| |
| |||||||
Log-Analyse und Auswertung: Windows 7: Eventueller Trojaner, Paypal-Passwort wurde offenbar entwendetWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
14.09.2014, 15:33
| #1 |
| |  Windows 7: Eventueller Trojaner, Paypal-Passwort wurde offenbar entwendet Moin moin! Vor einigen Tagen fing Firefox nach dem Booten an, mich nach einem PC-Neustart auf eine russische Spieleseite zu verweisen. Sonst nichts, keine Pop-Ups oder irgendwas. Aber sowas macht natürlich misstrauisch. Also war ich die folgenden Tage besonders vorsichtig. Vor zwei Tagen funktionierte dann die Bezahlung eines Spiels auf GoG.com per PayPal nicht korrekt, weshalb ich die letzten Tage ein besonderes Auge darauf hatte. Zwischenzeitlich fand ich in der Registry noch einen Eintrag, der auf die russische Seite verwies und löschte diesen, was mir immerhin diesen Kram zum PC-Start ersparte. Vorhin nun kam ich gar nicht mehr in meinen PayPal-Account. Es folgte meinerseits eine sofortige Passwort-Rücksetzung via Telefonabfrage und eine Änderung meines E-Mail-Passworts beim dazugehörigen Gmail-Account. Um auf Nummer Sicher zu gehen, dass die Passwortabschöpfung auch wirklich nicht bei mir geschah, sondern bei GoG.com, habe ich jetzt nach eurer Anleitung die folgenden Scans erhoben. Defogger Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 15:42 on 14/09/2014 (Hjalfnar)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014 Ran by Hjalfnar (administrator) on HJALFNAR-PC on 14-09-2014 15:45:19 Running from C:\Users\Hjalfnar\Downloads Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Englisch (USA) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Malwarebytes Corporation) D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe () C:\Windows\SysWOW64\PnkBstrB.exe (Safer-Networking Ltd.) D:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) D:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (LogMeIn Inc.) D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (Malwarebytes Corporation) D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (LogMeIn, Inc.) D:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Safer-Networking Ltd.) D:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Microsoft Corporation) C:\Windows\System32\schtasks.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Safer-Networking Ltd.) D:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Adobe Systems Incorporated) D:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe (Adobe Systems Incorporated) D:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe (Skype Technologies S.A.) D:\Program Files (x86)\Skype\Phone\Skype.exe (Microsoft Corporation) C:\Windows\System32\audiodg.exe () C:\Users\Hjalfnar\Downloads\Defogger.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575768 2014-05-14] (Realtek Semiconductor) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-05] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [SDTray] => D:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3802448 2014-09-04] (LogMeIn Inc.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-418080255-3826421212-1868321458-1000\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-418080255-3826421212-1868321458-1000\...\MountPoints2: {928a2691-c497-11e3-994e-806e6f6e6963} - E:\Bin\ASSETUP.exe BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xCAE8E5A9A858CF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) Toolbar: HKLM-x32 - No Name - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No File Winsock: Catalog5 09 C:\Windows\SysWOW64\PrxerNsp.dll [56424] () Winsock: Catalog9 01 C:\Windows\SysWOW64\PrxerDrv.dll [70248] (Initex) Winsock: Catalog9 02 C:\Windows\SysWOW64\PrxerDrv.dll [70248] (Initex) Winsock: Catalog9 03 C:\Windows\SysWOW64\PrxerDrv.dll [70248] (Initex) Winsock: Catalog9 04 C:\Windows\SysWOW64\PrxerDrv.dll [70248] (Initex) Winsock: Catalog9 15 C:\Windows\SysWOW64\PrxerDrv.dll [70248] (Initex) Winsock: Catalog5-x64 09 %SystemRoot%\system32\PrxerNsp.dll [57448] () Winsock: Catalog9-x64 01 %SystemRoot%\system32\PrxerDrv.dll [76392] (Initex) Winsock: Catalog9-x64 02 %SystemRoot%\system32\PrxerDrv.dll [76392] (Initex) Winsock: Catalog9-x64 03 %SystemRoot%\system32\PrxerDrv.dll [76392] (Initex) Winsock: Catalog9-x64 04 %SystemRoot%\system32\PrxerDrv.dll [76392] (Initex) Winsock: Catalog9-x64 15 %SystemRoot%\system32\PrxerDrv.dll [76392] (Initex) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\Hjalfnar\AppData\Roaming\Mozilla\Firefox\Profiles\pndtqmn4.default FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll () FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader -> D:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Deutsch (DE) Language Pack - C:\Users\Hjalfnar\AppData\Roaming\Mozilla\Firefox\Profiles\pndtqmn4.default\Extensions\langpack-de@firefox.mozilla.org.xpi [2014-06-20] FF Extension: English (GB) Language Pack - C:\Users\Hjalfnar\AppData\Roaming\Mozilla\Firefox\Profiles\pndtqmn4.default\Extensions\langpack-en-GB@firefox.mozilla.org.xpi [2014-06-20] FF Extension: Adblock Plus - C:\Users\Hjalfnar\AppData\Roaming\Mozilla\Firefox\Profiles\pndtqmn4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-16] FF Extension: QuickStores-Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de [2014-09-12] Chrome: ======= ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG) S4 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-07] () S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-24] (Avira Operations GmbH & Co. KG) S4 DAUpdaterSvc; D:\Spiele\SteamLibrary\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2014-07-01] (BioWare) R2 Hamachi2Svc; D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2525008 2014-09-04] (LogMeIn Inc.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) R2 MBAMScheduler; D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-05-31] () R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2014-05-31] () R2 SDScannerService; D:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; D:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) R2 SDWSCService; D:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] S3 TunngleService; D:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] () R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2014-08-10] () R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-22] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-04-15] (Disc Soft Ltd) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2014-08-10] () R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [91352 2014-05-12] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-14] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation) S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam620.sys [58512 2012-07-03] (Realtek Corporation) R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net) U5 UnlockerDriver5; D:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-14 15:45 - 2014-09-14 15:45 - 00016634 _____ () C:\Users\Hjalfnar\Downloads\FRST.txt 2014-09-14 15:42 - 2014-09-14 15:42 - 00000478 _____ () C:\Users\Hjalfnar\Downloads\defogger_disable.log 2014-09-14 15:42 - 2014-09-14 15:42 - 00000000 _____ () C:\Users\Hjalfnar\defogger_reenable 2014-09-14 15:41 - 2014-09-14 15:41 - 00050477 _____ () C:\Users\Hjalfnar\Downloads\Defogger.exe 2014-09-14 15:40 - 2014-09-14 15:45 - 00000000 ____D () C:\FRST 2014-09-14 15:39 - 2014-09-14 15:39 - 02105856 _____ (Farbar) C:\Users\Hjalfnar\Downloads\FRST64.exe 2014-09-14 10:07 - 2014-07-18 06:11 - 00450709 _____ () C:\Windows\system32\Drivers\etc\hosts.20140914-100754.backup 2014-09-14 08:52 - 2014-09-14 10:05 - 00000504 _____ () C:\Windows\setupact.log 2014-09-14 08:52 - 2014-09-14 08:52 - 00000000 _____ () C:\Windows\setuperr.log 2014-09-12 21:20 - 2014-09-12 21:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-09-12 03:03 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-09-12 03:03 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-09-12 03:03 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-09-12 03:03 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-09-12 03:03 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-09-12 03:03 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-09-12 03:03 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-09-12 03:03 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-09-12 03:03 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-09-12 03:03 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-09-12 03:03 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-09-12 03:03 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-09-12 03:03 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-09-12 03:03 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-09-12 03:03 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-09-12 03:03 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-09-12 03:03 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-09-12 03:03 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-09-12 03:03 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-09-12 03:03 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-09-12 03:03 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-09-12 03:03 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-09-12 03:03 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-09-12 