Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Windows 7 Ultimate: Trojan.Zbot.OLE (https://www.trojaner-board.de/145366-windows-7-ultimate-trojan-zbot-ole.html)

vaultdweller 30.11.2013 12:39
Windows 7 Ultimate: Trojan.Zbot.OLE
 
Hallo Support,

Malwarebytes hat angeschlagen, siehe LOG.

Bitte schaut mal drüber.

FRST logs schiebe ich nach.

Gruß,


VD



Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.11.30.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
vaultdweller :: VAULT15WIN [Administrator]

30.11.2013 11:28:10
mbam-log-2013-11-30 (11-28-10).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM | P2P
Deaktivierte Suchlaufeinstellungen:
Durchsuchte Objekte: 237737
Laufzeit: 3 Minute(n), 40 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\Larsi\AppData\Local\Temp\SxAUdz6P.zip.part (Trojan.Zbot.OLE) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

EDIT:

Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 11:42 on 30/11/2013 (vaultdweller)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-11-2013
Ran by vaultdweller (administrator) on VAULT15WIN on 30-11-2013 11:43:57
Running from C:\Users\Larsi\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
() C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [4090824 2012-11-16] (ESET)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13657304 2000-01-01] (Realtek Semiconductor)
HKCU\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2010-09-30] (AMD)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {96844809-DE64-41AA-BF33-73953147A8BE} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=902615&p={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\vaultdweller\AppData\Roaming\Mozilla\Firefox\Profiles\p7ti4vyk.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Password Manager 12\spmplugin3
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-30] (Advanced Micro Devices, Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [913184 2012-11-16] (ESET)
R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72280 2010-09-07] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [66872 2013-09-14] ()

==================== Drivers (Whitelisted) ====================

S3 AODDriver; C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys [52280 2010-03-12] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-01-05] ()
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [209808 2012-11-16] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [148528 2012-03-14] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [187632 2012-03-14] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [38288 2012-03-14] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62024 2012-11-16] (ESET)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-03-20] ()
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-10-30] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-01-05] ()
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-04-24] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-04-24] (RapidSolution Software AG)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 TEAM; system32\DRIVERS\RtTeam60.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
S3 VLAN; system32\DRIVERS\RtVLAN60.sys [x]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-30 11:43 - 2013-11-30 11:44 - 00008082 _____ C:\Users\Larsi\Desktop\FRST.txt
2013-11-30 11:43 - 2013-11-30 11:43 - 00000000 ____D C:\FRST
2013-11-30 11:42 - 2013-11-30 11:42 - 00000486 _____ C:\Users\Larsi\Desktop\defogger_disable.log
2013-11-30 11:42 - 2013-11-30 11:42 - 00000000 _____ C:\Users\vaultdweller\defogger_reenable
2013-11-30 11:41 - 2013-11-30 11:41 - 01959032 _____ (Farbar) C:\Users\Larsi\Desktop\FRST64.exe
2013-11-30 11:41 - 2013-11-30 11:41 - 00377856 _____ C:\Users\Larsi\Desktop\gmer_2.1.19163.exe
2013-11-30 11:40 - 2013-11-30 11:40 - 00050477 _____ C:\Users\Larsi\Desktop\Defogger.exe
2013-11-27 20:38 - 2013-11-27 21:06 - 00025320 _____ C:\Users\Larsi\Desktop\Brief 2.odt
2013-11-23 19:01 - 2013-11-26 19:43 - 00034611 _____ C:\Users\Larsi\Desktop\Klärender Brief.odt
2013-11-22 19:28 - 2013-11-22 19:28 - 21978136 _____ (Mozilla) C:\Users\Larsi\Downloads\Thunderbird Setup 24.1.1.exe
2013-11-17 00:20 - 2013-11-23 13:22 - 00000000 ____D C:\Users\Larsi\AppData\Roaming\vlc
2013-11-16 20:20 - 2013-11-16 20:20 - 01085542 _____ C:\Users\Larsi\Desktop\adwcleaner.exe
2013-11-16 20:07 - 2013-11-16 20:07 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2013-11-16 20:07 - 2013-11-16 20:07 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-11-16 20:05 - 2000-01-01 01:00 - 37850112 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2013-11-16 20:05 - 2000-01-01 01:00 - 27518208 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 14048512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 06217904 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 05681192 _____ C:\Windows\system32\Drivers\rtvienna.dat
2013-11-16 20:05 - 2000-01-01 01:00 - 05538072 _____ (ASUSTeKcomputer.Inc Inc) C:\Windows\system32\RTKSMlfx.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 03692632 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2013-11-16 20:05 - 2000-01-01 01:00 - 03610880 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 02810072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 02587352 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 02032896 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 01938608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 01916672 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2013-11-16 20:05 - 2000-01-01 01:00 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 01325312 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 01286360 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 01084160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 01021656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 01014016 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00922880 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00907008 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00897792 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00790272 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00765184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00754488 _____ (ASUSTeKcomputer.Inc Inc) C:\Windows\system32\RTKSMSettingsIPC.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00722688 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00673037 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2013-11-16 20:05 - 2000-01-01 01:00 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00617176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00605496 _____ C:\Windows\system32\audioLibVc.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00313520 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00260272 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00244480 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00151256 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00109848 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2013-11-16 20:05 - 2000-01-01 01:00 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2013-11-16 11:48 - 2013-11-16 11:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-13 18:07 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-11-13 18:07 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-11-13 18:07 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-11-13 18:07 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-11-13 18:07 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-11-13 18:07 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-11-13 18:07 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-11-13 18:07 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2013-11-13 18:07 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-11-13 18:07 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-11-13 18:07 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-11-13 18:07 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-11-13 18:07 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-11-13 18:07 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-11-13 18:07 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2013-11-13 18:07 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-11-13 18:07 - 2013-10-01 21:57 - 06578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-11-13 18:07 - 2013-10-01 21:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-11-13 18:04 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 18:04 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 18:04 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 18:04 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 18:04 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 18:04 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 18:04 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 18:04 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 18:04 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 18:04 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 18:04 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 18:04 - 2013-09-25 03:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2013-11-13 18:04 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 18:04 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 18:04 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 18:04 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 18:04 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 18:04 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 18:04 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 18:04 - 2013-09-25 02:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2013-11-13 18:04 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 18:04 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 18:04 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 18:04 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 18:04 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-13 18:03 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 18:03 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 18:03 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 18:03 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 18:03 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 18:03 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 18:03 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-12 21:09 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-12 21:06 - 2013-11-12 21:06 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-12 21:06 - 2013-11-12 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-12 21:06 - 2013-11-12 21:06 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-12 21:06 - 2013-11-12 21:06 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-12 21:06 - 2013-11-12 21:06 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-12 21:06 - 2013-11-12 21:06 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-12 21:06 - 2013-11-12 21:06 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-12 21:06 - 2013-11-12 21:06 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-12 21:06 - 2013-11-12 21:06 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-12 21:06 - 2013-11-12 21:06 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-12 21:06 - 2013-11-12 21:06 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-12 21:05 - 2013-11-12 21:09 - 00010074 _____ C:\Windows\IE11_main.log
2013-11-10 17:08 - 2013-11-10 17:10 - 89758744 _____ (Applied Computer Concepts Ltd.                              ) C:\Users\Larsi\Downloads\setupHIARCSChessExplorer-1.6.exe
2013-11-10 16:35 - 2013-11-10 16:35 - 00000677 _____ C:\Users\Larsi\Desktop\Steinitzer-BethO.pgn
2013-11-07 16:19 - 2013-11-07 16:19 - 00000628 _____ C:\Users\vaultdweller\Desktop\JRT.txt
2013-11-07 16:12 - 2013-11-07 16:12 - 01034531 _____ (Thisisu) C:\Users\Larsi\Desktop\JRT.exe
2013-11-06 22:38 - 2013-11-06 22:38 - 00001073 _____ C:\Users\Larsi\Desktop\Secunia PSI.lnk
2013-11-05 16:41 - 2013-11-05 16:41 - 59315028 _____ C:\Users\Larsi\Downloads\Skyrim_-_Directors_Cut_-_Unofficial_High_Resolution_Patch-1.1.3a.7z
2013-11-05 16:18 - 2013-11-05 16:19 - 107878313 _____ C:\Users\Larsi\Downloads\Skyrim_-_Directors_Cut-3.4-14026.7z
2013-11-05 12:18 - 2013-11-05 12:18 - 00000000 ____D C:\Users\Larsi\AppData\Local\Morrowind
2013-11-05 11:05 - 2013-11-05 11:05 - 00000233 _____ C:\Windows\Directx.log
2013-11-05 10:56 - 2013-11-05 10:56 - 00001964 _____ C:\Users\Public\Desktop\The Elder Scrolls Construction Set.lnk
2013-11-05 10:54 - 2013-11-05 10:54 - 00001042 _____ C:\Users\Public\Desktop\Morrowind.lnk
2013-11-05 10:54 - 2013-11-05 10:54 - 00000000 ____D C:\Program Files (x86)\Bethesda Softworks
2013-11-05 10:54 - 1998-06-17 19:07 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mfc42loc.dll
2013-11-05 09:29 - 2013-11-05 09:29 - 13228032 _____ (8 x 8 Media AG) C:\Users\Larsi\Desktop\chessimo.exe
2013-11-04 13:31 - 2013-11-04 18:03 - 00000000 ____D C:\Users\vaultdweller\AppData\Roaming\GlarySoft
2013-11-04 13:31 - 2013-11-04 13:31 - 02194784 _____ (Glarysoft.com                                              ) C:\Users\Larsi\Downloads\au29setup.exe
2013-11-04 11:24 - 2013-11-04 11:24 - 00001268 _____ C:\Users\vaultdweller\Desktop\Revo Uninstaller.lnk
2013-11-04 11:24 - 2013-11-04 11:24 - 00001268 _____ C:\Users\Larsi\Desktop\Revo Uninstaller.lnk
2013-11-04 11:24 - 2013-11-04 11:24 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-11-04 11:03 - 2013-11-04 11:04 - 39721880 _____ (Razer Inc.                                                  ) C:\Users\vaultdweller\Downloads\RazerGameBoosterSetup_4.0.68.0(1).exe
2013-11-03 20:13 - 2013-11-03 20:13 - 00000221 _____ C:\Users\Larsi\Desktop\The Elder Scrolls V Skyrim.url
2013-11-02 11:47 - 2013-11-02 11:47 - 01033335 _____ (Thisisu) C:\Users\Larsi\Downloads\JRT.exe
2013-11-02 11:28 - 2013-11-02 11:28 - 00000000 ____D C:\Dell
2013-11-02 11:24 - 2000-01-01 01:00 - 00016552 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\Drivers\AtiPcie64.sys
2013-11-02 11:19 - 2013-11-02 11:19 - 00000000 ____D C:\RaidTool
2013-11-02 11:19 - 2009-07-14 02:15 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Difx6650.rra
2013-11-02 11:14 - 2000-01-01 01:00 - 00123704 _____ (JMicron Technology Corp.) C:\Windows\system32\Drivers\jraid.sys
2013-11-02 11:10 - 2013-11-02 11:10 - 00000000 ____D C:\Users\vaultdweller\AppData\Local\SlimWare Utilities Inc
2013-11-02 11:09 - 2013-11-02 11:09 - 00002467 _____ C:\Users\Public\Desktop\SlimDrivers.lnk
2013-11-02 11:09 - 2013-11-02 11:09 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2013-11-02 02:13 - 2013-11-02 02:13 - 01839577 _____ C:\Users\Larsi\Downloads\stockfish-4-win.zip
2013-11-02 02:13 - 2013-11-02 02:13 - 00000000 ____D C:\Users\Larsi\Downloads\stockfish-4-win

