| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Battle.net Phishing Mail, Link geklickt, aber nichts eingegebenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
25.06.2013, 18:03
| #1 | |||
| |  Battle.net Phishing Mail, Link geklickt, aber nichts eingegeben Hey, ich hab vor kurzem vermutlich zwei Phishing Mails erhalten. Die Erste von (Zitat): "Diablo III", die zweite von (Zitat): "Blizzard entertainnnt". Beide geschrieben in grauenvollem Deutsch, beide behandelten die geliche Thematik. Ich wäre nun am Handel von Ausrüstung und Gold beteiligt und so weiter. Bei der Diablo III Mail dann das hier: Zitat:
Zitat:
Wie auch immer, es kam heute eine Nachricht von (Zitat): "Blizzard Entertainment", die keine Rechtschreibfehler beinhaltet und sehr offiziell erscheint. Hier die Mail: Zitat:
 )Kann es sein, dass die doch meine Accountdaten haben, obwohl ich nichts angegeben habe und dass sie zugegriffen haben und deshalb der Account gesperrt wurde? Sollte ich dann alle Passwörter ändern, auch die von anderen Seiten bzw. Accounts? Und sollte ich den Account reaktivieren lassen? Eigentlich ist er mir ja egal, ich benutze ihn sowieso nicht. Aber kann es sein, dass ich alles noch schlimmer mache, wenn ich den Account in seinem derzeitigen Zustand belasse? Danke für eure Hilfe im Vorraus, nubili |
|
25.06.2013, 18:04
| #2 |
| /// the machine /// TB-Ausbilder    | Battle.net Phishing Mail, Link geklickt, aber nichts eingegeben Hi,
__________________Systemscan mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)
__________________ |
|
25.06.2013, 20:58
| #3 |
| | Battle.net Phishing Mail, Link geklickt, aber nichts eingegeben Okay, vielen Dank erstmal.
__________________ Und hier, wie gewünscht: FRST.txt: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-06-2013 01
Ran by Bennet (administrator) on 25-06-2013 21:37:08
Running from C:\Users\Bennet\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Hauppauge Computer Works, Inc.) C:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDCTrayTool.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Hauppauge Computer Works, Inc.) C:\PROGRA~2\HAUPPA~1\DEVICE~1\HCWDEV~1.EXE
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [10135584 2010-03-26] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [446392 2012-04-04] (Adobe Systems Incorporated)
HKCU\...\Run: [AdobeBridge] [x]
HKCU\...\Run: [Dxtory Update Checker 2.0] C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
MountPoints2: {633aaede-4f78-11e2-adf8-806e6f6e6963} - D:\Run.exe
MountPoints2: {ca402620-72a5-11e2-a8fa-1c6f6542c021} - K:\Startme.exe
HKLM-x32\...\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [375000 2009-10-15] (DeviceVM, Inc.)
HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-10-02] (Intel Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()
HKLM-x32\...\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345312 2013-05-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [x]
HKLM-x32\...\Run: [BtTray] "C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe" [368726 2012-05-28] (IVT Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start [2254768 2012-12-10] (LogMeIn Inc.)
Startup: C:\Users\Bennet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Bennet\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Bennet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hauppauge Device Central Tray Tool.lnk
ShortcutTarget: Hauppauge Device Central Tray Tool.lnk -> C:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDCTrayTool.exe (Hauppauge Computer Works, Inc.)
Startup: C:\Users\Bennet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch64.dll (DeviceVM, Inc.)
HKCU SearchScopes: DefaultScope {8B566A3D-A49C-4c04-B82D-A2FB32EB8EBA} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
SearchScopes: HKCU - {8B566A3D-A49C-4c04-B82D-A2FB32EB8EBA} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Bennet\AppData\Roaming\Mozilla\Firefox\Profiles\hyhzhfn3.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF SelectedSearchEngine: WEB.DE Suche
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.10.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.10.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: BYTubeD - Bulk YouTube video Downloader - C:\Users\Bennet\AppData\Roaming\Mozilla\Firefox\Profiles\hyhzhfn3.default\Extensions\bytubed@cs213.cse.iitk.ac.in
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\Bennet\AppData\Roaming\Mozilla\Firefox\Profiles\hyhzhfn3.default\Extensions\ich@maltegoetz.de
FF Extension: toolbar - C:\Users\Bennet\AppData\Roaming\Mozilla\Firefox\Profiles\hyhzhfn3.default\Extensions\toolbar@web.de.xpi
FF Extension: No Name - C:\Users\Bennet\AppData\Roaming\Mozilla\Firefox\Profiles\hyhzhfn3.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi
FF Extension: No Name - C:\Users\Bennet\AppData\Roaming\Mozilla\Firefox\Profiles\hyhzhfn3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Bennet\AppData\Roaming\Mozilla\Firefox\Profiles\hyhzhfn3.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86752 2013-03-30] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110816 2013-03-30] (Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-06-08] ()
R2 BlueSoleilCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [1082880 2012-05-31] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe [199680 2012-05-21] (IVT Corporation)
R3 HcwDevCentralService; C:\PROGRA~2\HAUPPA~1\DEVICE~1\HCWDEV~1.EXE [381264 2013-01-09] (Hauppauge Computer Works, Inc.)
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-19] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-02-04] ()
S2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [x]
==================== Drivers (Whitelisted) ====================
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-27] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-30] (Avira Operations GmbH & Co. KG)
S3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [22240 2011-12-21] (IVT Corporation.)
S3 BTCOM; C:\Windows\System32\DRIVERS\btcomport.sys [29576 2011-07-27] (IVT Corporation.)
R3 BTCOMBUS; C:\Windows\System32\Drivers\btcombus.sys [25352 2011-07-27] (IVT Corporation.)
S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [43616 2011-12-27] (IVT Corporation.)
R0 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [25056 2011-12-21] (IVT Corporation.)
R3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [31968 2011-12-21] (IVT Corporation.)
S3 hcwE5bda; C:\Windows\System32\drivers\hcwE5bda.sys [792320 2013-01-07] (Hauppauge Computer Work, Inc.)
S3 hcwhdpvr; C:\Windows\System32\DRIVERS\hcwhdpvr.sys [189952 2010-06-23] (Hauppauge, Inc.)
R3 IvtBtBUs; C:\Windows\System32\Drivers\IvtBtBus.sys [27016 2010-04-06] (IVT Corporation.)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 VHidMinidrv; C:\Windows\System32\drivers\VHIDMini.sys [18952 2011-07-27] (IVT Corporation.)
S3 gdrv; \??\C:\Windows\gdrv.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-06-25 21:36 - 2013-06-25 21:36 - 00000000 ____D C:\FRST
2013-06-25 21:35 - 2013-06-25 21:35 - 01931854 ____A (Farbar) C:\Users\Bennet\Desktop\FRST64.exe
2013-06-24 15:52 - 2013-06-24 15:52 - 00019582 ____A C:\Users\Bennet\AppData\Local\recently-used.xbel
2013-06-24 15:51 - 2013-06-24 15:51 - 00000000 ____A C:\Users\Bennet\Downloads\server.log
2013-06-24 15:37 - 2013-06-24 16:16 - 00000000 ____D C:\Users\Bennet\FTB
2013-06-24 15:35 - 2013-06-24 15:37 - 00000000 ____D C:\Users\Bennet\AppData\Roaming\ftblauncher
2013-06-24 15:34 - 2013-06-24 15:34 - 00510899 ____A () C:\Users\Bennet\Downloads\FTB_Launcher.exe
2013-06-24 13:42 - 2013-06-24 13:42 - 00000036 ____A C:\Users\Bennet\Documents\MagickaDSLS.avi.sfl
2013-06-24 13:40 - 2013-06-24 22:21 - 00032357 ____A C:\Users\Bennet\Documents\Perundoliver.odt
2013-06-24 13:20 - 2013-06-24 13:42 - 3926431232 ____A C:\Users\Bennet\Documents\MagickaDSLS.avi
2013-06-24 13:02 - 2013-06-24 13:02 - 01385294 ____A C:\Users\Bennet\Documents\EGL (1).mkv
2013-06-24 01:36 - 2013-06-24 01:36 - 02414756 ____A C:\Users\Bennet\Documents\Auflös (1).mkv
2013-06-23 20:29 - 2013-06-23 20:29 - 22800753 ____A C:\Users\Bennet\Documents\MC (1).mkv
2013-06-22 20:12 - 2013-06-22 20:12 - 00000000 ____D C:\Users\Bennet\AppData\Roaming\OBS
2013-06-22 20:02 - 2013-06-22 20:02 - 00000935 ____A C:\Users\Bennet\Desktop\Open Broadcaster Software.lnk
2013-06-22 20:02 - 2013-06-22 20:02 - 00000000 ____D C:\Program Files (x86)\OBS
2013-06-21 16:09 - 2013-06-21 16:09 - 00000028 ____A C:\Users\Bennet\Documents\HG.avi.sfl
2013-06-21 15:04 - 2013-06-21 16:09 - 3613037056 ____A C:\Users\Bennet\Documents\HG.avi
2013-06-16 22:12 - 2013-06-16 22:12 - 03820480 ____A C:\Users\Bennet\Downloads\battlelog-web-plugins_2.1.7_115.exe
2013-06-15 16:31 - 2013-06-15 16:31 - 00000036 ____A C:\Users\Bennet\Documents\Minecraft3.avi.sfl
2013-06-15 16:19 - 2013-06-15 16:31 - 630021120 ____A C:\Users\Bennet\Documents\Minecraft3.avi
