aswSnx.sys im drivers Ordner mit GMER gefunden.
Guten Abend.
Habe mir vor 3-4 Wochen ein neues Windows 7 System aufgesetzt.
Argh..!
Leider spuckte GMER folgendes aus: Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-03-24 00:28:57
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3 MAXTOR_STM3250820AS rev.3.AAE 232,89GB
Running: Gmer-19357.exe; Driver: C:\Users\Dehz\AppData\Local\Temp\axldapow.sys
---- System - GMER 2.1 ----
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwAddBootEntry [0x8BF2EACC]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwAssignProcessToJobObject [0x8BF2F5AA]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwCreateEvent [0x8BF3B692]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwCreateEventPair [0x8BF3B6DE]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwCreateIoCompletion [0x8BF3B878]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwCreateMutant [0x8BF3B600]
SSDT \??\C:\Windows\system32\drivers\aswSP.sys ZwCreateSection [0x8BB2A426]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwCreateSemaphore [0x8BF3B648]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwCreateThread [0x8BF2FAE0]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwCreateThreadEx [0x8BF2FCFC]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwCreateTimer [0x8BF3B832]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwDebugActiveProcess [0x8BF30398]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwDeleteBootEntry [0x8BF2EB32]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwDuplicateObject [0x8BF33BE4]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwLoadDriver [0x8BF2E71E]
SSDT \??\C:\Windows\system32\drivers\aswSP.sys ZwMapViewOfSection [0x8BB2A506]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwModifyBootEntry [0x8BF2EB98]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwNotifyChangeKey [0x8BF33FDA]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwNotifyChangeMultipleKeys [0x8BF30EDE]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwOpenEvent [0x8BF3B6BC]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwOpenEventPair [0x8BF3B700]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwOpenIoCompletion [0x8BF3B89C]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwOpenMutant [0x8BF3B626]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwOpenProcess [0x8BF334DE]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwOpenSection [0x8BF3B7B0]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwOpenSemaphore [0x8BF3B670]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwOpenThread [0x8BF338C6]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwOpenTimer [0x8BF3B856]
SSDT \??\C:\Windows\system32\drivers\aswSP.sys ZwProtectVirtualMemory [0x8BB2A2AA]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwQueryObject [0x8BF30CF4]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwQueueApcThreadEx [0x8BF30A02]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwSetBootEntryOrder [0x8BF2EBFE]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwSetBootOptions [0x8BF2EC64]
SSDT \??\C:\Windows\system32\drivers\aswSP.sys ZwSetContextThread [0x8BB2A602]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwSetSystemInformation [0x8BF2E7B8]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwSetSystemPowerState [0x8BF2E98A]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwShutdownSystem [0x8BF2E918]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwSuspendProcess [0x8BF30562]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwSuspendThread [0x8BF306C4]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwSystemDebugControl [0x8BF2EA12]
SSDT \??\C:\Windows\system32\drivers\aswSP.sys ZwTerminateProcess [0x8BB2A378]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwTerminateThread [0x8BF301F2]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwVdmControl [0x8BF2ECCA]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwWriteVirtualMemory [0x8BF2F606]
---- Kernel code sections - GMER 2.1 ----
.text ntoskrnl.exe!ZwRollbackEnlistment + 1409 828729A5 1 Byte [06]
.text ntoskrnl.exe!KiDispatchInterrupt + 5A2 82892512 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntoskrnl.exe!KeRemoveQueueEx + 1393 82899988 4 Bytes JMP 8CBD8BF2
.text ntoskrnl.exe!KeRemoveQueueEx + 141B 82899A10 4 Bytes [AA, F5, F2, 8B]
.text ntoskrnl.exe!KeRemoveQueueEx + 146F 82899A64 8 Bytes [92, B6, F3, 8B, DE, B6, F3, ...]
.text ntoskrnl.exe!KeRemoveQueueEx + 147B 82899A70 4 Bytes [78, B8, F3, 8B]
.text ntoskrnl.exe!KeRemoveQueueEx + 1497 82899A8C 4 Bytes [00, B6, F3, 8B]
.text ...
PAGE ntoskrnl.exe!ZwReplyWaitReceivePortEx + 108 82A4D1B1 4 Bytes CALL 8BF315C5 \??\C:\Windows\system32\drivers\aswSnx.sys
PAGE ntoskrnl.exe!ZwAlpcSendWaitReceivePort + 122 82A89EED 4 Bytes CALL 8BF315DB \??\C:\Windows\system32\drivers\aswSnx.sys
.text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x92826000, 0x267978, 0xE8000020]
---- User code sections - GMER 2.1 ----
.text C:\Windows\system32\csrss.exe[388] kernel32.dll!GetBinaryTypeW + 70 768D69E4 1 Byte [62]
.text C:\Windows\system32\wininit.exe[448] kernel32.dll!GetBinaryTypeW + 70 768D69E4 1 Byte [62]
.text C:\Windows\system32\csrss.exe[460] kernel32.dll!GetBinaryTypeW + 70 768D69E4 1 Byte [62]
.text C:\Windows\system32\services.exe[496] kernel32.dll!GetBinaryTypeW + 70 768D69E4 1 Byte [62]
.text C:\Windows\system32\winlogon.exe[536] kernel32.dll!GetBinaryTypeW + 70 768D69E4 1 Byte [62]
.text ...
---- EOF - GMER 2.1 ----
Das System ist ganz frisch und ich kann mir das nicht erklären. Ist der Log harmlos?
Oder gibt es "Ärger"?
