|
Log-Analyse und Auswertung: "bundestrojaner" seit heute morgen auf pcWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
11.06.2013, 08:13 | #1 |
| "bundestrojaner" seit heute morgen auf pc hey habe seit heute morgen den gvutrojaner oder wie er auch heist auf dem pc, habe bereits den scan mit frst ausgehührt und einen logfile erstellt den ich direkt hochlade, mfg vato FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-06-2013 02 Ran by SYSTEM on 11-06-2013 08:57:57 Running from F:\ Windows 7 Ultimate (X64) OS Language: German Standard Internet Explorer Version 9 Boot Mode: Recovery The current controlset is ControlSet001 ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log. ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2735400 2011-03-31] (Synaptics Incorporated) HKLM\...\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming [1744152 2011-10-07] (Logitech, Inc.) Winlogon\Notify\klogon: %SystemRoot%\System32\klogon.dll (Kaspersky Lab) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [343168 2011-10-12] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide [205336 2011-08-12] (Logitech Inc.) HKLM-x32\...\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [340520 2012-04-03] (Kaspersky Lab) HKU\R3van\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3671872 2012-04-17] (DT Soft Ltd) HKU\R3van\...\Winlogon: [Shell] explorer.exe,C:\Users\R3van\AppData\Roaming\skype.dat [69120 2011-11-17] () <==== ATTENTION AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll,C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll [15376 2009-11-06] (Kaspersky Lab) Startup: C:\Users\R3van\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> (No File) ==================== Services (Whitelisted) ================= S2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [340520 2012-04-03] (Kaspersky Lab) S2 Realtek87B; C:\Program Files (x86)\REALTEK\RTL8187B Wireless LAN Utility\RtlService.exe [40960 2009-12-07] (Realtek) S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2143552 2012-04-05] (TuneUp Software) S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [736104 2012-06-01] (Tunngle.net GmbH) S2 UserAccess7; C:\Windows\SysWow64\UAService7.exe [143360 2012-07-31] (Sony DADC Austria AG.) ==================== Drivers (Whitelisted) ==================== S1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-07] (DT Soft Ltd) S1 kl1; C:\Windows\System32\DRIVERS\kl1.sys [157712 2009-09-01] (Kaspersky Lab) S0 KLBG; C:\Windows\System32\DRIVERS\klbg.sys [40464 2009-10-14] (Kaspersky Lab) S1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [353296 2012-04-03] (Kaspersky Lab) S1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [27152 2009-11-03] (Kaspersky Lab) S3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [21008 2009-10-02] (Kaspersky Lab) S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-20] () S0 sptd; C:\Windows\System32\Drivers\sptd.sys [564792 2012-04-08] (Duplex Secure Ltd.) S3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net) S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2012-02-09] (TuneUp Software) S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [x] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x] S3 tsusbhub; system32\drivers\tsusbhub.sys [x] S3 VGPU; System32\drivers\rdvgkmd.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-06-11 08:57 - 2013-06-11 08:57 - 00000000 ____D C:\FRST 2013-06-11 07:10 - 2013-06-11 07:39 - 00000004 ____A C:\Users\R3van\AppData\Roaming\skype.ini 2013-06-10 22:06 - 2013-06-10 22:06 - 00001415 ____A C:\Users\R3van\Desktop\GildeGold.exe - Verknüpfung.lnk 2013-06-10 17:22 - 2013-06-10 17:23 - 00000000 ____D C:\Users\R3van\Downloads\Die Gilde Gold-Edition v2.06 Windows Vista&7 Ready 2013-06-10 17:19 - 2013-06-10 17:22 - 912413788 ____A C:\Users\R3van\Downloads\Die_Gilde_1_Gold_Edition_inkl_Update_2_06_-_iND.rar 2013-06-10 17:01 - 2013-06-10 17:03 - 280097804 ____A C:\Users\R3van\Downloads\SupiTAS351.rar 2013-06-10 17:01 - 2013-06-10 17:03 - 273762770 ____A C:\Users\R3van\Downloads\SupiTAS350.rar 2013-06-10 16:59 - 2013-06-10 17:01 - 276866401 ____A C:\Users\R3van\Downloads\SupiTAS346.rar 2013-06-10 16:59 - 2013-06-10 17:01 - 268002368 ____A C:\Users\R3van\Downloads\SupiTAS349.rar 2013-06-10 16:52 - 2013-06-10 16:54 - 303787461 ____A C:\Users\R3van\Downloads\SupiTAS354.rar 2013-06-10 16:51 - 2013-06-10 16:53 - 287265853 ____A C:\Users\R3van\Downloads\SupiTAS353.rar 2013-06-10 16:51 - 2013-06-10 16:52 - 265631910 ____A C:\Users\R3van\Downloads\SupiTAS352.rar 2013-06-10 16:49 - 2013-06-10 16:51 - 281614480 ____A C:\Users\R3van\Downloads\SupiTAS348.rar 2013-06-10 16:49 - 2013-06-10 16:51 - 267708851 ____A C:\Users\R3van\Downloads\SupiTAS347.rar 2013-06-10 16:47 - 2013-06-10 16:49 - 296365840 ____A C:\Users\R3van\Downloads\SupiTAS344.rar 2013-06-10 16:47 - 2013-06-10 16:49 - 286051345 ____A C:\Users\R3van\Downloads\SupiTAS345.rar 2013-06-10 16:45 - 2013-06-10 16:47 - 295441307 ____A C:\Users\R3van\Downloads\SupiTAS342.rar 2013-06-10 16:45 - 2013-06-10 16:47 - 256777234 ____A C:\Users\R3van\Downloads\SupiTAS343.rar 2013-06-10 16:43 - 2013-06-10 16:45 - 299184435 ____A C:\Users\R3van\Downloads\SupiTAS241.rar 2013-06-10 16:43 - 2013-06-10 16:45 - 288170276 ____A C:\Users\R3van\Downloads\SupiTAS240.rar 2013-06-10 16:42 - 2013-06-10 16:43 - 296987294 ____A C:\Users\R3van\Downloads\SupiTAS239.rar 2013-06-10 16:41 - 2013-06-10 16:43 - 283050305 ____A C:\Users\R3van\Downloads\SupiTAS238.rar 2013-06-10 16:40 - 2013-06-10 16:42 - 271888647 ____A C:\Users\R3van\Downloads\SupiTAS237.rar 2013-06-10 16:39 - 2013-06-10 16:41 - 270569580 ____A C:\Users\R3van\Downloads\SupiTAS236.rar 2013-06-10 16:38 - 2013-06-10 16:40 - 292070398 ____A C:\Users\R3van\Downloads\SupiTAS235.rar 2013-06-10 16:38 - 2013-06-10 16:39 - 268967456 ____A C:\Users\R3van\Downloads\SupiTAS234.rar 2013-06-10 16:37 - 2013-06-10 16:38 - 292236719 ____A C:\Users\R3van\Downloads\SupiTAS233.rar 2013-06-10 16:36 - 2013-06-10 16:37 - 290802481 ____A C:\Users\R3van\Downloads\SupiTAS232.rar 2013-06-10 16:35 - 2013-06-10 16:37 - 282208272 ____A C:\Users\R3van\Downloads\SupiTAS231.rar 2013-06-10 16:34 - 2013-06-10 16:36 - 297609711 ____A C:\Users\R3van\Downloads\SupiTAS230.rar 2013-06-10 16:33 - 2013-06-10 16:35 - 300735089 ____A C:\Users\R3van\Downloads\SupiTAS229.rar 2013-06-10 16:32 - 2013-06-10 16:34 - 278321194 ____A C:\Users\R3van\Downloads\SupiTAS228.rar 2013-06-10 16:31 - 2013-06-10 16:33 - 295506535 ____A C:\Users\R3van\Downloads\SupiTAS227.rar 2013-06-10 09:47 - 2013-06-10 09:47 - 00231376 ____A (TrueCrypt Foundation) C:\Windows\System32\Drivers\truecrypt.sys 2013-06-10 09:47 - 2013-06-10 09:47 - 00000875 ____A C:\Users\Public\Desktop\TrueCrypt.lnk 2013-06-10 09:46 - 2013-06-10 09:47 - 00000000 ____D C:\Program Files\TrueCrypt 2013-06-10 09:46 - 2013-06-10 09:46 - 03466248 ____A (TrueCrypt Foundation) C:\Users\R3van\Desktop\TrueCrypt Setup 7.1a.exe 2013-06-10 00:41 - 2013-06-10 16:32 - 295970671 ____A C:\Users\R3van\Downloads\SupiTAS226.rar 2013-06-10 00:40 - 2013-06-10 16:31 - 295198665 ____A C:\Users\R3van\Downloads\SupiTAS225.rar 2013-06-10 00:39 - 2013-06-10 00:41 - 295087933 ____A C:\Users\R3van\Downloads\SupiTAS224.rar 2013-06-10 00:39 - 2013-06-10 00:40 - 286328195 ____A C:\Users\R3van\Downloads\SupiTAS223.rar 2013-06-10 00:38 - 2013-06-10 17:20 - 00000000 ____D C:\Users\R3van\Downloads\Superman 2013-06-10 00:37 - 2013-06-10 00:39 - 288609606 ____A C:\Users\R3van\Downloads\SupiTAS219.rar 2013-06-10 00:37 - 2013-06-10 00:39 - 272255173 ____A C:\Users\R3van\Downloads\SupiTAS222.rar 2013-06-10 00:36 - 2013-06-10 00:37 - 281062258 ____A C:\Users\R3van\Downloads\SupiTAS221.rar 2013-06-10 00:35 - 2013-06-10 00:37 - 279773704 ____A C:\Users\R3van\Downloads\SupiTAS220.rar 2013-06-10 00:34 - 2013-06-10 00:36 - 287303408 ____A C:\Users\R3van\Downloads\SupiTAS218.rar 2013-06-10 00:33 - 2013-06-10 00:35 - 287066871 ____A C:\Users\R3van\Downloads\SupiTAS217.rar 2013-06-10 00:32 - 2013-06-10 00:34 - 286793390 ____A C:\Users\R3van\Downloads\SupiTAS216.rar 2013-06-10 00:32 - 2013-06-10 00:33 - 287215141 ____A C:\Users\R3van\Downloads\SupiTAS215.rar 2013-06-10 00:30 - 2013-06-10 00:32 - 287065421 ____A C:\Users\R3van\Downloads\SupiTAS214.rar 2013-06-10 00:30 - 2013-06-10 00:32 - 244193033 ____A C:\Users\R3van\Downloads\SupiTAS113.rar 2013-06-10 00:29 - 2013-06-10 00:30 - 245655114 ____A C:\Users\R3van\Downloads\SupiTAS112.rar 2013-06-10 00:28 - 2013-06-10 00:30 - 244373603 ____A C:\Users\R3van\Downloads\SupiTAS111.rar 2013-06-10 00:27 - 2013-06-10 00:29 - 245629513 ____A C:\Users\R3van\Downloads\SupiTAS110.rar 2013-06-10 00:26 - 2013-06-10 00:28 - 244954248 ____A C:\Users\R3van\Downloads\SupiTAS109.rar 2013-06-10 00:25 - 2013-06-10 00:27 - 310214150 ____A C:\Users\R3van\Downloads\SupiTAS108.rar 2013-06-10 00:25 - 2013-06-10 00:26 - 244369807 ____A C:\Users\R3van\Downloads\SupiTAS107.rar 2013-06-10 00:23 - 2013-06-10 00:25 - 242124027 ____A C:\Users\R3van\Downloads\SupiTAS105.rar 2013-06-10 00:23 - 2013-06-10 00:24 - 245726112 ____A C:\Users\R3van\Downloads\SupiTAS106.rar 2013-06-10 00:21 - 2013-06-10 00:23 - 243658905 ____A C:\Users\R3van\Downloads\SupiTAS104.rar 2013-06-10 00:21 - 2013-06-10 00:23 - 235568291 ____A C:\Users\R3van\Downloads\SupiTAS103.rar 2013-06-10 00:20 - 2013-06-10 00:21 - 242236322 ____A C:\Users\R3van\Downloads\SupiTAS102.rar 2013-06-10 00:20 - 2013-06-10 00:21 - 242050322 ____A C:\Users\R3van\Downloads\SupiTAS101.rar 2013-06-09 23:57 - 2013-06-09 23:57 - 00000000 ____D C:\ProgramData\RELOADED 2013-06-09 15:56 - 2013-06-09 15:56 - 00000936 ____A C:\Users\Public\Desktop\Call of Juarez Gunslinger.lnk 2013-06-09 15:51 - 2013-06-09 23:57 - 00000000 ____D C:\Program Files (x86)\Call of Juarez Gunslinger 2013-06-09 15:00 - 2013-06-09 15:50 - 00000000 ____D C:\Users\R3van\Downloads\Call.of.Juarez.Gunslinger-RELOADED 2013-06-08 22:36 - 2013-06-08 22:36 - 00004096 ____A C:\Windows\d3dx.dat 2013-06-08 22:35 - 2013-06-08 22:35 - 02602279 ____A C:\Users\R3van\Desktop\runblack.rar 2013-06-08 22:29 - 2013-06-08 22:29 - 00000000 ____D C:\Program Files (x86)\Lionhead Studios Ltd 2013-06-08 19:07 - 2013-06-08 19:07 - 00000000 ____D C:\Users\R3van\Desktop\PaxChallenge 2013-06-08 11:57 - 2013-06-08 11:57 - 00000000 ____D C:\Users\R3van\AppData\Local\FLT 2013-06-08 11:48 - 2013-06-08 11:48 - 00001413 ____A C:\Users\Public\Desktop\Remember Me.lnk 2013-06-08 11:41 - 2013-06-08 11:48 - 00000000 ____D C:\Program Files (x86)\Remember Me 2013-06-08 08:57 - 2013-05-30 17:16 - 00000000 ____D C:\Users\R3van\Downloads\CheckMe 2013-06-08 08:52 - 2013-06-08 11:41 - 00000000 ____D C:\Users\R3van\Downloads\Remember_Me-FLT 2013-06-07 18:40 - 2013-06-07 18:41 - 100000000 ____A C:\Users\R3van\Downloads\flt-reme.061 2013-06-07 18:34 - 2013-06-07 18:34 - 00000000 ____D C:\Users\R3van\AppData\Local\GHISLER 2013-06-07 18:34 - 2013-06-07 18:34 - 00000000 ____D C:\RememberMeIso 2013-06-07 18:31 - 2013-06-07 18:31 - 00000646 ____A C:\Users\R3van\Desktop\Total Commander 64 bit.lnk 2013-06-07 18:31 - 2013-06-07 18:31 - 00000632 ____A C:\Users\R3van\Desktop\Total Commander.lnk 2013-06-07 18:31 - 2013-06-07 18:31 - 00000000 ____D C:\Users\R3van\AppData\Roaming\GHISLER 2013-06-07 18:31 - 2013-06-07 18:31 - 00000000 ____D C:\totalcmd 2013-06-07 18:30 - 2013-06-07 18:30 - 05896408 ____A (Ghisler Software GmbH) C:\Users\R3van\Desktop\tcm801x32_64.exe 2013-06-07 13:17 - 2013-06-09 18:17 - 00000000 ____D C:\pix 2013-06-07 12:48 - 2013-06-07 12:48 - 00004033 ____A C:\Users\R3van\Downloads\fairlight.nfo 2013-06-02 11:54 - 2013-06-02 11:54 - 00002112 ____A C:\Users\R3van\Desktop\Rome - Total War.lnk 2013-06-02 11:54 - 2013-06-02 11:54 - 00000254 ____A C:\Windows\RomeTW.ini 2013-05-31 20:06 - 2013-05-31 20:06 - 00000000 ____D C:\Users\R3van\AppData\Roaming\Petroglyph 2013-05-31 10:07 - 2013-05-31 10:07 - 00000221 ____A C:\Users\R3van\Desktop\R.U.S.E.url 2013-05-30 12:21 - 2013-05-30 12:22 - 00000000 ____D C:\Users\R3van\AppData\Local\{699ADE63-9A0F-472F-BD3F-A88198610127} 2013-05-29 