==================== One Month Modified Files and Folders =======

2013-11-30 11:44 - 2013-11-30 11:43 - 00008082 _____ C:\Users\Larsi\Desktop\FRST.txt
2013-11-30 11:43 - 2013-11-30 11:43 - 00000000 ____D C:\FRST
2013-11-30 11:42 - 2013-11-30 11:42 - 00000486 _____ C:\Users\Larsi\Desktop\defogger_disable.log
2013-11-30 11:42 - 2013-11-30 11:42 - 00000000 _____ C:\Users\vaultdweller\defogger_reenable
2013-11-30 11:42 - 2012-12-25 19:50 - 00000000 ____D C:\Users\vaultdweller
2013-11-30 11:41 - 2013-11-30 11:41 - 01959032 _____ (Farbar) C:\Users\Larsi\Desktop\FRST64.exe
2013-11-30 11:41 - 2013-11-30 11:41 - 00377856 _____ C:\Users\Larsi\Desktop\gmer_2.1.19163.exe
2013-11-30 11:40 - 2013-11-30 11:40 - 00050477 _____ C:\Users\Larsi\Desktop\Defogger.exe
2013-11-30 11:28 - 2012-12-26 02:31 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-30 10:32 - 2009-07-14 05:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-30 10:32 - 2009-07-14 05:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-30 10:29 - 2009-07-14 18:58 - 00699416 _____ C:\Windows\system32\perfh007.dat
2013-11-30 10:29 - 2009-07-14 18:58 - 00149556 _____ C:\Windows\system32\perfc007.dat
2013-11-30 10:29 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-30 10:26 - 2013-10-14 20:24 - 01984300 _____ C:\Windows\WindowsUpdate.log
2013-11-30 10:25 - 2013-10-24 22:17 - 00000144 _____ C:\service.log
2013-11-30 10:25 - 2013-10-21 16:21 - 00006142 _____ C:\Windows\setupact.log
2013-11-30 10:25 - 2012-12-27 19:23 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2013-11-30 10:25 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-27 21:06 - 2013-11-27 20:38 - 00025320 _____ C:\Users\Larsi\Desktop\Brief 2.odt
2013-11-26 19:43 - 2013-11-23 19:01 - 00034611 _____ C:\Users\Larsi\Desktop\Klärender Brief.odt
2013-11-23 13:22 - 2013-11-17 00:20 - 00000000 ____D C:\Users\Larsi\AppData\Roaming\vlc
2013-11-23 10:44 - 2012-12-26 02:31 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-11-23 10:44 - 2012-12-26 02:30 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-23 10:44 - 2012-12-26 02:30 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-23 10:44 - 2012-12-25 20:22 - 00000000 ____D C:\Users\vaultdweller\AppData\Local\Adobe
2013-11-23 10:41 - 2012-12-25 20:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-22 19:29 - 2013-01-10 18:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-11-22 19:29 - 2012-12-25 22:45 - 00002090 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2013-11-22 19:28 - 2013-11-22 19:28 - 21978136 _____ (Mozilla) C:\Users\Larsi\Downloads\Thunderbird Setup 24.1.1.exe
2013-11-18 18:45 - 2013-10-21 16:21 - 00014120 _____ C:\Windows\PFRO.log
2013-11-17 19:22 - 2012-12-26 02:36 - 00000000 ____D C:\Program Files (x86)\Steam
2013-11-17 00:20 - 2013-09-20 20:21 - 00001070 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-11-16 20:21 - 2013-10-22 17:24 - 00000000 ____D C:\AdwCleaner
2013-11-16 20:20 - 2013-11-16 20:20 - 01085542 _____ C:\Users\Larsi\Desktop\adwcleaner.exe
2013-11-16 20:07 - 2013-11-16 20:07 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2013-11-16 20:07 - 2013-11-16 20:07 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-11-16 20:05 - 2012-12-25 20:01 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-16 16:13 - 2013-10-24 16:40 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-11-16 11:49 - 2013-11-16 11:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-13 22:24 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-13 18:51 - 2013-07-09 19:19 - 00000000 ____D C:\Users\Larsi\Desktop\Game Handbücher
2013-11-13 18:06 - 2013-08-03 11:07 - 00000000 ____D C:\Windows\system32\MRT
2013-11-13 18:05 - 2012-12-25 21:21 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-13 17:57 - 2012-12-26 03:18 - 00001425 _____ C:\Users\Larsi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-13 17:57 - 2012-12-25 19:41 - 00000000 ____D C:\Windows\Panther
2013-11-13 00:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-12 21:09 - 2013-11-12 21:05 - 00010074 _____ C:\Windows\IE11_main.log
2013-11-12 21:06 - 2013-11-12 21:06 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-12 21:06 - 2013-11-12 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-12 21:06 - 2013-11-12 21:06 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-12 21:06 - 2013-11-12 21:06 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-12 21:06 - 2013-11-12 21:06 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-12 21:06 - 2013-11-12 21:06 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-12 21:06 - 2013-11-12 21:06 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-12 21:06 - 2013-11-12 21:06 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-12 21:06 - 2013-11-12 21:06 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-12 21:06 - 2013-11-12 21:06 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-12 21:06 - 2013-11-12 21:06 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-10 17:11 - 2013-01-21 20:05 - 00001326 _____ C:\Users\Public\Desktop\HIARCS Chess Explorer.lnk
2013-11-10 17:11 - 2013-01-21 20:05 - 00000000 ____D C:\Program Files (x86)\HIARCS Chess
2013-11-10 17:10 - 2013-11-10 17:08 - 89758744 _____ (Applied Computer Concepts Ltd.                              ) C:\Users\Larsi\Downloads\setupHIARCSChessExplorer-1.6.exe
2013-11-10 16:35 - 2013-11-10 16:35 - 00000677 _____ C:\Users\Larsi\Desktop\Steinitzer-BethO.pgn
2013-11-09 16:06 - 2012-12-26 16:12 - 00000000 ____D C:\Users\Larsi\AppData\Local\Skyrim
2013-11-07 18:06 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-11-07 16:19 - 2013-11-07 16:19 - 00000628 _____ C:\Users\vaultdweller\Desktop\JRT.txt
2013-11-07 16:12 - 2013-11-07 16:12 - 01034531 _____ (Thisisu) C:\Users\Larsi\Desktop\JRT.exe
2013-11-07 16:11 - 2013-10-24 22:05 - 00891167 _____ C:\Users\Larsi\Desktop\SecurityCheck.exe
2013-11-06 22:38 - 2013-11-06 22:38 - 00001073 _____ C:\Users\Larsi\Desktop\Secunia PSI.lnk
2013-11-05 16:41 - 2013-11-05 16:41 - 59315028 _____ C:\Users\Larsi\Downloads\Skyrim_-_Directors_Cut_-_Unofficial_High_Resolution_Patch-1.1.3a.7z
2013-11-05 16:19 - 2013-11-05 16:18 - 107878313 _____ C:\Users\Larsi\Downloads\Skyrim_-_Directors_Cut-3.4-14026.7z
2013-11-05 12:20 - 2013-06-29 00:00 - 00000890 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2013-11-05 12:20 - 2013-06-29 00:00 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2013-11-05 12:18 - 2013-11-05 12:18 - 00000000 ____D C:\Users\Larsi\AppData\Local\Morrowind
2013-11-05 11:07 - 2013-01-01 20:06 - 00000000 ____D C:\Users\vaultdweller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-11-05 11:05 - 2013-11-05 11:05 - 00000233 _____ C:\Windows\Directx.log
2013-11-05 11:04 - 2012-12-31 23:52 - 00000000 ____D C:\Users\Larsi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-11-05 10:56 - 2013-11-05 10:56 - 00001964 _____ C:\Users\Public\Desktop\The Elder Scrolls Construction Set.lnk
2013-11-05 10:54 - 2013-11-05 10:54 - 00001042 _____ C:\Users\Public\Desktop\Morrowind.lnk
2013-11-05 10:54 - 2013-11-05 10:54 - 00000000 ____D C:\Program Files (x86)\Bethesda Softworks
2013-11-05 09:29 - 2013-11-05 09:29 - 13228032 _____ (8 x 8 Media AG) C:\Users\Larsi\Desktop\chessimo.exe
2013-11-05 09:29 - 2012-12-27 14:02 - 00000000 ____D C:\ProgramData\InstallMate
2013-11-05 09:13 - 2009-07-14 05:45 - 00351840 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-04 20:40 - 2012-12-25 22:26 - 00082048 _____ C:\Users\vaultdweller\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-04 18:03 - 2013-11-04 13:31 - 00000000 ____D C:\Users\vaultdweller\AppData\Roaming\GlarySoft
2013-11-04 13:31 - 2013-11-04 13:31 - 02194784 _____ (Glarysoft.com                                              ) C:\Users\Larsi\Downloads\au29setup.exe
2013-11-04 11:51 - 2012-12-25 22:19 - 00082048 _____ C:\Users\Larsi\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-04 11:34 - 2012-12-28 18:01 - 00000000 ____D C:\Users\vaultdweller\AppData\Roaming\ChessBase
2013-11-04 11:34 - 2012-12-28 17:39 - 00000000 ____D C:\Program Files (x86)\ChessBase
2013-11-04 11:34 - 2009-07-14 03:34 - 00000412 _____ C:\Windows\win.ini
2013-11-04 11:30 - 2013-05-04 22:27 - 00000000 ____D C:\Windows\Minidump
2013-11-04 11:24 - 2013-11-04 11:24 - 00001268 _____ C:\Users\vaultdweller\Desktop\Revo Uninstaller.lnk
2013-11-04 11:24 - 2013-11-04 11:24 - 00001268 _____ C:\Users\Larsi\Desktop\Revo Uninstaller.lnk
2013-11-04 11:24 - 2013-11-04 11:24 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-11-04 11:22 - 2013-10-28 20:17 - 00000000 ____D C:\Program Files (x86)\Razer
2013-11-04 11:22 - 2013-10-27 23:02 - 00000000 ____D C:\ProgramData\Razer
2013-11-04 11:04 - 2013-11-04 11:03 - 39721880 _____ (Razer Inc.                                                  ) C:\Users\vaultdweller\Downloads\RazerGameBoosterSetup_4.0.68.0(1).exe
2013-11-03 20:13 - 2013-11-03 20:13 - 00000221 _____ C:\Users\Larsi\Desktop\The Elder Scrolls V Skyrim.url
2013-11-02 11:47 - 2013-11-02 11:47 - 01033335 _____ (Thisisu) C:\Users\Larsi\Downloads\JRT.exe
2013-11-02 11:28 - 2013-11-02 11:28 - 00000000 ____D C:\Dell
2013-11-02 11:19 - 2013-11-02 11:19 - 00000000 ____D C:\RaidTool
2013-11-02 11:19 - 2013-01-01 15:53 - 00000000 ____D C:\Windows\RaidTool
2013-11-02 11:10 - 2013-11-02 11:10 - 00000000 ____D C:\Users\vaultdweller\AppData\Local\SlimWare Utilities Inc
2013-11-02 11:09 - 2013-11-02 11:09 - 00002467 _____ C:\Users\Public\Desktop\SlimDrivers.lnk
2013-11-02 11:09 - 2013-11-02 11:09 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2013-11-02 02:13 - 2013-11-02 02:13 - 01839577 _____ C:\Users\Larsi\Downloads\stockfish-4-win.zip
2013-11-02 02:13 - 2013-11-02 02:13 - 00000000 ____D C:\Users\Larsi\Downloads\stockfish-4-win
2013-10-31 16:19 - 2013-10-20 18:36 - 00000581 _____ C:\Users\Larsi\Desktop\Steinitzer-Griffin.ini

Some content of TEMP:
====================
C:\Users\Larsi\AppData\Local\temp\vlc-2.1.1-win32.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-23 12:27

==================== End Of Log ============================
--- --- ---

--- --- ---




Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-11-2013
Ran by vaultdweller at 2013-11-30 11:44:27
Running from C:\Users\Larsi\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: ESET Smart Security 5.2 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Smart Security 5.2 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal Firewall (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}

==================== Installed Programs ======================

@BIOS (x32 Version: 2.28)
1&1 EasyLogin (x32)
1&1 SmartFax (x32 Version: 2.00.224)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
ABBYY FineReader 6.0 Sprint (x32 Version: 6.00.1395.4512)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.152)
Age of Empires III (x32 Version: 1.00.0000)
AMD Accelerated Video Transcoding (Version: 13.15.100.30830)
AMD APP SDK Runtime (Version: 10.0.1084.4)
AMD Catalyst Control Center (x32 Version: 2013.0830.1944.33589)
AMD Catalyst Install Manager (Version: 8.0.915.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2013.0830.1944.33589)
AMD Media Foundation Decoders (Version: 1.0.80830.1925)
AMD USB Filter Driver (x32 Version: 1.0.15.94)
Apple Application Support (x32 Version: 2.3.4)
Apple Software Update (x32 Version: 2.1.3.127)
ATI AVIVO64 Codecs (Version: 11.6.0.50930)
ATI Problem Report Wizard (Version: 3.0.795.0)
Audials (x32 Version: 10.2.19305.500)
AutoGreen B12.0206.1 (x32 Version: 1.00.0000)
Binary Domain (x32)
Call of Duty: World at War (x32)
Camera RAW Plug-In for EPSON Creativity Suite (x32 Version: 2.2.0.0)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0830.1944.33589)
Catalyst Control Center InstallProxy (x32 Version: 2013.0830.1944.33589)
Catalyst Control Center Localization All (x32 Version: 2013.0830.1944.33589)
CCC Help Chinese Standard (x32 Version: 2013.0830.1943.33589)
CCC Help Chinese Traditional (x32 Version: 2013.0830.1943.33589)
CCC Help Czech (x32 Version: 2013.0830.1943.33589)
CCC Help Danish (x32 Version: 2013.0830.1943.33589)
CCC Help Dutch (x32 Version: 2013.0830.1943.33589)
CCC Help English (x32 Version: 2013.0830.1943.33589)
CCC Help Finnish (x32 Version: 2013.0830.1943.33589)
CCC Help French (x32 Version: 2013.0830.1943.33589)
CCC Help German (x32 Version: 2013.0830.1943.33589)
CCC Help Greek (x32 Version: 2013.0830.1943.33589)
CCC Help Hungarian (x32 Version: 2013.0830.1943.33589)
CCC Help Italian (x32 Version: 2013.0830.1943.33589)
CCC Help Japanese (x32 Version: 2013.0830.1943.33589)
CCC Help Korean (x32 Version: 2013.0830.1943.33589)
CCC Help Norwegian (x32 Version: 2013.0830.1943.33589)
CCC Help Polish (x32 Version: 2013.0830.1943.33589)
CCC Help Portuguese (x32 Version: 2013.0830.1943.33589)
CCC Help Russian (x32 Version: 2013.0830.1943.33589)
CCC Help Spanish (x32 Version: 2013.0830.1943.33589)
CCC Help Swedish (x32 Version: 2013.0830.1943.33589)
CCC Help Thai (x32 Version: 2013.0830.1943.33589)
CCC Help Turkish (x32 Version: 2013.0830.1943.33589)
ccc-utility64 (Version: 2013.0830.1944.33589)
chessimo 3.44 (Version: 3.44)
Chessmaster Grandmaster Edition (x32 Version: 1.00.0000)
Chessmaster Grandmaster Edition (x32 Version: 1.02.0000)
Company of Heroes - FAKEMSI (x32 Version: 2.0.0.0)
Company of Heroes (x32 Version: 2.602.0)
Dasher (x32)
Defraggler (Version: 2.16)
DGT Setup Wizard 1.2.12 (x32)
Die Siedler 7 (x32 Version: 1.12.1396)
Easy Tune 6 B12.1018.1 (x32 Version: 1.00.0000)
EasySaver B9.1214.1  (x32 Version: 1.00.0000)
EPSON Attach To Email (x32 Version: 1.01.0000)
EPSON Copy Utility 3 (x32 Version: 3.3.0.0)
EPSON Easy Photo Print (x32 Version: 1.5.0.0)
EPSON File Manager (x32 Version: 1.3.0.0)
EPSON Scan (x32)
EPSON Scan Assistant (x32 Version: 1.10.00)
EPSON Stylus CX7300_CX8300_DX7400_DX8400 Handbuch (x32)
EPSON-Drucker-Software
ESET Online Scanner v3 (x32)
ESET Smart Security (Version: 5.2.15.1)
Fable III (x32 Version: 1.0.0002.131)
FILEminimizer Pictures (x32)
Foxit Reader (x32 Version: 6.0.4.719)
Fritz for Fun 13 (x32 Version: 13.22.0.0)
Game Booster 3 (x32 Version: 3.0)
Grand Theft Auto IV (x32)
Grand Theft Auto: Episodes from Liberty City (x32)
Hazen (x32 Version: 1.0)
HIARCS Chess Explorer 1.6 (x32 Version: 1.6)
Hitman: Absolution (x32)
HydraVision (x32 Version: 4.2.180.0)
ImgBurn (x32 Version: 2.5.7.0)
Internet-Radio Player Version 2.01.5 (x32)
IrfanView (remove only) (x32 Version: 4.36)
JMicron JMB36X Driver (x32 Version: 1.17.65.11)
KeePass Password Safe 2.22 (x32)
L.A. Noire (x32)
LibreOffice 4.0 Help Pack (German) (x32 Version: 4.0.5.2)
LibreOffice 4.0.5.2 (x32 Version: 4.0.5.2)
Lucas Schach v. 7.02 (x32)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Mars: War Logs (x32)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30320)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (x32 Version: 11.0.50727.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Might & Magic Heroes VI - Shades of Darkness (x32 Version: 2.1.0)
Morrowind (x32)
Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 24.1.1)
Mozilla Thunderbird 24.1.1 (x86 de) (x32 Version: 24.1.1)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
NBA 2K13 (x32)
Need for Speed™ Undercover (x32 Version: 1.0.1.0)
Nexus Mod Manager (Version: 0.45.7)
NVIDIA PhysX (x32 Version: 9.12.1031)
ON_OFF Charge B12.1025.1 (x32 Version: 1.00.0001)
Origin (x32 Version: 9.1.15.109)
PunkBuster Services (x32 Version: 0.986)
QuickTime (x32 Version: 7.74.80.86)
RabbitQueen (64 bit) version 1.3_apr26_Win64 (Version: 1.3_apr26_Win64)
Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.6409)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.7071)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.30.0)
Revo Uninstaller 1.95 (x32 Version: 1.95)
Rockstar Games Social Club (x32 Version: 1.1.0.1)
Samsung Kies (x32 Version: 2.5.1.12123_2)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.27.0)
Sleeping Dogs™ (x32)
SlimDrivers (x32 Version: 2.2.32705)
SpellForce (x32 Version: SpellForce v1.52)
SpellForce 2 - Faith in Destiny (x32)
Spellforce 2 Gold (x32 Version: 1.00.0000)
Steam (x32 Version: 1.0.0.0)
TES Construction Set (x32)
The Elder Scrolls V: Skyrim (x32)
Torchlight (x32 Version: 1.0.0)
Torchlight II (x32)
Total War: SHOGUN 2 (x32)
TweakNow RegCleaner (x32 Version: 7.2.6)
Ubisoft Game Launcher (x32 Version: 1.0.0.0)
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1)
Viking: Battle for Asgard (x32)
VLC media player 2.1.0 (Version: 2.1.0)
VLC media player 2.1.1 (x32 Version: 2.1.1)
Warcraft III (x32)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)
WORLD IN CONFLICT: SOVIET ASSAULT (x32 Version: 1.0.1.0)