03:03 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-09-12 03:03 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-09-12 03:03 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-09-12 03:03 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-09-12 03:03 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-09-12 03:03 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-09-12 03:03 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-09-12 03:03 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-09-12 03:03 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-09-12 03:03 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-09-12 03:03 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-09-12 03:03 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-09-12 03:03 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-09-12 03:03 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-09-12 03:03 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-09-12 03:03 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-09-12 03:03 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-09-12 03:03 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-09-12 03:03 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-09-12 03:03 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-09-12 03:03 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-09-12 03:02 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-09-12 03:02 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-09-12 03:02 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-09-12 03:02 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-09-12 03:02 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-09-12 03:02 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-09-12 03:02 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-09-12 03:02 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-09-12 03:02 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-09-12 03:02 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-09-12 03:02 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-09-12 03:02 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-09-12 03:00 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-09-12 03:00 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2014-09-11 09:59 - 2014-09-14 13:16 - 00000000 ____D () C:\Users\Hjalfnar\AppData\Local\LogMeIn Hamachi 2014-09-11 09:59 - 2014-09-11 09:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2014-09-11 08:17 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-09-11 08:17 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-09-11 08:17 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2014-09-11 08:17 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2014-09-11 08:17 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-09-11 08:17 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-09-11 08:17 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-09-11 08:17 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-09-11 08:17 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-09-11 08:17 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-09-11 08:17 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-09-07 19:02 - 2014-09-07 19:02 - 00001049 _____ () C:\Users\Public\Desktop\Die Sims 4.lnk 2014-09-07 19:02 - 2014-09-07 19:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die Sims 4 2014-09-07 19:02 - 2011-02-18 15:07 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll 2014-09-06 23:08 - 2014-09-06 23:08 - 00003132 _____ () C:\Windows\System32\Tasks\Origin 2014-09-05 16:03 - 2014-09-05 16:03 - 00000222 _____ () C:\Users\Hjalfnar\Desktop\Wargame AirLand Battle.url 2014-09-05 11:56 - 2014-09-05 11:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The SIMS 4 Deluxe Edition 2014-09-04 23:21 - 2014-09-04 23:21 - 00000000 ____D () C:\Users\Hjalfnar\Documents\Aspyr 2014-09-04 23:19 - 2014-09-04 23:19 - 00000000 ____D () C:\Users\Hjalfnar\AppData\Local\Aspyr 2014-09-04 18:17 - 2014-09-04 18:17 - 00000839 _____ () C:\Users\Hjalfnar\Desktop\Panzer Corps Collection.lnk 2014-09-04 18:17 - 2014-09-04 18:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panzer Corps Collection 2014-09-04 14:59 - 2014-09-04 14:59 - 00000221 _____ () C:\Users\Hjalfnar\Desktop\Star Wars The Force Unleashed.url 2014-08-31 19:09 - 2014-08-31 19:09 - 00000222 _____ () C:\Users\Hjalfnar\Desktop\Panzer Corps.url 2014-08-29 16:56 - 2014-09-02 08:59 - 00000132 _____ () C:\Users\Hjalfnar\AppData\Roaming\Adobe PNG Format CS6 Prefs 2014-08-28 05:17 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-28 05:17 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-28 05:17 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-22 01:07 - 2014-08-22 01:07 - 00000000 _____ () C:\Windows\SysWOW64\FAP6118.tmp 2014-08-22 01:07 - 2014-08-22 01:07 - 00000000 _____ () C:\Windows\SysWOW64\FAP60C8.tmp 2014-08-22 00:58 - 2014-08-22 00:58 - 00000000 _____ () C:\Windows\SysWOW64\FAP9D97.tmp 2014-08-22 00:57 - 2014-08-22 00:57 - 00000000 _____ () C:\Windows\SysWOW64\FAPAB4B.tmp 2014-08-22 00:57 - 2014-08-22 00:57 - 00000000 _____ () C:\Windows\SysWOW64\FAPA946.tmp 2014-08-22 00:56 - 2014-08-22 00:56 - 00000000 _____ () C:\Windows\SysWOW64\FAP85AE.tmp 2014-08-22 00:56 - 2014-08-22 00:56 - 00000000 _____ () C:\Windows\SysWOW64\FAP83A9.tmp 2014-08-22 00:56 - 2014-08-22 00:56 - 00000000 _____ () C:\Windows\SysWOW64\FAP7861.tmp 2014-08-22 00:56 - 2014-08-22 00:56 - 00000000 _____ () C:\Windows\SysWOW64\FAP543C.tmp 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _____ () C:\Windows\SysWOW64\FAPD46C.tmp 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _____ () C:\Windows\SysWOW64\FAPD277.tmp 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _____ () C:\Windows\SysWOW64\FAPC5F7.tmp 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _____ () C:\Windows\SysWOW64\FAPA324.tmp 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _____ () C:\Windows\SysWOW64\FAP84AA.tmp 2014-08-22 00:54 - 2014-08-22 00:54 - 00000000 _____ () C:\Windows\SysWOW64\FAPB6B9.tmp 2014-08-22 00:54 - 2014-08-22 00:54 - 00000000 _____ () C:\Windows\SysWOW64\FAP9958.tmp 2014-08-22 00:43 - 2014-08-22 00:43 - 00000000 _____ () C:\Windows\SysWOW64\FAP8C2C.tmp 2014-08-22 00:43 - 2014-08-22 00:43 - 00000000 _____ () C:\Windows\SysWOW64\FAP8C0B.tmp 2014-08-22 00:40 - 2014-08-22 00:40 - 00000000 _____ () C:\Windows\SysWOW64\FAPA5B0.tmp 2014-08-22 00:40 - 2014-08-22 00:40 - 00000000 _____ () C:\Windows\SysWOW64\FAPA560.tmp 2014-08-22 00:40 - 2014-08-22 00:40 - 00000000 _____ () C:\Windows\SysWOW64\FAP6DDB.tmp 2014-08-22 00:40 - 2014-08-22 00:40 - 00000000 _____ () C:\Windows\SysWOW64\FAP6DAA.tmp 2014-08-22 00:30 - 2014-08-22 00:31 - 291175499 _____ () C:\Users\Hjalfnar\Downloads\_Divide_et_Impera095.7z 2014-08-22 00:30 - 2014-08-22 00:30 - 00000000 _____ () C:\Windows\SysWOW64\FAPD61A.tmp 2014-08-22 00:27 - 2014-08-22 00:27 - 00000000 _____ () C:\Windows\SysWOW64\FAP6388.tmp 2014-08-22 00:27 - 2014-08-22 00:27 - 00000000 _____ () C:\Windows\SysWOW64\FAP588E.tmp 2014-08-22 00:27 - 2014-08-22 00:27 - 00000000 _____ () C:\Windows\SysWOW64\FAP421F.tmp 2014-08-22 00:27 - 2014-08-22 00:27 - 00000000 _____ () C:\Windows\SysWOW64\FAP2856.tmp 2014-08-22 00:27 - 2014-08-22 00:27 - 00000000 _____ () C:\Windows\SysWOW64\FAP2613.tmp 2014-08-22 00:22 - 2014-08-22 00:22 - 00000000 _____ () C:\Windows\SysWOW64\FAPDAFA.tmp 2014-08-22 00:22 - 2014-08-22 00:22 - 00000000 _____ () C:\Windows\SysWOW64\FAPD8D6.tmp 2014-08-22 00:22 - 2014-08-22 00:22 - 00000000 _____ () C:\Windows\SysWOW64\FAP1AAC.tmp 2014-08-22 00:22 - 2014-08-22 00:22 - 00000000 _____ () C:\Windows\SysWOW64\FAP1251.tmp 2014-08-21 23:56 - 2014-08-21 23:56 - 00000000 _____ () C:\Windows\SysWOW64\FAPEB18.tmp 2014-08-21 23:56 - 2014-08-21 23:56 - 00000000 _____ () C:\Windows\SysWOW64\FAPE72F.tmp 2014-08-21 23:56 - 2014-08-21 23:56 - 00000000 _____ () C:\Windows\SysWOW64\FAPDB4B.tmp 2014-08-21 23:56 - 2014-08-21 23:56 - 00000000 _____ () C:\Windows\SysWOW64\FAPD994.tmp 2014-08-21 23:56 - 2014-08-21 23:56 - 00000000 _____ () C:\Windows\SysWOW64\FAPB965.tmp 2014-08-21 23:56 - 2014-08-21 23:56 - 00000000 _____ () C:\Windows\SysWOW64\FAPB56D.tmp 2014-08-21 23:56 - 2014-08-21 23:56 - 00000000 _____ () C:\Windows\SysWOW64\FAPAEB.tmp 2014-08-21 23:56 - 2014-08-21 23:56 - 00000000 _____ () C:\Windows\SysWOW64\FAP953.tmp 2014-08-21 23:25 - 2014-08-21 23:25 - 00000000 _____ () C:\Windows\SysWOW64\FAPBBD1.tmp 2014-08-21 23:19 - 2014-08-21 23:19 - 00000000 _____ () C:\Windows\SysWOW64\FAP3496.tmp 2014-08-21 23:10 - 2014-08-21 23:10 - 00000000 _____ () C:\Windows\SysWOW64\FAP9DC2.tmp 2014-08-21 23:10 - 2014-08-21 23:10 - 00000000 _____ () C:\Windows\SysWOW64\FAP9DA0.tmp 2014-08-21 23:10 - 2014-08-21 23:10 - 00000000 _____ () C:\Windows\SysWOW64\FAP9D8F.tmp 2014-08-21 23:10 - 2014-08-21 23:10 - 00000000 _____ () C:\Windows\SysWOW64\FAP9D6E.tmp 2014-08-21 23:05 - 2014-08-21 23:05 - 00000000 _____ () C:\Windows\SysWOW64\FAPDCEB.tmp 2014-08-21 23:05 - 2014-08-21 23:05 - 00000000 _____ () C:\Windows\SysWOW64\FAP5B7A.tmp 2014-08-21 23:05 - 2014-08-21 23:05 - 00000000 _____ () C:\Windows\SysWOW64\FAP37D2.tmp 2014-08-21 23:05 - 2014-08-21 23:05 - 00000000 _____ () C:\Windows\SysWOW64\FAP2C8A.tmp 2014-08-21 23:04 - 2014-08-21 23:04 - 00000000 _____ () C:\Windows\SysWOW64\FAPBCF4.tmp 2014-08-21 22:54 - 2014-08-21 22:54 - 00000000 _____ () C:\Windows\SysWOW64\FAP3942.tmp 2014-08-21 22:54 - 2014-08-21 22:54 - 00000000 _____ () C:\Windows\SysWOW64\FAP2025.tmp 2014-08-21 22:53 - 2014-08-21 22:53 - 00000000 _____ () C:\Windows\SysWOW64\FAP3548.tmp 2014-08-21 22:51 - 2014-08-21 22:51 - 00000000 _____ () C:\Windows\SysWOW64\FAP32F5.tmp 2014-08-21 22:50 - 2014-08-21 22:50 - 00000000 _____ () C:\Windows\SysWOW64\FAP30F1.tmp 2014-08-21 22:47 - 2014-08-21 22:47 - 00000000 _____ () C:\Windows\SysWOW64\FAPF288.tmp 2014-08-21 22:47 - 2014-08-21 22:47 - 00000000 _____ () C:\Windows\SysWOW64\FAPEB17.tmp 2014-08-21 22:46 - 2014-08-21 22:46 - 00000000 _____ () C:\Windows\SysWOW64\FAPF75C.tmp 2014-08-21 22:46 - 2014-08-21 22:46 - 00000000 _____ () C:\Windows\SysWOW64\FAPEEE2.tmp 2014-08-21 22:46 - 2014-08-21 22:46 - 00000000 _____ () C:\Windows\SysWOW64\FAP6B4B.tmp 2014-08-21 22:46 - 2014-08-21 22:46 - 00000000 _____ () C:\Windows\SysWOW64\FAP63EA.tmp 2014-08-21 22:46 - 2014-08-21 22:46 - 00000000 _____ () C:\Windows\SysWOW64\FAP20C1.tmp 2014-08-21 22:46 - 2014-08-21 22:46 - 00000000 _____ () C:\Windows\SysWOW64\FAP1A59.tmp 2014-08-21 22:44 - 2014-08-21 22:44 - 00000000 _____ () C:\Windows\SysWOW64\FAP692.tmp 2014-08-21 22:44 - 2014-08-21 22:44 - 00000000 _____ () C:\Windows\SysWOW64\FAP16F9.tmp 2014-08-21 22:43 - 2014-08-21 22:43 - 00000000 _____ () C:\Windows\SysWOW64\FAPAF7C.tmp 2014-08-21 22:43 - 2014-08-21 22:43 - 00000000 _____ () C:\Windows\SysWOW64\FAP9EF6.tmp 2014-08-21 22:43 - 2014-08-21 22:43 - 00000000 _____ () C:\Windows\SysWOW64\FAP9CA3.tmp 2014-08-21 20:09 - 2014-08-21 20:09 - 00000000 _____ () C:\Windows\SysWOW64\FAP8603.tmp 2014-08-21 20:09 - 2014-08-21 20:09 - 00000000 _____ () C:\Windows\SysWOW64\FAP85D2.tmp 2014-08-21 20:09 - 2014-08-21 20:09 - 00000000 _____ () C:\Windows\SysWOW64\FAP8553.tmp 2014-08-21 20:09 - 2014-08-21 20:09 - 00000000 _____ () C:\Windows\SysWOW64\FAP8438.tmp 2014-08-21 19:56 - 2014-08-21 19:56 - 00000000 _____ () C:\Windows\SysWOW64\FAPC78C.tmp 2014-08-21 19:56 - 2014-08-21 19:56 - 00000000 _____ () C:\Windows\SysWOW64\FAPC76B.tmp 2014-08-21 19:49 - 2014-08-21 19:49 - 00000000 _____ () C:\Windows\SysWOW64\FAP679D.tmp 2014-08-21 19:41 - 2014-08-21 19:41 - 00000000 _____ () C:\Windows\SysWOW64\FAP786D.tmp 2014-08-21 19:41 - 2014-08-21 19:41 - 00000000 _____ () C:\Windows\SysWOW64\FAP7649.tmp 2014-08-21 19:41 - 2014-08-21 19:41 - 00000000 _____ () C:\Windows\SysWOW64\FAP75CA.tmp 2014-08-21 19:35 - 2014-08-21 19:35 - 00000000 _____ () C:\Windows\SysWOW64\FAP9E2F.tmp 2014-08-21 19:30 - 2014-08-21 19:30 - 00000000 _____ () C:\Windows\SysWOW64\FAP133D.tmp 2014-08-21 19:27 - 2014-08-21 19:27 - 00000000 _____ () C:\Windows\SysWOW64\FAPDABD.tmp 2014-08-21 19:27 - 2014-08-21 19:27 - 00000000 _____ () C:\Windows\SysWOW64\FAPD233.tmp 2014-08-21 19:27 - 2014-08-21 19:27 - 00000000 _____ () C:\Windows\SysWOW64\FAP94C4.tmp 2014-08-21 19:27 - 2014-08-21 19:27 - 00000000 _____ () C:\Windows\SysWOW64\FAP8519.tmp 2014-08-21 19:25 - 2014-08-21 19:25 - 00000000 _____ () C:\Windows\SysWOW64\FAP5E94.tmp 2014-08-21 19:20 - 2014-08-21 19:20 - 00000000 _____ () C:\Windows\SysWOW64\FAPD45.tmp 2014-08-21 19:20 - 2014-08-21 19:20 - 00000000 _____ () C:\Windows\SysWOW64\FAP162D.tmp 2014-08-21 19:19 - 2014-08-21 19:19 - 00000000 _____ () C:\Windows\SysWOW64\FAPA196.tmp 2014-08-21 19:19 - 2014-08-21 19:19 - 00000000 _____ () C:\Windows\SysWOW64\FAP9FCF.tmp 2014-08-21 19:00 - 2014-08-21 19:00 - 00000000 _____ () C:\Windows\SysWOW64\FAP739F.tmp 2014-08-21 18:58 - 2014-08-21 18:58 - 00000000 _____ () C:\Windows\SysWOW64\FAP322A.tmp 2014-08-21 18:58 - 2014-08-21 18:58 - 00000000 _____ () C:\Windows\SysWOW64\FAP31EA.tmp 2014-08-21 18:58 - 2014-08-21 18:58 - 00000000 _____ () C:\Windows\SysWOW64\FAP316B.tmp 2014-08-21 18:55 - 2014-08-21 18:55 - 00000000 _____ () C:\Windows\SysWOW64\FAP9CE8.tmp 2014-08-21 18:55 - 2014-08-21 18:55 - 00000000 _____ () C:\Windows\SysWOW64\FAP9CC7.tmp 2014-08-21 18:55 - 2014-08-21 18:55 - 00000000 _____ () C:\Windows\SysWOW64\FAP9B2F.tmp 2014-08-21 18:54 - 2014-08-21 18:54 - 00000000 _____ () C:\Windows\SysWOW64\FAPDC01.tmp 2014-08-21 18:54 - 2014-08-21 18:54 - 00000000 _____ () C:\Windows\SysWOW64\FAP1636.tmp 2014-08-21 18:44 - 2014-08-21 18:44 - 00000000 _____ () C:\Windows\SysWOW64\FAPEDAB.tmp 2014-08-21 18:34 - 2014-08-21 18:34 - 00000000 _____ () C:\Windows\SysWOW64\FAPCFA.tmp 2014-08-21 18:34 - 2014-08-21 18:34 - 00000000 _____ () C:\Windows\SysWOW64\FAP1AF0.tmp 2014-08-21 18:33 - 2014-08-21 18:33 - 00000000 _____ () C:\Windows\SysWOW64\FAPDC95.tmp 2014-08-21 18:32 - 2014-08-21 18:32 - 00000000 _____ () C:\Windows\SysWOW64\FAPEE8D.tmp 2014-08-21 18:31 - 2014-08-21 18:31 - 00000000 _____ () C:\Windows\SysWOW64\FAPEF37.tmp 2014-08-21 18:30 - 2014-08-21 18:30 - 00000000 _____ () C:\Windows\SysWOW64\FAP8F88.tmp 2014-08-21 18:30 - 2014-08-21 18:30 - 00000000 _____ () C:\Windows\SysWOW64\FAP8AD5.tmp 2014-08-21 18:30 - 2014-08-21 18:30 - 00000000 _____ () C:\Windows\SysWOW64\FAP894D.tmp 2014-08-21 14:46 - 2014-08-21 14:46 - 00000000 _____ () C:\Windows\SysWOW64\FAP3B57.tmp 2014-08-21 14:46 - 2014-08-21 14:46 - 00000000 _____ () C:\Windows\SysWOW64\FAP3B16.tmp 2014-08-21 14:46 - 2014-08-21 14:46 - 00000000 _____ () C:\Windows\SysWOW64\FAP3866.tmp 2014-08-21 14:46 - 2014-08-21 14:46 - 00000000 _____ () C:\Windows\SysWOW64\FAP3806.tmp 2014-08-21 14:46 - 2014-08-21 14:46 - 00000000 _____ () C:\Windows\SysWOW64\FAP3066.tmp 2014-08-21 14:40 - 2014-08-21 14:40 - 00000000 _____ () C:\Windows\SysWOW64\FAP712B.tmp 2014-08-21 14:40 - 2014-08-21 14:40 - 00000000 _____ () C:\Windows\SysWOW64\FAP6C59.tmp 2014-08-21 14:40 - 2014-08-21 14:40 - 00000000 _____ () C:\Windows\SysWOW64\FAP6AB1.tmp 2014-08-21 14:40 - 2014-08-21 14:40 - 00000000 _____ () C:\Windows\SysWOW64\FAP6A61.tmp 2014-08-21 14:40 - 2014-08-21 14:40 - 00000000 _____ () C:\Windows\SysWOW64\FAP5D55.tmp 2014-08-21 14:39 - 2014-08-21 14:39 - 00000000 _____ () C:\Windows\SysWOW64\FAP2D00.tmp 2014-08-21 14:36 - 2014-08-21 14:36 - 00000000 _____ () C:\Windows\SysWOW64\FAP4CEC.tmp 2014-08-21 14:35 - 2014-08-21 14:35 - 00000000 _____ () C:\Windows\SysWOW64\FAPDF79.tmp 2014-08-21 14:35 - 2014-08-21 14:35 - 00000000 _____ () C:\Windows\SysWOW64\FAPBA5A.tmp 2014-08-21 14:33 - 2014-08-21 14:33 - 00000000 _____ () C:\Windows\SysWOW64\FAPB385.tmp 2014-08-21 14:32 - 2014-08-21 14:32 - 00000000 _____ () C:\Windows\SysWOW64\FAP313A.tmp 2014-08-21 14:32 - 2014-08-21 14:32 - 00000000 _____ () C:\Windows\SysWOW64\FAP2E1C.tmp 2014-08-21 14:32 - 2014-08-21 14:32 - 00000000 _____ () C:\Windows\SysWOW64\FAP2D6F.tmp 2014-08-21 14:29 - 2014-08-21 14:29 - 00000000 _____ () C:\Windows\SysWOW64\FAP4C33.tmp 2014-08-21 14:29 - 2014-08-21 14:29 - 00000000 _____ () C:\Windows\SysWOW64\FAP4667.tmp 2014-08-21 14:18 - 2014-08-21 14:18 - 00000000 _____ () C:\Windows\SysWOW64\FAPA8AF.tmp 2014-08-21 14:13 - 2014-08-21 14:13 - 00000000 _____ () C:\Windows\SysWOW64\FAPC80F.tmp 2014-08-21 13:40 - 2014-08-21 13:40 - 00000000 _____ () C:\Windows\SysWOW64\FAP8F32.tmp 2014-08-21 13:26 - 2014-08-21 13:26 - 00000000 _____ () C:\Windows\SysWOW64\FAP615C.tmp 2014-08-21 13:26 - 2014-08-21 13:26 - 00000000 _____ () C:\Windows\SysWOW64\FAP613B.tmp 2014-08-21 13:26 - 2014-08-21 13:26 - 00000000 _____ () C:\Windows\SysWOW64\FAP60FB.tmp 2014-08-21 13:26 - 2014-08-21 13:26 - 00000000 _____ () C:\Windows\SysWOW64\FAP172D.tmp 2014-08-21 13:26 - 2014-08-21 13:26 - 00000000 _____ () C:\Windows\SysWOW64\FAP16FC.tmp 2014-08-21 13:26 - 2014-08-21 13:26 - 00000000 _____ () C:\Windows\SysWOW64\FAP168D.tmp 2014-08-21 13:19 - 2014-08-21 13:19 - 00000000 _____ () C:\Windows\SysWOW64\FAP6076.tmp 2014-08-21 13:19 - 2014-08-21 13:19 - 00000000 _____ () C:\Windows\SysWOW64\FAP6035.tmp 2014-08-21 13:19 - 2014-08-21 13:19 - 00000000 _____ () C:\Windows\SysWOW64\FAP5FD6.tmp 2014-08-21 12:58 - 2014-08-21 12:58 - 00000000 _____ () C:\Windows\SysWOW64\FAPDA50.tmp 2014-08-21 12:58 - 2014-08-21 12:58 - 00000000 _____ () C:\Windows\SysWOW64\FAPDA00.tmp 2014-08-21 12:58 - 2014-08-21 12:58 - 00000000 _____ () C:\Windows\SysWOW64\FAPD8D5.tmp 2014-08-21 12:35 - 2014-08-21 12:35 - 00000000 ____D () C:\Users\Hjalfnar\Downloads\Warhammer 40K - 7th Edition - Codex Space Wolves 2014-08-21 12:34 - 2014-08-21 12:34 - 00000000 _____ () C:\Windows\SysWOW64\FAP3248.tmp 2014-08-21 12:33 - 2014-08-21 12:33 - 00000000 _____ () C:\Windows\SysWOW64\FAPE9D1.tmp 2014-08-21 12:26 - 2014-08-21 12:26 - 00000000 _____ () C:\Windows\SysWOW64\FAP38D8.tmp 2014-08-21 12:25 - 2014-08-21 12:25 - 00000000 _____ () C:\Windows\SysWOW64\FAP770E.tmp 2014-08-21 11:52 - 2014-08-21 11:52 - 00000000 _____ () C:\Windows\SysWOW64\FAPEEAA.tmp 2014-08-21 11:38 - 2014-08-21 11:38 - 00000000 _____ () C:\Windows\SysWOW64\FAPE8EE.tmp 2014-08-21 11:38 - 2014-08-21 11:38 - 00000000 _____ () C:\Windows\SysWOW64\FAPE5D0.tmp 2014-08-21 11:38 - 2014-08-21 11:38 - 00000000 _____ () C:\Windows\SysWOW64\FAPC498.tmp 2014-08-21 11:38 - 2014-08-21 11:38 - 00000000 _____ () C:\Windows\SysWOW64\FAPC052.tmp 2014-08-21 10:39 - 2014-08-21 10:39 - 00000000 _____ () C:\Windows\SysWOW64\FAPDD60.tmp 2014-08-21 10:39 - 2014-08-21 10:39 - 00000000 _____ () C:\Windows\SysWOW64\FAPDD4F.tmp 2014-08-21 10:36 - 2014-08-21 10:36 - 00000000 _____ () C:\Windows\SysWOW64\FAP5B80.tmp 