22:53 - 2013-03-02 17:51 - 00000752 ____A C:\Users\R3van\Desktop\mcmod.info 2013-05-29 02:05 - 2013-05-29 02:05 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-05-29 02:05 - 2013-05-29 02:05 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-05-29 02:05 - 2013-05-29 02:05 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2013-05-29 02:05 - 2013-05-29 02:05 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-05-29 02:05 - 2013-05-29 02:05 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-05-29 02:05 - 2013-05-29 02:05 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat 2013-05-29 02:05 - 2013-05-29 02:05 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe 2013-05-29 02:05 - 2013-05-29 02:05 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec 2013-05-29 02:05 - 2013-05-29 02:05 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-05-29 02:05 - 2013-05-29 02:05 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2013-05-29 02:05 - 2013-05-29 02:05 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe 2013-05-29 02:05 - 2013-05-29 02:05 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-05-29 02:05 - 2013-05-29 02:05 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe 2013-05-29 02:05 - 2013-05-29 02:05 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-05-29 02:05 - 2013-05-29 02:05 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-05-29 02:05 - 2013-05-29 02:05 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe 2013-05-29 02:05 - 2013-05-29 02:05 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe 2013-05-29 02:05 - 2013-05-29 02:05 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx 2013-05-29 02:05 - 2013-05-29 02:05 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-05-29 02:05 - 2013-05-29 02:05 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-05-29 02:05 - 2013-05-29 02:05 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-05-29 02:05 - 2013-05-29 02:05 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2013-05-29 02:05 - 2013-05-29 02:05 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe 2013-05-29 02:05 - 2013-05-29 02:05 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-05-29 02:05 - 2013-05-29 02:05 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe 2013-05-29 02:05 - 2013-05-29 02:05 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-05-29 02:03 - 2013-05-29 02:03 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-05-29 02:01 - 2013-05-29 02:09 - 00010993 ____A C:\Windows\IE10_main.log 2013-05-28 12:12 - 2013-05-28 12:43 - 00017574 ____A C:\Users\R3van\Desktop\Neues Textdokument (3).txt 2013-05-27 11:48 - 2013-05-27 11:48 - 00000000 ____D C:\Users\R3van\Desktop\Direwolf20 2013-05-26 02:34 - 2013-05-26 02:34 - 00000000 ____D C:\Program Files (x86)\LucasArts 2013-05-26 02:33 - 2013-05-26 02:33 - 00000000 ____D C:\Users\R3van\AppData\Roaming\InstallShield 2013-05-25 19:30 - 2013-05-25 19:30 - 00000220 ____A C:\Users\R3van\Desktop\Titan Quest.url 2013-05-25 19:20 - 2013-05-25 19:20 - 00000000 ____D C:\ProgramData\InstallShield 2013-05-25 15:07 - 2013-05-25 15:18 - 00000000 ____D C:\Users\R3van\Documents\Reus 2013-05-25 12:05 - 2013-05-25 12:05 - 00001540 ____A C:\Users\Public\Desktop\Reus.lnk 2013-05-25 12:04 - 2013-05-25 12:04 - 00000000 ____D C:\GOG Games 2013-05-25 12:00 - 2013-05-25 12:00 - 05504488 ____A ( ) C:\Users\R3van\Downloads\patch_reus_2.0.1.11.exe 2013-05-24 15:05 - 2013-05-24 15:05 - 00000773 ____A C:\Users\R3van\Desktop\Toribash.lnk 2013-05-24 15:05 - 2013-05-24 15:05 - 00000000 ____D C:\Users\R3van\AppData\Roaming\Toribash 2013-05-24 15:04 - 2013-05-24 15:04 - 20860024 ____A (Nabi Studios Pte Ltd ) C:\Users\R3van\Desktop\Toribash-4.31-Setup.exe 2013-05-24 15:04 - 2013-05-24 15:04 - 00000000 ____D C:\Games 2013-05-24 10:32 - 2013-05-25 10:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-05-23 16:59 - 2013-05-23 16:59 - 00000810 ____A C:\Windows\DXError.log 2013-05-23 16:58 - 2013-05-23 16:58 - 00000554 ____A C:\Windows\KB893803v2.log 2013-05-23 16:57 - 2013-05-23 17:02 - 00000000 ____D C:\Users\R3van\Documents\Neverwinter Nights 2 2013-05-23 16:48 - 2013-05-23 16:58 - 00000000 ____D C:\Program Files (x86)\Neverwinter Nights 2 2013-05-23 16:40 - 2010-01-20 18:28 - 00000000 ____D C:\Users\R3van\Downloads\Neverwinter.Nights.2-RELOADED 2013-05-23 16:36 - 2010-11-09 02:31 - 00000000 ____D C:\Users\R3van\Downloads\Neverwinter_Nights_2_Mask_of_the_Betrayer-HATRED 2013-05-23 15:04 - 2013-05-23 15:05 - 137976661 ____A ( ) C:\Users\R3van\Desktop\Drakensang_AFdZ_Patch_1.1_GERMAN.exe 2013-05-21 19:35 - 2013-05-21 19:35 - 00000000 ____D C:\Users\R3van\Documents\Drakensang_TRoT 2013-05-21 19:29 - 2013-05-21 19:29 - 00002115 ____A C:\Users\Public\Desktop\Drakensang - Am Fluss der Zeit.lnk 2013-05-21 19:18 - 2013-05-23 15:09 - 00000000 ____D C:\Program Files (x86)\Drakensang - Am Fluss der Zeit 2013-05-21 18:58 - 2011-02-19 11:39 - 00000000 ____D C:\Users\R3van\Downloads\Drakensang.Am.Fluss.der.Zeit.GERMAN-0x0007 2013-05-20 13:47 - 2013-05-29 17:38 - 00000000 ____D C:\Users\R3van\Desktop\Ultimate 2013-05-20 13:46 - 2013-06-10 16:13 - 00000000 ____D C:\Users\R3van\Desktop\feed the beast 2013-05-19 22:50 - 2013-05-20 12:12 - 00000000 ____D C:\Users\R3van\AppData\Roaming\ftblauncher 2013-05-18 20:17 - 2013-05-18 20:17 - 00000000 ____D C:\Users\R3van\Documents\4A Games 2013-05-18 19:46 - 2013-05-18 19:46 - 00000000 ____D C:\Users\R3van\AppData\Local\4A Games 2013-05-18 19:45 - 2013-05-18 19:45 - 00000218 ____A C:\Users\R3van\Desktop\Counter-Strike.url 2013-05-18 19:37 - 2013-05-18 19:37 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2013-05-18 19:36 - 2013-05-18 19:37 - 35648512 ____A C:\Users\R3van\Desktop\PhysX-9.12.0613-SystemSoftware.msi 2013-05-18 15:05 - 2013-05-22 16:37 - 00000000 ____D C:\Users\R3van\AppData\Roaming\.minecraft 2013-05-18 15:04 - 2013-05-18 15:04 - 00000031 ____A C:\Users\R3van\Desktop\minecraft.bat 2013-05-18 15:04 - 2013-05-18 15:04 - 00000000 ____A C:\Users\R3van\Desktop\minecraft.txt 2013-05-18 15:01 - 2013-05-18 15:01 - 00376304 ____A C:\Users\R3van\Desktop\OptiFine Mod 1.5.2.zip 2013-05-18 14:58 - 2013-05-18 14:58 - 01092512 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll 2013-05-18 14:58 - 2013-05-18 14:58 - 00971680 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll 2013-05-18 14:58 - 2013-05-18 14:58 - 00311200 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe 2013-05-18 14:58 - 2013-05-18 14:58 - 00188832 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe 2013-05-18 14:58 - 2013-05-18 14:58 - 00188320 ____A (Oracle Corporation) C:\Windows\System32\java.exe 2013-05-18 14:58 - 2013-05-18 14:58 - 00108448 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll 2013-05-18 14:57 - 2013-05-18 14:58 - 00000000 ____D C:\Program Files\Java 2013-05-18 14:56 - 2013-05-18 14:56 - 94973848 ____A (Oracle Corporation) C:\Users\R3van\Desktop\jdk-7u21-windows-x64.exe 2013-05-18 14:53 - 2013-05-18 14:53 - 00139783 ____A C:\Users\R3van\Desktop\Minecraft-cracked.jar 2013-05-18 12:50 - 2013-05-18 12:51 - 00000000 ____D C:\Users\R3van\Documents\3DMark 11 2013-05-18 12:50 - 2013-05-18 12:50 - 00000000 ____D C:\Users\R3van\AppData\Local\IsolatedStorage 2013-05-18 12:50 - 2013-05-18 12:50 - 00000000 ____D C:\Users\R3van\AppData\Local\Futuremark 2013-05-18 12:45 - 2013-05-30 13:22 - 00001853 ____A C:\Users\Public\Desktop\3DMark 11.lnk 2013-05-18 12:45 - 2013-05-18 12:45 - 00000000 ____D C:\Program Files (x86)\Futuremark 2013-05-18 12:44 - 2013-05-18 12:44 - 00000000 ____D C:\Program Files\Futuremark 2013-05-18 12:42 - 2013-05-18 12:43 - 284180392 ____A (Futuremark Corporation) C:\Users\R3van\Desktop\3DMark_11_v105_installer.exe 2013-05-17 22:04 - 2013-05-17 22:04 - 00002036 ____A C:\Users\R3van\Desktop\Nehrim - Am Rande des Schicksals.lnk 2013-05-17 21:56 - 2013-05-17 21:56 - 00000000 ____D C:\Program Files (x86)\SureAI 2013-05-17 21:50 - 2011-11-09 09:33 - 158802262 ____A (SureAI ) C:\Users\R3van\Desktop\NehrimUpdate_1.5.0.5_DE.exe 2013-05-17 21:49 - 2011-11-09 09:36 - 1684534216 ____A (SureAI ) C:\Users\R3van\Desktop\nehrim_main.exe 2013-05-17 21:46 - 2013-05-17 21:47 - 04447031 ____A C:\Users\R3van\Desktop\Oblivion_v1.2German.exe 2013-05-17 21:44 - 2013-05-17 21:44 - 00002168 ____A C:\Users\Public\Desktop\Oblivion.lnk 2013-05-17 21:39 - 2013-05-17 21:39 - 00000000 ____D C:\Program Files (x86)\Bethesda Softworks 2013-05-17 20:59 - 2013-05-17 21:22 - 1843586196 ____A C:\Users\R3van\Desktop\nehrim1505.zip 2013-05-17 20:57 - 2013-05-17 20:57 - 05030661 ____A C:\Users\R3van\Desktop\oblivion_v1.2.0416german.exe 2013-05-17 20:45 - 2013-05-17 20:45 - 27836988 ____A C:\Users\R3van\Desktop\Oblivion.zip 2013-05-17 20:44 - 2013-06-11 07:36 - 00000000 ___RD C:\Users\R3van\Dropbox 2013-05-17 20:44 - 2013-06-09 07:16 - 00001018 ____A C:\Users\R3van\Desktop\Dropbox.lnk 2013-05-17 20:41 - 2013-06-11 07:36 - 00000000 ____D C:\Users\R3van\AppData\Roaming\Dropbox 2013-05-17 20:40 - 2013-05-17 20:40 - 34332664 ____A (Dropbox, Inc.) C:\Users\R3van\Desktop\Dropbox 2.0.12.exe 2013-05-17 20:06 - 2013-04-10 07:01 - 00983400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys 2013-05-17 20:06 - 2013-04-10 07:01 - 00265064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys 2013-05-17 20:06 - 2011-02-03 12:25 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll 2013-05-17 20:05 - 2013-04-10 04:30 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2013-05-17 20:05 - 2013-03-19 06:53 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll 2013-05-17 20:05 - 2013-03-19 06:53 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll 2013-05-17 20:05 - 2013-02-27 07:02 - 00111448 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe 2013-05-17 20:05 - 2013-02-27 06:52 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll 2013-05-17 20:05 - 2013-02-27 06:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll 2013-05-17 20:05 - 2013-02-27 06:48 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll 2013-05-17 20:05 - 2013-02-27 06:47 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll 2013-05-17 20:05 - 2013-02-27 05:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2013-05-17 20:05 - 2013-02-27 05:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2013-05-17 20:05 - 2013-02-27 05:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll ==================== One Month Modified Files and Folders ======= 2013-06-11 08:57 - 2013-06-11 08:57 - 00000000 ____D C:\FRST 2013-06-11 07:41 - 2012-04-07 23:52 - 00000000 ____D C:\Users\R3van\AppData\Roaming\NetSpeedMonitor 2013-06-11 07:39 - 2013-06-11 07:10 - 00000004 ____A C:\Users\R3van\AppData\Roaming\skype.ini 2013-06-11 07:38 - 2011-11-04 22:58 - 01343725 ____A C:\Windows\WindowsUpdate.log 2013-06-11 07:36 - 2013-05-17 20:44 - 00000000 ___RD C:\Users\R3van\Dropbox 2013-06-11 07:36 - 2013-05-17 20:41 - 00000000 ____D C:\Users\R3van\AppData\Roaming\Dropbox 2013-06-11 07:36 - 2012-05-05 00:43 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-06-11 07:36 - 2012-04-03 21:00 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2013-06-11 07:34 - 2009-07-14 06:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-06-11 07:34 - 2009-07-14 05:51 - 00070175 ____A C:\Windows\setupact.log 2013-06-11 07:13 - 2009-07-14 05:45 - 00017168 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-06-11 07:13 - 2009-07-14 05:45 - 00017168 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-06-10 22:34 - 2011-11-13 21:17 - 00000000 ____D C:\Program Files (x86)\Steam 2013-06-10 22:26 - 2012-05-11 15:46 - 00000000 ____D C:\Users\R3van\AppData\Roaming\.purple 2013-06-10 22:16 - 2011-12-27 15:12 - 00000000 ____D C:\Users\R3van\AppData\Roaming\Mumble 2013-06-10 22:06 - 2013-06-10 22:06 - 00001415 ____A C:\Users\R3van\Desktop\GildeGold.exe - Verknüpfung.lnk 2013-06-10 22:04 - 2012-04-07 23:04 - 00000000 ____D C:\Users\R3van\AppData\Roaming\Skype 2013-06-10 22:01 - 2011-12-26 00:07 - 00000000 ____D C:\Users\R3van\AppData\Local\PMB Files 2013-06-10 