![]() |
Plagegeister aller Art und deren Bekämpfung: 1und1 Telekom Phishing mail Anhang heruntergeladen und Exe ausgeführtWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
![]() |
![]() | #1 |
| ![]() 1und1 Telekom Phishing mail Anhang heruntergeladen und Exe ausgeführt Hallo. Habe leider eine Phishing mail von 1und1 Telekom GmbH erhalten. Darin war ein download link zu meiner angeblichen Rechnung. Den habe ich angeklickt und eine ZIP Datei runtergeladen. Darin war eine exe die ich ausgeführt habe. Als ich das gemacht hab, ist aber nichts weiter passiert, also wurde ich stutzig und habe bei 1und1 angerufen. Die meinten dass irgendjemand über deren Email Adresse eine Phishing Mail an ihre Kunden versendet. Habe bereits Avast und HerdProtect durchlaufen lassen. Es wurde jedoch nichts gefunden. Hab dennoch ein komisches Gefühl dabei und denke dass die Virenscanner vielleicht was übersehen haben könnten. Gibt es noch irgendwas was ich tun kann bevor ich meine Festplatten formatiere und Windows neu aufsetzen muss? Danke an alle Gruß FRST.txt FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2014 03 Ran by Lars (administrator) on LARS-PC on 16-01-2014 19:10:49 Running from C:\Users\Lars\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (AMD) C:\Windows\System32\atiesrxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe () C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe () H:\Fanatec\FWPnpService.exe (Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe (AMD) C:\Windows\System32\atieclxx.exe () H:\Programme\Core Temp\Core Temp.exe () H:\MSI Afterburner\MSIAfterburner.exe (Beepa P/L) C:\Fraps\fraps.exe (Google Inc.) C:\Program Files (x86)\Google\Update\\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\\GoogleCrashHandler64.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe (Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe () C:\Windows\SysWOW64\HsMgr.exe () C:\Windows\system\HsMgr64.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe () H:\Programme\FanaLEDs\FanaLEDs.exe (CMedia) C:\Program Files\ASUS Xonar DG Audio\Customapp\AsusAudioCenter.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe (Microsoft Corporation) C:\Windows\System32\StikyNot.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Nullsoft, Inc.) H:\Winamp\winamp.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Comodo Security Solutions, Inc.) C:\Program Files\COMODO\GeekBuddy\unit_manager.exe (CPUID) H:\Programme\CPUID\HWMonitor\HWMonitor.exe (Comodo Security Solutions, Inc.) C:\Program Files\COMODO\GeekBuddy\unit.exe (Mozilla Corporation) H:\Programme\Aurora\firefox.exe (Mozilla Corporation) H:\Programme\Aurora\plugin-container.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe (Beepa P/L) C:\Fraps\fraps64.dat (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe () C:\Users\Lars\AppData\Roaming\KB01244067.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.) HKLM\...\Run: [ProfilerU] - C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek) HKLM\...\Run: [SaiMfd] - C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek) HKLM\...\Run: [Cmaudio8788] - C:\Windows\Syswow64\cmicnfgp.dll [12935168 2012-11-20] (C-Media Corporation) HKLM\...\Run: [Cmaudio8788GX] - C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] () HKLM\...\Run: [Cmaudio8788GX64] - C:\Windows\system\HsMgr64.exe [282112 2008-07-11] () HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1612504 2013-11-11] (COMODO) HKLM-x32\...\Run: [AVMWlanClient] - C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin) HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-12-12] (AVAST Software) HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.) HKCU\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3551576 2013-12-12] (Electronic Arts) HKCU\...\Run: [FanaLEDs] - H:\Programme\FanaLEDs\FanaLEDs.exe [809472 2013-11-28] () HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.) HKCU\...\Run: [Gyazo] - C:\Program Files (x86)\Gyazo\GyStation.exe [2990304 2013-10-30] (Nota Inc.) HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation) MountPoints2: {4fa3ff77-6306-11e3-80fe-806e6f6e6963} - D:\Autorun.exe MountPoints2: {ec3f3463-6308-11e3-a95d-9889144f6a00} - E:\pushinst.exe Startup: C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6DBEA31099FACE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) Tcpip\Parameters: [DhcpNameServer] FireFox: ======== FF ProfilePath: C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\vc6otye9.default FF Homepage: https://translate.google.de/?hl=de&tab=wT FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll () FF Plugin: @videolan.org/vlc,version=2.1.1 - H:\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll () FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - H:\Programme\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - H:\Programme\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF Extension: YouTube Unblocker - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\vc6otye9.default\Extensions\youtubeunblocker@unblocker.yt [2014-01-16] FF Extension: Adblock Plus - C:\Users\Lars\AppData\Roaming\Mozilla\Firefox\Profiles\vc6otye9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-12] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-12] FF StartMenuInternet: FIREFOX.EXE - H:\Programme\Aurora\firefox.exe Chrome: ======= CHR RestoreOnStartup: "hxxp://battlelog.battlefield.com/bf4/" CHR Extension: (Google Docs) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 [2013-12-17] CHR Extension: (Google Drive) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 [2013-12-17] CHR Extension: (YouTube) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 [2013-12-17] CHR Extension: (Google Search) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\ [2013-12-17] CHR Extension: (avast! Online Security) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_0 [2013-12-17] CHR Extension: (Google Wallet) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\ [2013-12-17] CHR Extension: (Gmail) - C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 [2013-12-17] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-12-12] ==================== Services (Whitelisted) ================= S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-12-31] (Adobe Systems) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-12] (AVAST Software) R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70352 2013-12-13] (Comodo Security Solutions, Inc.) R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6254152 2013-10-20] (COMODO) R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [164056 2013-09-24] (COMODO) R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2098880 2014-01-08] () R2 FWPnpService; H:\Fanatec\FWPnpService.exe [200704 2013-11-15] () R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2013-12-13] (Comodo Security Solutions, Inc.) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-12-12] () ==================== Drivers (Whitelisted) ==================== R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices) R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-12-12] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-12-12] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-12] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-12] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-12-12] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-12-12] (AVAST Software) R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-12-12] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-12-12] () S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin) R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [37976 2013-05-07] (Windows (R) Win 7 DDK provider) R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2013-09-24] (COMODO) R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [709144 2013-11-14] (COMODO) R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [48872 2013-09-24] (COMODO) R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2734080 2013-04-11] (C-Media Inc) S3 FanatecWheelFilterUsb; C:\Windows\System32\DRIVERS\FWFilterUsb.sys [68272 2013-11-21] (Endor AG) R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH) R3 FWVirtualInputDevice; C:\Windows\System32\DRIVERS\FWVirtualInputDevice.sys [26288 2013-11-21] (Endor AG) R1 HMD; C:\Windows\System32\DRIVERS\hmd.sys [14888 2013-10-07] () R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [96800 2013-09-24] (COMODO) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] () R3 RTCore64; H:\MSI Afterburner\RTCore64.sys [13368 2013-01-23] () R3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [40696 2013-09-18] (Windows (R) Win 7 DDK provider) R3 SaiK0ccf; C:\Windows\System32\DRIVERS\SaiK0ccf.sys [180544 2012-09-20] (Saitek) R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek) R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek) R3 SaiU0CCF; C:\Windows\System32\DRIVERS\SaiU0CCF.sys [47168 2012-09-20] (Saitek) R3 ALSysIO; \??\C:\Users\Lars\AppData\Local\Temp\ALSysIO64.sys [x] R3 cpuz136; \??