Verseuchter Laptop Windows 8 64 bit version

ryder · 26.05.2013, 22:16

Schön, wo ist dann mein neues FRST?

Dennis29 · 26.05.2013, 22:18

So ist angefügt. siehe voriger Post

ryder · 26.05.2013, 22:25

Gut! Viel besser. Ein Rest ist noch da, den entfernen wir:

Schritt 1: (Erinnerung: Antworte mir erst, wenn du alle Schritte abgearbeitet hast!)
Fix mit FRST
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

S2 0230311369586906mcinstcleanup; C:\Windows\TEMP\023031~1.EXE [833616 2013-01-30] (McAfee, Inc.)
C:\Windows\TEMP\023031~1.EXE

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Fix Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2:
Nochmal FRST-Scan zur Kontrolle.

Schritt 3:
Scan mit MBAR
Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Dennis29 · 26.05.2013, 22:31

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-05-2013 03
Ran by dennis at 2013-05-26 23:30:49 Run:1
Running from C:\Users\dennis\Desktop
Boot Mode: Normal
==============================================

0230311369586906mcinstcleanup => Service deleted successfully.
C:\Windows\TEMP\023031~1.EXE => Moved successfully.

==== End of Fixlog ====

Frst-scan-Kontrolle

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-05-2013 03
Ran by dennis (administrator) on 26-05-2013 23:31:39
Running from C:\Users\dennis\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Qualcomm Atheros) c:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) c:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apntex.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Farbar) C:\Users\dennis\Desktop\FRST64.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [12937872 2012-07-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4  [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe [650648 2012-07-04] (Alps Electric Co., Ltd.)
HKLM\...\Run: [BtPreLoad] "C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe" [64640 2012-07-31] ()
HKCU\...\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent [1635752 2013-05-04] (Valve Corporation)
HKLM-x32\...\Run: [BakupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -k -h [533056 2012-07-31] (NTI Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] "C:\Dolby PCEE4\pcee4.exe" -autostart [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager]  [x]
HKLM-x32\...\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\runner_avp.exe" [25608 2012-12-20] (Kaspersky Lab ZAO)
HKU\Default\...\RunOnce: [RegAutoPlay] C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe /r [x]
HKU\UpdatusUser.000\...\RunOnce: [RegAutoPlay] C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe /r [x]
HKU\UpdatusUser.002\...\RunOnce: [RegAutoPlay] C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe /r [x]
HKU\UpdatusUser.003\...\RunOnce: [RegAutoPlay] C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe /r [x]
HKU\UpdatusUser.004\...\RunOnce: [RegAutoPlay] C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe /r [x]
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [250504 2013-03-15] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
HKCU SearchScopes: DefaultScope {595B4868-2D76-4051-944A-279993CBA921} URL = 
SearchScopes: HKCU - {595B4868-2D76-4051-944A-279993CBA921} URL = 
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\PROGRA~2\KASPER~1\KASPER~1.0\KASPER~2\spIEBho.dll (Kaspersky Lab)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM-x32 - Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\PROGRA~2\KASPER~1\KASPER~1.0\KASPER~2\spIEBho.dll (Kaspersky Lab)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File

FireFox:
========
FF ProfilePath: C:\Users\dennis\AppData\Roaming\Mozilla\Firefox\Profiles\21i214iw.default
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL No File

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [207488 2012-07-31] (Qualcomm Atheros Commnucations)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356968 2012-12-20] (Kaspersky Lab ZAO)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2415760 2012-07-27] (Acer Incorporated)
R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [819040 2012-12-21] (Infowatch)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [466064 2012-07-31] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [659600 2012-07-31] (Acer Incorporated)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-07-31] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-09-04] (Dritek System INC.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-08-01] (Atheros)