2013-06-15 04:23 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-15 04:23 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-15 04:23 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-15 04:23 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-15 04:23 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-15 04:23 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-15 04:23 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-15 04:23 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-15 04:23 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-15 04:23 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-15 04:23 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-15 04:23 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-13 17:14 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-13 17:14 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-13 17:14 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-13 17:14 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-13 17:14 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-13 17:14 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-13 17:14 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-13 17:14 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-13 17:14 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-13 17:14 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-13 17:14 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-13 17:14 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-13 17:14 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-13 17:14 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-13 17:14 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-13 17:14 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-13 17:14 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-13 17:14 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-13 17:14 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-13 15:05 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-13 15:05 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-13 15:05 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-13 15:05 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-13 15:05 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-13 15:05 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-13 15:05 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-13 15:05 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-13 15:05 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-13 15:05 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-13 15:05 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-13 15:05 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-13 15:05 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-13 15:05 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-13 15:05 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-13 15:05 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-13 15:05 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-13 15:05 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-13 15:05 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-10 10:41 - 2013-06-10 10:41 - 00000000 ____D C:\Users\Bennet\Wii Scheiß
2013-06-09 20:46 - 2013-06-09 20:47 - 457849488 ____A C:\Users\Bennet\Documents\Kraven Manor (1).mkv
2013-06-02 22:49 - 2013-06-02 22:50 - 07602880 ____A C:\Users\Bennet\Downloads\avira_free3640_antivirus_de.exe.part
2013-06-01 19:38 - 2013-06-01 19:38 - 00000000 ____D C:\ProgramData\Codemasters
2013-05-31 15:25 - 2013-05-31 15:25 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-31 15:25 - 2013-05-31 15:25 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-31 15:25 - 2013-05-31 15:25 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-31 15:25 - 2013-05-31 15:25 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-31 15:25 - 2013-05-31 15:25 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-31 15:25 - 2013-05-31 15:25 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-31 15:25 - 2013-05-31 15:25 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-31 15:25 - 2013-05-31 15:25 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-31 15:25 - 2013-05-31 15:25 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-05-31 15:22 - 2013-05-31 15:22 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-31 15:21 - 2013-05-31 15:28 - 00010360 ____A C:\Windows\IE10_main.log
2013-05-29 19:16 - 2013-05-29 19:16 - 74618610 ____A C:\Users\Bennet\Documents\Vorstellvideo (1).mkv
2013-05-26 23:24 - 2013-05-26 23:24 - 00000000 ____D C:\Users\Bennet\AppData\Local\seancode
2013-05-26 21:09 - 2013-05-26 21:09 - 00000000 ____D C:\Program Files (x86)\Minutor
2013-05-26 21:08 - 2013-05-26 21:08 - 04440064 ____A C:\Users\Bennet\Downloads\minutor.msi
2013-05-26 15:04 - 2013-05-26 15:04 - 00252452 ____A C:\Users\Bennet\Downloads\[1.5.2]ReiMinimap_v3.3_06.zip
2013-05-26 14:18 - 2013-05-26 14:57 - 00000000 ____D C:\Users\Bennet\Downloads\Minecraft Enhanced v1.5.2 128x
==================== One Month Modified Files and Folders =======
2013-06-25 21:36 - 2013-06-25 21:36 - 00000000 ____D C:\FRST
2013-06-25 21:35 - 2013-06-25 21:35 - 01931854 ____A (Farbar) C:\Users\Bennet\Desktop\FRST64.exe
2013-06-25 21:35 - 2012-12-26 20:24 - 00000000 ____D C:\Users\Bennet\AppData\Roaming\Skype
2013-06-25 18:25 - 2012-12-26 20:21 - 00000000 ____D C:\Program Files (x86)\Steam
2013-06-25 15:06 - 2013-03-21 22:36 - 00000000 ____D C:\Users\Bennet\AppData\Local\ArmA 2 OA
2013-06-25 15:03 - 2013-01-03 17:23 - 00000000 ____D C:\Users\Bennet\AppData\Roaming\vlc
2013-06-25 13:28 - 2013-01-29 22:57 - 00000000 ____D C:\Users\Bennet\AppData\Local\LogMeIn Hamachi
2013-06-25 12:59 - 2009-07-14 06:51 - 00060048 ____A C:\Windows\setupact.log
2013-06-25 12:42 - 2013-01-10 19:06 - 00000000 ___RD C:\Users\Bennet\Dropbox
2013-06-25 12:42 - 2012-12-25 23:41 - 00000000 ____D C:\Users\Bennet\AppData\Roaming\Dropbox
2013-06-25 12:27 - 2009-07-14 06:45 - 00014608 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-25 12:27 - 2009-07-14 06:45 - 00014608 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-25 12:24 - 2012-12-26 18:24 - 02028865 ____A C:\Windows\WindowsUpdate.log
2013-06-25 12:24 - 2009-07-14 19:58 - 00698688 ____A C:\Windows\System32\perfh007.dat
2013-06-25 12:24 - 2009-07-14 19:58 - 00148828 ____A C:\Windows\System32\perfc007.dat
2013-06-25 12:24 - 2009-07-14 07:13 - 01618320 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-25 12:20 - 2012-12-26 19:33 - 00000000 ____D C:\ProgramData\NVIDIA
2013-06-25 12:20 - 2012-05-21 15:09 - 00001130 ____A C:\Windows\SysWOW64\bscs.ini
2013-06-25 12:20 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-25 00:49 - 2012-12-27 21:23 - 00000000 ____D C:\Users\Bennet\AppData\Roaming\.minecraft
2013-06-24 22:21 - 2013-06-24 13:40 - 00032357 ____A C:\Users\Bennet\Documents\Perundoliver.odt
2013-06-24 18:47 - 2012-12-27 14:47 - 00281688 ____A C:\Windows\SysWOW64\PnkBstrB.xtr
2013-06-24 18:47 - 2012-12-27 14:45 - 00281688 ____A C:\Windows\SysWOW64\PnkBstrB.exe
2013-06-24 18:14 - 2012-12-27 14:45 - 00291088 ____A C:\Windows\SysWOW64\PnkBstrB.ex0
2013-06-24 18:05 - 2013-01-19 00:33 - 00000000 ____D C:\Users\Bennet\Documents\FIFA 13
2013-06-24 17:06 - 2012-12-26 20:59 - 00000000 ____D C:\Program Files (x86)\Origin
2013-06-24 16:16 - 2013-06-24 15:37 - 00000000 ____D C:\Users\Bennet\FTB
2013-06-24 15:53 - 2012-12-27 18:30 - 00000000 ____D C:\Users\Bennet\.gimp-2.8
2013-06-24 15:52 - 2013-06-24 15:52 - 00019582 ____A C:\Users\Bennet\AppData\Local\recently-used.xbel
2013-06-24 15:51 - 2013-06-24 15:51 - 00000000 ____A C:\Users\Bennet\Downloads\server.log
2013-06-24 15:44 - 2012-12-27 20:49 - 00000000 ____D C:\Users\Bennet\AppData\Roaming\Audacity
2013-06-24 15:37 - 2013-06-24 15:35 - 00000000 ____D C:\Users\Bennet\AppData\Roaming\ftblauncher
2013-06-24 15:37 - 2012-12-26 18:31 - 00000000 ____D C:\users\Bennet
2013-06-24 15:34 - 2013-06-24 15:34 - 00510899 ____A () C:\Users\Bennet\Downloads\FTB_Launcher.exe
2013-06-24 13:42 - 2013-06-24 13:42 - 00000036 ____A C:\Users\Bennet\Documents\MagickaDSLS.avi.sfl
2013-06-24 13:42 - 2013-06-24 13:20 - 3926431232 ____A C:\Users\Bennet\Documents\MagickaDSLS.avi
2013-06-24 13:02 - 2013-06-24 13:02 - 01385294 ____A C:\Users\Bennet\Documents\EGL (1).mkv
2013-06-24 13:02 - 2012-12-27 19:28 - 00000000 ____D C:\Program Files (x86)\MeGUI_2237_x86
2013-06-24 01:36 - 2013-06-24 01:36 - 02414756 ____A C:\Users\Bennet\Documents\Auflös (1).mkv
2013-06-23 20:29 - 2013-06-23 20:29 - 22800753 ____A C:\Users\Bennet\Documents\MC (1).mkv
2013-06-22 20:12 - 2013-06-22 20:12 - 00000000 ____D C:\Users\Bennet\AppData\Roaming\OBS
2013-06-22 20:02 - 2013-06-22 20:02 - 00000935 ____A C:\Users\Bennet\Desktop\Open Broadcaster Software.lnk
2013-06-22 20:02 - 2013-06-22 20:02 - 00000000 ____D C:\Program Files (x86)\OBS
2013-06-22 01:59 - 2013-05-07 20:31 - 00005050 ____A C:\Windows\SysWOW64\LOCALSERVICE.INI
2013-06-21 16:09 - 2013-06-21 16:09 - 00000028 ____A C:\Users\Bennet\Documents\HG.avi.sfl
2013-06-21 16:09 - 2013-06-21 15:04 - 3613037056 ____A C:\Users\Bennet\Documents\HG.avi
2013-06-16 22:13 - 2012-12-26 21:37 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-06-16 22:12 - 2013-06-16 22:12 - 03820480 ____A C:\Users\Bennet\Downloads\battlelog-web-plugins_2.1.7_115.exe
2013-06-16 22:10 - 2012-12-26 21:04 - 00000000 ____D C:\Users\Bennet\AppData\Roaming\Origin
2013-06-16 22:10 - 2012-12-26 20:59 - 00000000 ____D C:\ProgramData\Origin
2013-06-16 21:16 - 2013-02-06 21:27 - 00000000 ____D C:\Program Files (x86)\osu!