Lg
Deddad
FRST:
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01
Ran by Dehzn (ATTENTION: The logged in user is not administrator) on DEHZN on 24-03-2014 00:48:24
Running from C:\Users\Dehzn\Downloads
Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AVAST Software) C:\Program Files\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\Avast\AvastUI.exe [3767096 2014-03-04] (AVAST Software)
HKLM\...\Run: [StartCCC] - C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2010-02-10] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-3832616182-1819445049-1166218546-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3832616182-1819445049-1166218546-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
GroupPolicyUsers\S-1-5-21-3832616182-1819445049-1166218546-1001\User: Group Policy restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Dehzn\AppData\Roaming\Mozilla\Firefox\Profiles\0fvg8ys8.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Avast\WebRep\FF [2014-03-04]
========================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\Avast\AvastSvc.exe [50344 2014-03-04] (AVAST Software)
R2 lmhosts; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 OpenNIC; C:\Program Files\OpenNIC\OpenNICServer.exe [4397785 2012-03-11] ()
==================== Drivers (Whitelisted) ====================
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-03-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [79720 2014-03-04] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-03-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2014-03-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410784 2014-03-04] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [64168 2014-03-04] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180248 2014-03-04] ()
S3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [20992 2006-11-02] (Microsoft Corporation)
S3 NDMSHLP; C:\Program Files\Common Files\HHD Software\Device Monitor\ndmshlp.sys [7632 2005-05-24] (HHD Software)
S3 SerMon; C:\Program Files\HHD Software\Free Serial Port Monitor\sermon.sys [18432 2005-05-24] (HHD Software)
U3 axldapow; \??\C:\Users\Dehz\AppData\Local\Temp\axldapow.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-24 00:48 - 2014-03-24 00:48 - 00004567 _____ () C:\Users\Dehzn\Downloads\FRST.txt
2014-03-24 00:47 - 2014-03-24 00:48 - 00000000 ____D () C:\FRST
2014-03-24 00:46 - 2014-03-24 00:46 - 01145856 _____ (Farbar) C:\Users\Dehzn\Downloads\FRST.exe
2014-03-24 00:03 - 2014-03-24 00:03 - 00380416 _____ () C:\Users\Dehzn\Downloads\Gmer-19357.exe
2014-03-21 13:21 - 2014-03-21 13:21 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JonDoFox
2014-03-21 13:16 - 2014-03-21 13:19 - 29640528 _____ (JonDos GmbH) C:\Users\Dehzn\Downloads\JonDoFox.paf.exe
2014-03-21 13:12 - 2014-03-21 13:37 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\JonDo
2014-03-21 13:08 - 2014-03-21 13:09 - 00000000 ____D () C:\Program Files\JAP
2014-03-21 13:08 - 2014-03-21 13:08 - 00347664 _____ (JAP-Team) C:\Users\Dehzn\Downloads\japsetup.exe
2014-03-21 13:08 - 2014-03-21 13:08 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JAP
2014-03-21 11:50 - 2014-03-21 11:50 - 00000000 ____D () C:\ProgramData\OpenNIC
2014-03-21 11:48 - 2014-03-21 11:48 - 00000000 ____D () C:\Program Files\OpenNIC
2014-03-21 11:47 - 2014-03-21 11:47 - 06385630 _____ (The OpenNIC Project ) C:\Users\Dehzn\Downloads\OpenNIC Wizard 0.3.rc2.exe
2014-03-20 22:34 - 2014-03-20 22:34 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\Malwarebytes
2014-03-19 15:41 - 2014-03-19 15:41 - 00000000 ____D () C:\Program Files\7-Zip
2014-03-19 15:40 - 2014-03-19 15:40 - 01110476 _____ () C:\Users\Dehzn\Downloads\7z920.exe
2014-03-19 15:38 - 2014-03-19 15:38 - 01376768 _____ () C:\Users\Dehzn\Downloads\7z920-x64.msi
2014-03-19 15:26 - 2014-03-19 18:07 - 00000000 ____D () C:\Program Files\Return to Castle Wolfenstein Multiplayer DEMO
2014-03-19 15:26 - 2014-03-19 15:26 - 00001154 _____ () C:\Users\Dehzn\Desktop\Wolfenstein DEMO.lnk
2014-03-19 15:26 - 2014-03-19 15:26 - 00001154 _____ () C:\Users\Dehz\Desktop\Wolfenstein DEMO.lnk
2014-03-19 15:26 - 2014-03-19 15:26 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Return to Castle Wolfenstein Multiplayer DEMO
2014-03-19 14:51 - 2014-03-19 14:54 - 69500291 _____ () C:\Users\Dehzn\Downloads\wolf_mpdemo.exe
2014-03-19 14:49 - 2014-03-19 14:49 - 00539357 _____ () C:\Users\Dehzn\Downloads\RTCW_Demo_patched_master.exe
2014-03-18 19:27 - 2014-03-18 19:27 - 00000000 _____ () C:\Users\Dehzn\Desktop\test.txt
2014-03-18 16:25 - 2014-03-18 19:26 - 00000000 ____D () C:\Users\Dehz\AppData\Local\Martin Fuchs
2014-03-18 16:25 - 2014-03-18 16:25 - 00007607 _____ () C:\Users\Dehz\AppData\Local\Resmon.ResmonCfg
2014-03-18 15:43 - 2014-03-18 15:43 - 00000000 ____D () C:\Users\Dehzn\AppData\Local\Martin Fuchs
2014-03-18 15:41 - 2014-03-18 15:41 - 00001007 _____ () C:\Users\Dehz\Desktop\Service Manager.lnk
2014-03-18 15:41 - 2014-03-18 15:41 - 00000000 ____D () C:\Program Files\Martin Fuchs
2014-03-18 15:40 - 2014-03-18 15:40 - 00583576 _____ (Martin Fuchs ) C:\Users\Dehzn\Downloads\servicemgr-setup-4.6.exe
2014-03-18 15:00 - 2014-03-18 15:00 - 00000000 ____D () C:\Program Files\HHD Software
2014-03-18 15:00 - 2014-03-18 15:00 - 00000000 ____D () C:\Program Files\Common Files\HHD Software
2014-03-18 14:58 - 2014-03-18 14:58 - 02967760 _____ (HHD Software) C:\Users\Dehzn\Downloads\free-serial-port-monitor.exe
2014-03-17 08:26 - 2014-03-17 08:26 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\ATI
2014-03-17 08:26 - 2014-03-17 08:26 - 00000000 ____D () C:\Users\Dehzn\AppData\Local\ATI
2014-03-16 19:35 - 2014-03-16 19:35 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\ATI
2014-03-16 19:35 - 2014-03-16 19:35 - 00000000 ____D () C:\Users\Dehz\AppData\Local\ATI
2014-03-16 19:35 - 2014-03-16 19:35 - 00000000 ____D () C:\ProgramData\ATI
2014-03-16 19:32 - 2014-03-16 19:32 - 00000000 ____D () C:\Program Files\ATI
2014-03-16 19:29 - 2014-03-16 19:35 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-03-16 19:28 - 2014-03-16 19:28 - 00000000 ____D () C:\ATI
2014-03-16 19:26 - 2014-03-16 19:27 - 99710192 _____ (Advanced Micro Devices, Inc.) C:\Users\Dehzn\Downloads\10-2_legacy_vista32-64_dd_ccc.exe
2014-03-16 18:32 - 2014-03-16 18:32 - 00057560 _____ () C:\Users\Dehzn\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-16 11:24 - 2014-03-16 11:24 - 00000000 ____D () C:\Users\Dehzn\AppData\Local\Blizzard Entertainment
2014-03-15 14:30 - 2014-03-15 14:31 - 00001328 __RSH () C:\Users\Dehzn\ntuser.pol
2014-03-15 11:53 - 2014-03-15 11:53 - 00000000 ____D () C:\Users\Dehzn\AppData\Local\Blizzard
2014-03-15 11:52 - 2014-03-21 11:57 - 00000000 ____D () C:\Users\Dehzn\AppData\Local\Battle.net
2014-03-15 11:52 - 2014-03-20 22:33 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\Battle.net
2014-03-15 10:30 - 2014-03-15 10:30 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\LolClient
2014-03-15 10:11 - 2014-03-15 10:11 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\Macromedia
2014-03-15 10:11 - 2014-03-15 10:11 - 00000000 ____D () C:\Users\Dehzn\AppData\Local\Macromedia
2014-03-15 10:09 - 2014-03-15 10:09 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\Mozilla
2014-03-15 10:09 - 2014-03-15 10:09 - 00000000 ____D () C:\Users\Dehzn\AppData\Local\Mozilla
2014-03-14 23:15 - 2014-03-19 14:56 - 00000000 ____D () C:\Users\Dehzn\AppData\Local\VirtualStore
2014-03-14 23:15 - 2014-03-15 14:31 - 00000000 ____D () C:\Users\Dehzn
2014-03-14 23:15 - 2014-03-14 23:15 - 00000020 ___SH () C:\Users\Dehzn\ntuser.ini
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 _SHDL () C:\Users\Dehzn\Startmenü
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 _SHDL () C:\Users\Dehzn\Netzwerkumgebung
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 _SHDL () C:\Users\Dehzn\Druckumgebung
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 _SHDL () C:\Users\Dehzn\Documents\Eigene Musik
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 _SHDL () C:\Users\Dehzn\Documents\Eigene Bilder
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 _SHDL () C:\Users\Dehzn\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 _SHDL () C:\Users\Dehzn\AppData\Local\Verlauf
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\AVAST Software
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\Adobe
2014-03-14 23:15 - 2009-07-14 05:42 - 00000000 ___RD () C:\Users\Dehzn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-14 23:15 - 2009-07-14 05:37 - 00000000 ___RD () C:\Users\Dehzn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-14 23:08 - 2014-03-14 23:09 - 00651264 _____ () C:\Users\Dehz\Downloads\MicrosoftFixit50096.msi
2014-03-14 18:18 - 2014-03-14 21:09 - 00000062 _____ () C:\Users\Dehz\Desktop\ukw.txt
2014-03-14 13:36 - 2014-03-14 13:36 - 00000000 ____D () C:\Users\Dehz\AppData\Local\Blizzard Entertainment
