:53 - 00000000 ___RD C:\Users\USERNAME\Google Drive
2013-12-17 19:29 - 2013-11-16 21:00 - 00003148 _____ C:\WINDOWS\System32\Tasks\FRAPS
2013-12-17 19:29 - 2013-11-16 19:36 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-17 19:29 - 2013-11-03 15:25 - 00000000 ____D C:\Fraps
2013-12-17 19:29 - 2013-09-02 17:37 - 00000000 __RDO C:\Users\USERNAME\SkyDrive
2013-12-17 19:29 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-17 19:28 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2013-12-17 19:27 - 2013-12-17 19:11 - 00000755 _____ C:\Users\USERNAME\Desktop\JRT.txt
2013-12-17 18:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2013-12-16 23:40 - 2013-12-16 23:40 - 00001126 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-16 23:40 - 2013-12-16 23:40 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Malwarebytes
2013-12-16 23:40 - 2013-12-16 23:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-16 23:40 - 2013-12-16 23:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-16 22:48 - 2013-11-14 17:28 - 00214392 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2013-12-16 21:47 - 2013-11-14 17:28 - 00214392 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2013-12-16 21:44 - 2013-11-22 13:18 - 00002604 _____ C:\WINDOWS\setupact.log
2013-12-16 21:43 - 2013-12-16 21:43 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2013-12-16 21:42 - 2013-12-16 21:42 - 00000000 ____D C:\NVIDIA
2013-12-16 21:24 - 2013-11-14 17:15 - 00000000 ____D C:\Program Files (x86)\Origin
2013-12-16 17:05 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2013-12-16 16:34 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2013-12-16 16:34 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore
2013-12-16 16:34 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2013-12-16 16:34 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\FileManager
2013-12-16 16:34 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Camera
2013-12-16 00:40 - 2013-11-16 16:53 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\foobar2000
2013-12-15 22:11 - 2013-11-16 20:12 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\.minecraft
2013-12-15 22:04 - 2013-11-16 20:37 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-12-15 19:56 - 2013-12-15 17:34 - 00000000 ____D C:\ProgramData\Steam
2013-12-15 19:54 - 2013-12-15 19:54 - 00000583 _____ C:\Users\Public\Desktop\Call of Duty Ghosts.lnk
2013-12-15 17:56 - 2013-12-15 17:56 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\bizarre creations
2013-12-15 17:52 - 2013-12-15 17:52 - 00000917 _____ C:\Users\USERNAME\Desktop\Blur.lnk
2013-12-15 17:34 - 2013-12-15 17:34 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\MKKE
2013-12-15 17:11 - 2013-12-15 17:11 - 00000932 _____ C:\Users\Public\Desktop\Mortal Kombat Complete Edition.lnk
2013-12-15 17:10 - 2013-12-15 17:10 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2013-12-15 16:09 - 2013-12-15 16:09 - 00006238 _____ C:\Users\USERNAME\Desktop\Splitscreen.xlsx
2013-12-15 13:48 - 2013-12-15 13:48 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2013-12-15 13:48 - 2013-12-15 13:48 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2013-12-15 13:48 - 2013-11-16 19:37 - 00002059 _____ C:\Users\Public\Desktop\Google Slides.lnk
2013-12-15 13:48 - 2013-11-16 19:37 - 00002057 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2013-12-15 13:48 - 2013-11-16 19:37 - 00002047 _____ C:\Users\Public\Desktop\Google Docs.lnk
2013-12-15 13:47 - 2013-11-16 13:13 - 90708896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-15 13:47 - 2013-11-16 13:13 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-14 15:38 - 2013-12-14 15:38 - 00001069 _____ C:\Users\Public\Desktop\Start Sonic & All-Stars Racing Transformed.lnk
2013-12-14 15:38 - 2013-12-14 15:38 - 00001004 _____ C:\Users\Public\Desktop\Launcher Sonic & All-Stars Racing Transformed.lnk
2013-12-14 15:37 - 2013-12-14 15:37 - 00020727 _____ C:\Users\USERNAME\Desktop\FRST.zip
2013-12-14 15:36 - 2013-12-14 15:31 - 00031517 _____ C:\Users\USERNAME\Desktop\Addition.txt
2013-12-13 21:13 - 2013-12-13 21:11 - 00000000 ____D C:\Program Files (x86)\Project64 1.6
2013-12-13 21:11 - 2013-12-13 21:11 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6
2013-12-13 21:05 - 2013-11-22 13:17 - 00002516 _____ C:\WINDOWS\PFRO.log
2013-12-13 20:40 - 2013-11-16 19:36 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Google
2013-12-13 20:40 - 2013-11-16 19:36 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-13 17:13 - 2013-12-13 17:13 - 00377856 _____ C:\Users\USERNAME\Desktop\gmer_2.1.19163.exe
2013-12-13 17:13 - 2013-12-13 17:13 - 00050477 _____ C:\Users\USERNAME\Desktop\Defogger.exe