2014-08-21 10:36 - 2014-08-21 10:36 - 00000000 _____ () C:\Windows\SysWOW64\FAP5AF2.tmp 2014-08-21 10:28 - 2014-08-21 10:28 - 00000000 _____ () C:\Windows\SysWOW64\FAP9BE6.tmp 2014-08-21 10:28 - 2014-08-21 10:28 - 00000000 _____ () C:\Windows\SysWOW64\FAP712C.tmp 2014-08-21 10:26 - 2014-08-21 10:26 - 00000000 _____ () C:\Windows\SysWOW64\FAPED99.tmp 2014-08-21 10:26 - 2014-08-21 10:26 - 00000000 _____ () C:\Windows\SysWOW64\FAPEC9E.tmp 2014-08-21 10:26 - 2014-08-21 10:26 - 00000000 _____ () C:\Windows\SysWOW64\FAP54B1.tmp 2014-08-21 10:26 - 2014-08-21 10:26 - 00000000 _____ () C:\Windows\SysWOW64\FAP46F9.tmp 2014-08-21 10:26 - 2014-08-21 10:26 - 00000000 _____ () C:\Windows\SysWOW64\FAP3F39.tmp 2014-08-21 10:26 - 2014-08-21 10:26 - 00000000 _____ () C:\Windows\SysWOW64\FAP3E7C.tmp 2014-08-21 10:26 - 2014-08-21 10:26 - 00000000 _____ () C:\Windows\SysWOW64\FAP3086.tmp 2014-08-21 10:25 - 2014-08-21 10:25 - 00000000 _____ () C:\Windows\SysWOW64\FAPE300.tmp 2014-08-21 02:42 - 2014-08-21 02:42 - 00000000 _____ () C:\Windows\SysWOW64\FAP96CA.tmp 2014-08-21 02:42 - 2014-08-21 02:42 - 00000000 _____ () C:\Windows\SysWOW64\FAP96B8.tmp 2014-08-21 02:42 - 2014-08-21 02:42 - 00000000 _____ () C:\Windows\SysWOW64\FAP9697.tmp 2014-08-21 02:42 - 2014-08-21 02:42 - 00000000 _____ () C:\Windows\SysWOW64\FAP9685.tmp 2014-08-21 02:41 - 2014-08-21 02:41 - 00000000 _____ () C:\Windows\SysWOW64\FAPD984.tmp 2014-08-21 02:41 - 2014-08-21 02:41 - 00000000 _____ () C:\Windows\SysWOW64\FAPD972.tmp 2014-08-21 02:41 - 2014-08-21 02:41 - 00000000 _____ () C:\Windows\SysWOW64\FAPD960.tmp 2014-08-21 02:41 - 2014-08-21 02:41 - 00000000 _____ () C:\Windows\SysWOW64\FAPC938.tmp 2014-08-21 02:41 - 2014-08-21 02:41 - 00000000 _____ () C:\Windows\SysWOW64\FAP30BF.tmp 2014-08-21 02:41 - 2014-08-21 02:41 - 00000000 _____ () C:\Windows\SysWOW64\FAP30AE.tmp 2014-08-21 02:41 - 2014-08-21 02:41 - 00000000 _____ () C:\Windows\SysWOW64\FAP309C.tmp 2014-08-21 02:41 - 2014-08-21 02:41 - 00000000 _____ () C:\Windows\SysWOW64\FAP307B.tmp 2014-08-21 02:38 - 2014-08-21 02:38 - 00000000 _____ () C:\Windows\SysWOW64\FAPD459.tmp 2014-08-21 02:38 - 2014-08-21 02:38 - 00000000 _____ () C:\Windows\SysWOW64\FAPD274.tmp 2014-08-21 02:38 - 2014-08-21 02:38 - 00000000 _____ () C:\Windows\SysWOW64\FAP63DF.tmp 2014-08-21 02:38 - 2014-08-21 02:38 - 00000000 _____ () C:\Windows\SysWOW64\FAP1052.tmp 2014-08-21 02:37 - 2014-08-21 02:37 - 00000000 _____ () C:\Windows\SysWOW64\FAP9FDD.tmp 2014-08-21 02:37 - 2014-08-21 02:37 - 00000000 _____ () C:\Windows\SysWOW64\FAP89DC.tmp 2014-08-21 02:37 - 2014-08-21 02:37 - 00000000 _____ () C:\Windows\SysWOW64\FAP89DA.tmp 2014-08-21 02:37 - 2014-08-21 02:37 - 00000000 _____ () C:\Windows\SysWOW64\FAP89B9.tmp 2014-08-21 01:03 - 2014-08-21 01:03 - 00000000 _____ () C:\Windows\SysWOW64\FAPC454.tmp 2014-08-20 22:58 - 2014-08-20 22:58 - 00000000 _____ () C:\Windows\SysWOW64\FAP795C.tmp 2014-08-20 22:58 - 2014-08-20 22:58 - 00000000 _____ () C:\Windows\SysWOW64\FAP793B.tmp 2014-08-20 22:29 - 2014-08-20 22:29 - 00000000 _____ () C:\Windows\SysWOW64\FAP4656.tmp 2014-08-20 22:28 - 2014-08-20 22:28 - 00000000 _____ () C:\Windows\SysWOW64\FAP92AF.tmp 2014-08-20 22:28 - 2014-08-20 22:28 - 00000000 _____ () C:\Windows\SysWOW64\FAP9156.tmp 2014-08-20 22:27 - 2014-08-20 22:27 - 00000000 _____ () C:\Windows\SysWOW64\FAP9817.tmp 2014-08-20 22:21 - 2014-08-20 22:21 - 00000000 _____ () C:\Windows\SysWOW64\FAPE931.tmp 2014-08-20 22:21 - 2014-08-20 22:21 - 00000000 _____ () C:\Windows\SysWOW64\FAPDB98.tmp 2014-08-20 22:21 - 2014-08-20 22:21 - 00000000 _____ () C:\Windows\SysWOW64\FAPCF47.tmp 2014-08-20 22:19 - 2014-08-20 22:19 - 00000000 _____ () C:\Windows\SysWOW64\FAP4416.tmp 2014-08-20 22:19 - 2014-08-20 22:19 - 00000000 _____ () C:\Windows\SysWOW64\FAP3F82.tmp 2014-08-20 22:09 - 2014-08-20 22:09 - 00000000 _____ () C:\Windows\SysWOW64\FAPE060.tmp 2014-08-20 22:09 - 2014-08-20 22:09 - 00000000 _____ () C:\Windows\SysWOW64\FAPD7C7.tmp 2014-08-20 22:05 - 2014-08-20 22:05 - 00000000 _____ () C:\Windows\SysWOW64\FAPFA61.tmp 2014-08-20 22:05 - 2014-08-20 22:05 - 00000000 _____ () C:\Windows\SysWOW64\FAPEE9D.tmp 2014-08-20 22:02 - 2014-08-20 22:02 - 00000000 _____ () C:\Windows\SysWOW64\FAP2C17.tmp 2014-08-20 21:53 - 2014-08-20 21:53 - 00000000 _____ () C:\Windows\SysWOW64\FAP6FB9.tmp 2014-08-20 21:53 - 2014-08-20 21:53 - 00000000 _____ () C:\Windows\SysWOW64\FAP6EAE.tmp 2014-08-20 20:11 - 2014-08-20 20:11 - 00000000 _____ () C:\Windows\SysWOW64\FAPED3B.tmp 2014-08-20 20:11 - 2014-08-20 20:11 - 00000000 _____ () C:\Windows\SysWOW64\FAPEC9D.tmp 2014-08-20 20:11 - 2014-08-20 20:11 - 00000000 _____ () C:\Windows\SysWOW64\FAPEA1C.tmp 2014-08-20 20:11 - 2014-08-20 20:11 - 00000000 _____ () C:\Windows\SysWOW64\FAPE9DB.tmp 2014-08-20 20:11 - 2014-08-20 20:11 - 00000000 _____ () C:\Windows\SysWOW64\FAPE364.tmp 2014-08-20 20:11 - 2014-08-20 20:11 - 00000000 _____ () C:\Windows\SysWOW64\FAPDCAE.tmp 2014-08-20 20:11 - 2014-08-20 20:11 - 00000000 _____ () C:\Windows\SysWOW64\FAP7CA2.tmp 2014-08-20 20:11 - 2014-08-20 20:11 - 00000000 _____ () C:\Windows\SysWOW64\FAP7C52.tmp 2014-08-20 20:11 - 2014-08-20 20:11 - 00000000 _____ () C:\Windows\SysWOW64\FAP7C02.tmp 2014-08-20 20:11 - 2014-08-20 20:11 - 00000000 _____ () C:\Windows\SysWOW64\FAP799F.tmp 2014-08-20 20:11 - 2014-08-20 20:11 - 00000000 _____ () C:\Windows\SysWOW64\FAP794F.tmp 2014-08-20 20:11 - 2014-08-20 20:11 - 00000000 _____ () C:\Windows\SysWOW64\FAP71EE.tmp 2014-08-20 20:09 - 2014-08-20 20:09 - 00000000 _____ () C:\Windows\SysWOW64\FAPED90.tmp 2014-08-20 20:08 - 2014-08-20 20:08 - 00000000 _____ () C:\Windows\SysWOW64\FAP8338.tmp 2014-08-20 20:08 - 2014-08-20 20:08 - 00000000 _____ () C:\Windows\SysWOW64\FAP2204.tmp 2014-08-20 17:45 - 2014-08-20 17:45 - 00000000 _____ () C:\Windows\SysWOW64\FAP77CC.tmp 2014-08-20 17:45 - 2014-08-20 17:45 - 00000000 _____ () C:\Windows\SysWOW64\FAP6100.tmp 2014-08-20 17:44 - 2014-08-20 17:44 - 00000000 _____ () C:\Windows\SysWOW64\FAP1FF9.tmp 2014-08-20 17:37 - 2014-08-20 17:37 - 00000000 _____ () C:\Windows\SysWOW64\FAPECA7.tmp 2014-08-20 16:35 - 2014-08-20 16:35 - 00000000 _____ () C:\Windows\SysWOW64\FAP3EE8.tmp 2014-08-20 14:57 - 2014-08-20 14:57 - 00000000 _____ () C:\Windows\SysWOW64\FAP4F0A.tmp 2014-08-20 14:57 - 2014-08-20 14:57 - 00000000 _____ () C:\Windows\SysWOW64\FAP4E7C.tmp 2014-08-20 13:09 - 2014-08-20 13:09 - 00000000 _____ () C:\Windows\SysWOW64\FAP7308.tmp 2014-08-20 13:09 - 2014-08-20 13:09 - 00000000 _____ () C:\Windows\SysWOW64\FAP72B8.tmp 2014-08-20 12:52 - 2014-08-20 12:52 - 00000000 _____ () C:\Windows\SysWOW64\FAPEFC1.tmp 2014-08-20 12:52 - 2014-08-20 12:52 - 00000000 _____ () C:\Windows\SysWOW64\FAPE1CB.tmp 2014-08-20 12:52 - 2014-08-20 12:52 - 00000000 _____ () C:\Windows\SysWOW64\FAPE18A.tmp 2014-08-20 12:52 - 2014-08-20 12:52 - 00000000 _____ () C:\Windows\SysWOW64\FAPDA48.tmp 2014-08-20 12:52 - 2014-08-20 12:52 - 00000000 _____ () C:\Windows\SysWOW64\FAPD47C.tmp 2014-08-20 12:51 - 2014-08-20 12:51 - 00000000 _____ () C:\Windows\SysWOW64\FAP9BBE.tmp 2014-08-20 12:50 - 2014-08-20 12:50 - 00000000 _____ () C:\Windows\SysWOW64\FAP86C6.tmp 2014-08-20 12:50 - 2014-08-20 12:50 - 00000000 _____ () C:\Windows\SysWOW64\FAP8676.tmp 2014-08-20 12:50 - 2014-08-20 12:50 - 00000000 _____ () C:\Windows\SysWOW64\FAP7F33.tmp 2014-08-20 12:46 - 2014-08-20 12:46 - 00000000 _____ () C:\Windows\SysWOW64\FAP7BC8.tmp 2014-08-20 12:46 - 2014-08-20 12:46 - 00000000 _____ () C:\Windows\SysWOW64\FAP79A4.tmp 2014-08-20 12:46 - 2014-08-20 12:46 - 00000000 _____ () C:\Windows\SysWOW64\FAP77ED.tmp 2014-08-20 12:46 - 2014-08-20 12:46 - 00000000 _____ () C:\Windows\SysWOW64\FAP77BC.tmp 2014-08-20 12:46 - 2014-08-20 12:46 - 00000000 _____ () C:\Windows\SysWOW64\FAP6FCE.tmp 2014-08-20 12:46 - 2014-08-20 12:46 - 00000000 _____ () C:\Windows\SysWOW64\FAP6956.tmp 2014-08-20 12:45 - 2014-08-20 12:45 - 00000000 _____ () C:\Windows\SysWOW64\FAPB9A5.tmp 2014-08-20 12:45 - 2014-08-20 12:45 - 00000000 _____ () C:\Windows\SysWOW64\FAPA50B.tmp 2014-08-20 12:45 - 2014-08-20 12:45 - 00000000 _____ () C:\Windows\SysWOW64\FAPA4DA.tmp 2014-08-20 12:45 - 2014-08-20 12:45 - 00000000 _____ () C:\Windows\SysWOW64\FAP9FF8.tmp 2014-08-20 12:45 - 2014-08-20 12:45 - 00000000 _____ () C:\Windows\SysWOW64\FAP9971.tmp 2014-08-20 11:59 - 2014-08-20 11:59 - 00000000 _____ () C:\Windows\SysWOW64\FAP2B.tmp 2014-08-20 11:57 - 2014-08-20 11:57 - 00000000 _____ () C:\Windows\SysWOW64\FAP8733.tmp 2014-08-20 11:41 - 2014-08-20 11:41 - 00000000 _____ () C:\Windows\SysWOW64\FAPDBC6.tmp 2014-08-20 11:41 - 2014-08-20 11:41 - 00000000 _____ () C:\Windows\SysWOW64\FAPD2AF.tmp 2014-08-20 11:41 - 2014-08-20 11:41 - 00000000 _____ () C:\Windows\SysWOW64\FAPD26F.tmp 2014-08-20 11:41 - 2014-08-20 11:41 - 00000000 _____ () C:\Windows\SysWOW64\FAPCD01.tmp 2014-08-20 11:41 - 2014-08-20 11:41 - 00000000 _____ () C:\Windows\SysWOW64\FAPC522.tmp 2014-08-20 11:37 - 2014-08-20 11:37 - 00000000 _____ () C:\Windows\SysWOW64\FAPDAA.tmp 2014-08-20 11:37 - 2014-08-20 11:37 - 00000000 _____ () C:\Windows\SysWOW64\FAPD5A.tmp 2014-08-20 11:37 - 2014-08-20 11:37 - 00000000 _____ () C:\Windows\SysWOW64\FAP4779.tmp 2014-08-20 11:37 - 2014-08-20 11:37 - 00000000 _____ () C:\Windows\SysWOW64\FAP3E82.tmp 2014-08-20 11:37 - 2014-08-20 11:37 - 00000000 _____ () C:\Windows\SysWOW64\FAP3E41.tmp 2014-08-20 