2014-03-12 10:03 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 10:03 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 10:03 - 2014-03-01 05:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 10:03 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 10:03 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 10:03 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 10:03 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 10:03 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 10:03 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 10:03 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 10:03 - 2014-03-01 04:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 10:03 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 10:03 - 2014-03-01 04:31 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 10:03 - 2014-03-01 04:25 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 10:03 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 10:03 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 10:03 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 10:03 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 10:03 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 10:03 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 10:03 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 10:03 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 10:03 - 2014-02-07 02:07 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 10:03 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 10:03 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-07 18:06 - 2014-03-07 18:06 - 00000000 ____D () C:\Users\Dehz\Desktop\malware
2014-03-07 18:04 - 2014-03-12 11:07 - 00000000 ____D () C:\Users\Dehz\Desktop\docs
2014-03-07 18:04 - 2014-03-07 18:05 - 00000000 ____D () C:\Users\Dehz\Desktop\pics
2014-03-07 16:48 - 2014-03-07 16:48 - 00000000 ____D () C:\Users\Dehz\AppData\Local\Apps\2.0
2014-03-06 01:39 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-05 18:02 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-03-05 18:02 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-03-05 11:26 - 2014-03-05 11:26 - 00000000 ____D () C:\Program Files\Speccy
2014-03-05 11:24 - 2014-03-05 11:24 - 04845384 _____ (Piriform Ltd) C:\Users\Dehz\Downloads\spsetup125.exe
2014-03-05 10:15 - 2014-03-05 10:15 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\LolClient
2014-03-05 09:14 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-03-05 09:14 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-03-05 09:14 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-03-05 09:14 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-03-05 09:14 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-03-05 09:13 - 2014-03-05 09:13 - 00001613 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-03-05 09:13 - 2014-03-05 09:13 - 00000000 __SHD () C:\Windows\system32\AI_RecycleBin
2014-03-05 09:13 - 2014-03-05 09:13 - 00000000 ____D () C:\Riot Games
2014-03-05 09:08 - 2014-03-05 09:15 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\Riot Games
2014-03-05 09:08 - 2014-03-05 09:08 - 34888568 _____ (Riot Games) C:\Users\Dehz\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2014-03-05 08:36 - 2014-03-05 08:36 - 00000000 ____D () C:\Users\Dehz\AppData\Local\Blizzard
2014-03-05 08:25 - 2014-03-14 08:23 - 00000000 ____D () C:\Program Files\Hearthstone
2014-03-05 08:25 - 2014-03-05 08:25 - 00001119 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-03-05 08:24 - 2014-03-14 19:13 - 00000000 ____D () C:\Users\Dehz\AppData\Local\Battle.net
2014-03-05 08:24 - 2014-03-05 08:24 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\Battle.net
2014-03-05 08:23 - 2014-03-05 08:25 - 00000000 ____D () C:\Program Files\Common Files\Blizzard Entertainment
2014-03-05 08:23 - 2014-03-05 08:24 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-03-05 08:23 - 2014-03-05 08:24 - 00000000 ____D () C:\Program Files\Battle.net
2014-03-05 08:23 - 2014-03-05 08:23 - 00000000 ____D () C:\ProgramData\Battle.net
2014-03-05 08:22 - 2014-03-05 08:22 - 05971128 _____ (Blizzard Entertainment) C:\Users\Dehz\Downloads\Hearthstone-Beta-Setup-deDE.exe
2014-03-05 08:20 - 2014-03-05 08:20 - 01467128 _____ () C:\Users\Dehz\Downloads\SystemCheck_deDE.exe
2014-03-05 08:09 - 2014-03-05 08:09 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\Macromedia
2014-03-05 08:09 - 2014-03-05 08:09 - 00000000 ____D () C:\Users\Dehz\AppData\Local\Macromedia
2014-03-05 08:05 - 2014-03-23 23:59 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-05 08:05 - 2014-03-18 22:54 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-05 08:05 - 2014-03-18 22:54 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-03-05 08:05 - 2014-03-05 08:05 - 00000000 ____D () C:\Windows\system32\Macromed
2014-03-05 08:04 - 2014-03-18 23:00 - 00000000 ____D () C:\Users\Dehz\AppData\Local\Adobe
2014-03-05 00:44 - 2014-03-05 00:44 - 03969472 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-03-05 00:44 - 2014-03-05 00:44 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-03-05 00:44 - 2014-03-05 00:44 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-03-05 00:44 - 2014-03-05 00:44 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-03-05 00:44 - 2014-03-05 00:44 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-03-05 00:44 - 2014-03-05 00:44 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-03-05 00:44 - 2014-03-05 00:44 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-03-05 00:44 - 2014-03-05 00:44 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-03-05 00:44 - 2014-03-05 00:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-03-05 00:44 - 2014-03-05 00:44 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-03-05 00:43 - 2014-03-05 00:46 - 00011323 _____ () C:\Windows\IE11_main.log
2014-03-05 00:43 - 2014-03-05 00:43 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-03-05 00:43 - 2014-03-05 00:43 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-03-05 00:43 - 2014-03-05 00:43 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-03-05 00:37 - 2014-03-05 00:37 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\Malwarebytes
2014-03-05 00:37 - 2014-03-05 00:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-05 00:36 - 2014-03-05 00:37 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-05 00:36 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-05 00:35 - 2014-03-05 00:35 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Dehz\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-04 23:16 - 2014-03-04 23:16 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\Adobe
2014-03-04 22:23 - 2014-03-19 03:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-04 22:22 - 2014-03-19 03:00 - 87350280 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-04 22:20 - 2012-03-01 06:46 - 00019824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-03-04 22:20 - 2012-03-01 06:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-03-04 22:18 - 2014-03-04 22:20 - 00003995 _____ () C:\Windows\IE9_main.log
2014-03-04 22:17 - 2010-02-11 08:10 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-03-04 22:01 - 2014-03-04 22:01 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-03-04 21:59 - 2014-03-04 21:59 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-03-04 21:58 - 2014-03-04 21:58 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-03-04 21:57 - 2014-03-04 22:05 - 00014463 _____ () C:\Windows\IE10_main.log
