Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: aswSnx.sys im drivers Ordner mit GMER gefunden.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 24.03.2014, 01:03   #1
deddad
 
aswSnx.sys im drivers Ordner mit GMER gefunden. - Standard

aswSnx.sys im drivers Ordner mit GMER gefunden.



Guten Abend.

Habe mir vor 3-4 Wochen ein neues Windows 7 System aufgesetzt.
Argh..!
Leider spuckte GMER folgendes aus:

Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-03-24 00:28:57
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3 MAXTOR_STM3250820AS rev.3.AAE 232,89GB
Running: Gmer-19357.exe; Driver: C:\Users\Dehz\AppData\Local\Temp\axldapow.sys


---- System - GMER 2.1 ----

SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwAddBootEntry [0x8BF2EACC]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwAssignProcessToJobObject [0x8BF2F5AA]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwCreateEvent [0x8BF3B692]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwCreateEventPair [0x8BF3B6DE]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwCreateIoCompletion [0x8BF3B878]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwCreateMutant [0x8BF3B600]
SSDT   \??\C:\Windows\system32\drivers\aswSP.sys                               ZwCreateSection [0x8BB2A426]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwCreateSemaphore [0x8BF3B648]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwCreateThread [0x8BF2FAE0]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwCreateThreadEx [0x8BF2FCFC]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwCreateTimer [0x8BF3B832]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwDebugActiveProcess [0x8BF30398]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwDeleteBootEntry [0x8BF2EB32]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwDuplicateObject [0x8BF33BE4]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwLoadDriver [0x8BF2E71E]
SSDT   \??\C:\Windows\system32\drivers\aswSP.sys                               ZwMapViewOfSection [0x8BB2A506]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwModifyBootEntry [0x8BF2EB98]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwNotifyChangeKey [0x8BF33FDA]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwNotifyChangeMultipleKeys [0x8BF30EDE]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwOpenEvent [0x8BF3B6BC]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwOpenEventPair [0x8BF3B700]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwOpenIoCompletion [0x8BF3B89C]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwOpenMutant [0x8BF3B626]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwOpenProcess [0x8BF334DE]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwOpenSection [0x8BF3B7B0]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwOpenSemaphore [0x8BF3B670]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwOpenThread [0x8BF338C6]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwOpenTimer [0x8BF3B856]
SSDT   \??\C:\Windows\system32\drivers\aswSP.sys                               ZwProtectVirtualMemory [0x8BB2A2AA]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwQueryObject [0x8BF30CF4]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwQueueApcThreadEx [0x8BF30A02]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwSetBootEntryOrder [0x8BF2EBFE]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwSetBootOptions [0x8BF2EC64]
SSDT   \??\C:\Windows\system32\drivers\aswSP.sys                               ZwSetContextThread [0x8BB2A602]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwSetSystemInformation [0x8BF2E7B8]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwSetSystemPowerState [0x8BF2E98A]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwShutdownSystem [0x8BF2E918]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwSuspendProcess [0x8BF30562]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwSuspendThread [0x8BF306C4]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwSystemDebugControl [0x8BF2EA12]
SSDT   \??\C:\Windows\system32\drivers\aswSP.sys                               ZwTerminateProcess [0x8BB2A378]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwTerminateThread [0x8BF301F2]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwVdmControl [0x8BF2ECCA]
SSDT   \??\C:\Windows\system32\drivers\aswSnx.sys                              ZwWriteVirtualMemory [0x8BF2F606]

---- Kernel code sections - GMER 2.1 ----

.text  ntoskrnl.exe!ZwRollbackEnlistment + 1409                                828729A5 1 Byte  [06]
.text  ntoskrnl.exe!KiDispatchInterrupt + 5A2                                  82892512 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text  ntoskrnl.exe!KeRemoveQueueEx + 1393                                     82899988 4 Bytes  JMP 8CBD8BF2 
.text  ntoskrnl.exe!KeRemoveQueueEx + 141B                                     82899A10 4 Bytes  [AA, F5, F2, 8B]
.text  ntoskrnl.exe!KeRemoveQueueEx + 146F                                     82899A64 8 Bytes  [92, B6, F3, 8B, DE, B6, F3, ...]
.text  ntoskrnl.exe!KeRemoveQueueEx + 147B                                     82899A70 4 Bytes  [78, B8, F3, 8B]
.text  ntoskrnl.exe!KeRemoveQueueEx + 1497                                     82899A8C 4 Bytes  [00, B6, F3, 8B]
.text  ...                                                                     
PAGE   ntoskrnl.exe!ZwReplyWaitReceivePortEx + 108                             82A4D1B1 4 Bytes  CALL 8BF315C5 \??\C:\Windows\system32\drivers\aswSnx.sys
PAGE   ntoskrnl.exe!ZwAlpcSendWaitReceivePort + 122                            82A89EED 4 Bytes  CALL 8BF315DB \??\C:\Windows\system32\drivers\aswSnx.sys
.text  C:\Windows\system32\DRIVERS\atikmdag.sys                                section is writeable [0x92826000, 0x267978, 0xE8000020]

---- User code sections - GMER 2.1 ----

.text  C:\Windows\system32\csrss.exe[388] kernel32.dll!GetBinaryTypeW + 70     768D69E4 1 Byte  [62]
.text  C:\Windows\system32\wininit.exe[448] kernel32.dll!GetBinaryTypeW + 70   768D69E4 1 Byte  [62]
.text  C:\Windows\system32\csrss.exe[460] kernel32.dll!GetBinaryTypeW + 70     768D69E4 1 Byte  [62]
.text  C:\Windows\system32\services.exe[496] kernel32.dll!GetBinaryTypeW + 70  768D69E4 1 Byte  [62]
.text  C:\Windows\system32\winlogon.exe[536] kernel32.dll!GetBinaryTypeW + 70  768D69E4 1 Byte  [62]
.text  ...                                                                     

---- EOF - GMER 2.1 ----
         
Das System ist ganz frisch und ich kann mir das nicht erklären. Ist der Log harmlos?
Oder gibt es "Ärger"?
Lg

Deddad

FRST:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014  01
Ran by Dehzn (ATTENTION: The logged in user is not administrator) on DEHZN on 24-03-2014 00:48:24
Running from C:\Users\Dehzn\Downloads
Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AvastUI.exe] - C:\Program Files\Avast\AvastUI.exe [3767096 2014-03-04] (AVAST Software)
HKLM\...\Run: [StartCCC] - C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2010-02-10] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-3832616182-1819445049-1166218546-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3832616182-1819445049-1166218546-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
GroupPolicyUsers\S-1-5-21-3832616182-1819445049-1166218546-1001\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Dehzn\AppData\Roaming\Mozilla\Firefox\Profiles\0fvg8ys8.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Avast\WebRep\FF [2014-03-04]

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\Avast\AvastSvc.exe [50344 2014-03-04] (AVAST Software)
R2 lmhosts; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 OpenNIC; C:\Program Files\OpenNIC\OpenNICServer.exe [4397785 2012-03-11] ()