\C:\Users\Lars\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-16 19:10 - 2014-01-16 19:11 - 00015908 _____ C:\Users\Lars\Downloads\FRST.txt 2014-01-16 19:10 - 2014-01-16 19:10 - 00000000 ____D C:\FRST 2014-01-16 19:09 - 2014-01-16 19:09 - 02076160 _____ (Farbar) C:\Users\Lars\Downloads\FRST64.exe 2014-01-16 18:50 - 2014-01-16 18:50 - 00000000 ____D C:\Program Files\Reason 2014-01-16 18:49 - 2014-01-16 18:49 - 01934752 _____ (Reason Company Software Inc.) C:\Users\Lars\Downloads\herdProtectScan_Setup.exe 2014-01-15 14:07 - 2014-01-15 14:07 - 00000869 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk 2014-01-15 14:07 - 2014-01-15 14:07 - 00000000 ____D C:\Program Files\CPUID 2014-01-15 14:06 - 2014-01-15 14:06 - 01466824 _____ ( ) C:\Users\Lars\Downloads\cpu-z_1.68-setup-en.exe 2014-01-15 13:49 - 2014-01-15 13:49 - 00000436 _____ C:\Windows\PFRO.log 2014-01-15 13:18 - 2014-01-15 13:18 - 684848682 _____ C:\Windows\MEMORY.DMP 2014-01-15 13:18 - 2014-01-15 13:18 - 00275888 _____ C:\Windows\Minidump\011514-29203-01.dmp 2014-01-15 11:57 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2014-01-15 11:57 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2014-01-15 11:57 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2014-01-15 11:57 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2014-01-15 11:57 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2014-01-15 11:57 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2014-01-15 11:57 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2014-01-15 11:57 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2014-01-15 11:57 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-01-15 11:47 - 2013-08-16 13:56 - 00216064 _____ C:\Windows\SysWOW64\gcapi_dll.dll 2014-01-13 16:56 - 2014-01-13 16:56 - 00000000 ____D C:\Users\Lars\AppData\Local\DriveBeamEditor 2014-01-13 13:05 - 2014-01-13 14:35 - 00000000 ____D C:\Users\Lars\Desktop\Prime95 2014-01-13 12:26 - 2014-01-16 18:02 - 00269032 _____ C:\Windows\system32\FNTCACHE.DAT 2014-01-12 12:30 - 2014-01-16 18:02 - 00000392 _____ C:\Windows\setupact.log 2014-01-12 12:30 - 2014-01-12 12:30 - 00000000 _____ C:\Windows\setuperr.log 2014-01-11 11:34 - 2014-01-11 11:34 - 00000205 _____ C:\Users\Lars\Desktop\Dota 2.url 2014-01-10 16:04 - 2014-01-10 16:04 - 00001305 _____ C:\Users\Lars\Desktop\Movie Maker.lnk 2014-01-10 16:04 - 2014-01-10 16:04 - 00000000 ____D C:\Windows\de 2014-01-10 16:03 - 2014-01-10 16:03 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2014-01-10 16:02 - 2014-01-10 16:03 - 00000000 ____D C:\Program Files (x86)\Windows Live 2014-01-10 16:02 - 2014-01-10 16:02 - 00000000 ____D C:\Windows\PCHEALTH 2014-01-10 16:00 - 2014-01-10 16:00 - 00000358 _____ C:\Windows\DirectX.log 2014-01-10 15:58 - 2014-01-10 16:04 - 00000000 ____D C:\Users\Lars\AppData\Local\Windows Live 2014-01-10 15:58 - 2014-01-10 15:58 - 01245168 _____ (Microsoft Corporation) C:\Users\Lars\Downloads\wlsetup-web.exe 2014-01-10 13:46 - 2014-01-10 13:46 - 00000000 ____D C:\Users\Lars\.MCTranscodingSDK 2014-01-10 13:45 - 2014-01-10 13:46 - 00000000 ____D C:\Users\Public\Documents\Lightworks 2014-01-10 13:45 - 2014-01-10 13:45 - 00000000 ____D C:\ProgramData\Geevs 2014-01-10 13:34 - 2014-01-10 13:41 - 77255136 _____ (Lightworks) C:\Users\Lars\Downloads\lightworks_v11.1.1_full_64bit_setup.exe 2014-01-10 11:49 - 2014-01-10 11:49 - 00058480 _____ C:\Users\Lars\AppData\Local\GDIPFONTCACHEV1.DAT 2014-01-10 10:57 - 2014-01-10 10:57 - 00000208 _____ C:\Users\Lars\Desktop\DayZ.url 2014-01-09 16:49 - 2014-01-09 16:49 - 00048392 _____ (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll 2014-01-09 12:54 - 2014-01-09 12:54 - 00001085 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk 2014-01-09 12:54 - 2014-01-09 12:54 - 00000000 ____D C:\Users\Lars\AppData\Roaming\DVDVideoSoft 2014-01-09 12:53 - 2014-01-09 12:53 - 34008992 _____ (DVDVideoSoft Ltd. ) C:\Users\Lars\Downloads\FreeYouTubeToMP3Converter- 2014-01-08 17:51 - 2014-01-10 11:02 - 00000000 ____D C:\Users\Lars\AppData\Local\DayZ 2014-01-08 17:51 - 2014-01-08 17:51 - 00000000 ____D C:\Users\Lars\Documents\DayZ 2014-01-07 18:08 - 2014-01-07 18:08 - 00002126 _____ C:\Users\Lars\AppData\Local\recently-used.xbel 2014-01-07 17:54 - 2014-01-07 17:54 - 00001438 _____ C:\Users\Lars\Desktop\gimp-2.8.lnk 2014-01-06 20:23 - 2014-01-06 20:23 - 00000000 ____D C:\ProgramData\ATI 2014-01-06 20:22 - 2014-01-06 20:22 - 00060993 _____ C:\Windows\SysWOW64\CCCInstall_201401062022333033.log 2014-01-06 20:22 - 2014-01-06 20:22 - 00000000 ____D C:\Program Files (x86)\AMD AVT 2014-01-06 20:02 - 2014-01-06 20:07 - 212753896 _____ (Advanced Micro Devices, Inc.) C:\Users\Lars\Downloads\13-12_win7_win8_64_dd_ccc_whql.exe 2014-01-04 18:29 - 2014-01-10 16:37 - 00000000 ____D C:\Users\Lars\AppData\Roaming\HandBrake 2014-01-04 18:28 - 2014-01-10 16:50 - 00000000 ____D C:\Users\Lars\AppData\Roaming\vlc 2014-01-04 18:28 - 2014-01-04 18:28 - 00000492 _____ C:\Users\Public\Desktop\VLC media player.lnk 2014-01-04 18:27 - 2014-01-04 18:27 - 23679700 _____ C:\Users\Lars\Downloads\vlc-2.1.1-win64.exe 2014-01-04 18:26 - 2014-01-04 18:26 - 14298467 _____ C:\Users\Lars\Downloads\HandBrake-0.9.9-1_x86_64-Win_GUI.exe 2014-01-04 18:26 - 2014-01-04 18:26 - 00000552 _____ C:\Users\Lars\Desktop\Handbrake.lnk 2014-01-04 18:26 - 2014-01-04 18:26 - 00000000 ____D C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake 2014-01-04 18:17 - 2014-01-04 18:17 - 00000562 _____ C:\Users\Public\Desktop\Fraps.lnk 2014-01-04 18:15 - 2014-01-05 17:34 - 00000000 ____D C:\Users\Lars\AppData\Roaming\uTorrent 2014-01-04 17:15 - 2014-01-04 17:15 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2014-01-04 17:10 - 2014-01-04 17:13 - 00151552 _____ C:\Windows\SysWOW64\nvRegDev.dll 2014-01-04 17:10 - 2014-01-04 17:13 - 00061440 _____ C:\Windows\SysWOW64\nvPhotoshopUtil.dll 2014-01-04 17:10 - 2014-01-04 17:13 - 00040960 _____ C:\Windows\SysWOW64\nvISWOW64.dll 2014-01-04 17:10 - 2014-01-04 17:10 - 18518646 _____ (InstallShield Software Corporation) C:\Users\Lars\Downloads\Photoshop_Plugins_x64_8.55.0109.1800.exe 2014-01-04 12:04 - 2014-01-04 12:05 - 00000000 ____D C:\Users\Lars\AppData\Roaming\FreePIE 2014-01-04 12:02 - 2014-01-04 12:02 - 07667712 _____ C:\Users\Lars\Downloads\FreePIE.1.4.433.0.msi 2014-01-01 17:53 - 2014-01-01 17:53 - 00000000 ____D C:\Users\Lars\LuminanceHDR 2014-01-01 17:47 - 2014-01-01 17:52 - 18865556 _____ (Luminance HDR Dev Team ) C:\Users\Lars\Downloads\Luminance-HDR-x64-SETUP-v2.3.1.exe 2014-01-01 17:23 - 2014-01-01 17:23 - 00355840 _____ C:\Users\Lars\Desktop\AutoHDR2.1.5.exe 2013-12-31 15:57 - 2013-12-31 15:57 - 00000000 ____D C:\Users\Lars\Documents\Updater 2013-12-31 14:31 - 2013-12-31 14:31 - 00000000 ____D C:\Users\Public\Documents\Adobe PDF 2013-12-31 14:30 - 2013-12-31 14:32 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-12-31 14:30 - 2013-12-31 14:30 - 00000000 ____D C:\ProgramData\Adobe 2013-12-31 14:19 - 2013-12-31 14:25 - 375232764 _____ (Adobe Systems Inc. ) C:\Users\Lars\Downloads\PS_CS2_Gr_NonRet.exe 2013-12-31 11:47 - 2013-12-31 11:47 - 00003138 _____ C:\Windows\System32\Tasks\{53915D6F-2154-48C2-BB66-09F92850669A} 2013-12-30 20:17 - 2014-01-15 13:18 - 00000000 ____D C:\Windows\Minidump 2013-12-28 16:47 - 2013-12-28 16:47 - 00000000 ____D C:\Users\Lars\Documents\Rockstar Games 2013-12-28 16:45 - 2013-12-28 16:45 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll 2013-12-28 16:42 - 2013-12-28 16:42 - 00000000 ____D C:\Windows\SysWOW64\xlive 2013-12-28 16:42 - 2013-12-28 16:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE 2013-12-28 16:40 - 2013-12-28 16:40 - 00000988 _____ C:\Users\Public\Desktop\Grand Theft Auto IV.lnk 2013-12-28 16:14 - 2014-01-04 17:12 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-12-28 16:09 - 2013-12-28 16:09 - 00000000 __SHD C:\ProgramData\SecuROM 2013-12-28 16:07 - 2013-12-28 17:02 - 00000000 ____D C:\Users\Lars\AppData\Local\Rockstar Games 2013-12-28 16:05 - 2013-12-28 16:05 - 00000000 __RHD C:\Users\Lars\AppData\Roaming\SecuROM 2013-12-28 14:12 - 2013-12-28 14:12 - 00000603 _____ C:\Users\Lars\Desktop\MSI Kombustor 2.5.lnk 2013-12-28 14:12 - 2013-12-28 14:12 - 00000000 ___HD C:\Windows\msdownld.tmp 2013-12-28 14:12 - 2013-12-28 14:12 - 00000000 ____D C:\Windows\SysWOW64\directx 2013-12-28 14:11 - 2013-12-28 14:11 - 00000597 _____ C:\Users\Lars\Desktop\MSI Afterburner.lnk 2013-12-28 14:11 - 2013-12-28 14:11 - 00000000 ____D C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner 2013-12-27 17:05 - 2014-01-16 18:58 - 00021372 _____ C:\Windows\system32\Drivers\fvstore.dat 2013-12-27 17:05 - 2013-12-27 17:05 - 00000000 ___HD C:\VTRoot 2013-12-27 16:24 - 2013-12-27 16:24 - 00010152 _____ C:\Users\Lars\Downloads\pickup_engine_jet.jbeam 2013-12-25 18:09 - 2013-12-30 14:46 - 00000000 ____D C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BeamNG.drive 2013-12-23 11:46 - 2013-12-23 11:46 - 00005187 _____ C:\Users\Lars\Downloads\cameras_6.ini 2013-12-22 14:53 - 2013-12-22 14:53 - 00000000 ____D C:\Users\Lars\.thumbnails 2013-12-22 14:50 - 2014-01-07 18:11 - 00000000 ____D C:\Users\Lars\.gimp-2.8 2013-12-22 14:50 - 2013-12-26 13:49 - 00000926 _____ C:\Users\Lars\Desktop\GIMP 2.lnk 2013-12-22 14:50 - 2013-12-22 14:50 - 00000000 ____D C:\Users\Lars\AppData\Local\gegl-0.2 2013-12-22 14:48 - 2013-12-22 14:49 - 00000000 ____D C:\Program Files\GIMP 2 2013-12-22 14:44 - 2013-12-22 14:46 - 90396104 _____ (The GIMP Team ) C:\Users\Lars\Downloads\gimp-2.8.10-setup.exe 2013-12-21 14:45 - 2013-12-21 14:46 - 00000000 ____D C:\Users\Lars\AppData\Local\PAYDAY 2013-12-21 12:02 - 2013-12-21 12:02 - 00000208 _____ C:\Users\Lars\Desktop\Assetto Corsa.url 2013-12-20 18:27 - 2013-12-20 18:27 - 00000982 _____ C:\Users\Public\Desktop\Gyazo.lnk 2013-12-20 18:27 - 2013-12-20 18:27 - 00000000 ____D C:\Program Files (x86)\Gyazo 2013-12-20 12:04 - 2013-12-20 12:04 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2013-12-20 12:04 - 2013-12-20 12:04 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2013-12-20 11:34 - 2014-01-11 11:34 - 00000000 ____D C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2013-12-20 10:10 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-12-20 