==================== Drivers (Whitelisted) ====================

S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-07-31] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [98064 2012-12-10] (Infowatch)
R1 CSVirtualDiskDrv; C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys [67344 2012-12-10] (Infowatch)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458584 2012-06-19] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [612696 2012-11-02] (Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [28504 2012-08-02] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29016 2012-09-03] (Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29528 2012-09-03] (Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [48472 2012-10-23] (Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178008 2012-08-13] (Kaspersky Lab)
R3 L1C; C:\Windows\system32\DRIVERS\L1C63x64.sys [110744 2012-06-21] (Qualcomm Atheros Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-09-04] (Dritek System Inc.)
R3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-05-27 04:36 - 2013-05-27 04:36 - 00262144 ____A C:\Windows\System32\config\userdiff
2013-05-27 04:36 - 2013-05-26 23:28 - 00000000 ____D C:\Windows.old
2013-05-27 04:12 - 2013-05-26 23:27 - 00000000 ___HD C:\$SysReset
2013-05-26 23:23 - 2013-05-26 23:23 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-05-26 23:12 - 2013-05-26 23:12 - 00000000 ____D C:\Windows\SysWOW64\NV
2013-05-26 23:12 - 2013-05-26 23:12 - 00000000 ____D C:\Windows\System32\NV
2013-05-26 23:03 - 2013-05-26 23:04 - 03191888 ____A (McAfee, Inc.) C:\Users\dennis\Downloads\MCPR.exe
2013-05-26 22:44 - 2013-05-26 22:44 - 00021612 ____A C:\Users\dennis\Desktop\Gmerlog.log
2013-05-26 22:42 - 2013-05-26 22:42 - 00001073 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-05-26 22:42 - 2013-05-26 22:42 - 00000000 ____D C:\Users\dennis\AppData\Roaming\Malwarebytes
2013-05-26 22:42 - 2013-05-26 22:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-05-26 22:42 - 2013-05-26 22:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-05-26 22:42 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-05-26 22:40 - 2013-05-26 22:40 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\dennis\Downloads\mbam-setup-1.75.0.1300.exe
2013-05-26 22:32 - 2013-05-26 22:32 - 00000000 ____A C:\Users\dennis\defogger_reenable
2013-05-26 22:30 - 2013-05-26 22:30 - 00000020 ___SH C:\Users\UpdatusUser.DENNIS\ntuser.ini
2013-05-26 22:30 - 2013-05-26 22:30 - 00000000 __SHD C:\Users\UpdatusUser.DENNIS\Vorlagen
2013-05-26 22:30 - 2013-05-26 22:30 - 00000000 __SHD C:\Users\UpdatusUser.DENNIS\Startmenü
2013-05-26 22:30 - 2013-05-26 22:30 - 00000000 __SHD C:\Users\UpdatusUser.DENNIS\Netzwerkumgebung
2013-05-26 22:30 - 2013-05-26 22:30 - 00000000 __SHD C:\Users\UpdatusUser.DENNIS\Lokale Einstellungen
2013-05-26 22:30 - 2013-05-26 22:30 - 00000000 __SHD C:\Users\UpdatusUser.DENNIS\Eigene Dateien
2013-05-26 22:30 - 2013-05-26 22:30 - 00000000 __SHD C:\Users\UpdatusUser.DENNIS\Druckumgebung
2013-05-26 22:30 - 2013-05-26 22:30 - 00000000 __SHD C:\Users\UpdatusUser.DENNIS\Documents\Eigene Musik
2013-05-26 22:30 - 2013-05-26 22:30 - 00000000 __SHD C:\Users\UpdatusUser.DENNIS\Documents\Eigene Bilder
2013-05-26 22:30 - 2013-05-26 22:30 - 00000000 __SHD C:\Users\UpdatusUser.DENNIS\AppData\Local\Verlauf
2013-05-26 22:30 - 2013-05-26 22:30 - 00000000 __SHD C:\Users\UpdatusUser.DENNIS\AppData\Local\Anwendungsdaten
2013-05-26 22:30 - 2013-05-26 22:30 - 00000000 __SHD C:\Users\UpdatusUser.DENNIS\Anwendungsdaten
2013-05-26 22:30 - 2013-05-26 22:30 - 00000000 ____D C:\users\UpdatusUser.DENNIS
2013-05-26 22:30 - 2013-05-26 22:30 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-05-26 22:29 - 2013-05-26 22:30 - 00000000 ____D C:\ProgramData\NVIDIA
2013-05-26 22:28 - 2013-03-15 06:16 - 06398240 ____A (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll
2013-05-26 22:28 - 2013-03-15 06:16 - 03477280 ____A (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll
2013-05-26 22:28 - 2013-03-15 06:16 - 02555680 ____A (NVIDIA Corporation) C:\Windows\System32\nvsvcr.dll
2013-05-26 22:28 - 2013-03-15 06:16 - 01016096 ____A (NVIDIA Corporation) C:\Windows\System32\nv3dappshext.dll
2013-05-26 22:28 - 2013-03-15 06:16 - 00877856 ____A (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
2013-05-26 22:28 - 2013-03-15 06:16 - 00237856 ____A (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll
2013-05-26 22:28 - 2013-03-15 06:16 - 00076064 ____A (NVIDIA Corporation) C:\Windows\System32\nv3dappshextr.dll
2013-05-26 22:28 - 2013-03-15 06:16 - 00063776 ____A (NVIDIA Corporation) C:\Windows\System32\nvshext.dll
2013-05-26 22:28 - 2013-03-13 18:24 - 03065455 ____A C:\Windows\System32\nvcoproc.bin
2013-05-26 22:27 - 2013-05-26 23:01 - 00000000 ____D C:\ProgramData\SecTaskMan
2013-05-26 22:26 - 2013-05-26 22:27 - 00000000 ____D C:\Program Files (x86)\Security Task Manager
2013-05-26 22:26 - 2013-05-26 22:26 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-05-26 22:18 - 2013-05-26 22:19 - 00281248 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-26 22:17 - 2013-05-26 22:17 - 02365840 ____A C:\Users\dennis\Downloads\SecurityTaskManager_Setup.exe
2013-05-26 22:15 - 2013-03-15 07:53 - 26956576 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2013-05-26 22:15 - 2013-03-15 07:53 - 25256736 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2013-05-26 22:15 - 2013-03-15 07:53 - 20542752 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-05-26 22:15 - 2013-03-15 07:53 - 17990800 ____A (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2013-05-26 22:15 - 2013-03-15 07:53 - 17560352 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-05-26 22:15 - 2013-03-15 07:53 - 15508512 ____A (NVIDIA Corporation) C:\Windows\System32\nvwgf2umx.dll
2013-05-26 22:15 - 2013-03-15 07:53 - 15042928 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-05-26 22:15 - 2013-03-15 07:53 - 13088000 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-05-26 22:15 - 2013-03-15 07:53 - 11048736 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2013-05-26 22:15 - 2013-03-15 07:53 - 09414456 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2013-05-26 22:15 - 2013-03-15 07:53 - 07959000 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-05-26 22:15 - 2013-03-15 07:53 - 07573816 ____A (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2013-05-26 22:15 - 2013-03-15 07:53 - 06271872 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-05-26 22:15 - 2013-03-15 07:53 - 02913056 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2013-05-26 22:15 - 2013-03-15 07:53 - 02864144 ____A (NVIDIA Corporation) C:\Windows\System32\nvapi64.dll
2013-05-26 22:15 - 2013-03-15 07:53 - 02728736 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-05-26 22:15 - 2013-03-15 07:53 - 02539128 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-05-26 22:15 - 2013-03-15 07:53 - 02355488 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2013-05-26 22:15 - 2013-03-15 07:53 - 01995552 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-05-26 22:15 - 2013-03-15 07:53 - 01807136 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco6431422.dll
2013-05-26 22:15 - 2013-03-15 07:53 - 01510176 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6431422.dll
2013-05-26 22:15 - 2013-03-15 07:53 - 01118776 ____A (NVIDIA Corporation) C:\Windows\System32\nvumdshimx.dll
2013-05-26 22:15 - 2013-03-15 07:53 - 00968408 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-05-26 22:15 - 2013-03-15 07:53 - 00250504 ____A (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2013-05-26 22:15 - 2013-03-15 07:53 - 00205184 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-05-26 22:15 - 2013-03-15 07:53 - 00030496 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvpciflt.sys
2013-05-26 22:15 - 2013-03-15 07:53 - 00017738 ____A C:\Windows\System32\nvinfo.pb
2013-05-26 21:50 - 2013-05-07 22:07 - 00693112 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-05-26 21:50 - 2013-05-07 22:07 - 00078200 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-05-26 21:44 - 2013-05-26 21:51 - 00000000 ___RD C:\Windows\BrowserChoice
2013-05-26 21:21 - 2013-05-26 21:22 - 36271144 ____A (Safer-Networking Ltd.                                       ) C:\Users\dennis\Downloads\spybot-2.1.exe
2013-05-26 20:50 - 2013-05-03 16:15 - 75016696 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-05-26 20:49 - 2013-05-26 20:49 - 00000117 ____A C:\Windows\System32\netcfg-2419578.txt
2013-05-26 20:48 - 2013-05-26 20:48 - 00000117 ____A C:\Windows\System32\netcfg-2362562.txt
2013-05-26 20:48 - 2013-05-26 20:48 - 00000117 ____A C:\Windows\System32\netcfg-2362468.txt
2013-05-26 20:48 - 2013-05-26 20:48 - 00000117 ____A C:\Windows\System32\netcfg-2357921.txt
2013-05-26 20:46 - 2013-05-26 20:46 - 00000219 ____A C:\Users\dennis\Desktop\Counter-Strike Global Offensive.url
2013-05-26 20:19 - 2013-05-26 20:19 - 00000000 ____D C:\Encryption
2013-05-26 20:15 - 2013-05-26 23:13 - 00000000 ____D C:\Program Files (x86)\Steam
2013-05-26 20:12 - 2013-05-26 20:13 - 08531968 ____A C:\Users\dennis\Downloads\SteamInstall_German.msi
2013-05-26 20:11 - 2013-05-26 21:56 - 00000000 ____D C:\Users\dennis\AppData\Local\clear.fi
2013-05-26 20:10 - 2013-05-26 20:10 - 00000117 ____A C:\Windows\System32\netcfg-85265.txt
2013-05-26 20:08 - 2013-05-26 20:08 - 00000117 ____A C:\Windows\System32\netcfg-1030421.txt
2013-05-26 20:02 - 2013-05-26 20:02 - 00050145 ____A C:\Users\dennis\Downloads\FRST.txt
2013-05-26 20:01 - 2013-05-26 20:02 - 00012701 ____A C:\Users\dennis\Downloads\Addition.txt
2013-05-26 19:59 - 2013-05-26 19:59 - 00000000 ____D C:\FRST
2013-05-26 19:58 - 2013-05-26 19:59 - 01915176 ____A (Farbar) C:\Users\dennis\Desktop\FRST64.exe
2013-05-26 19:56 - 2013-05-26 19:56 - 00002220 ____A C:\Users\dennis\Desktop\Sicherer Zahlungsverkehr.lnk
2013-05-26 19:56 - 2013-05-26 19:55 - 00001082 ____A C:\Users\Public\Desktop\Kaspersky PURE 3.0.lnk
2013-05-26 19:55 - 2013-05-26 19:55 - 00000167 ____A C:\Windows\System32\netcfg-276171.txt
2013-05-26 19:55 - 2012-12-10 15:14 - 00098064 ____A (Infowatch) C:\Windows\System32\Drivers\CSCrySec.sys
2013-05-26 19:55 - 2012-12-10 15:14 - 00067344 ____A (Infowatch) C:\Windows\System32\Drivers\CSVirtualDiskDrv.sys
2013-05-26 19:55 - 2012-07-11 17:09 - 00064856 ____A (Kaspersky Lab) C:\Windows\System32\klfphc.dll