==================== Restore Points  =========================

06-11-2013 21:40:52 Windows Update
12-11-2013 20:05:28 Windows Update
13-11-2013 17:04:46 Windows Update
16-11-2013 15:12:21 Revo Uninstaller's restore point - Secunia PSI (3.0.0.8013)
16-11-2013 18:48:15 SlimDrivers Installing Drivers
16-11-2013 18:57:04 SlimDrivers Installing Drivers
23-11-2013 23:01:42 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 03:34 - 2013-10-24 22:21 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {1E7C7CC8-E7A3-4B58-9919-24615E9A8D97} - \PC SpeedUp Service Deactivator No Task File
Task: {A076F949-3A14-4858-A958-9109F5445CD9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-23] (Adobe Systems Incorporated)
Task: {CA8A3A6C-5077-467C-AF0B-9372A2AE2B72} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-08-30 18:47 - 2013-08-30 18:47 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-01-01 16:42 - 2009-03-13 11:30 - 00109096 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\YCC.DLL
2013-11-16 11:48 - 2013-11-16 11:49 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData:$SS_DESCRIPTOR_NBVUV6PKDVBGTLPHJKBUK1R0WTPLY2LB3W2PHDEX6J5T4BW9V4DLNNH2V1UY71VU5VVVVVJVTVVJVT
AlternateDataStreams: C:\Users\All Users:$SS_DESCRIPTOR_NBVUV6PKDVBGTLPHJKBUK1R0WTPLY2LB3W2PHDEX6J5T4BW9V4DLNNH2V1UY71VU5VVVVVJVTVVJVT
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:$SS_DESCRIPTOR_NBVUV6PKDVBGTLPHJKBUK1R0WTPLY2LB3W2PHDEX6J5T4BW9V4DLNNH2V1UY71VU5VVVVVJVTVVJVT
AlternateDataStreams: C:\ProgramData\Application Data:$SS_DESCRIPTOR_NBVUV6PKDVBGTLPHJKBUK1R0WTPLY2LB3W2PHDEX6J5T4BW9V4DLNNH2V1UY71VU5VVVVVJVTVVJVT
AlternateDataStreams: C:\ProgramData\TEMP:2270C8D2

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/29/2013 00:31:15 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/29/2013 00:31:09 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/29/2013 00:31:07 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/29/2013 00:31:04 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/29/2013 00:30:38 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/29/2013 00:30:25 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/29/2013 00:30:16 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/29/2013 00:30:11 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/29/2013 00:30:11 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/28/2013 09:05:29 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (11/30/2013 10:25:30 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (11/28/2013 07:20:59 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (11/27/2013 05:35:50 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (11/26/2013 06:52:35 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (11/25/2013 07:37:03 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (11/24/2013 06:56:22 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (11/24/2013 00:45:01 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (11/24/2013 10:54:39 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (11/23/2013 07:42:43 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (11/23/2013 01:13:38 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058


Microsoft Office Sessions:
=========================
Error: (11/29/2013 00:31:15 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (11/29/2013 00:31:09 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Program Files (x86)\RapidSolution\Audials 10\AudialsPlayer.exe

Error: (11/29/2013 00:31:07 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Program Files (x86)\RapidSolution\Audials 10\RSDriverManager.exe

Error: (11/29/2013 00:31:04 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Program Files (x86)\RapidSolution\Audials 10\USBUnplugMonitor.exe

Error: (11/29/2013 00:30:38 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Program Files (x86)\RapidSolution\Audials 10\DvdRipper.exe

Error: (11/29/2013 00:30:25 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Program Files (x86)\RapidSolution\Audials 10\ImportFormerAudialsVersionSettings.exe

Error: (11/29/2013 00:30:16 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Program Files (x86)\RapidSolution\Audials 10\CallUninstallSurvey.exe

Error: (11/29/2013 00:30:11 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Program Files (x86)\RapidSolution\Audials 10\MP3Normalizer.exe

Error: (11/29/2013 00:30:11 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Program Files (x86)\RapidSolution\Audials 10\PrivilegedHelper.exe

Error: (11/28/2013 09:05:29 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe


CodeIntegrity Errors:
===================================
  Date: 2013-10-24 23:21:13.814
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-10-24 23:21:13.767
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-10-24 23:21:13.720
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-10-24 23:21:13.674
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-10-21 17:39:16.078
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-10-21 17:39:16.031
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-04-20 22:59:24.388
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-04-20 22:59:24.355
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-04-20 22:59:20.513
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-04-20 22:59:20.479
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 24%
Total physical RAM: 8188.54 MB
Available physical RAM: 6155.51 MB
Total Pagefile: 32186.72 MB
Available Pagefile: 30123.56 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:381.48 GB) (Free:115.38 GB) NTFS
Drive e: (win7_swap) (Fixed) (Total:32 GB) (Free:8.47 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 9A102021)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=381 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=65 GB) - (Type=05)
Partition 4: (Not Active) - (Size=32 GB) - (Type=07 NTFS)

==================== End Of Log ============================


Code:
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-11-30 11:56:26
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\0000006c ST310005 rev.JC45 931,51GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\VAULTD~1\AppData\Local\Temp\fwtoipod.sys


---- User code sections - GMER 2.1 ----

.text  C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1612] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter        0000000075e88769 4 bytes [C2, 04, 00, 00]
.text  C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1612] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69            0000000075331465 2 bytes [33, 75]
.text  C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[1612] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155            00000000753314bb 2 bytes [33, 75]
.text  ...                                                                                                                              * 2
.text  C:\Windows\SysWOW64\PnkBstrA.exe[1740] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322                                          0000000072531a22 2 bytes [53, 72]
.text  C:\Windows\SysWOW64\PnkBstrA.exe[1740] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496                                          0000000072531ad0 2 bytes [53, 72]
.text  C:\Windows\SysWOW64\PnkBstrA.exe[1740] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552                                          0000000072531b08 2 bytes [53, 72]
.text  C:\Windows\SysWOW64\PnkBstrA.exe[1740] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730                                          0000000072531bba 2 bytes [53, 72]
.text  C:\Windows\SysWOW64\PnkBstrA.exe[1740] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762                                          0000000072531bda 2 bytes [53, 72]
.text  C:\Program Files (x86)\Samsung\Kies\Kies.exe[1416] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                      0000000075331465 2 bytes [33, 75]
.text  C:\Program Files (x86)\Samsung\Kies\Kies.exe[1416] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                      00000000753314bb 2 bytes [33, 75]
.text  ...                                                                                                                              * 2
.text  C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[1408] C:\Windows\SysWOW64\ntdll.dll!DbgBreakPoint      000000007776000c 1 byte [C3]
.text  C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[1408] C:\Windows\SysWOW64\ntdll.dll!DbgUiRemoteBreakin  00000000777ef8ea 5 bytes JMP 000000017779d5c1

---- Disk sectors - GMER 2.1 ----

Disk  \Device\Harddisk0\DR0                                                                                                            unknown MBR code

---- EOF - GMER 2.1 ----

schrauber 30.11.2013 14:10
hi,
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