10:10 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-12-20 10:10 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2013-12-20 10:10 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-12-20 10:10 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2013-12-20 10:10 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-12-20 10:10 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-12-20 10:10 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-12-20 10:10 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-12-20 10:10 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-12-20 10:10 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-12-20 10:10 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2013-12-20 10:10 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2013-12-20 10:10 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-12-20 10:10 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-12-20 10:10 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-12-20 10:10 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-12-20 10:10 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2013-12-20 10:10 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-12-20 10:10 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2013-12-20 10:10 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-12-20 10:10 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-12-20 10:09 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-12-20 10:09 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-12-20 10:09 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-12-20 10:09 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-12-20 10:09 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-12-20 10:09 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-12-20 10:09 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-12-20 10:09 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-12-20 10:09 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-12-19 17:38 - 2013-12-19 17:38 - 06013024 _____ (Nota Inc. ) C:\Users\Lars\Downloads\GyazoSetup.exe 2013-12-18 12:41 - 2014-01-13 12:38 - 00002978 _____ C:\Windows\System32\Tasks\MSIAfterburner 2013-12-18 12:40 - 2013-12-18 12:40 - 00002720 _____ C:\Windows\System32\Tasks\Core Temp Autostart Lars 2013-12-18 12:25 - 2013-12-18 12:25 - 00000963 _____ C:\Users\Lars\Desktop\TechPowerUp GPU-Z.lnk 2013-12-18 12:25 - 2013-12-18 12:25 - 00000000 ____D C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z 2013-12-18 12:25 - 2013-12-18 12:25 - 00000000 ____D C:\Program Files (x86)\GPU-Z 2013-12-18 10:46 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2013-12-18 10:46 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2013-12-18 10:46 - 2013-04-17 08:02 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2013-12-18 10:46 - 2013-04-17 07:24 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2013-12-18 10:46 - 2012-02-11 07:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe 2013-12-18 10:46 - 2012-02-11 07:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe 2013-12-18 10:46 - 2011-02-25 07:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2013-12-18 10:46 - 2011-02-25 06:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2013-12-18 10:37 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE 2013-12-18 10:27 - 2013-12-18 10:27 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-12-18 10:27 - 2013-12-18 10:27 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2013-12-18 10:27 - 2013-12-18 10:27 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2013-12-18 10:27 - 2013-12-18 10:27 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-12-18 10:27 - 2013-12-18 10:27 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-12-18 10:27 - 2013-12-18 10:27 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-12-18 10:27 - 2013-12-18 10:27 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-12-18 10:27 - 2013-12-18 10:27 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-12-18 10:27 - 2013-12-18 10:27 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-12-18 10:27 - 2013-12-18 10:27 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-12-18 10:27 - 2013-12-18 10:27 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-12-18 10:27 - 2013-12-18 10:27 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2013-12-18 10:27 - 2013-12-18 10:27 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-12-18 10:27 - 2013-12-18 10:27 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-12-18 10:27 - 2013-12-18 10:27 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-12-18 10:27 - 2013-12-18 10:27 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-12-18 10:27 - 2013-12-18 10:27 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-12-18 10:27 - 2013-12-18 10:27 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-12-18 10:27 - 2013-12-18 10:27 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-12-18 10:27 - 2013-12-18 10:27 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-12-18 10:27 - 2013-12-18 10:27 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-12-18 10:27 - 2013-12-18 10:27 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-12-18 10:27 - 2013-12-18 10:27 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-12-18 10:27 - 2013-12-18 10:27 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-12-18 10:27 - 2013-12-18 10:27 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-12-18 10:27 - 2013-12-18 10:27 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-12-18 10:27 - 2013-12-18 10:27 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-12-18 10:27 - 2013-12-18 10:27 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-12-18 10:27 - 2013-12-18 10:27 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-12-18 10:27 - 2013-12-18 10:27 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-12-18 10:27 - 2013-12-18 10:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2013-12-18 10:27 - 2013-12-18 10:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-12-18 10:27 - 2013-12-18 10:27 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-12-18 10:27 - 2013-12-18 10:27 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2013-12-18 10:27 - 2013-12-18 10:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-12-18 10:27 - 2013-12-18 10:27 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-12-18 10:27 - 2013-12-18 10:27 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-12-18 10:27 - 2013-12-18 10:27 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2013-12-18 10:27 - 2013-12-18 10:27 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-12-18 10:27 - 2013-12-18 10:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-12-18 10:27 - 2013-12-18 10:27 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-12-18 10:27 - 2013-12-18 10:27 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-12-18 10:26 - 2013-12-18 10:26 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2013-12-18 10:26 - 2013-12-18 10:26 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2013-12-18 10:26 - 2013-12-18 10:26 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-12-18 10:26 - 2013-12-18 10:26 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-12-18 10:26 - 2013-12-18 10:26 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2013-12-18 10:26 - 2013-12-18 10:26 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-12-18 10:26 - 2013-12-18 10:26 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2013-12-18 10:26 - 2013-12-18 10:26 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2013-12-18 10:26 - 2013-12-18 10:26 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2013-12-18 10:26 - 2013-12-18 10:26 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2013-12-18 10:26 - 2013-12-18 10:26 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2013-12-18 10:26 - 2013-12-18 10:26 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2013-12-18 10:26 - 2013-12-18 10:26 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2013-12-18 10:26 - 2013-12-18 10:26 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2013-12-18 10:26 - 2013-12-18 10:26 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2013-12-18 10:26 - 2013-12-18 10:26 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2013-12-18 10:26 - 2013-12-18 10:26 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2013-12-18 10:26 - 2013-12-18 10:26 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2013-12-18 10:26 - 2013-12-18 10:26 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2013-12-18 10:26 - 2013-12-18 10:26 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-12-18 10:26 - 2013-12-18 10:26 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2013-12-18 10:26 - 2013-12-18 10:26 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2013-12-18 10:26 - 2013-12-18 10:26 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-12-18 10:26 - 2013-12-18 10:26 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-12-18 10:26 - 2013-12-18 10:26 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2013-12-18 10:26 - 2013-12-18 10:26 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2013-12-18 10:26 - 2013-12-18 10:26 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2013-12-18 10:26 - 2013-12-18 10:26 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2013-12-18 10:26 - 2013-12-18 10:26 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2013-12-18 10:26 - 2013-12-18 10:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2013-12-18 10:26 - 2013-12-18 10:26 