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-03-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [79720 2014-03-04] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-03-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2014-03-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410784 2014-03-04] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [64168 2014-03-04] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180248 2014-03-04] ()
S3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [20992 2006-11-02] (Microsoft Corporation)
S3 NDMSHLP; C:\Program Files\Common Files\HHD Software\Device Monitor\ndmshlp.sys [7632 2005-05-24] (HHD Software)
S3 SerMon; C:\Program Files\HHD Software\Free Serial Port Monitor\sermon.sys [18432 2005-05-24] (HHD Software)
U3 axldapow; \??\C:\Users\Dehz\AppData\Local\Temp\axldapow.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-24 00:48 - 2014-03-24 00:48 - 00004567 _____ () C:\Users\Dehzn\Downloads\FRST.txt
2014-03-24 00:47 - 2014-03-24 00:48 - 00000000 ____D () C:\FRST
2014-03-24 00:46 - 2014-03-24 00:46 - 01145856 _____ (Farbar) C:\Users\Dehzn\Downloads\FRST.exe
2014-03-24 00:03 - 2014-03-24 00:03 - 00380416 _____ () C:\Users\Dehzn\Downloads\Gmer-19357.exe
2014-03-21 13:21 - 2014-03-21 13:21 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JonDoFox
2014-03-21 13:16 - 2014-03-21 13:19 - 29640528 _____ (JonDos GmbH) C:\Users\Dehzn\Downloads\JonDoFox.paf.exe
2014-03-21 13:12 - 2014-03-21 13:37 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\JonDo
2014-03-21 13:08 - 2014-03-21 13:09 - 00000000 ____D () C:\Program Files\JAP
2014-03-21 13:08 - 2014-03-21 13:08 - 00347664 _____ (JAP-Team) C:\Users\Dehzn\Downloads\japsetup.exe
2014-03-21 13:08 - 2014-03-21 13:08 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JAP
2014-03-21 11:50 - 2014-03-21 11:50 - 00000000 ____D () C:\ProgramData\OpenNIC
2014-03-21 11:48 - 2014-03-21 11:48 - 00000000 ____D () C:\Program Files\OpenNIC
2014-03-21 11:47 - 2014-03-21 11:47 - 06385630 _____ (The OpenNIC Project ) C:\Users\Dehzn\Downloads\OpenNIC Wizard 0.3.rc2.exe
2014-03-20 22:34 - 2014-03-20 22:34 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\Malwarebytes
2014-03-19 15:41 - 2014-03-19 15:41 - 00000000 ____D () C:\Program Files\7-Zip
2014-03-19 15:40 - 2014-03-19 15:40 - 01110476 _____ () C:\Users\Dehzn\Downloads\7z920.exe
2014-03-19 15:38 - 2014-03-19 15:38 - 01376768 _____ () C:\Users\Dehzn\Downloads\7z920-x64.msi
2014-03-19 15:26 - 2014-03-19 18:07 - 00000000 ____D () C:\Program Files\Return to Castle Wolfenstein Multiplayer DEMO
2014-03-19 15:26 - 2014-03-19 15:26 - 00001154 _____ () C:\Users\Dehzn\Desktop\Wolfenstein DEMO.lnk
2014-03-19 15:26 - 2014-03-19 15:26 - 00001154 _____ () C:\Users\Dehz\Desktop\Wolfenstein DEMO.lnk
2014-03-19 15:26 - 2014-03-19 15:26 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Return to Castle Wolfenstein Multiplayer DEMO
2014-03-19 14:51 - 2014-03-19 14:54 - 69500291 _____ () C:\Users\Dehzn\Downloads\wolf_mpdemo.exe
2014-03-19 14:49 - 2014-03-19 14:49 - 00539357 _____ () C:\Users\Dehzn\Downloads\RTCW_Demo_patched_master.exe
2014-03-18 19:27 - 2014-03-18 19:27 - 00000000 _____ () C:\Users\Dehzn\Desktop\test.txt
2014-03-18 16:25 - 2014-03-18 19:26 - 00000000 ____D () C:\Users\Dehz\AppData\Local\Martin Fuchs
2014-03-18 16:25 - 2014-03-18 16:25 - 00007607 _____ () C:\Users\Dehz\AppData\Local\Resmon.ResmonCfg
2014-03-18 15:43 - 2014-03-18 15:43 - 00000000 ____D () C:\Users\Dehzn\AppData\Local\Martin Fuchs
2014-03-18 15:41 - 2014-03-18 15:41 - 00001007 _____ () C:\Users\Dehz\Desktop\Service Manager.lnk
2014-03-18 15:41 - 2014-03-18 15:41 - 00000000 ____D () C:\Program Files\Martin Fuchs
2014-03-18 15:40 - 2014-03-18 15:40 - 00583576 _____ (Martin Fuchs ) C:\Users\Dehzn\Downloads\servicemgr-setup-4.6.exe
2014-03-18 15:00 - 2014-03-18 15:00 - 00000000 ____D () C:\Program Files\HHD Software
2014-03-18 15:00 - 2014-03-18 15:00 - 00000000 ____D () C:\Program Files\Common Files\HHD Software
2014-03-18 14:58 - 2014-03-18 14:58 - 02967760 _____ (HHD Software) C:\Users\Dehzn\Downloads\free-serial-port-monitor.exe
2014-03-17 08:26 - 2014-03-17 08:26 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\ATI
2014-03-17 08:26 - 2014-03-17 08:26 - 00000000 ____D () C:\Users\Dehzn\AppData\Local\ATI
2014-03-16 19:35 - 2014-03-16 19:35 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\ATI
2014-03-16 19:35 - 2014-03-16 19:35 - 00000000 ____D () C:\Users\Dehz\AppData\Local\ATI
2014-03-16 19:35 - 2014-03-16 19:35 - 00000000 ____D () C:\ProgramData\ATI
2014-03-16 19:32 - 2014-03-16 19:32 - 00000000 ____D () C:\Program Files\ATI
2014-03-16 19:29 - 2014-03-16 19:35 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-03-16 19:28 - 2014-03-16 19:28 - 00000000 ____D () C:\ATI
2014-03-16 19:26 - 2014-03-16 19:27 - 99710192 _____ (Advanced Micro Devices, Inc.) C:\Users\Dehzn\Downloads\10-2_legacy_vista32-64_dd_ccc.exe
2014-03-16 18:32 - 2014-03-16 18:32 - 00057560 _____ () C:\Users\Dehzn\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-16 11:24 - 2014-03-16 11:24 - 00000000 ____D () C:\Users\Dehzn\AppData\Local\Blizzard Entertainment
2014-03-15 14:30 - 2014-03-15 14:31 - 00001328 __RSH () C:\Users\Dehzn\ntuser.pol
2014-03-15 11:53 - 2014-03-15 11:53 - 00000000 ____D () C:\Users\Dehzn\AppData\Local\Blizzard
2014-03-15 11:52 - 2014-03-21 11:57 - 00000000 ____D () C:\Users\Dehzn\AppData\Local\Battle.net
2014-03-15 11:52 - 2014-03-20 22:33 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\Battle.net
2014-03-15 10:30 - 2014-03-15 10:30 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\LolClient
2014-03-15 10:11 - 2014-03-15 10:11 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\Macromedia
2014-03-15 10:11 - 2014-03-15 10:11 - 00000000 ____D () C:\Users\Dehzn\AppData\Local\Macromedia
2014-03-15 10:09 - 2014-03-15 10:09 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\Mozilla
2014-03-15 10:09 - 2014-03-15 10:09 - 00000000 ____D () C:\Users\Dehzn\AppData\Local\Mozilla
2014-03-14 23:15 - 2014-03-19 14:56 - 00000000 ____D () C:\Users\Dehzn\AppData\Local\VirtualStore
2014-03-14 23:15 - 2014-03-15 14:31 - 00000000 ____D () C:\Users\Dehzn
2014-03-14 23:15 - 2014-03-14 23:15 - 00000020 ___SH () C:\Users\Dehzn\ntuser.ini
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 _SHDL () C:\Users\Dehzn\Startmenü
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 _SHDL () C:\Users\Dehzn\Netzwerkumgebung
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 _SHDL () C:\Users\Dehzn\Druckumgebung
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 _SHDL () C:\Users\Dehzn\Documents\Eigene Musik
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 _SHDL () C:\Users\Dehzn\Documents\Eigene Bilder
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 _SHDL () C:\Users\Dehzn\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 _SHDL () C:\Users\Dehzn\AppData\Local\Verlauf
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\AVAST Software
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\Adobe
2014-03-14 23:15 - 2009-07-14 05:42 - 00000000 ___RD () C:\Users\Dehzn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-14 23:15 - 2009-07-14 05:37 - 00000000 ___RD () C:\Users\Dehzn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-14 23:08 - 2014-03-14 23:09 - 00651264 _____ () C:\Users\Dehz\Downloads\MicrosoftFixit50096.msi
2014-03-14 18:18 - 2014-03-14 21:09 - 00000062 _____ () C:\Users\Dehz\Desktop\ukw.txt
2014-03-14 13:36 - 2014-03-14 13:36 - 00000000 ____D () C:\Users\Dehz\AppData\Local\Blizzard Entertainment
2014-03-12 10:03 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 10:03 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 10:03 - 2014-03-01 05:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 10:03 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 10:03 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 10:03 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 10:03 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 10:03 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 10:03 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 10:03 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 10:03 - 2014-03-01 04:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 10:03 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 10:03 - 2014-03-01 04:31 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 10:03 - 2014-03-01 04:25 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 10:03 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 10:03 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 10:03 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 10:03 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 10:03 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 10:03 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 10:03 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 10:03 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 10:03 - 2014-02-07 02:07 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 10:03 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 10:03 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-07 18:06 - 2014-03-07 18:06 - 00000000 ____D () C:\Users\Dehz\Desktop\malware
2014-03-07 18:04 - 2014-03-12 11:07 - 00000000 ____D () C:\Users\Dehz\Desktop\docs
2014-03-07 18:04 - 2014-03-07 18:05 - 00000000 ____D () C:\Users\Dehz\Desktop\pics
2014-03-07 16:48 - 2014-03-07 16:48 - 00000000 ____D () C:\Users\Dehz\AppData\Local\Apps\2.0
2014-03-06 01:39 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-05 18:02 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-03-05 18:02 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-03-05 11:26 - 2014-03-05 11:26 - 00000000 ____D () C:\Program Files\Speccy
2014-03-05 11:24 - 2014-03-05 11:24 - 04845384 _____ (Piriform Ltd) C:\Users\Dehz\Downloads\spsetup125.exe