2013-05-26 19:54 - 2013-05-26 23:14 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-05-26 19:54 - 2013-05-26 19:54 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2013-05-26 19:53 - 2012-11-02 15:48 - 00612696 ____A (Kaspersky Lab) C:\Windows\System32\Drivers\klif.sys
2013-05-26 19:53 - 2012-11-02 15:48 - 00089944 ____A (Kaspersky Lab) C:\Windows\System32\Drivers\klflt.sys
2013-05-26 19:52 - 2013-05-26 19:52 - 00000117 ____A C:\Windows\System32\netcfg-80171.txt
2013-05-26 19:50 - 2013-05-26 19:50 - 00000117 ____A C:\Windows\System32\netcfg-583093.txt
2013-05-26 19:48 - 2013-05-26 19:48 - 00000117 ____A C:\Windows\System32\netcfg-476375.txt
2013-05-26 19:38 - 2013-05-26 19:38 - 00000117 ____A C:\Windows\System32\netcfg-3715921.txt
2013-05-26 19:37 - 2013-05-26 19:39 - 00000000 ___HD C:\kleaner.tmp
2013-05-26 19:33 - 2013-04-09 07:33 - 00489576 ____A (Microsoft Corporation) C:\Windows\System32\AudioEng.dll
2013-05-26 19:33 - 2013-04-09 07:33 - 00446792 ____A (Microsoft Corporation) C:\Windows\System32\AudioSes.dll
2013-05-26 19:33 - 2013-04-09 07:33 - 00253544 ____A (Microsoft Corporation) C:\Windows\System32\audiodg.exe
2013-05-26 19:33 - 2013-04-09 07:20 - 00306952 ____A (Microsoft Corporation) C:\Windows\System32\kd_02_10ec.dll
2013-05-26 19:33 - 2013-04-09 07:20 - 00086280 ____A (Microsoft Corporation) C:\Windows\System32\kdnet.dll
2013-05-26 19:33 - 2013-04-09 07:18 - 00077960 ____A (Microsoft Corporation) C:\Windows\System32\kdvm.dll
2013-05-26 19:33 - 2013-04-09 06:52 - 00816128 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2013-05-26 19:33 - 2013-04-09 06:52 - 00804352 ____A (Microsoft Corporation) C:\Windows\System32\RecoveryDrive.exe
2013-05-26 19:33 - 2013-04-09 06:52 - 00373760 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2013-05-26 19:33 - 2013-04-09 06:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2013-05-26 19:33 - 2013-04-09 06:52 - 00126464 ____A (Microsoft Corporation) C:\Windows\System32\Robocopy.exe
2013-05-26 19:33 - 2013-04-09 06:51 - 14267904 ____A (Microsoft Corporation) C:\Windows\System32\wmp.dll
2013-05-26 19:33 - 2013-04-09 06:51 - 13648384 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
2013-05-26 19:33 - 2013-04-09 06:51 - 10116096 ____A (Microsoft Corporation) C:\Windows\System32\twinui.dll
2013-05-26 19:33 - 2013-04-09 06:51 - 03552768 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2013-05-26 19:33 - 2013-04-09 06:51 - 00595456 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Networking.dll
2013-05-26 19:33 - 2013-04-09 06:51 - 00523264 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-05-26 19:33 - 2013-04-09 06:51 - 00456704 ____A (Microsoft Corporation) C:\Windows\System32\wpncore.dll
2013-05-26 19:33 - 2013-04-09 06:51 - 00391168 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll
2013-05-26 19:33 - 2013-04-09 06:51 - 00367616 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2013-05-26 19:33 - 2013-04-09 06:51 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wscsvc.dll
2013-05-26 19:33 - 2013-04-09 06:50 - 02107904 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2013-05-26 19:33 - 2013-04-09 06:50 - 01285632 ____A (Microsoft Corporation) C:\Windows\System32\schedsvc.dll
2013-05-26 19:33 - 2013-04-09 06:50 - 00745984 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2013-05-26 19:33 - 2013-04-09 06:50 - 00435200 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2013-05-26 19:33 - 2013-04-09 06:50 - 00422400 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2013-05-26 19:33 - 2013-04-09 06:50 - 00414720 ____A (Microsoft Corporation) C:\Windows\System32\GenuineCenter.dll
2013-05-26 19:33 - 2013-04-09 06:50 - 00096256 ____A (Microsoft Corporation) C:\Windows\System32\mssprxy.dll
2013-05-26 19:33 - 2013-04-09 06:50 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2013-05-26 19:33 - 2013-04-09 06:50 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\msshooks.dll
2013-05-26 19:33 - 2013-04-09 06:49 - 01444864 ____A (Microsoft Corporation) C:\Windows\System32\MSAudDecMFT.dll
2013-05-26 19:33 - 2013-04-09 06:49 - 00817152 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2013-05-26 19:33 - 2013-04-09 06:49 - 00468992 ____A (Microsoft Corporation) C:\Windows\System32\MFMediaEngine.dll
2013-05-26 19:33 - 2013-04-09 06:49 - 00281088 ____A (Microsoft Corporation) C:\Windows\System32\mfreadwrite.dll
2013-05-26 19:33 - 2013-04-09 06:49 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\fhengine.dll
2013-05-26 19:33 - 2013-04-09 06:49 - 00210432 ____A (Microsoft Corporation) C:\Windows\System32\iuilp.dll
2013-05-26 19:33 - 2013-04-09 06:49 - 00196096 ____A (Microsoft Corporation) C:\Windows\System32\dmvdsitf.dll
2013-05-26 19:33 - 2013-04-09 06:49 - 00172544 ____A (Microsoft Corporation) C:\Windows\System32\dwmredir.dll
2013-05-26 19:33 - 2013-04-09 06:49 - 00050176 ____A (Microsoft Corporation) C:\Windows\System32\fmifs.dll
2013-05-26 19:33 - 2013-04-09 06:48 - 02303488 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-05-26 19:33 - 2013-04-09 06:48 - 00785408 ____A (Microsoft Corporation) C:\Windows\System32\audiosrv.dll
2013-05-26 19:33 - 2013-04-09 06:48 - 00419840 ____A (Microsoft Corporation) C:\Windows\System32\intl.cpl
2013-05-26 19:33 - 2013-04-09 06:48 - 00169472 ____A (Microsoft Corporation) C:\Windows\System32\AudioEndpointBuilder.dll
2013-05-26 19:33 - 2013-04-09 04:35 - 04038144 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-05-26 19:33 - 2013-04-09 04:33 - 00060416 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndproxy.sys
2013-05-26 19:33 - 2013-04-09 04:32 - 00805376 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\PEAuth.sys
2013-05-26 19:33 - 2013-04-09 04:31 - 00083456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\wanarp.sys
2013-05-26 19:33 - 2013-04-09 01:44 - 00123880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2013-05-26 19:33 - 2013-04-09 01:39 - 01408896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-05-26 19:33 - 2013-04-09 01:37 - 00426024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2013-05-26 19:33 - 2013-04-09 01:37 - 00324368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2013-05-26 19:33 - 2013-04-08 23:52 - 11878912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-05-26 19:33 - 2013-04-08 23:52 - 00670208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2013-05-26 19:33 - 2013-04-08 23:52 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-05-26 19:33 - 2013-04-08 23:52 - 00302592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2013-05-26 19:33 - 2013-04-08 23:52 - 00171008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2013-05-26 19:33 - 2013-04-08 23:52 - 00106496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2013-05-26 19:33 - 2013-04-08 23:51 - 10789888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-05-26 19:33 - 2013-04-08 23:51 - 08857088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-05-26 19:33 - 2013-04-08 23:51 - 02767360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2013-05-26 19:33 - 2013-04-08 23:51 - 02035200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-05-26 19:33 - 2013-04-08 23:51 - 01593344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2013-05-26 19:33 - 2013-04-08 23:51 - 01113600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll
2013-05-26 19:33 - 2013-04-08 23:51 - 00659456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2013-05-26 19:33 - 2013-04-08 23:51 - 00656896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2013-05-26 19:33 - 2013-04-08 23:51 - 00411136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2013-05-26 19:33 - 2013-04-08 23:51 - 00403968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2013-05-26 19:33 - 2013-04-08 23:51 - 00389632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2013-05-26 19:33 - 2013-04-08 23:51 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2013-05-26 19:33 - 2013-04-08 23:51 - 00324096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-05-26 19:33 - 2013-04-08 23:51 - 00268800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-05-26 19:33 - 2013-04-08 23:51 - 00214528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2013-05-26 19:33 - 2013-04-08 23:51 - 00186880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2013-05-26 19:33 - 2013-04-08 23:51 - 00155648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
2013-05-26 19:33 - 2013-04-08 23:51 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fmifs.dll
2013-05-26 19:33 - 2013-04-08 23:51 - 00035328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2013-05-26 19:33 - 2013-04-08 23:51 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2013-05-26 19:33 - 2013-04-03 00:08 - 00387688 ____A C:\Windows\System32\ApnDatabase.xml
2013-05-26 19:33 - 2013-03-30 20:16 - 01403784 ____A (Microsoft Corporation) C:\Windows\System32\winload.efi
2013-05-26 19:33 - 2013-03-30 20:16 - 01267424 ____A (Microsoft Corporation) C:\Windows\System32\winload.exe
2013-05-26 19:33 - 2013-03-29 00:09 - 01217328 ____A (Microsoft Corporation) C:\Windows\System32\winresume.efi
2013-05-26 19:33 - 2013-03-29 00:09 - 01093880 ____A (Microsoft Corporation) C:\Windows\System32\winresume.exe
2013-05-26 19:33 - 2013-03-16 00:05 - 00252928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2013-05-26 19:33 - 2012-12-13 05:59 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-05-26 19:32 - 2013-04-09 07:27 - 00284424 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys
2013-05-26 19:32 - 2013-04-09 07:17 - 01829408 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2013-05-26 19:32 - 2013-04-09 04:34 - 00095744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidbth.sys
2013-05-26 19:32 - 2013-04-09 04:34 - 00083968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2013-05-26 19:32 - 2013-04-09 04:34 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys
2013-05-26 19:32 - 2013-04-09 04:33 - 00623104 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2013-05-26 19:32 - 2013-04-09 04:31 - 00247808 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2013-05-26 19:32 - 2013-04-05 01:30 - 00503080 ____A (Microsoft Corporation) C:\Windows\System32\ci.dll
2013-05-26 19:32 - 2013-03-16 00:05 - 00298456 ____A (Microsoft Corporation) C:\Windows\System32\rsaenh.dll
2013-05-26 19:32 - 2012-12-13 06:00 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2013-05-26 19:31 - 2012-04-20 16:40 - 00196440 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\HipShieldK.sys