2014-03-04 21:55 - 2012-06-06 06:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-03-04 21:55 - 2011-11-19 15:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-03-04 21:55 - 2011-05-24 11:44 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-03-04 21:54 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-03-04 21:54 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-03-04 21:54 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-03-04 21:54 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-03-04 21:54 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-03-04 21:54 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-03-04 21:54 - 2013-09-25 03:01 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-03-04 21:54 - 2013-09-25 03:01 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-03-04 21:54 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-03-04 21:54 - 2013-09-25 02:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-03-04 21:54 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-03-04 21:54 - 2013-09-25 02:56 - 01038848 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-03-04 21:54 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-03-04 21:54 - 2013-09-25 01:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-03-04 21:54 - 2013-09-25 01:49 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-03-04 21:54 - 2013-08-01 12:03 - 00729024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-03-04 21:54 - 2013-07-26 02:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-03-04 21:54 - 2013-07-26 02:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-03-04 21:54 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-03-04 21:54 - 2013-07-09 05:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-03-04 21:54 - 2013-07-09 05:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-03-04 21:54 - 2013-07-09 05:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-03-04 21:54 - 2013-07-09 05:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-03-04 21:54 - 2013-07-04 13:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-03-04 21:54 - 2013-05-13 04:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-03-04 21:54 - 2013-05-13 04:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-03-04 21:54 - 2013-04-12 14:45 - 01211752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-03-04 21:54 - 2013-04-10 06:18 - 00218984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-03-04 21:54 - 2013-03-19 05:48 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-03-04 21:54 - 2013-03-19 03:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-03-04 21:54 - 2013-02-15 05:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-03-04 21:54 - 2013-02-15 05:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-03-04 21:54 - 2013-02-15 04:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-03-04 21:54 - 2013-02-12 04:32 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-03-04 21:54 - 2012-11-02 06:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-03-04 21:54 - 2012-07-04 22:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-03-04 21:54 - 2012-07-04 22:14 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-03-04 21:54 - 2012-07-04 22:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-03-04 21:54 - 2011-12-16 08:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-03-04 21:54 - 2011-10-26 05:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-03-04 21:54 - 2011-10-26 05:32 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-03-04 21:54 - 2011-08-17 05:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-03-04 21:54 - 2011-08-17 05:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-03-04 21:54 - 2011-07-09 03:30 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-03-04 21:54 - 2011-04-29 03:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-03-04 21:54 - 2011-04-29 03:46 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-03-04 21:54 - 2011-04-29 03:46 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-03-04 21:54 - 2011-04-27 03:17 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-03-04 21:54 - 2011-04-27 03:17 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-03-04 21:54 - 2011-03-03 06:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-03-04 21:54 - 2011-03-03 06:38 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-03-04 21:54 - 2011-03-03 06:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-03-04 21:54 - 2010-12-23 06:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-03-04 21:54 - 2010-12-23 06:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-03-04 21:54 - 2010-12-23 06:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-03-04 21:53 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-03-04 21:53 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-03-04 21:53 - 2013-11-27 02:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-03-04 21:53 - 2013-11-27 02:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-03-04 21:53 - 2013-11-27 02:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-03-04 21:53 - 2013-11-27 02:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-03-04 21:53 - 2013-11-27 02:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-03-04 21:53 - 2013-11-27 02:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-03-04 21:53 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-03-04 21:53 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-03-04 21:53 - 2013-10-12 03:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-03-04 21:53 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-03-04 21:53 - 2013-10-04 02:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-03-04 21:53 - 2013-10-04 02:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-03-04 21:53 - 2013-10-03 02:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-03-04 21:53 - 2013-08-02 02:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-03-04 21:53 - 2013-08-02 02:49 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-03-04 21:53 - 2013-08-02 02:49 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 01:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-03-04 21:53 - 2013-08-02 01:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 01:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 01:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 01:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-03-04 21:53 - 2013-07-25 09:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-03-04 21:53 - 2013-07-12 11:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-03-04 21:53 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-03-04 21:53 - 2013-07-03 04:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-03-04 21:53 - 2013-07-03 04:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-03-04 21:53 - 2013-06-25 23:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-03-04 21:53 - 2013-06-06 05:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-03-04 21:53 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-03-04 21:53 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-03-04 21:53 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-03-04 21:53 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-03-04 21:53 - 2013-04-26 05:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-03-04 21:53 - 2013-01-03 06:04 - 00187752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-03-04 21:53 - 2012-11-28 23:57 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-03-04 21:53 - 2012-11-28 23:57 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-03-04 21:53 - 2012-11-28 23:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-03-04 21:53 - 2012-11-01 05:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-03-04 21:53 - 2012-09-25 23:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-03-04 21:53 - 2012-08-22 18:16 - 00240496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-03-04 21:53 - 2012-08-11 00:56 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-03-04 21:53 - 2012-05-14 05:33 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-03-04 21:53 - 2012-04-28 04:17 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-03-04 21:53 - 2012-04-26 05:45 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-03-04 21:53 - 2012-04-26 05:45 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-03-04 21:53 - 2012-04-26 05:41 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-03-04 21:53 - 2012-03-17 08:27 - 00056176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-03-04 21:53 - 2011-11-17 06:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-03-04 21:53 - 2011-10-15 06:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-03-04 21:53 - 2011-08-27 05:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-03-04 21:53 - 2011-08-27 05:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-03-04 21:53 - 2011-06-15 09:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\odbcjt32.dll
2014-03-04 21:53 - 2011-06-15 09:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-03-04 21:53 - 2011-06-15 09:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-03-04 21:53 - 2011-06-15 09:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-03-04 21:53 - 2011-06-15 09:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-03-04 21:53 - 2011-05-03 05:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-03-04 21:53 - 2011-04-09 06:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-03-04 21:53 - 2011-03-11 06:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-03-04 21:53 - 2011-03-11 06:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-03-04 21:53 - 2011-02-23 05:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-03-04 21:52 - 2013-06-15 04:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-03-04 21:42 - 2013-02-27 06:05 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-03-04 21:42 - 2013-02-27 05:49 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-03-04 21:42 - 2013-02-27 05:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-03-04 21:28 - 2014-03-04 21:28 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\AVAST Software