2014-03-05 10:15 - 2014-03-05 10:15 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\LolClient
2014-03-05 09:14 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-03-05 09:14 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-03-05 09:14 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-03-05 09:14 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-03-05 09:14 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-03-05 09:13 - 2014-03-05 09:13 - 00001613 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-03-05 09:13 - 2014-03-05 09:13 - 00000000 __SHD () C:\Windows\system32\AI_RecycleBin
2014-03-05 09:13 - 2014-03-05 09:13 - 00000000 ____D () C:\Riot Games
2014-03-05 09:08 - 2014-03-05 09:15 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\Riot Games
2014-03-05 09:08 - 2014-03-05 09:08 - 34888568 _____ (Riot Games) C:\Users\Dehz\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2014-03-05 08:36 - 2014-03-05 08:36 - 00000000 ____D () C:\Users\Dehz\AppData\Local\Blizzard
2014-03-05 08:25 - 2014-03-14 08:23 - 00000000 ____D () C:\Program Files\Hearthstone
2014-03-05 08:25 - 2014-03-05 08:25 - 00001119 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-03-05 08:24 - 2014-03-14 19:13 - 00000000 ____D () C:\Users\Dehz\AppData\Local\Battle.net
2014-03-05 08:24 - 2014-03-05 08:24 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\Battle.net
2014-03-05 08:23 - 2014-03-05 08:25 - 00000000 ____D () C:\Program Files\Common Files\Blizzard Entertainment
2014-03-05 08:23 - 2014-03-05 08:24 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-03-05 08:23 - 2014-03-05 08:24 - 00000000 ____D () C:\Program Files\Battle.net
2014-03-05 08:23 - 2014-03-05 08:23 - 00000000 ____D () C:\ProgramData\Battle.net
2014-03-05 08:22 - 2014-03-05 08:22 - 05971128 _____ (Blizzard Entertainment) C:\Users\Dehz\Downloads\Hearthstone-Beta-Setup-deDE.exe
2014-03-05 08:20 - 2014-03-05 08:20 - 01467128 _____ () C:\Users\Dehz\Downloads\SystemCheck_deDE.exe
2014-03-05 08:09 - 2014-03-05 08:09 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\Macromedia
2014-03-05 08:09 - 2014-03-05 08:09 - 00000000 ____D () C:\Users\Dehz\AppData\Local\Macromedia
2014-03-05 08:05 - 2014-03-23 23:59 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-05 08:05 - 2014-03-18 22:54 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-05 08:05 - 2014-03-18 22:54 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-03-05 08:05 - 2014-03-05 08:05 - 00000000 ____D () C:\Windows\system32\Macromed
2014-03-05 08:04 - 2014-03-18 23:00 - 00000000 ____D () C:\Users\Dehz\AppData\Local\Adobe
2014-03-05 00:44 - 2014-03-05 00:44 - 03969472 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-03-05 00:44 - 2014-03-05 00:44 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-03-05 00:44 - 2014-03-05 00:44 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-03-05 00:44 - 2014-03-05 00:44 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-03-05 00:44 - 2014-03-05 00:44 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-03-05 00:44 - 2014-03-05 00:44 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-03-05 00:44 - 2014-03-05 00:44 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-03-05 00:44 - 2014-03-05 00:44 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-03-05 00:44 - 2014-03-05 00:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-03-05 00:44 - 2014-03-05 00:44 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-03-05 00:43 - 2014-03-05 00:46 - 00011323 _____ () C:\Windows\IE11_main.log
2014-03-05 00:43 - 2014-03-05 00:43 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-03-05 00:43 - 2014-03-05 00:43 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-03-05 00:43 - 2014-03-05 00:43 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-03-05 00:37 - 2014-03-05 00:37 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\Malwarebytes
2014-03-05 00:37 - 2014-03-05 00:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-05 00:36 - 2014-03-05 00:37 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-05 00:36 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-05 00:35 - 2014-03-05 00:35 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Dehz\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-04 23:16 - 2014-03-04 23:16 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\Adobe
2014-03-04 22:23 - 2014-03-19 03:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-04 22:22 - 2014-03-19 03:00 - 87350280 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-04 22:20 - 2012-03-01 06:46 - 00019824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-03-04 22:20 - 2012-03-01 06:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-03-04 22:18 - 2014-03-04 22:20 - 00003995 _____ () C:\Windows\IE9_main.log
2014-03-04 22:17 - 2010-02-11 08:10 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-03-04 22:01 - 2014-03-04 22:01 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-03-04 21:59 - 2014-03-04 21:59 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-03-04 21:58 - 2014-03-04 21:58 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-03-04 21:57 - 2014-03-04 22:05 - 00014463 _____ () C:\Windows\IE10_main.log
2014-03-04 21:55 - 2012-06-06 06:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-03-04 21:55 - 2011-11-19 15:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-03-04 21:55 - 2011-05-24 11:44 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-03-04 21:54 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-03-04 21:54 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-03-04 21:54 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-03-04 21:54 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-03-04 21:54 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-03-04 21:54 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-03-04 21:54 - 2013-09-25 03:01 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-03-04 21:54 - 2013-09-25 03:01 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-03-04 21:54 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-03-04 21:54 - 2013-09-25 02:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-03-04 21:54 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-03-04 21:54 - 2013-09-25 02:56 - 01038848 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-03-04 21:54 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-03-04 21:54 - 2013-09-25 01:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-03-04 21:54 - 2013-09-25 01:49 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-03-04 21:54 - 2013-08-01 12:03 - 00729024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-03-04 21:54 - 2013-07-26 02:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-03-04 21:54 - 2013-07-26 02:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-03-04 21:54 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-03-04 21:54 - 2013-07-09 05:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-03-04 21:54 - 2013-07-09 05:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-03-04 21:54 - 2013-07-09 05:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-03-04 21:54 - 2013-07-09 05:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-03-04 21:54 - 2013-07-04 13:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-03-04 21:54 - 2013-05-13 04:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-03-04 21:54 - 2013-05-13 04:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-03-04 21:54 - 2013-04-12 14:45 - 01211752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-03-04 21:54 - 2013-04-10 06:18 - 00218984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-03-04 21:54 - 2013-03-19 05:48 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-03-04 21:54 - 2013-03-19 03:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-03-04 21:54 - 2013-02-15 05:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-03-04 21:54 - 2013-02-15 05:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-03-04 21:54 - 2013-02-15 04:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-03-04 21:54 - 2013-02-12 04:32 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-03-04 21:54 - 2012-11-02 06:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-03-04 21:54 - 2012-07-04 22:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-03-04 21:54 - 2012-07-04 22:14 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-03-04 21:54 - 2012-07-04 22:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-03-04 21:54 - 2011-12-16 08:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-03-04 21:54 - 2011-10-26 05:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-03-04 21:54 - 2011-10-26 05:32 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-03-04 21:54 - 2011-08-17 05:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-03-04 21:54 - 2011-08-17 05:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-03-04 21:54 - 2011-07-09 03:30 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-03-04 21:54 - 2011-04-29 03:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-03-04 21:54 - 2011-04-29 03:46 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-03-04 21:54 - 2011-04-29 03:46 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-03-04 21:54 - 2011-04-27 03:17 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-03-04 21:54 - 2011-04-27 03:17 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-03-04 21:54 - 2011-03-03 06:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-03-04 21:54 - 2011-03-03 06:38 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-03-04 21:54 - 2011-03-03 06:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-03-04 21:54 - 2010-12-23 06:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-03-04 21:54 - 2010-12-23 06:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-03-04 