2013-06-16 21:14 - 2012-12-26 21:04 - 00000000 ____D C:\Users\Bennet\AppData\Local\Origin
2013-06-16 21:05 - 2013-04-25 21:45 - 00010867 ____A C:\Users\Bennet\Documents\TombRaider.log
2013-06-16 16:16 - 2012-12-26 19:11 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-16 16:16 - 2012-12-26 19:11 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-15 19:25 - 2012-12-26 21:32 - 00317063 ____A C:\Windows\DirectX.log
2013-06-15 16:31 - 2013-06-15 16:31 - 00000036 ____A C:\Users\Bennet\Documents\Minecraft3.avi.sfl
2013-06-15 16:31 - 2013-06-15 16:19 - 630021120 ____A C:\Users\Bennet\Documents\Minecraft3.avi
2013-06-15 13:44 - 2013-05-18 22:59 - 00000000 ____D C:\Users\Bennet\Documents\Eigene Sprache
2013-06-14 16:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-14 15:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\NDF
2013-06-13 17:14 - 2013-01-08 00:04 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-10 10:41 - 2013-06-10 10:41 - 00000000 ____D C:\Users\Bennet\Wii Scheiß
2013-06-09 20:47 - 2013-06-09 20:46 - 457849488 ____A C:\Users\Bennet\Documents\Kraven Manor (1).mkv
2013-06-09 15:22 - 2013-05-07 20:39 - 00000244 ____A C:\Windows\SysWOW64\REMOTEDEVICE.INI
2013-06-09 15:22 - 2013-05-07 20:31 - 00000101 ____A C:\Windows\SysWOW64\LOCALDEVICE.INI
2013-06-08 16:08 - 2013-06-15 04:23 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-15 04:23 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-15 04:23 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-15 04:23 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-15 04:23 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 14:28 - 2013-06-15 04:23 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-15 04:23 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-15 04:23 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-15 04:23 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-15 04:23 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-15 04:23 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:13 - 2013-06-15 04:23 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-08 11:25 - 2013-01-26 14:13 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-06-08 11:25 - 2012-12-26 20:24 - 00000000 ____D C:\ProgramData\Skype
2013-06-08 01:03 - 2013-03-31 01:40 - 00000000 ____D C:\Users\Bennet\AppData\Roaming\foobar2000
2013-06-04 23:10 - 2012-12-28 01:45 - 00090624 __ASH C:\Users\Bennet\Thumbs.db
2013-06-03 15:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports
2013-06-03 15:35 - 2012-12-27 02:26 - 00198366 ____A C:\Windows\PFRO.log
2013-06-02 22:50 - 2013-06-02 22:49 - 07602880 ____A C:\Users\Bennet\Downloads\avira_free3640_antivirus_de.exe.part
2013-06-02 19:22 - 2012-07-03 21:44 - 00000000 ____D C:\Users\Bennet\Audiodaten
2013-06-01 19:38 - 2013-06-01 19:38 - 00000000 ____D C:\ProgramData\Codemasters
2013-06-01 19:38 - 2012-12-27 14:05 - 00000000 ____D C:\Users\Bennet\Documents\my games
2013-05-31 16:51 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-05-31 16:51 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-05-31 16:51 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\zh-HK
2013-05-31 16:51 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\tr-TR
2013-05-31 16:51 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-05-31 15:28 - 2013-05-31 15:21 - 00010360 ____A C:\Windows\IE10_main.log
2013-05-31 15:25 - 2013-05-31 15:25 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-31 15:25 - 2013-05-31 15:25 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-31 15:25 - 2013-05-31 15:25 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-31 15:25 - 2013-05-31 15:25 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-31 15:25 - 2013-05-31 15:25 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-31 15:25 - 2013-05-31 15:25 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-31 15:25 - 2013-05-31 15:25 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-31 15:25 - 2013-05-31 15:25 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-31 15:25 - 2013-05-31 15:25 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-05-31 15:22 - 2013-05-31 15:22 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-29 22:56 - 2012-12-26 21:46 - 01591896 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-05-29 19:16 - 2013-05-29 19:16 - 74618610 ____A C:\Users\Bennet\Documents\Vorstellvideo (1).mkv
2013-05-26 23:24 - 2013-05-26 23:24 - 00000000 ____D C:\Users\Bennet\AppData\Local\seancode
2013-05-26 21:09 - 2013-05-26 21:09 - 00000000 ____D C:\Program Files (x86)\Minutor
2013-05-26 21:08 - 2013-05-26 21:08 - 04440064 ____A C:\Users\Bennet\Downloads\minutor.msi
2013-05-26 15:04 - 2013-05-26 15:04 - 00252452 ____A C:\Users\Bennet\Downloads\[1.5.2]ReiMinimap_v3.3_06.zip
2013-05-26 14:57 - 2013-05-26 14:18 - 00000000 ____D C:\Users\Bennet\Downloads\Minecraft Enhanced v1.5.2 128x
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-06-25 13:46
==================== End Of Log ============================
--- --- --- Addition.txt: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-06-2013 01
Ran by Bennet at 2013-06-25 21:42:06
Running from C:\Users\Bennet\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe After Effects CS6 (x32 Version: 11)
Adobe AIR (x32 Version: 3.6.0.5970)
Adobe Download Assistant (x32 Version: 1.2.5)
Adobe Flash Player 11 ActiveX (x32 Version: 11.5.502.146)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Help Manager (x32 Version: 4.0.244)
Adobe Reader XI (11.0.01) - Deutsch (x32 Version: 11.0.01)
Alan Wake (x32)
Amazon MP3-Downloader 1.0.17 (x32 Version: 1.0.17)
Apple Application Support (x32 Version: 2.3)
Apple Software Update (x32 Version: 2.1.3.127)
applicationupdater (HKCU)
ArcSoft ShowBiz (x32 Version: )
Arma 2 (x32)
Arma 2: Operation Arrowhead (x32)
Arma 2: Operation Arrowhead Beta (x32)
Assassin's Creed ® III (x32 Version: 1.00)
Audacity 2.0.2 (x32 Version: 2.0.2)
Avira Free Antivirus (x32 Version: 13.0.0.3640)
AviSynth 2.5 (x32)
Battlefield 1942™ (x32 Version: 1.6.20.0)
Battlefield 3™ (x32 Version: 1.5.0.0)
Battlelog Web Plugins (x32 Version: 2.1.7)
BattlEye for OA Uninstall (x32)
BattlEye Uninstall (x32)
Blender (Version: 2.65a-release)
BlueSoleil 7.0.395.0 (Version: 7.0.395.0)
Browser Configuration Utility (x32 Version: 1.1.18.0)
Call of Juarez Gunslinger (x32)
Canon MP Navigator EX 3.0 (x32)
Canon MP270 series MP Drivers
Chivalry: Medieval Warfare (x32)
Cinema 4D version R12 (x32 Version: R12)
Crazybump (remove only) (x32)
Cry of Fear (x32)
Crysis 2 Maximum Edition (x32)
DayZ Commander (x32 Version: 0.92.69)
Dota 2 (x32)
Dropbox (HKCU Version: 2.0.22)
Dxtory version 2.0.120 (x32 Version: 2.0.120)
Electronic Arts Product Registration (x32 Version: 1.01.0000)
ESN Sonar (x32 Version: 0.70.4)
Far Cry 3 (x32 Version: 1.05)
FIFA 13 (x32 Version: 1.6.0.0)
FileZilla Client 3.6.0.2 (x32 Version: 3.6.0.2)
foobar2000 v1.2.4 (x32 Version: 1.2.4)
Fraps (remove only) (x32)
gamelauncher-ps2-psg (HKCU)
Gigabyte Raid Configurer (x32 Version: 1.00.0001)
GIMP 2.8.2 (Version: 2.8.2)
GRID 2 (x32)
Harry Potter II (x32)
Haunt 1.1 64bit (HKCU)
Hauppauge Device Central (x32 Version: 1.0.31010)
Intel(R) Rapid Storage Technology (x32 Version: 9.5.0.1037)
Java 7 Update 10 (64-bit) (Version: 7.0.100)
JDownloader 0.9 (x32 Version: 0.9)
JLC's Internet TV (x32)
Kraven Manor (HKCU Version: 1.0.0)
Lagarith Lossless Codec (1.3.27) (x32)
LIMBO (x32)
LMMS 0.4.13 (x32 Version: 0.4.13)
LogMeIn Hamachi (x32 Version: 2.1.0.294)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Games for Windows - LIVE (x32 Version: 3.1.186.0)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft XNA Framework Redistributable 3.1 (x32 Version: 3.1.10527.0)
Microsoft XNA Framework Redistributable 4.0 (x32 Version: 4.0.20823.0)
Minutor (x32 Version: 2.0.0)
MKVToolNix 6.2.0 (x32 Version: 6.2.0)
MotioninJoy DS3 driver version 0.6.0005 (Version: 0.6.0005)
Mozilla Firefox 21.0 (x86 de) (x32 Version: 21.0)
Mozilla Maintenance Service (x32 Version: 21.0)