11:37 - 2014-08-20 11:37 - 00000000 _____ () C:\Windows\SysWOW64\FAP37BA.tmp 2014-08-20 11:37 - 2014-08-20 11:37 - 00000000 _____ () C:\Windows\SysWOW64\FAP1672.tmp 2014-08-20 11:36 - 2014-08-20 11:36 - 00000000 _____ () C:\Windows\SysWOW64\FAPFB4.tmp 2014-08-20 11:36 - 2014-08-20 11:36 - 00000000 _____ () C:\Windows\SysWOW64\FAP1C27.tmp 2014-08-20 11:36 - 2014-08-20 11:36 - 00000000 _____ () C:\Windows\SysWOW64\FAP1004.tmp 2014-08-20 11:32 - 2014-08-20 11:32 - 00000000 _____ () C:\Windows\SysWOW64\FAPCDC3.tmp 2014-08-20 11:30 - 2014-08-20 11:30 - 00000000 _____ () C:\Windows\SysWOW64\FAP2AFD.tmp 2014-08-20 11:07 - 2014-08-20 11:07 - 00000000 _____ () C:\Windows\SysWOW64\FAP95FC.tmp 2014-08-20 10:47 - 2014-08-23 13:55 - 00000000 ____D () C:\Users\Hjalfnar\AppData\Local\Adobe 2014-08-19 00:11 - 2014-08-19 00:11 - 03689799 _____ () C:\Users\Hjalfnar\Desktop\OnlineCodexWH40K_Testversion_7.jar 2014-08-15 03:00 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll 2014-08-15 03:00 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll 2014-08-15 03:00 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2014-08-15 03:00 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2014-08-15 03:00 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe 2014-08-15 03:00 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll 2014-08-15 03:00 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe 2014-08-15 03:00 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-14 15:45 - 2014-09-14 15:45 - 00016634 _____ () C:\Users\Hjalfnar\Downloads\FRST.txt 2014-09-14 15:45 - 2014-09-14 15:40 - 00000000 ____D () C:\FRST 2014-09-14 15:42 - 2014-09-14 15:42 - 00000478 _____ () C:\Users\Hjalfnar\Downloads\defogger_disable.log 2014-09-14 15:42 - 2014-09-14 15:42 - 00000000 _____ () C:\Users\Hjalfnar\defogger_reenable 2014-09-14 15:42 - 2014-04-15 14:17 - 00000000 ____D () C:\Users\Hjalfnar 2014-09-14 15:41 - 2014-09-14 15:41 - 00050477 _____ () C:\Users\Hjalfnar\Downloads\Defogger.exe 2014-09-14 15:40 - 2014-04-15 15:26 - 00000000 ____D () C:\Users\Hjalfnar\AppData\Roaming\Skype 2014-09-14 15:39 - 2014-09-14 15:39 - 02105856 _____ (Farbar) C:\Users\Hjalfnar\Downloads\FRST64.exe 2014-09-14 15:30 - 2014-04-15 16:53 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-09-14 15:26 - 2014-04-15 16:03 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-09-14 13:16 - 2014-09-11 09:59 - 00000000 ____D () C:\Users\Hjalfnar\AppData\Local\LogMeIn Hamachi 2014-09-14 12:40 - 2014-04-15 16:31 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-09-14 10:12 - 2014-04-15 16:09 - 00698294 _____ () C:\Windows\system32\perfh007.dat 2014-09-14 10:12 - 2014-04-15 16:09 - 00149760 _____ () C:\Windows\system32\perfc007.dat 2014-09-14 10:12 - 2009-07-14 07:13 - 01624034 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-09-14 10:09 - 2014-07-17 06:28 - 01840885 _____ () C:\Windows\WindowsUpdate.log 2014-09-14 10:05 - 2014-09-14 08:52 - 00000504 _____ () C:\Windows\setupact.log 2014-09-14 10:05 - 2014-04-15 15:33 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-09-14 10:05 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-09-14 09:14 - 2014-04-15 19:04 - 00000000 ____D () C:\Users\Hjalfnar\AppData\Roaming\uTorrent 2014-09-14 09:06 - 2014-08-09 09:25 - 00000000 ____D () C:\Users\Hjalfnar\AppData\Roaming\FileAdvisor 2014-09-14 09:06 - 2014-08-08 09:06 - 00000000 ____D () C:\Program Files (x86)\File Type Advisor 2014-09-14 09:03 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-09-14 08:52 - 2014-09-14 08:52 - 00000000 _____ () C:\Windows\setuperr.log 2014-09-14 08:52 - 2014-04-15 14:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-09-14 01:02 - 2014-04-15 16:01 - 00000000 ____D () C:\Users\Hjalfnar\AppData\Roaming\DAEMON Tools Lite 2014-09-14 00:58 - 2014-04-16 21:41 - 00000000 ____D () C:\Users\Hjalfnar\AppData\Roaming\TS3Client 2014-09-14 00:04 - 2009-07-14 06:45 - 00025936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-09-14 00:04 - 2009-07-14 06:45 - 00025936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-09-12 21:20 - 2014-09-12 21:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-09-12 03:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-09-12 03:02 - 2014-04-15 16:16 - 00000000 ____D () C:\Windows\system32\MRT 2014-09-12 03:02 - 2014-04-15 14:33 - 01594886 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-09-12 03:00 - 2014-05-07 00:57 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-09-12 03:00 - 2014-04-15 16:16 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-09-11 09:59 - 2014-09-11 09:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2014-09-11 09:55 - 2014-06-20 18:52 - 00000000 ____D () C:\Users\Hjalfnar\AppData\Roaming\Tunngle 2014-09-11 09:55 - 2014-06-20 18:52 - 00000000 ____D () C:\ProgramData\Tunngle 2014-09-11 09:50 - 2014-06-20 21:10 - 00000000 _____ () C:\Windows\SysWOW64\Access.dat 2014-09-09 22:22 - 2014-05-30 15:07 - 00000000 ____D () C:\ProgramData\Origin 2014-09-07 19:04 - 2014-04-17 17:45 - 00000000 ____D () C:\Users\Hjalfnar\Documents\Electronic Arts 2014-09-07 19:02 - 2014-09-07 19:02 - 00001049 _____ () C:\Users\Public\Desktop\Die Sims 4.lnk 2014-09-07 19:02 - 2014-09-07 19:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die Sims 4 2014-09-06 23:08 - 2014-09-06 23:08 - 00003132 _____ () C:\Windows\System32\Tasks\Origin 2014-09-06 23:08 - 2014-05-30 15:08 - 00000000 ___HD () C:\Users\Hjalfnar\AppData\Roaming\Origin 2014-09-06 23:04 - 2014-04-15 15:56 - 00000000 ____D () C:\Spiele 2014-09-05 16:46 - 2014-04-15 14:48 - 00000000 ____D () C:\ProgramData\Package Cache 2014-09-05 16:03 - 2014-09-05 16:03 - 00000222 _____ () C:\Users\Hjalfnar\Desktop\Wargame AirLand Battle.url 2014-09-05 11:56 - 2014-09-05 11:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The SIMS 4 Deluxe Edition 2014-09-05 04:10 - 2014-09-11 08:17 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-09-05 04:05 - 2014-09-11 08:17 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-09-04 23:21 - 2014-09-04 23:21 - 00000000 ____D () C:\Users\Hjalfnar\Documents\Aspyr 2014-09-04 23:19 - 2014-09-04 23:19 - 00000000 ____D () C:\Users\Hjalfnar\AppData\Local\Aspyr 2014-09-04 18:17 - 2014-09-04 18:17 - 00000839 _____ () C:\Users\Hjalfnar\Desktop\Panzer Corps Collection.lnk 2014-09-04 18:17 - 2014-09-04 18:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panzer Corps Collection 2014-09-04 18:17 - 2014-04-15 22:57 - 00000000 ____D () C:\Windows\SysWOW64\directx 2014-09-04 14:59 - 2014-09-04 14:59 - 00000221 _____ () C:\Users\Hjalfnar\Desktop\Star Wars The Force Unleashed.url 2014-09-02 08:59 - 2014-08-29 16:56 - 00000132 _____ () C:\Users\Hjalfnar\AppData\Roaming\Adobe PNG Format CS6 Prefs 2014-08-31 19:28 - 2014-04-15 18:01 - 00000000 ____D () C:\Users\Hjalfnar\Documents\My Games 2014-08-31 19:09 - 2014-08-31 19:09 - 00000222 _____ () C:\Users\Hjalfnar\Desktop\Panzer Corps.url 2014-08-29 07:55 - 2009-07-14 06:45 - 04890344 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-08-23 13:55 - 2014-08-20 10:47 - 00000000 ____D () C:\Users\Hjalfnar\AppData\Local\Adobe 2014-08-23 04:07 - 2014-08-28 05:17 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-23 03:45 - 2014-08-28 05:17 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-23 02:59 - 2014-08-28 05:17 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-22 08:31 - 2014-07-16 09:00 - 00000000 ____D () C:\Users\Hjalfnar\AppData\Local\2K Games 2014-08-22 01:07 - 2014-08-22 01:07 - 00000000 _____ () C:\Windows\SysWOW64\FAP6118.tmp 2014-08-22 01:07 - 2014-08-22 01:07 - 00000000 _____ () C:\Windows\SysWOW64\FAP60C8.tmp 2014-08-22 00:58 - 2014-08-22 00:58 - 00000000 _____ () C:\Windows\SysWOW64\FAP9D97.tmp 2014-08-22 00:57 - 2014-08-22 00:57 - 00000000 _____ () C:\Windows\SysWOW64\FAPAB4B.tmp 2014-08-22 00:57 - 2014-08-22 00:57 - 00000000 _____ () C:\Windows\SysWOW64\FAPA946.tmp 2014-08-22 00:56 - 2014-08-22 00:56 - 00000000 _____ () C:\Windows\SysWOW64\FAP85AE.tmp 2014-08-22 00:56 - 2014-08-22 00:56 - 00000000 _____ () C:\Windows\SysWOW64\FAP83A9.tmp 2014-08-22 00:56 - 2014-08-22 00:56 - 00000000 _____ () C:\Windows\SysWOW64\FAP7861.tmp 2014-08-22 00:56 - 2014-08-22 00:56 - 00000000 _____ () C:\Windows\SysWOW64\FAP543C.tmp 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _____ () C:\Windows\SysWOW64\FAPD46C.tmp 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _____ () C:\Windows\SysWOW64\FAPD277.tmp 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _____ () C:\Windows\SysWOW64\FAPC5F7.tmp 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _____ () C:\Windows\SysWOW64\FAPA324.tmp 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _____ () C:\Windows\SysWOW64\FAP84AA.tmp 2014-08-22 00:54 - 2014-08-22 00:54 - 00000000 _____ () C:\Windows\SysWOW64\FAPB6B9.tmp 2014-08-22 00:54 - 2014-08-22 00:54 - 00000000 _____ () C:\Windows\SysWOW64\FAP9958.tmp 2014-08-22 00:43 - 2014-08-22 00:43 - 00000000 _____ () C:\Windows\SysWOW64\FAP8C2C.tmp 2014-08-22 00:43 - 2014-08-22 00:43 - 00000000 _____ () C:\Windows\SysWOW64\FAP8C0B.tmp 2014-08-22 00:40 - 2014-08-22 00:40 - 00000000 _____ () C:\Windows\SysWOW64\FAPA5B0.tmp 2014-08-22 00:40 - 2014-08-22 00:40 - 00000000 _____ () C:\Windows\SysWOW64\FAPA560.tmp 2014-08-22 00:40 - 2014-08-22 00:40 - 00000000 _____ () C:\Windows\SysWOW64\FAP6DDB.tmp 2014-08-22 