2014-03-04 21:27 - 2014-03-04 21:27 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-03-04 21:27 - 2014-03-04 21:27 - 00410784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-03-04 21:27 - 2014-03-04 21:27 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-03-04 21:27 - 2014-03-04 21:27 - 00180248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-03-04 21:27 - 2014-03-04 21:27 - 00079720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-03-04 21:27 - 2014-03-04 21:27 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-03-04 21:27 - 2014-03-04 21:27 - 00064168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-03-04 21:27 - 2014-03-04 21:27 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-03-04 21:27 - 2014-03-04 21:27 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-04 21:26 - 2014-03-04 21:27 - 00000000 ____D () C:\Program Files\Avast
2014-03-04 21:24 - 2014-03-04 21:24 - 00057560 _____ () C:\Users\Dehz\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-04 21:24 - 2014-03-04 21:24 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-03-04 21:22 - 2014-03-04 21:22 - 90578216 _____ (AVAST Software) C:\Users\Dehz\Downloads\avast_free_antivirus_setup.exe
2014-03-04 21:17 - 2013-12-18 07:13 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-03-04 21:12 - 2014-03-04 21:13 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\Mozilla
2014-03-04 21:12 - 2014-03-04 21:13 - 00000000 ____D () C:\Users\Dehz\AppData\Local\Mozilla
2014-03-04 21:12 - 2014-03-04 21:12 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-04 21:12 - 2014-03-04 21:12 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-04 21:12 - 2014-03-04 21:12 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-04 21:11 - 2014-03-04 21:11 - 00283256 _____ (Mozilla) C:\Users\Dehz\Downloads\Firefox Setup Stub 27.0.1.exe
2014-03-04 20:54 - 2012-02-17 06:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-03-04 20:54 - 2012-02-17 05:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-03-04 20:50 - 2012-06-02 23:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-03-04 20:50 - 2012-06-02 23:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-03-04 20:50 - 2012-06-02 23:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-03-04 20:50 - 2012-06-02 23:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-03-04 20:50 - 2012-06-02 23:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-03-04 20:50 - 2012-06-02 23:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-03-04 20:50 - 2012-06-02 23:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-03-04 20:50 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-03-04 20:50 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-03-04 20:11 - 2014-03-04 20:11 - 00001413 _____ () C:\Users\Dehz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-04 20:10 - 2014-03-21 12:40 - 00000000 ____D () C:\Users\Dehz
2014-03-04 20:10 - 2014-03-04 20:10 - 00000020 ___SH () C:\Users\Dehz\ntuser.ini
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Dehz\Startmenü
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Dehz\Netzwerkumgebung
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Dehz\Druckumgebung
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Dehz\Documents\Eigene Musik
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Dehz\Documents\Eigene Bilder
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Dehz\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Dehz\AppData\Local\Verlauf
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Programme
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 __SHD () C:\Recovery
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 ____D () C:\Users\Dehz\AppData\Local\VirtualStore
2014-03-04 20:10 - 2009-07-14 05:42 - 00000000 ___RD () C:\Users\Dehz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-04 20:10 - 2009-07-14 05:37 - 00000000 ___RD () C:\Users\Dehz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-04 20:04 - 2014-03-24 00:30 - 01376421 _____ () C:\Windows\WindowsUpdate.log
2014-03-04 20:03 - 2014-03-04 20:03 - 00000000 _____ () C:\Windows\ativpsrm.bin
2014-03-04 20:01 - 2014-03-04 20:03 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-03-04 20:00 - 2014-03-04 20:10 - 00000000 ____D () C:\Windows\Panther
==================== One Month Modified Files and Folders =======
2014-03-24 00:48 - 2014-03-24 00:48 - 00004567 _____ () C:\Users\Dehzn\Downloads\FRST.txt
2014-03-24 00:48 - 2014-03-24 00:47 - 00000000 ____D () C:\FRST
2014-03-24 00:46 - 2014-03-24 00:46 - 01145856 _____ (Farbar) C:\Users\Dehzn\Downloads\FRST.exe
2014-03-24 00:30 - 2014-03-04 20:04 - 01376421 _____ () C:\Windows\WindowsUpdate.log
2014-03-24 00:05 - 2009-07-14 05:34 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-24 00:05 - 2009-07-14 05:34 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-24 00:03 - 2014-03-24 00:03 - 00380416 _____ () C:\Users\Dehzn\Downloads\Gmer-19357.exe
2014-03-24 00:03 - 2010-11-20 22:01 - 01472002 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-23 23:59 - 2014-03-05 08:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-23 23:58 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-23 23:58 - 2009-07-14 05:39 - 00029176 _____ () C:\Windows\setupact.log
2014-03-21 13:37 - 2014-03-21 13:12 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\JonDo
2014-03-21 13:21 - 2014-03-21 13:21 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JonDoFox
2014-03-21 13:19 - 2014-03-21 13:16 - 29640528 _____ (JonDos GmbH) C:\Users\Dehzn\Downloads\JonDoFox.paf.exe
2014-03-21 13:09 - 2014-03-21 13:08 - 00000000 ____D () C:\Program Files\JAP
2014-03-21 13:08 - 2014-03-21 13:08 - 00347664 _____ (JAP-Team) C:\Users\Dehzn\Downloads\japsetup.exe
2014-03-21 13:08 - 2014-03-21 13:08 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JAP
2014-03-21 12:40 - 2014-03-04 20:10 - 00000000 ____D () C:\Users\Dehz
2014-03-21 12:32 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-03-21 11:57 - 2014-03-15 11:52 - 00000000 ____D () C:\Users\Dehzn\AppData\Local\Battle.net
2014-03-21 11:50 - 2014-03-21 11:50 - 00000000 ____D () C:\ProgramData\OpenNIC
2014-03-21 11:48 - 2014-03-21 11:48 - 00000000 ____D () C:\Program Files\OpenNIC
2014-03-21 11:47 - 2014-03-21 11:47 - 06385630 _____ (The OpenNIC Project ) C:\Users\Dehzn\Downloads\OpenNIC Wizard 0.3.rc2.exe
2014-03-20 22:34 - 2014-03-20 22:34 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\Malwarebytes
2014-03-20 22:33 - 2014-03-15 11:52 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\Battle.net
2014-03-20 10:31 - 2010-11-20 22:48 - 00006046 _____ () C:\Windows\PFRO.log
2014-03-19 18:07 - 2014-03-19 15:26 - 00000000 ____D () C:\Program Files\Return to Castle Wolfenstein Multiplayer DEMO
2014-03-19 15:41 - 2014-03-19 15:41 - 00000000 ____D () C:\Program Files\7-Zip
2014-03-19 15:40 - 2014-03-19 15:40 - 01110476 _____ () C:\Users\Dehzn\Downloads\7z920.exe
2014-03-19 15:38 - 2014-03-19 15:38 - 01376768 _____ () C:\Users\Dehzn\Downloads\7z920-x64.msi
2014-03-19 15:26 - 2014-03-19 15:26 - 00001154 _____ () C:\Users\Dehzn\Desktop\Wolfenstein DEMO.lnk
2014-03-19 15:26 - 2014-03-19 15:26 - 00001154 _____ () C:\Users\Dehz\Desktop\Wolfenstein DEMO.lnk
2014-03-19 15:26 - 2014-03-19 15:26 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Return to Castle Wolfenstein Multiplayer DEMO
2014-03-19 14:56 - 2014-03-14 23:15 - 00000000 ____D () C:\Users\Dehzn\AppData\Local\VirtualStore
2014-03-19 14:54 - 2014-03-19 14:51 - 69500291 _____ () C:\Users\Dehzn\Downloads\wolf_mpdemo.exe
2014-03-19 14:49 - 2014-03-19 14:49 - 00539357 _____ () C:\Users\Dehzn\Downloads\RTCW_Demo_patched_master.exe
2014-03-19 03:01 - 2014-03-04 22:23 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-19 03:00 - 2014-03-04 22:22 - 87350280 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-18 23:00 - 2014-03-05 08:04 - 00000000 ____D () C:\Users\Dehz\AppData\Local\Adobe
2014-03-18 22:54 - 2014-03-05 08:05 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-18 22:54 - 2014-03-05 08:05 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-03-18 19:27 - 2014-03-18 19:27 - 00000000 _____ () C:\Users\Dehzn\Desktop\test.txt
2014-03-18 19:26 - 2014-03-18 16:25 - 00000000 ____D () C:\Users\Dehz\AppData\Local\Martin Fuchs
2014-03-18 16:25 - 2014-03-18 16:25 - 00007607 _____ () C:\Users\Dehz\AppData\Local\Resmon.ResmonCfg
2014-03-18 15:43 - 2014-03-18 15:43 - 00000000 ____D () C:\Users\Dehzn\AppData\Local\Martin Fuchs
2014-03-18 15:41 - 2014-03-18 15:41 - 00001007 _____ () C:\Users\Dehz\Desktop\Service Manager.lnk
2014-03-18 15:41 - 2014-03-18 15:41 - 00000000 ____D () C:\Program Files\Martin Fuchs
2014-03-18 15:40 - 2014-03-18 15:40 - 00583576 _____ (Martin Fuchs ) C:\Users\Dehzn\Downloads\servicemgr-setup-4.6.exe
2014-03-18 15:00 - 2014-03-18 15:00 - 00000000 ____D () C:\Program Files\HHD Software