MPC-HC 1.6.5.6366 (x32 Version: 1.6.5.6366)
MSI Afterburner 2.3.0 (x32 Version: 2.3.0)
MSU Screen Capture Lossless Codec v1.2 (Remove Only) (x32)
MSVCRT Redists (Version: 1.0)
MSVCRT Redists (x32 Version: 1.0)
No23 Recorder (x32 Version: 2.1.0.3)
Notepad++ (x32 Version: 6.3)
NVIDIA 3D Vision Controller-Treiber 310.70 (Version: 310.70)
NVIDIA 3D Vision Treiber 311.06 (Version: 311.06)
NVIDIA Grafiktreiber 311.06 (Version: 311.06)
NVIDIA HD-Audiotreiber 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.108.688)
NVIDIA PhysX (x32 Version: 9.12.1031)
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106)
NVIDIA Systemsteuerung 311.06 (Version: 311.06)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
ON_OFF Charge B10.0427.1 (x32 Version: 1.00.0001)
Open Broadcaster Software (x32)
OpenAL (x32)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
Origin (x32 Version: 9.1.3.2637)
osu! (x32 Version: 0.0.0.0)
PunkBuster Services (x32 Version: 0.991)
QuickTime (x32 Version: 7.73.80.64)
Realtek Ethernet Controller Driver For Windows 7 (x32 Version: 7.17.304.2010)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6077)
rgc:audio sfz VSTi v1.96 (x32)
RGSS-RTP Standard (x32 Version: 1.04)
RPG MAKER VX Ace (x32 Version: 1.01a)
RPG MAKER VX Ace RTP (x32 Version: 1.00)
RPG Maker XP (x32 Version: 1.04)
Shutdown Timer (Version: 3.3.4)
skate's Thumbnail Tool Version 1.1.2 (x32 Version: 1.1.2)
Skype™ 6.3 (x32 Version: 6.3.107)
Slender - The Arrival 1.0 (x32 Version: 1.0)
Steam (x32 Version: 1.0.0.0)
TeamSpeak 3 Client (Version: 3.0.6)
TeamViewer 8 (x32 Version: 8.0.17292)
The Walking Dead (x32)
The War Z version 1.0 (x32 Version: 1.0)
Tomb Raider (x32)
Unity Web Player (HKCU Version: )
Unreal Development Kit: 2012-10
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1)
Uplay (x32 Version: 2.0)
Vegas Pro 12.0 (64-bit) (Version: 12.0.486)
VLC media player 2.0.5 (Version: 2.0.5)
Vokabel Trainer 5 (x32)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Youtube Downloader HD v. 2.9.5 (x32)
yWriter5 (x32)
==================== Restore Points =========================
21-06-2013 23:59:10 Windows Update
==================== Scheduled Tasks (whitelisted) =============
==================== Faulty Device Manager Devices =============
Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (06/24/2013 05:08:07 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: fifa13.exe, Version: 1.8.0.0, Zeitstempel: 0x02af0040
Name des fehlerhaften Moduls: fifa13.exe, Version: 1.8.0.0, Zeitstempel: 0x02af0040
Ausnahmecode: 0xc0000005
Fehleroffset: 0x01f31c2a
ID des fehlerhaften Prozesses: 0x1054
Startzeit der fehlerhaften Anwendung: 0xfifa13.exe0
Pfad der fehlerhaften Anwendung: fifa13.exe1
Pfad des fehlerhaften Moduls: fifa13.exe2
Berichtskennung: fifa13.exe3
Error: (06/24/2013 04:24:19 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 21.0.0.4879, Zeitstempel: 0x518ec367
Name des fehlerhaften Moduls: mozalloc.dll, Version: 21.0.0.4879, Zeitstempel: 0x518eaa4a
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001988
ID des fehlerhaften Prozesses: 0xf54
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (06/20/2013 05:02:04 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Dropbox.exe, Version: 2.0.22.0, Zeitstempel: 0x515f37bb
Name des fehlerhaften Moduls: libcef.dll, Version: 1.1364.1123.0, Zeitstempel: 0x513530d7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0005fba7
ID des fehlerhaften Prozesses: 0xbdc
Startzeit der fehlerhaften Anwendung: 0xDropbox.exe0
Pfad der fehlerhaften Anwendung: Dropbox.exe1
Pfad des fehlerhaften Moduls: Dropbox.exe2
Berichtskennung: Dropbox.exe3
Error: (06/18/2013 00:34:08 AM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 21.0.0.4879 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 17b8
Startzeit: 01ce6baaac0d0dad
Endzeit: 31
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: 0426e5af-d79e-11e2-a639-1c6f6542c021
Error: (06/18/2013 00:33:20 AM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 21.0.0.4879 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1298
Startzeit: 01ce6b9d1f6950fa
Endzeit: 60
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: e73ba7d0-d79d-11e2-a639-1c6f6542c021
Error: (06/16/2013 11:14:53 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: taskhost.exe, Version: 6.1.7601.18010, Zeitstempel: 0x50aee9f3
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000012454
ID des fehlerhaften Prozesses: 0xdbc
Startzeit der fehlerhaften Anwendung: 0xtaskhost.exe0
Pfad der fehlerhaften Anwendung: taskhost.exe1
Pfad des fehlerhaften Moduls: taskhost.exe2
Berichtskennung: taskhost.exe3
Error: (06/16/2013 10:55:04 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7ae7f
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000012454
ID des fehlerhaften Prozesses: 0x154
Startzeit der fehlerhaften Anwendung: 0xwmpnetwk.exe0
Pfad der fehlerhaften Anwendung: wmpnetwk.exe1
Pfad des fehlerhaften Moduls: wmpnetwk.exe2
Berichtskennung: wmpnetwk.exe3
Error: (06/16/2013 10:51:17 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7ae7f
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000012454
ID des fehlerhaften Prozesses: 0x2c8
Startzeit der fehlerhaften Anwendung: 0xwmpnetwk.exe0
Pfad der fehlerhaften Anwendung: wmpnetwk.exe1
Pfad des fehlerhaften Moduls: wmpnetwk.exe2
Berichtskennung: wmpnetwk.exe3
Error: (06/16/2013 10:08:20 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: taskhost.exe, Version: 6.1.7601.18010, Zeitstempel: 0x50aee9f3
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000012454
ID des fehlerhaften Prozesses: 0x11d4
Startzeit der fehlerhaften Anwendung: 0xtaskhost.exe0
Pfad der fehlerhaften Anwendung: taskhost.exe1
Pfad des fehlerhaften Moduls: taskhost.exe2
Berichtskennung: taskhost.exe3
Error: (06/16/2013 09:06:54 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: taskhost.exe, Version: 6.1.7601.18010, Zeitstempel: 0x50aee9f3
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000012454
ID des fehlerhaften Prozesses: 0x70c
Startzeit der fehlerhaften Anwendung: 0xtaskhost.exe0
Pfad der fehlerhaften Anwendung: taskhost.exe1
Pfad des fehlerhaften Moduls: taskhost.exe2
Berichtskennung: taskhost.exe3
System errors:
=============
Error: (06/25/2013 09:36:44 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "JULES-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{2DA6C409-E1D0-4CEA-BABE-BBCD296743D5}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (06/25/2013 01:41:23 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "CEKDAR-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{2DA6C409-E1D0-4CEA-BABE-BBCD296743D5}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (06/24/2013 04:32:17 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "SHUKAICHI-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{2DA6C409-E1D0-4CEA-BABE-BBCD296743D5}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (06/24/2013 00:31:05 AM) (Source: BROWSER) (User: )
Description: Der Suchdienst konnte sich nicht selbst zur Funktion als Hauptsuchdienst heraufstufen.
Der Computer, der zurzeit die Funktion als Hauptsuchdienst erfüllt, ist unbekannt.
Error: (06/23/2013 07:32:03 PM) (Source: NetBT) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.33
registriert werden. Der Computer mit IP-Adresse 192.168.178.26 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (06/23/2013 03:57:03 PM) (Source: NetBT) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 25.241.34.205
registriert werden. Der Computer mit IP-Adresse 25.156.0.140 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (06/23/2013 02:08:28 PM) (Source: Microsoft-Windows-HAL) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.
Error: (06/23/2013 01:17:10 PM) (Source: DCOM) (User: )
Description: {005A3A96-BAC4-4B0A-94EA-C0CE100EA736}
Error: (06/22/2013 08:59:30 PM) (Source: BROWSER) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{2DA6C409-E1D0-4CEA-BABE-BBCD296743D5}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.