vaultdweller 30.11.2013 14:49
Code:
ComboFix 13-11-27.01 - vaultdweller 30.11.2013  13:37:58.1.6 - x64
Microsoft Windows 7 Ultimate  6.1.7601.1.1252.49.1031.18.8189.6338 [GMT 1:00]
ausgeführt von:: c:\users\Larsi\Desktop\ComboFix.exe
AV: ESET Smart Security 5.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET Personal Firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\FlashPlayerApp.exe
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-10-28 bis 2013-11-30  ))))))))))))))))))))))))))))))
.
.
2013-11-30 11:17 . 2013-11-30 11:17        --------        d-----w-        c:\windows\SysWow64\RTCOM
2013-11-30 11:15 . 2013-11-30 11:15        --------        d-----w-        c:\programdata\ATI
2013-11-30 11:13 . 2013-11-30 11:13        --------        d-----w-        c:\program files (x86)\AMD AVT
2013-11-30 11:07 . 2013-11-30 11:10        --------        d-----w-        C:\923bdbb9d938ecdb6cc97b
2013-11-30 11:06 . 2013-11-30 11:06        --------        d-----w-        C:\AMD
2013-11-30 10:43 . 2013-11-30 10:43        --------        d-----w-        C:\FRST
2013-11-13 17:04 . 2013-09-25 02:22        340992        ----a-w-        c:\windows\system32\schannel.dll
2013-11-13 17:03 . 2013-10-03 02:23        404480        ----a-w-        c:\windows\system32\gdi32.dll
2013-11-13 17:03 . 2013-10-03 02:00        311808        ----a-w-        c:\windows\SysWow64\gdi32.dll
2013-11-13 17:03 . 2013-10-12 02:30        830464        ----a-w-        c:\windows\system32\nshwfp.dll
2013-11-13 17:03 . 2013-10-12 02:29        859648        ----a-w-        c:\windows\system32\IKEEXT.DLL
2013-11-13 17:03 . 2013-10-12 02:29        324096        ----a-w-        c:\windows\system32\FWPUCLNT.DLL
2013-11-13 17:03 . 2013-10-12 02:01        216576        ----a-w-        c:\windows\SysWow64\FWPUCLNT.DLL
2013-11-13 17:03 . 2013-10-12 02:03        656896        ----a-w-        c:\windows\SysWow64\nshwfp.dll
2013-11-12 20:09 . 2013-10-14 17:00        28368        ----a-w-        c:\windows\system32\IEUDINIT.EXE
2013-11-05 11:18 . 2013-11-05 11:18        --------        d-----w-        c:\users\Larsi\AppData\Local\Morrowind
2013-11-05 09:54 . 1998-06-17 18:07        57344        ----a-w-        c:\windows\SysWow64\Mfc42loc.dll
2013-11-05 09:54 . 2013-11-05 09:54        --------        d-----w-        c:\program files (x86)\Bethesda Softworks
2013-11-05 09:53 . 2001-09-05 04:18        225280        ------w-        c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2013-11-05 09:53 . 2000-10-05 15:55        77824        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2013-11-05 09:53 . 2000-10-05 15:50        176128        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2013-11-05 09:53 . 2000-10-05 15:49        32768        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2013-11-04 12:42 . 2013-11-04 12:42        18456        ----a-w-        c:\windows\system32\drivers\psi_mf_amd64.sys
2013-11-04 12:31 . 2013-11-04 17:03        --------        d-----w-        c:\users\vaultdweller\AppData\Roaming\GlarySoft
2013-11-04 10:24 . 2013-11-04 10:24        --------        d-----w-        c:\program files (x86)\VS Revo Group
2013-11-02 10:28 . 2013-11-02 10:28        --------        d-----w-        C:\Dell
2013-11-02 10:24 . 2013-11-02 10:24        --------        d-----w-        C:\CIMTEMP
2013-11-02 10:24 . 2000-01-01 00:00        16552        ----a-w-        c:\windows\system32\drivers\AtiPcie64.sys
2013-11-02 10:19 . 2009-07-14 01:15        315904        ----a-w-        c:\windows\SysWow64\Difx6650.rra
2013-11-02 10:19 . 2013-11-02 10:19        --------        d-----w-        C:\RaidTool
2013-11-02 10:14 . 2000-01-01 00:00        123704        ----a-w-        c:\windows\system32\drivers\jraid.sys
2013-11-02 10:10 . 2013-11-30 10:58        16152        ----a-w-        c:\windows\system32\drivers\SWDUMon.sys
2013-11-02 10:10 . 2013-11-02 10:10        --------        d-----w-        c:\users\vaultdweller\AppData\Local\SlimWare Utilities Inc
2013-11-02 10:09 . 2013-11-02 10:09        --------        d-----w-        c:\program files (x86)\SlimDrivers
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-30 11:27 . 2012-12-26 01:30        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-30 11:18 . 2012-12-27 18:23        25640        ----a-w-        c:\windows\gdrv.sys
2013-11-13 17:05 . 2012-12-25 20:21        82896128        ----a-w-        c:\windows\system32\MRT.exe
2013-10-30 17:55 . 2012-12-26 22:00        25640        ----a-w-        c:\windows\etdrv.sys
2013-10-30 17:55 . 2012-12-26 02:12        30528        ----a-w-        c:\windows\GVTDrv64.sys
2013-10-26 02:12 . 2013-10-26 02:12        789416        ----a-w-        c:\windows\SysWow64\deployJava1.dll
2013-10-14 07:12 . 2013-10-22 16:04        10280728        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{FE9D5DD9-A5DF-4A3F-B1C2-7B84B5D7B7A2}\mpengine.dll
2013-10-10 09:56 . 2013-10-10 09:56        7808        ----a-w-        c:\windows\system32\drivers\usbd.sys
2013-10-10 09:56 . 2013-10-10 09:56        52736        ----a-w-        c:\windows\system32\drivers\usbehci.sys
2013-10-10 09:56 . 2013-10-10 09:56        343040        ----a-w-        c:\windows\system32\drivers\usbhub.sys
2013-10-10 09:56 . 2013-10-10 09:56        30720        ----a-w-        c:\windows\system32\drivers\usbuhci.sys
2013-10-10 09:56 . 2013-10-10 09:56        25600        ----a-w-        c:\windows\system32\drivers\usbohci.sys
2013-10-10 09:56 . 2013-10-10 09:56        99840        ----a-w-        c:\windows\system32\drivers\usbccgp.sys
2013-10-10 09:56 . 2013-10-10 09:56        325120        ----a-w-        c:\windows\system32\drivers\usbport.sys
2013-10-08 14:01 . 2013-10-08 14:01        78432        ----a-w-        c:\windows\system32\atimpc64.dll
2013-10-08 14:01 . 2013-10-08 14:01        78432        ----a-w-        c:\windows\system32\amdpcom64.dll
2013-10-08 14:01 . 2013-10-08 14:01        71704        ----a-w-        c:\windows\SysWow64\atimpc32.dll
2013-10-08 14:01 . 2013-10-08 14:01        71704        ----a-w-        c:\windows\SysWow64\amdpcom32.dll
2013-10-08 14:01 . 2013-10-08 14:01        142792        ----a-w-        c:\windows\system32\atiuxp64.dll
2013-10-08 14:01 . 2013-10-08 14:01        125824        ----a-w-        c:\windows\SysWow64\atiuxpag.dll
2013-10-08 14:01 . 2013-10-08 14:01        97984        ----a-w-        c:\windows\SysWow64\atiu9pag.dll
2013-10-08 14:01 . 2013-10-08 14:01        114488        ----a-w-        c:\windows\system32\atiu9p64.dll
2013-10-08 14:01 . 2013-10-08 14:01        1237200        ----a-w-        c:\windows\system32\aticfx64.dll
2013-10-08 14:01 . 2013-10-08 14:01        1030128        ----a-w-        c:\windows\SysWow64\aticfx32.dll
2013-10-08 14:00 . 2013-10-08 14:00        9464840        ----a-w-        c:\windows\system32\atidxx64.dll
2013-10-08 14:00 . 2013-10-08 14:00        8215992        ----a-w-        c:\windows\SysWow64\atidxx32.dll
2013-10-08 14:00 . 2013-10-08 14:00        6176008        ----a-w-        c:\windows\SysWow64\atiumdva.dll
2013-10-08 14:00 . 2013-10-08 14:00        6189416        ----a-w-        c:\windows\SysWow64\atiumdag.dll
2013-10-08 14:00 . 2013-10-08 14:00        6767240        ----a-w-        c:\windows\system32\atiumd6a.dll
2013-10-08 14:00 . 2013-10-08 14:00        7256496        ----a-w-        c:\windows\system32\atiumd64.dll
2013-10-08 13:58 . 2013-10-08 13:58        12534784        ----a-w-        c:\windows\system32\drivers\atikmdag.sys
2013-10-08 13:39 . 2013-10-08 13:39        229376        ----a-w-        c:\windows\system32\clinfo.exe
2013-10-08 13:39 . 2013-10-08 13:39        98816        ----a-w-        c:\windows\system32\OpenVideo64.dll
2013-10-08 13:38 . 2013-10-08 13:38        83456        ----a-w-        c:\windows\SysWow64\OpenVideo.dll
2013-10-08 13:38 . 2013-10-08 13:38        127488        ----a-w-        c:\windows\system32\coinst_13.152.1.8.dll
2013-10-08 13:38 . 2013-10-08 13:38        86528        ----a-w-        c:\windows\system32\OVDecode64.dll
2013-10-08 13:38 . 2013-10-08 13:38        73216        ----a-w-        c:\windows\SysWow64\OVDecode.dll
2013-10-08 13:38 . 2013-10-08 13:38        28192256        ----a-w-        c:\windows\system32\amdocl64.dll
2013-10-08 13:36 . 2013-10-08 13:36        23761408        ----a-w-        c:\windows\SysWow64\amdocl.dll
2013-10-08 13:34 . 2013-10-08 13:34        63488        ----a-w-        c:\windows\system32\OpenCL.dll
2013-10-08 13:34 . 2013-10-08 13:34        57344        ----a-w-        c:\windows\SysWow64\OpenCL.dll
2013-10-08 13:17 . 2013-10-08 13:17        25385984        ----a-w-        c:\windows\system32\atio6axx.dll
2013-10-08 13:13 . 2013-10-08 13:13        368640        ----a-w-        c:\windows\system32\atiapfxx.exe
2013-10-08 13:13 . 2013-10-08 13:13        62464        ----a-w-        c:\windows\system32\aticalrt64.dll
2013-10-08 13:13 . 2013-10-08 13:13        52224        ----a-w-        c:\windows\SysWow64\aticalrt.dll
2013-10-08 13:13 . 2013-10-08 13:13        55808        ----a-w-        c:\windows\system32\aticalcl64.dll
2013-10-08 13:13 . 2013-10-08 13:13        49152        ----a-w-        c:\windows\SysWow64\aticalcl.dll
2013-10-08 13:13 . 2013-10-08 13:13        15716352        ----a-w-        c:\windows\system32\aticaldd64.dll
2013-10-08 13:09 . 2013-10-08 13:09        14302208        ----a-w-        c:\windows\SysWow64\aticaldd.dll
2013-10-08 13:00 . 2013-10-08 13:00        21400064        ----a-w-        c:\windows\SysWow64\atioglxx.dll
2013-10-08 12:54 . 2013-10-08 12:54        442368        ----a-w-        c:\windows\system32\atidemgy.dll
2013-10-08 12:53 . 2013-10-08 12:53        26112        ----a-w-        c:\windows\system32\atimuixx.dll
2013-10-08 12:53 . 2013-10-08 12:53        576512        ----a-w-        c:\windows\system32\atieclxx.exe
2013-10-08 12:52 . 2013-10-08 12:52        239616        ----a-w-        c:\windows\system32\atiesrxx.exe
2013-10-08 12:51 . 2013-10-08 12:51        190976        ----a-w-        c:\windows\system32\atitmm64.dll
2013-10-08 12:28 . 2013-10-08 12:28        784384        ----a-w-        c:\windows\system32\atiadlxx.dll
2013-10-08 12:28 . 2013-10-08 12:28        594944        ----a-w-        c:\windows\SysWow64\atiadlxy.dll
2013-10-08 12:28 . 2013-10-08 12:28        75264        ----a-w-        c:\windows\system32\atig6pxx.dll
2013-10-08 12:28 . 2013-10-08 12:28        69632        ----a-w-        c:\windows\SysWow64\atiglpxx.dll
2013-10-08 12:28 . 2013-10-08 12:28        69632        ----a-w-        c:\windows\system32\atiglpxx.dll
2013-10-08 12:28 . 2013-10-08 12:28        100352        ----a-w-        c:\windows\system32\atig6txx.dll
2013-10-08 12:27 . 2013-10-08 12:27        96768        ----a-w-        c:\windows\SysWow64\atigktxx.dll
2013-10-08 12:27 . 2013-10-08 12:27        619008        ----a-w-        c:\windows\system32\drivers\atikmpag.sys
2013-10-08 12:24 . 2013-10-08 12:24        43520        ----a-w-        c:\windows\system32\drivers\ati2erec.dll
2013-10-08 08:50 . 2013-10-08 08:50        51200        ----a-w-        c:\windows\system32\kdbsdk64.dll
2013-10-08 08:45 . 2013-10-08 08:45        38912        ----a-w-        c:\windows\SysWow64\kdbsdk32.dll
2013-09-22 16:16 . 2009-08-18 11:49        564632        ----a-w-        c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2013-09-22 16:15 . 2009-08-18 10:24        22240        ----a-w-        c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-09-22 16:07 . 2013-09-22 16:07        178800        ----a-w-        c:\windows\SysWow64\CmdLineExt_x64.dll
2013-09-22 14:04 . 2013-04-22 18:05        183112        ----a-w-        c:\windows\SysWow64\PnkBstrB.exe
2013-09-14 20:15 . 2013-07-20 19:49        682280        ----a-w-        c:\windows\SysWow64\pbsvc.exe
2013-09-14 20:15 . 2013-04-22 18:05        66872        ----a-w-        c:\windows\SysWow64\PnkBstrA.exe
2013-09-08 02:30 . 2013-10-10 08:21        1903552        ----a-w-        c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:27 . 2013-10-10 08:21        327168        ----a-w-        c:\windows\system32\mswsock.dll
2013-09-08 02:03 . 2013-10-10 08:21        231424        ----a-w-        c:\windows\SysWow64\mswsock.dll
2013-09-03 12:35 . 2012-12-26 11:50        278800        ------w-        c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2010-09-30 393216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-10-08 766208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
R3 AODDriver;AODDriver;c:\program files (x86)\Gigabyte\ET6\amd64\AODDriver.sys;c:\program files (x86)\Gigabyte\ET6\amd64\AODDriver.sys [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys;c:\windows\etdrv.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RRNetCap;RRNetCap Service;c:\windows\system32\DRIVERS\rrnetcap.sys;c:\windows\SYSNATIVE\DRIVERS\rrnetcap.sys [x]
R3 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam60.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 VLAN;Realtek Virtual Miniport Driver for VLAN (NDIS 6.2);c:\windows\system32\DRIVERS\RtVLAN60.sys;c:\windows\SYSNATIVE\DRIVERS\RtVLAN60.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 ES lite Service;ES lite Service for program management.;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE [x]
S2 JMB36X;JMB36X;c:\windows\SysWOW64\XSrvSetup.exe;c:\windows\SysWOW64\XSrvSetup.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RRNetCapMP;RRNetCapMP;c:\windows\system32\DRIVERS\rrnetcap.sys;c:\windows\SYSNATIVE\DRIVERS\rrnetcap.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - PSI
.
Inhalt des "geplante Tasks" Ordners
.
2013-11-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-26 11:27]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-11-16 4090824]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2000-01-01 13662936]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = 
uStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\vaultdweller\AppData\Roaming\Mozilla\Firefox\Profiles\p7ti4vyk.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3556137546-2340306670-1020852520-1000\Software\SecuROM\License information*]
"datasecu"=hex:c5,4b,0f,a0,02,bd,89,57,a8,5b,02,75,62,36,7e,8d,fb,cf,17,24,2f,
  c2,25,46,d5,fb,34,7e,cf,1d,1b,48,49,31,95,74,38,c4,ad,1e,38,62,1e,33,8e,e0,\
"rkeysecu"=hex:ee,12,9c,cf,af,d7,76,07,fa,5b,fd,7b,c3,d1,66,1e
.
[HKEY_USERS\S-1-5-21-3556137546-2340306670-1020852520-1001\Software\SecuROM\License information*]
"datasecu"=hex:64,6d,7b,97,82,15,58,e2,52,47,39,e7,c1,36,92,d2,8e,bc,bb,16,19,
  58,ae,75,2c,b3,64,bf,46,0b,a0,17,b5,53,ae,b8,e5,02,fe,39,07,42,e3,31,b9,a8,\
"rkeysecu"=hex:f4,c1,db,7a,87,98,e9,d7,1e,02,5d,aa,5b,6d,fa,79
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-11-30  13:43:23
ComboFix-quarantined-files.txt  2013-11-30 12:43
.
Vor Suchlauf: 16 Verzeichnis(se), 123.550.490.624 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 123.554.803.712 Bytes frei
.
- - End Of File - - CD0B86EA1A651A05DD8904A332BD3BED
003FD7A06C0B5C37B9922A6A2D583034

schrauber 01.12.2013 10:11
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

vaultdweller 01.12.2013 14:39
Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.12.01.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
vaultdweller :: VAULT15WIN [Administrator]

01.12.2013 12:49:45
mbam-log-2013-12-01 (12-49-45).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM | P2P
Deaktivierte Suchlaufeinstellungen:
Durchsuchte Objekte: 237621
Laufzeit: 4 Minute(n), 32 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
AdwCleaner Logfile:
Code:
# AdwCleaner v3.010 - Bericht erstellt am 23/10/2013 um 22:49:04
# Updated 20/10/2013 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : vaultdweller - VAULT15
# Gestartet von : C:\Users\Larsi\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16720


-\\ Mozilla Firefox v24.0 (de)

[ Datei : C:\Users\vaultdweller\AppData\Roaming\Mozilla\Firefox\Profiles\p7ti4vyk.default\prefs.js ]


[ Datei : C:\Users\Larsi\AppData\Roaming\Mozilla\Firefox\Profiles\1lk5idx5.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [3879 octets] - [22/10/2013 18:24:20]
AdwCleaner[R1].txt - [1026 octets] - [23/10/2013 20:39:47]
AdwCleaner[R2].txt - [1145 octets] - [23/10/2013 22:48:22]
AdwCleaner[S0].txt - [3709 octets] - [22/10/2013 18:26:47]
AdwCleaner[S1].txt - [1088 octets] - [23/10/2013 20:40:48]
AdwCleaner[S2].txt - [1069 octets] - [23/10/2013 22:49:04]

########## EOF - \AdwCleaner\AdwCleaner[S2].txt - [1129 octets] ##########
--- --- ---
AdwCleaner Logfile:
Code:
# AdwCleaner v3.013 - Bericht erstellt am 01/12/2013 um 13:00:15
# Updated 24/11/2013 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : vaultdweller - VAULT15WIN
# Gestartet von : C:\Users\Larsi\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v25.0.1 (de)

[ Datei : C:\Users\vaultdweller\AppData\Roaming\Mozilla\Firefox\Profiles\p7ti4vyk.default\prefs.js ]


[ Datei : C:\Users\Larsi\AppData\Roaming\Mozilla\Firefox\Profiles\1lk5idx5.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [8005 octets] - [22/10/2013 17:24:20]
AdwCleaner[R1].txt - [5155 octets] - [23/10/2013 19:39:47]
AdwCleaner[R2].txt - [3834 octets] - [23/10/2013 21:48:22]
AdwCleaner[R3].txt - [2659 octets] - [27/10/2013 00:20:00]
AdwCleaner[R4].txt - [4463 octets] - [27/10/2013 22:45:52]
AdwCleaner[R5].txt - [1389 octets] - [27/10/2013 23:26:12]
AdwCleaner[S0].txt - [7516 octets] - [22/10/2013 17:26:47]
AdwCleaner[S1].txt - [6525 octets] - [23/10/2013 19:40:48]
AdwCleaner[S2].txt - [2743 octets] - [23/10/2013 21:49:04]

########## EOF - \AdwCleaner\AdwCleaner[S2].txt - [2803 octets] ##########
--- --- ---



Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Ultimate x64
Ran by vaultdweller on 01.12.2013 at 13:07:20,63
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.12.2013 at 13:11:06,19
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Keine Ahnung warum ADW-Log zweimal gepostet wurde (das erste noch dazu veraltet). Ich hab nur aus der aufpoppenden Textdatei mit Strg-A kopiert.