2013-05-26 19:30 - 2013-04-16 04:34 - 01455368 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-05-26 19:30 - 2013-04-10 01:17 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-26 19:30 - 2013-04-10 01:17 - 00915968 ____A (Microsoft Corporation) C:\Windows\System32\uxtheme.dll
2013-05-26 19:30 - 2013-04-10 01:16 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-26 19:30 - 2013-04-10 00:30 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-26 19:30 - 2013-04-10 00:30 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-26 19:30 - 2013-04-10 00:29 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-26 19:29 - 2013-04-10 01:17 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-26 19:29 - 2013-04-10 01:17 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-26 19:29 - 2013-04-10 01:17 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-26 19:29 - 2013-04-10 01:17 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-26 19:29 - 2013-04-10 01:16 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-26 19:29 - 2013-04-10 01:16 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-26 19:29 - 2013-04-10 01:16 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-26 19:29 - 2013-04-10 00:29 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-26 19:29 - 2013-04-10 00:29 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-26 19:29 - 2013-04-10 00:29 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-26 19:29 - 2013-04-10 00:29 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-26 19:29 - 2013-04-10 00:29 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-26 19:27 - 2013-04-11 08:40 - 06987528 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-05-26 19:27 - 2013-03-15 02:17 - 00861184 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\http.sys
2013-05-26 19:25 - 2013-03-02 13:02 - 00058288 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2013-05-26 19:25 - 2013-03-02 12:57 - 00332520 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2013-05-26 19:25 - 2013-03-02 10:24 - 00034304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-05-26 19:25 - 2013-03-02 10:23 - 01338880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-05-26 19:25 - 2013-03-02 10:23 - 00893952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2013-05-26 19:25 - 2013-03-02 10:23 - 00621056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-05-26 19:25 - 2013-03-02 10:23 - 00601088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2013-05-26 19:25 - 2013-03-02 10:23 - 00504320 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2013-05-26 19:25 - 2013-03-02 10:23 - 00356352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2013-05-26 19:25 - 2013-03-02 10:23 - 00246784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-05-26 19:25 - 2013-03-02 10:23 - 00125952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-05-26 19:25 - 2013-03-02 10:23 - 00100864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncInfo.dll
2013-05-26 19:25 - 2013-03-02 10:23 - 00083968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-05-26 19:25 - 2013-03-02 10:22 - 05091840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-05-26 19:25 - 2013-03-02 10:22 - 00850944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2013-05-26 19:25 - 2013-03-02 10:22 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2013-05-26 19:25 - 2013-03-02 10:21 - 00550912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
2013-05-26 19:25 - 2013-03-02 10:21 - 00309760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2013-05-26 19:25 - 2013-03-02 10:21 - 00145408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2013-05-26 19:25 - 2013-03-02 10:21 - 00036352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevDispItemProvider.dll
2013-05-26 19:25 - 2013-03-02 04:45 - 03240448 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2013-05-26 19:25 - 2013-03-02 04:45 - 01627648 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-05-26 19:25 - 2013-03-02 04:45 - 01619968 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2013-05-26 19:25 - 2013-03-02 04:45 - 01161728 ____A (Microsoft Corporation) C:\Windows\System32\sppobjs.dll
2013-05-26 19:25 - 2013-03-02 04:45 - 01149952 ____A (Microsoft Corporation) C:\Windows\System32\winmde.dll
2013-05-26 19:25 - 2013-03-02 04:45 - 01101824 ____A (Microsoft Corporation) C:\Windows\System32\wmpmde.dll
2013-05-26 19:25 - 2013-03-02 04:45 - 00951808 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Globalization.dll
2013-05-26 19:25 - 2013-03-02 04:45 - 00760320 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2013-05-26 19:25 - 2013-03-02 04:45 - 00645120 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Security.Authentication.OnlineId.dll
2013-05-26 19:25 - 2013-03-02 04:45 - 00328192 ____A (Microsoft Corporation) C:\Windows\System32\ubpm.dll
2013-05-26 19:25 - 2013-03-02 04:45 - 00251904 ____A (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll
2013-05-26 19:25 - 2013-03-02 04:45 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\usbmon.dll
2013-05-26 19:25 - 2013-03-02 04:45 - 00180224 ____A (Microsoft Corporation) C:\Windows\System32\SystemEventsBrokerServer.dll
2013-05-26 19:25 - 2013-03-02 04:45 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\storewuauth.dll
2013-05-26 19:25 - 2013-03-02 04:45 - 00171008 ____A (Microsoft Corporation) C:\Windows\System32\TimeBrokerServer.dll
2013-05-26 19:25 - 2013-03-02 04:45 - 00141824 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2013-05-26 19:25 - 2013-03-02 04:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\wpdbusenum.dll
2013-05-26 19:25 - 2013-03-02 04:45 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2013-05-26 19:25 - 2013-03-02 04:45 - 00077824 ____A (Microsoft Corporation) C:\Windows\System32\taskhost.exe
2013-05-26 19:25 - 2013-03-02 04:45 - 00072192 ____A (Microsoft Corporation) C:\Windows\System32\taskhostex.exe
2013-05-26 19:25 - 2013-03-02 04:45 - 00071168 ____A (Microsoft Corporation) C:\Windows\System32\WSDPrintProxy.DLL
2013-05-26 19:25 - 2013-03-02 04:45 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2013-05-26 19:25 - 2013-03-02 04:45 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2013-05-26 19:25 - 2013-03-02 04:44 - 05978624 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2013-05-26 19:25 - 2013-03-02 04:44 - 01048576 ____A (Microsoft Corporation) C:\Windows\System32\mfasfsrcsnk.dll
2013-05-26 19:25 - 2013-03-02 04:44 - 00703488 ____A (Microsoft Corporation) C:\Windows\System32\drvstore.dll
2013-05-26 19:25 - 2013-03-02 04:44 - 00455168 ____A (Microsoft Corporation) C:\Windows\System32\netcfgx.dll
2013-05-26 19:25 - 2013-03-02 04:44 - 00448512 ____A (Microsoft Corporation) C:\Windows\System32\SettingSync.dll
2013-05-26 19:25 - 2013-03-02 04:44 - 00150016 ____A (Microsoft Corporation) C:\Windows\System32\discan.dll
2013-05-26 19:25 - 2013-03-02 04:44 - 00128512 ____A (Microsoft Corporation) C:\Windows\System32\SettingSyncInfo.dll
2013-05-26 19:25 - 2013-03-02 04:44 - 00117248 ____A (Microsoft Corporation) C:\Windows\System32\NdisImPlatform.dll
2013-05-26 19:25 - 2013-03-02 04:44 - 00049152 ____A (Microsoft Corporation) C:\Windows\System32\DevDispItemProvider.dll
2013-05-26 19:25 - 2013-03-02 04:43 - 02146304 ____A (Microsoft Corporation) C:\Windows\System32\actxprxy.dll
2013-05-26 19:25 - 2013-03-02 04:43 - 00389120 ____A (Microsoft Corporation) C:\Windows\System32\BCP47Langs.dll
2013-05-26 19:25 - 2013-03-02 04:43 - 00156160 ____A (Microsoft Corporation) C:\Windows\System32\powercfg.cpl
2013-05-26 19:24 - 2013-05-26 23:08 - 00000000 ____D C:\Users\dennis\AppData\Local\CrashDumps
2013-05-26 19:24 - 2013-03-02 12:57 - 00337128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBXHCI.SYS
2013-05-26 19:24 - 2013-03-02 12:57 - 00077544 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\storahci.sys
2013-05-26 19:24 - 2013-03-02 12:45 - 00194792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\sdbus.sys
2013-05-26 19:24 - 2013-03-02 12:45 - 00148712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tpm.sys
2013-05-26 19:24 - 2013-03-02 12:45 - 00125160 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dumpsd.sys
2013-05-26 19:24 - 2013-03-02 12:39 - 00495336 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\vhdmp.sys
2013-05-26 19:24 - 2013-03-02 12:39 - 00327912 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Classpnp.sys
2013-05-26 19:24 - 2013-03-02 12:39 - 00069864 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\pdc.sys
2013-05-26 19:24 - 2013-03-02 11:59 - 02231528 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-05-26 19:24 - 2013-03-02 11:59 - 00411880 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2013-05-26 19:24 - 2013-03-02 04:45 - 00240640 ____A (Microsoft Corporation) C:\Windows\System32\fsquirt.exe
2013-05-26 19:24 - 2013-03-02 04:15 - 00026112 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mouhid.sys
2013-05-26 19:24 - 2013-03-01 06:56 - 00156672 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rfcomm.sys
2013-05-26 19:24 - 2013-03-01 06:56 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\monitor.sys
2013-05-26 19:24 - 2013-03-01 06:55 - 01175040 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys
2013-05-26 19:21 - 2013-05-26 19:21 - 00000246 ____A C:\Users\dennis\Downloads\defogger_enable.log
2013-05-26 19:20 - 2013-05-26 19:21 - 00000000 ____D C:\Users\dennis\AppData\Roaming\Mozilla
2013-05-26 19:20 - 2013-05-26 19:20 - 00000000 ____D C:\Users\dennis\AppData\Local\Mozilla
2013-05-26 19:18 - 2013-05-26 19:18 - 00001151 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-05-26 19:18 - 2013-05-26 19:18 - 00000000 ____D C:\ProgramData\Mozilla
2013-05-26 19:18 - 2013-05-26 19:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-05-26 19:18 - 2013-05-26 19:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-05-26 19:18 - 2013-02-21 12:29 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-05-26 19:18 - 2013-02-21 12:29 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-05-26 19:18 - 2013-02-21 12:29 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-26 19:18 - 2013-02-21 12:29 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-05-26 19:18 - 2013-02-21 12:14 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-26 19:18 - 2013-02-21 12:14 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-26 19:18 - 2013-02-19 11:53 - 00534528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-05-26 19:17 - 2013-05-26 19:17 - 21151576 ____A (Mozilla) C:\Users\dennis\Downloads\Firefox Setup 21.0 (1).exe
2013-05-26 19:17 - 2013-05-26 19:17 - 00000000 ____D C:\Users\dennis\AppData\Roaming\Macromedia