2014-03-18 15:00 - 2014-03-18 15:00 - 00000000 ____D () C:\Program Files\Common Files\HHD Software
2014-03-18 14:58 - 2014-03-18 14:58 - 02967760 _____ (HHD Software) C:\Users\Dehzn\Downloads\free-serial-port-monitor.exe
2014-03-17 08:26 - 2014-03-17 08:26 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\ATI
2014-03-17 08:26 - 2014-03-17 08:26 - 00000000 ____D () C:\Users\Dehzn\AppData\Local\ATI
2014-03-16 19:35 - 2014-03-16 19:35 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\ATI
2014-03-16 19:35 - 2014-03-16 19:35 - 00000000 ____D () C:\Users\Dehz\AppData\Local\ATI
2014-03-16 19:35 - 2014-03-16 19:35 - 00000000 ____D () C:\ProgramData\ATI
2014-03-16 19:35 - 2014-03-16 19:29 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-03-16 19:32 - 2014-03-16 19:32 - 00000000 ____D () C:\Program Files\ATI
2014-03-16 19:28 - 2014-03-16 19:28 - 00000000 ____D () C:\ATI
2014-03-16 19:27 - 2014-03-16 19:26 - 99710192 _____ (Advanced Micro Devices, Inc.) C:\Users\Dehzn\Downloads\10-2_legacy_vista32-64_dd_ccc.exe
2014-03-16 19:22 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-16 18:32 - 2014-03-16 18:32 - 00057560 _____ () C:\Users\Dehzn\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-16 11:24 - 2014-03-16 11:24 - 00000000 ____D () C:\Users\Dehzn\AppData\Local\Blizzard Entertainment
2014-03-15 14:31 - 2014-03-15 14:30 - 00001328 __RSH () C:\Users\Dehzn\ntuser.pol
2014-03-15 14:31 - 2014-03-14 23:15 - 00000000 ____D () C:\Users\Dehzn
2014-03-15 14:30 - 2009-07-14 03:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-03-15 11:53 - 2014-03-15 11:53 - 00000000 ____D () C:\Users\Dehzn\AppData\Local\Blizzard
2014-03-15 10:30 - 2014-03-15 10:30 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\LolClient
2014-03-15 10:11 - 2014-03-15 10:11 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\Macromedia
2014-03-15 10:11 - 2014-03-15 10:11 - 00000000 ____D () C:\Users\Dehzn\AppData\Local\Macromedia
2014-03-15 10:09 - 2014-03-15 10:09 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\Mozilla
2014-03-15 10:09 - 2014-03-15 10:09 - 00000000 ____D () C:\Users\Dehzn\AppData\Local\Mozilla
2014-03-14 23:15 - 2014-03-14 23:15 - 00000020 ___SH () C:\Users\Dehzn\ntuser.ini
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 _SHDL () C:\Users\Dehzn\Startmenü
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 _SHDL () C:\Users\Dehzn\Netzwerkumgebung
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 _SHDL () C:\Users\Dehzn\Druckumgebung
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 _SHDL () C:\Users\Dehzn\Documents\Eigene Musik
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 _SHDL () C:\Users\Dehzn\Documents\Eigene Bilder
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 _SHDL () C:\Users\Dehzn\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 _SHDL () C:\Users\Dehzn\AppData\Local\Verlauf
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\AVAST Software
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\Adobe
2014-03-14 23:09 - 2014-03-14 23:08 - 00651264 _____ () C:\Users\Dehz\Downloads\MicrosoftFixit50096.msi
2014-03-14 21:09 - 2014-03-14 18:18 - 00000062 _____ () C:\Users\Dehz\Desktop\ukw.txt
2014-03-14 19:13 - 2014-03-05 08:24 - 00000000 ____D () C:\Users\Dehz\AppData\Local\Battle.net
2014-03-14 13:36 - 2014-03-14 13:36 - 00000000 ____D () C:\Users\Dehz\AppData\Local\Blizzard Entertainment
2014-03-14 08:23 - 2014-03-05 08:25 - 00000000 ____D () C:\Program Files\Hearthstone
2014-03-13 11:16 - 2009-07-14 05:33 - 00265640 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-12 11:07 - 2014-03-07 18:04 - 00000000 ____D () C:\Users\Dehz\Desktop\docs
2014-03-07 18:06 - 2014-03-07 18:06 - 00000000 ____D () C:\Users\Dehz\Desktop\malware
2014-03-07 18:05 - 2014-03-07 18:04 - 00000000 ____D () C:\Users\Dehz\Desktop\pics
2014-03-07 16:48 - 2014-03-07 16:48 - 00000000 ____D () C:\Users\Dehz\AppData\Local\Apps\2.0
2014-03-05 22:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-03-05 11:26 - 2014-03-05 11:26 - 00000000 ____D () C:\Program Files\Speccy
2014-03-05 11:24 - 2014-03-05 11:24 - 04845384 _____ (Piriform Ltd) C:\Users\Dehz\Downloads\spsetup125.exe
2014-03-05 10:15 - 2014-03-05 10:15 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\LolClient
2014-03-05 09:15 - 2014-03-05 09:08 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\Riot Games
2014-03-05 09:13 - 2014-03-05 09:13 - 00001613 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-03-05 09:13 - 2014-03-05 09:13 - 00000000 __SHD () C:\Windows\system32\AI_RecycleBin
2014-03-05 09:13 - 2014-03-05 09:13 - 00000000 ____D () C:\Riot Games
2014-03-05 09:12 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-03-05 09:08 - 2014-03-05 09:08 - 34888568 _____ (Riot Games) C:\Users\Dehz\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2014-03-05 08:36 - 2014-03-05 08:36 - 00000000 ____D () C:\Users\Dehz\AppData\Local\Blizzard
2014-03-05 08:25 - 2014-03-05 08:25 - 00001119 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-03-05 08:25 - 2014-03-05 08:23 - 00000000 ____D () C:\Program Files\Common Files\Blizzard Entertainment
2014-03-05 08:24 - 2014-03-05 08:24 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\Battle.net
2014-03-05 08:24 - 2014-03-05 08:23 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-03-05 08:24 - 2014-03-05 08:23 - 00000000 ____D () C:\Program Files\Battle.net
2014-03-05 08:23 - 2014-03-05 08:23 - 00000000 ____D () C:\ProgramData\Battle.net
2014-03-05 08:22 - 2014-03-05 08:22 - 05971128 _____ (Blizzard Entertainment) C:\Users\Dehz\Downloads\Hearthstone-Beta-Setup-deDE.exe
2014-03-05 08:20 - 2014-03-05 08:20 - 01467128 _____ () C:\Users\Dehz\Downloads\SystemCheck_deDE.exe
2014-03-05 08:09 - 2014-03-05 08:09 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\Macromedia
2014-03-05 08:09 - 2014-03-05 08:09 - 00000000 ____D () C:\Users\Dehz\AppData\Local\Macromedia
2014-03-05 08:05 - 2014-03-05 08:05 - 00000000 ____D () C:\Windows\system32\Macromed
2014-03-05 00:46 - 2014-03-05 00:43 - 00011323 _____ () C:\Windows\IE11_main.log
2014-03-05 00:44 - 2014-03-05 00:44 - 03969472 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-03-05 00:44 - 2014-03-05 00:44 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-03-05 00:44 - 2014-03-05 00:44 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-03-05 00:44 - 2014-03-05 00:44 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-03-05 00:44 - 2014-03-05 00:44 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-03-05 00:44 - 2014-03-05 00:44 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-03-05 00:44 - 2014-03-05 00:44 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-03-05 00:44 - 2014-03-05 00:44 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-03-05 00:44 - 2014-03-05 00:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-03-05 00:44 - 2014-03-05 00:44 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-03-05 00:43 - 2014-03-05 00:43 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-03-05 00:43 - 2014-03-05 00:43 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-03-05 00:43 - 2014-03-05 00:43 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-03-05 00:37 - 2014-03-05 00:37 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\Malwarebytes
2014-03-05 00:37 - 2014-03-05 00:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-05 00:37 - 2014-03-05 00:36 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-05 00:35 - 2014-03-05 00:35 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Dehz\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-04 23:32 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-03-04 23:16 - 2014-03-04 23:16 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\Adobe
2014-03-04 23:09 - 2009-07-14 05:52 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\zh-TW
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\zh-CN
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\sv-SE
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\ru-RU
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\pt-PT
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\pt-BR
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\pl-PL
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\nl-NL
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\nb-NO
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\ko-KR
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\ja-JP
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\it-IT
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\hu-HU
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\fr-FR
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\fi-FI
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\el-GR
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\System
2014-03-04 22:20 - 2014-03-04 22:18 - 00003995 _____ () C:\Windows\IE9_main.log