Error: (06/22/2013 06:15:20 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "JULES-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{2DA6C409-E1D0-4CEA-BABE-BBCD296743D5}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Microsoft Office Sessions:
=========================
Error: (06/24/2013 05:08:07 PM) (Source: Application Error)(User: )
Description: fifa13.exe1.8.0.002af0040fifa13.exe1.8.0.002af0040c000000501f31c2a105401ce70ec78bcc606C:\Program Files (x86)\Origin Games\FIFA 13\Game\fifa13.exeC:\Program Files (x86)\Origin Games\FIFA 13\Game\fifa13.exedf9b2d49-dcdf-11e2-ad97-1c6f6542c021
Error: (06/24/2013 04:24:19 PM) (Source: Application Error)(User: )
Description: plugin-container.exe21.0.0.4879518ec367mozalloc.dll21.0.0.4879518eaa4a8000000300001988f5401ce70cb1f820e8cC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllc136bb00-dcd9-11e2-ad97-1c6f6542c021
Error: (06/20/2013 05:02:04 PM) (Source: Application Error)(User: )
Description: Dropbox.exe2.0.22.0515f37bblibcef.dll1.1364.1123.0513530d7c00000050005fba7bdc01ce6dc70a343650C:\Users\Bennet\AppData\Roaming\Dropbox\bin\Dropbox.exeC:\Users\Bennet\AppData\Roaming\Dropbox\bin\libcef.dll5d82e94c-d9ba-11e2-a8e9-1c6f6542c021
Error: (06/18/2013 00:34:08 AM) (Source: Application Hang)(User: )
Description: firefox.exe21.0.0.487917b801ce6baaac0d0dad31C:\Program Files (x86)\Mozilla Firefox\firefox.exe0426e5af-d79e-11e2-a639-1c6f6542c021
Error: (06/18/2013 00:33:20 AM) (Source: Application Hang)(User: )
Description: firefox.exe21.0.0.4879129801ce6b9d1f6950fa60C:\Program Files (x86)\Mozilla Firefox\firefox.exee73ba7d0-d79d-11e2-a639-1c6f6542c021
Error: (06/16/2013 11:14:53 PM) (Source: Application Error)(User: )
Description: taskhost.exe6.1.7601.1801050aee9f3msvcrt.dll7.0.7601.177444eeb033fc00000050000000000012454dbc01ce6ad68a47eea7C:\Windows\system32\taskhost.exeC:\Windows\system32\msvcrt.dllc94c07e8-d6c9-11e2-9494-1c6f6542c021
Error: (06/16/2013 10:55:04 PM) (Source: Application Error)(User: )
Description: wmpnetwk.exe12.0.7601.175144ce7ae7fmsvcrt.dll7.0.7601.177444eeb033fc0000005000000000001245415401ce6ad3c619fe54C:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\msvcrt.dll04264674-d6c7-11e2-9494-1c6f6542c021
Error: (06/16/2013 10:51:17 PM) (Source: Application Error)(User: )
Description: wmpnetwk.exe12.0.7601.175144ce7ae7fmsvcrt.dll7.0.7601.177444eeb033fc000000500000000000124542c801ce6ad33c2fb6bdC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\msvcrt.dll7d52c051-d6c6-11e2-9494-1c6f6542c021
Error: (06/16/2013 10:08:20 PM) (Source: Application Error)(User: )
Description: taskhost.exe6.1.7601.1801050aee9f3msvcrt.dll7.0.7601.177444eeb033fc0000005000000000001245411d401ce6acd3eb770c4C:\Windows\system32\taskhost.exeC:\Windows\system32\msvcrt.dll7d4c969a-d6c0-11e2-9494-1c6f6542c021
Error: (06/16/2013 09:06:54 PM) (Source: Application Error)(User: )
Description: taskhost.exe6.1.7601.1801050aee9f3msvcrt.dll7.0.7601.177444eeb033fc0000005000000000001245470c01ce6ac4a9843905C:\Windows\system32\taskhost.exeC:\Windows\system32\msvcrt.dlle849a646-d6b7-11e2-9494-1c6f6542c021
==================== Memory info ===========================
Percentage of memory in use: 55%
Total physical RAM: 4087.48 MB
Available physical RAM: 1809.97 MB
Total Pagefile: 8173.15 MB
Available Pagefile: 5634.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:104.15 GB) NTFS (Disk=0 Partition=2)
Drive i: (FreeAgent GoFlex Drive) (Fixed) (Total:931.51 GB) (Free:254.44 GB) NTFS (Disk=5 Partition=1)
Drive j: (Elements) (Fixed) (Total:931.51 GB) (Free:87.03 GB) NTFS (Disk=6 Partition=1)
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 13FD8C27)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
========================================================
Disk: 5 (Size: 932 GB) (Disk ID: A4B57300)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
========================================================
Disk: 6 (MBR Code: Windows XP) (Size: 932 GB) (Disk ID: 0002846E)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
26.06.2013, 08:33
| #4 | |
| /// the machine /// TB-Ausbilder | Battle.net Phishing Mail, Link geklickt, aber nichts eingegebenCombofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
26.06.2013, 15:07
| #5 |
| | Battle.net Phishing Mail, Link geklickt, aber nichts eingegebenCode:
ATTFilter ComboFix 13-06-25.01 - Bennet 26.06.2013 15:49:01.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4087.2339 [GMT 2:00]
ausgeführt von:: c:\users\Bennet\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Bennet\AppData\Local\lame_enc.dll
c:\users\Bennet\AppData\Local\no23xwrapper.dll
c:\users\Bennet\AppData\Local\ogg.dll
c:\users\Bennet\AppData\Local\vorbis.dll
c:\users\Bennet\AppData\Local\vorbisenc.dll
c:\users\Bennet\AppData\Local\vorbisfile.dll
c:\windows\SysWow64\frapsvid.dll
I:\install.exe
J:\autorun.inf
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-05-26 bis 2013-06-26 ))))))))))))))))))))))))))))))
.
.
2013-06-25 19:36 . 2013-06-25 19:36 -------- d-----w- C:\FRST
2013-06-24 13:37 . 2013-06-24 14:16 -------- d-----w- c:\users\Bennet\FTB
2013-06-24 13:35 . 2013-06-24 13:37 -------- d-----w- c:\users\Bennet\AppData\Roaming\ftblauncher
2013-06-22 18:12 . 2013-06-22 18:12 -------- d-----w- c:\users\Bennet\AppData\Roaming\OBS
2013-06-22 18:02 . 2013-06-22 18:02 -------- d-----w- c:\program files (x86)\OBS
2013-06-13 15:14 . 2013-05-17 01:25 257536 ----a-w- c:\program files (x86)\Internet Explorer\ieproxy.dll
2013-06-13 13:05 . 2013-05-08 06:39 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-06-10 08:41 . 2013-06-10 08:41 -------- d-----w- c:\users\Bennet\Wii Scheiß
2013-06-01 17:38 . 2013-06-01 17:38 -------- d-----w- c:\programdata\Codemasters
2013-05-31 13:22 . 2013-05-31 13:22 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-24 16:47 . 2012-12-27 12:47 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-06-24 16:47 . 2012-12-27 12:45 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-06-24 16:14 . 2012-12-27 12:45 291088 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-06-16 14:16 . 2012-12-26 17:11 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-16 14:16 . 2012-12-26 17:11 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-13 15:14 . 2013-01-07 22:04 75825640 ----a-w- c:\windows\system32\MRT.exe
2013-05-11 22:00 . 2009-08-18 10:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2013-05-11 22:00 . 2009-08-18 09:24 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-07 17:04 . 2013-05-07 17:05 83160 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-04-13 05:49 . 2013-05-15 21:15 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 21:15 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 21:15 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 21:15 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 21:15 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 21:15 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 16:51 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 06:01 . 2013-05-15 21:15 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-15 21:15 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-15 21:15 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-03-30 09:49 . 2013-03-30 09:49 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-03-30 09:49 . 2013-03-30 09:49 130016 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-03-30 09:49 . 2013-03-30 09:49 100712 ----a-w- c:\windows\system32\drivers\avgntflt.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Bennet\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Bennet\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Bennet\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Dxtory Update Checker 2.0"="c:\program files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe" [2010-10-17 93696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-10-15 375000]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-10-02 284696]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-01-19 43632]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-05-07 345312]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"BtTray"="c:\program files (x86)\IVT Corporation\BlueSoleil\BtTray.exe" [2012-05-28 368726]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-12-10 2254768]
.
c:\users\Bennet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Bennet\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
Hauppauge Device Central Tray Tool.lnk - c:\program files (x86)\Hauppauge\DeviceCentral\HcwDCTrayTool.exe [2013-2-7 480592]
OpenOffice.org 3.4.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 HcwDevCentralService;HcwDevCentralService;c:\progra~2\HAUPPA~1\DEVICE~1\HCWDEV~1.EXE;c:\progra~2\HAUPPA~1\DEVICE~1\HCWDEV~1.EXE [x]
R3 hcwE5bda;Hauppauge Siena Video Capture;c:\windows\system32\drivers\hcwE5bda.sys;c:\windows\SYSNATIVE\drivers\hcwE5bda.sys [x]
R3 hcwhdpvr;Hauppauge HD PVR Capture Device;c:\windows\system32\DRIVERS\hcwhdpvr.sys;c:\windows\SYSNATIVE\DRIVERS\hcwhdpvr.sys [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys;c:\windows\SYSNATIVE\Drivers\BtHidBus.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 JMB36X;JMB36X;c:\windows\SysWOW64\XSrvSetup.exe;c:\windows\SysWOW64\XSrvSetup.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys;c:\windows\SYSNATIVE\DRIVERS\btcomport.sys [x]
S3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys;c:\windows\SYSNATIVE\Drivers\btcombus.sys [x]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys;c:\windows\SYSNATIVE\Drivers\btnetBus.sys [x]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys;c:\windows\SYSNATIVE\Drivers\IvtBtBus.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-26 10135584]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
FF - ProfilePath - c:\users\Bennet\AppData\Roaming\Mozilla\Firefox\Profiles\hyhzhfn3.default\
FF - prefs.js: browser.search.selectedEngine - WEB.DE Suche
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-06-15 16:20; {5C655500-E712-41e7-9349-CE462F844B19}; c:\users\Bennet\AppData\Roaming\Mozilla\Firefox\Profiles\hyhzhfn3.default\extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-ArcSoft Connection Service - c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-BattlEye for A2 - c:\program files (x86)\Steam\steamapps\common\Arma 2BattlEye\UnInstallBE.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-PlanetSide 2 PSG - c:\users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 PSG\Uninstaller.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1714841237-758113091-283662254-1001\Software\SecuROM\License information*]
"datasecu"=hex:19,77,a0,13,12,52,d6,1c,d4,9e,62,5f,29,70,87,cc,b2,5d,da,41,dc,
fe,a6,c2,cc,96,8b,a8,4c,23,b7,2e,64,31,35,c3,cb,4e,d2,2c,dc,d9,f3,e3,61,be,\
"rkeysecu"=hex:5d,e8,d3,9c,10,fa,5f,f5,56,74,42,91,eb,ba,a5,0d
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-06-26 15:59:37
ComboFix-quarantined-files.txt 2013-06-26 13:59
.