2013-05-26 19:17 - 2013-02-02 07:41 - 01437184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2013-05-26 19:17 - 2013-02-02 07:31 - 01690624 ____A (Microsoft Corporation) C:\Windows\System32\GdiPlus.dll
2013-05-26 19:16 - 2013-02-07 03:33 - 00754176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2013-05-26 19:15 - 2013-02-02 13:19 - 00496872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2013-05-26 19:15 - 2013-02-02 13:19 - 00446184 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS
2013-05-26 19:15 - 2013-02-02 13:19 - 00061672 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\crashdmp.sys
2013-05-26 19:15 - 2013-02-02 12:54 - 01933544 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2013-05-26 19:15 - 2013-02-02 12:28 - 00993512 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2013-05-26 19:15 - 2013-02-02 10:40 - 00410624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlroamextension.dll
2013-05-26 19:15 - 2013-02-02 10:40 - 00370688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2013-05-26 19:15 - 2013-02-02 10:40 - 00197632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2013-05-26 19:15 - 2013-02-02 10:40 - 00155136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2013-05-26 19:15 - 2013-02-02 10:40 - 00080896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tasklist.exe
2013-05-26 19:15 - 2013-02-02 10:40 - 00079360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\taskkill.exe
2013-05-26 19:15 - 2013-02-02 10:39 - 00157696 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2013-05-26 19:15 - 2013-02-02 10:39 - 00115712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2013-05-26 19:15 - 2013-02-02 10:39 - 00055296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2013-05-26 19:15 - 2013-02-02 10:39 - 00018432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2013-05-26 19:15 - 2013-02-02 10:39 - 00015872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nlmproxy.dll
2013-05-26 19:15 - 2013-02-02 10:39 - 00012288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nlmsprep.dll
2013-05-26 19:15 - 2013-02-02 10:38 - 00567808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\duser.dll
2013-05-26 19:15 - 2013-02-02 10:24 - 00107520 ____A (Microsoft Corporation) C:\Windows\System32\taskkill.exe
2013-05-26 19:15 - 2013-02-02 10:24 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\tasklist.exe
2013-05-26 19:15 - 2013-02-02 10:23 - 00731648 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-05-26 19:15 - 2013-02-02 10:23 - 00611840 ____A (Microsoft Corporation) C:\Windows\System32\wpd_ci.dll
2013-05-26 19:15 - 2013-02-02 10:23 - 00543232 ____A (Microsoft Corporation) C:\Windows\System32\wlroamextension.dll
2013-05-26 19:15 - 2013-02-02 10:23 - 00475136 ____A (Microsoft Corporation) C:\Windows\System32\WWanAPI.dll
2013-05-26 19:15 - 2013-02-02 10:23 - 00293376 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Networking.Connectivity.dll
2013-05-26 19:15 - 2013-02-02 10:23 - 00228352 ____A (Microsoft Corporation) C:\Windows\System32\XpsRasterService.dll
2013-05-26 19:15 - 2013-02-02 10:23 - 00087552 ____A (Microsoft Corporation) C:\Windows\System32\wersvc.dll
2013-05-26 19:15 - 2013-02-02 10:21 - 00467456 ____A (Microsoft Corporation) C:\Windows\System32\netprofmsvc.dll
2013-05-26 19:15 - 2013-02-02 10:21 - 00385024 ____A (Microsoft Corporation) C:\Windows\System32\ncsi.dll
2013-05-26 19:15 - 2013-02-02 10:21 - 00225280 ____A (Microsoft Corporation) C:\Windows\System32\mbsmsapi.dll
2013-05-26 19:15 - 2013-02-02 10:20 - 00729600 ____A (Microsoft Corporation) C:\Windows\System32\duser.dll
2013-05-26 19:15 - 2013-02-02 10:20 - 00260096 ____A (Microsoft Corporation) C:\Windows\System32\hotspotauth.dll
2013-05-26 19:15 - 2013-02-02 09:25 - 00297984 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ks.sys
2013-05-26 19:15 - 2013-02-02 09:25 - 00037632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BthAvrcpTg.sys
2013-05-26 19:14 - 2013-02-12 03:30 - 00044032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-05-26 19:14 - 2013-02-12 02:56 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\UXInit.dll
2013-05-26 19:13 - 2013-05-26 23:23 - 01654778 ____A C:\Windows\WindowsUpdate.log
2013-05-26 19:13 - 2013-05-26 19:13 - 00000117 ____A C:\Windows\System32\netcfg-2186703.txt
2013-05-26 19:13 - 2013-05-26 19:13 - 00000117 ____A C:\Windows\System32\netcfg-2186203.txt
2013-05-26 19:13 - 2013-03-22 05:49 - 02382336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2013-05-26 19:13 - 2013-02-12 02:17 - 00020992 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2013-05-26 19:12 - 2013-03-22 00:47 - 02851840 ____A (Microsoft Corporation) C:\Windows\System32\esent.dll
2013-05-26 19:12 - 2013-03-02 10:23 - 00375808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2013-05-26 19:12 - 2013-03-02 04:44 - 01011200 ____A (Microsoft Corporation) C:\Windows\System32\reseteng.dll
2013-05-26 19:12 - 2013-02-06 00:29 - 00370688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2013-05-26 19:12 - 2013-02-06 00:28 - 00215552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2013-05-26 19:11 - 2013-03-06 09:10 - 00112872 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-05-26 19:11 - 2013-03-06 08:31 - 19758592 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-05-26 19:11 - 2013-03-06 08:31 - 00222208 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-05-26 19:11 - 2013-03-06 08:29 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-05-26 19:11 - 2013-03-06 07:03 - 17561600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-05-26 19:11 - 2013-03-06 07:03 - 00199168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-05-26 19:10 - 2013-01-10 03:53 - 00028904 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msgpiowin32.sys
2013-05-26 19:10 - 2013-01-10 03:40 - 00303848 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-05-26 19:10 - 2013-01-10 03:29 - 00785504 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2013-05-26 19:10 - 2013-01-10 03:29 - 00091880 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2013-05-26 19:10 - 2013-01-10 01:26 - 01752064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2013-05-26 19:10 - 2013-01-10 01:26 - 01611776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2013-05-26 19:10 - 2013-01-10 01:26 - 00890880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2013-05-26 19:10 - 2013-01-10 01:26 - 00436736 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2013-05-26 19:10 - 2013-01-10 01:26 - 00261120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2013-05-26 19:10 - 2013-01-10 01:26 - 00083968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wiaacmgr.exe
2013-05-26 19:10 - 2013-01-10 01:26 - 00067584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2013-05-26 19:10 - 2013-01-10 01:23 - 02094592 ____A (Microsoft Corporation) C:\Windows\System32\mmc.exe
2013-05-26 19:10 - 2013-01-10 01:23 - 01964544 ____A (Microsoft Corporation) C:\Windows\System32\wlidsvc.dll
2013-05-26 19:10 - 2013-01-10 01:23 - 01886208 ____A (Microsoft Corporation) C:\Windows\System32\setupapi.dll
2013-05-26 19:10 - 2013-01-10 01:23 - 00728064 ____A (Microsoft Corporation) C:\Windows\System32\samsrv.dll
2013-05-26 19:10 - 2013-01-10 01:23 - 00406016 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Media.dll
2013-05-26 19:10 - 2013-01-10 01:23 - 00256000 ____A (Microsoft Corporation) C:\Windows\System32\WSDMon.dll
2013-05-26 19:10 - 2013-01-10 01:23 - 00095232 ____A (Microsoft Corporation) C:\Windows\System32\wiaacmgr.exe
2013-05-26 19:10 - 2013-01-10 01:22 - 01120768 ____A (Microsoft Corporation) C:\Windows\System32\msctf.dll
2013-05-26 19:10 - 2013-01-10 01:22 - 00894464 ____A (Microsoft Corporation) C:\Windows\System32\iphlpsvc.dll
2013-05-26 19:10 - 2013-01-10 01:22 - 00666112 ____A (Microsoft Corporation) C:\Windows\System32\MP4SDECD.DLL
2013-05-26 19:10 - 2013-01-10 01:22 - 00438272 ____A (Microsoft Corporation) C:\Windows\System32\lsm.dll
2013-05-26 19:10 - 2013-01-10 01:22 - 00159232 ____A (Microsoft Corporation) C:\Windows\System32\inetpp.dll
2013-05-26 19:10 - 2013-01-09 05:59 - 00341504 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\HdAudio.sys
2013-05-26 19:10 - 2013-01-09 05:59 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BTHUSB.SYS
2013-05-26 19:10 - 2013-01-09 05:58 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bthenum.sys
2013-05-26 19:10 - 2012-11-02 07:19 - 00171520 ____A (Microsoft Corporation) C:\Windows\System32\ncbservice.dll
2013-05-26 19:10 - 2012-11-02 07:18 - 00107520 ____A (Microsoft Corporation) C:\Windows\System32\httpprxm.dll
2013-05-26 19:10 - 2012-11-02 07:18 - 00062464 ____A (Microsoft Corporation) C:\Windows\System32\adhsvc.dll
2013-05-26 19:10 - 2012-11-02 07:18 - 00022528 ____A (Microsoft Corporation) C:\Windows\System32\adhapi.dll
2013-05-26 19:10 - 2012-11-02 07:18 - 00017920 ____A (Microsoft Corporation) C:\Windows\System32\httpprxp.dll
2013-05-26 19:10 - 2012-11-02 07:18 - 00015872 ____A (Microsoft Corporation) C:\Windows\System32\keepaliveprovider.dll
2013-05-26 19:09 - 2013-01-04 07:32 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-26 19:09 - 2013-01-04 06:19 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-26 19:09 - 2012-12-15 06:55 - 00443392 ____A (Microsoft Corporation) C:\Windows\System32\ReAgent.dll
2013-05-26 19:07 - 2012-11-26 06:21 - 00071168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2013-05-26 19:07 - 2012-11-26 06:20 - 00086016 ____A (Microsoft Corporation) C:\Windows\System32\ncryptsslp.dll
2013-05-26 19:06 - 2012-11-27 05:57 - 00018432 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BtaMPM.sys
2013-05-26 19:06 - 2012-11-27 05:55 - 00029952 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BthhfHid.sys
2013-05-26 19:05 - 2013-01-29 03:57 - 00035232 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WdBoot.sys
2013-05-26 19:05 - 2013-01-29 01:08 - 00230904 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WdFilter.sys
2013-05-26 19:05 - 2012-11-20 06:56 - 00027136 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2013-05-26 19:05 - 2012-11-20 06:54 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidi2c.sys
2013-05-26 19:05 - 2012-11-03 07:26 - 00132096 ____A (Microsoft Corporation) C:\Windows\System32\sysreset.exe
2013-05-26 19:05 - 2012-11-03 07:25 - 00945152 ____A (Microsoft Corporation) C:\Windows\System32\resetengmig.dll
2013-05-26 19:04 - 2012-11-06 09:33 - 00522640 ____A (Microsoft Corporation) C:\Windows\System32\AUDIOKSE.dll