2014-03-04 22:05 - 2014-03-04 21:57 - 00014463 _____ () C:\Windows\IE10_main.log
2014-03-04 22:01 - 2014-03-04 22:01 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-03-04 21:59 - 2014-03-04 21:59 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-03-04 21:58 - 2014-03-04 21:58 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-03-04 21:28 - 2014-03-04 21:28 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\AVAST Software
2014-03-04 21:27 - 2014-03-04 21:27 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-03-04 21:27 - 2014-03-04 21:27 - 00410784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-03-04 21:27 - 2014-03-04 21:27 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-03-04 21:27 - 2014-03-04 21:27 - 00180248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-03-04 21:27 - 2014-03-04 21:27 - 00079720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-03-04 21:27 - 2014-03-04 21:27 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-03-04 21:27 - 2014-03-04 21:27 - 00064168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-03-04 21:27 - 2014-03-04 21:27 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-03-04 21:27 - 2014-03-04 21:27 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-04 21:27 - 2014-03-04 21:26 - 00000000 ____D () C:\Program Files\Avast
2014-03-04 21:24 - 2014-03-04 21:24 - 00057560 _____ () C:\Users\Dehz\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-04 21:24 - 2014-03-04 21:24 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-03-04 21:22 - 2014-03-04 21:22 - 90578216 _____ (AVAST Software) C:\Users\Dehz\Downloads\avast_free_antivirus_setup.exe
2014-03-04 21:13 - 2014-03-04 21:12 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\Mozilla
2014-03-04 21:13 - 2014-03-04 21:12 - 00000000 ____D () C:\Users\Dehz\AppData\Local\Mozilla
2014-03-04 21:12 - 2014-03-04 21:12 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-04 21:12 - 2014-03-04 21:12 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-04 21:12 - 2014-03-04 21:12 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-04 21:11 - 2014-03-04 21:11 - 00283256 _____ (Mozilla) C:\Users\Dehz\Downloads\Firefox Setup Stub 27.0.1.exe
2014-03-04 20:50 - 2009-07-14 05:52 - 00000000 ____D () C:\Windows\system32\restore
2014-03-04 20:11 - 2014-03-04 20:11 - 00001413 _____ () C:\Users\Dehz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-04 20:10 - 2014-03-04 20:10 - 00000020 ___SH () C:\Users\Dehz\ntuser.ini
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Dehz\Startmenü
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Dehz\Netzwerkumgebung
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Dehz\Druckumgebung
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Dehz\Documents\Eigene Musik
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Dehz\Documents\Eigene Bilder
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Dehz\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Dehz\AppData\Local\Verlauf
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Programme
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 __SHD () C:\Recovery
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 ____D () C:\Users\Dehz\AppData\Local\VirtualStore
2014-03-04 20:10 - 2014-03-04 20:00 - 00000000 ____D () C:\Windows\Panther
2014-03-04 20:10 - 2009-07-14 03:37 - 00000000 __RHD () C:\Users\Default
2014-03-04 20:10 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Windows NT
2014-03-04 20:03 - 2014-03-04 20:03 - 00000000 _____ () C:\Windows\ativpsrm.bin
2014-03-04 20:03 - 2014-03-04 20:01 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-03-04 20:01 - 2011-04-12 02:39 - 00000000 ____D () C:\Windows\CSC
2014-03-04 20:01 - 2009-07-14 05:34 - 00002790 _____ () C:\Windows\DtcInstall.log
2014-03-01 05:30 - 2014-03-12 10:03 - 17074688 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 05:11 - 2014-03-12 10:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 05:10 - 2014-03-12 10:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 04:52 - 2014-03-12 10:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 04:51 - 2014-03-12 10:03 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-12 10:03 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 04:43 - 2014-03-12 10:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 04:43 - 2014-03-12 10:03 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 04:40 - 2014-03-12 10:03 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 04:38 - 2014-03-12 10:03 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 04:38 - 2014-03-12 10:03 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 04:37 - 2014-03-12 10:03 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 04:31 - 2014-03-12 10:03 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 04:25 - 2014-03-12 10:03 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 04:16 - 2014-03-12 10:03 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:14 - 2014-03-12 10:03 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:03 - 2014-03-12 10:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:00 - 2014-03-12 10:03 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 03:57 - 2014-03-12 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 03:32 - 2014-03-12 10:03 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 03:27 - 2014-03-12 10:03 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:25 - 2014-03-12 10:03 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- ---
Addition: Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014 01
Ran by Dehzn at 2014-03-24 00:48:57
Running from C:\Users\Dehzn\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
ATI Catalyst Install Manager (HKLM\...\{47FDEFC7-BFE6-FD75-41D1-28DD572BD2D9}) (Version: 3.0.715.0 - ATI Technologies, Inc.)
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2013 - Avast Software)
Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment)
Catalyst Control Center - Branding (Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (Version: 2010.0210.2339.42455 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2010.0210.2339.42455 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2010.0210.2339.42455 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2010.0210.2339.42455 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2010.0210.2339.42455 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (Version: 2010.0210.2339.42455 - ATI) Hidden
Catalyst Control Center HydraVision Full (Version: 2010.0210.2339.42455 - ATI) Hidden
Catalyst Control Center InstallProxy (Version: 2010.0210.2339.42455 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2010.0210.2339.42455 - ATI) Hidden
CCC Help Chinese Standard (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Chinese Traditional (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Czech (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Danish (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Dutch (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help English (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Finnish (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help French (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help German (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Greek (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Hungarian (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Italian (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Japanese (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Korean (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Norwegian (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Polish (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Portuguese (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Russian (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Spanish (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Swedish (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Thai (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Turkish (Version: 2010.0210.2338.42455 - ATI) Hidden
ccc-core-static (Version: 2010.0210.2339.42455 - Ihr Firmenname) Hidden
ccc-utility (Version: 2010.0210.2339.42455 - ATI) Hidden
Hearthstone (HKLM\...\Hearthstone) (Version: - Blizzard Entertainment)
HHD Software Free Serial Port Monitor 3.31 (HKLM\...\{3472693C-6EC5-41FA-B5B9-A22B11AEFE72}) (Version: 3.31.0.0000 - HHD Software)
JAP (HKLM\...\JAP) (Version: 00.19.001 - JAP-Team)
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 de) (HKLM\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
OpenNIC Wizard Version 0.3.rc2 (HKLM\...\{1D9BA5F4-E722-4670-804D-4BED7B4A26DA}_is1) (Version: 0.3.rc2 - The OpenNIC Project)
Return to Castle Wolfenstein Multiplayer DEMO (HKLM\...\Return to Castle Wolfenstein Multiplayer DEMO) (Version: Multiplayer DEMO - Activision, Inc.)