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2013-12-18 10:26 - 2013-12-18 10:26 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2013-12-18 10:26 - 2013-12-18 10:26 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2013-12-18 10:26 - 2013-12-18 10:26 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2013-12-18 10:26 - 2013-12-18 10:26 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2013-12-17 17:33 - 2013-12-17 17:33 - 03821064 _____ C:\Users\Lars\Downloads\battlelog-web-plugins_2.3.2_130 (1).exe 2013-12-17 16:49 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2013-12-17 16:49 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2013-12-17 16:49 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2013-12-17 16:49 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-12-17 12:45 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll 2013-12-17 12:45 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll 2013-12-17 12:45 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2013-12-17 12:45 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2013-12-17 12:45 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2013-12-17 12:45 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2013-12-17 12:45 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2013-12-17 12:45 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll 2013-12-17 12:45 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2013-12-17 12:45 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll 2013-12-17 12:45 - 2012-10-09 19:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll 2013-12-17 12:45 - 2012-10-09 19:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll 2013-12-17 12:45 - 2012-10-09 18:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll 2013-12-17 12:45 - 2012-10-09 18:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll 2013-12-17 12:44 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-12-17 12:44 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-12-17 12:44 - 2013-07-09 06:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2013-12-17 12:44 - 2013-07-09 06:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2013-12-17 12:44 - 2013-07-09 06:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2013-12-17 12:44 - 2013-07-09 05:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2013-12-17 12:44 - 2013-07-09 05:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2013-12-17 12:44 - 2013-07-09 05:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2013-12-17 12:44 - 2013-03-19 06:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2013-12-17 12:44 - 2013-03-19 06:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll 2013-12-17 12:44 - 2013-02-27 07:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2013-12-17 12:44 - 2013-02-27 06:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2013-12-17 12:43 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2013-12-17 12:43 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2013-12-17 12:43 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll 2013-12-17 12:43 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll 2013-12-17 12:43 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2013-12-17 12:43 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2013-12-17 12:43 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2013-12-17 12:43 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys 2013-12-17 12:43 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2013-12-17 12:43 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-12-17 12:43 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2013-12-17 12:43 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2013-12-17 12:43 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2013-12-17 12:43 - 2013-08-05 03:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys 2013-12-17 12:42 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2013-12-17 12:42 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2013-12-17 12:42 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2013-12-17 12:42 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2013-12-17 12:42 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2013-12-17 12:42 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2013-12-17 12:42 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2013-12-17 12:42 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2013-12-17 12:42 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2013-12-17 12:42 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2013-12-17 12:42 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2013-12-17 12:42 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2013-12-17 12:42 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2013-12-17 12:42 - 2013-08-02 03:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2013-12-17 12:42 - 2013-08-02 03:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2013-12-17 12:42 - 2013-08-02 03:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2013-12-17 12:42 - 2013-08-02 03:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2013-12-17 12:42 - 2013-08-02 03:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2013-12-17 12:42 - 2013-08-02 03:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 03:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 02:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2013-12-17 12:42 - 2013-08-02 02:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2013-12-17 12:42 - 2013-08-02 02:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2013-12-17 12:42 - 2013-08-02 02:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 02:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 02:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2013-12-17 12:42 - 2013-08-02 01:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2013-12-17 12:42 - 2013-08-02 01:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 01:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 01:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2013-12-17 12:42 - 2013-08-02 01:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2013-12-17 12:42 - 2013-07-25 10:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2013-12-17 12:42 - 2013-07-25 09:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2013-12-17 12:42 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys 2013-12-17 12:42 - 2013-07-09 06:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2013-12-17 12:42 - 2013-07-09 05:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2013-12-17 12:42 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2013-12-17 12:42 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2013-12-17 12:42 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2013-12-17 12:42 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2013-12-17 12:42 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2013-12-17 12:42 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2013-12-17 12:42 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2013-12-17 12:42 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2013-12-17 12:42 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2013-12-17 12:42 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2013-12-17 12:42 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2013-12-17 12:42 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2013-12-17 12:42 - 2013-04-26 00:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2013-12-17 12:42 - 2013-03-31 23:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2013-12-17 12:42 - 2012-10-03 18:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2013-12-17 12:42 - 2012-10-03 18:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll 2013-12-17 12:42 - 2012-10-03 18:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll 2013-12-17 12:42 - 2012-10-03 18:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll 2013-12-17 12:42 - 2012-10-03 17:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll 2013-12-17 12:42 - 2012-08-22 19:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2013-12-17 12:42 - 2012-07-04 21:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys 2013-12-17 12:41 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-12-17 12:41 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2013-12-17 12:41 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll 2013-12-17 12:41 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2013-12-17 12:41 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2013-12-17 12:41 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2013-12-17 12:41 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2013-12-17 12:41 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2013-12-17 12:41 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2013-12-17 12:41 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2013-12-17 12:41 - 2013-06-15 05:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2013-12-17 12:41 - 2013-06-04 07:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2013-12-17 12:41 - 2013-06-04 05:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2013-12-17 12:41 - 2012-10-03 18:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll 2013-12-17 12:41 - 2012-10-03 18:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll 2013-12-17 12:41 - 2012-10-03 17:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll 2013-12-17 12:41 - 2012-10-03 17:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll 2013-12-17 12:41 - 2012-10-03 17:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys 2013-12-17 12:41 - 2012-08-21 22:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe 2013-12-17 12:41 - 2012-01-13 08:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll 2013-12-17 12:38 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-12-17 12:38 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-12-17 12:38 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2013-12-17 12:38 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2013-12-17 12:38 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2013-12-17 12:38 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-12-17 12:38 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-12-17 12:38 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2013-12-17 12:38 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2013-12-17 12:38 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2013-12-17 12:38 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2013-12-17 12:38 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2013-12-17 12:38 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2013-12-17 12:38 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2013-12-17 12:38 - 2013-08-29 01:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2013-12-17 12:36 - 2013-07-26 03:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2013-12-17 12:36 - 2013-07-26 03:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2013-12-17 12:36 - 2013-07-26 02:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2013-12-17 12:36 - 2013-07-26 02:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2013-12-17 12:35 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2013-12-17 12:35 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2013-12-17 12:35 - 2013-05-10 06:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll 2013-12-17 12:35 - 2013-05-10 04:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll 2013-12-17 12:35 - 2013-04-26 06:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2013-12-17 12:35 - 2013-04-26 05:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll 2013-12-17 12:35 - 2012-11-23 04:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe 2013-12-17 12:33 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2013-12-17 12:33 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-12-17 12:33 - 2013-05-13 06:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll 2013-12-17 12:33 - 2013-05-13 04:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe 2013-12-17 12:33 - 2013-05-13 04:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe 2013-12-17 12:33 - 2013-05-13 04:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll 2013-12-17 12:31 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx 2013-12-17 12:31 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll 2013-12-17 12:31 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx 2013-12-17 12:31 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll 2013-12-17 12:31 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe 2013-12-17 12:31 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe 2013-12-17 12:31 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe 2013-12-17 12:31 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe 2013-12-17 12:31 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2013-12-17 12:31 - 2013-04-10 07:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2013-12-17 12:31 - 2011-02-03 12:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2013-12-17 12:18 - 2013-12-18 12:29 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins 2013-12-17 12:11 - 2014-01-16 17:50 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-12-17 12:09 - 2014-01-16 18:55 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-12-17 12:09 - 2014-01-16 18:03 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-12-17 12:09 - 2013-12-17 12:50 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-12-17 12:09 - 2013-12-17 12:50 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-12-17 12:08 - 2013-12-17 12:20 - 00000000 ____D C:\Users\Lars\AppData\Local\Google 2013-12-17 12:08 - 2013-12-17 12:11 - 50053120 _____ C:\Program Files (x86)\GUTDCE0.tmp 2013-12-17 12:08 - 2013-12-17 12:10 - 00000000 ____D C:\Program Files (x86)\Google 2013-12-17 12:08 - 2013-12-17 12:08 - 00000000 ____D C:\Program Files (x86)\GUMDCDF.tmp 2013-12-17 12:07 - 2013-12-17 12:07 - 00819144 _____ (Google Inc.) C:\Users\Lars\Downloads\chrome_installer_31.0.1650.63.exe 2013-12-17 11:57 - 2013-12-17 11:57 - 03821064 _____ C:\Users\Lars\Downloads\battlelog-web-plugins_2.3.2_130(8).exe 2013-12-17 11:53 - 2013-12-17 11:53 - 03821064 _____ C:\Users\Lars\Downloads\battlelog-web-plugins_2.3.2_130(7).exe ==================== One Month Modified Files and Folders ======= 2014-01-16 19:11 - 2014-01-16 19:10 - 00015908 _____ C:\Users\Lars\Downloads\FRST.txt 2014-01-16 19:10 - 2014-01-16 19:10 - 00000000 ____D C:\FRST 2014-01-16 19:09 - 2014-01-16 19:09 - 02076160 _____ (Farbar) C:\Users\Lars\Downloads\FRST64.exe 2014-01-16 19:07 - 2013-12-12 10:19 - 00000000 ____D C:\Users\Lars\AppData\Roaming\Skype 2014-01-16 18:58 - 2013-12-27 17:05 - 00021372 _____ C:\Windows\system32\Drivers\fvstore.dat 2014-01-16 18:58 - 2013-12-12 11:22 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-01-16 18:55 - 2013-12-17 12:09 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-01-16 18:50 - 2014-01-16 18:50 - 00000000 ____D C:\Program Files\Reason 2014-01-16 18:49 - 2014-01-16 18:49 - 01934752 _____ (Reason Company Software Inc.) C:\Users\Lars\Downloads\herdProtectScan_Setup.exe 2014-01-16 18:29 - 2013-12-12 12:57 - 00000000 ____D C:\Users\Lars\Desktop\Dateien 2014-01-16 18:21 - 2013-12-12 11:16 - 00000000 ____D C:\Users\Lars\AppData\Local\Adobe 2014-01-16 18:20 - 2013-12-12 11:22 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-01-16 18:20 - 2013-12-12 11:22 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-01-16 18:20 - 2013-12-12 11:22 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-01-16 18:20 - 2009-07-14 05:45 - 00014944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-01-16 18:20 - 2009-07-14 05:45 - 00014944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-01-16 18:13 - 2013-12-12 09:24 - 01195522 _____ C:\Windows\WindowsUpdate.log 2014-01-16 18:07 - 2013-12-12 14:39 - 00000000 ____D C:\Fraps 2014-01-16 18:03 - 2013-12-17 12:09 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-01-16 18:02 - 2014-01-13 12:26 - 00269032 _____ C:\Windows\system32\FNTCACHE.DAT 2014-01-16 18:02 - 2014-01-12 12:30 - 00000392 _____ C:\Windows\setupact.log 2014-01-16 18:02 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2014-01-16 17:50 - 2013-12-17 12:11 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2014-01-16 12:47 - 2013-12-12 14:09 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.exe 2014-01-16 12:43 - 2013-12-12 13:47 - 00000000 ____D C:\Program Files (x86)\Origin 2014-01-15 19:50 - 2013-12-12 14:09 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.ex0 2014-01-15 14:07 - 2014-01-15 14:07 - 00000869 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk 2014-01-15 14:07 - 2014-01-15 14:07 - 00000000 ____D C:\Program Files\CPUID 2014-01-15 14:06 - 2014-01-15 14:06 - 01466824 _____ ( ) C:\Users\Lars\Downloads\cpu-z_1.68-setup-en.exe 2014-01-15 13:49 - 2014-01-15 13:49 - 00000436 _____ C:\Windows\PFRO.log 2014-01-15 13:18 - 2014-01-15 13:18 - 684848682 _____ C:\Windows\MEMORY.DMP 2014-01-15 13:18 - 2014-01-15 13:18 - 00275888 _____ C:\Windows\Minidump\011514-29203-01.dmp 2014-01-15 13:18 - 2013-12-30 20:17 - 00000000 ____D C:\Windows\Minidump 2014-01-15 11:47 - 2013-12-15 11:45 - 00000000 ____D C:\Users\Lars\AppData\Roaming\Foxit Software 2014-01-14 10:18 - 2013-12-12 10:48 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2014-01-13 16:56 - 2014-01-13 16:56 - 00000000 ____D C:\Users\Lars\AppData\Local\DriveBeamEditor 2014-01-13 14:35 - 2014-01-13 13:05 - 00000000 ____D C:\Users\Lars\Desktop\Prime95 2014-01-13 12:38 - 2013-12-18 12:41 - 00002978 _____ C:\Windows\System32\Tasks\MSIAfterburner 2014-01-12 16:53 - 2013-12-12 15:49 - 00000922 _____ C:\Users\Public\FW-Error.log 2014-01-12 16:53 - 2013-12-12 15:49 - 00000842 _____ C:\Users\Public\FW-FFB.log 2014-01-12 12:30 - 2014-01-12 12:30 - 00000000 _____ C:\Windows\setuperr.log 2014-01-11 11:34 - 2014-01-11 11:34 - 00000205 _____ C:\Users\Lars\Desktop\Dota 2.url 2014-01-11 11:34 - 2013-12-20 11:34 - 00000000 ____D C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2014-01-10 16:50 - 2014-01-04 18:28 - 00000000 ____D C:\Users\Lars\AppData\Roaming\vlc 2014-01-10 16:37 - 2014-01-04 18:29 - 00000000 ____D C:\Users\Lars\AppData\Roaming\HandBrake 2014-01-10 16:04 - 2014-01-10 16:04 - 00001305 _____ C:\Users\Lars\Desktop\Movie Maker.lnk 2014-01-10 16:04 - 2014-01-10 16:04 - 00000000 ____D C:\Windows\de 2014-01-10 16:04 - 2014-01-10 15:58 - 00000000 ____D C:\Users\Lars\AppData\Local\Windows Live 2014-01-10 16:03 - 2014-01-10 16:03 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2014-01-10 16:03 - 2014-01-10 16:02 - 00000000 ____D C:\Program Files (x86)\Windows Live 2014-01-10 16:02 - 2014-01-10 16:02 - 00000000 ____D C:\Windows\PCHEALTH 2014-01-10 16:02 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2014-01-10 16:00 - 2014-01-10 16:00 - 00000358 _____ C:\Windows\DirectX.log 2014-01-10 15:58 - 2014-01-10 15:58 - 01245168 _____ (Microsoft Corporation) C:\Users\Lars\Downloads\wlsetup-web.exe 2014-01-10 13:46 - 2014-01-10 13:46 - 00000000 ____D C:\Users\Lars\.MCTranscodingSDK 2014-01-10 13:46 - 2014-01-10 13:45 - 00000000 ____D C:\Users\Public\Documents\Lightworks 2014-01-10 13:46 - 2013-12-12 09:47 - 00000000 ____D C:\Users\Lars 2014-01-10 13:45 - 2014-01-10 