2013-05-26 19:04 - 2012-11-06 07:00 - 00463768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2013-05-26 19:04 - 2012-11-06 06:20 - 00018432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2013-05-26 19:04 - 2012-11-06 06:20 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\wuaext.dll
2013-05-26 19:04 - 2012-11-06 06:18 - 00267264 ____A (Microsoft Corporation) C:\Windows\System32\EncDump.dll
2013-05-26 19:04 - 2012-11-06 06:00 - 00099328 ____A (Microsoft Corporation) C:\Windows\System32\wushareduxresources.dll
2013-05-26 19:04 - 2012-11-02 07:20 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2013-05-26 19:02 - 2012-10-24 05:25 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\pcalua.exe
2013-05-26 19:02 - 2012-10-24 05:24 - 00405504 ____A (Microsoft Corporation) C:\Windows\System32\pcasvc.dll
2013-05-26 19:02 - 2012-10-24 05:24 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\pcadm.dll
2013-05-26 19:02 - 2012-10-24 05:05 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\pcaevts.dll
2013-05-26 19:01 - 2012-11-10 06:23 - 00148480 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2013-05-26 19:01 - 2012-11-10 06:23 - 00132608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2013-05-26 19:01 - 2012-11-10 06:22 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\tssdisai.dll
2013-05-26 19:01 - 2012-11-10 06:22 - 00126976 ____A (Microsoft Corporation) C:\Windows\System32\RDWebAI.dll
2013-05-26 19:01 - 2012-11-10 06:22 - 00122880 ____A (Microsoft Corporation) C:\Windows\System32\VmHostAI.dll
2013-05-26 19:01 - 2012-11-10 06:20 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\appserverai.dll
2013-05-26 19:00 - 2012-10-11 07:44 - 00246272 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2013-05-26 19:00 - 2012-10-11 07:44 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\mssitlb.dll
2013-05-26 19:00 - 2012-10-11 07:06 - 00094208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2013-05-26 19:00 - 2012-10-11 07:06 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2013-05-26 18:58 - 2012-11-03 07:26 - 00034816 ____A (Microsoft Corporation) C:\Windows\System32\dpnsvr.exe
2013-05-26 18:58 - 2012-11-03 07:26 - 00032256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2013-05-26 18:58 - 2012-11-03 07:24 - 00463872 ____A (Microsoft Corporation) C:\Windows\System32\dpnet.dll
2013-05-26 18:58 - 2012-11-03 07:24 - 00375808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2013-05-26 18:58 - 2012-11-03 07:24 - 00067584 ____A (Microsoft Corporation) C:\Windows\System32\dpnathlp.dll
2013-05-26 18:58 - 2012-11-03 07:24 - 00058880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
2013-05-26 18:58 - 2012-11-03 07:24 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\dpnhupnp.dll
2013-05-26 18:58 - 2012-11-03 07:24 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\dpnhpast.dll
2013-05-26 18:58 - 2012-11-03 07:24 - 00008192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
2013-05-26 18:58 - 2012-11-03 07:24 - 00008192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
2013-05-26 18:58 - 2012-11-03 07:04 - 00004096 ____A (Microsoft Corporation) C:\Windows\System32\dpnlobby.dll
2013-05-26 18:58 - 2012-11-03 07:04 - 00003584 ____A (Microsoft Corporation) C:\Windows\System32\dpnaddr.dll
2013-05-26 18:58 - 2012-11-03 07:00 - 00003072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnlobby.dll
2013-05-26 18:58 - 2012-11-03 07:00 - 00002560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
2013-05-26 18:56 - 2012-08-31 02:53 - 00017888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2013-05-26 18:56 - 2012-08-31 02:52 - 00017888 ____A (Microsoft Corporation) C:\Windows\System32\msvcr100_clr0400.dll
2013-05-26 18:54 - 2012-10-24 05:25 - 00026624 ____A (Microsoft Corporation) C:\Windows\System32\ReAgentc.exe
2013-05-26 18:54 - 2012-10-24 04:48 - 00024064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2013-05-26 18:54 - 2012-10-06 06:53 - 02893824 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-05-26 18:54 - 2012-10-06 06:15 - 02400256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-05-26 18:53 - 2013-05-26 18:53 - 00000000 ____D C:\Users\dennis\AppData\Local\EgisTec IPS
2013-05-26 18:53 - 2012-11-08 06:20 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-26 18:53 - 2012-11-08 06:20 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-26 18:52 - 2012-11-01 06:41 - 01802240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2013-05-26 18:52 - 2012-11-01 06:41 - 01438720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2013-05-26 18:52 - 2012-11-01 06:40 - 02361344 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2013-05-26 18:52 - 2012-11-01 06:40 - 01836032 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2013-05-26 18:52 - 2012-11-01 06:21 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml6r.dll
2013-05-26 18:52 - 2012-11-01 06:21 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
2013-05-26 18:52 - 2012-11-01 06:20 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2013-05-26 18:52 - 2012-11-01 06:20 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2013-05-26 18:49 - 2012-09-20 08:33 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\fhmanagew.exe
2013-05-26 18:49 - 2012-09-20 08:31 - 00315392 ____A (Microsoft Corporation) C:\Windows\System32\fhcfg.dll
2013-05-26 18:49 - 2012-09-20 08:31 - 00280576 ____A (Microsoft Corporation) C:\Windows\System32\fhcat.dll
2013-05-26 18:49 - 2012-09-20 08:31 - 00137728 ____A (Microsoft Corporation) C:\Windows\System32\fhshl.dll
2013-05-26 18:49 - 2012-09-20 08:31 - 00116736 ____A (Microsoft Corporation) C:\Windows\System32\fhsvc.dll
2013-05-26 18:49 - 2012-09-20 08:31 - 00080896 ____A (Microsoft Corporation) C:\Windows\System32\fhsrchapi.dll
2013-05-26 18:49 - 2012-09-20 08:31 - 00070656 ____A (Microsoft Corporation) C:\Windows\System32\fhevents.dll
2013-05-26 18:49 - 2012-09-20 08:31 - 00067584 ____A (Microsoft Corporation) C:\Windows\System32\fhsrchph.dll
2013-05-26 18:49 - 2012-09-20 08:31 - 00064000 ____A (Microsoft Corporation) C:\Windows\System32\fhlisten.dll
2013-05-26 18:49 - 2012-09-20 08:31 - 00064000 ____A (Microsoft Corporation) C:\Windows\System32\fhautoplay.dll
2013-05-26 18:49 - 2012-09-20 08:31 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\fhcleanup.dll
2013-05-26 18:49 - 2012-09-20 08:31 - 00038400 ____A (Microsoft Corporation) C:\Windows\System32\fhtask.dll
2013-05-26 18:49 - 2012-09-20 08:31 - 00020480 ____A (Microsoft Corporation) C:\Windows\System32\fhsvcctl.dll
2013-05-26 18:48 - 2013-05-26 18:48 - 00000000 ____D C:\Users\dennis\AppData\Roaming\Atheros
2013-05-26 18:48 - 2012-09-20 08:32 - 00356352 ____A (Microsoft Corporation) C:\Windows\System32\nlasvc.dll
2013-05-26 18:48 - 2012-09-20 08:32 - 00072192 ____A (Microsoft Corporation) C:\Windows\System32\nlaapi.dll
2013-05-26 18:47 - 2012-09-20 08:33 - 00060928 ____A (Microsoft Corporation) C:\Windows\System32\ndptsp.tsp
2013-05-26 18:47 - 2012-09-20 08:33 - 00047104 ____A (Microsoft Corporation) C:\Windows\System32\kmddsp.tsp
2013-05-26 18:47 - 2012-09-20 08:32 - 00121856 ____A (Microsoft Corporation) C:\Windows\System32\rascfg.dll
2013-05-26 18:47 - 2012-09-20 08:32 - 00075264 ____A (Microsoft Corporation) C:\Windows\System32\rasdiag.dll
2013-05-26 18:47 - 2012-09-20 08:32 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\rasmxs.dll
2013-05-26 18:47 - 2012-09-20 08:32 - 00029696 ____A (Microsoft Corporation) C:\Windows\System32\rasser.dll
2013-05-26 18:47 - 2012-09-20 08:32 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\spwmp.dll
2013-05-26 18:47 - 2012-09-20 08:32 - 00006144 ____A (Microsoft Corporation) C:\Windows\System32\msdxm.ocx
2013-05-26 18:47 - 2012-09-20 08:32 - 00006144 ____A (Microsoft Corporation) C:\Windows\System32\dxmasf.dll
2013-05-26 18:47 - 2012-09-20 08:12 - 09374208 ____A (Microsoft Corporation) C:\Windows\System32\wmploc.DLL
2013-05-26 18:47 - 2012-09-20 08:09 - 00025088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndistapi.sys
2013-05-26 18:47 - 2012-09-20 07:55 - 00051200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2013-05-26 18:47 - 2012-09-20 07:55 - 00038912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2013-05-26 18:47 - 2012-09-20 07:54 - 00108544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2013-05-26 18:47 - 2012-09-20 07:54 - 00059392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2013-05-26 18:47 - 2012-09-20 07:54 - 00032768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2013-05-26 18:47 - 2012-09-20 07:54 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2013-05-26 18:47 - 2012-09-20 07:32 - 09374208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-05-26 18:46 - 2013-05-26 18:46 - 00002609 ____A C:\Users\Public\Desktop\eBay.lnk
2013-05-26 18:46 - 2013-05-26 18:46 - 00000000 ____D C:\Program Files (x86)\OEM
2013-05-26 18:46 - 2012-09-20 07:54 - 00009216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2013-05-26 18:46 - 2012-09-20 07:54 - 00004608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2013-05-26 18:46 - 2012-09-20 07:54 - 00004608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2013-05-26 18:45 - 2013-05-26 18:45 - 00000000 ____D C:\Users\dennis\AppData\Roaming\lm
2013-05-26 18:45 - 2013-05-26 18:45 - 00000000 ____D C:\Users\dennis\AppData\Roaming\Adobe
2013-05-26 18:45 - 2013-05-26 18:45 - 00000000 ____D C:\Program Files\Preload
2013-05-26 18:45 - 2013-05-26 18:45 - 00000000 ____D C:\Program Files\Accessory Store
2013-05-26 18:45 - 2012-09-20 09:55 - 00488168 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2013-05-26 18:45 - 2012-09-20 09:55 - 00212200 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\UCX01000.SYS
2013-05-26 18:45 - 2012-09-20 09:55 - 00079080 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2013-05-26 18:45 - 2012-09-20 09:55 - 00021736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
2013-05-26 18:45 - 2012-09-20 08:09 - 00032256 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
2013-05-26 18:43 - 2013-05-26 18:43 - 00000020 ___SH C:\Users\dennis\ntuser.ini
2013-05-26 18:43 - 2013-05-26 18:43 - 00000000 ____D C:\Users\dennis\AppData\Local\VirtualStore