Vor Suchlauf: 13 Verzeichnis(se), 111.526.010.880 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 134.772.396.032 Bytes frei
.
- - End Of File - - C2D338ECAED52136CC09D03DD1AF3F58
D41D8CD98F00B204E9800998ECF8427E
|
|
26.06.2013, 17:11
| #6 |
| /// the machine /// TB-Ausbilder | Battle.net Phishing Mail, Link geklickt, aber nichts eingegeben Nee passt Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST Log bitte. Noch Probleme?
__________________ --> Battle.net Phishing Mail, Link geklickt, aber nichts eingegeben |
|
26.06.2013, 23:24
| #7 |
| | Battle.net Phishing Mail, Link geklickt, aber nichts eingegeben AdwCleaner: Code:
ATTFilter # AdwCleaner v2.303 - Datei am 27/06/2013 um 00:16:16 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Bennet - BENNET-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Bennet\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
Gestoppt & Gelöscht : BCUService
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Users\Bennet\AppData\Roaming\Mozilla\Firefox\Profiles\hyhzhfn3.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\Bennet\AppData\Roaming\Mozilla\Firefox\Profiles\hyhzhfn3.default\searchplugins\11-suche.xml
Ordner Gelöscht : C:\Program Files (x86)\DeviceVM
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\DeviceVM
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{77AA6435-2488-4A94-9FE5-49519DD2ED9B}
Schlüssel Gelöscht : HKLM\Software\DeviceVM
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [BCU]
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16611
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v21.0 (de)
Datei : C:\Users\Bennet\AppData\Roaming\Mozilla\Firefox\Profiles\hyhzhfn3.default\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [1720 octets] - [27/06/2013 00:16:16]
########## EOF - C:\AdwCleaner[S1].txt - [1780 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Bennet on 27.06.2013 at 0:24:51,67
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Bennet\AppData\Roaming\mozilla\firefox\profiles\hyhzhfn3.default\minidumps [217 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27.06.2013 at 0:27:52,13
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Geändert von nubili (26.06.2013 um 23:29 Uhr) |
|
27.06.2013, 08:12
| #8 |
| /// the machine /// TB-Ausbilder | Battle.net Phishing Mail, Link geklickt, aber nichts eingegeben Nein bitte neuen Post machen dann
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.06.2013, 11:02
| #9 |
| | Battle.net Phishing Mail, Link geklickt, aber nichts eingegeben ESET: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=1f7808a4c50c464f92da11f478564c23
# engine=14165
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-06-27 01:29:03
# local_time=2013-06-27 03:29:03 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 96 20569 237719833 0 0
# compatibility_mode=5893 16776574 100 94 8419969 123926393 0 0
# scanned=387004
# found=0
# cleaned=0
# scan_time=10379
Code:
ATTFilter Results of screen317's Security Check version 0.99.68
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Adobe Flash Player 11.7.700.224
Adobe Reader XI
Mozilla Firefox 21.0 Firefox out of Date!
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-06-2013 02
Ran by Bennet (administrator) on 27-06-2013 11:59:50
Running from C:\Users\Bennet\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Hauppauge Computer Works, Inc.) C:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDCTrayTool.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe
(Hauppauge Computer Works, Inc.) C:\PROGRA~2\HAUPPA~1\DEVICE~1\HCWDEV~1.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [10135584 2010-03-26] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [446392 2012-04-04] (Adobe Systems Incorporated)
HKCU\...\Run: [Dxtory Update Checker 2.0] C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-10-02] (Intel Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()
HKLM-x32\...\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-06-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [BtTray] "C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe" [368726 2012-05-28] (IVT Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start [2254768 2012-12-10] (LogMeIn Inc.)
Startup: C:\Users\Bennet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Bennet\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Bennet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hauppauge Device Central Tray Tool.lnk
ShortcutTarget: Hauppauge Device Central Tray Tool.lnk -> C:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDCTrayTool.exe (Hauppauge Computer Works, Inc.)
Startup: C:\Users\Bennet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKCU - {8B566A3D-A49C-4c04-B82D-A2FB32EB8EBA} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Bennet\AppData\Roaming\Mozilla\Firefox\Profiles\hyhzhfn3.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF SelectedSearchEngine: WEB.DE Suche
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.10.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.10.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: BYTubeD - Bulk YouTube video Downloader - C:\Users\Bennet\AppData\Roaming\Mozilla\Firefox\Profiles\hyhzhfn3.default\Extensions\bytubed@cs213.cse.iitk.ac.in
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\Bennet\AppData\Roaming\Mozilla\Firefox\Profiles\hyhzhfn3.default\Extensions\ich@maltegoetz.de
FF Extension: toolbar - C:\Users\Bennet\AppData\Roaming\Mozilla\Firefox\Profiles\hyhzhfn3.default\Extensions\toolbar@web.de.xpi
FF Extension: No Name - C:\Users\Bennet\AppData\Roaming\Mozilla\Firefox\Profiles\hyhzhfn3.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi
FF Extension: No Name - C:\Users\Bennet\AppData\Roaming\Mozilla\Firefox\Profiles\hyhzhfn3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Bennet\AppData\Roaming\Mozilla\Firefox\Profiles\hyhzhfn3.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-27] (Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-06-08] ()
R2 BlueSoleilCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [1082880 2012-05-31] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe [199680 2012-05-21] (IVT Corporation)
R3 HcwDevCentralService; C:\PROGRA~2\HAUPPA~1\DEVICE~1\HCWDEV~1.EXE [381264 2013-01-09] (Hauppauge Computer Works, Inc.)
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-19] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-02-04] ()
S2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [x]
==================== Drivers (Whitelisted) ====================
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-27] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-30] (Avira Operations GmbH & Co. KG)
S3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [22240 2011-12-21] (IVT Corporation.)
S3 BTCOM; C:\Windows\System32\DRIVERS\btcomport.sys [29576 2011-07-27] (IVT Corporation.)
R3 BTCOMBUS; C:\Windows\System32\Drivers\btcombus.sys [25352 2011-07-27] (IVT Corporation.)
S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [43616 2011-12-27] (IVT Corporation.)
R0 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [25056 2011-12-21] (IVT Corporation.)
R3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [31968 2011-12-21] (IVT Corporation.)
S3 hcwE5bda; C:\Windows\System32\drivers\hcwE5bda.sys [792320 2013-01-07] (Hauppauge Computer Work, Inc.)
S3 hcwhdpvr; C:\Windows\System32\DRIVERS\hcwhdpvr.sys [189952 2010-06-23] (Hauppauge, Inc.)
R3 IvtBtBUs; C:\Windows\System32\Drivers\IvtBtBus.sys [27016 2010-04-06] (IVT Corporation.)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 VHidMinidrv; C:\Windows\System32\drivers\VHIDMini.sys [18952 2011-07-27] (IVT Corporation.)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 gdrv; \??\C:\Windows\gdrv.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-06-27 11:58 - 2013-06-27 11:58 - 01931940 ____A (Farbar) C:\Users\Bennet\Desktop\FRST64.exe
2013-06-27 00:34 - 2013-06-27 00:35 - 00890988 ____A C:\Users\Bennet\Desktop\SecurityCheck.exe
2013-06-27 00:30 - 2013-06-27 00:30 - 02347384 ____A (ESET) C:\Users\Bennet\Desktop\esetsmartinstaller_enu.exe
2013-06-27 00:27 - 2013-06-27 00:27 - 00000760 ____A C:\Users\Bennet\Desktop\JRT.txt
2013-06-27 00:24 - 2013-06-27 00:24 - 00000000 ____D C:\Windows\ERUNT
2013-06-27 00:23 - 2013-06-27 00:23 - 00000000 ____D C:\JRT
2013-06-27 00:21 - 2013-06-27 00:21 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Bennet\Desktop\JRT.exe
2013-06-27 00:16 - 2013-06-27 00:16 - 00001847 ____A C:\AdwCleaner[S1].txt
2013-06-27 00:15 - 2013-06-27 00:15 - 00648201 ____A C:\Users\Bennet\Desktop\adwcleaner.exe
2013-06-26 15:59 - 2013-06-26 15:59 - 00018114 ____A C:\ComboFix.txt
2013-06-26 15:46 - 2013-06-26 15:59 - 00000000 ___AD C:\Qoobox
2013-06-26 15:46 - 2013-06-26 15:58 - 00000000 ____D C:\Windows\erdnt
2013-06-26 15:46 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2013-06-26 15:46 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2013-06-26 15:46 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-06-26 15:46 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-06-26 15:46 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-06-26 15:46 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2013-06-26 15:46 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2013-06-26 15:46 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2013-06-26 15:43 - 2013-06-26 15:43 - 05082915 ____R (Swearware) C:\Users\Bennet\Desktop\ComboFix.exe