21:54 - 2010-12-23 06:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-03-04 21:53 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-03-04 21:53 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-03-04 21:53 - 2013-11-27 02:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-03-04 21:53 - 2013-11-27 02:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-03-04 21:53 - 2013-11-27 02:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-03-04 21:53 - 2013-11-27 02:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-03-04 21:53 - 2013-11-27 02:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-03-04 21:53 - 2013-11-27 02:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-03-04 21:53 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-03-04 21:53 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-03-04 21:53 - 2013-10-12 03:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-03-04 21:53 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-03-04 21:53 - 2013-10-04 02:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-03-04 21:53 - 2013-10-04 02:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-03-04 21:53 - 2013-10-03 02:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-03-04 21:53 - 2013-08-02 02:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-03-04 21:53 - 2013-08-02 02:49 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-03-04 21:53 - 2013-08-02 02:49 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 01:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-03-04 21:53 - 2013-08-02 01:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 01:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 01:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-03-04 21:53 - 2013-08-02 01:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-03-04 21:53 - 2013-07-25 09:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-03-04 21:53 - 2013-07-12 11:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-03-04 21:53 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-03-04 21:53 - 2013-07-03 04:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-03-04 21:53 - 2013-07-03 04:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-03-04 21:53 - 2013-06-25 23:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-03-04 21:53 - 2013-06-06 05:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-03-04 21:53 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-03-04 21:53 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-03-04 21:53 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-03-04 21:53 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-03-04 21:53 - 2013-04-26 05:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-03-04 21:53 - 2013-01-03 06:04 - 00187752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-03-04 21:53 - 2012-11-28 23:57 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-03-04 21:53 - 2012-11-28 23:57 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-03-04 21:53 - 2012-11-28 23:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-03-04 21:53 - 2012-11-01 05:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-03-04 21:53 - 2012-09-25 23:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-03-04 21:53 - 2012-08-22 18:16 - 00240496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-03-04 21:53 - 2012-08-11 00:56 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-03-04 21:53 - 2012-05-14 05:33 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-03-04 21:53 - 2012-04-28 04:17 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-03-04 21:53 - 2012-04-26 05:45 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-03-04 21:53 - 2012-04-26 05:45 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-03-04 21:53 - 2012-04-26 05:41 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-03-04 21:53 - 2012-03-17 08:27 - 00056176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-03-04 21:53 - 2011-11-17 06:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-03-04 21:53 - 2011-10-15 06:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-03-04 21:53 - 2011-08-27 05:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-03-04 21:53 - 2011-08-27 05:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-03-04 21:53 - 2011-06-15 09:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\odbcjt32.dll
2014-03-04 21:53 - 2011-06-15 09:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-03-04 21:53 - 2011-06-15 09:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-03-04 21:53 - 2011-06-15 09:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-03-04 21:53 - 2011-06-15 09:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-03-04 21:53 - 2011-05-03 05:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-03-04 21:53 - 2011-04-09 06:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-03-04 21:53 - 2011-03-11 06:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-03-04 21:53 - 2011-03-11 06:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-03-04 21:53 - 2011-02-23 05:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-03-04 21:52 - 2013-06-15 04:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-03-04 21:42 - 2013-02-27 06:05 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-03-04 21:42 - 2013-02-27 05:49 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-03-04 21:42 - 2013-02-27 05:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-03-04 21:28 - 2014-03-04 21:28 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\AVAST Software
2014-03-04 21:27 - 2014-03-04 21:27 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-03-04 21:27 - 2014-03-04 21:27 - 00410784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-03-04 21:27 - 2014-03-04 21:27 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-03-04 21:27 - 2014-03-04 21:27 - 00180248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-03-04 21:27 - 2014-03-04 21:27 - 00079720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-03-04 21:27 - 2014-03-04 21:27 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-03-04 21:27 - 2014-03-04 21:27 - 00064168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-03-04 21:27 - 2014-03-04 21:27 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-03-04 21:27 - 2014-03-04 21:27 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-04 21:26 - 2014-03-04 21:27 - 00000000 ____D () C:\Program Files\Avast
2014-03-04 21:24 - 2014-03-04 21:24 - 00057560 _____ () C:\Users\Dehz\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-04 21:24 - 2014-03-04 21:24 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-03-04 21:22 - 2014-03-04 21:22 - 90578216 _____ (AVAST Software) C:\Users\Dehz\Downloads\avast_free_antivirus_setup.exe
2014-03-04 21:17 - 2013-12-18 07:13 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-03-04 21:12 - 2014-03-04 21:13 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\Mozilla
2014-03-04 21:12 - 2014-03-04 21:13 - 00000000 ____D () C:\Users\Dehz\AppData\Local\Mozilla
2014-03-04 21:12 - 2014-03-04 21:12 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-04 21:12 - 2014-03-04 21:12 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-04 21:12 - 2014-03-04 21:12 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-04 21:11 - 2014-03-04 21:11 - 00283256 _____ (Mozilla) C:\Users\Dehz\Downloads\Firefox Setup Stub 27.0.1.exe
2014-03-04 20:54 - 2012-02-17 06:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-03-04 20:54 - 2012-02-17 05:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-03-04 20:50 - 2012-06-02 23:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-03-04 20:50 - 2012-06-02 23:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-03-04 20:50 - 2012-06-02 23:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-03-04 20:50 - 2012-06-02 23:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-03-04 20:50 - 2012-06-02 23:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-03-04 20:50 - 2012-06-02 23:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-03-04 20:50 - 2012-06-02 23:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-03-04 20:50 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-03-04 20:50 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-03-04 20:11 - 2014-03-04 20:11 - 00001413 _____ () C:\Users\Dehz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-04 20:10 - 2014-03-21 12:40 - 00000000 ____D () C:\Users\Dehz
2014-03-04 20:10 - 2014-03-04 20:10 - 00000020 ___SH () C:\Users\Dehz\ntuser.ini
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Dehz\Startmenü
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Dehz\Netzwerkumgebung
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Dehz\Druckumgebung
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Dehz\Documents\Eigene Musik
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Dehz\Documents\Eigene Bilder
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Dehz\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Dehz\AppData\Local\Verlauf
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Programme
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 __SHD () C:\Recovery
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 ____D () C:\Users\Dehz\AppData\Local\VirtualStore
2014-03-04 20:10 - 2009-07-14 05:42 - 00000000 ___RD () C:\Users\Dehz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-04 20:10 - 2009-07-14 05:37 - 00000000 ___RD () C:\Users\Dehz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-04 20:04 - 2014-03-24 00:30 - 01376421 _____ () C:\Windows\WindowsUpdate.log
2014-03-04 20:03 - 2014-03-04 20:03 - 00000000 _____ () C:\Windows\ativpsrm.bin
2014-03-04 20:01 - 2014-03-04 20:03 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-03-04 20:00 - 2014-03-04 20:10 - 00000000 ____D () C:\Windows\Panther