2013-05-26 18:42 - 2012-12-16 10:28 - 00046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2013-05-26 18:42 - 2012-12-16 10:20 - 00035328 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-05-26 18:42 - 2012-12-16 10:08 - 00362496 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2013-05-26 18:42 - 2012-12-16 09:57 - 00300032 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-05-26 18:42 - 2012-11-08 06:24 - 00075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-05-26 18:42 - 2012-11-08 06:24 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-05-26 18:42 - 2012-11-08 06:20 - 00096256 ____A (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2013-05-26 18:42 - 2012-11-08 06:20 - 00014336 ____A (Microsoft Corporation) C:\Windows\System32\dciman32.dll
2013-05-26 18:42 - 2012-11-08 06:02 - 00003072 ____A (Microsoft Corporation) C:\Windows\System32\lpk.dll
2013-05-26 18:42 - 2012-11-08 06:01 - 00003072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-05-26 18:40 - 2012-10-10 09:04 - 00094208 ____A (Microsoft Corporation) C:\Windows\System32\synceng.dll
2013-05-26 18:40 - 2012-10-10 08:31 - 00072192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2013-05-26 18:38 - 2013-05-26 22:32 - 00000000 ____D C:\users\dennis
2013-05-26 18:38 - 2013-05-26 18:39 - 00043818 ____A C:\Windows\diagwrn.xml
2013-05-26 18:38 - 2013-05-26 18:39 - 00043818 ____A C:\Windows\diagerr.xml
2013-05-26 18:38 - 2013-05-26 18:39 - 00000000 ____D C:\users\UpdatusUser.004
2013-05-26 18:38 - 2013-05-26 18:39 - 00000000 ____D C:\users\UpdatusUser.003
2013-05-26 18:38 - 2013-05-26 18:39 - 00000000 ____D C:\users\UpdatusUser.002
2013-05-26 18:38 - 2013-05-26 18:38 - 00000117 ____A C:\Windows\System32\netcfg-87468.txt
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.004\Vorlagen
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.004\Startmenü
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.004\Netzwerkumgebung
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.004\Lokale Einstellungen
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.004\Eigene Dateien
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.004\Druckumgebung
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.004\Documents\Eigene Musik
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.004\Documents\Eigene Bilder
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.004\AppData\Local\Verlauf
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.004\AppData\Local\Anwendungsdaten
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.004\Anwendungsdaten
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.003\Vorlagen
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.003\Startmenü
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.003\Netzwerkumgebung
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.003\Lokale Einstellungen
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.003\Eigene Dateien
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.003\Druckumgebung
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.003\Documents\Eigene Musik
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.003\Documents\Eigene Bilder
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.003\AppData\Local\Verlauf
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.003\AppData\Local\Anwendungsdaten
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.003\Anwendungsdaten
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.002\Vorlagen
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.002\Startmenü
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.002\Netzwerkumgebung
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.002\Lokale Einstellungen
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.002\Eigene Dateien
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.002\Druckumgebung
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.002\Documents\Eigene Musik
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.002\Documents\Eigene Bilder
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.002\AppData\Local\Verlauf
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.002\AppData\Local\Anwendungsdaten
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.002\Anwendungsdaten
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.000\Vorlagen
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.000\Startmenü
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.000\Netzwerkumgebung
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.000\Lokale Einstellungen
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.000\Eigene Dateien
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.000\Druckumgebung
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.000\Documents\Eigene Musik
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.000\Documents\Eigene Bilder
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.000\AppData\Local\Verlauf
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.000\AppData\Local\Anwendungsdaten
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.000\Anwendungsdaten
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\dennis\Vorlagen
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\dennis\Startmenü
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\dennis\Netzwerkumgebung
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\dennis\Lokale Einstellungen
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\dennis\Eigene Dateien
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\dennis\Druckumgebung
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\dennis\Documents\Eigene Musik
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\dennis\Documents\Eigene Bilder
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\dennis\AppData\Local\Verlauf
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\dennis\AppData\Local\Anwendungsdaten
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\dennis\Anwendungsdaten
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 ____D C:\users\UpdatusUser.000
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\Users\Public\Documents\Eigene Musik
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\Users\Public\Documents\Eigene Bilder
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\Users\Default\Vorlagen
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\Users\Default\Startmenü
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\Users\Default\Netzwerkumgebung
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\Users\Default\Lokale Einstellungen
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\Users\Default\Eigene Dateien
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\Users\Default\Druckumgebung
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\Users\Default\Documents\Eigene Musik
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\Users\Default\Documents\Eigene Bilder
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\Users\Default\AppData\Local\Verlauf
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\Users\Default\AppData\Local\Anwendungsdaten
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\Users\Default\Anwendungsdaten
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\ProgramData\Vorlagen
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\ProgramData\Startmenü
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\ProgramData\Dokumente
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\ProgramData\Anwendungsdaten
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\Program Files\Gemeinsame Dateien
2013-05-25 00:15 - 2013-05-25 00:19 - 165141856 ____A (Kaspersky Lab) C:\Users\dennis\Downloads\kav13.0.1.4190de-de.exe
2013-05-25 00:15 - 2013-05-25 00:18 - 176212264 ____A (Kaspersky Lab) C:\Users\dennis\Downloads\kis13.0.1.4190de-de.exe
2013-05-25 00:13 - 2013-05-25 00:17 - 188740896 ____A (Kaspersky Lab) C:\Users\dennis\Downloads\pure13.0.2.558DE_4340.exe
2013-05-24 23:34 - 2013-05-24 23:34 - 00172052 ____A C:\Users\dennis\Documents\cc_20130524_233440.reg
2013-05-24 21:39 - 2013-05-24 21:39 - 00076252 ____A C:\Users\dennis\Downloads\Extras.Txt
2013-05-24 21:38 - 2013-05-24 21:38 - 00140104 ____A C:\Users\dennis\Downloads\OTL.Txt
2013-05-24 20:44 - 2013-05-26 23:10 - 00000184 ____A C:\Users\dennis\Downloads\defogger_disable.log
2013-05-24 20:20 - 2013-05-24 20:20 - 00050477 ____A C:\Users\dennis\Downloads\Defogger.exe
2013-05-24 20:18 - 2013-05-24 20:20 - 00602112 ____A (OldTimer Tools) C:\Users\dennis\Downloads\OTL.exe
2013-05-24 19:36 - 2013-05-24 19:36 - 00377856 ____A C:\Users\dennis\Downloads\gmer_2.1.19163.exe
2013-05-24 19:25 - 2013-05-24 19:25 - 00003344 ____A C:\{7BCD4120-C69E-4398-888E-C6C2B5425867}
2013-05-24 19:12 - 2013-05-24 19:22 - 12917756 ____A C:\Users\dennis\Downloads\mbar-1.05.0.1001.zip
2013-05-24 18:45 - 2013-05-24 18:45 - 01183936 ____A (Developer Tribe (Pvt) Ltd.                                  ) C:\Users\dennis\Downloads\setup_rr.exe
2013-05-24 18:42 - 2013-05-24 18:42 - 00483809 ____A (Lars Hederer                                                ) C:\Users\dennis\Downloads\ntregopt-setup.exe
2013-05-24 18:14 - 2013-05-24 18:15 - 165050896 ____N (Symantec Corporation) C:\Users\dennis\Downloads\NIS_20.3.1.22_SYMTB_TMD_MRFTT_620_9001.exe
2013-05-24 18:12 - 2013-05-24 18:12 - 00065893 ____A C:\Users\dennis\Downloads\antivir11_rootkit.zip
2013-05-24 18:00 - 2013-05-24 18:00 - 02140631 ____A C:\Users\dennis\Downloads\SharePod_3.99.zip
2013-05-24 17:52 - 2013-05-24 17:53 - 01339288 ____A C:\Users\dennis\Downloads\sar_15_sfx.exe
2013-05-23 18:46 - 2013-05-23 18:46 - 00000000 ____D C:\Users\dennis\Desktop\RetroshARE
2013-05-20 23:44 - 2013-05-23 21:59 - 00000000 ____D C:\Users\dennis\Desktop\Musik
2013-05-20 18:17 - 2013-05-23 21:49 - 00000000 ____D C:\Users\dennis\Desktop\Best of Summer
2013-05-17 03:33 - 2013-05-17 03:33 - 21151576 ____A (Mozilla) C:\Users\dennis\Downloads\Firefox Setup 21.0.exe
2013-05-17 00:35 - 2013-05-17 00:35 - 04346816 ____A (Piriform Ltd) C:\Users\dennis\Downloads\ccsetup401.exe
2013-05-16 21:33 - 2013-05-16 21:34 - 00081536 ____A (Conduit) C:\ministub.exe
2013-05-16 21:25 - 2013-05-16 21:42 - 00000009 ____A C:\END
2013-05-16 10:42 - 2013-05-16 10:42 - 03389035 ____A C:\Users\dennis\Downloads\eMule0.50a-Installer.exe
2013-05-16 00:44 - 2013-05-16 00:44 - 00804552 ____A (Koyote-Lab Inc.) C:\Users\dennis\Downloads\FreeFLVConverter75Setup.exe
2013-05-16 00:30 - 2013-05-16 01:27 - 00000000 ____D C:\Users\dennis\dwhelper
2013-05-15 01:14 - 2013-05-15 01:14 - 07757362 ____A C:\Users\dennis\Downloads\DIR-300_fw_revb_214b01_ALL_de_20130206.zip
2013-05-15 01:14 - 2013-05-15 01:14 - 02501599 ____A C:\Users\dennis\Downloads\DIR-300_fw_reva_106b02_ALL_de_20130411.zip
2013-05-15 01:11 - 2013-05-15 01:11 - 00001908 ____A C:\Users\dennis\Downloads\config.bin