2013-12-13 17:09 - 2013-12-13 17:09 - 00000269 _____ C:\Users\USERNAME\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten - Trojaner-Board.URL
2013-12-13 16:55 - 2013-12-13 16:55 - 00000000 ____D C:\WINDOWS\ERUNT
2013-12-13 16:53 - 2013-12-13 16:52 - 00000000 ____D C:\AdwCleaner
2013-12-13 16:51 - 2013-12-13 16:51 - 00891200 _____ C:\Users\USERNAME\Desktop\SecurityCheck.exe
2013-12-13 16:49 - 2013-12-13 16:49 - 01034531 _____ (Thisisu) C:\Users\USERNAME\Desktop\JRT.exe
2013-12-13 16:47 - 2013-12-13 16:47 - 01226802 _____ C:\Users\USERNAME\Desktop\adwcleaner.exe
2013-12-13 16:27 - 2013-12-08 10:38 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-12-13 16:15 - 2013-08-22 15:44 - 00473728 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-13 01:19 - 2013-11-21 18:06 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\vlc
2013-12-10 19:37 - 2013-11-16 17:47 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-12-08 21:23 - 2013-12-08 15:20 - 00000000 ____D C:\Users\USERNAME\.freemind
2013-12-08 15:20 - 2013-12-08 15:20 - 00001132 _____ C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\FreeMind.lnk
2013-12-08 15:20 - 2013-12-08 15:20 - 00001108 _____ C:\Users\USERNAME\Desktop\FreeMind.lnk
2013-12-08 15:20 - 2013-12-08 15:20 - 00000000 ____D C:\Program Files (x86)\FreeMind
2013-12-08 15:20 - 2013-11-14 17:00 - 00000000 ____D C:\Users\USERNAME
2013-12-08 14:36 - 2013-12-08 14:36 - 00002233 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-08 12:23 - 2013-12-08 12:23 - 62093799 _____ C:\Users\USERNAME\Desktop\Sphax PureBDcraft 256x MC17.zip
2013-12-08 12:22 - 2013-12-07 11:33 - 115988950 _____ C:\Users\USERNAME\Desktop\Sphax PureBDcraft 512x MC17.zip
2013-12-08 10:53 - 2013-12-08 10:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-08 10:53 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-12-08 10:52 - 2013-12-08 10:52 - 00000000 ____D C:\WINDOWS\PCHEALTH
2013-12-08 10:52 - 2013-12-08 10:52 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Microsoft Help
2013-12-08 10:52 - 2013-12-08 10:52 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2013-12-08 10:52 - 2013-12-08 10:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-12-08 10:52 - 2013-12-08 10:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-12-08 10:52 - 2013-12-08 10:43 - 00000000 ____D C:\Program Files\Microsoft Office
2013-12-08 10:50 - 2013-12-08 10:50 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2013-12-08 10:35 - 2013-12-08 10:31 - 00000000 ____D C:\Program Files\office.tmp
2013-12-07 15:04 - 2013-11-22 13:22 - 00257314 _____ C:\WINDOWS\DirectX.log
2013-12-07 11:38 - 2013-12-07 11:55 - 604772257 _____ C:\Users\USERNAME\Desktop\Minecraft.zip
2013-12-05 17:45 - 2013-12-05 17:45 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Might and Delight
2013-12-05 17:44 - 2013-12-05 17:44 - 00001271 _____ C:\Users\Public\Desktop\Virtual CloneDrive.lnk
2013-12-05 17:44 - 2013-12-05 17:44 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2013-12-05 17:15 - 2013-12-05 17:44 - 639774576 _____ C:\Users\USERNAME\Desktop\wmt-shelter.bin
2013-12-05 17:13 - 2013-12-05 17:44 - 00000077 _____ C:\Users\USERNAME\Desktop\wmt-shelter.cue
2013-12-05 17:09 - 2013-12-05 17:09 - 00005112 _____ C:\Users\USERNAME\Desktop\shelter-walmart.nfo
2013-12-05 01:08 - 2013-12-05 01:08 - 00233984 _____ C:\Users\USERNAME\Desktop\VGABIOS.rom
2013-12-05 01:02 - 2013-12-05 01:02 - 00000000 ____D C:\Users\USERNAME\Desktop\Setup32_ThunderMaster_NV_1_9h
2013-12-05 00:13 - 2013-12-05 00:13 - 00000283 _____ C:\Users\USERNAME\Desktop\[BF4] I have multiple fixes that make the game 90% improved, no more DX error's. Battlefield.URL
2013-12-04 18:42 - 2013-11-16 19:36 - 00004108 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-04 18:42 - 2013-11-16 19:36 - 00003872 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-04 01:05 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-12-04 01:05 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-01 14:21 - 2013-11-16 20:03 - 00000000 ____D C:\ProgramData\ClassicShell