22:01 - 2011-12-26 00:07 - 00000000 ____D C:\ProgramData\PMB Files 2013-06-10 17:23 - 2013-06-10 17:22 - 00000000 ____D C:\Users\R3van\Downloads\Die Gilde Gold-Edition v2.06 Windows Vista&7 Ready 2013-06-10 17:22 - 2013-06-10 17:19 - 912413788 ____A C:\Users\R3van\Downloads\Die_Gilde_1_Gold_Edition_inkl_Update_2_06_-_iND.rar 2013-06-10 17:20 - 2013-06-10 00:38 - 00000000 ____D C:\Users\R3van\Downloads\Superman 2013-06-10 17:03 - 2013-06-10 17:01 - 280097804 ____A C:\Users\R3van\Downloads\SupiTAS351.rar 2013-06-10 17:03 - 2013-06-10 17:01 - 273762770 ____A C:\Users\R3van\Downloads\SupiTAS350.rar 2013-06-10 17:01 - 2013-06-10 16:59 - 276866401 ____A C:\Users\R3van\Downloads\SupiTAS346.rar 2013-06-10 17:01 - 2013-06-10 16:59 - 268002368 ____A C:\Users\R3van\Downloads\SupiTAS349.rar 2013-06-10 16:54 - 2013-06-10 16:52 - 303787461 ____A C:\Users\R3van\Downloads\SupiTAS354.rar 2013-06-10 16:53 - 2013-06-10 16:51 - 287265853 ____A C:\Users\R3van\Downloads\SupiTAS353.rar 2013-06-10 16:52 - 2013-06-10 16:51 - 265631910 ____A C:\Users\R3van\Downloads\SupiTAS352.rar 2013-06-10 16:51 - 2013-06-10 16:49 - 281614480 ____A C:\Users\R3van\Downloads\SupiTAS348.rar 2013-06-10 16:51 - 2013-06-10 16:49 - 267708851 ____A C:\Users\R3van\Downloads\SupiTAS347.rar 2013-06-10 16:49 - 2013-06-10 16:47 - 296365840 ____A C:\Users\R3van\Downloads\SupiTAS344.rar 2013-06-10 16:49 - 2013-06-10 16:47 - 286051345 ____A C:\Users\R3van\Downloads\SupiTAS345.rar 2013-06-10 16:47 - 2013-06-10 16:45 - 295441307 ____A C:\Users\R3van\Downloads\SupiTAS342.rar 2013-06-10 16:47 - 2013-06-10 16:45 - 256777234 ____A C:\Users\R3van\Downloads\SupiTAS343.rar 2013-06-10 16:45 - 2013-06-10 16:43 - 299184435 ____A C:\Users\R3van\Downloads\SupiTAS241.rar 2013-06-10 16:45 - 2013-06-10 16:43 - 288170276 ____A C:\Users\R3van\Downloads\SupiTAS240.rar 2013-06-10 16:43 - 2013-06-10 16:42 - 296987294 ____A C:\Users\R3van\Downloads\SupiTAS239.rar 2013-06-10 16:43 - 2013-06-10 16:41 - 283050305 ____A C:\Users\R3van\Downloads\SupiTAS238.rar 2013-06-10 16:42 - 2013-06-10 16:40 - 271888647 ____A C:\Users\R3van\Downloads\SupiTAS237.rar 2013-06-10 16:41 - 2013-06-10 16:39 - 270569580 ____A C:\Users\R3van\Downloads\SupiTAS236.rar 2013-06-10 16:40 - 2013-06-10 16:38 - 292070398 ____A C:\Users\R3van\Downloads\SupiTAS235.rar 2013-06-10 16:39 - 2013-06-10 16:38 - 268967456 ____A C:\Users\R3van\Downloads\SupiTAS234.rar 2013-06-10 16:38 - 2013-06-10 16:37 - 292236719 ____A C:\Users\R3van\Downloads\SupiTAS233.rar 2013-06-10 16:37 - 2013-06-10 16:36 - 290802481 ____A C:\Users\R3van\Downloads\SupiTAS232.rar 2013-06-10 16:37 - 2013-06-10 16:35 - 282208272 ____A C:\Users\R3van\Downloads\SupiTAS231.rar 2013-06-10 16:36 - 2013-06-10 16:34 - 297609711 ____A C:\Users\R3van\Downloads\SupiTAS230.rar 2013-06-10 16:35 - 2013-06-10 16:33 - 300735089 ____A C:\Users\R3van\Downloads\SupiTAS229.rar 2013-06-10 16:34 - 2013-06-10 16:32 - 278321194 ____A C:\Users\R3van\Downloads\SupiTAS228.rar 2013-06-10 16:33 - 2013-06-10 16:31 - 295506535 ____A C:\Users\R3van\Downloads\SupiTAS227.rar 2013-06-10 16:32 - 2013-06-10 00:41 - 295970671 ____A C:\Users\R3van\Downloads\SupiTAS226.rar 2013-06-10 16:31 - 2013-06-10 00:40 - 295198665 ____A C:\Users\R3van\Downloads\SupiTAS225.rar 2013-06-10 16:13 - 2013-05-20 13:46 - 00000000 ____D C:\Users\R3van\Desktop\feed the beast 2013-06-10 09:47 - 2013-06-10 09:47 - 00231376 ____A (TrueCrypt Foundation) C:\Windows\System32\Drivers\truecrypt.sys 2013-06-10 09:47 - 2013-06-10 09:47 - 00000875 ____A C:\Users\Public\Desktop\TrueCrypt.lnk 2013-06-10 09:47 - 2013-06-10 09:46 - 00000000 ____D C:\Program Files\TrueCrypt 2013-06-10 09:46 - 2013-06-10 09:46 - 03466248 ____A (TrueCrypt Foundation) C:\Users\R3van\Desktop\TrueCrypt Setup 7.1a.exe 2013-06-10 00:41 - 2013-06-10 00:39 - 295087933 ____A C:\Users\R3van\Downloads\SupiTAS224.rar 2013-06-10 00:40 - 2013-06-10 00:39 - 286328195 ____A C:\Users\R3van\Downloads\SupiTAS223.rar 2013-06-10 00:39 - 2013-06-10 00:37 - 288609606 ____A C:\Users\R3van\Downloads\SupiTAS219.rar 2013-06-10 00:39 - 2013-06-10 00:37 - 272255173 ____A C:\Users\R3van\Downloads\SupiTAS222.rar 2013-06-10 00:37 - 2013-06-10 00:36 - 281062258 ____A C:\Users\R3van\Downloads\SupiTAS221.rar 2013-06-10 00:37 - 2013-06-10 00:35 - 279773704 ____A C:\Users\R3van\Downloads\SupiTAS220.rar 2013-06-10 00:36 - 2013-06-10 00:34 - 287303408 ____A C:\Users\R3van\Downloads\SupiTAS218.rar 2013-06-10 00:35 - 2013-06-10 00:33 - 287066871 ____A C:\Users\R3van\Downloads\SupiTAS217.rar 2013-06-10 00:34 - 2013-06-10 00:32 - 286793390 ____A C:\Users\R3van\Downloads\SupiTAS216.rar 2013-06-10 00:33 - 2013-06-10 00:32 - 287215141 ____A C:\Users\R3van\Downloads\SupiTAS215.rar 2013-06-10 00:32 - 2013-06-10 00:30 - 287065421 ____A C:\Users\R3van\Downloads\SupiTAS214.rar 2013-06-10 00:32 - 2013-06-10 00:30 - 244193033 ____A C:\Users\R3van\Downloads\SupiTAS113.rar 2013-06-10 00:30 - 2013-06-10 00:29 - 245655114 ____A C:\Users\R3van\Downloads\SupiTAS112.rar 2013-06-10 00:30 - 2013-06-10 00:28 - 244373603 ____A C:\Users\R3van\Downloads\SupiTAS111.rar 2013-06-10 00:29 - 2013-06-10 00:27 - 245629513 ____A C:\Users\R3van\Downloads\SupiTAS110.rar 2013-06-10 00:28 - 2013-06-10 00:26 - 244954248 ____A C:\Users\R3van\Downloads\SupiTAS109.rar 2013-06-10 00:27 - 2013-06-10 00:25 - 310214150 ____A C:\Users\R3van\Downloads\SupiTAS108.rar 2013-06-10 00:26 - 2013-06-10 00:25 - 244369807 ____A C:\Users\R3van\Downloads\SupiTAS107.rar 2013-06-10 00:25 - 2013-06-10 00:23 - 242124027 ____A C:\Users\R3van\Downloads\SupiTAS105.rar 2013-06-10 00:24 - 2013-06-10 00:23 - 245726112 ____A C:\Users\R3van\Downloads\SupiTAS106.rar 2013-06-10 00:23 - 2013-06-10 00:21 - 243658905 ____A C:\Users\R3van\Downloads\SupiTAS104.rar 2013-06-10 00:23 - 2013-06-10 00:21 - 235568291 ____A C:\Users\R3van\Downloads\SupiTAS103.rar 2013-06-10 00:21 - 2013-06-10 00:20 - 242236322 ____A C:\Users\R3van\Downloads\SupiTAS102.rar 2013-06-10 00:21 - 2013-06-10 00:20 - 242050322 ____A C:\Users\R3van\Downloads\SupiTAS101.rar 2013-06-09 23:57 - 2013-06-09 23:57 - 00000000 ____D C:\ProgramData\RELOADED 2013-06-09 23:57 - 2013-06-09 15:51 - 00000000 ____D C:\Program Files (x86)\Call of Juarez Gunslinger 2013-06-09 18:17 - 2013-06-07 13:17 - 00000000 ____D C:\pix 2013-06-09 15:56 - 2013-06-09 15:56 - 00000936 ____A C:\Users\Public\Desktop\Call of Juarez Gunslinger.lnk 2013-06-09 15:50 - 2013-06-09 15:00 - 00000000 ____D C:\Users\R3van\Downloads\Call.of.Juarez.Gunslinger-RELOADED 2013-06-09 07:16 - 2013-05-17 20:44 - 00001018 ____A C:\Users\R3van\Desktop\Dropbox.lnk 2013-06-08 22:36 - 2013-06-08 22:36 - 00004096 ____A C:\Windows\d3dx.dat 2013-06-08 22:35 - 2013-06-08 22:35 - 02602279 ____A C:\Users\R3van\Desktop\runblack.rar 2013-06-08 22:29 - 2013-06-08 22:29 - 00000000 ____D C:\Program Files (x86)\Lionhead Studios Ltd 2013-06-08 22:29 - 2011-12-26 01:45 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-06-08 19:07 - 2013-06-08 19:07 - 00000000 ____D C:\Users\R3van\Desktop\PaxChallenge 2013-06-08 11:57 - 2013-06-08 11:57 - 00000000 ____D C:\Users\R3van\AppData\Local\FLT 2013-06-08 11:57 - 2011-11-13 22:44 - 00000000 ____D C:\Users\R3van\Documents\My Games 2013-06-08 11:52 - 2009-07-14 18:58 - 00697082 ____A C:\Windows\System32\perfh007.dat 2013-06-08 11:52 - 2009-07-14 18:58 - 00148346 ____A C:\Windows\System32\perfc007.dat 2013-06-08 11:52 - 2009-07-14 06:13 - 01635332 ____A C:\Windows\System32\PerfStringBackup.INI 2013-06-08 11:50 - 2011-11-13 22:44 - 00397818 ____A C:\Windows\DirectX.log 2013-06-08 11:48 - 2013-06-08 11:48 - 00001413 ____A C:\Users\Public\Desktop\Remember Me.lnk 2013-06-08 11:48 - 2013-06-08 11:41 - 00000000 ____D C:\Program Files (x86)\Remember Me 2013-06-08 11:41 - 2013-06-08 08:52 - 00000000 ____D C:\Users\R3van\Downloads\Remember_Me-FLT 2013-06-07 18:41 - 2013-06-07 18:40 - 100000000 ____A C:\Users\R3van\Downloads\flt-reme.061 2013-06-07 18:34 - 2013-06-07 18:34 - 00000000 ____D C:\Users\R3van\AppData\Local\GHISLER 2013-06-07 18:34 - 2013-06-07 18:34 - 00000000 ____D C:\RememberMeIso 2013-06-07 18:31 - 2013-06-07 18:31 - 00000646 ____A C:\Users\R3van\Desktop\Total Commander 64 bit.lnk 2013-06-07 18:31 - 2013-06-07 18:31 - 00000632 ____A C:\Users\R3van\Desktop\Total Commander.lnk 2013-06-07 18:31 - 2013-06-07 18:31 - 00000000 ____D C:\Users\R3van\AppData\Roaming\GHISLER 2013-06-07 18:31 - 2013-06-07 18:31 - 00000000 ____D C:\totalcmd 2013-06-07 18:30 - 2013-06-07 18:30 - 05896408 ____A (Ghisler Software GmbH) C:\Users\R3van\Desktop\tcm801x32_64.exe 2013-06-07 12:48 - 2013-06-07 12:48 - 00004033 ____A C:\Users\R3van\Downloads\fairlight.nfo 2013-06-02 11:54 - 2013-06-02 11:54 - 00002112 ____A C:\Users\R3van\Desktop\Rome - Total War.lnk 2013-06-02 11:54 - 2013-06-02 11:54 - 00000254 ____A C:\Windows\RomeTW.ini 2013-05-31 20:06 - 2013-05-31 20:06 - 00000000 ____D C:\Users\R3van\AppData\Roaming\Petroglyph 2013-05-31 10:07 - 2013-05-31 10:07 - 00000221 ____A C:\Users\R3van\Desktop\R.U.S.E.url 2013-05-30 17:16 - 2013-06-08 08:57 - 00000000 ____D C:\Users\R3van\Downloads\CheckMe 2013-05-30 13:24 - 2012-12-27 19:12 - 00140288 __ASH C:\Users\R3van\Desktop\Thumbs.db 2013-05-30 13:22 - 2013-05-18 12:45 - 00001853 ____A C:\Users\Public\Desktop\3DMark 11.lnk 2013-05-30 12:22 - 2013-05-30 12:21 - 00000000 ____D C:\Users\R3van\AppData\Local\{699ADE63-9A0F-472F-BD3F-A88198610127} 2013-05-30 12:21 - 2011-11-21 15:36 - 00000000 ____D C:\Users\R3van\Tracing 2013-05-29 17:38 - 2013-05-20 13:47 - 00000000 ____D C:\Users\R3van\Desktop\Ultimate 2013-05-29 03:17 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2013-05-29 02:26 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK 2013-05-29 02:26 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR 2013-05-29 02:26 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\zh-HK 2013-05-29 02:26 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\tr-TR 2013-05-29 02:26 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2013-05-29 02:09 - 2013-05-29 02:01 - 00010993 ____A C:\Windows\IE10_main.log 2013-05-29 02:05 - 2013-05-29 02:05 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-05-29 02:05 - 2013-05-29 02:05 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-05-29 02:05 - 2013-05-29 02:05 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2013-05-29 02:05 - 2013-05-29 02:05 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-05-29 02:05 - 2013-05-29 02:05 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-05-29 02:05 - 2013-05-29 02:05 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat 2013-05-29 02:05 - 2013-05-29 02:05 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe 2013-05-29 02:05 - 2013-05-29 02:05 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec 2013-05-29 02:05 - 2013-05-29 02:05 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-05-29 02:05 - 2013-05-29 02:05 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2013-05-29 02:05 - 2013-05-29 02:05 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe 2013-05-29 02:05 - 2013-05-29 02:05 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-05-29 02:05 - 2013-05-29 02:05 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe 2013-05-29 02:05 - 2013-05-29 02:05 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-05-29 02:05 - 2013-05-29 02:05 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-05-29 02:05 - 2013-05-29 02:05 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe 2013-05-29 02:05 - 2013-05-29 02:05 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe 2013-05-29 02:05 - 2013-05-29 02:05 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx 2013-05-29 02:05 - 2013-05-29 02:05 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-05-29 02:05 - 2013-05-29 02:05 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-05-29 02:05 - 2013-05-29 02:05 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-05-29 02:05 - 2013-05-29 02:05 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2013-05-29 02:05 - 2013-05-29 02:05 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-05-29 