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-12-2013
Ran by vaultdweller (administrator) on VAULT15WIN on 01-12-2013 13:28:13
Running from C:\Users\Larsi\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
() C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [4090824 2012-11-16] (ESET)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2000-01-01] (Realtek Semiconductor)
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [26624 2010-11-20] (Microsoft Corporation)
HKCU\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2010-09-30] (AMD)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-08] (Advanced Micro Devices, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {96844809-DE64-41AA-BF33-73953147A8BE} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=902615&p={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\vaultdweller\AppData\Roaming\Mozilla\Firefox\Profiles\p7ti4vyk.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Password Manager 12\spmplugin3
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-10-08] (Advanced Micro Devices, Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [913184 2012-11-16] (ESET)
R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72280 2010-09-07] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [66872 2013-09-14] ()
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-11-04] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-11-04] (Secunia)

==================== Drivers (Whitelisted) ====================

S3 AODDriver; C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys [52280 2010-03-12] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-01-05] ()
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [209808 2012-11-16] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [148528 2012-03-14] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [187632 2012-03-14] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [38288 2012-03-14] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62024 2012-11-16] (ESET)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-03-20] ()
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-10-30] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-01-05] ()
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-11-04] (Secunia)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-04-24] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-04-24] (RapidSolution Software AG)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2013-11-30] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 TEAM; system32\DRIVERS\RtTeam60.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
S3 VLAN; system32\DRIVERS\RtVLAN60.sys [x]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-01 13:28 - 2013-12-01 13:28 - 00008475 _____ C:\Users\Larsi\Desktop\FRST.txt
2013-12-01 13:27 - 2013-12-01 13:27 - 01959184 _____ (Farbar) C:\Users\Larsi\Desktop\FRST64.exe
2013-12-01 13:25 - 2013-12-01 13:26 - 01959184 _____ (Farbar) C:\Users\vaultdweller\Downloads\FRST64.exe
2013-12-01 13:11 - 2013-12-01 13:11 - 00000628 _____ C:\Users\vaultdweller\Desktop\JRT.txt
2013-12-01 12:57 - 2013-12-01 12:57 - 01091882 _____ C:\Users\Larsi\Desktop\adwcleaner.exe
2013-12-01 12:56 - 2013-12-01 12:56 - 01091882 _____ C:\Users\Larsi\Downloads\adwcleaner.exe
2013-12-01 12:47 - 2013-12-01 12:47 - 00024298 _____ C:\ComboFix.txt
2013-11-30 13:37 - 2013-12-01 12:47 - 00000000 ____D C:\Qoobox
2013-11-30 13:37 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-11-30 13:37 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-11-30 13:37 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-11-30 13:37 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-11-30 13:37 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-11-30 13:37 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-11-30 13:37 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-11-30 13:37 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-11-30 13:35 - 2013-11-30 13:35 - 05150163 ____R (Swearware) C:\Users\Larsi\Desktop\ComboFix.exe
2013-11-30 12:22 - 2013-11-30 12:22 - 03865488 _____ (Secunia) C:\Users\Larsi\Downloads\PSI9015Setup.exe
2013-11-30 12:17 - 2013-11-30 12:17 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-11-30 12:16 - 2000-01-01 01:00 - 38385664 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2013-11-30 12:16 - 2000-01-01 01:00 - 27644160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 14152960 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 06217904 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 05751576 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 05681192 _____ C:\Windows\system32\Drivers\rtvienna.dat
2013-11-30 12:16 - 2000-01-01 01:00 - 03714304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 03707864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2013-11-30 12:16 - 2000-01-01 01:00 - 02810072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 02587864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 02036992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 01938608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 01921792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2013-11-30 12:16 - 2000-01-01 01:00 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 01345280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 01286400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 01286360 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 01084160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 01021656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 01014016 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 01012992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00929080 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00907008 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00897792 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00790272 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00722688 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00681905 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2013-11-30 12:16 - 2000-01-01 01:00 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00617176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00605496 _____ C:\Windows\system32\audioLibVc.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00313520 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00260272 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00244480 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00153304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00109848 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2013-11-30 12:15 - 2013-11-30 12:15 - 00000000 ____D C:\ProgramData\ATI
2013-11-30 12:13 - 2013-11-30 12:13 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-11-30 12:12 - 2013-11-30 12:12 - 00060993 _____ C:\Windows\SysWOW64\CCCInstall_201311301212527916.log
2013-11-30 12:07 - 2013-11-30 12:10 - 00000000 ____D C:\923bdbb9d938ecdb6cc97b
2013-11-30 12:06 - 2013-11-30 12:06 - 00000000 ____D C:\AMD
2013-11-30 11:43 - 2013-11-30 11:43 - 00000000 ____D C:\FRST
2013-11-30 11:42 - 2013-11-30 11:42 - 00000000 _____ C:\Users\vaultdweller\defogger_reenable
2013-11-30 11:41 - 2013-11-30 11:41 - 00377856 _____ C:\Users\Larsi\Desktop\gmer_2.1.19163.exe
2013-11-30 11:40 - 2013-11-30 11:40 - 00050477 _____ C:\Users\Larsi\Desktop\Defogger.exe
2013-11-27 20:38 - 2013-11-27 21:06 - 00025320 _____ C:\Users\Larsi\Desktop\Brief 2.odt
2013-11-23 19:01 - 2013-11-26 19:43 - 00034611 _____ C:\Users\Larsi\Desktop\Klärender Brief.odt
2013-11-22 19:28 - 2013-11-22 19:28 - 21978136 _____ (Mozilla) C:\Users\Larsi\Downloads\Thunderbird Setup 24.1.1.exe
2013-11-16 20:07 - 2013-11-16 20:07 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2013-11-16 11:48 - 2013-11-16 11:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-13 18:07 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-11-13 18:07 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-11-13 18:07 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-11-13 18:07 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-11-13 18:07 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-11-13 18:07 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-11-13 18:07 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-11-13 18:07 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2013-11-13 18:07 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-11-13 18:07 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-11-13 18:07 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-11-13 18:07 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-11-13 18:07 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-11-13 18:07 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-11-13 18:07 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2013-11-13 18:07 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-11-13 18:07 - 2013-10-01 21:57 - 06578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-11-13 18:07 - 2013-10-01 21:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-11-13 18:04 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 18:04 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 18:04 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 18:04 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 18:04 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 18:04 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 18:04 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 18:04 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 18:04 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 18:04 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 18:04 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 18:04 - 2013-09-25 03:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2013-11-13 18:04 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 18:04 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 18:04 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 18:04 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 18:04 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 18:04 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 18:04 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 18:04 - 2013-09-25 02:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2013-11-13 18:04 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 18:04 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 18:04 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 18:04 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 18:04 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-13 18:03 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 18:03 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 18:03 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 18:03 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 18:03 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 18:03 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 18:03 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-12 21:09 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-12 21:06 - 2013-11-12 21:06 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-12 21:06 - 2013-11-12 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-12 21:06 - 2013-11-12 21:06 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-12 21:06 - 2013-11-12 21:06 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-12 21:06 - 2013-11-12 21:06 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-12 21:06 - 2013-11-12 21:06 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-12 21:06 - 2013-11-12 21:06 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-12 21:06 - 2013-11-12 21:06 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-12 21:06 - 2013-11-12 21:06 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-12 21:06 - 2013-11-12 21:06 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-12 21:06 - 2013-11-12 21:06 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-12 21:05 - 2013-11-12 21:09 - 00010074 _____ C:\Windows\IE11_main.log
2013-11-10 17:08 - 2013-11-10 17:10 - 89758744 _____ (Applied Computer Concepts Ltd.                              ) C:\Users\Larsi\Downloads\setupHIARCSChessExplorer-1.6.exe
2013-11-10 16:35 - 2013-11-10 16:35 - 00000677 _____ C:\Users\Larsi\Desktop\Steinitzer-BethO.pgn
2013-11-07 16:12 - 2013-12-01 12:58 - 01034531 _____ (Thisisu) C:\Users\Larsi\Desktop\JRT.exe
2013-11-06 22:38 - 2013-11-06 22:38 - 00001073 _____ C:\Users\Larsi\Desktop\Secunia PSI.lnk
2013-11-05 16:41 - 2013-11-05 16:41 - 59315028 _____ C:\Users\Larsi\Downloads\Skyrim_-_Directors_Cut_-_Unofficial_High_Resolution_Patch-1.1.3a.7z
2013-11-05 16:18 - 2013-11-05 16:19 - 107878313 _____ C:\Users\Larsi\Downloads\Skyrim_-_Directors_Cut-3.4-14026.7z
2013-11-05 12:18 - 2013-11-05 12:18 - 00000000 ____D C:\Users\Larsi\AppData\Local\Morrowind
2013-11-05 11:05 - 2013-11-05 11:05 - 00000233 _____ C:\Windows\Directx.log
2013-11-05 10:56 - 2013-11-05 10:56 - 00001964 _____ C:\Users\Public\Desktop\The Elder Scrolls Construction Set.lnk
2013-11-05 10:54 - 2013-11-05 10:54 - 00001042 _____ C:\Users\Public\Desktop\Morrowind.lnk
2013-11-05 10:54 - 2013-11-05 10:54 - 00000000 ____D C:\Program Files (x86)\Bethesda Softworks
2013-11-05 10:54 - 1998-06-17 19:07 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mfc42loc.dll
2013-11-05 09:29 - 2013-11-05 09:29 - 13228032 _____ (8 x 8 Media AG) C:\Users\Larsi\Desktop\chessimo.exe
2013-11-04 13:42 - 2013-11-04 13:42 - 00018456 _____ (Secunia) C:\Windows\system32\Drivers\psi_mf_amd64.sys
2013-11-04 13:31 - 2013-11-04 18:03 - 00000000 ____D C:\Users\vaultdweller\AppData\Roaming\GlarySoft
2013-11-04 13:31 - 2013-11-04 13:31 - 02194784 _____ (Glarysoft.com                                              ) C:\Users\Larsi\Downloads\au29setup.exe
2013-11-04 11:24 - 2013-11-04 11:24 - 00001268 _____ C:\Users\vaultdweller\Desktop\Revo Uninstaller.lnk
2013-11-04 11:24 - 2013-11-04 11:24 - 00001268 _____ C:\Users\Larsi\Desktop\Revo Uninstaller.lnk
2013-11-04 11:24 - 2013-11-04 11:24 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-11-04 11:03 - 2013-11-04 11:04 - 39721880 _____ (Razer Inc.                                                  ) C:\Users\vaultdweller\Downloads\RazerGameBoosterSetup_4.0.68.0(1).exe
2013-11-03 20:13 - 2013-11-03 20:13 - 00000221 _____ C:\Users\Larsi\Desktop\The Elder Scrolls V Skyrim.url
2013-11-02 11:47 - 2013-11-02 11:47 - 01033335 _____ (Thisisu) C:\Users\Larsi\Downloads\JRT.exe
2013-11-02 11:28 - 2013-11-02 11:28 - 00000000 ____D C:\Dell
2013-11-02 11:24 - 2000-01-01 01:00 - 00016552 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\Drivers\AtiPcie64.sys
2013-11-02 11:19 - 2013-11-02 11:19 - 00000000 ____D C:\RaidTool
2013-11-02 11:19 - 2009-07-14 02:15 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Difx6650.rra
2013-11-02 11:14 - 2000-01-01 01:00 - 00123704 _____ (JMicron Technology Corp.) C:\Windows\system32\Drivers\jraid.sys
2013-11-02 11:10 - 2013-11-30 13:53 - 00016152 _____ C:\Windows\system32\Drivers\SWDUMon.sys
2013-11-02 11:10 - 2013-11-02 11:10 - 00000000 ____D C:\Users\vaultdweller\AppData\Local\SlimWare Utilities Inc
2013-11-02 11:09 - 2013-11-02 11:09 - 00002467 _____ C:\Users\Public\Desktop\SlimDrivers.lnk
2013-11-02 11:09 - 2013-11-02 11:09 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2013-11-02 02:13 - 2013-11-02 02:13 - 01839577 _____ C:\Users\Larsi\Downloads\stockfish-4-win.zip
2013-11-02 02:13 - 2013-11-02 02:13 - 00000000 ____D C:\Users\Larsi\Downloads\stockfish-4-win