2013-11-30 16:22 - 2013-11-14 17:28 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-11-26 12:54 - 2013-12-11 02:22 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-11-26 11:11 - 2013-12-11 02:22 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-11-26 10:41 - 2013-12-11 02:22 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-11-26 09:57 - 2013-12-11 02:22 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-11-26 09:38 - 2013-12-11 02:22 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-11-26 09:35 - 2013-12-11 02:22 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-11-26 09:16 - 2013-12-11 02:22 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-11-26 09:02 - 2013-12-11 02:22 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-11-26 08:48 - 2013-12-11 02:22 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-11-26 08:32 - 2013-12-11 02:22 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-11-26 08:26 - 2013-12-11 02:22 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-11-26 08:07 - 2013-12-11 02:22 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-11-26 07:40 - 2013-12-11 02:22 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-11-26 07:34 - 2013-12-11 02:22 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2013-11-26 07:34 - 2013-12-11 02:22 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2013-11-26 07:33 - 2013-12-11 02:22 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-11-26 07:27 - 2013-12-11 02:22 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-11-25 21:40 - 2013-11-20 20:06 - 00000000 ____D C:\Users\USERNAME\.MakeMKV
2013-11-22 13:18 - 2013-11-22 13:18 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-11-21 22:29 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2013-11-21 18:39 - 2013-11-14 17:04 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Packages
2013-11-21 18:06 - 2013-11-21 18:06 - 00000888 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-11-21 18:06 - 2013-11-21 18:06 - 00000000 ____D C:\Program Files\VideoLAN
2013-11-21 02:06 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2013-11-20 21:22 - 2013-11-20 21:22 - 00001907 _____ C:\Users\Public\Desktop\IrfanView Thumbnails.lnk
2013-11-20 21:22 - 2013-11-20 21:22 - 00001015 _____ C:\Users\Public\Desktop\IrfanView.lnk
2013-11-20 21:22 - 2013-11-20 21:22 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\IrfanView
2013-11-20 21:22 - 2013-11-20 21:22 - 00000000 ____D C:\Program Files (x86)\IrfanView
2013-11-17 15:31 - 2013-11-17 15:13 - 00000000 ____D C:\Program Files (x86)\Stardock
2013-11-17 15:29 - 2013-11-16 20:39 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Stardock
2013-11-17 15:15 - 2013-11-17 15:05 - 00000000 ____D C:\Users\USERNAME\.gimp-2.8
2013-11-17 15:14 - 2013-11-17 15:14 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Stardock_Corporation
2013-11-17 15:13 - 2013-11-17 15:13 - 00002047 _____ C:\Users\USERNAME\Desktop\Customize Fences.lnk
2013-11-17 15:13 - 2013-11-14 17:04 - 00000000 ___RD C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-17 15:08 - 2013-11-17 15:08 - 00000966 _____ C:\Users\USERNAME\Desktop\eclipse.lnk
2013-11-17 15:07 - 2013-11-17 15:07 - 00000000 ____D C:\Program Files\eclipse
2013-11-17 15:05 - 2013-11-17 15:05 - 00000000 ____D C:\Users\USERNAME\AppData\Local\gegl-0.2
2013-11-17 14:57 - 2013-11-17 14:57 - 00000000 ____D C:\Program Files (x86)\FLAC
2013-11-17 14:29 - 2013-11-17 14:29 - 00000000 ____D C:\Program Files (x86)\Geeks3D
2013-11-17 14:00 - 2013-11-17 13:59 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Foxit Software
2013-11-17 13:59 - 2013-11-17 13:59 - 00002071 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2013-11-17 13:59 - 2013-11-17 13:59 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2013-11-17 12:23 - 2013-11-17 12:23 - 00000000 ____D C:\ProgramData\ROCCAT
2013-11-17 12:23 - 2013-11-14 17:04 - 00000000 ____D C:\Users\USERNAME\AppData\Local\VirtualStore
Some content of TEMP:
====================
C:\Users\USERNAME\AppData\Local\Temp\Checkupdate.exe
C:\Users\USERNAME\AppData\Local\Temp\drm_dyndata_7380015.dll
C:\Users\USERNAME\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\USERNAME\AppData\Local\Temp\gcapi_dll.dll
C:\Users\USERNAME\AppData\Local\Temp\gtapi_signed.dll
C:\Users\USERNAME\AppData\Local\Temp\OfficeSetup.exe
C:\Users\USERNAME\AppData\Local\Temp\procexp64.exe
C:\Users\USERNAME\AppData\Local\Temp\Quarantine.exe
C:\Users\USERNAME\AppData\Local\Temp\sonarinst.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-10 19:54
==================== End Of Log ============================
--- --- --- Geändert von aguy (17.12.2013 um 20:00 Uhr) |
|
18.12.2013, 11:08
| #11 |
| /// the machine /// TB-Ausbilder | Adware.Lollipop.D erkannt bei Download von Chip & Co. Festplattengeräusche sind nie wirklich gut. ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Adware.Lollipop.D erkannt bei Download von Chip & Co. |
| adware.lollipop.d, appdata, appdatalow, bericht, betriebssystem, browser, chip, chip.de, code, dateien, desktop, download, erkannt, erstellt, eset nod32, explorer, firefox, folge, gelöscht, internet, internet explorer, meldung, mozilla, ordner, quarantäne, registrierungsdatenbank, roaming, software, suche, win 8.1 64bit, windows, windows 8.1 64bit |
Linear-Darstellung