13:45 - 00000000 ____D C:\ProgramData\Geevs 2014-01-10 13:41 - 2014-01-10 13:34 - 77255136 _____ (Lightworks) C:\Users\Lars\Downloads\lightworks_v11.1.1_full_64bit_setup.exe 2014-01-10 11:49 - 2014-01-10 11:49 - 00058480 _____ C:\Users\Lars\AppData\Local\GDIPFONTCACHEV1.DAT 2014-01-10 11:02 - 2014-01-08 17:51 - 00000000 ____D C:\Users\Lars\AppData\Local\DayZ 2014-01-10 10:57 - 2014-01-10 10:57 - 00000208 _____ C:\Users\Lars\Desktop\DayZ.url 2014-01-09 16:49 - 2014-01-09 16:49 - 00048392 _____ (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll 2014-01-09 16:49 - 2013-12-12 14:24 - 00057096 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll 2014-01-09 12:54 - 2014-01-09 12:54 - 00001085 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk 2014-01-09 12:54 - 2014-01-09 12:54 - 00000000 ____D C:\Users\Lars\AppData\Roaming\DVDVideoSoft 2014-01-09 12:53 - 2014-01-09 12:53 - 34008992 _____ (DVDVideoSoft Ltd. ) C:\Users\Lars\Downloads\FreeYouTubeToMP3Converter- 2014-01-08 17:51 - 2014-01-08 17:51 - 00000000 ____D C:\Users\Lars\Documents\DayZ 2014-01-07 18:11 - 2013-12-22 14:50 - 00000000 ____D C:\Users\Lars\.gimp-2.8 2014-01-07 18:08 - 2014-01-07 18:08 - 00002126 _____ C:\Users\Lars\AppData\Local\recently-used.xbel 2014-01-07 17:54 - 2014-01-07 17:54 - 00001438 _____ C:\Users\Lars\Desktop\gimp-2.8.lnk 2014-01-07 13:24 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\LiveKernelReports 2014-01-06 20:23 - 2014-01-06 20:23 - 00000000 ____D C:\ProgramData\ATI 2014-01-06 20:23 - 2013-12-12 10:28 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies 2014-01-06 20:23 - 2013-08-30 15:44 - 00000000 ____D C:\AMD 2014-01-06 20:22 - 2014-01-06 20:22 - 00060993 _____ C:\Windows\SysWOW64\CCCInstall_201401062022333033.log 2014-01-06 20:22 - 2014-01-06 20:22 - 00000000 ____D C:\Program Files (x86)\AMD AVT 2014-01-06 20:22 - 2013-12-12 10:29 - 00000000 ____D C:\ProgramData\AMD 2014-01-06 20:21 - 2013-12-12 10:22 - 00000000 ____D C:\Program Files\ATI Technologies 2014-01-06 20:19 - 2013-12-12 10:31 - 00000000 ____D C:\Program Files\AMD 2014-01-06 20:16 - 2013-12-12 10:23 - 00000000 ____D C:\ProgramData\Package Cache 2014-01-06 20:13 - 2013-12-12 10:27 - 01591896 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2014-01-06 20:13 - 2009-07-14 18:58 - 00698688 _____ C:\Windows\system32\perfh007.dat 2014-01-06 20:13 - 2009-07-14 18:58 - 00148828 _____ C:\Windows\system32\perfc007.dat 2014-01-06 20:13 - 2009-07-14 06:13 - 01591896 _____ C:\Windows\system32\PerfStringBackup.INI 2014-01-06 20:07 - 2014-01-06 20:02 - 212753896 _____ (Advanced Micro Devices, Inc.) C:\Users\Lars\Downloads\13-12_win7_win8_64_dd_ccc_whql.exe 2014-01-05 19:02 - 2013-12-12 10:38 - 00065536 _____ C:\Windows\system32\spu_storage.bin 2014-01-05 17:34 - 2014-01-04 18:15 - 00000000 ____D C:\Users\Lars\AppData\Roaming\uTorrent 2014-01-04 18:28 - 2014-01-04 18:28 - 00000492 _____ C:\Users\Public\Desktop\VLC media player.lnk 2014-01-04 18:27 - 2014-01-04 18:27 - 23679700 _____ C:\Users\Lars\Downloads\vlc-2.1.1-win64.exe 2014-01-04 18:26 - 2014-01-04 18:26 - 14298467 _____ C:\Users\Lars\Downloads\HandBrake-0.9.9-1_x86_64-Win_GUI.exe 2014-01-04 18:26 - 2014-01-04 18:26 - 00000552 _____ C:\Users\Lars\Desktop\Handbrake.lnk 2014-01-04 18:26 - 2014-01-04 18:26 - 00000000 ____D C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake 2014-01-04 18:17 - 2014-01-04 18:17 - 00000562 _____ C:\Users\Public\Desktop\Fraps.lnk 2014-01-04 18:15 - 2009-07-14 19:18 - 00000000 ___RD C:\Users\Public\Recorded TV 2014-01-04 17:17 - 2013-12-12 12:57 - 00001115 _____ C:\Users\Lars\Desktop\Photoshop.lnk 2014-01-04 17:15 - 2014-01-04 17:15 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2014-01-04 17:13 - 2014-01-04 17:10 - 00151552 _____ C:\Windows\SysWOW64\nvRegDev.dll 2014-01-04 17:13 - 2014-01-04 17:10 - 00061440 _____ C:\Windows\SysWOW64\nvPhotoshopUtil.dll 2014-01-04 17:13 - 2014-01-04 17:10 - 00040960 _____ C:\Windows\SysWOW64\nvISWOW64.dll 2014-01-04 17:12 - 2013-12-28 16:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2014-01-04 17:10 - 2014-01-04 17:10 - 18518646 _____ (InstallShield Software Corporation) C:\Users\Lars\Downloads\Photoshop_Plugins_x64_8.55.0109.1800.exe 2014-01-04 12:32 - 2013-12-12 11:45 - 00000000 ____D C:\Users\Lars\AppData\Roaming\Adobe 2014-01-04 12:05 - 2014-01-04 12:04 - 00000000 ____D C:\Users\Lars\AppData\Roaming\FreePIE 2014-01-04 12:02 - 2014-01-04 12:02 - 07667712 _____ C:\Users\Lars\Downloads\FreePIE.1.4.433.0.msi 2014-01-01 17:53 - 2014-01-01 17:53 - 00000000 ____D C:\Users\Lars\LuminanceHDR 2014-01-01 17:52 - 2014-01-01 17:47 - 18865556 _____ (Luminance HDR Dev Team ) C:\Users\Lars\Downloads\Luminance-HDR-x64-SETUP-v2.3.1.exe 2014-01-01 17:23 - 2014-01-01 17:23 - 00355840 _____ C:\Users\Lars\Desktop\AutoHDR2.1.5.exe 2013-12-31 15:57 - 2013-12-31 15:57 - 00000000 ____D C:\Users\Lars\Documents\Updater 2013-12-31 14:32 - 2013-12-31 14:30 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-12-31 14:31 - 2013-12-31 14:31 - 00000000 ____D C:\Users\Public\Documents\Adobe PDF 2013-12-31 14:31 - 2013-12-12 09:47 - 00000000 ___RD C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-12-31 14:30 - 2013-12-31 14:30 - 00000000 ____D C:\ProgramData\Adobe 2013-12-31 14:25 - 2013-12-31 14:19 - 375232764 _____ (Adobe Systems Inc. ) C:\Users\Lars\Downloads\PS_CS2_Gr_NonRet.exe 2013-12-31 11:47 - 2013-12-31 11:47 - 00003138 _____ C:\Windows\System32\Tasks\{53915D6F-2154-48C2-BB66-09F92850669A} 2013-12-30 14:46 - 2013-12-25 18:09 - 00000000 ____D C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BeamNG.drive 2013-12-28 17:02 - 2013-12-28 16:07 - 00000000 ____D C:\Users\Lars\AppData\Local\Rockstar Games 2013-12-28 16:47 - 2013-12-28 16:47 - 00000000 ____D C:\Users\Lars\Documents\Rockstar Games 2013-12-28 16:45 - 2013-12-28 16:45 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll 2013-12-28 16:42 - 2013-12-28 16:42 - 00000000 ____D C:\Windows\SysWOW64\xlive 2013-12-28 16:42 - 2013-12-28 16:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE 2013-12-28 16:40 - 2013-12-28 16:40 - 00000988 _____ C:\Users\Public\Desktop\Grand Theft Auto IV.lnk 2013-12-28 16:09 - 2013-12-28 16:09 - 00000000 __SHD C:\ProgramData\SecuROM 2013-12-28 16:05 - 2013-12-28 16:05 - 00000000 __RHD C:\Users\Lars\AppData\Roaming\SecuROM 2013-12-28 14:12 - 2013-12-28 14:12 - 00000603 _____ C:\Users\Lars\Desktop\MSI Kombustor 2.5.lnk 2013-12-28 14:12 - 2013-12-28 14:12 - 00000000 ___HD C:\Windows\msdownld.tmp 2013-12-28 14:12 - 2013-12-28 14:12 - 00000000 ____D C:\Windows\SysWOW64\directx 2013-12-28 14:11 - 2013-12-28 14:11 - 00000597 _____ C:\Users\Lars\Desktop\MSI Afterburner.lnk 2013-12-28 14:11 - 2013-12-28 14:11 - 00000000 ____D C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner 2013-12-27 17:05 - 2013-12-27 17:05 - 00000000 ___HD C:\VTRoot 2013-12-27 16:24 - 2013-12-27 16:24 - 00010152 _____ C:\Users\Lars\Downloads\pickup_engine_jet.jbeam 2013-12-26 13:49 - 2013-12-22 14:50 - 00000926 _____ C:\Users\Lars\Desktop\GIMP 2.lnk 2013-12-23 11:46 - 2013-12-23 11:46 - 00005187 _____ C:\Users\Lars\Downloads\cameras_6.ini 2013-12-22 17:06 - 2013-12-12 09:20 - 00000000 ____D C:\Windows\Panther 2013-12-22 14:53 - 2013-12-22 14:53 - 00000000 ____D C:\Users\Lars\.thumbnails 2013-12-22 14:50 - 2013-12-22 14:50 - 00000000 ____D C:\Users\Lars\AppData\Local\gegl-0.2 2013-12-22 14:49 - 2013-12-22 14:48 - 00000000 ____D C:\Program Files\GIMP 2 2013-12-22 14:46 - 2013-12-22 14:44 - 90396104 _____ (The GIMP Team ) C:\Users\Lars\Downloads\gimp-2.8.10-setup.exe 2013-12-22 14:42 - 2013-12-12 09:47 - 00000000 ____D C:\Users\Lars\AppData\Local\VirtualStore 2013-12-21 14:46 - 2013-12-21 14:45 - 00000000 ____D C:\Users\Lars\AppData\Local\PAYDAY 2013-12-21 12:02 - 2013-12-21 12:02 - 00000208 _____ C:\Users\Lars\Desktop\Assetto Corsa.url 2013-12-20 18:27 - 2013-12-20 18:27 - 00000982 _____ C:\Users\Public\Desktop\Gyazo.lnk 2013-12-20 18:27 - 2013-12-20 18:27 - 00000000 ____D C:\Program Files (x86)\Gyazo 2013-12-20 12:04 - 2013-12-20 12:04 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2013-12-20 12:04 - 2013-12-20 12:04 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2013-12-19 17:38 - 2013-12-19 17:38 - 06013024 _____ (Nota Inc. ) C:\Users\Lars\Downloads\GyazoSetup.exe 2013-12-18 16:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2013-12-18 12:40 - 2013-12-18 12:40 - 00002720 _____ C:\Windows\System32\Tasks\Core Temp Autostart Lars 2013-12-18 12:34 - 2013-12-16 12:45 - 00001421 _____ C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-12-18 12:29 - 2013-12-17 12:18 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins 2013-12-18 12:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2013-12-18 12:25 - 2013-12-18 12:25 - 00000963 _____ C:\Users\Lars\Desktop\TechPowerUp GPU-Z.lnk 2013-12-18 12:25 - 2013-12-18 12:25 - 00000000 ____D C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z 2013-12-18 12:25 - 2013-12-18 12:25 - 00000000 ____D C:\Program Files (x86)\GPU-Z 2013-12-18 10:27 - 2013-12-18 10:27 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-12-18 10:27 - 2013-12-18 10:27 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-12-17 16:24 - 2013-12-17 16:24 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-12-17 12:50 - 2013-12-17 12:09 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-12-17 12:50 - 2013-12-17 12:09 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-12-17 12:20 - 2013-12-17 12:08 - 00000000 ____D C:\Users\Lars\AppData\Local\Google 2013-12-17 12:11 - 2013-12-17 12:08 - 50053120 _____ C:\Program Files (x86)\GUTDCE0.tmp 2013-12-17 12:10 - 2013-12-17 12:08 - 00000000 ____D C:\Program Files (x86)\Google 2013-12-17 12:08 - 2013-12-17 12:08 - 00000000 ____D C:\Program Files (x86)\GUMDCDF.tmp 2013-12-17 12:07 - 2013-12-17 12:07 - 00819144 _____ (Google Inc.) C:\Users\Lars\Downloads\chrome_installer_31.0.1650.63.exe 2013-12-17 11:57 - 2013-12-17 11:57 - 03821064 _____ C:\Users\Lars\Downloads\battlelog-web-plugins_2.3.2_130(8).exe 2013-12-17 11:53 - 2013-12-17 11:53 - 03821064 _____ C:\Users\Lars\Downloads\battlelog-web-plugins_2.3.2_130(7).exe Some content of TEMP: ==================== C:\Users\Lars\AppData\Local\Temp\Checkupdate.exe C:\Users\Lars\AppData\Local\Temp\Foxit Reader Updater.exe C:\Users\Lars\AppData\Local\Temp\gcapi_dll.dll C:\Users\Lars\AppData\Local\Temp\gtapi_signed.