==================== One Month Modified Files and Folders =======

2013-12-01 13:28 - 2013-12-01 13:28 - 00008475 _____ C:\Users\Larsi\Desktop\FRST.txt
2013-12-01 13:28 - 2012-12-26 02:31 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-01 13:27 - 2013-12-01 13:27 - 01959184 _____ (Farbar) C:\Users\Larsi\Desktop\FRST64.exe
2013-12-01 13:26 - 2013-12-01 13:25 - 01959184 _____ (Farbar) C:\Users\vaultdweller\Downloads\FRST64.exe
2013-12-01 13:23 - 2009-07-14 05:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-01 13:23 - 2009-07-14 05:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-01 13:20 - 2009-07-14 18:58 - 00699416 _____ C:\Windows\system32\perfh007.dat
2013-12-01 13:20 - 2009-07-14 18:58 - 00149556 _____ C:\Windows\system32\perfc007.dat
2013-12-01 13:20 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-01 13:16 - 2013-10-24 22:17 - 00000144 _____ C:\service.log
2013-12-01 13:15 - 2013-10-21 16:21 - 00008411 _____ C:\Windows\setupact.log
2013-12-01 13:15 - 2013-10-14 20:24 - 01106501 _____ C:\Windows\WindowsUpdate.log
2013-12-01 13:15 - 2012-12-27 19:23 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2013-12-01 13:15 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-01 13:11 - 2013-12-01 13:11 - 00000628 _____ C:\Users\vaultdweller\Desktop\JRT.txt
2013-12-01 13:00 - 2013-10-22 17:24 - 00000000 ____D C:\AdwCleaner
2013-12-01 12:58 - 2013-11-07 16:12 - 01034531 _____ (Thisisu) C:\Users\Larsi\Desktop\JRT.exe
2013-12-01 12:57 - 2013-12-01 12:57 - 01091882 _____ C:\Users\Larsi\Desktop\adwcleaner.exe
2013-12-01 12:56 - 2013-12-01 12:56 - 01091882 _____ C:\Users\Larsi\Downloads\adwcleaner.exe
2013-12-01 12:48 - 2013-10-21 16:21 - 00016750 _____ C:\Windows\PFRO.log
2013-12-01 12:47 - 2013-12-01 12:47 - 00024298 _____ C:\ComboFix.txt
2013-12-01 12:47 - 2013-11-30 13:37 - 00000000 ____D C:\Qoobox
2013-12-01 12:46 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-11-30 21:13 - 2012-12-26 02:36 - 00000000 ____D C:\Program Files (x86)\Steam
2013-11-30 13:53 - 2013-11-02 11:10 - 00016152 _____ C:\Windows\system32\Drivers\SWDUMon.sys
2013-11-30 13:43 - 2012-12-25 19:51 - 00001425 _____ C:\Users\vaultdweller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-30 13:36 - 2013-10-21 16:30 - 00000000 ____D C:\Windows\erdnt
2013-11-30 13:35 - 2013-11-30 13:35 - 05150163 ____R (Swearware) C:\Users\Larsi\Desktop\ComboFix.exe
2013-11-30 12:27 - 2013-09-20 20:21 - 00000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-11-30 12:27 - 2012-12-26 02:31 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-11-30 12:27 - 2012-12-26 02:30 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-30 12:22 - 2013-11-30 12:22 - 03865488 _____ (Secunia) C:\Users\Larsi\Downloads\PSI9015Setup.exe
2013-11-30 12:22 - 2013-10-24 16:40 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-11-30 12:17 - 2013-11-30 12:17 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-11-30 12:16 - 2012-12-25 20:01 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-30 12:15 - 2013-11-30 12:15 - 00000000 ____D C:\ProgramData\ATI
2013-11-30 12:13 - 2013-11-30 12:13 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-11-30 12:13 - 2012-12-26 03:02 - 00000000 ____D C:\ProgramData\AMD
2013-11-30 12:12 - 2013-11-30 12:12 - 00060993 _____ C:\Windows\SysWOW64\CCCInstall_201311301212527916.log
2013-11-30 12:12 - 2012-12-25 22:13 - 00000000 ____D C:\Program Files\ATI Technologies
2013-11-30 12:10 - 2013-11-30 12:07 - 00000000 ____D C:\923bdbb9d938ecdb6cc97b
2013-11-30 12:10 - 2013-02-12 12:09 - 01593956 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-11-30 12:06 - 2013-11-30 12:06 - 00000000 ____D C:\AMD
2013-11-30 11:43 - 2013-11-30 11:43 - 00000000 ____D C:\FRST
2013-11-30 11:42 - 2013-11-30 11:42 - 00000000 _____ C:\Users\vaultdweller\defogger_reenable
2013-11-30 11:42 - 2012-12-25 19:50 - 00000000 ____D C:\Users\vaultdweller
2013-11-30 11:41 - 2013-11-30 11:41 - 00377856 _____ C:\Users\Larsi\Desktop\gmer_2.1.19163.exe
2013-11-30 11:40 - 2013-11-30 11:40 - 00050477 _____ C:\Users\Larsi\Desktop\Defogger.exe
2013-11-27 21:06 - 2013-11-27 20:38 - 00025320 _____ C:\Users\Larsi\Desktop\Brief 2.odt
2013-11-26 19:43 - 2013-11-23 19:01 - 00034611 _____ C:\Users\Larsi\Desktop\Klärender Brief.odt
2013-11-23 10:44 - 2012-12-25 20:22 - 00000000 ____D C:\Users\vaultdweller\AppData\Local\Adobe
2013-11-23 10:41 - 2012-12-25 20:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-22 19:29 - 2013-01-10 18:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-11-22 19:29 - 2012-12-25 22:45 - 00002090 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2013-11-22 19:28 - 2013-11-22 19:28 - 21978136 _____ (Mozilla) C:\Users\Larsi\Downloads\Thunderbird Setup 24.1.1.exe
2013-11-16 20:07 - 2013-11-16 20:07 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2013-11-16 11:49 - 2013-11-16 11:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-13 22:24 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-13 18:51 - 2013-07-09 19:19 - 00000000 ____D C:\Users\Larsi\Desktop\Game Handbücher
2013-11-13 18:06 - 2013-08-03 11:07 - 00000000 ____D C:\Windows\system32\MRT
2013-11-13 18:05 - 2012-12-25 21:21 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-13 17:57 - 2012-12-26 03:18 - 00001425 _____ C:\Users\Larsi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-13 17:57 - 2012-12-25 19:41 - 00000000 ____D C:\Windows\Panther
2013-11-13 00:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-12 21:09 - 2013-11-12 21:05 - 00010074 _____ C:\Windows\IE11_main.log
2013-11-12 21:06 - 2013-11-12 21:06 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-12 21:06 - 2013-11-12 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-12 21:06 - 2013-11-12 21:06 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-12 21:06 - 2013-11-12 21:06 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-12 21:06 - 2013-11-12 21:06 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-12 21:06 - 2013-11-12 21:06 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-12 21:06 - 2013-11-12 21:06 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-12 21:06 - 2013-11-12 21:06 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-12 21:06 - 2013-11-12 21:06 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-12 21:06 - 2013-11-12 21:06 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-12 21:06 - 2013-11-12 21:06 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-10 17:11 - 2013-01-21 20:05 - 00001326 _____ C:\Users\Public\Desktop\HIARCS Chess Explorer.lnk
2013-11-10 17:11 - 2013-01-21 20:05 - 00000000 ____D C:\Program Files (x86)\HIARCS Chess
2013-11-10 17:10 - 2013-11-10 17:08 - 89758744 _____ (Applied Computer Concepts Ltd.                              ) C:\Users\Larsi\Downloads\setupHIARCSChessExplorer-1.6.exe
2013-11-10 16:35 - 2013-11-10 16:35 - 00000677 _____ C:\Users\Larsi\Desktop\Steinitzer-BethO.pgn
2013-11-09 16:06 - 2012-12-26 16:12 - 00000000 ____D C:\Users\Larsi\AppData\Local\Skyrim
2013-11-07 18:06 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-11-07 16:11 - 2013-10-24 22:05 - 00891167 _____ C:\Users\Larsi\Desktop\SecurityCheck.exe
2013-11-06 22:38 - 2013-11-06 22:38 - 00001073 _____ C:\Users\Larsi\Desktop\Secunia PSI.lnk
2013-11-05 16:41 - 2013-11-05 16:41 - 59315028 _____ C:\Users\Larsi\Downloads\Skyrim_-_Directors_Cut_-_Unofficial_High_Resolution_Patch-1.1.3a.7z
2013-11-05 16:19 - 2013-11-05 16:18 - 107878313 _____ C:\Users\Larsi\Downloads\Skyrim_-_Directors_Cut-3.4-14026.7z
2013-11-05 12:20 - 2013-06-29 00:00 - 00000890 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2013-11-05 12:20 - 2013-06-29 00:00 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2013-11-05 12:18 - 2013-11-05 12:18 - 00000000 ____D C:\Users\Larsi\AppData\Local\Morrowind
2013-11-05 11:07 - 2013-01-01 20:06 - 00000000 ____D C:\Users\vaultdweller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-11-05 11:05 - 2013-11-05 11:05 - 00000233 _____ C:\Windows\Directx.log
2013-11-05 11:04 - 2012-12-31 23:52 - 00000000 ____D C:\Users\Larsi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-11-05 10:56 - 2013-11-05 10:56 - 00001964 _____ C:\Users\Public\Desktop\The Elder Scrolls Construction Set.lnk
2013-11-05 10:54 - 2013-11-05 10:54 - 00001042 _____ C:\Users\Public\Desktop\Morrowind.lnk
2013-11-05 10:54 - 2013-11-05 10:54 - 00000000 ____D C:\Program Files (x86)\Bethesda Softworks
2013-11-05 09:29 - 2013-11-05 09:29 - 13228032 _____ (8 x 8 Media AG) C:\Users\Larsi\Desktop\chessimo.exe
2013-11-05 09:29 - 2012-12-27 14:02 - 00000000 ____D C:\ProgramData\InstallMate
2013-11-05 09:13 - 2009-07-14 05:45 - 00351840 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-04 20:40 - 2012-12-25 22:26 - 00082048 _____ C:\Users\vaultdweller\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-04 18:03 - 2013-11-04 13:31 - 00000000 ____D C:\Users\vaultdweller\AppData\Roaming\GlarySoft
2013-11-04 13:42 - 2013-11-04 13:42 - 00018456 _____ (Secunia) C:\Windows\system32\Drivers\psi_mf_amd64.sys
2013-11-04 13:31 - 2013-11-04 13:31 - 02194784 _____ (Glarysoft.com                                              ) C:\Users\Larsi\Downloads\au29setup.exe
2013-11-04 11:51 - 2012-12-25 22:19 - 00082048 _____ C:\Users\Larsi\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-04 11:34 - 2012-12-28 18:01 - 00000000 ____D C:\Users\vaultdweller\AppData\Roaming\ChessBase
2013-11-04 11:34 - 2012-12-28 17:39 - 00000000 ____D C:\Program Files (x86)\ChessBase
2013-11-04 11:34 - 2009-07-14 03:34 - 00000412 _____ C:\Windows\win.ini
2013-11-04 11:30 - 2013-05-04 22:27 - 00000000 ____D C:\Windows\Minidump
2013-11-04 11:24 - 2013-11-04 11:24 - 00001268 _____ C:\Users\vaultdweller\Desktop\Revo Uninstaller.lnk
2013-11-04 11:24 - 2013-11-04 11:24 - 00001268 _____ C:\Users\Larsi\Desktop\Revo Uninstaller.lnk
2013-11-04 11:24 - 2013-11-04 11:24 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-11-04 11:22 - 2013-10-28 20:17 - 00000000 ____D C:\Program Files (x86)\Razer
2013-11-04 11:22 - 2013-10-27 23:02 - 00000000 ____D C:\ProgramData\Razer
2013-11-04 11:04 - 2013-11-04 11:03 - 39721880 _____ (Razer Inc.                                                  ) C:\Users\vaultdweller\Downloads\RazerGameBoosterSetup_4.0.68.0(1).exe
2013-11-03 20:13 - 2013-11-03 20:13 - 00000221 _____ C:\Users\Larsi\Desktop\The Elder Scrolls V Skyrim.url
2013-11-02 11:47 - 2013-11-02 11:47 - 01033335 _____ (Thisisu) C:\Users\Larsi\Downloads\JRT.exe
2013-11-02 11:28 - 2013-11-02 11:28 - 00000000 ____D C:\Dell
2013-11-02 11:19 - 2013-11-02 11:19 - 00000000 ____D C:\RaidTool
2013-11-02 11:19 - 2013-01-01 15:53 - 00000000 ____D C:\Windows\RaidTool
2013-11-02 11:10 - 2013-11-02 11:10 - 00000000 ____D C:\Users\vaultdweller\AppData\Local\SlimWare Utilities Inc
2013-11-02 11:09 - 2013-11-02 11:09 - 00002467 _____ C:\Users\Public\Desktop\SlimDrivers.lnk
2013-11-02 11:09 - 2013-11-02 11:09 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2013-11-02 02:13 - 2013-11-02 02:13 - 01839577 _____ C:\Users\Larsi\Downloads\stockfish-4-win.zip
2013-11-02 02:13 - 2013-11-02 02:13 - 00000000 ____D C:\Users\Larsi\Downloads\stockfish-4-win

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-30 14:32

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 02.12.2013 10:30

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

vaultdweller 02.12.2013 22:25
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=d1d9161265e94a43b30c0e910e4111d1
# engine=15602
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-10-23 05:43:30
# local_time=2013-10-23 07:43:30 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 86957 134180060 0 0
# compatibility_mode=8208 16776701 100 98 26028225 132559562 0 0
# scanned=258050
# found=0
# cleaned=0
# scan_time=10122
# nod_component=V3 Build:0x30000000
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=d1d9161265e94a43b30c0e910e4111d1
# engine=16105
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-12-02 08:15:20
# local_time=2013-12-02 09:15:20 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 3552067 137645170 0 0
# compatibility_mode=8208 16776701 100 98 29493335 136024672 0 0
# scanned=268784
# found=2
# cleaned=0
# scan_time=12429
# nod_component=V3 Build:0x30000000
sh=650BD0B519481B020DBE9682F5BFCDFB184B212C ft=0 fh=0000000000000000 vn="Java/Exploit.CVE-2012-1723.KO trojan" ac=I fn="F:\larsi\.icedtea\cache\0\http\ykekowamu.pl\88584ab236mxfb7youd7two.jar"
sh=39B62C91EAC099BFF5AF43505DE9B3814C47C88E ft=0 fh=0000000000000000 vn="Java/Exploit.Agent.PKL trojan" ac=I fn="F:\larsi\.icedtea\cache\1\http\exehatiwe.de\bsdeasesnnqbspumtizid.jar"

F: ist eine externe Platte.