2013-06-25 21:36 - 2013-06-25 21:36 - 00000000 ____D C:\FRST
2013-06-24 15:52 - 2013-06-24 15:52 - 00019582 ____A C:\Users\Bennet\AppData\Local\recently-used.xbel
2013-06-24 15:51 - 2013-06-24 15:51 - 00000000 ____A C:\Users\Bennet\Downloads\server.log
2013-06-24 15:37 - 2013-06-24 16:16 - 00000000 ____D C:\Users\Bennet\FTB
2013-06-24 15:35 - 2013-06-24 15:37 - 00000000 ____D C:\Users\Bennet\AppData\Roaming\ftblauncher
2013-06-24 15:34 - 2013-06-24 15:34 - 00510899 ____A () C:\Users\Bennet\Downloads\FTB_Launcher.exe
2013-06-24 13:42 - 2013-06-24 13:42 - 00000036 ____A C:\Users\Bennet\Documents\MagickaDSLS.avi.sfl
2013-06-24 13:40 - 2013-06-24 22:21 - 00032357 ____A C:\Users\Bennet\Documents\Perundoliver.odt
2013-06-24 13:20 - 2013-06-24 13:42 - 3926431232 ____A C:\Users\Bennet\Documents\MagickaDSLS.avi
2013-06-24 13:02 - 2013-06-24 13:02 - 01385294 ____A C:\Users\Bennet\Documents\EGL (1).mkv
2013-06-24 01:36 - 2013-06-24 01:36 - 02414756 ____A C:\Users\Bennet\Documents\Auflös (1).mkv
2013-06-23 20:29 - 2013-06-23 20:29 - 22800753 ____A C:\Users\Bennet\Documents\MC (1).mkv
2013-06-22 20:12 - 2013-06-22 20:12 - 00000000 ____D C:\Users\Bennet\AppData\Roaming\OBS
2013-06-22 20:02 - 2013-06-22 20:02 - 00000935 ____A C:\Users\Bennet\Desktop\Open Broadcaster Software.lnk
2013-06-22 20:02 - 2013-06-22 20:02 - 00000000 ____D C:\Program Files (x86)\OBS
2013-06-21 16:09 - 2013-06-21 16:09 - 00000028 ____A C:\Users\Bennet\Documents\HG.avi.sfl
2013-06-21 15:04 - 2013-06-21 16:09 - 3613037056 ____A C:\Users\Bennet\Documents\HG.avi
2013-06-16 22:12 - 2013-06-16 22:12 - 03820480 ____A C:\Users\Bennet\Downloads\battlelog-web-plugins_2.1.7_115.exe
2013-06-15 16:31 - 2013-06-15 16:31 - 00000036 ____A C:\Users\Bennet\Documents\Minecraft3.avi.sfl
2013-06-15 16:19 - 2013-06-15 16:31 - 630021120 ____A C:\Users\Bennet\Documents\Minecraft3.avi
2013-06-15 04:23 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-15 04:23 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-15 04:23 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-15 04:23 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-15 04:23 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-15 04:23 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-15 04:23 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-15 04:23 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-15 04:23 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-15 04:23 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-15 04:23 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-15 04:23 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-13 17:14 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-13 17:14 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-13 17:14 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-13 17:14 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-13 17:14 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-13 17:14 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-13 17:14 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-13 17:14 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-13 17:14 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-13 17:14 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-13 17:14 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-13 17:14 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-13 17:14 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-13 17:14 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-13 17:14 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-13 17:14 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-13 17:14 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-13 17:14 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-13 17:14 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-13 15:05 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-13 15:05 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-13 15:05 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-13 15:05 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-13 15:05 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-13 15:05 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-13 15:05 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-13 15:05 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-13 15:05 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-13 15:05 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-13 15:05 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-13 15:05 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-13 15:05 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-13 15:05 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-13 15:05 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-13 15:05 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-13 15:05 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-13 15:05 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-13 15:05 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-10 10:41 - 2013-06-10 10:41 - 00000000 ____D C:\Users\Bennet\Wii Scheiß
2013-06-09 20:46 - 2013-06-09 20:47 - 457849488 ____A C:\Users\Bennet\Documents\Kraven Manor (1).mkv
2013-06-02 22:49 - 2013-06-02 22:50 - 07602880 ____A C:\Users\Bennet\Downloads\avira_free3640_antivirus_de.exe.part
2013-06-01 19:38 - 2013-06-01 19:38 - 00000000 ____D C:\ProgramData\Codemasters
2013-05-31 15:25 - 2013-05-31 15:25 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-31 15:25 - 2013-05-31 15:25 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-31 15:25 - 2013-05-31 15:25 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-31 15:25 - 2013-05-31 15:25 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-31 15:25 - 2013-05-31 15:25 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-31 15:25 - 2013-05-31 15:25 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-31 15:25 - 2013-05-31 15:25 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-31 15:25 - 2013-05-31 15:25 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-31 15:25 - 2013-05-31 15:25 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-05-31 15:22 - 2013-05-31 15:22 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-31 15:21 - 2013-05-31 15:28 - 00010360 ____A C:\Windows\IE10_main.log
2013-05-29 19:16 - 2013-05-29 19:16 - 74618610 ____A C:\Users\Bennet\Documents\Vorstellvideo (1).mkv
==================== One Month Modified Files and Folders =======
2013-06-27 11:58 - 2013-06-27 11:58 - 01931940 ____A (Farbar) C:\Users\Bennet\Desktop\FRST64.exe
2013-06-27 11:51 - 2009-07-14 06:45 - 00014608 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-27 11:51 - 2009-07-14 06:45 - 00014608 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-27 11:48 - 2009-07-14 19:58 - 00698688 ____A C:\Windows\System32\perfh007.dat
2013-06-27 11:48 - 2009-07-14 19:58 - 00148828 ____A C:\Windows\System32\perfc007.dat
2013-06-27 11:48 - 2009-07-14 07:13 - 01618320 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-27 11:47 - 2012-12-26 18:24 - 02056710 ____A C:\Windows\WindowsUpdate.log
2013-06-27 11:46 - 2013-05-07 19:05 - 00083672 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avnetflt.sys
2013-06-27 11:45 - 2013-01-10 19:06 - 00000000 ___RD C:\Users\Bennet\Dropbox
2013-06-27 11:45 - 2012-12-25 23:41 - 00000000 ____D C:\Users\Bennet\AppData\Roaming\Dropbox
2013-06-27 11:44 - 2013-01-29 22:57 - 00000000 ____D C:\Users\Bennet\AppData\Local\LogMeIn Hamachi
2013-06-27 11:43 - 2012-12-26 19:33 - 00000000 ____D C:\ProgramData\NVIDIA
2013-06-27 11:43 - 2012-05-21 15:09 - 00001130 ____A C:\Windows\SysWOW64\bscs.ini
2013-06-27 11:43 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-27 11:43 - 2009-07-14 06:51 - 00060272 ____A C:\Windows\setupact.log
2013-06-27 04:10 - 2013-05-07 20:31 - 00005050 ____A C:\Windows\SysWOW64\LOCALSERVICE.INI
2013-06-27 00:35 - 2013-06-27 00:34 - 00890988 ____A C:\Users\Bennet\Desktop\SecurityCheck.exe
2013-06-27 00:30 - 2013-06-27 00:30 - 02347384 ____A (ESET) C:\Users\Bennet\Desktop\esetsmartinstaller_enu.exe
2013-06-27 00:27 - 2013-06-27 00:27 - 00000760 ____A C:\Users\Bennet\Desktop\JRT.txt
2013-06-27 00:24 - 2013-06-27 00:24 - 00000000 ____D C:\Windows\ERUNT
2013-06-27 00:23 - 2013-06-27 00:23 - 00000000 ____D C:\JRT
2013-06-27 00:21 - 2013-06-27 00:21 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Bennet\Desktop\JRT.exe
2013-06-27 00:18 - 2012-12-27 02:26 - 00198912 ____A C:\Windows\PFRO.log
2013-06-27 00:16 - 2013-06-27 00:16 - 00001847 ____A C:\AdwCleaner[S1].txt
2013-06-27 00:15 - 2013-06-27 00:15 - 00648201 ____A C:\Users\Bennet\Desktop\adwcleaner.exe
2013-06-27 00:14 - 2012-12-26 20:24 - 00000000 ____D C:\Users\Bennet\AppData\Roaming\Skype
2013-06-26 23:44 - 2012-12-27 21:23 - 00000000 ____D C:\Users\Bennet\AppData\Roaming\.minecraft
2013-06-26 22:24 - 2012-12-27 14:47 - 00291088 ____A C:\Windows\SysWOW64\PnkBstrB.xtr
2013-06-26 22:24 - 2012-12-27 14:45 - 00291088 ____A C:\Windows\SysWOW64\PnkBstrB.exe
2013-06-26 22:24 - 2012-12-27 14:45 - 00280904 ____A C:\Windows\SysWOW64\PnkBstrB.ex0
2013-06-26 22:16 - 2013-01-03 17:23 - 00000000 ____D C:\Users\Bennet\AppData\Roaming\vlc
2013-06-26 22:14 - 2012-12-26 20:59 - 00000000 ____D C:\Program Files (x86)\Origin
2013-06-26 15:59 - 2013-06-26 15:59 - 00018114 ____A C:\ComboFix.txt