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-01-09 14:24 ==================== End Of Log ============================ --- --- --- Additional.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2014 03 Ran by Lars at 2014-01-16 19:11:54 Running from C:\Users\Lars\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} AS: COMODO Antivirus (Disabled - Out of date) {0C2D2636-923D-EE52-2A83-E643204A8275} FW: COMODO Firewall (Enabled) {8F7746F7-FE68-E084-3B6C-7404A51E8FB3} ==================== Installed Programs ====================== µTorrent (HKCU Version: - BitTorrent Inc.) ACP Application (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden Adobe Bridge 1.0 (x32 Version: 001.000.001 - Adobe Systems) Hidden Adobe Common File Installer (x32 Version: 1.00.001 - Adobe System Incorporated) Hidden Adobe Flash Player 12 Plugin (x32 Version: - Adobe Systems Incorporated) Adobe Help Center 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.) Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.) Hidden Adobe Stock Photos 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden AMD Accelerated Video Transcoding (Version: - Advanced Micro Devices, Inc.) Hidden AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden AMD Catalyst Install Manager (Version: 8.0.915.0 - Advanced Micro Devices, Inc.) AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden AMD Fuel (Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden AMD Steady Video Plug-In (Version: 2.06.0000 - AMD) Hidden AMD Wireless Display v3.0 (Version: - Advanced Micro Devices, Inc.) Hidden Assetto Corsa (x32 Version: - Kunos Simulazioni) ASUS Xonar DG Audio Driver (Version: - ) Aurora 28.0a2 (x86 de) (x32 Version: 28.0a2 - Mozilla) avast! Free Antivirus (x32 Version: 9.0.2008 - Avast Software) AVM FRITZ!WLAN (x32 Version: - AVM Berlin) Battlefield 4™ (x32 Version: - Electronic Arts) BeamNG.drive (HKCU Version: - beamng.com) Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden CheckDrive (x32 Version: 4.4 - Abelssoft) CloudReading (x32 Version: - Foxit Corporation) Comodo Dragon (x32 Version: - COMODO) COMODO Firewall (Version: 6.3.32439.2937 - COMODO Security Solutions Inc.) Contagion (x32 Version: - Monochrome LLC) CPUID CPU-Z 1.68 (Version: - ) CrystalDiskInfo 6.0.4 (x32 Version: 6.0.4 - Crystal Dew World) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DayZ (x32 Version: - Bohemia Interactive) Dota 2 (x32 Version: - Valve) ESN Sonar (x32 Version: 0.70.4 - ESN Social Software AB) Fanatec Wheel (Version: 8.17.7 - Endor AG) Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Foxit Reader (x32 Version: - Foxit Corporation) Fraps (remove only) (x32 Version: - ) Free YouTube to MP3 Converter version (x32 Version: - DVDVideoSoft Ltd.) GeekBuddy (Version: 4.10.79 - Comodo Security Solutions Inc) GIMP 2.8.10 (Version: 2.8.10 - The GIMP Team) Google Chrome (x32 Version: 32.0.1700.76 - Google Inc.) Google Update Helper (x32 Version: - Google Inc.) Hidden Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden Grand Theft Auto IV (x32 Version: 1.00.0000 - Rockstar Games) Gyazo 2.0.2 (x32 Version: - Nota Inc.) HandBrake (x32 Version: - ) herdProtect Anti-Malware Scanner (x32 Version: 1.0 - Reason Company Software Inc.) Lightworks (x32 Version: - Lightworks) Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden Logitech Gaming Software 8.51 (Version: 8.51.5 - Logitech Inc.) Malwarebytes Anti-Malware Version (x32 Version: - Malwarebytes Corporation) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Games for Windows - LIVE Redistributable (x32 Version: - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla) Mozilla Maintenance Service (x32 Version: 28.0a2 - Mozilla) MSI Afterburner 2.3.1 (x32 Version: 2.3.1 - MSI Co., LTD) MSI Kombustor 2.5.0 (x32 Version: - MSI Co., LTD) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden NVIDIA Photoshop Plug-ins 64 bit (x32 Version: 8.50 - ) NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) OpenAL (x32 Version: - ) Origin (x32 Version: - Electronic Arts, Inc.) PAYDAY: The Heist (x32 Version: - OVERKILL Software) Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden PunkBuster Services (x32 Version: 0.993 - Even Balance, Inc.) Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.) Smart Technology Programming Software (Version: - Mad Catz) TechPowerUp GPU-Z (x32 Version: - TechPowerUp) Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1 - Microsoft Corporation) VLC media player 2.1.1 (Version: 2.1.1 - VideoLAN) Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden ==================== Restore Points ========================= 04-01-2014 11:04:07 Installed FreePIE 04-01-2014 11:10:25 Installed FreePIE 04-01-2014 16:12:09 Installed NVIDIA Photoshop Plug-ins 64 bit 04-01-2014 16:14:03 Removed NVIDIA Photoshop Plug-ins 64 bit 04-01-2014 16:15:34 Removed NVIDIA Photoshop Plug-ins 64 bit 06-01-2014 19:09:12 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 06-01-2014 19:15:55 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 07-01-2014 11:03:04 Windows Update 10-01-2014 14:58:42 Windows Live Essentials 10-01-2014 14:59:41 DirectX wurde installiert 10-01-2014 15:00:19 DirectX wurde installiert 10-01-2014 15:01:04 DirectX wurde installiert 10-01-2014 15:02:45 WLSetup 14-01-2014 09:30:01 Windows Update 16-01-2014 11:00:21 Windows Update ==================== Hosts content: ========================== 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {19C5A8F6-437B-44D9-A546-EEF7DC5713EE} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-12-12] (AVAST Software) Task: {207EC749-63AA-4CDF-9E74-666130750B5E} - System32\Tasks\MSIAfterburner => H:\MSI Afterburner\MSIAfterburner.exe [2013-01-23] () Task: {9E9ABDF8-5323-45C2-8C11-961A595B95F1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-16] (Adobe Systems Incorporated) Task: {A077EF5D-0875-4B69-99D9-7CECCF2BE651} - System32\Tasks\Core Temp Autostart Lars => H:\Programme\Core Temp\Core Temp.exe [2013-03-01] () Task: {A259C349-88AD-4B5A-9458-75B216194823} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-17] (Google Inc.) Task: {AE258BF0-92D0-4BF3-B919-2367B2A5AA15} - System32\Tasks\COMODO\COMODO Welcome {CEB54B45-2B5E-4FF5-9223-6735CD80FE69} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [2013-11-20] (COMODO) Task: {D7A66C77-A4B0-48FC-8539-0474CFEA873F} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2013-11-11] (COMODO) Task: {ED244179-856A-4CAC-9E2E-FCDC866CDEDB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-17] (Google Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-12-06 16:06 - 2013-12-06 16:06 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll 2014-01-16 17:46 - 2014-01-16 12:10 - 02155008 _____ () C:\Program Files\AVAST Software\Avast\defs\14011600\algo.dll 2013-01-16 17:01 - 2013-01-16 17:01 - 00069632 _____ () H:\MSI Afterburner\RTMUI.dll 2013-01-16 17:00 - 2013-01-16 17:00 - 00061440 _____ () H:\MSI Afterburner\RTFC.dll 2013-01-16 17:01 - 2013-01-16 17:01 - 00229376 _____ () H:\MSI Afterburner\RTCore.dll 2013-01-16 17:00 - 2013-01-16 17:00 - 00143360 _____ () H:\MSI Afterburner\RTUI.dll 2013-01-16 17:01 - 2013-01-16 17:01 - 00348160 _____ () H:\MSI Afterburner\RTHAL.dll 2011-04-30 20:04 - 2011-04-30 20:04 - 00013312 _____ () H:\MSI Afterburner\RTTSH.dll 2013-12-12 13:47 - 2013-12-12 13:47 - 00064000 _____ () C:\Program Files (x86)\Origin\tufao.dll 2013-12-12 11:20 - 2012-06-06 09:56 - 00143360 ____N () C:\Program Files\ASUS Xonar DG Audio\Customapp\VmixP8.dll 2013-12-12 10:48 - 2013-12-12 10:48 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00417280 _____ () H:\Winamp\nsutil.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00078848 _____ () H:\Winamp\nde.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00023552 _____ () H:\Winamp\System\albumart.w5s 2013-12-12 00:44 - 2013-03-14 20:31 - 00174080 _____ () H:\Winamp\System\auth.w5s 2013-12-12 00:44 - 2013-03-14 20:31 - 00019456 _____ () H:\Winamp\System\bmp.w5s 2013-12-12 00:44 - 2013-03-14 20:31 - 00064512 _____ () H:\Winamp\zlib.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00044544 _____ () H:\Winamp\System\devices.w5s 2013-12-12 00:44 - 2013-03-14 20:31 - 00016896 _____ () H:\Winamp\System\dlmgr.w5s 2013-12-12 00:44 - 2013-03-14 20:31 - 00014336 _____ () H:\Winamp\System\filereader.w5s 2013-12-12 00:44 - 2013-03-14 20:31 - 00019456 _____ () H:\Winamp\System\gif.w5s 2013-12-12 00:44 - 2013-03-14 20:31 - 00016384 _____ () H:\Winamp\System\gracenote.w5s 2013-12-12 00:44 - 2013-03-14 20:31 - 00623616 _____ () H:\Winamp\System\jnetlib.w5s 2013-12-12 00:44 - 2013-03-14 20:31 - 00154624 _____ () H:\Winamp\System\jpeg.w5s 2013-12-12 00:44 - 2013-03-14 20:31 - 00084480 _____ () H:\Winamp\System\playlist.w5s 2013-12-12 00:44 - 2013-03-14 20:31 - 00087552 _____ () H:\Winamp\System\png.w5s 2013-12-12 00:44 - 2013-03-14 20:31 - 00013824 _____ () H:\Winamp\System\primo.w5s 2013-12-12 00:44 - 2013-03-14 20:31 - 00021504 _____ () H:\Winamp\System\tagz.w5s 2013-12-12 00:44 - 2013-03-14 20:31 - 00035328 _____ () H:\Winamp\System\timer.w5s 2013-12-12 00:44 - 2013-03-14 20:31 - 00091136 _____ () H:\Winamp\System\xml.w5s 2013-12-12 00:44 - 2013-03-14 20:31 - 00068608 _____ () H:\Winamp\Plugins\in_avi.