==================== One Month Modified Files and Folders =======

2014-03-24 00:48 - 2014-03-24 00:48 - 00004567 _____ () C:\Users\Dehzn\Downloads\FRST.txt
2014-03-24 00:48 - 2014-03-24 00:47 - 00000000 ____D () C:\FRST
2014-03-24 00:46 - 2014-03-24 00:46 - 01145856 _____ (Farbar) C:\Users\Dehzn\Downloads\FRST.exe
2014-03-24 00:30 - 2014-03-04 20:04 - 01376421 _____ () C:\Windows\WindowsUpdate.log
2014-03-24 00:05 - 2009-07-14 05:34 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-24 00:05 - 2009-07-14 05:34 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-24 00:03 - 2014-03-24 00:03 - 00380416 _____ () C:\Users\Dehzn\Downloads\Gmer-19357.exe
2014-03-24 00:03 - 2010-11-20 22:01 - 01472002 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-23 23:59 - 2014-03-05 08:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-23 23:58 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-23 23:58 - 2009-07-14 05:39 - 00029176 _____ () C:\Windows\setupact.log
2014-03-21 13:37 - 2014-03-21 13:12 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\JonDo
2014-03-21 13:21 - 2014-03-21 13:21 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JonDoFox
2014-03-21 13:19 - 2014-03-21 13:16 - 29640528 _____ (JonDos GmbH) C:\Users\Dehzn\Downloads\JonDoFox.paf.exe
2014-03-21 13:09 - 2014-03-21 13:08 - 00000000 ____D () C:\Program Files\JAP
2014-03-21 13:08 - 2014-03-21 13:08 - 00347664 _____ (JAP-Team) C:\Users\Dehzn\Downloads\japsetup.exe
2014-03-21 13:08 - 2014-03-21 13:08 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JAP
2014-03-21 12:40 - 2014-03-04 20:10 - 00000000 ____D () C:\Users\Dehz
2014-03-21 12:32 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-03-21 11:57 - 2014-03-15 11:52 - 00000000 ____D () C:\Users\Dehzn\AppData\Local\Battle.net
2014-03-21 11:50 - 2014-03-21 11:50 - 00000000 ____D () C:\ProgramData\OpenNIC
2014-03-21 11:48 - 2014-03-21 11:48 - 00000000 ____D () C:\Program Files\OpenNIC
2014-03-21 11:47 - 2014-03-21 11:47 - 06385630 _____ (The OpenNIC Project ) C:\Users\Dehzn\Downloads\OpenNIC Wizard 0.3.rc2.exe
2014-03-20 22:34 - 2014-03-20 22:34 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\Malwarebytes
2014-03-20 22:33 - 2014-03-15 11:52 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\Battle.net
2014-03-20 10:31 - 2010-11-20 22:48 - 00006046 _____ () C:\Windows\PFRO.log
2014-03-19 18:07 - 2014-03-19 15:26 - 00000000 ____D () C:\Program Files\Return to Castle Wolfenstein Multiplayer DEMO
2014-03-19 15:41 - 2014-03-19 15:41 - 00000000 ____D () C:\Program Files\7-Zip
2014-03-19 15:40 - 2014-03-19 15:40 - 01110476 _____ () C:\Users\Dehzn\Downloads\7z920.exe
2014-03-19 15:38 - 2014-03-19 15:38 - 01376768 _____ () C:\Users\Dehzn\Downloads\7z920-x64.msi
2014-03-19 15:26 - 2014-03-19 15:26 - 00001154 _____ () C:\Users\Dehzn\Desktop\Wolfenstein DEMO.lnk
2014-03-19 15:26 - 2014-03-19 15:26 - 00001154 _____ () C:\Users\Dehz\Desktop\Wolfenstein DEMO.lnk
2014-03-19 15:26 - 2014-03-19 15:26 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Return to Castle Wolfenstein Multiplayer DEMO
2014-03-19 14:56 - 2014-03-14 23:15 - 00000000 ____D () C:\Users\Dehzn\AppData\Local\VirtualStore
2014-03-19 14:54 - 2014-03-19 14:51 - 69500291 _____ () C:\Users\Dehzn\Downloads\wolf_mpdemo.exe
2014-03-19 14:49 - 2014-03-19 14:49 - 00539357 _____ () C:\Users\Dehzn\Downloads\RTCW_Demo_patched_master.exe
2014-03-19 03:01 - 2014-03-04 22:23 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-19 03:00 - 2014-03-04 22:22 - 87350280 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-18 23:00 - 2014-03-05 08:04 - 00000000 ____D () C:\Users\Dehz\AppData\Local\Adobe
2014-03-18 22:54 - 2014-03-05 08:05 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-18 22:54 - 2014-03-05 08:05 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-03-18 19:27 - 2014-03-18 19:27 - 00000000 _____ () C:\Users\Dehzn\Desktop\test.txt
2014-03-18 19:26 - 2014-03-18 16:25 - 00000000 ____D () C:\Users\Dehz\AppData\Local\Martin Fuchs
2014-03-18 16:25 - 2014-03-18 16:25 - 00007607 _____ () C:\Users\Dehz\AppData\Local\Resmon.ResmonCfg
2014-03-18 15:43 - 2014-03-18 15:43 - 00000000 ____D () C:\Users\Dehzn\AppData\Local\Martin Fuchs
2014-03-18 15:41 - 2014-03-18 15:41 - 00001007 _____ () C:\Users\Dehz\Desktop\Service Manager.lnk
2014-03-18 15:41 - 2014-03-18 15:41 - 00000000 ____D () C:\Program Files\Martin Fuchs
2014-03-18 15:40 - 2014-03-18 15:40 - 00583576 _____ (Martin Fuchs ) C:\Users\Dehzn\Downloads\servicemgr-setup-4.6.exe
2014-03-18 15:00 - 2014-03-18 15:00 - 00000000 ____D () C:\Program Files\HHD Software
2014-03-18 15:00 - 2014-03-18 15:00 - 00000000 ____D () C:\Program Files\Common Files\HHD Software
2014-03-18 14:58 - 2014-03-18 14:58 - 02967760 _____ (HHD Software) C:\Users\Dehzn\Downloads\free-serial-port-monitor.exe
2014-03-17 08:26 - 2014-03-17 08:26 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\ATI
2014-03-17 08:26 - 2014-03-17 08:26 - 00000000 ____D () C:\Users\Dehzn\AppData\Local\ATI
2014-03-16 19:35 - 2014-03-16 19:35 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\ATI
2014-03-16 19:35 - 2014-03-16 19:35 - 00000000 ____D () C:\Users\Dehz\AppData\Local\ATI
2014-03-16 19:35 - 2014-03-16 19:35 - 00000000 ____D () C:\ProgramData\ATI
2014-03-16 19:35 - 2014-03-16 19:29 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-03-16 19:32 - 2014-03-16 19:32 - 00000000 ____D () C:\Program Files\ATI
2014-03-16 19:28 - 2014-03-16 19:28 - 00000000 ____D () C:\ATI
2014-03-16 19:27 - 2014-03-16 19:26 - 99710192 _____ (Advanced Micro Devices, Inc.) C:\Users\Dehzn\Downloads\10-2_legacy_vista32-64_dd_ccc.exe
2014-03-16 19:22 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-16 18:32 - 2014-03-16 18:32 - 00057560 _____ () C:\Users\Dehzn\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-16 11:24 - 2014-03-16 11:24 - 00000000 ____D () C:\Users\Dehzn\AppData\Local\Blizzard Entertainment
2014-03-15 14:31 - 2014-03-15 14:30 - 00001328 __RSH () C:\Users\Dehzn\ntuser.pol
2014-03-15 14:31 - 2014-03-14 23:15 - 00000000 ____D () C:\Users\Dehzn
2014-03-15 14:30 - 2009-07-14 03:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-03-15 11:53 - 2014-03-15 11:53 - 00000000 ____D () C:\Users\Dehzn\AppData\Local\Blizzard
2014-03-15 10:30 - 2014-03-15 10:30 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\LolClient
2014-03-15 10:11 - 2014-03-15 10:11 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\Macromedia
2014-03-15 10:11 - 2014-03-15 10:11 - 00000000 ____D () C:\Users\Dehzn\AppData\Local\Macromedia
2014-03-15 10:09 - 2014-03-15 10:09 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\Mozilla
2014-03-15 10:09 - 2014-03-15 10:09 - 00000000 ____D () C:\Users\Dehzn\AppData\Local\Mozilla
2014-03-14 23:15 - 2014-03-14 23:15 - 00000020 ___SH () C:\Users\Dehzn\ntuser.ini
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 _SHDL () C:\Users\Dehzn\Startmenü
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 _SHDL () C:\Users\Dehzn\Netzwerkumgebung
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 _SHDL () C:\Users\Dehzn\Druckumgebung
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 _SHDL () C:\Users\Dehzn\Documents\Eigene Musik
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 _SHDL () C:\Users\Dehzn\Documents\Eigene Bilder
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 _SHDL () C:\Users\Dehzn\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 _SHDL () C:\Users\Dehzn\AppData\Local\Verlauf
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\AVAST Software
2014-03-14 23:15 - 2014-03-14 23:15 - 00000000 ____D () C:\Users\Dehzn\AppData\Roaming\Adobe
2014-03-14 23:09 - 2014-03-14 23:08 - 00651264 _____ () C:\Users\Dehz\Downloads\MicrosoftFixit50096.msi
2014-03-14 21:09 - 2014-03-14 18:18 - 00000062 _____ () C:\Users\Dehz\Desktop\ukw.txt
2014-03-14 19:13 - 2014-03-05 08:24 - 00000000 ____D () C:\Users\Dehz\AppData\Local\Battle.net
2014-03-14 13:36 - 2014-03-14 13:36 - 00000000 ____D () C:\Users\Dehz\AppData\Local\Blizzard Entertainment
2014-03-14 08:23 - 2014-03-05 08:25 - 00000000 ____D () C:\Program Files\Hearthstone
2014-03-13 11:16 - 2009-07-14 05:33 - 00265640 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-12 11:07 - 2014-03-07 18:04 - 00000000 ____D () C:\Users\Dehz\Desktop\docs
2014-03-07 18:06 - 2014-03-07 18:06 - 00000000 ____D () C:\Users\Dehz\Desktop\malware
2014-03-07 18:05 - 2014-03-07 18:04 - 00000000 ____D () C:\Users\Dehz\Desktop\pics
2014-03-07 16:48 - 2014-03-07 16:48 - 00000000 ____D () C:\Users\Dehz\AppData\Local\Apps\2.0
2014-03-05 22:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-03-05 11:26 - 2014-03-05 11:26 - 00000000 ____D () C:\Program Files\Speccy
2014-03-05 11:24 - 2014-03-05 11:24 - 04845384 _____ (Piriform Ltd) C:\Users\Dehz\Downloads\spsetup125.exe
2014-03-05 10:15 - 2014-03-05 10:15 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\LolClient
2014-03-05 09:15 - 2014-03-05 09:08 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\Riot Games
2014-03-05 09:13 - 2014-03-05 09:13 - 00001613 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-03-05 09:13 - 2014-03-05 09:13 - 00000000 __SHD () C:\Windows\system32\AI_RecycleBin
2014-03-05 09:13 - 2014-03-05 09:13 - 00000000 ____D () C:\Riot Games
2014-03-05 09:12 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-03-05 09:08 - 2014-03-05 09:08 - 34888568 _____ (Riot Games) C:\Users\Dehz\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2014-03-05 08:36 - 2014-03-05 08:36 - 00000000 ____D () C:\Users\Dehz\AppData\Local\Blizzard