Code:
Results of screen317's Security Check version 0.99.76 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 10 
``````````````Antivirus/Firewall Check:``````````````
ESET Smart Security 5.2 
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 Secunia PSI (3.0.0.9015) 
 Malwarebytes Anti-Malware Version 1.75.0.1300 
 TweakNow RegCleaner   
 Adobe Flash Player 11.9.900.152 
 Mozilla Firefox (25.0.1)
 Mozilla Thunderbird (24.1.1)
````````Process Check: objlist.exe by Laurent```````` 
 ESET NOD32 Antivirus egui.exe 
 ESET NOD32 Antivirus ekrn.exe 
 ESET ESET Online Scanner OnlineScannerApp.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````



FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-12-2013
Ran by vaultdweller (administrator) on VAULT15WIN on 02-12-2013 21:41:31
Running from C:\Users\Larsi\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
() C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [4090824 2012-11-16] (ESET)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2000-01-01] (Realtek Semiconductor)
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [26624 2010-11-20] (Microsoft Corporation)
HKCU\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2010-09-30] (AMD)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-08] (Advanced Micro Devices, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {96844809-DE64-41AA-BF33-73953147A8BE} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=902615&p={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\vaultdweller\AppData\Roaming\Mozilla\Firefox\Profiles\p7ti4vyk.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Password Manager 12\spmplugin3
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-10-08] (Advanced Micro Devices, Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [913184 2012-11-16] (ESET)
R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72280 2010-09-07] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [66872 2013-09-14] ()
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-11-04] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-11-04] (Secunia)

==================== Drivers (Whitelisted) ====================

S3 AODDriver; C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys [52280 2010-03-12] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-01-05] ()
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [209808 2012-11-16] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [148528 2012-03-14] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [187632 2012-03-14] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [38288 2012-03-14] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62024 2012-11-16] (ESET)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-03-20] ()
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-10-30] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-01-05] ()
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-11-04] (Secunia)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-04-24] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-04-24] (RapidSolution Software AG)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2013-11-30] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 TEAM; system32\DRIVERS\RtTeam60.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
S3 VLAN; system32\DRIVERS\RtVLAN60.sys [x]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-02 17:39 - 2013-12-02 17:39 - 02347384 _____ (ESET) C:\Users\Larsi\Desktop\esetsmartinstaller_enu.exe
2013-12-01 13:28 - 2013-12-02 21:41 - 00008607 _____ C:\Users\Larsi\Desktop\FRST.txt
2013-12-01 13:27 - 2013-12-01 13:27 - 01959184 _____ (Farbar) C:\Users\Larsi\Desktop\FRST64.exe
2013-12-01 13:25 - 2013-12-01 13:26 - 01959184 _____ (Farbar) C:\Users\vaultdweller\Downloads\FRST64.exe
2013-12-01 13:11 - 2013-12-01 13:11 - 00000628 _____ C:\Users\vaultdweller\Desktop\JRT.txt
2013-12-01 12:57 - 2013-12-01 12:57 - 01091882 _____ C:\Users\Larsi\Desktop\adwcleaner.exe
2013-12-01 12:56 - 2013-12-01 12:56 - 01091882 _____ C:\Users\Larsi\Downloads\adwcleaner.exe
2013-12-01 12:47 - 2013-12-01 12:47 - 00024298 _____ C:\ComboFix.txt
2013-11-30 13:37 - 2013-12-01 12:47 - 00000000 ____D C:\Qoobox
2013-11-30 13:37 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-11-30 13:37 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-11-30 13:37 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-11-30 13:37 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-11-30 13:37 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-11-30 13:37 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-11-30 13:37 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-11-30 13:37 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-11-30 13:35 - 2013-11-30 13:35 - 05150163 ____R (Swearware) C:\Users\Larsi\Desktop\ComboFix.exe
2013-11-30 12:22 - 2013-11-30 12:22 - 03865488 _____ (Secunia) C:\Users\Larsi\Downloads\PSI9015Setup.exe
2013-11-30 12:17 - 2013-11-30 12:17 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-11-30 12:16 - 2000-01-01 01:00 - 38385664 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2013-11-30 12:16 - 2000-01-01 01:00 - 27644160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 14152960 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 06217904 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 05751576 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 05681192 _____ C:\Windows\system32\Drivers\rtvienna.dat
2013-11-30 12:16 - 2000-01-01 01:00 - 03714304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 03707864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2013-11-30 12:16 - 2000-01-01 01:00 - 02810072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 02587864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 02036992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 01938608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 01921792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2013-11-30 12:16 - 2000-01-01 01:00 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 01345280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 01286400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 01286360 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 01084160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 01021656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 01014016 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 01012992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00929080 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00907008 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00897792 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00790272 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00722688 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00681905 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2013-11-30 12:16 - 2000-01-01 01:00 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00617176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00605496 _____ C:\Windows\system32\audioLibVc.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00313520 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00260272 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00244480 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00153304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00109848 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2013-11-30 12:16 - 2000-01-01 01:00 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2013-11-30 12:15 - 2013-11-30 12:15 - 00000000 ____D C:\ProgramData\ATI
2013-11-30 12:13 - 2013-11-30 12:13 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-11-30 12:12 - 2013-11-30 12:12 - 00060993 _____ C:\Windows\SysWOW64\CCCInstall_201311301212527916.log
2013-11-30 12:07 - 2013-11-30 12:10 - 00000000 ____D C:\923bdbb9d938ecdb6cc97b
2013-11-30 12:06 - 2013-11-30 12:06 - 00000000 ____D C:\AMD
2013-11-30 11:43 - 2013-11-30 11:43 - 00000000 ____D C:\FRST
2013-11-30 11:42 - 2013-11-30 11:42 - 00000000 _____ C:\Users\vaultdweller\defogger_reenable
2013-11-30 11:41 - 2013-11-30 11:41 - 00377856 _____ C:\Users\Larsi\Desktop\gmer_2.1.19163.exe
2013-11-30 11:40 - 2013-11-30 11:40 - 00050477 _____ C:\Users\Larsi\Desktop\Defogger.exe
2013-11-27 20:38 - 2013-11-27 21:06 - 00025320 _____ C:\Users\Larsi\Desktop\Brief 2.odt
2013-11-23 19:01 - 2013-11-26 19:43 - 00034611 _____ C:\Users\Larsi\Desktop\Klärender Brief.odt
2013-11-22 19:28 - 2013-11-22 19:28 - 21978136 _____ (Mozilla) C:\Users\Larsi\Downloads\Thunderbird Setup 24.1.1.exe
2013-11-16 20:07 - 2013-11-16 20:07 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2013-11-16 11:48 - 2013-11-16 11:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-13 18:07 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-11-13 18:07 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-11-13 18:07 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-11-13 18:07 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-11-13 18:07 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-11-13 18:07 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-11-13 18:07 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-11-13 18:07 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2013-11-13 18:07 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-11-13 18:07 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-11-13 18:07 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-11-13 18:07 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-11-13 18:07 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-11-13 18:07 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-11-13 18:07 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2013-11-13 18:07 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-11-13 18:07 - 2013-10-01 21:57 - 06578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-11-13 18:07 - 2013-10-01 21:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-11-13 18:04 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 18:04 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 18:04 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 18:04 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 18:04 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 18:04 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 18:04 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 18:04 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 18:04 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 18:04 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 18:04 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 18:04 - 2013-09-25 03:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2013-11-13 18:04 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 18:04 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 18:04 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 18:04 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 18:04 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 18:04 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 18:04 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 18:04 - 2013-09-25 02:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2013-11-13 18:04 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 18:04 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 18:04 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 18:04 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 18:04 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-13 18:03 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 18:03 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 18:03 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 18:03 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 18:03 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 18:03 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 18:03 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-12 21:09 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-12 21:06 - 2013-11-12 21:06 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-12 21:06 - 2013-11-12 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-12 21:06 - 2013-11-12 21:06 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-12 21:06 - 2013-11-12 21:06 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-12 21:06 - 2013-11-12 21:06 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-12 21:06 - 2013-11-12 21:06 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-12 21:06 - 2013-11-12 21:06 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-12 21:06 - 2013-11-12 21:06 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-12 21:06 - 2013-11-12 21:06 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-12 21:06 - 2013-11-12 21:06 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-12 21:06 - 2013-11-12 21:06 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-12 21:05 - 2013-11-12 21:09 - 00010074 _____ C:\Windows\IE11_main.log
2013-11-10 17:08 - 2013-11-10 17:10 - 89758744 _____ (Applied Computer Concepts Ltd.                              ) C:\Users\Larsi\Downloads\setupHIARCSChessExplorer-1.6.exe
2013-11-10 16:35 - 2013-11-10 16:35 - 00000677 _____ C:\Users\Larsi\Desktop\Steinitzer-BethO.pgn
2013-11-07 16:12 - 2013-12-01 12:58 - 01034531 _____ (Thisisu) C:\Users\Larsi\Desktop\JRT.exe
2013-11-06 22:38 - 2013-11-06 22:38 - 00001073 _____ C:\Users\Larsi\Desktop\Secunia PSI.lnk
2013-11-05 16:41 - 2013-11-05 16:41 - 59315028 _____ C:\Users\Larsi\Downloads\Skyrim_-_Directors_Cut_-_Unofficial_High_Resolution_Patch-1.1.3a.7z
2013-11-05 16:18 - 2013-11-05 16:19 - 107878313 _____ C:\Users\Larsi\Downloads\Skyrim_-_Directors_Cut-3.4-14026.7z
2013-11-05 12:18 - 2013-11-05 12:18 - 00000000 ____D C:\Users\Larsi\AppData\Local\Morrowind
2013-11-05 11:05 - 2013-11-05 11:05 - 00000233 _____ C:\Windows\Directx.log
2013-11-05 10:56 - 2013-11-05 10:56 - 00001964 _____ C:\Users\Public\Desktop\The Elder Scrolls Construction Set.lnk
2013-11-05 10:54 - 2013-11-05 10:54 - 00001042 _____ C:\Users\Public\Desktop\Morrowind.lnk
2013-11-05 10:54 - 2013-11-05 10:54 - 00000000 ____D C:\Program Files (x86)\Bethesda Softworks
2013-11-05 10:54 - 1998-06-17 19:07 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mfc42loc.dll
2013-11-05 09:29 - 2013-11-05 09:29 - 13228032 _____ (8 x 8 Media AG) C:\Users\Larsi\Desktop\chessimo.exe
2013-11-04 13:42 - 2013-11-04 13:42 - 00018456 _____ (Secunia) C:\Windows\system32\Drivers\psi_mf_amd64.sys
2013-11-04 13:31 - 2013-11-04 18:03 - 00000000 ____D C:\Users\vaultdweller\AppData\Roaming\GlarySoft
2013-11-04 13:31 - 2013-11-04 13:31 - 02194784 _____ (Glarysoft.com                                              ) C:\Users\Larsi\Downloads\au29setup.exe
2013-11-04 11:24 - 2013-11-04 11:24 - 00001268 _____ C:\Users\vaultdweller\Desktop\Revo Uninstaller.lnk
2013-11-04 11:24 - 2013-11-04 11:24 - 00001268 _____ C:\Users\Larsi\Desktop\Revo Uninstaller.lnk
2013-11-04 11:24 - 2013-11-04 11:24 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-11-04 11:03 - 2013-11-04 11:04 - 39721880 _____ (Razer Inc.                                                  ) C:\Users\vaultdweller\Downloads\RazerGameBoosterSetup_4.0.68.0(1).exe
2013-11-03 20:13 - 2013-11-03 20:13 - 00000221 _____ C:\Users\Larsi\Desktop\The Elder Scrolls V Skyrim.url
2013-11-02 11:47 - 2013-11-02 11:47 - 01033335 _____ (Thisisu) C:\Users\Larsi\Downloads\JRT.exe
2013-11-02 11:28 - 2013-11-02 11:28 - 00000000 ____D C:\Dell
2013-11-02 11:24 - 2000-01-01 01:00 - 00016552 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\Drivers\AtiPcie64.sys
2013-11-02 11:19 - 2013-11-02 11:19 - 00000000 ____D C:\RaidTool
2013-11-02 11:19 - 2009-07-14 02:15 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Difx6650.rra
2013-11-02 11:14 - 2000-01-01 01:00 - 00123704 _____ (JMicron Technology Corp.) C:\Windows\system32\Drivers\jraid.sys
2013-11-02 11:10 - 2013-11-30 13:53 - 00016152 _____ C:\Windows\system32\Drivers\SWDUMon.sys
2013-11-02 11:10 - 2013-11-02 11:10 - 00000000 ____D C:\Users\vaultdweller\AppData\Local\SlimWare Utilities Inc
2013-11-02 11:09 - 2013-11-02 11:09 - 00002467 _____ C:\Users\Public\Desktop\SlimDrivers.lnk
2013-11-02 11:09 - 2013-11-02 11:09 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2013-11-02 02:13 - 2013-11-02 02:13 - 01839577 _____ C:\Users\Larsi\Downloads\stockfish-4-win.zip
2013-11-02 02:13 - 2013-11-02 02:13 - 00000000 ____D C:\Users\Larsi\Downloads\stockfish-4-win