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00102400 _____ () H:\Winamp\Plugins\in_cdda.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00072192 _____ () H:\Winamp\Plugins\in_dshow.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00061440 _____ () H:\Winamp\Plugins\in_flac.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00043008 _____ () H:\Winamp\Plugins\in_flv.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00007168 _____ () H:\Winamp\Plugins\in_linein.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00109568 _____ () H:\Winamp\Plugins\in_midi.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00049152 _____ () H:\Winamp\Plugins\in_mkv.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00164864 _____ () H:\Winamp\Plugins\in_mod.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00290816 _____ () H:\Winamp\Plugins\in_mp3.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00052736 _____ () H:\Winamp\Plugins\in_mp4.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00075264 _____ () H:\Winamp\Plugins\in_nsv.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00023552 _____ () H:\Winamp\Plugins\in_swf.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00253440 _____ () H:\Winamp\Plugins\in_vorbis.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00016896 _____ () H:\Winamp\Plugins\in_wave.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00253440 _____ () H:\Winamp\libsndfile.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00313344 _____ () H:\Winamp\Plugins\in_wm.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00022528 _____ () H:\Winamp\Plugins\out_disk.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00052224 _____ () H:\Winamp\Plugins\out_ds.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00018432 _____ () H:\Winamp\Plugins\out_wave.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 01737728 _____ () H:\Winamp\Plugins\gen_ff.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00083968 _____ () H:\Winamp\tataki.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00340992 _____ () H:\Winamp\Plugins\freeform\wacs\freetype\freetype.wac 2013-12-12 00:44 - 2013-03-14 20:31 - 00028160 _____ () H:\Winamp\Plugins\gen_hotkeys.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00185344 _____ () H:\Winamp\Plugins\gen_jumpex.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00318976 _____ () H:\Winamp\Plugins\gen_ml.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00294912 _____ () H:\Winamp\Plugins\ml_local.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00084480 _____ () H:\Winamp\Plugins\ml_playlists.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00124928 _____ () H:\Winamp\Plugins\ml_online.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00249856 _____ () H:\Winamp\Plugins\ml_devices.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00201728 _____ () H:\Winamp\Plugins\ml_disc.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00240640 _____ () H:\Winamp\Plugins\ml_pmp.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00060928 _____ () H:\Winamp\Plugins\pmp_android.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00170496 _____ () H:\Winamp\Plugins\pmp_ipod.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00020480 _____ () H:\Winamp\Plugins\pmp_njb.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00118272 _____ () H:\Winamp\Plugins\pmp_p4s.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00053760 _____ () H:\Winamp\Plugins\pmp_usb.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00113664 _____ () H:\Winamp\Plugins\pmp_wifi.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00028672 _____ () H:\Winamp\Plugins\ml_bookmarks.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00052224 _____ () H:\Winamp\Plugins\ml_history.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00028672 _____ () H:\Winamp\Plugins\ml_autotag.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00057344 _____ () H:\Winamp\Plugins\ml_impex.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00083456 _____ () H:\Winamp\Plugins\ml_plg.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00033792 _____ () H:\Winamp\Plugins\ml_rg.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00032256 _____ () H:\Winamp\Plugins\ml_transcode.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00057344 _____ () H:\Winamp\Plugins\gen_orgler.dll 2013-12-12 00:44 - 2013-03-14 20:31 - 00025600 _____ () H:\Winamp\Plugins\gen_tray.dll 2014-01-15 14:14 - 2014-01-15 14:14 - 03678320 _____ () H:\Programme\Aurora\mozjs.dll 2013-12-12 11:22 - 2013-12-28 17:16 - 16242056 ____N () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== Faulty Device Manager Devices ============= Name: Ethernet-Controller Description: Ethernet-Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: USB (Universal Serial Bus)-Controller Description: USB (Universal Serial Bus)-Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (01/13/2014 00:31:29 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: unit.exe, Version:, Zeitstempel: 0x52aae7b7 Name des fehlerhaften Moduls: unknown, Version:, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000000000 ID des fehlerhaften Prozesses: 0x1338 Startzeit der fehlerhaften Anwendung: 0xunit.exe0 Pfad der fehlerhaften Anwendung: unit.exe1 Pfad des fehlerhaften Moduls: unit.exe2 Berichtskennung: unit.exe3 Error: (01/10/2014 11:02:25 AM) (Source: Application Hang) (User: ) Description: Programm DayZ.exe, Version kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: bb4 Startzeit: 01cf0deb087c8575 Endzeit: 11 Anwendungspfad: H:\Games\Steam\steamapps\common\DayZ\DayZ.exe Berichts-ID: 4bbea66d-79de-11e3-a62c-001f3f0d2ec5 System errors: ============= Error: (01/16/2014 06:09:08 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows Update" wurde nicht richtig gestartet. Error: (01/16/2014 05:59:18 PM) (Source: FWLANUSB) (User: ) Description: AVM FRITZ!WLAN USB Stick v1.1 : Fehlfunktion des Netzwerkadapters wurde ermittelt. Error: (01/15/2014 01:50:11 PM) (Source: EventLog) (User: ) Description: Das System wurde zuvor am 15.01.2014 um 13:18:42 unerwartet heruntergefahren. Error: (01/14/2014 02:43:15 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (01/14/2014 02:43:15 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht. Error: (01/14/2014 00:36:27 PM) (Source: EventLog) (User: ) Description: Das System wurde zuvor am 14.01.2014 um 12:34:54 unerwartet heruntergefahren. Error: (01/13/2014 00:41:19 PM) (Source: Service Control Manager) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: cdrom Error: (01/13/2014 00:30:11 PM) (Source: Service Control Manager) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: cdrom Error: (01/13/2014 00:29:57 PM) (Source: EventLog) (User: ) Description: Das System wurde zuvor am 13.01.2014 um 12:27:11 unerwartet heruntergefahren. Error: (01/11/2014 07:24:13 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Microsoft Office Sessions: ========================= Error: (01/13/2014 00:31:29 PM) (Source: Application Error)(User: ) Description: unit.exe4.0.0.052aae7b7unknown0.0.0.000000000c00000050000000000000000133801cf1052e6146a84C:\Program Files\COMODO\GeekBuddy\unit.exeunknown3e3564ba-7c46-11e3-b049-001f3f0d2ec5 Error: (01/10/2014 11:02:25 AM) (Source: Application Hang)(User: ) Description: DayZ.exe0.30.114.8bb401cf0deb087c857511H:\Games\Steam\steamapps\common\DayZ\DayZ.exe4bbea66d-79de-11e3-a62c-001f3f0d2ec5 ==================== Memory info =========================== Percentage of memory in use: 40% Total physical RAM: 8190.18 MB Available physical RAM: 4855 MB Total Pagefile: 16378.54 MB Available Pagefile: 12511.63 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:931.41 GB) (Free:856.29 GB) NTFS Drive d: (GTA IV Disc 1) (CDROM) (Total:7.03 GB) (Free:0 GB) UDF Drive f: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive g: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive h: () (Fixed) (Total:931.41 GB) (Free:813.25 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 03017B0D) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 5B9914F3) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
![]() | #2 | |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() 1und1 Telekom Phishing mail Anhang heruntergeladen und Exe ausgeführt hi,
__________________Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ |
![]() | #3 |
| ![]() 1und1 Telekom Phishing mail Anhang heruntergeladen und Exe ausgeführt Hallo.
__________________Tut mir leid dass ich so spät bescheid sage, aber ich hab windows schon komplett neu aufgesetzt und die Festplatten formatiert. Trotzdem vielen Dank für die Hilfe! Gruß |
![]() | #4 |
/// the machine /// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() 1und1 Telekom Phishing mail Anhang heruntergeladen und Exe ausgeführt ok ![]()
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
![]() |
Themen zu 1und1 Telekom Phishing mail Anhang heruntergeladen und Exe ausgeführt |
1und1, abelssoft, adblock, adresse, anhang, aufsetzen, avast, branding, datei, download, dvdvideosoft ltd., email, erhalte, exe, festplatte, festplatten, grand theft auto, kunde, link, mail, minidump, neu, nichts, phishing, platte, platten, scan, scanner, telekom, virenscan, virenscanner, windows |