00:40 - 2014-08-22 00:40 - 00000000 _____ () C:\Windows\SysWOW64\FAP6DAA.tmp 2014-08-22 00:31 - 2014-08-22 00:30 - 291175499 _____ () C:\Users\Hjalfnar\Downloads\_Divide_et_Impera095.7z 2014-08-22 00:30 - 2014-08-22 00:30 - 00000000 _____ () C:\Windows\SysWOW64\FAPD61A.tmp 2014-08-22 00:27 - 2014-08-22 00:27 - 00000000 _____ () C:\Windows\SysWOW64\FAP6388.tmp 2014-08-22 00:27 - 2014-08-22 00:27 - 00000000 _____ () C:\Windows\SysWOW64\FAP588E.tmp 2014-08-22 00:27 - 2014-08-22 00:27 - 00000000 _____ () C:\Windows\SysWOW64\FAP421F.tmp 2014-08-22 00:27 - 2014-08-22 00:27 - 00000000 _____ () C:\Windows\SysWOW64\FAP2856.tmp 2014-08-22 00:27 - 2014-08-22 00:27 - 00000000 _____ () C:\Windows\SysWOW64\FAP2613.tmp 2014-08-22 00:22 - 2014-08-22 00:22 - 00000000 _____ () C:\Windows\SysWOW64\FAPDAFA.tmp 2014-08-22 00:22 - 2014-08-22 00:22 - 00000000 _____ () C:\Windows\SysWOW64\FAPD8D6.tmp 2014-08-22 00:22 - 2014-08-22 00:22 - 00000000 _____ () C:\Windows\SysWOW64\FAP1AAC.tmp 2014-08-22 00:22 - 2014-08-22 00:22 - 00000000 _____ () C:\Windows\SysWOW64\FAP1251.tmp 2014-08-21 23:56 - 2014-08-21 23:56 - 00000000 _____ () C:\Windows\SysWOW64\FAPEB18.tmp 2014-08-21 23:56 - 2014-08-21 23:56 - 00000000 _____ () C:\Windows\SysWOW64\FAPE72F.tmp 2014-08-21 23:56 - 2014-08-21 23:56 - 00000000 _____ () C:\Windows\SysWOW64\FAPDB4B.tmp 2014-08-21 23:56 - 2014-08-21 23:56 - 00000000 _____ () C:\Windows\SysWOW64\FAPD994.tmp 2014-08-21 23:56 - 2014-08-21 23:56 - 00000000 _____ () C:\Windows\SysWOW64\FAPB965.tmp 2014-08-21 23:56 - 2014-08-21 23:56 - 00000000 _____ () C:\Windows\SysWOW64\FAPB56D.tmp 2014-08-21 23:56 - 2014-08-21 23:56 - 00000000 _____ () C:\Windows\SysWOW64\FAPAEB.tmp 2014-08-21 23:56 - 2014-08-21 23:56 - 00000000 _____ () C:\Windows\SysWOW64\FAP953.tmp 2014-08-21 23:25 - 2014-08-21 23:25 - 00000000 _____ () C:\Windows\SysWOW64\FAPBBD1.tmp 2014-08-21 23:19 - 2014-08-21 23:19 - 00000000 _____ () C:\Windows\SysWOW64\FAP3496.tmp 2014-08-21 23:10 - 2014-08-21 23:10 - 00000000 _____ () C:\Windows\SysWOW64\FAP9DC2.tmp 2014-08-21 23:10 - 2014-08-21 23:10 - 00000000 _____ () C:\Windows\SysWOW64\FAP9DA0.tmp 2014-08-21 23:10 - 2014-08-21 23:10 - 00000000 _____ () C:\Windows\SysWOW64\FAP9D8F.tmp 2014-08-21 23:10 - 2014-08-21 23:10 - 00000000 _____ () C:\Windows\SysWOW64\FAP9D6E.tmp 2014-08-21 23:05 - 2014-08-21 23:05 - 00000000 _____ () C:\Windows\SysWOW64\FAPDCEB.tmp 2014-08-21 23:05 - 2014-08-21 23:05 - 00000000 _____ () C:\Windows\SysWOW64\FAP5B7A.tmp 2014-08-21 23:05 - 2014-08-21 23:05 - 00000000 _____ () C:\Windows\SysWOW64\FAP37D2.tmp 2014-08-21 23:05 - 2014-08-21 23:05 - 00000000 _____ () C:\Windows\SysWOW64\FAP2C8A.tmp 2014-08-21 23:04 - 2014-08-21 23:04 - 00000000 _____ () C:\Windows\SysWOW64\FAPBCF4.tmp 2014-08-21 22:54 - 2014-08-21 22:54 - 00000000 _____ () C:\Windows\SysWOW64\FAP3942.tmp 2014-08-21 22:54 - 2014-08-21 22:54 - 00000000 _____ () C:\Windows\SysWOW64\FAP2025.tmp 2014-08-21 22:53 - 2014-08-21 22:53 - 00000000 _____ () C:\Windows\SysWOW64\FAP3548.tmp 2014-08-21 22:51 - 2014-08-21 22:51 - 00000000 _____ () C:\Windows\SysWOW64\FAP32F5.tmp 2014-08-21 22:50 - 2014-08-21 22:50 - 00000000 _____ () C:\Windows\SysWOW64\FAP30F1.tmp 2014-08-21 22:47 - 2014-08-21 22:47 - 00000000 _____ () C:\Windows\SysWOW64\FAPF288.tmp 2014-08-21 22:47 - 2014-08-21 22:47 - 00000000 _____ () C:\Windows\SysWOW64\FAPEB17.tmp 2014-08-21 22:46 - 2014-08-21 22:46 - 00000000 _____ () C:\Windows\SysWOW64\FAPF75C.tmp 2014-08-21 22:46 - 2014-08-21 22:46 - 00000000 _____ () C:\Windows\SysWOW64\FAPEEE2.tmp 2014-08-21 22:46 - 2014-08-21 22:46 - 00000000 _____ () C:\Windows\SysWOW64\FAP6B4B.tmp 2014-08-21 22:46 - 2014-08-21 22:46 - 00000000 _____ () C:\Windows\SysWOW64\FAP63EA.tmp 2014-08-21 22:46 - 2014-08-21 22:46 - 00000000 _____ () C:\Windows\SysWOW64\FAP20C1.tmp 2014-08-21 22:46 - 2014-08-21 22:46 - 00000000 _____ () C:\Windows\SysWOW64\FAP1A59.tmp 2014-08-21 22:44 - 2014-08-21 22:44 - 00000000 _____ () C:\Windows\SysWOW64\FAP692.tmp 2014-08-21 22:44 - 2014-08-21 22:44 - 00000000 _____ () C:\Windows\SysWOW64\FAP16F9.tmp 2014-08-21 22:43 - 2014-08-21 22:43 - 00000000 _____ () C:\Windows\SysWOW64\FAPAF7C.tmp 2014-08-21 22:43 - 2014-08-21 22:43 - 00000000 _____ () C:\Windows\SysWOW64\FAP9EF6.tmp 2014-08-21 22:43 - 2014-08-21 22:43 - 00000000 _____ () C:\Windows\SysWOW64\FAP9CA3.tmp 2014-08-21 20:09 - 2014-08-21 20:09 - 00000000 _____ () C:\Windows\SysWOW64\FAP8603.tmp 2014-08-21 20:09 - 2014-08-21 20:09 - 00000000 _____ () C:\Windows\SysWOW64\FAP85D2.tmp 2014-08-21 20:09 - 2014-08-21 20:09 - 00000000 _____ () C:\Windows\SysWOW64\FAP8553.tmp 2014-08-21 20:09 - 2014-08-21 20:09 - 00000000 _____ () C:\Windows\SysWOW64\FAP8438.tmp 2014-08-21 19:56 - 2014-08-21 19:56 - 00000000 _____ () C:\Windows\SysWOW64\FAPC78C.tmp 2014-08-21 19:56 - 2014-08-21 19:56 - 00000000 _____ () C:\Windows\SysWOW64\FAPC76B.tmp 2014-08-21 19:49 - 2014-08-21 19:49 - 00000000 _____ () C:\Windows\SysWOW64\FAP679D.tmp 2014-08-21 19:41 - 2014-08-21 19:41 - 00000000 _____ () C:\Windows\SysWOW64\FAP786D.tmp 2014-08-21 19:41 - 2014-08-21 19:41 - 00000000 _____ () C:\Windows\SysWOW64\FAP7649.tmp 2014-08-21 19:41 - 2014-08-21 19:41 - 00000000 _____ () C:\Windows\SysWOW64\FAP75CA.tmp 2014-08-21 19:35 - 2014-08-21 19:35 - 00000000 _____ () C:\Windows\SysWOW64\FAP9E2F.tmp 2014-08-21 19:30 - 2014-08-21 19:30 - 00000000 _____ () C:\Windows\SysWOW64\FAP133D.tmp 2014-08-21 19:27 - 2014-08-21 19:27 - 00000000 _____ () C:\Windows\SysWOW64\FAPDABD.tmp 2014-08-21 19:27 - 2014-08-21 19:27 - 00000000 _____ () C:\Windows\SysWOW64\FAPD233.tmp 2014-08-21 19:27 - 2014-08-21 19:27 - 00000000 _____ () C:\Windows\SysWOW64\FAP94C4.tmp 2014-08-21 19:27 - 2014-08-21 19:27 - 00000000 _____ () C:\Windows\SysWOW64\FAP8519.tmp 2014-08-21 19:25 - 2014-08-21 19:25 - 00000000 _____ () C:\Windows\SysWOW64\FAP5E94.tmp 2014-08-21 19:20 - 2014-08-21 19:20 - 00000000 _____ () C:\Windows\SysWOW64\FAPD45.tmp 2014-08-21 19:20 - 2014-08-21 19:20 - 00000000 _____ () C:\Windows\SysWOW64\FAP162D.tmp 2014-08-21 19:19 - 2014-08-21 19:19 - 00000000 _____ () C:\Windows\SysWOW64\FAPA196.tmp 2014-08-21 19:19 - 2014-08-21 19:19 - 00000000 _____ () C:\Windows\SysWOW64\FAP9FCF.tmp 2014-08-21 19:00 - 2014-08-21 19:00 - 00000000 _____ () C:\Windows\SysWOW64\FAP739F.tmp 2014-08-21 18:58 - 2014-08-21 18:58 - 00000000 _____ () C:\Windows\SysWOW64\FAP322A.tmp 2014-08-21 18:58 - 2014-08-21 18:58 - 00000000 _____ () C:\Windows\SysWOW64\FAP31EA.tmp 2014-08-21 18:58 - 2014-08-21 18:58 - 00000000 _____ () C:\Windows\SysWOW64\FAP316B.tmp 2014-08-21 18:55 - 2014-08-21 18:55 - 00000000 _____ () C:\Windows\SysWOW64\FAP9CE8.tmp 2014-08-21 18:55 - 2014-08-21 18:55 - 00000000 _____ () C:\Windows\SysWOW64\FAP9CC7.tmp 2014-08-21 18:55 - 2014-08-21 18:55 - 00000000 _____ () C:\Windows\SysWOW64\FAP9B2F.tmp 2014-08-21 18:54 - 2014-08-21 18:54 - 00000000 _____ () C:\Windows\SysWOW64\FAPDC01.tmp 2014-08-21 18:54 - 2014-08-21 18:54 - 00000000 _____ () C:\Windows\SysWOW64\FAP1636.tmp 2014-08-21 18:44 - 2014-08-21 18:44 - 00000000 _____ () C:\Windows\SysWOW64\FAPEDAB.tmp 2014-08-21 18:34 - 2014-08-21 18:34 - 00000000 _____ () C:\Windows\SysWOW64\FAPCFA.tmp 2014-08-21 18:34 - 2014-08-21 18:34 - 00000000 _____ () C:\Windows\SysWOW64\FAP1AF0.tmp 2014-08-21 18:33 - 2014-08-21 18:33 - 00000000 _____ () C:\Windows\SysWOW64\FAPDC95.tmp 2014-08-21 18:32 - 2014-08-21 18:32 - 00000000 _____ () C:\Windows\SysWOW64\FAPEE8D.tmp 2014-08-21 18:31 - 2014-08-21 18:31 - 00000000 _____ () C:\Windows\SysWOW64\FAPEF37.tmp 2014-08-21 18:30 - 2014-08-21 18:30 - 00000000 _____ () C:\Windows\SysWOW64\FAP8F88.tmp 2014-08-21 18:30 - 2014-08-21 18:30 - 00000000 _____ () C:\Windows\SysWOW64\FAP8AD5.tmp 2014-08-21 18:30 - 2014-08-21 18:30 - 00000000 _____ () C:\Windows\SysWOW64\FAP894D.tmp 2014-08-21 14:46 - 2014-08-21 14:46 - 00000000 _____ () C:\Windows\SysWOW64\FAP3B57.tmp 2014-08-21 14:46 - 2014-08-21 14:46 - 00000000 _____ () C:\Windows\SysWOW64\FAP3B16.tmp 2014-08-21 14:46 - 2014-08-21 14:46 - 00000000 _____ () C:\Windows\SysWOW64\FAP3866.tmp 2014-08-21 14:46 - 2014-08-21 14:46 - 00000000 _____ () C:\Windows\SysWOW64\FAP3806.tmp 2014-08-21 14:46 - 2014-08-21 14:46 - 00000000 _____ () C:\Windows\SysWOW64\FAP3066.tmp 2014-08-21 14:40 - 2014-08-21 14:40 - 00000000 _____ () C:\Windows\SysWOW64\FAP712B.tmp 2014-08-21 14:40 - 2014-08-21 14:40 - 00000000 _____ () C:\Windows\SysWOW64\FAP6C59.tmp 2014-08-21 14:40 - 2014-08-21 14:40 - 00000000 _____ () C:\Windows\SysWOW64\FAP6AB1.tmp 2014-08-21 14:40 - 2014-08-21 14:40 - 00000000 _____ () C:\Windows\SysWOW64\FAP6A61.tmp 2014-08-21 14:40 - 2014-08-21 14:40 - 00000000 _____ () C:\Windows\SysWOW64\FAP5D55.tmp 2014-08-21 14:39 - 2014-08-21 14:39 - 00000000 _____ () C:\Windows\SysWOW64\FAP2D00.tmp 2014-08-21 14:36 - 2014-08-21 14:36 - 00000000 _____ () C:\Windows\SysWOW64\FAP4CEC.tmp 2014-08-21 14:35 - 2014-08-21 14:35 - 00000000 _____ () C:\Windows\SysWOW64\FAPDF79.tmp 2014-08-21 14:35 - 2014-08-21 14:35 - 00000000 _____ () C:\Windows\SysWOW64\FAPBA5A.tmp 2014-08-21 14:33 - 2014-08-21 14:33 - 00000000 _____ () C:\Windows\SysWOW64\FAPB385.tmp 2014-08-21 14:32 - 2014-08-21 14:32 - 00000000 _____ () C:\Windows\SysWOW64\FAP313A.tmp 2014-08-21 14:32 - 2014-08-21 14:32 - 00000000 _____ () C:\Windows\SysWOW64\FAP2E1C.tmp 2014-08-21 14:32 - 2014-08-21 14:32 - 00000000 _____ () C:\Windows\SysWOW64\FAP2D6F.tmp 