02:05 - 2013-05-29 02:05 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe 2013-05-29 02:05 - 2013-05-29 02:05 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-05-29 02:05 - 2013-05-29 02:05 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe 2013-05-29 02:05 - 2013-05-29 02:05 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-05-29 02:03 - 2013-05-29 02:03 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-05-29 02:03 - 2013-05-29 02:03 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-05-28 12:43 - 2013-05-28 12:12 - 00017574 ____A C:\Users\R3van\Desktop\Neues Textdokument (3).txt 2013-05-27 11:48 - 2013-05-27 11:48 - 00000000 ____D C:\Users\R3van\Desktop\Direwolf20 2013-05-26 10:51 - 2012-05-09 00:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-05-26 02:34 - 2013-05-26 02:34 - 00000000 ____D C:\Program Files (x86)\LucasArts 2013-05-26 02:33 - 2013-05-26 02:33 - 00000000 ____D C:\Users\R3van\AppData\Roaming\InstallShield 2013-05-25 19:30 - 2013-05-25 19:30 - 00000220 ____A C:\Users\R3van\Desktop\Titan Quest.url 2013-05-25 19:28 - 2012-05-06 23:00 - 00000000 ____D C:\Program Files (x86)\JDownloader 2013-05-25 19:20 - 2013-05-25 19:20 - 00000000 ____D C:\ProgramData\InstallShield 2013-05-25 15:18 - 2013-05-25 15:07 - 00000000 ____D C:\Users\R3van\Documents\Reus 2013-05-25 12:12 - 2012-02-18 14:42 - 01591234 ____A C:\Windows\SysWOW64\PerfStringBackup.INI 2013-05-25 12:05 - 2013-05-25 12:05 - 00001540 ____A C:\Users\Public\Desktop\Reus.lnk 2013-05-25 12:04 - 2013-05-25 12:04 - 00000000 ____D C:\GOG Games 2013-05-25 12:00 - 2013-05-25 12:00 - 05504488 ____A ( ) C:\Users\R3van\Downloads\patch_reus_2.0.1.11.exe 2013-05-25 10:05 - 2013-05-24 10:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-05-24 15:05 - 2013-05-24 15:05 - 00000773 ____A C:\Users\R3van\Desktop\Toribash.lnk 2013-05-24 15:05 - 2013-05-24 15:05 - 00000000 ____D C:\Users\R3van\AppData\Roaming\Toribash 2013-05-24 15:04 - 2013-05-24 15:04 - 20860024 ____A (Nabi Studios Pte Ltd ) C:\Users\R3van\Desktop\Toribash-4.31-Setup.exe 2013-05-24 15:04 - 2013-05-24 15:04 - 00000000 ____D C:\Games 2013-05-23 17:02 - 2013-05-23 16:57 - 00000000 ____D C:\Users\R3van\Documents\Neverwinter Nights 2 2013-05-23 16:59 - 2013-05-23 16:59 - 00000810 ____A C:\Windows\DXError.log 2013-05-23 16:58 - 2013-05-23 16:58 - 00000554 ____A C:\Windows\KB893803v2.log 2013-05-23 16:58 - 2013-05-23 16:48 - 00000000 ____D C:\Program Files (x86)\Neverwinter Nights 2 2013-05-23 15:09 - 2013-05-21 19:18 - 00000000 ____D C:\Program Files (x86)\Drakensang - Am Fluss der Zeit 2013-05-23 15:08 - 2013-02-04 00:09 - 00000000 ____D C:\Windows\SysWOW64\directx 2013-05-23 15:07 - 2013-02-04 00:09 - 00000000 ___HD C:\Windows\msdownld.tmp 2013-05-23 15:05 - 2013-05-23 15:04 - 137976661 ____A ( ) C:\Users\R3van\Desktop\Drakensang_AFdZ_Patch_1.1_GERMAN.exe 2013-05-22 16:37 - 2013-05-18 15:05 - 00000000 ____D C:\Users\R3van\AppData\Roaming\.minecraft 2013-05-21 19:35 - 2013-05-21 19:35 - 00000000 ____D C:\Users\R3van\Documents\Drakensang_TRoT 2013-05-21 19:29 - 2013-05-21 19:29 - 00002115 ____A C:\Users\Public\Desktop\Drakensang - Am Fluss der Zeit.lnk 2013-05-20 12:12 - 2013-05-19 22:50 - 00000000 ____D C:\Users\R3van\AppData\Roaming\ftblauncher 2013-05-20 11:59 - 2012-12-21 17:48 - 00000023 ____A C:\Windows\BlendSettings.ini 2013-05-18 20:17 - 2013-05-18 20:17 - 00000000 ____D C:\Users\R3van\Documents\4A Games 2013-05-18 19:46 - 2013-05-18 19:46 - 00000000 ____D C:\Users\R3van\AppData\Local\4A Games 2013-05-18 19:45 - 2013-05-18 19:45 - 00000218 ____A C:\Users\R3van\Desktop\Counter-Strike.url 2013-05-18 19:37 - 2013-05-18 19:37 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2013-05-18 19:37 - 2013-05-18 19:36 - 35648512 ____A C:\Users\R3van\Desktop\PhysX-9.12.0613-SystemSoftware.msi 2013-05-18 15:04 - 2013-05-18 15:04 - 00000031 ____A C:\Users\R3van\Desktop\minecraft.bat 2013-05-18 15:04 - 2013-05-18 15:04 - 00000000 ____A C:\Users\R3van\Desktop\minecraft.txt 2013-05-18 15:01 - 2013-05-18 15:01 - 00376304 ____A C:\Users\R3van\Desktop\OptiFine Mod 1.5.2.zip 2013-05-18 14:58 - 2013-05-18 14:58 - 01092512 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll 2013-05-18 14:58 - 2013-05-18 14:58 - 00971680 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll 2013-05-18 14:58 - 2013-05-18 14:58 - 00311200 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe 2013-05-18 14:58 - 2013-05-18 14:58 - 00188832 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe 2013-05-18 14:58 - 2013-05-18 14:58 - 00188320 ____A (Oracle Corporation) C:\Windows\System32\java.exe 2013-05-18 14:58 - 2013-05-18 14:58 - 00108448 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll 2013-05-18 14:58 - 2013-05-18 14:57 - 00000000 ____D C:\Program Files\Java 2013-05-18 14:56 - 2013-05-18 14:56 - 94973848 ____A (Oracle Corporation) C:\Users\R3van\Desktop\jdk-7u21-windows-x64.exe 2013-05-18 14:53 - 2013-05-18 14:53 - 00139783 ____A C:\Users\R3van\Desktop\Minecraft-cracked.jar 2013-05-18 12:51 - 2013-05-18 12:50 - 00000000 ____D C:\Users\R3van\Documents\3DMark 11 2013-05-18 12:50 - 2013-05-18 12:50 - 00000000 ____D C:\Users\R3van\AppData\Local\IsolatedStorage 2013-05-18 12:50 - 2013-05-18 12:50 - 00000000 ____D C:\Users\R3van\AppData\Local\Futuremark 2013-05-18 12:45 - 2013-05-18 12:45 - 00000000 ____D C:\Program Files (x86)\Futuremark 2013-05-18 12:44 - 2013-05-18 12:44 - 00000000 ____D C:\Program Files\Futuremark 2013-05-18 12:43 - 2013-05-18 12:42 - 284180392 ____A (Futuremark Corporation) C:\Users\R3van\Desktop\3DMark_11_v105_installer.exe 2013-05-18 12:24 - 2009-07-14 05:45 - 00276552 ____A C:\Windows\System32\FNTCACHE.DAT 2013-05-18 12:23 - 2012-04-04 17:16 - 00018692 ____A C:\Windows\PFRO.log 2013-05-18 09:07 - 2013-03-29 12:53 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-05-18 09:07 - 2012-04-07 23:04 - 00000000 ____D C:\ProgramData\Skype 2013-05-18 08:30 - 2011-11-13 20:11 - 75016696 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe 2013-05-17 22:04 - 2013-05-17 22:04 - 00002036 ____A C:\Users\R3van\Desktop\Nehrim - Am Rande des Schicksals.lnk 2013-05-17 21:56 - 2013-05-17 21:56 - 00000000 ____D C:\Program Files (x86)\SureAI 2013-05-17 21:47 - 2013-05-17 21:46 - 04447031 ____A C:\Users\R3van\Desktop\Oblivion_v1.2German.exe 2013-05-17 21:44 - 2013-05-17 21:44 - 00002168 ____A C:\Users\Public\Desktop\Oblivion.lnk 2013-05-17 21:39 - 2013-05-17 21:39 - 00000000 ____D C:\Program Files (x86)\Bethesda Softworks 2013-05-17 21:38 - 2012-12-21 17:33 - 00000000 ____D C:\Oblivion 2013-05-17 21:22 - 2013-05-17 20:59 - 1843586196 ____A C:\Users\R3van\Desktop\nehrim1505.zip 2013-05-17 20:57 - 2013-05-17 20:57 - 05030661 ____A C:\Users\R3van\Desktop\oblivion_v1.2.0416german.exe 2013-05-17 20:45 - 2013-05-17 20:45 - 27836988 ____A C:\Users\R3van\Desktop\Oblivion.zip 2013-05-17 20:44 - 2011-11-05 13:59 - 00000000 ____D C:\users\R3van 2013-05-17 20:40 - 2013-05-17 20:40 - 34332664 ____A (Dropbox, Inc.) C:\Users\R3van\Desktop\Dropbox 2.0.12.exe 2013-05-17 19:56 - 2012-05-05 00:42 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-05-17 19:56 - 2011-11-05 14:12 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl Files to move or delete: ==================== C:\Users\R3van\AppData\Roaming\skype.dat C:\Users\R3van\AppData\Roaming\skype.ini ==================== Known DLLs (Whitelisted) ================ ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2013-06-11 07:39:21 ==================== Memory info =========================== Percentage of memory in use: 16% Total physical RAM: 3948.54 MB Available physical RAM: 3305.84 MB Total Pagefile: 3946.69 MB Available Pagefile: 3295.55 MB Total Virtual: 8192 MB Available Virtual: 8191.85 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:444.18 GB) (Free:18.5 GB) NTFS (Disk=0 Partition=3) Drive f: () (Removable) (Total:15.06 GB) (Free:14.97 GB) NTFS (Disk=1 Partition=1) Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Drive y: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 4C1644FD) Partition 1: (Not Active) - (Size=21 GB) - (Type=1C) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=444 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 15 GB) (Disk ID: ED2F9F6B) Partition 1: (Active) - (Size=15 GB) - (Type=07 NTFS) LastRegBack: 2013-06-03 01:06 ==================== End Of Log ============================ Geändert von Da GuRu (11.06.2013 um 09:31 Uhr) |
11.06.2013, 08:56 | #2 |
/// the machine /// TB-Ausbilder | "bundestrojaner" seit heute morgen auf pc Hi,
__________________Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKU\R3van\...\Winlogon: [Shell] explorer.exe,C:\Users\R3van\AppData\Roaming\skype.dat [69120 2011-11-17] () <==== ATTENTION 2013-06-11 07:10 - 2013-06-11 07:39 - 00000004 ____A C:\Users\R3van\AppData\Roaming\skype.ini C:\Users\R3van\AppData\Roaming\skype.dat C:\Users\R3van\AppData\Roaming\skype.ini
__________________ |
11.06.2013, 09:14 | #3 | |
| "bundestrojaner" seit heute morgen auf pc danke für die schnelle antwort
__________________Zitat:
danke sehr :-D Geändert von VatoLoco (11.06.2013 um 10:11 Uhr) |
11.06.2013, 13:22 | #4 |
/// the machine /// TB-Ausbilder | "bundestrojaner" seit heute morgen auf pc Wir sind noch nicht fertig ab jetzt alles im normalen Windows Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden ).
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
11.06.2013, 13:52 | #5 |
| "bundestrojaner" seit heute morgen auf pc Hier die beinde logfiles, danke nochmal^^ |
11.06.2013, 13:57 | #6 |
| "bundestrojaner" seit heute morgen auf pc sry seh grad das die otl.txt zu groß zum hochladen ist und zitieren kann ich sie auch nicht |
11.06.2013, 15:36 | #7 |
/// the machine /// TB-Ausbilder | "bundestrojaner" seit heute morgen auf pcSo funktioniert es: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
11.06.2013, 16:44 | #8 |
| "bundestrojaner" seit heute morgen auf pcCode:
ATTFilter OTL logfile created on: 11.06.2013 14:29:48 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\R3van\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16576) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,86 Gb Total Physical Memory | 0,83 Gb Available Physical Memory | 21,54% Memory free 7,71 Gb Paging File | 2,17 Gb Available in Paging File | 28,14% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 444,18 Gb Total Space | 19,65 Gb Free Space | 4,42% Space Free | Partition Type: NTFS Drive E: | 4,64 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: MEIN-TEIL | User Name: R3van | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\R3van\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Users\R3van\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Windows\SysWOW64\UAService7.exe (Sony DADC Austria AG.) PRC - C:\Program Files (x86)\Pidgin\pidgin.exe (The Pidgin developer community) PRC - C:\Program Files (x86)\Mumble\mumble.exe (Thorvald Natvig) PRC - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.) PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\REALTEK\RTL8187B Wireless LAN Utility\RtWlan.exe (Realtek Semiconductor Corp.) PRC - C:\Program Files (x86)\REALTEK\RTL8187B Wireless LAN Utility\RtlService.exe (Realtek) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Mumble\plugins\manual.dll () MOD - C:\Program Files (x86)\Mumble\plugins\bf3.dll () MOD - C:\Program Files (x86)\Mumble\plugins\l4d2.dll () MOD - C:\Program Files (x86)\Mumble\plugins\l4d.dll () MOD - C:\Program Files (x86)\Mumble\plugins\borderlands2.dll () MOD - C:\Program Files (x86)\Mumble\plugins\link.dll () MOD - C:\Program Files (x86)\Mumble\plugins\tf2.dll () MOD - C:\Program Files (x86)\Mumble\plugins\hl2dm.dll () MOD - C:\Program Files (x86)\Mumble\plugins\dods.dll () MOD - C:\Program Files (x86)\Mumble\plugins\css.dll () MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Program Files (x86)\Mumble\plugins\ut99.dll () MOD - C:\Program Files (x86)\Mumble\plugins\wolfet.dll () MOD - C:\Program Files (x86)\Mumble\plugins\lol.dll () MOD - C:\Program Files (x86)\Mumble\plugins\gw.dll () MOD - C:\Program Files (x86)\Mumble\plugins\blacklight.dll () MOD - C:\Program Files (x86)\Mumble\plugins\jc2.dll () MOD - C:\Users\R3van\AppData\Roaming\Dropbox\bin\libcef.dll () MOD - C:\Users\R3van\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll () MOD - C:\Program Files (x86)\Mumble\plugins\borderlands.