2014-03-05 08:25 - 2014-03-05 08:25 - 00001119 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-03-05 08:25 - 2014-03-05 08:23 - 00000000 ____D () C:\Program Files\Common Files\Blizzard Entertainment
2014-03-05 08:24 - 2014-03-05 08:24 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\Battle.net
2014-03-05 08:24 - 2014-03-05 08:23 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-03-05 08:24 - 2014-03-05 08:23 - 00000000 ____D () C:\Program Files\Battle.net
2014-03-05 08:23 - 2014-03-05 08:23 - 00000000 ____D () C:\ProgramData\Battle.net
2014-03-05 08:22 - 2014-03-05 08:22 - 05971128 _____ (Blizzard Entertainment) C:\Users\Dehz\Downloads\Hearthstone-Beta-Setup-deDE.exe
2014-03-05 08:20 - 2014-03-05 08:20 - 01467128 _____ () C:\Users\Dehz\Downloads\SystemCheck_deDE.exe
2014-03-05 08:09 - 2014-03-05 08:09 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\Macromedia
2014-03-05 08:09 - 2014-03-05 08:09 - 00000000 ____D () C:\Users\Dehz\AppData\Local\Macromedia
2014-03-05 08:05 - 2014-03-05 08:05 - 00000000 ____D () C:\Windows\system32\Macromed
2014-03-05 00:46 - 2014-03-05 00:43 - 00011323 _____ () C:\Windows\IE11_main.log
2014-03-05 00:44 - 2014-03-05 00:44 - 03969472 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-03-05 00:44 - 2014-03-05 00:44 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-03-05 00:44 - 2014-03-05 00:44 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-03-05 00:44 - 2014-03-05 00:44 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-03-05 00:44 - 2014-03-05 00:44 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-03-05 00:44 - 2014-03-05 00:44 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-03-05 00:44 - 2014-03-05 00:44 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-03-05 00:44 - 2014-03-05 00:44 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-03-05 00:44 - 2014-03-05 00:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-03-05 00:44 - 2014-03-05 00:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-03-05 00:44 - 2014-03-05 00:44 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-03-05 00:43 - 2014-03-05 00:43 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-03-05 00:43 - 2014-03-05 00:43 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-03-05 00:43 - 2014-03-05 00:43 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-03-05 00:37 - 2014-03-05 00:37 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\Malwarebytes
2014-03-05 00:37 - 2014-03-05 00:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-05 00:37 - 2014-03-05 00:36 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-05 00:35 - 2014-03-05 00:35 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Dehz\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-04 23:32 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-03-04 23:16 - 2014-03-04 23:16 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\Adobe
2014-03-04 23:09 - 2009-07-14 05:52 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\zh-TW
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\zh-CN
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\sv-SE
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\ru-RU
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\pt-PT
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\pt-BR
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\pl-PL
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\nl-NL
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\nb-NO
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\ko-KR
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\ja-JP
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\it-IT
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\hu-HU
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\fr-FR
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\fi-FI
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\el-GR
2014-03-04 23:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\System
2014-03-04 22:20 - 2014-03-04 22:18 - 00003995 _____ () C:\Windows\IE9_main.log
2014-03-04 22:05 - 2014-03-04 21:57 - 00014463 _____ () C:\Windows\IE10_main.log
2014-03-04 22:01 - 2014-03-04 22:01 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-03-04 21:59 - 2014-03-04 21:59 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-03-04 21:59 - 2014-03-04 21:59 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-03-04 21:58 - 2014-03-04 21:58 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-03-04 21:28 - 2014-03-04 21:28 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\AVAST Software
2014-03-04 21:27 - 2014-03-04 21:27 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-03-04 21:27 - 2014-03-04 21:27 - 00410784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-03-04 21:27 - 2014-03-04 21:27 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-03-04 21:27 - 2014-03-04 21:27 - 00180248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-03-04 21:27 - 2014-03-04 21:27 - 00079720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-03-04 21:27 - 2014-03-04 21:27 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-03-04 21:27 - 2014-03-04 21:27 - 00064168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-03-04 21:27 - 2014-03-04 21:27 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-03-04 21:27 - 2014-03-04 21:27 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-04 21:27 - 2014-03-04 21:26 - 00000000 ____D () C:\Program Files\Avast
2014-03-04 21:24 - 2014-03-04 21:24 - 00057560 _____ () C:\Users\Dehz\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-04 21:24 - 2014-03-04 21:24 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-03-04 21:22 - 2014-03-04 21:22 - 90578216 _____ (AVAST Software) C:\Users\Dehz\Downloads\avast_free_antivirus_setup.exe
2014-03-04 21:13 - 2014-03-04 21:12 - 00000000 ____D () C:\Users\Dehz\AppData\Roaming\Mozilla
2014-03-04 21:13 - 2014-03-04 21:12 - 00000000 ____D () C:\Users\Dehz\AppData\Local\Mozilla
2014-03-04 21:12 - 2014-03-04 21:12 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-04 21:12 - 2014-03-04 21:12 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-04 21:12 - 2014-03-04 21:12 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-04 21:11 - 2014-03-04 21:11 - 00283256 _____ (Mozilla) C:\Users\Dehz\Downloads\Firefox Setup Stub 27.0.1.exe
2014-03-04 20:50 - 2009-07-14 05:52 - 00000000 ____D () C:\Windows\system32\restore
2014-03-04 20:11 - 2014-03-04 20:11 - 00001413 _____ () C:\Users\Dehz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-04 20:10 - 2014-03-04 20:10 - 00000020 ___SH () C:\Users\Dehz\ntuser.ini
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Dehz\Startmenü
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Dehz\Netzwerkumgebung
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Dehz\Druckumgebung
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Dehz\Documents\Eigene Musik
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Dehz\Documents\Eigene Bilder
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Dehz\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Dehz\AppData\Local\Verlauf
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\Programme
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 __SHD () C:\Recovery
2014-03-04 20:10 - 2014-03-04 20:10 - 00000000 ____D () C:\Users\Dehz\AppData\Local\VirtualStore
2014-03-04 20:10 - 2014-03-04 20:00 - 00000000 ____D () C:\Windows\Panther
2014-03-04 20:10 - 2009-07-14 03:37 - 00000000 __RHD () C:\Users\Default
2014-03-04 20:10 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Windows NT
2014-03-04 20:03 - 2014-03-04 20:03 - 00000000 _____ () C:\Windows\ativpsrm.bin
2014-03-04 20:03 - 2014-03-04 20:01 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-03-04 20:01 - 2011-04-12 02:39 - 00000000 ____D () C:\Windows\CSC
2014-03-04 20:01 - 2009-07-14 05:34 - 00002790 _____ () C:\Windows\DtcInstall.log
2014-03-01 05:30 - 2014-03-12 10:03 - 17074688 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 05:11 - 2014-03-12 10:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 05:10 - 2014-03-12 10:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 04:52 - 2014-03-12 10:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 04:51 - 2014-03-12 10:03 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-12 10:03 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 04:43 - 2014-03-12 10:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 04:43 - 2014-03-12 10:03 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 04:40 - 2014-03-12 10:03 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 04:38 - 2014-03-12 10:03 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 04:38 - 2014-03-12 10:03 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 04:37 - 2014-03-12 10:03 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 04:31 - 2014-03-12 10:03 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 04:25 - 2014-03-12 10:03 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 04:16 - 2014-03-12 10:03 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:14 - 2014-03-12 10:03 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:03 - 2014-03-12 10:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:00 - 2014-03-12 10:03 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 03:57 - 2014-03-12 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 03:32 - 2014-03-12 10:03 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 03:27 - 2014-03-12 10:03 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:25 - 2014-03-12 10:03 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---