Service Manager 4.6 (HKLM\...\{047EED53-80D0-4763-A214-E45AE2D4A383}_is1) (Version: 4.6 - Martin Fuchs)
Skins (Version: 2010.0210.2339.42455 - ATI) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.25 - Piriform)
==================== Restore Points =========================
Could not list Restore Points. Check "winmgmt" service or repair WMI.
==================== Hosts content: ==========================
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
==================== Loaded Modules (whitelisted) =============
2014-03-04 21:27 - 2014-03-04 21:27 - 19336120 _____ () C:\Program Files\Avast\libcef.dll
2014-03-16 19:35 - 2014-03-16 19:35 - 00014848 _____ () C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
2009-11-24 13:36 - 2009-11-24 13:36 - 00016384 ____R () C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-03-04 21:12 - 2014-02-13 01:36 - 03578992 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
MSCONFIG\Services: Fax => 3
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/23/2014 11:59:44 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/21/2014 04:09:03 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/21/2014 03:43:11 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: League of Legends.exe, Version: 4.4.0.1858, Zeitstempel: 0x53214f63
Name des fehlerhaften Moduls: cgD3D9.dll, Version: 3.0.0.16, Zeitstempel: 0x4d55a06f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000b6539
ID des fehlerhaften Prozesses: 0xe88
Startzeit der fehlerhaften Anwendung: 0xLeague of Legends.exe0
Pfad der fehlerhaften Anwendung: League of Legends.exe1
Pfad des fehlerhaften Moduls: League of Legends.exe2
Berichtskennung: League of Legends.exe3
Error: (03/21/2014 00:35:01 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/21/2014 00:27:47 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/21/2014 11:53:50 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 27.0.1.5156, Zeitstempel: 0x52fc0faa
Name des fehlerhaften Moduls: xul.dll, Version: 27.0.1.5156, Zeitstempel: 0x52fc0f79
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001560c7
ID des fehlerhaften Prozesses: 0x740
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Error: (03/20/2014 09:40:37 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: League of Legends.exe, Version: 4.4.0.1858, Zeitstempel: 0x53214f63
Name des fehlerhaften Moduls: League of Legends.exe, Version: 4.4.0.1858, Zeitstempel: 0x53214f63
Ausnahmecode: 0xc0000005
Fehleroffset: 0x005787d0
ID des fehlerhaften Prozesses: 0x9d0
Startzeit der fehlerhaften Anwendung: 0xLeague of Legends.exe0
Pfad der fehlerhaften Anwendung: League of Legends.exe1
Pfad des fehlerhaften Moduls: League of Legends.exe2
Berichtskennung: League of Legends.exe3
Error: (03/20/2014 07:59:39 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: League of Legends.exe, Version: 4.4.0.1858, Zeitstempel: 0x53214f63
Name des fehlerhaften Moduls: League of Legends.exe, Version: 4.4.0.1858, Zeitstempel: 0x53214f63
Ausnahmecode: 0xc0000005
Fehleroffset: 0x003e871f
ID des fehlerhaften Prozesses: 0xc58
Startzeit der fehlerhaften Anwendung: 0xLeague of Legends.exe0
Pfad der fehlerhaften Anwendung: League of Legends.exe1
Pfad des fehlerhaften Moduls: League of Legends.exe2
Berichtskennung: League of Legends.exe3
Error: (03/20/2014 06:26:32 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: League of Legends.exe, Version: 4.4.0.1858, Zeitstempel: 0x53214f63
Name des fehlerhaften Moduls: League of Legends.exe, Version: 4.4.0.1858, Zeitstempel: 0x53214f63
Ausnahmecode: 0xc0000005
Fehleroffset: 0x003e871f
ID des fehlerhaften Prozesses: 0x134
Startzeit der fehlerhaften Anwendung: 0xLeague of Legends.exe0
Pfad der fehlerhaften Anwendung: League of Legends.exe1
Pfad des fehlerhaften Moduls: League of Legends.exe2
Berichtskennung: League of Legends.exe3
Error: (03/20/2014 10:33:38 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (03/23/2014 11:57:56 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error: (03/23/2014 11:50:43 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error: (03/21/2014 04:07:09 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error: (03/21/2014 00:33:05 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error: (03/21/2014 00:25:52 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error: (03/21/2014 11:48:53 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "OpenNIC" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (03/20/2014 10:31:43 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error: (03/19/2014 09:55:34 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error: (03/18/2014 02:12:37 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error: (03/17/2014 08:25:29 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Microsoft Office Sessions:
=========================
Error: (03/23/2014 11:59:44 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/21/2014 04:09:03 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/21/2014 03:43:11 PM) (Source: Application Error)(User: )
Description: League of Legends.exe4.4.0.185853214f63cgD3D9.dll3.0.0.164d55a06fc0000005000b6539e8801cf45137884baafC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\League of Legends.exeC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\cgD3D9.dll1fd4a5de-b107-11e3-a45f-001966266b64
Error: (03/21/2014 00:35:01 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/21/2014 00:27:47 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/21/2014 11:53:50 AM) (Source: Application Error)(User: )
Description: firefox.exe27.0.1.515652fc0faaxul.dll27.0.1.515652fc0f79c0000005001560c774001cf448a9d8c6e5bC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Mozilla Firefox\xul.dll15a537de-b0e7-11e3-9a0f-001966266b64
Error: (03/20/2014 09:40:37 PM) (Source: Application Error)(User: )
Description: League of Legends.exe4.4.0.185853214f63League of Legends.exe4.4.0.185853214f63c0000005005787d09d001cf4478ade64648C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\League of Legends.exeC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\League of Legends.exee3e164b0-b06f-11e3-9a0f-001966266b64
Error: (03/20/2014 07:59:39 PM) (Source: Application Error)(User: )
Description: League of Legends.exe4.4.0.185853214f63League of Legends.exe4.4.0.185853214f63c0000005003e871fc5801cf446bd2eee8d7C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\League of Legends.exeC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\League of Legends.exec915a935-b061-11e3-9a0f-001966266b64
Error: (03/20/2014 06:26:32 PM) (Source: Application Error)(User: )
Description: League of Legends.exe4.4.0.185853214f63League of Legends.exe4.4.0.185853214f63c0000005003e871f13401cf445ce2423395C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\League of Legends.exeC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\League of Legends.exec6fcd762-b054-11e3-9a0f-001966266b64
Error: (03/20/2014 10:33:38 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Percentage of memory in use: 32%
Total physical RAM: 3071.3 MB
Available physical RAM: 2058.14 MB
Total Pagefile: 6138.84 MB
Available Pagefile: 5092.57 MB
Total Virtual: 2047.88 MB
Available Virtual: 1908.91 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.79 GB) (Free:204.21 GB) NTFS
==================== MBR & Partition Table ==================
==================== End Of Log ============================
Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Datenbank Version: v2014.03.23.11
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.16521
Dehz :: DEHZN [Administrator]
24.03.2014 00:56:58
mbam-log-2014-03-24 (00-56-58).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 226852
Laufzeit: 5 Minute(n), 15 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)
(Ende)
|