2014-08-21 14:29 - 2014-08-21 14:29 - 00000000 _____ () C:\Windows\SysWOW64\FAP4C33.tmp 2014-08-21 14:29 - 2014-08-21 14:29 - 00000000 _____ () C:\Windows\SysWOW64\FAP4667.tmp 2014-08-21 14:18 - 2014-08-21 14:18 - 00000000 _____ () C:\Windows\SysWOW64\FAPA8AF.tmp 2014-08-21 14:13 - 2014-08-21 14:13 - 00000000 _____ () C:\Windows\SysWOW64\FAPC80F.tmp 2014-08-21 13:40 - 2014-08-21 13:40 - 00000000 _____ () C:\Windows\SysWOW64\FAP8F32.tmp 2014-08-21 13:26 - 2014-08-21 13:26 - 00000000 _____ () C:\Windows\SysWOW64\FAP615C.tmp 2014-08-21 13:26 - 2014-08-21 13:26 - 00000000 _____ () C:\Windows\SysWOW64\FAP613B.tmp 2014-08-21 13:26 - 2014-08-21 13:26 - 00000000 _____ () C:\Windows\SysWOW64\FAP60FB.tmp 2014-08-21 13:26 - 2014-08-21 13:26 - 00000000 _____ () C:\Windows\SysWOW64\FAP172D.tmp 2014-08-21 13:26 - 2014-08-21 13:26 - 00000000 _____ () C:\Windows\SysWOW64\FAP16FC.tmp 2014-08-21 13:26 - 2014-08-21 13:26 - 00000000 _____ () C:\Windows\SysWOW64\FAP168D.tmp 2014-08-21 13:19 - 2014-08-21 13:19 - 00000000 _____ () C:\Windows\SysWOW64\FAP6076.tmp 2014-08-21 13:19 - 2014-08-21 13:19 - 00000000 _____ () C:\Windows\SysWOW64\FAP6035.tmp 2014-08-21 13:19 - 2014-08-21 13:19 - 00000000 _____ () C:\Windows\SysWOW64\FAP5FD6.tmp 2014-08-21 12:58 - 2014-08-21 12:58 - 00000000 _____ () C:\Windows\SysWOW64\FAPDA50.tmp 2014-08-21 12:58 - 2014-08-21 12:58 - 00000000 _____ () C:\Windows\SysWOW64\FAPDA00.tmp 2014-08-21 12:58 - 2014-08-21 12:58 - 00000000 _____ () C:\Windows\SysWOW64\FAPD8D5.tmp 2014-08-21 12:35 - 2014-08-21 12:35 - 00000000 ____D () C:\Users\Hjalfnar\Downloads\Warhammer 40K - 7th Edition - Codex Space Wolves 2014-08-21 12:34 - 2014-08-21 12:34 - 00000000 _____ () C:\Windows\SysWOW64\FAP3248.tmp 2014-08-21 12:33 - 2014-08-21 12:33 - 00000000 _____ () C:\Windows\SysWOW64\FAPE9D1.tmp 2014-08-21 12:26 - 2014-08-21 12:26 - 00000000 _____ () C:\Windows\SysWOW64\FAP38D8.tmp 2014-08-21 12:25 - 2014-08-21 12:25 - 00000000 _____ () C:\Windows\SysWOW64\FAP770E.tmp 2014-08-21 11:52 - 2014-08-21 11:52 - 00000000 _____ () C:\Windows\SysWOW64\FAPEEAA.tmp 2014-08-21 11:38 - 2014-08-21 11:38 - 00000000 _____ () C:\Windows\SysWOW64\FAPE8EE.tmp 2014-08-21 11:38 - 2014-08-21 11:38 - 00000000 _____ () C:\Windows\SysWOW64\FAPE5D0.tmp 2014-08-21 11:38 - 2014-08-21 11:38 - 00000000 _____ () C:\Windows\SysWOW64\FAPC498.tmp 2014-08-21 11:38 - 2014-08-21 11:38 - 00000000 _____ () C:\Windows\SysWOW64\FAPC052.tmp 2014-08-21 10:39 - 2014-08-21 10:39 - 00000000 _____ () C:\Windows\SysWOW64\FAPDD60.tmp 2014-08-21 10:39 - 2014-08-21 10:39 - 00000000 _____ () C:\Windows\SysWOW64\FAPDD4F.tmp 2014-08-21 10:36 - 2014-08-21 10:36 - 00000000 _____ () C:\Windows\SysWOW64\FAP5B80.tmp 2014-08-21 10:36 - 2014-08-21 10:36 - 00000000 _____ () C:\Windows\SysWOW64\FAP5AF2.tmp 2014-08-21 10:28 - 2014-08-21 10:28 - 00000000 _____ () C:\Windows\SysWOW64\FAP9BE6.tmp 2014-08-21 10:28 - 2014-08-21 10:28 - 00000000 _____ () C:\Windows\SysWOW64\FAP712C.tmp 2014-08-21 10:26 - 2014-08-21 10:26 - 00000000 _____ () C:\Windows\SysWOW64\FAPED99.tmp 2014-08-21 10:26 - 2014-08-21 10:26 - 00000000 _____ () C:\Windows\SysWOW64\FAPEC9E.tmp 2014-08-21 10:26 - 2014-08-21 10:26 - 00000000 _____ () C:\Windows\SysWOW64\FAP54B1.tmp 2014-08-21 10:26 - 2014-08-21 10:26 - 00000000 _____ () C:\Windows\SysWOW64\FAP46F9.tmp 2014-08-21 10:26 - 2014-08-21 10:26 - 00000000 _____ () C:\Windows\SysWOW64\FAP3F39.tmp 2014-08-21 10:26 - 2014-08-21 10:26 - 00000000 _____ () C:\Windows\SysWOW64\FAP3E7C.tmp 2014-08-21 10:26 - 2014-08-21 10:26 - 00000000 _____ () C:\Windows\SysWOW64\FAP3086.tmp 2014-08-21 10:25 - 2014-08-21 10:25 - 00000000 _____ () C:\Windows\SysWOW64\FAPE300.tmp 2014-08-21 02:42 - 2014-08-21 02:42 - 00000000 _____ () C:\Windows\SysWOW64\FAP96CA.tmp 2014-08-21 02:42 - 2014-08-21 02:42 - 00000000 _____ () C:\Windows\SysWOW64\FAP96B8.tmp 2014-08-21 02:42 - 2014-08-21 02:42 - 00000000 _____ () C:\Windows\SysWOW64\FAP9697.tmp 2014-08-21 02:42 - 2014-08-21 02:42 - 00000000 _____ () C:\Windows\SysWOW64\FAP9685.tmp 2014-08-21 02:41 - 2014-08-21 02:41 - 00000000 _____ () C:\Windows\SysWOW64\FAPD984.tmp 2014-08-21 02:41 - 2014-08-21 02:41 - 00000000 _____ () C:\Windows\SysWOW64\FAPD972.tmp 2014-08-21 02:41 - 2014-08-21 02:41 - 00000000 _____ () C:\Windows\SysWOW64\FAPD960.tmp 2014-08-21 02:41 - 2014-08-21 02:41 - 00000000 _____ () C:\Windows\SysWOW64\FAPC938.tmp 2014-08-21 02:41 - 2014-08-21 02:41 - 00000000 _____ () C:\Windows\SysWOW64\FAP30BF.tmp 2014-08-21 02:41 - 2014-08-21 02:41 - 00000000 _____ () C:\Windows\SysWOW64\FAP30AE.tmp 2014-08-21 02:41 - 2014-08-21 02:41 - 00000000 _____ () C:\Windows\SysWOW64\FAP309C.tmp 2014-08-21 02:41 - 2014-08-21 02:41 - 00000000 _____ () C:\Windows\SysWOW64\FAP307B.tmp 2014-08-21 02:38 - 2014-08-21 02:38 - 00000000 _____ () C:\Windows\SysWOW64\FAPD459.tmp 2014-08-21 02:38 - 2014-08-21 02:38 - 00000000 _____ () C:\Windows\SysWOW64\FAPD274.tmp 2014-08-21 02:38 - 2014-08-21 02:38 - 00000000 _____ () C:\Windows\SysWOW64\FAP63DF.tmp 2014-08-21 02:38 - 2014-08-21 02:38 - 00000000 _____ () C:\Windows\SysWOW64\FAP1052.tmp 2014-08-21 02:37 - 2014-08-21 02:37 - 00000000 _____ () C:\Windows\SysWOW64\FAP9FDD.tmp 2014-08-21 02:37 - 2014-08-21 02:37 - 00000000 _____ () C:\Windows\SysWOW64\FAP89DC.tmp 2014-08-21 02:37 - 2014-08-21 02:37 - 00000000 _____ () C:\Windows\SysWOW64\FAP89DA.tmp 2014-08-21 02:37 - 2014-08-21 02:37 - 00000000 _____ () C:\Windows\SysWOW64\FAP89B9.tmp 2014-08-21 01:03 - 2014-08-21 01:03 - 00000000 _____ () C:\Windows\SysWOW64\FAPC454.tmp 2014-08-20 22:58 - 2014-08-20 22:58 - 00000000 _____ () C:\Windows\SysWOW64\FAP795C.tmp 2014-08-20 22:58 - 2014-08-20 22:58 - 00000000 _____ () C:\Windows\SysWOW64\FAP793B.tmp 2014-08-20 22:29 - 2014-08-20 22:29 - 00000000 _____ () C:\Windows\SysWOW64\FAP4656.tmp 2014-08-20 22:28 - 2014-08-20 22:28 - 00000000 _____ () C:\Windows\SysWOW64\FAP92AF.tmp 2014-08-20 22:28 - 2014-08-20 22:28 - 00000000 _____ () C:\Windows\SysWOW64\FAP9156.tmp 2014-08-20 22:27 - 2014-08-20 22:27 - 00000000 _____ () C:\Windows\SysWOW64\FAP9817.tmp 2014-08-20 22:21 - 2014-08-20 22:21 - 00000000 _____ () C:\Windows\SysWOW64\FAPE931.tmp 2014-08-20 22:21 - 2014-08-20 22:21 - 00000000 _____ () C:\Windows\SysWOW64\FAPDB98.tmp 2014-08-20 22:21 - 2014-08-20 22:21 - 00000000 _____ () C:\Windows\SysWOW64\FAPCF47.tmp 2014-08-20 22:19 - 2014-08-20 22:19 - 00000000 _____ () C:\Windows\SysWOW64\FAP4416.tmp 2014-08-20 22:19 - 2014-08-20 22:19 - 00000000 _____ () C:\Windows\SysWOW64\FAP3F82.tmp 2014-08-20 22:09 - 2014-08-20 22:09 - 00000000 _____ () C:\Windows\SysWOW64\FAPE060.tmp 2014-08-20 22:09 - 2014-08-20 22:09 - 00000000 _____ () C:\Windows\SysWOW64\FAPD7C7.tmp 2014-08-20 22:05 - 2014-08-20 22:05 - 00000000 _____ () C:\Windows\SysWOW64\FAPFA61.tmp 2014-08-20 22:05 - 2014-08-20 22:05 - 00000000 _____ () C:\Windows\SysWOW64\FAPEE9D.tmp 2014-08-20 22:02 - 2014-08-20 22:02 - 00000000 _____ () C:\Windows\SysWOW64\FAP2C17.tmp 2014-08-20 21:53 - 2014-08-20 21:53 - 00000000 _____ () C:\Windows\SysWOW64\FAP6FB9.tmp 2014-08-20 21:53 - 2014-08-20 21:53 - 00000000 _____ () C:\Windows\SysWOW64\FAP6EAE.tmp 2014-08-20 20:11 - 2014-08-20 20:11 - 00000000 _____ () C:\Windows\SysWOW64\FAPED3B.tmp 2014-08-20 20:11 - 2014-08-20 20:11 - 00000000 _____ () C:\Windows\SysWOW64\FAPEC9D.tmp 2014-08-20 20:11 - 2014-08-20 20:11 - 00000000 _____ () C:\Windows\SysWOW64\FAPEA1C.tmp 2014-08-20 20:11 - 2014-08-20 20:11 - 00000000 _____ () C:\Windows\SysWOW64\FAPE9DB.tmp 2014-08-20 20:11 - 2014-08-20 20:11 - 00000000 _____ () C:\Windows\SysWOW64\FAPE364.tmp 2014-08-20 20:11 - 2014-08-20 20:11 - 00000000 _____ () C:\Windows\SysWOW64\FAPDCAE.tmp 2014-08-20 20:11 - 2014-08-20 20:11 - 00000000 _____ () C:\Windows\SysWOW64\FAP7CA2.tmp 2014-08-20 20:11 - 2014-08-20 20:11 - 00000000 _____ () C:\Windows\SysWOW64\FAP7C52.tmp 2014-08-20 20:11 - 2014-08-20 20:11 - 00000000 _____ () C:\Windows\SysWOW64\FAP7C02.tmp 2014-08-20 20:11 - 2014-08-20 20:11 - 00000000 _____ () C:\Windows\SysWOW64\FAP799F.tmp 2014-08-20 20:11 - 2014-08-20 20:11 - 00000000 _____ () C:\Windows\SysWOW64\FAP794F.tmp 2014-08-20 20:11 - 2014-08-20 20:11 - 00000000 _____ () C:\Windows\SysWOW64\FAP71EE.tmp 2014-08-20 20:09 - 2014-08-20 20:09 - 00000000 _____ () C:\Windows\SysWOW64\FAPED90.tmp 2014-08-20 20:08 - 2014-08-20 20:08 - 00000000 _____ () C:\Windows\SysWOW64\FAP8338.tmp 2014-08-20 20:08 - 2014-08-20 20:08 - 00000000 _____ () C:\Windows\SysWOW64\FAP2204.tmp 2014-08-20 17:45 - 2014-08-20 17:45 - 00000000 _____ () C:\Windows\SysWOW64\FAP77CC.tmp 2014-08-20 17:45 - 2014-08-20 17:45 - 00000000 _____ () C:\Windows\SysWOW64\FAP6100.tmp 2014-08-20 17:44 - 2014-08-20 17:44 - 00000000 _____ () C:\Windows\SysWOW64\FAP1FF9.tmp 2014-08-20 17:37 - 2014-08-20 17:37 - 00000000 _____ () C:\Windows\SysWOW64\FAPECA7.tmp 2014-08-20 16:35 - 2014-08-20 16:35 - 00000000 _____ () C:\Windows\SysWOW64\FAP3EE8.tmp 2014-08-20 14:57 - 2014-08-20 14:57 - 00000000 _____ () C:\Windows\SysWOW64\FAP4F0A.tmp 2014-08-20 14:57 - 2014-08-20 14:57 - 00000000 _____ () C:\Windows\SysWOW64\FAP4E7C.tmp 2014-08-20 13:09 - 2014-08-20 13:09 - 00000000 _____ () C:\Windows\SysWOW64\FAP7308.tmp 2014-08-20 13:09 - 2014-08-20 13:09 - 00000000 _____ () C:\Windows\SysWOW64\FAP72B8.tmp 2014-08-20 12:52 - 2014-08-20 12:52 - 00000000 _____ () C:\Windows\SysWOW64\FAPEFC1.tmp 2014-08-20 12:52 - 2014-08-20 12:52 - 00000000 _____ () C:\Windows\SysWOW64\FAPE1CB.tmp 2014-08-20 12:52 - 2014-08-20 12:52 - 00000000 _____ () C:\Windows\SysWOW64\FAPE18A.tmp 2014-08-20 12:52 - 2014-08-20 12:52 - 00000000 _____ () C:\Windows\SysWOW64\FAPDA48.tmp 2014-08-20 12:52 - 2014-08-20 12:52 - 00000000 _____ () C:\Windows\SysWOW64\FAPD47C.tmp 2014-08-20 12:51 - 2014-08-20 12:51 - 00000000 _____ () C:\Windows\SysWOW64\FAP9BBE.tmp 2014-08-20 12:50 - 2014-08-20 12:50 - 00000000 _____ () C:\Windows\SysWOW64\FAP86C6.tmp 2014-08-20 12:50 - 2014-08-20 12:50 - 00000000 _____ () C:\Windows\SysWOW64\FAP8676.tmp 2014-08-20 12:50 - 2014-08-20 12:50 - 00000000 _____ () C:\Windows\SysWOW64\FAP7F33.tmp 2014-08-20 12:46 - 2014-08-20 12:46 - 00000000 _____ () C:\Windows\SysWOW64\FAP7BC8.tmp 2014-08-20 12:46 - 2014-08-20 12:46 - 00000000 _____ () C:\Windows\SysWOW64\FAP79A4.tmp 2014-08-20 12:46 - 2014-08-20 12:46 - 00000000 _____ () C:\Windows\SysWOW64\FAP77ED.tmp 2014-08-20 12:46 - 2014-08-20 12:46 - 00000000 _____ () C:\Windows\SysWOW64\FAP77BC.tmp 2014-08-20 12:46 - 2014-08-20 12:46 - 00000000 _____ () C:\Windows\SysWOW64\FAP6FCE.tmp 2014-08-20 12:46 - 2014-08-20 12:46 - 00000000 _____ () C:\Windows\SysWOW64\FAP6956.tmp 2014-08-20 12:45 - 2014-08-20 12:45 - 00000000 _____ () C:\Windows\SysWOW64\FAPB9A5.tmp 2014-08-20 12:45 - 2014-08-20 12:45 - 00000000 _____ () C:\Windows\SysWOW64\FAPA50B.tmp 2014-08-20 12:45 - 2014-08-20 12:45 - 00000000 _____ () C:\Windows\SysWOW64\FAPA4DA.tmp 2014-08-20 12:45 - 2014-08-20 12:45 - 00000000 _____ () C:\Windows\SysWOW64\FAP9FF8.tmp 2014-08-20 12:45 - 2014-08-20 12:45 - 00000000 _____ () C:\Windows\SysWOW64\FAP9971.tmp 2014-08-20 11:59 - 2014-08-20 11:59 - 00000000 _____ () C:\Windows\SysWOW64\FAP2B.tmp 2014-08-20 11:57 - 2014-08-20 11:57 - 00000000 _____ () C:\Windows\SysWOW64\FAP8733.tmp 2014-08-20 11:41 - 2014-08-20 11:41 - 00000000 _____ () C:\Windows\SysWOW64\FAPDBC6.tmp 2014-08-20 11:41 - 2014-08-20 11:41 - 00000000 _____ () C:\Windows\SysWOW64\FAPD2AF.tmp 2014-08-20 11:41 - 2014-08-20 11:41 - 00000000 _____ () C:\Windows\SysWOW64\FAPD26F.tmp 2014-08-20 11:41 - 2014-08-20 11:41 - 00000000 _____ () C:\Windows\SysWOW64\FAPCD01.tmp 2014-08-20 11:41 - 2014-08-20 11:41 - 00000000 _____ () C:\Windows\SysWOW64\FAPC522.tmp 2014-08-20 11:37 - 2014-08-20 11:37 - 00000000 _____ () C:\Windows\SysWOW64\FAPDAA.tmp 2014-08-20 11:37 - 2014-08-20 11:37 - 00000000 _____ () C:\Windows\SysWOW64\FAPD5A.tmp 2014-08-20 11:37 - 2014-08-20 11:37 - 00000000 _____ () C:\Windows\SysWOW64\FAP4779.tmp 2014-08-20 11:37 - 2014-08-20 11:37 - 00000000 _____ () C:\Windows\SysWOW64\FAP3E82.tmp 2014-08-20 11:37 - 2014-08-20 11:37 - 00000000 _____ () C:\Windows\SysWOW64\FAP3E41.tmp 2014-08-20 11:37 - 2014-08-20 11:37 - 00000000 _____ () C:\Windows\SysWOW64\FAP37BA.tmp 2014-08-20 11:37 - 2014-08-20 11:37 - 00000000 _____ () C:\Windows\SysWOW64\FAP1672.tmp 2014-08-20 11:36 - 2014-08-20 11:36 - 00000000 _____ () C:\Windows\SysWOW64\FAPFB4.tmp 2014-08-20 11:36 - 2014-08-20 11:36 - 00000000 _____ () C:\Windows\SysWOW64\FAP1C27.tmp 2014-08-20 11:36 - 2014-08-20 11:36 - 00000000 _____ () C:\Windows\SysWOW64\FAP1004.tmp 2014-08-20 11:32 - 2014-08-20 11:32 - 00000000 _____ () C:\Windows\SysWOW64\FAPCDC3.tmp 2014-08-20 11:30 - 2014-08-20 11:30 - 00000000 _____ () C:\Windows\SysWOW64\FAP2AFD.tmp 2014-08-20 11:07 - 2014-08-20 11:07 - 00000000 _____ () C:\Windows\SysWOW64\FAP95FC.tmp 2014-08-20 10:13 - 2014-04-15 16:53 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-08-20 10:13 - 2014-04-15 16:53 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-08-20 10:13 - 2014-04-15 16:53 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-08-19 20:05 - 2014-09-12 03:03 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-08-19 19:39 - 2014-09-12 03:03 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-08-19 01:01 - 2014-09-12 03:03 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-08-19 00:29 - 2014-09-12 03:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-08-19 00:29 - 2014-09-12 03:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-08-19 00:26 - 2014-09-12 03:02 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-08-19 00:20 - 2014-09-12 03:02 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-08-19 00:19 - 2014-09-12 03:02 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-08-19 00:15 - 2014-09-12 03:03 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-08-19 00:15 - 2014-09-12 03:03 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-08-19 00:14 - 2014-09-12 03:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-08-19 00:14 - 2014-09-12 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-08-19 00:11 - 2014-08-19 00:11 - 03689799 _____ () C:\Users\Hjalfnar\Desktop\OnlineCodexWH40K_Testversion_7.jar 2014-08-19 00:08 - 2014-09-12 03:03 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-08-19 00:08 - 2014-09-12 03:03 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-08-19 00:08 - 2014-09-12 03:02 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-08-19 00:05 - 2014-09-12 03:03 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-08-19 00:03 - 2014-09-12 03:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-08-19 00:03 - 2014-09-12 03:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-08-19 00:03 - 2014-09-12 03:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-08-18 23:57 - 2014-09-12 03:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-08-18 23:56 - 2014-09-12 03:03 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-08-18 23:51 - 2014-09-12 03:03 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-08-18 23:46 - 2014-09-12 03:03 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-08-18 23:45 - 2014-09-12 03:03 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-08-18 23:45 - 2014-09-12 03:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-08-18 23:44 - 2014-09-12 03:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-08-18 23:44 - 2014-09-12 03:03 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-08-18 23:42 - 2014-09-12 03:03 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-08-18 23:40 - 2014-09-12 03:03 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-08-18 23:39 - 2014-09-12 03:03 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-08-18 23:39 - 2014-09-12 03:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-08-18 23:39 - 2014-09-12 03:03 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-08-18 23:38 - 2014-09-12 03:03 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-08-18 23:37 - 2014-09-12 03:03 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-08-18 23:36 - 2014-09-12 03:03 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-08-18 23:35 - 2014-09-12 03:03 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-08-18 23:27 - 2014-09-12 03:03 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-08-18 23:25 - 2014-09-12 03:03 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-08-18 23:25 - 2014-09-12 03:03 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-08-18 23:23 - 2014-09-12 03:03 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-08-18 23:23 - 2014-09-12 03:02 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-08-18 23:22 - 2014-09-12 03:03 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-08-18 23:19 - 2014-09-12 03:03 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-08-18 23:17 - 2014-09-12 03:03 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-08-18 23:17 - 2014-09-12 03:03 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-08-18 23:16 - 2014-09-12 03:02 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-08-18 23:15 - 2014-09-12 03:02 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-08-18 23:15 - 2014-09-12 03:02 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-08-18 23:09 - 2014-09-12 03:03 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-08-18 23:08 - 2014-09-12 03:02 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-08-18 23:07 - 2014-09-12 03:03 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-08-18 22:55 - 2014-09-12 03:02 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-08-18 22:46 - 2014-09-12 03:02 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-08-18 22:38 - 2014-09-12 03:03 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-08-18 22:38 - 2014-09-12 03:02 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-08-18 22:36 - 2014-09-12 03:03 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-08-15 03:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions Files to move or delete: ==================== C:\Users\Hjalfnar\AppData\Roaming\Origin\update.vbe Some content of TEMP: ==================== C:\Users\Hjalfnar\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-09-06 18:05 ==================== End Of Log ============================ --- --- --- Edit: Weitere Logfiles auf Modanweisung weiter unten! Danke schon im Voraus von meiner Seite! Geändert von Hjalfnar (14.09.2014 um 15:42 Uhr) |
| Themen zu Windows 7: Eventueller Trojaner, Paypal-Passwort wurde offenbar entwendet |
| .dll, adobe, antivir, avira, booten, browser, desktop, explorer, firefox, flash player, format, mozilla, realtek, registry, rundll, secur, services.exe, software, svchost.exe, system, temp, trojaner, usb, wargame, windows, winlogon.exe |
Baum-Darstellung