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\pidgin-otr.dll () MOD - C:\Program Files (x86)\Pidgin\Gtk\bin\libcairo-2.dll () MOD - C:\Program Files (x86)\Pidgin\Gtk\bin\libgio-2.0-0.dll () MOD - C:\Program Files (x86)\Pidgin\Gtk\bin\libfontconfig-1.dll () MOD - C:\Program Files (x86)\Pidgin\Gtk\bin\libpng14-14.dll () MOD - C:\Program Files (x86)\Pidgin\Gtk\bin\libexpat-1.dll () MOD - C:\Program Files (x86)\Pidgin\Gtk\bin\libpangocairo-1.0-0.dll () MOD - C:\Program Files (x86)\Pidgin\Gtk\lib\gtk-2.0\2.10.0\engines\libwimp.dll () MOD - C:\Program Files (x86)\Pidgin\Gtk\bin\zlib1.dll () MOD - C:\Program Files (x86)\Pidgin\Gtk\bin\freetype6.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\xmppdisco.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\xmppconsole.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\themeedit.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\ticker.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\winprefs.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\win2ktrans.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\timestamp_format.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\timestamp.dll () MOD - C:\Program Files (x86)\Pidgin\libjabber.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\libmsn.dll () MOD - C:\Program Files (x86)\Pidgin\liboscar.dll () MOD - C:\Program Files (x86)\Pidgin\libymsg.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\libgg.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\libsilc.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\libmxit.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\libsametime.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\libnovell.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\libmyspace.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\libirc.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\libbonjour.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\spellchk.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\libsimple.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\log_reader.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\pidginrc.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\notify.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\ssl-nss.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\convcolors.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\libyahoo.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\libxmpp.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\libyahoojp.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\markerline.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\autoaccept.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\history.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\idle.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\joinpart.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\offlinemsg.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\libicq.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\extplacement.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\statenotify.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\libaim.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\sendbutton.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\relnot.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\psychic.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\newline.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\gtkbuddynote.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\buddynote.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\iconaway.dll () MOD - C:\Program Files (x86)\Pidgin\plugins\ssl.dll () MOD - C:\Program Files (x86)\Pidgin\exchndl.dll () MOD - C:\Program Files (x86)\Pidgin\spellcheck\libgtkspell-0.dll () MOD - C:\Program Files (x86)\Pidgin\sqlite3.dll () MOD - C:\Program Files (x86)\Pidgin\libsilc-1-1-2.dll () MOD - C:\Program Files (x86)\Pidgin\libsilcclient-1-1-2.dll () MOD - C:\Program Files (x86)\Pidgin\libmeanwhile-1.dll () MOD - C:\Program Files (x86)\Pidgin\libxml2-2.dll () MOD - C:\Program Files (x86)\Mumble\plugins\dys.dll () MOD - C:\Program Files (x86)\Mumble\plugins\sto.dll () MOD - C:\Program Files (x86)\Mumble\plugins\etqw.dll () MOD - C:\Program Files (x86)\Mumble\plugins\cs.dll () MOD - C:\Program Files (x86)\Mumble\plugins\codmw2.dll () MOD - C:\Program Files (x86)\Mumble\plugins\cod5.dll () MOD - C:\Program Files (x86)\Mumble\plugins\breach.dll () MOD - C:\Program Files (x86)\Mumble\plugins\insurgency.dll () MOD - C:\Program Files (x86)\Mumble\plugins\gmod.dll () MOD - C:\Program Files (x86)\Mumble\plugins\wow.dll () MOD - C:\Program Files (x86)\Mumble\plugins\cod4.dll () MOD - C:\Program Files (x86)\Mumble\plugins\ut3.dll () MOD - C:\Program Files (x86)\Mumble\plugins\ut2004.dll () MOD - C:\Program Files (x86)\Mumble\plugins\gtaiv.dll () MOD - C:\Program Files (x86)\Mumble\plugins\codmw2so.dll () MOD - C:\Program Files (x86)\Mumble\plugins\cod2.dll () MOD - C:\Program Files (x86)\Mumble\plugins\bfbc2.dll () MOD - C:\Program Files (x86)\Mumble\plugins\bfheroes.dll () MOD - C:\Program Files (x86)\Mumble\plugins\bf2.dll () MOD - C:\Program Files (x86)\Mumble\plugins\aoc.dll () MOD - C:\Program Files (x86)\Mumble\plugins\bf2142.dll () MOD - C:\Program Files (x86)\Mumble\plugins\bf1942.dll () MOD - C:\Program Files (x86)\Mumble\plugins\arma2.dll () MOD - C:\Users\R3van\AppData\Roaming\Mumble\Plugins\lotro.dll () MOD - C:\Program Files (x86)\Mumble\speex.dll () MOD - C:\Program Files (x86)\Mumble\mumble_ol.dll () MOD - C:\Program Files (x86)\Mumble\celt0.0.7.0.sse2.dll () MOD - C:\Program Files (x86)\Mumble\celt0.0.11.0.sse2.dll () MOD - C:\Program Files (x86)\Mumble\libprotobuf.dll () MOD - C:\Program Files (x86)\Mumble\QtPlugins\iconengines\qsvgicon4.dll () MOD - C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qtiff4.dll () MOD - C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qsvg4.dll () MOD - C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qmng4.dll () MOD - C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qjpeg4.dll () MOD - C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qico4.dll () MOD - C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qgif4.dll () MOD - C:\Program Files (x86)\Mumble\QtGui4.dll () MOD - C:\Program Files (x86)\Mumble\QtNetwork4.dll () MOD - C:\Program Files (x86)\Mumble\QtSvg4.dll () MOD - C:\Program Files (x86)\Mumble\QtOpenGL4.dll () MOD - C:\Program Files (x86)\Mumble\QtSql4.dll () MOD - C:\Program Files (x86)\Mumble\QtXml4.dll () MOD - C:\Program Files (x86)\Mumble\QtCore4.dll () MOD - C:\Program Files (x86)\Mumble\libsndfile-1.dll () MOD - C:\Program Files (x86)\Mumble\LIBMYSQL.dll () MOD - C:\Program Files (x86)\Mumble\ZLIB1.dll () ========== Services (SafeList) ========== SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software) SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG) SRV - (AntiVirMailService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirFirewallService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (Futuremark SystemInfo Service) -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe (Futuremark Corporation) SRV - (UserAccess7) -- C:\Windows\SysWOW64\UAService7.exe (Sony DADC Austria AG.) SRV - (TunngleService) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH) SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe (TuneUp Software) SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software) SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (LBTServ) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.) SRV - (UMVPFSrv) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.) SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS) SRV - (Realtek87B) -- C:\Program Files (x86)\REALTEK\RTL8187B Wireless LAN Utility\RtlService.exe (Realtek) SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (avfwot) -- C:\Windows\SysNative\drivers\avfwot.sys (Avira GmbH) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avfwim) -- C:\Windows\SysNative\drivers\avfwim.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (truecrypt) -- C:\Windows\SysNative\drivers\truecrypt.sys (TrueCrypt Foundation) DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (LUsbFilt) -- C:\Windows\SysNative\drivers\LUsbFilt.sys (Logitech, Inc.) DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.) DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.) DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.) DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (RTL8187) -- C:\Windows\SysNative\drivers\RTL8187.sys (Realtek Semiconductor Corporation ) DRV:64bit: - (tap0901t) -- C:\Windows\SysNative\drivers\tap0901t.sys (Tunngle.net) DRV:64bit: - (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys () DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation) DRV:64bit: - (JME) -- C:\Windows\SysNative\drivers\JME.sys (JMicron Technology Corp.) DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ATK64AMD.sys (ASUS) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.) DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies) DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys (TuneUp Software) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B6 3A B0 DD 59 02 CE 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}: "URL" = hxxp://go.mail.ru/search?q={searchTerms}&utf8in=1&fr=ietb IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.05.16 16:13:58 | 000,000,000 | ---D | M] [2011.11.05 15:26:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\R3van\AppData\Roaming\Mozilla\Extensions [2013.05.12 16:36:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\R3van\AppData\Roaming\Mozilla\Firefox\Profiles\f0ex0p47.default\extensions [2013.05.12 16:36:25 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\R3van\AppData\Roaming\Mozilla\Firefox\Profiles\f0ex0p47.