2013-06-26 15:59 - 2013-06-26 15:46 - 00000000 ___AD C:\Qoobox
2013-06-26 15:59 - 2009-07-14 05:20 - 00000000 __RHD C:\users\Default
2013-06-26 15:58 - 2013-06-26 15:46 - 00000000 ____D C:\Windows\erdnt
2013-06-26 15:57 - 2009-07-14 04:34 - 00000215 ____A C:\Windows\system.ini
2013-06-26 15:43 - 2013-06-26 15:43 - 05082915 ____R (Swearware) C:\Users\Bennet\Desktop\ComboFix.exe
2013-06-25 23:24 - 2012-12-27 20:49 - 00000000 ____D C:\Users\Bennet\AppData\Roaming\Audacity
2013-06-25 21:36 - 2013-06-25 21:36 - 00000000 ____D C:\FRST
2013-06-25 18:25 - 2012-12-26 20:21 - 00000000 ____D C:\Program Files (x86)\Steam
2013-06-25 15:06 - 2013-03-21 22:36 - 00000000 ____D C:\Users\Bennet\AppData\Local\ArmA 2 OA
2013-06-24 22:21 - 2013-06-24 13:40 - 00032357 ____A C:\Users\Bennet\Documents\Perundoliver.odt
2013-06-24 18:05 - 2013-01-19 00:33 - 00000000 ____D C:\Users\Bennet\Documents\FIFA 13
2013-06-24 16:16 - 2013-06-24 15:37 - 00000000 ____D C:\Users\Bennet\FTB
2013-06-24 15:53 - 2012-12-27 18:30 - 00000000 ____D C:\Users\Bennet\.gimp-2.8
2013-06-24 15:52 - 2013-06-24 15:52 - 00019582 ____A C:\Users\Bennet\AppData\Local\recently-used.xbel
2013-06-24 15:51 - 2013-06-24 15:51 - 00000000 ____A C:\Users\Bennet\Downloads\server.log
2013-06-24 15:37 - 2013-06-24 15:35 - 00000000 ____D C:\Users\Bennet\AppData\Roaming\ftblauncher
2013-06-24 15:37 - 2012-12-26 18:31 - 00000000 ____D C:\users\Bennet
2013-06-24 15:34 - 2013-06-24 15:34 - 00510899 ____A () C:\Users\Bennet\Downloads\FTB_Launcher.exe
2013-06-24 13:42 - 2013-06-24 13:42 - 00000036 ____A C:\Users\Bennet\Documents\MagickaDSLS.avi.sfl
2013-06-24 13:42 - 2013-06-24 13:20 - 3926431232 ____A C:\Users\Bennet\Documents\MagickaDSLS.avi
2013-06-24 13:02 - 2013-06-24 13:02 - 01385294 ____A C:\Users\Bennet\Documents\EGL (1).mkv
2013-06-24 13:02 - 2012-12-27 19:28 - 00000000 ____D C:\Program Files (x86)\MeGUI_2237_x86
2013-06-24 01:36 - 2013-06-24 01:36 - 02414756 ____A C:\Users\Bennet\Documents\Auflös (1).mkv
2013-06-23 20:29 - 2013-06-23 20:29 - 22800753 ____A C:\Users\Bennet\Documents\MC (1).mkv
2013-06-22 20:12 - 2013-06-22 20:12 - 00000000 ____D C:\Users\Bennet\AppData\Roaming\OBS
2013-06-22 20:02 - 2013-06-22 20:02 - 00000935 ____A C:\Users\Bennet\Desktop\Open Broadcaster Software.lnk
2013-06-22 20:02 - 2013-06-22 20:02 - 00000000 ____D C:\Program Files (x86)\OBS
2013-06-21 16:09 - 2013-06-21 16:09 - 00000028 ____A C:\Users\Bennet\Documents\HG.avi.sfl
2013-06-21 16:09 - 2013-06-21 15:04 - 3613037056 ____A C:\Users\Bennet\Documents\HG.avi
2013-06-16 22:13 - 2012-12-26 21:37 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-06-16 22:12 - 2013-06-16 22:12 - 03820480 ____A C:\Users\Bennet\Downloads\battlelog-web-plugins_2.1.7_115.exe
2013-06-16 22:10 - 2012-12-26 21:04 - 00000000 ____D C:\Users\Bennet\AppData\Roaming\Origin
2013-06-16 22:10 - 2012-12-26 20:59 - 00000000 ____D C:\ProgramData\Origin
2013-06-16 21:16 - 2013-02-06 21:27 - 00000000 ____D C:\Program Files (x86)\osu!
2013-06-16 21:14 - 2012-12-26 21:04 - 00000000 ____D C:\Users\Bennet\AppData\Local\Origin
2013-06-16 21:05 - 2013-04-25 21:45 - 00010867 ____A C:\Users\Bennet\Documents\TombRaider.log
2013-06-16 16:16 - 2012-12-26 19:11 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-16 16:16 - 2012-12-26 19:11 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-15 19:25 - 2012-12-26 21:32 - 00317063 ____A C:\Windows\DirectX.log
2013-06-15 16:31 - 2013-06-15 16:31 - 00000036 ____A C:\Users\Bennet\Documents\Minecraft3.avi.sfl
2013-06-15 16:31 - 2013-06-15 16:19 - 630021120 ____A C:\Users\Bennet\Documents\Minecraft3.avi
2013-06-15 13:44 - 2013-05-18 22:59 - 00000000 ____D C:\Users\Bennet\Documents\Eigene Sprache
2013-06-14 16:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-14 15:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\NDF
2013-06-13 17:14 - 2013-01-08 00:04 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-10 10:41 - 2013-06-10 10:41 - 00000000 ____D C:\Users\Bennet\Wii Scheiß
2013-06-09 20:47 - 2013-06-09 20:46 - 457849488 ____A C:\Users\Bennet\Documents\Kraven Manor (1).mkv
2013-06-09 15:22 - 2013-05-07 20:39 - 00000244 ____A C:\Windows\SysWOW64\REMOTEDEVICE.INI
2013-06-09 15:22 - 2013-05-07 20:31 - 00000101 ____A C:\Windows\SysWOW64\LOCALDEVICE.INI
2013-06-08 16:08 - 2013-06-15 04:23 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-15 04:23 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-15 04:23 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-15 04:23 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-15 04:23 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 14:28 - 2013-06-15 04:23 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-15 04:23 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-15 04:23 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-15 04:23 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-15 04:23 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-15 04:23 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:13 - 2013-06-15 04:23 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-08 11:25 - 2013-01-26 14:13 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-06-08 11:25 - 2012-12-26 20:24 - 00000000 ____D C:\ProgramData\Skype
2013-06-08 01:03 - 2013-03-31 01:40 - 00000000 ____D C:\Users\Bennet\AppData\Roaming\foobar2000
2013-06-04 23:10 - 2012-12-28 01:45 - 00090624 __ASH C:\Users\Bennet\Thumbs.db
2013-06-03 15:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports
2013-06-02 22:50 - 2013-06-02 22:49 - 07602880 ____A C:\Users\Bennet\Downloads\avira_free3640_antivirus_de.exe.part
2013-06-02 19:22 - 2012-07-03 21:44 - 00000000 ____D C:\Users\Bennet\Audiodaten
2013-06-01 19:38 - 2013-06-01 19:38 - 00000000 ____D C:\ProgramData\Codemasters
2013-06-01 19:38 - 2012-12-27 14:05 - 00000000 ____D C:\Users\Bennet\Documents\my games
2013-05-31 16:51 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-05-31 16:51 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-05-31 16:51 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\zh-HK
2013-05-31 16:51 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\tr-TR
2013-05-31 16:51 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-05-31 15:28 - 2013-05-31 15:21 - 00010360 ____A C:\Windows\IE10_main.log
2013-05-31 15:25 - 2013-05-31 15:25 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-31 15:25 - 2013-05-31 15:25 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-31 15:25 - 2013-05-31 15:25 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-31 15:25 - 2013-05-31 15:25 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-31 15:25 - 2013-05-31 15:25 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-31 15:25 - 2013-05-31 15:25 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-31 15:25 - 2013-05-31 15:25 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-31 15:25 - 2013-05-31 15:25 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-31 15:25 - 2013-05-31 15:25 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-31 15:25 - 2013-05-31 15:25 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-31 15:25 - 2013-05-31 15:25 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-05-31 15:22 - 2013-05-31 15:22 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-31 15:22 - 2013-05-31 15:22 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-29 22:56 - 2012-12-26 21:46 - 01591896 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-05-29 19:16 - 2013-05-29 19:16 - 74618610 ____A C:\Users\Bennet\Documents\Vorstellvideo (1).mkv
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-06-25 13:46
==================== End Of Log ============================
--- --- --- |
|
27.06.2013, 11:21
| #10 |
| /// the machine /// TB-Ausbilder | Battle.net Phishing Mail, Link geklickt, aber nichts eingegeben Firefox bitte updaten. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.06.2013, 13:49
| #11 |
| | Battle.net Phishing Mail, Link geklickt, aber nichts eingegeben Hab ich schon gemacht, als ich es gesehen hab. xD Was mich ja nur stutzig machte, war die Mail von Blizzard, dass ungewöhnliches Zugriffsverhalten registriert wurde, ohne dass ich mein Passwort eingegeben hab. Ich wusste es ja selbst nicht mehr ^^. |
|
27.06.2013, 14:01
| #12 |
| /// the machine /// TB-Ausbilder | Battle.net Phishing Mail, Link geklickt, aber nichts eingegeben Spieleaccount? Die werden oft online gehackt.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.06.2013, 15:08
| #13 |
| | Battle.net Phishing Mail, Link geklickt, aber nichts eingegeben Gut, den Account hab ich wie gesagt, sowieso nicht mehr benutzt. Aber ich muss mir jetzt keine Sorgen machen, dass die andere Accounts, die mit meiner E-Mail Adresse angemeldet sind auch übernehmen? |
|
27.06.2013, 16:18
| #14 |
| /// the machine /// TB-Ausbilder | Battle.net Phishing Mail, Link geklickt, aber nichts eingegeben Passwörter ändern und gut is Die Reihenfolge ist hier entscheidend.
Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Battle.net Phishing Mail, Link geklickt, aber nichts eingegeben |
| bat, battle.net, benachrichtigungen, besitzer, computer, deutsch, dienst, ebenfalls, einfach, einloggen, erkannt, klicke, kostenlose, link, link geklickt, mail, mails, nicht mehr, nichts, passwort, passwörter, phishing, phishing mail, probleme, reaktivieren, schreibfehler, seite, seiten, service, thema, verändert, zugang, ändern |
Linear-Darstellung