Addition:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014  01
Ran by Dehzn at 2014-03-24 00:48:57
Running from C:\Users\Dehzn\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
ATI Catalyst Install Manager (HKLM\...\{47FDEFC7-BFE6-FD75-41D1-28DD572BD2D9}) (Version: 3.0.715.0 - ATI Technologies, Inc.)
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2013 - Avast Software)
Battle.net (HKLM\...\Battle.net) (Version:  - Blizzard Entertainment)
Catalyst Control Center - Branding (Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (Version: 2010.0210.2339.42455 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2010.0210.2339.42455 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2010.0210.2339.42455 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2010.0210.2339.42455 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2010.0210.2339.42455 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (Version: 2010.0210.2339.42455 - ATI) Hidden
Catalyst Control Center HydraVision Full (Version: 2010.0210.2339.42455 - ATI) Hidden
Catalyst Control Center InstallProxy (Version: 2010.0210.2339.42455 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2010.0210.2339.42455 - ATI) Hidden
CCC Help Chinese Standard (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Chinese Traditional (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Czech (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Danish (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Dutch (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help English (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Finnish (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help French (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help German (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Greek (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Hungarian (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Italian (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Japanese (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Korean (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Norwegian (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Polish (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Portuguese (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Russian (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Spanish (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Swedish (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Thai (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Turkish (Version: 2010.0210.2338.42455 - ATI) Hidden
ccc-core-static (Version: 2010.0210.2339.42455 - Ihr Firmenname) Hidden
ccc-utility (Version: 2010.0210.2339.42455 - ATI) Hidden
Hearthstone (HKLM\...\Hearthstone) (Version:  - Blizzard Entertainment)
HHD Software Free Serial Port Monitor 3.31 (HKLM\...\{3472693C-6EC5-41FA-B5B9-A22B11AEFE72}) (Version: 3.31.0.0000 - HHD Software)
JAP (HKLM\...\JAP) (Version: 00.19.001 - JAP-Team)
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 de) (HKLM\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
OpenNIC Wizard Version 0.3.rc2 (HKLM\...\{1D9BA5F4-E722-4670-804D-4BED7B4A26DA}_is1) (Version: 0.3.rc2 - The OpenNIC Project)
Return to Castle Wolfenstein Multiplayer DEMO (HKLM\...\Return to Castle Wolfenstein Multiplayer DEMO) (Version: Multiplayer DEMO - Activision, Inc.)
Service Manager 4.6 (HKLM\...\{047EED53-80D0-4763-A214-E45AE2D4A383}_is1) (Version: 4.6 - Martin Fuchs)
Skins (Version: 2010.0210.2339.42455 - ATI) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.25 - Piriform)

==================== Restore Points  =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?

==================== Loaded Modules (whitelisted) =============

2014-03-04 21:27 - 2014-03-04 21:27 - 19336120 _____ () C:\Program Files\Avast\libcef.dll
2014-03-16 19:35 - 2014-03-16 19:35 - 00014848 _____ () C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
2009-11-24 13:36 - 2009-11-24 13:36 - 00016384 ____R () C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-03-04 21:12 - 2014-02-13 01:36 - 03578992 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: Fax => 3

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/23/2014 11:59:44 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/21/2014 04:09:03 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/21/2014 03:43:11 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: League of Legends.exe, Version: 4.4.0.1858, Zeitstempel: 0x53214f63
Name des fehlerhaften Moduls: cgD3D9.dll, Version: 3.0.0.16, Zeitstempel: 0x4d55a06f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000b6539
ID des fehlerhaften Prozesses: 0xe88
Startzeit der fehlerhaften Anwendung: 0xLeague of Legends.exe0
Pfad der fehlerhaften Anwendung: League of Legends.exe1
Pfad des fehlerhaften Moduls: League of Legends.exe2
Berichtskennung: League of Legends.exe3

Error: (03/21/2014 00:35:01 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/21/2014 00:27:47 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/21/2014 11:53:50 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 27.0.1.5156, Zeitstempel: 0x52fc0faa
Name des fehlerhaften Moduls: xul.dll, Version: 27.0.1.5156, Zeitstempel: 0x52fc0f79
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001560c7
ID des fehlerhaften Prozesses: 0x740
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3

Error: (03/20/2014 09:40:37 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: League of Legends.exe, Version: 4.4.0.1858, Zeitstempel: 0x53214f63
Name des fehlerhaften Moduls: League of Legends.exe, Version: 4.4.0.1858, Zeitstempel: 0x53214f63
Ausnahmecode: 0xc0000005
Fehleroffset: 0x005787d0
ID des fehlerhaften Prozesses: 0x9d0
Startzeit der fehlerhaften Anwendung: 0xLeague of Legends.exe0
Pfad der fehlerhaften Anwendung: League of Legends.exe1
Pfad des fehlerhaften Moduls: League of Legends.exe2
Berichtskennung: League of Legends.exe3

Error: (03/20/2014 07:59:39 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: League of Legends.exe, Version: 4.4.0.1858, Zeitstempel: 0x53214f63
Name des fehlerhaften Moduls: League of Legends.exe, Version: 4.4.0.1858, Zeitstempel: 0x53214f63
Ausnahmecode: 0xc0000005
Fehleroffset: 0x003e871f
ID des fehlerhaften Prozesses: 0xc58
Startzeit der fehlerhaften Anwendung: 0xLeague of Legends.exe0
Pfad der fehlerhaften Anwendung: League of Legends.exe1
Pfad des fehlerhaften Moduls: League of Legends.exe2
Berichtskennung: League of Legends.exe3

Error: (03/20/2014 06:26:32 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: League of Legends.exe, Version: 4.4.0.1858, Zeitstempel: 0x53214f63
Name des fehlerhaften Moduls: League of Legends.exe, Version: 4.4.0.1858, Zeitstempel: 0x53214f63
Ausnahmecode: 0xc0000005
Fehleroffset: 0x003e871f
ID des fehlerhaften Prozesses: 0x134
Startzeit der fehlerhaften Anwendung: 0xLeague of Legends.exe0
Pfad der fehlerhaften Anwendung: League of Legends.exe1
Pfad des fehlerhaften Moduls: League of Legends.exe2
Berichtskennung: League of Legends.exe3

Error: (03/20/2014 10:33:38 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (03/23/2014 11:57:56 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.