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.05.24 11:32:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.05.24 11:32:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2013.05.24 11:32:49 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2012.05.16 16:13:58 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5 O1 HOSTS File: ([2012.05.09 02:08:26 | 000,000,854 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 secure.tune-up.com O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - Startup: C:\Users\R3van\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\R3van\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{01400395-F382-49F2-B873-383C382901C7}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BA448DD9-AEEF-4E96-85DE-322A70D3C5A0}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DB60FE22-A0FD-4CB3-98DE-AFC14DD8B3C8}: DhcpNameServer = 7.254.254.254 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2013.05.22 19:19:51 | 000,000,043 | R--- | M] () - E:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{37cd0a9c-12f1-11e1-899e-bcaec5a00194}\Shell - "" = AutoRun O33 - MountPoints2\{37cd0a9c-12f1-11e1-899e-bcaec5a00194}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O33 - MountPoints2\{5cd6d8ed-810c-11e1-ab45-bcaec5a00194}\Shell - "" = AutoRun O33 - MountPoints2\{5cd6d8ed-810c-11e1-ab45-bcaec5a00194}\Shell\AutoRun\command - "" = F:\autorun.exe O33 - MountPoints2\{7a5f1cf8-8103-11e1-b070-bcaec5a00194}\Shell - "" = AutoRun O33 - MountPoints2\{7a5f1cf8-8103-11e1-b070-bcaec5a00194}\Shell\AutoRun\command - "" = F:\autorun.exe O33 - MountPoints2\{bb9f7925-97c4-11e1-8101-bcaec5a00194}\Shell - "" = AutoRun O33 - MountPoints2\{bb9f7925-97c4-11e1-8101-bcaec5a00194}\Shell\AutoRun\command - "" = E:\setup.exe -- [2013.05.22 19:21:04 | 000,890,665 | R--- | M] ( ) O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.06.11 14:26:46 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\R3van\Desktop\OTL.exe [2013.06.11 12:49:49 | 000,000,000 | ---D | C] -- C:\Users\R3van\AppData\Roaming\Avira [2013.06.11 12:49:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2013.06.11 12:48:37 | 000,141,376 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avfwot.sys [2013.06.11 12:48:37 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2013.06.11 12:48:37 | 000,114,608 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avfwim.sys [2013.06.11 12:48:37 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys [2013.06.11 12:48:37 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys [2013.06.11 12:48:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2013.06.11 12:48:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2013.06.11 09:57:51 | 000,000,000 | ---D | C] -- C:\FRST [2013.06.10 10:47:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueCrypt [2013.06.10 10:47:12 | 000,231,376 | ---- | C] (TrueCrypt Foundation) -- C:\Windows\SysNative\drivers\truecrypt.sys [2013.06.10 10:46:46 | 000,000,000 | ---D | C] -- C:\Program Files\TrueCrypt [2013.06.10 10:46:26 | 003,466,248 | ---- | C] (TrueCrypt Foundation) -- C:\Users\R3van\Desktop\TrueCrypt Setup 7.1a.exe [2013.06.10 00:57:57 | 000,000,000 | ---D | C] -- C:\ProgramData\RELOADED [2013.06.09 16:51:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Call of Juarez Gunslinger [2013.06.08 23:29:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lionhead Studios Ltd [2013.06.08 23:29:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lionhead Studios Ltd [2013.06.08 20:07:36 | 000,000,000 | ---D | C] -- C:\Users\R3van\Desktop\PaxChallenge [2013.06.08 12:57:39 | 000,000,000 | ---D | C] -- C:\Users\R3van\AppData\Local\FLT [2013.06.08 12:52:23 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013.06.08 12:48:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remember Me [2013.06.08 12:41:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Remember Me [2013.06.07 19:34:29 | 000,000,000 | ---D | C] -- C:\RememberMeIso [2013.06.07 19:34:29 | 000,000,000 | ---D | C] -- C:\Users\R3van\AppData\Local\GHISLER [2013.06.07 19:31:10 | 000,000,000 | ---D | C] -- C:\Users\R3van\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander [2013.06.07 19:31:09 | 000,000,000 | ---D | C] -- C:\totalcmd [2013.06.07 19:31:09 | 000,000,000 | ---D | C] -- C:\Users\R3van\AppData\Roaming\GHISLER [2013.06.07 19:30:48 | 005,896,408 | ---- | C] (Ghisler Software GmbH) -- C:\Users\R3van\Desktop\tcm801x32_64.exe [2013.06.07 14:17:56 | 000,000,000 | ---D | C] -- C:\pix [2013.06.02 12:54:28 | 000,000,000 | ---D | C] -- C:\Users\R3van\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rome - Total War [2013.06.02 12:54:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rome - Total War [2013.05.31 21:06:23 | 000,000,000 | ---D | C] -- C:\Users\R3van\AppData\Roaming\Petroglyph [2013.05.30 13:21:52 | 000,000,000 | ---D | C] -- C:\Users\R3van\AppData\Local\{699ADE63-9A0F-472F-BD3F-A88198610127} [2013.05.29 03:05:00 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.05.29 03:05:00 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.05.29 03:05:00 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.05.29 03:05:00 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013.05.29 03:05:00 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013.05.29 03:05:00 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013.05.29 03:05:00 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013.05.29 03:05:00 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.05.29 03:05:00 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013.05.29 03:05:00 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013.05.29 03:05:00 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.05.29 03:05:00 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013.05.29 03:05:00 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.05.29 03:05:00 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.05.29 03:05:00 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.05.29 03:05:00 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013.05.29 03:05:00 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013.05.29 03:05:00 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.05.29 03:05:00 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013.05.29 03:05:00 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013.05.29 03:05:00 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.05.29 03:05:00 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.05.29 03:05:00 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013.05.29 03:05:00 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013.05.29 03:05:00 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013.05.29 03:05:00 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013.05.29 03:05:00 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.05.29 03:05:00 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013.05.29 03:05:00 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013.05.29 03:05:00 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013.05.29 03:05:00 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013.05.29 03:05:00 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013.05.29 03:05:00 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013.05.29 03:05:00 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.05.29 03:05:00 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.05.29 03:05:00 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013.05.29 03:05:00 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013.05.29 03:05:00 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013.05.29 03:05:00 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013.05.29 03:05:00 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013.05.29 03:05:00 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.05.29 03:05:00 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013.05.29 03:05:00 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.05.29 03:05:00 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013.05.29 03:05:00 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.05.29 03:05:00 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013.05.29 03:05:00 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013.05.29 03:05:00 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.05.29 03:05:00 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013.05.29 03:05:00 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013.05.29 03:05:00 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.05.29 03:05:00 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013.05.29 03:05:00 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.05.29 03:05:00 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013.05.29 03:05:00 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013.05.29 03:05:00 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.05.29 03:05:00 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013.05.29 03:05:00 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.05.29 03:05:00 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013.05.29 03:05:00 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013.05.29 03:05:00 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013.05.29 03:05:00 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.05.29 03:05:00 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.05.29 03:05:00 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013.05.29 03:05:00 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013.05.29 03:05:00 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013.05.29 03:05:00 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013.05.29 03:05:00 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013.05.29 03:03:49 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2013.05.29 03:03:49 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2013.05.29 03:03:49 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013.05.29 03:03:49 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013.05.29 03:03:49 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013.05.29 03:03:49 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013.05.29 03:03:49 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013.05.29 03:03:49 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013.05.29 03:03:49 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll [2013.05.29 03:03:49 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll [2013.05.29 03:03:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll [2013.05.29 03:03:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll [2013.05.29 03:03:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013.05.29 03:03:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013.05.29 03:03:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll [2013.05.29 03:03:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll [2013.05.29 03:03:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll [2013.05.29 03:03:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll [2013.05.29 03:03:49 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013.05.29 03:03:49 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013.05.29 03:03:48 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2013.05.29 03:03:48 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll [2013.05.29 03:03:48 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2013.05.29 03:03:48 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll [2013.05.29 03:03:48 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll [2013.05.29 03:03:48 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2013.05.29 03:03:48 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2013.05.29 03:03:48 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll [2013.05.29 03:03:48 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013.05.29 03:03:48 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll [2013.05.29 03:03:48 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2013.05.29 03:03:48 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2013.05.29 03:03:48 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2013.05.29 03:03:48 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll [2013.05.29 03:03:48 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll [2013.05.29 03:03:48 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2013.05.29 03:03:48 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll [2013.05.29 03:03:48 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll [2013.05.29 03:03:48 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll [2013.05.29 03:03:48 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2013.05.29 03:03:48 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll [2013.05.27 12:48:52 | 000,000,000 | ---D | C] -- C:\Users\R3van\Desktop\Direwolf20 [2013.05.26 03:34:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LucasArts [2013.05.26 03:33:50 | 000,000,000 | ---D | C] -- C:\Users\R3van\AppData\Roaming\InstallShield [2013.05.25 20:20:14 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield [2013.05.25 16:07:29 | 000,000,000 | ---D | C] -- C:\Users\R3van\Documents\Reus [2013.05.25 13:05:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com [2013.05.25 13:04:59 | 000,000,000 | ---D | C] -- C:\GOG Games [2013.05.24 16:05:26 | 000,000,000 | ---D | C] -- C:\Users\R3van\AppData\Roaming\Toribash [2013.05.24 16:04:59 | 000,000,000 | ---D | C] -- C:\Games [2013.05.24 16:04:53 | 000,000,000 | ---D | C] -- C:\Users\R3van\AppData\Local\Programs [2013.05.24 16:04:41 | 020,860,024 | ---- | C] (Nabi Studios Pte Ltd ) -- C:\Users\R3van\Desktop\Toribash-4.31-Setup.exe [2013.05.24 11:32:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.05.23 17:57:57 | 000,000,000 | ---D | C] -- C:\Users\R3van\Documents\Neverwinter Nights 2 [2013.05.23 17:48:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Neverwinter Nights 2 [2013.05.21 20:35:54 | 000,000,000 | ---D | C] -- C:\Users\R3van\Documents\Drakensang_TRoT [2013.05.21 20:29:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drakensang - Am Fluss der Zeit [2013.05.21 20:18:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Drakensang - Am Fluss der Zeit [2013.05.20 14:47:47 | 000,000,000 | ---D | C] -- C:\Users\R3van\Desktop\Ultimate [2013.05.20 14:46:22 | 000,000,000 | ---D | C] -- C:\Users\R3van\Desktop\feed the beast [2013.05.19 23:50:29 | 000,000,000 | ---D | C] -- C:\Users\R3van\AppData\Roaming\ftblauncher [2013.05.18 21:17:20 | 000,000,000 | ---D | C] -- C:\Users\R3van\Documents\4A Games [2013.05.18 20:46:18 | 000,000,000 | ---D | C] -- C:\Users\R3van\AppData\Local\4A Games [2013.05.18 20:37:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2013.05.18 16:05:02 | 000,000,000 | ---D | C] -- C:\Users\R3van\AppData\Roaming\.minecraft [2013.05.18 15:58:25 | 001,092,512 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll [2013.05.18 15:58:25 | 000,971,680 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll [2013.05.18 15:58:25 | 000,311,200 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe [2013.05.18 15:58:18 | 000,188,832 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe [2013.05.18 15:58:18 | 000,188,320 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe [2013.05.18 15:58:18 | 000,108,448 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll [2013.05.18 15:57:17 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2013.05.18 15:56:22 | 094,973,848 | ---- | C] (Oracle Corporation) -- C:\Users\R3van\Desktop\jdk-7u21-windows-x64.exe [2013.05.18 13:50:55 | 000,000,000 | ---D | C] -- C:\Users\R3van\Documents\3DMark 11 [2013.05.18 13:50:35 | 000,000,000 | ---D | C] -- C:\Users\R3van\AppData\Local\IsolatedStorage [2013.05.18 13:50:29 | 000,000,000 | ---D | C] -- C:\Users\R3van\AppData\Local\Futuremark [2013.05.18 13:45:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Futuremark [2013.05.18 13:45:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark [2013.05.18 13:44:51 | 000,000,000 | ---D | C] -- C:\Program Files\Futuremark [2013.05.18 13:42:13 | 284,180,392 | ---- | C] (Futuremark Corporation) -- C:\Users\R3van\Desktop\3DMark_11_v105_installer.exe [2013.05.17 23:04:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nehrim - Am Rande des Schicksals [2013.05.17 22:56:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SureAI [2013.05.17 22:50:11 | 158,802,262 | ---- | C] (SureAI ) -- C:\Users\R3van\Desktop\NehrimUpdate_1.5.0.5_DE.exe [2013.05.17 22:49:01 | 1684,534,216 | ---- | C] (SureAI ) -- C:\Users\R3van\Desktop\nehrim_main.exe [2013.05.17 22:39:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks [2013.05.17 22:39:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bethesda Softworks [2013.05.17 21:44:22 | 000,000,000 | R--D | C] -- C:\Users\R3van\Dropbox [2013.05.17 21:42:20 | 000,000,000 | ---D | C] -- C:\Users\R3van\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox [2013.05.17 21:41:24 | 000,000,000 | ---D | C] -- C:\Users\R3van\AppData\Roaming\Dropbox [2013.05.17 21:40:24 | 034,332,664 | ---- | C] (Dropbox, Inc.) -- C:\Users\R3van\Desktop\Dropbox 2.0.12.exe [2013.05.17 21:06:01 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2013.05.17 21:06:01 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2013.05.17 21:05:55 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll [2013.05.17 21:05:54 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll [2013.05.17 21:05:54 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll [2013.05.17 21:05:54 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2013.05.17 21:05:49 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.06.11 14:36:11 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.06.11 14:26:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\R3van\Desktop\OTL.exe [2013.06.11 12:49:40 | 000,002,070 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2013.06.11 12:34:44 | 000,141,376 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avfwot.sys [2013.06.11 12:34:44 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2013.06.11 12:34:44 | 000,114,608 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avfwim.sys [2013.06.11 12:34:44 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys [2013.06.11 12:34:44 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys [2013.06.11 12:32:35 | 002,092,776 | ---- | M] () -- C:\Users\R3van\Desktop\avira_internet_security.exe [2013.06.11 11:12:56 | 000,017,168 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.06.11 11:12:56 | 000,017,168 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.06.11 11:05:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.06.11 11:05:25 | 3105,259,520 | -HS- | M] () -- C:\hiberfil.sys [2013.06.10 23:06:33 | 000,001,415 | ---- | M] () -- C:\Users\R3van\Desktop\GildeGold.exe - Verknüpfung.lnk [2013.06.10 10:47:43 | 000,000,875 | ---- | M] () -- C:\Users\Public\Desktop\TrueCrypt.lnk [2013.06.10 10:47:12 | 000,231,376 | ---- | M] (TrueCrypt Foundation) -- C:\Windows\SysNative\drivers\truecrypt.sys [2013.06.10 10:46:30 | 003,466,248 | ---- | M] (TrueCrypt Foundation) -- C:\Users\R3van\Desktop\TrueCrypt Setup 7.1a.exe [2013.06.09 16:56:30 | 000,000,936 | ---- | M] () -- C:\Users\Public\Desktop\Call of Juarez Gunslinger.lnk [2013.06.09 08:16:33 | 000,001,050 | ---- | M] () -- C:\Users\R3van\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013.06.09 08:16:07 | 000,001,018 | ---- | M] () -- C:\Users\R3van\Desktop\Dropbox.lnk [2013.06.08 23:36:16 | 000,004,096 | ---- | M] () -- C:\Windows\d3dx.dat [2013.06.08 23:35:33 | 002,602,279 | ---- | M] () -- C:\Users\R3van\Desktop\runblack.rar [2013.06.08 12:52:54 | 001,635,332 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.06.08 12:52:54 | 000,697,082 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.06.08 12:52:54 | 000,652,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.06.08 12:52:54 | 000,148,346 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.06.08 12:52:54 | 000,121,292 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.06.08 12:48:53 | 000,001,413 | ---- | M] () -- C:\Users\Public\Desktop\Remember Me.lnk [2013.06.07 19:31:11 | 000,000,646 | ---- | M] () -- C:\Users\R3van\Desktop\Total Commander 64 bit.lnk [2013.06.07 19:31:11 | 000,000,632 | ---- | M] () -- C:\Users\R3van\Desktop\Total Commander.lnk [2013.06.07 19:30:53 | 005,896,408 | ---- | M] (Ghisler Software GmbH) -- C:\Users\R3van\Desktop\tcm801x32_64.exe [2013.06.02 20:21:40 | 002,520,026 | ---- | M] () -- C:\Users\R3van\Desktop\fehlzeitenzettel.pdf [2013.06.02 12:54:45 | 000,002,112 | ---- | M] () -- C:\Users\R3van\Desktop\Rome - Total War.lnk [2013.06.02 12:54:28 | 000,000,254 | ---- | M] () -- C:\Windows\RomeTW.ini [2013.05.31 11:07:44 | 000,000,221 | ---- | M] () -- C:\Users\R3van\Desktop\R.U.S.E.url [2013.05.30 14:22:23 | 000,001,853 | ---- | M] () -- C:\Users\Public\Desktop\3DMark 11.lnk [2013.05.29 03:05:00 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.05.29 03:05:00 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.05.29 03:05:00 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.05.29 03:05:00 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013.05.29 03:05:00 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013.05.29 03:05:00 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013.05.29 03:05:00 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013.05.29 03:05:00 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.05.29 03:05:00 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013.05.29 03:05:00 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013.05.29 03:05:00 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.05.29 03:05:00 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013.05.29 03:05:00 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.05.29 03:05:00 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.05.29 03:05:00 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.05.29 03:05:00 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013.05.29 03:05:00 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013.05.29 03:05:00 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.05.29 03:05:00 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013.05.29 03:05:00 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013.05.29 03:05:00 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.05.29 03:05:00 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.05.29 03:05:00 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013.05.29 03:05:00 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013.05.29 03:05:00 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013.05.29 03:05:00 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013.05.29 03:05:00 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.05.29 03:05:00 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013.05.29 03:05:00 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013.05.29 03:05:00 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013.05.29 03:05:00 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013.05.29 03:05:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013.05.29 03:05:00 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013.05.29 03:05:00 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.05.29 03:05:00 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.05.29 03:05:00 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013.05.29 03:05:00 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013.05.29 03:05:00 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013.05.29 03:05:00 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013.05.29 03:05:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013.05.29 03:05:00 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.05.29 03:05:00 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013.05.29 03:05:00 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.05.29 03:05:00 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013.05.29 03:05:00 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.05.29 03:05:00 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013.05.29 03:05:00 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013.05.29 03:05:00 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.05.29 03:05:00 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013.05.29 03:05:00 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013.05.29 03:05:00 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.05.29 03:05:00 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013.05.29 03:05:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.05.29 03:05:00 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013.05.29 03:05:00 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013.05.29 03:05:00 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.05.29 03:05:00 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013.05.29 03:05:00 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.05.29 03:05:00 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013.05.29 03:05:00 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013.05.29 03:05:00 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013.05.29 03:05:00 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.05.29 03:05:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.05.29 03:05:00 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013.05.29 03:05:00 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2013.05.29 03:05:00 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2013.05.29 03:05:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013.05.29 03:05:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013.05.29 03:05:00 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013.05.29 