==================== One Month Modified Files and Folders =======

2013-12-02 21:41 - 2013-12-01 13:28 - 00008607 _____ C:\Users\Larsi\Desktop\FRST.txt
2013-12-02 21:28 - 2012-12-26 02:31 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-02 21:26 - 2013-10-24 22:05 - 00891184 _____ C:\Users\Larsi\Desktop\SecurityCheck.exe
2013-12-02 17:48 - 2009-07-14 18:58 - 00699416 _____ C:\Windows\system32\perfh007.dat
2013-12-02 17:48 - 2009-07-14 18:58 - 00149556 _____ C:\Windows\system32\perfc007.dat
2013-12-02 17:48 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-02 17:44 - 2009-07-14 05:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-02 17:44 - 2009-07-14 05:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-02 17:39 - 2013-12-02 17:39 - 02347384 _____ (ESET) C:\Users\Larsi\Desktop\esetsmartinstaller_enu.exe
2013-12-02 17:39 - 2013-10-14 20:24 - 01167775 _____ C:\Windows\WindowsUpdate.log
2013-12-02 17:37 - 2013-10-24 22:17 - 00000144 _____ C:\service.log
2013-12-02 17:37 - 2013-10-21 16:21 - 00017102 _____ C:\Windows\PFRO.log
2013-12-02 17:37 - 2013-10-21 16:21 - 00008467 _____ C:\Windows\setupact.log
2013-12-02 17:37 - 2012-12-27 19:23 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2013-12-02 17:37 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-01 19:20 - 2012-12-26 02:36 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-01 13:27 - 2013-12-01 13:27 - 01959184 _____ (Farbar) C:\Users\Larsi\Desktop\FRST64.exe
2013-12-01 13:26 - 2013-12-01 13:25 - 01959184 _____ (Farbar) C:\Users\vaultdweller\Downloads\FRST64.exe
2013-12-01 13:11 - 2013-12-01 13:11 - 00000628 _____ C:\Users\vaultdweller\Desktop\JRT.txt
2013-12-01 13:00 - 2013-10-22 17:24 - 00000000 ____D C:\AdwCleaner
2013-12-01 12:58 - 2013-11-07 16:12 - 01034531 _____ (Thisisu) C:\Users\Larsi\Desktop\JRT.exe
2013-12-01 12:57 - 2013-12-01 12:57 - 01091882 _____ C:\Users\Larsi\Desktop\adwcleaner.exe
2013-12-01 12:56 - 2013-12-01 12:56 - 01091882 _____ C:\Users\Larsi\Downloads\adwcleaner.exe
2013-12-01 12:47 - 2013-12-01 12:47 - 00024298 _____ C:\ComboFix.txt
2013-12-01 12:47 - 2013-11-30 13:37 - 00000000 ____D C:\Qoobox
2013-12-01 12:46 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-11-30 13:53 - 2013-11-02 11:10 - 00016152 _____ C:\Windows\system32\Drivers\SWDUMon.sys
2013-11-30 13:43 - 2012-12-25 19:51 - 00001425 _____ C:\Users\vaultdweller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-30 13:36 - 2013-10-21 16:30 - 00000000 ____D C:\Windows\erdnt
2013-11-30 13:35 - 2013-11-30 13:35 - 05150163 ____R (Swearware) C:\Users\Larsi\Desktop\ComboFix.exe
2013-11-30 12:27 - 2013-09-20 20:21 - 00000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-11-30 12:27 - 2012-12-26 02:31 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-11-30 12:27 - 2012-12-26 02:30 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-30 12:22 - 2013-11-30 12:22 - 03865488 _____ (Secunia) C:\Users\Larsi\Downloads\PSI9015Setup.exe
2013-11-30 12:22 - 2013-10-24 16:40 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-11-30 12:17 - 2013-11-30 12:17 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-11-30 12:16 - 2012-12-25 20:01 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-30 12:15 - 2013-11-30 12:15 - 00000000 ____D C:\ProgramData\ATI
2013-11-30 12:13 - 2013-11-30 12:13 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-11-30 12:13 - 2012-12-26 03:02 - 00000000 ____D C:\ProgramData\AMD
2013-11-30 12:12 - 2013-11-30 12:12 - 00060993 _____ C:\Windows\SysWOW64\CCCInstall_201311301212527916.log
2013-11-30 12:12 - 2012-12-25 22:13 - 00000000 ____D C:\Program Files\ATI Technologies
2013-11-30 12:10 - 2013-11-30 12:07 - 00000000 ____D C:\923bdbb9d938ecdb6cc97b
2013-11-30 12:10 - 2013-02-12 12:09 - 01593956 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-11-30 12:06 - 2013-11-30 12:06 - 00000000 ____D C:\AMD
2013-11-30 11:43 - 2013-11-30 11:43 - 00000000 ____D C:\FRST
2013-11-30 11:42 - 2013-11-30 11:42 - 00000000 _____ C:\Users\vaultdweller\defogger_reenable
2013-11-30 11:42 - 2012-12-25 19:50 - 00000000 ____D C:\Users\vaultdweller
2013-11-30 11:41 - 2013-11-30 11:41 - 00377856 _____ C:\Users\Larsi\Desktop\gmer_2.1.19163.exe
2013-11-30 11:40 - 2013-11-30 11:40 - 00050477 _____ C:\Users\Larsi\Desktop\Defogger.exe
2013-11-27 21:06 - 2013-11-27 20:38 - 00025320 _____ C:\Users\Larsi\Desktop\Brief 2.odt
2013-11-26 19:43 - 2013-11-23 19:01 - 00034611 _____ C:\Users\Larsi\Desktop\Klärender Brief.odt
2013-11-23 10:44 - 2012-12-25 20:22 - 00000000 ____D C:\Users\vaultdweller\AppData\Local\Adobe
2013-11-23 10:41 - 2012-12-25 20:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-22 19:29 - 2013-01-10 18:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-11-22 19:29 - 2012-12-25 22:45 - 00002090 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2013-11-22 19:28 - 2013-11-22 19:28 - 21978136 _____ (Mozilla) C:\Users\Larsi\Downloads\Thunderbird Setup 24.1.1.exe
2013-11-16 20:07 - 2013-11-16 20:07 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2013-11-16 11:49 - 2013-11-16 11:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-13 22:24 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-13 18:51 - 2013-07-09 19:19 - 00000000 ____D C:\Users\Larsi\Desktop\Game Handbücher
2013-11-13 18:06 - 2013-08-03 11:07 - 00000000 ____D C:\Windows\system32\MRT
2013-11-13 18:05 - 2012-12-25 21:21 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-13 17:57 - 2012-12-26 03:18 - 00001425 _____ C:\Users\Larsi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-13 17:57 - 2012-12-25 19:41 - 00000000 ____D C:\Windows\Panther
2013-11-13 00:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-12 21:09 - 2013-11-12 21:05 - 00010074 _____ C:\Windows\IE11_main.log
2013-11-12 21:06 - 2013-11-12 21:06 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-12 21:06 - 2013-11-12 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-12 21:06 - 2013-11-12 21:06 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-12 21:06 - 2013-11-12 21:06 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-12 21:06 - 2013-11-12 21:06 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-12 21:06 - 2013-11-12 21:06 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-12 21:06 - 2013-11-12 21:06 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-12 21:06 - 2013-11-12 21:06 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-12 21:06 - 2013-11-12 21:06 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-12 21:06 - 2013-11-12 21:06 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-12 21:06 - 2013-11-12 21:06 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-12 21:06 - 2013-11-12 21:06 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-12 21:06 - 2013-11-12 21:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-10 17:11 - 2013-01-21 20:05 - 00001326 _____ C:\Users\Public\Desktop\HIARCS Chess Explorer.lnk
2013-11-10 17:11 - 2013-01-21 20:05 - 00000000 ____D C:\Program Files (x86)\HIARCS Chess
2013-11-10 17:10 - 2013-11-10 17:08 - 89758744 _____ (Applied Computer Concepts Ltd.                              ) C:\Users\Larsi\Downloads\setupHIARCSChessExplorer-1.6.exe
2013-11-10 16:35 - 2013-11-10 16:35 - 00000677 _____ C:\Users\Larsi\Desktop\Steinitzer-BethO.pgn
2013-11-09 16:06 - 2012-12-26 16:12 - 00000000 ____D C:\Users\Larsi\AppData\Local\Skyrim
2013-11-07 18:06 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-11-06 22:38 - 2013-11-06 22:38 - 00001073 _____ C:\Users\Larsi\Desktop\Secunia PSI.lnk
2013-11-05 16:41 - 2013-11-05 16:41 - 59315028 _____ C:\Users\Larsi\Downloads\Skyrim_-_Directors_Cut_-_Unofficial_High_Resolution_Patch-1.1.3a.7z
2013-11-05 16:19 - 2013-11-05 16:18 - 107878313 _____ C:\Users\Larsi\Downloads\Skyrim_-_Directors_Cut-3.4-14026.7z
2013-11-05 12:20 - 2013-06-29 00:00 - 00000890 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2013-11-05 12:20 - 2013-06-29 00:00 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2013-11-05 12:18 - 2013-11-05 12:18 - 00000000 ____D C:\Users\Larsi\AppData\Local\Morrowind
2013-11-05 11:07 - 2013-01-01 20:06 - 00000000 ____D C:\Users\vaultdweller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-11-05 11:05 - 2013-11-05 11:05 - 00000233 _____ C:\Windows\Directx.log
2013-11-05 11:04 - 2012-12-31 23:52 - 00000000 ____D C:\Users\Larsi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-11-05 10:56 - 2013-11-05 10:56 - 00001964 _____ C:\Users\Public\Desktop\The Elder Scrolls Construction Set.lnk
2013-11-05 10:54 - 2013-11-05 10:54 - 00001042 _____ C:\Users\Public\Desktop\Morrowind.lnk
2013-11-05 10:54 - 2013-11-05 10:54 - 00000000 ____D C:\Program Files (x86)\Bethesda Softworks
2013-11-05 09:29 - 2013-11-05 09:29 - 13228032 _____ (8 x 8 Media AG) C:\Users\Larsi\Desktop\chessimo.exe
2013-11-05 09:29 - 2012-12-27 14:02 - 00000000 ____D C:\ProgramData\InstallMate
2013-11-05 09:13 - 2009-07-14 05:45 - 00351840 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-04 20:40 - 2012-12-25 22:26 - 00082048 _____ C:\Users\vaultdweller\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-04 18:03 - 2013-11-04 13:31 - 00000000 ____D C:\Users\vaultdweller\AppData\Roaming\GlarySoft
2013-11-04 13:42 - 2013-11-04 13:42 - 00018456 _____ (Secunia) C:\Windows\system32\Drivers\psi_mf_amd64.sys
2013-11-04 13:31 - 2013-11-04 13:31 - 02194784 _____ (Glarysoft.com                                              ) C:\Users\Larsi\Downloads\au29setup.exe
2013-11-04 11:51 - 2012-12-25 22:19 - 00082048 _____ C:\Users\Larsi\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-04 11:34 - 2012-12-28 18:01 - 00000000 ____D C:\Users\vaultdweller\AppData\Roaming\ChessBase
2013-11-04 11:34 - 2012-12-28 17:39 - 00000000 ____D C:\Program Files (x86)\ChessBase
2013-11-04 11:34 - 2009-07-14 03:34 - 00000412 _____ C:\Windows\win.ini
2013-11-04 11:30 - 2013-05-04 22:27 - 00000000 ____D C:\Windows\Minidump
2013-11-04 11:24 - 2013-11-04 11:24 - 00001268 _____ C:\Users\vaultdweller\Desktop\Revo Uninstaller.lnk
2013-11-04 11:24 - 2013-11-04 11:24 - 00001268 _____ C:\Users\Larsi\Desktop\Revo Uninstaller.lnk
2013-11-04 11:24 - 2013-11-04 11:24 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-11-04 11:22 - 2013-10-28 20:17 - 00000000 ____D C:\Program Files (x86)\Razer
2013-11-04 11:22 - 2013-10-27 23:02 - 00000000 ____D C:\ProgramData\Razer
2013-11-04 11:04 - 2013-11-04 11:03 - 39721880 _____ (Razer Inc.                                                  ) C:\Users\vaultdweller\Downloads\RazerGameBoosterSetup_4.0.68.0(1).exe
2013-11-03 20:13 - 2013-11-03 20:13 - 00000221 _____ C:\Users\Larsi\Desktop\The Elder Scrolls V Skyrim.url
2013-11-02 11:47 - 2013-11-02 11:47 - 01033335 _____ (Thisisu) C:\Users\Larsi\Downloads\JRT.exe
2013-11-02 11:28 - 2013-11-02 11:28 - 00000000 ____D C:\Dell
2013-11-02 11:19 - 2013-11-02 11:19 - 00000000 ____D C:\RaidTool
2013-11-02 11:19 - 2013-01-01 15:53 - 00000000 ____D C:\Windows\RaidTool
2013-11-02 11:10 - 2013-11-02 11:10 - 00000000 ____D C:\Users\vaultdweller\AppData\Local\SlimWare Utilities Inc
2013-11-02 11:09 - 2013-11-02 11:09 - 00002467 _____ C:\Users\Public\Desktop\SlimDrivers.lnk
2013-11-02 11:09 - 2013-11-02 11:09 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2013-11-02 02:13 - 2013-11-02 02:13 - 01839577 _____ C:\Users\Larsi\Downloads\stockfish-4-win.zip
2013-11-02 02:13 - 2013-11-02 02:13 - 00000000 ____D C:\Users\Larsi\Downloads\stockfish-4-win

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-30 14:32

==================== End Of Log ============================
--- --- ---

--- --- ---




Außer den zwei Funden auf der Externen keine Probleme.

schrauber 03.12.2013 12:33
Funde manuell löschen.


Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

vaultdweller 03.12.2013 18:13
Code:
defogger_enable by jpshortstuff (23.02.10.1)
Log created at 17:10 on 03/12/2013 (vaultdweller)

Parsing file...


-=E.O.F=-
Code:
# DelFix v10.6 - Datei am 03/12/2013 um 17:15:04 erstellt
# Aktualisiert am 11/11/2013 von Xplode
# Benutzer : vaultdweller - VAULT15WIN
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)

~ Aktiviere die Benutzerkontensteuerung ... OK

~ Entferne die Bereinigungsprogramme ...

Gelöscht : \FRST
Gelöscht : \AdwCleaner
Gelöscht : \ComboFix.txt
Gelöscht : C:\Users\vaultdweller\Desktop\JRT.txt
Gelöscht : C:\Users\vaultdweller\Downloads\FRST64.exe
Gelöscht : HKLM\SOFTWARE\OldTimer Tools
Gelöscht : HKLM\SOFTWARE\AdwCleaner
Gelöscht : HKLM\SOFTWARE\Swearware

~ Erstelle ein Backup der Registrierungsdatenbank ... OK

~ Lösche die Wiederherstellungspunkte ...

Gelöscht : RP #357 [Revo Uninstaller's restore point - Secunia PSI (3.0.0.8013) | 11/16/2013 15:12:21]
Gelöscht : RP #358 [SlimDrivers Installing Drivers | 11/16/2013 18:48:15]
Gelöscht : RP #359 [SlimDrivers Installing Drivers | 11/16/2013 18:57:04]
Gelöscht : RP #360 [Geplanter Prüfpunkt | 11/23/2013 23:01:42]
Gelöscht : RP #361 [SlimDrivers Installing Drivers | 11/30/2013 11:00:24]
Gelöscht : RP #362 [SlimDrivers Installing Drivers | 11/30/2013 11:03:36]
Gelöscht : RP #363 [Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 | 11/30/2013 11:07:50]
Gelöscht : RP #364 [Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 | 11/30/2013 11:10:31]
Gelöscht : RP #365 [ComboFix created restore point | 12/03/2013 16:12:28]

Ein neuer Wiederherstellungspunkt wurde erstellt !

~ Stelle die Systemeinstellungen wieder her ... OK

########## - EOF - ##########


Alles aufgeräumt. Thread kann dann closed. Thx

VG vaultdweller

schrauber 04.12.2013 10:58
Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 14:26 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131