Error: (03/23/2014 11:50:43 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.

Error: (03/21/2014 04:07:09 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.

Error: (03/21/2014 00:33:05 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.

Error: (03/21/2014 00:25:52 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.

Error: (03/21/2014 11:48:53 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "OpenNIC" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (03/20/2014 10:31:43 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.

Error: (03/19/2014 09:55:34 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.

Error: (03/18/2014 02:12:37 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.

Error: (03/17/2014 08:25:29 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.


Microsoft Office Sessions:
=========================
Error: (03/23/2014 11:59:44 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/21/2014 04:09:03 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/21/2014 03:43:11 PM) (Source: Application Error)(User: )
Description: League of Legends.exe4.4.0.185853214f63cgD3D9.dll3.0.0.164d55a06fc0000005000b6539e8801cf45137884baafC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\League of Legends.exeC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\cgD3D9.dll1fd4a5de-b107-11e3-a45f-001966266b64

Error: (03/21/2014 00:35:01 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/21/2014 00:27:47 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/21/2014 11:53:50 AM) (Source: Application Error)(User: )
Description: firefox.exe27.0.1.515652fc0faaxul.dll27.0.1.515652fc0f79c0000005001560c774001cf448a9d8c6e5bC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Mozilla Firefox\xul.dll15a537de-b0e7-11e3-9a0f-001966266b64

Error: (03/20/2014 09:40:37 PM) (Source: Application Error)(User: )
Description: League of Legends.exe4.4.0.185853214f63League of Legends.exe4.4.0.185853214f63c0000005005787d09d001cf4478ade64648C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\League of Legends.exeC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\League of Legends.exee3e164b0-b06f-11e3-9a0f-001966266b64

Error: (03/20/2014 07:59:39 PM) (Source: Application Error)(User: )
Description: League of Legends.exe4.4.0.185853214f63League of Legends.exe4.4.0.185853214f63c0000005003e871fc5801cf446bd2eee8d7C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\League of Legends.exeC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\League of Legends.exec915a935-b061-11e3-9a0f-001966266b64

Error: (03/20/2014 06:26:32 PM) (Source: Application Error)(User: )
Description: League of Legends.exe4.4.0.185853214f63League of Legends.exe4.4.0.185853214f63c0000005003e871f13401cf445ce2423395C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\League of Legends.exeC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\League of Legends.exec6fcd762-b054-11e3-9a0f-001966266b64

Error: (03/20/2014 10:33:38 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Percentage of memory in use: 32%
Total physical RAM: 3071.3 MB
Available physical RAM: 2058.14 MB
Total Pagefile: 6138.84 MB
Available Pagefile: 5092.57 MB
Total Virtual: 2047.88 MB
Available Virtual: 1908.91 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:204.21 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================
         
Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.03.23.11

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.16521
Dehz :: DEHZN [Administrator]

24.03.2014 00:56:58
mbam-log-2014-03-24 (00-56-58).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 226852
Laufzeit: 5 Minute(n), 15 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         

Alt 24.03.2014, 01:26   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
aswSnx.sys im drivers Ordner mit GMER gefunden. - Standard

aswSnx.sys im drivers Ordner mit GMER gefunden.



Zitat:
aswSnx.sys im drivers Ordner mit GMER gefunden.
Gehört zu Avast. Absolut kein Grund zur Aufregung.
__________________

__________________

Alt 24.03.2014, 02:02   #3
deddad
 
aswSnx.sys im drivers Ordner mit GMER gefunden. - Standard

aswSnx.sys im drivers Ordner mit GMER gefunden.



Danke!
__________________

Antwort

Themen zu aswSnx.sys im drivers Ordner mit GMER gefunden.
.dll, appdata, branding, bytes, c:\windows, code, csrss.exe, device, driver, folge, gmer, guten, harddisk, neues, ntoskrnl.exe, ordner, process, scan, service, services.exe, system, system32, temp, windows, windows 7, winlogon.exe




Ähnliche Themen: aswSnx.sys im drivers Ordner mit GMER gefunden.


  1. Yawtix Ordner gefunden !
    Log-Analyse und Auswertung - 16.07.2014 (3)
  2. Avira, Malware gefunden , Exploit EXP/CVE-2008-5353, GMER unterbrochen, Windows runtergefahren, Neustart erfolgreich
    Log-Analyse und Auswertung - 23.03.2013 (7)
  3. Mit Gmer ein Rootkit gefunden, wie löschen?
    Plagegeister aller Art und deren Bekämpfung - 28.09.2012 (3)
  4. 6 bedrohliche Dateien im Windows Ordner gefunden
    Log-Analyse und Auswertung - 27.09.2012 (29)
  5. PUM.Bad.Proxy und Trojan.Spyeyes durch Malwarebytes gefunden und gelöscht,OTL und gmer durchgelaufen
    Log-Analyse und Auswertung - 23.01.2012 (1)
  6. Adware.Agent und TR/Trash.Gen Trojan gefunden und bei Gmer was falsch gemacht :-(
    Plagegeister aller Art und deren Bekämpfung - 22.02.2011 (44)
  7. GMER hat Rootkit gefunden (vdrv1000.sys)
    Plagegeister aller Art und deren Bekämpfung - 15.02.2011 (5)
  8. Svchost.exe gefunden in Anwendungsdaten-Ordner
    Log-Analyse und Auswertung - 10.01.2011 (1)
  9. Virus im Ordner Windows/system32/drivers - Hijackthis logfile
    Log-Analyse und Auswertung - 22.06.2010 (34)
  10. Tr/Agent.ruo in C:\Windows\System32\drivers\d3dsviob.sys gefunden.
    Plagegeister aller Art und deren Bekämpfung - 25.05.2010 (11)
  11. Rootkit RKIT/Bubnix.S in C:\Windows\System32\drivers\...sys gefunden
    Log-Analyse und Auswertung - 20.05.2010 (3)
  12. Trojan.Dropper gefunden - angebl beseitigt GMER meldet Rootkit
    Plagegeister aller Art und deren Bekämpfung - 10.05.2010 (3)
  13. Trojaner DR/Agent.ruo in C:\Windows\system32\drivers\ntnbsw.sys gefunden
    Plagegeister aller Art und deren Bekämpfung - 01.04.2010 (6)
  14. GMER hat Rootkit gefunden!
    Plagegeister aller Art und deren Bekämpfung - 08.03.2010 (1)
  15. Rootkit mit Gmer gefunden
    Plagegeister aller Art und deren Bekämpfung - 03.03.2010 (5)
  16. Rootkit.Pakes-AA nicht vom GMER gefunden
    Plagegeister aller Art und deren Bekämpfung - 21.02.2010 (6)
  17. Trojaner mit GMER gefunden. Norton geht nicht mehr und Hochfahren macht macken.
    Plagegeister aller Art und deren Bekämpfung - 04.01.2010 (1)

Zum Thema aswSnx.sys im drivers Ordner mit GMER gefunden. - Guten Abend. Habe mir vor 3-4 Wochen ein neues Windows 7 System aufgesetzt. Argh..! Leider spuckte GMER folgendes aus: Code: Alles auswählen Aufklappen ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net Rootkit scan - aswSnx.sys im drivers Ordner mit GMER gefunden....
Archiv
Du betrachtest: aswSnx.sys im drivers Ordner mit GMER gefunden. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.