03:05:00 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013.05.29 03:03:49 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2013.05.29 03:03:49 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2013.05.29 03:03:49 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2013.05.29 03:03:49 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013.05.29 03:03:49 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013.05.29 03:03:49 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013.05.29 03:03:49 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013.05.29 03:03:49 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013.05.29 03:03:49 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013.05.29 03:03:49 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll [2013.05.29 03:03:49 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll [2013.05.29 03:03:49 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll [2013.05.29 03:03:49 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll [2013.05.29 03:03:49 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013.05.29 03:03:49 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013.05.29 03:03:49 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll [2013.05.29 03:03:49 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll [2013.05.29 03:03:49 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll [2013.05.29 03:03:49 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll [2013.05.29 03:03:49 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013.05.29 03:03:49 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013.05.29 03:03:48 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2013.05.29 03:03:48 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll [2013.05.29 03:03:48 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2013.05.29 03:03:48 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll [2013.05.29 03:03:48 | 001,887,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll [2013.05.29 03:03:48 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2013.05.29 03:03:48 | 001,504,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll [2013.05.29 03:03:48 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013.05.29 03:03:48 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll [2013.05.29 03:03:48 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2013.05.29 03:03:48 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2013.05.29 03:03:48 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2013.05.29 03:03:48 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll [2013.05.29 03:03:48 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll [2013.05.29 03:03:48 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2013.05.29 03:03:48 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll [2013.05.29 03:03:48 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll [2013.05.29 03:03:48 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll [2013.05.29 03:03:48 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2013.05.29 03:03:48 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll [2013.05.25 20:30:43 | 000,000,220 | ---- | M] () -- C:\Users\R3van\Desktop\Titan Quest.url [2013.05.25 13:12:48 | 001,591,234 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013.05.25 13:05:25 | 000,001,540 | ---- | M] () -- C:\Users\Public\Desktop\Reus.lnk [2013.05.24 16:05:11 | 000,000,773 | ---- | M] () -- C:\Users\R3van\Desktop\Toribash.lnk [2013.05.24 16:04:49 | 020,860,024 | ---- | M] (Nabi Studios Pte Ltd ) -- C:\Users\R3van\Desktop\Toribash-4.31-Setup.exe [2013.05.23 16:05:28 | 137,976,661 | ---- | M] ( ) -- C:\Users\R3van\Desktop\Drakensang_AFdZ_Patch_1.1_GERMAN.exe [2013.05.21 20:29:09 | 000,002,115 | ---- | M] () -- C:\Users\Public\Desktop\Drakensang - Am Fluss der Zeit.lnk [2013.05.20 12:59:40 | 000,000,023 | ---- | M] () -- C:\Windows\BlendSettings.ini [2013.05.18 20:45:17 | 000,000,218 | ---- | M] () -- C:\Users\R3van\Desktop\Counter-Strike.url [2013.05.18 20:37:05 | 035,648,512 | ---- | M] () -- C:\Users\R3van\Desktop\PhysX-9.12.0613-SystemSoftware.msi [2013.05.18 16:04:55 | 000,000,031 | ---- | M] () -- C:\Users\R3van\Desktop\minecraft.bat [2013.05.18 16:01:20 | 000,376,304 | ---- | M] () -- C:\Users\R3van\Desktop\OptiFine Mod 1.5.2.zip [2013.05.18 15:58:15 | 001,092,512 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll [2013.05.18 15:58:15 | 000,971,680 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll [2013.05.18 15:58:15 | 000,311,200 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe [2013.05.18 15:58:15 | 000,188,832 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe [2013.05.18 15:58:15 | 000,188,320 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe [2013.05.18 15:58:15 | 000,108,448 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll [2013.05.18 15:56:49 | 094,973,848 | ---- | M] (Oracle Corporation) -- C:\Users\R3van\Desktop\jdk-7u21-windows-x64.exe [2013.05.18 15:53:38 | 000,139,783 | ---- | M] () -- C:\Users\R3van\Desktop\Minecraft-cracked.jar [2013.05.18 13:43:33 | 284,180,392 | ---- | M] (Futuremark Corporation) -- C:\Users\R3van\Desktop\3DMark_11_v105_installer.exe [2013.05.18 13:24:10 | 000,276,552 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.05.17 23:04:14 | 000,002,036 | ---- | M] () -- C:\Users\R3van\Desktop\Nehrim - Am Rande des Schicksals.lnk [2013.05.17 22:47:57 | 004,447,031 | ---- | M] () -- C:\Users\R3van\Desktop\Oblivion_v1.2German.exe [2013.05.17 22:44:19 | 000,002,168 | ---- | M] () -- C:\Users\Public\Desktop\Oblivion.lnk [2013.05.17 22:22:53 | 1843,586,196 | ---- | M] () -- C:\Users\R3van\Desktop\nehrim1505.zip [2013.05.17 21:57:35 | 005,030,661 | ---- | M] () -- C:\Users\R3van\Desktop\oblivion_v1.2.0416german.exe [2013.05.17 21:45:39 | 027,836,988 | ---- | M] () -- C:\Users\R3van\Desktop\Oblivion.zip [2013.05.17 21:40:47 | 034,332,664 | ---- | M] (Dropbox, Inc.) -- C:\Users\R3van\Desktop\Dropbox 2.0.12.exe [2013.05.17 20:56:04 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.05.17 20:56:04 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.06.11 12:49:40 | 000,002,070 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2013.06.11 12:32:08 | 002,092,776 | ---- | C] () -- C:\Users\R3van\Desktop\avira_internet_security.exe [2013.06.10 23:06:33 | 000,001,415 | ---- | C] () -- C:\Users\R3van\Desktop\GildeGold.exe - Verknüpfung.lnk [2013.06.10 10:47:43 | 000,000,875 | ---- | C] () -- C:\Users\Public\Desktop\TrueCrypt.lnk [2013.06.09 16:56:30 | 000,000,948 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Juarez Gunslinger.lnk [2013.06.09 16:56:30 | 000,000,936 | ---- | C] () -- C:\Users\Public\Desktop\Call of Juarez Gunslinger.lnk [2013.06.08 23:36:16 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat [2013.06.08 23:35:25 | 002,602,279 | ---- | C] () -- C:\Users\R3van\Desktop\runblack.rar [2013.06.08 12:48:53 | 000,001,413 | ---- | C] () -- C:\Users\Public\Desktop\Remember Me.lnk [2013.06.07 19:31:11 | 000,000,646 | ---- | C] () -- C:\Users\R3van\Desktop\Total Commander 64 bit.lnk [2013.06.07 19:31:11 | 000,000,632 | ---- | C] () -- C:\Users\R3van\Desktop\Total Commander.lnk [2013.06.02 20:21:33 | 002,520,026 | ---- | C] () -- C:\Users\R3van\Desktop\fehlzeitenzettel.pdf [2013.06.02 12:54:45 | 000,002,112 | ---- | C] () -- C:\Users\R3van\Desktop\Rome - Total War.lnk [2013.06.02 12:54:28 | 000,000,254 | ---- | C] () -- C:\Windows\RomeTW.ini [2013.05.31 11:07:44 | 000,000,221 | ---- | C] () -- C:\Users\R3van\Desktop\R.U.S.E.url [2013.05.29 23:53:12 | 000,000,752 | ---- | C] () -- C:\Users\R3van\Desktop\mcmod.info [2013.05.29 03:05:00 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2013.05.29 03:05:00 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2013.05.25 20:30:43 | 000,000,220 | ---- | C] () -- C:\Users\R3van\Desktop\Titan Quest.url [2013.05.25 13:05:25 | 000,001,540 | ---- | C] () -- C:\Users\Public\Desktop\Reus.lnk [2013.05.24 16:05:11 | 000,000,773 | ---- | C] () -- C:\Users\R3van\Desktop\Toribash.lnk [2013.05.23 16:04:43 | 137,976,661 | ---- | C] ( ) -- C:\Users\R3van\Desktop\Drakensang_AFdZ_Patch_1.1_GERMAN.exe [2013.05.21 20:29:09 | 000,002,115 | ---- | C] () -- C:\Users\Public\Desktop\Drakensang - Am Fluss der Zeit.lnk [2013.05.18 20:45:17 | 000,000,218 | ---- | C] () -- C:\Users\R3van\Desktop\Counter-Strike.url [2013.05.18 20:36:58 | 035,648,512 | ---- | C] () -- C:\Users\R3van\Desktop\PhysX-9.12.0613-SystemSoftware.msi [2013.05.18 16:04:55 | 000,000,031 | ---- | C] () -- C:\Users\R3van\Desktop\minecraft.bat [2013.05.18 16:01:18 | 000,376,304 | ---- | C] () -- C:\Users\R3van\Desktop\OptiFine Mod 1.5.2.zip [2013.05.18 15:53:36 | 000,139,783 | ---- | C] () -- C:\Users\R3van\Desktop\Minecraft-cracked.jar [2013.05.18 13:45:17 | 000,001,853 | ---- | C] () -- C:\Users\Public\Desktop\3DMark 11.lnk [2013.05.17 23:04:14 | 000,002,036 | ---- | C] () -- C:\Users\R3van\Desktop\Nehrim - Am Rande des Schicksals.lnk [2013.05.17 22:46:39 | 004,447,031 | ---- | C] () -- C:\Users\R3van\Desktop\Oblivion_v1.2German.exe [2013.05.17 22:44:19 | 000,002,168 | ---- | C] () -- C:\Users\Public\Desktop\Oblivion.lnk [2013.05.17 21:59:10 | 1843,586,196 | ---- | C] () -- C:\Users\R3van\Desktop\nehrim1505.zip [2013.05.17 21:57:29 | 005,030,661 | ---- | C] () -- C:\Users\R3van\Desktop\oblivion_v1.2.0416german.exe [2013.05.17 21:45:24 | 027,836,988 | ---- | C] () -- C:\Users\R3van\Desktop\Oblivion.zip [2013.05.17 21:44:22 | 000,001,018 | ---- | C] () -- C:\Users\R3van\Desktop\Dropbox.lnk [2013.05.17 21:42:46 | 000,001,050 | ---- | C] () -- C:\Users\R3van\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012.12.25 18:58:56 | 000,000,218 | ---- | C] () -- C:\Users\R3van\.recently-used.xbel [2012.12.21 18:48:53 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini [2012.07.31 22:53:58 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe [2012.07.09 19:26:37 | 000,040,960 | R--- | C] () -- C:\Windows\SysWow64\psfind.dll [2012.05.09 02:36:28 | 000,007,606 | ---- | C] () -- C:\Users\R3van\AppData\Local\Resmon.ResmonCfg [2012.05.07 15:21:17 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\H@tKeysH@@k.DLL [2012.05.07 11:35:21 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI [2012.02.18 15:42:51 | 001,591,234 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.12.24 14:48:39 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll [2011.11.21 17:01:12 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini [2011.11.05 15:21:18 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011.10.12 17:16:30 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll [2011.08.19 11:26:20 | 010,898,456 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll [2011.08.19 11:26:20 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll [2011.08.19 11:26:20 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > |
11.06.2013, 19:24 | #9 | |
/// the machine /// TB-Ausbilder | "bundestrojaner" seit heute morgen auf pcZitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
11.06.2013, 19:28 | #10 |
| "bundestrojaner" seit heute morgen auf pc ka was das ist |
11.06.2013, 19:47 | #11 |
/// the machine /// TB-Ausbilder | "bundestrojaner" seit heute morgen auf pc TuneUp 2012, bei dir installiert, gecracked und illegal. Dateien, wie Crack.exe, Keygen.exe oder Patch.exe sind zu 99,9% gefährliche Schädlinge, mit denen man nicht Spaßen sollte. Ausserdem sind diese illegal und wir unterstützen die Verwendung von geklauter Software nicht. Somit beschränkt sich der Support auf Anleitung zum Neu aufsetzten
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu "bundestrojaner" seit heute morgen auf pc |
.dll, adobe, adobe flash player, association, avp, desktop, explorer, farbar, farbar recovery scan tool, flash player, frst.txt, installation, kaspersky, logfile, lws.exe, microsoft, mozilla, nvidia, realtek, registry, scan, secure, security, services.exe, software, svchost.exe, system, temp, total commander, vista, winlogon.exe |