==================== One Month Modified Files and Folders =======

2013-05-27 04:36 - 2013-05-27 04:36 - 00262144 ____A C:\Windows\System32\config\userdiff
2013-05-27 04:36 - 2012-07-26 10:13 - 00262144 ____A C:\Windows\System32\config\BCD-Template
2013-05-26 23:28 - 2013-05-27 04:36 - 00000000 ____D C:\Windows.old
2013-05-26 23:27 - 2013-05-27 04:12 - 00000000 ___HD C:\$SysReset
2013-05-26 23:23 - 2013-05-26 23:23 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-05-26 23:23 - 2013-05-26 19:13 - 01654778 ____A C:\Windows\WindowsUpdate.log
2013-05-26 23:23 - 2012-07-26 09:21 - 00035307 ____A C:\Windows\setupact.log
2013-05-26 23:18 - 2012-09-05 07:00 - 00753134 ____A C:\Windows\System32\perfh007.dat
2013-05-26 23:18 - 2012-09-05 07:00 - 00155826 ____A C:\Windows\System32\perfc007.dat
2013-05-26 23:18 - 2012-07-26 09:28 - 01745416 ____A C:\Windows\System32\PerfStringBackup.INI
2013-05-26 23:14 - 2013-05-26 19:54 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-05-26 23:13 - 2013-05-26 20:15 - 00000000 ____D C:\Program Files (x86)\Steam
2013-05-26 23:12 - 2013-05-26 23:12 - 00000000 ____D C:\Windows\SysWOW64\NV
2013-05-26 23:12 - 2013-05-26 23:12 - 00000000 ____D C:\Windows\System32\NV
2013-05-26 23:12 - 2012-07-26 09:22 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-05-26 23:11 - 2012-08-02 13:15 - 00118958 ____A C:\Windows\PFRO.log
2013-05-26 23:10 - 2013-05-24 20:44 - 00000184 ____A C:\Users\dennis\Downloads\defogger_disable.log
2013-05-26 23:08 - 2013-05-26 19:24 - 00000000 ____D C:\Users\dennis\AppData\Local\CrashDumps
2013-05-26 23:04 - 2013-05-26 23:03 - 03191888 ____A (McAfee, Inc.) C:\Users\dennis\Downloads\MCPR.exe
2013-05-26 23:01 - 2013-05-26 22:27 - 00000000 ____D C:\ProgramData\SecTaskMan
2013-05-26 23:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\sru
2013-05-26 22:44 - 2013-05-26 22:44 - 00021612 ____A C:\Users\dennis\Desktop\Gmerlog.log
2013-05-26 22:42 - 2013-05-26 22:42 - 00001073 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-05-26 22:42 - 2013-05-26 22:42 - 00000000 ____D C:\Users\dennis\AppData\Roaming\Malwarebytes
2013-05-26 22:42 - 2013-05-26 22:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-05-26 22:42 - 2013-05-26 22:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-05-26 22:40 - 2013-05-26 22:40 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\dennis\Downloads\mbam-setup-1.75.0.1300.exe
2013-05-26 22:35 - 2012-12-02 12:25 - 00000000 ___RD C:\Users\dennis\Desktop\Anwendungen
2013-05-26 22:32 - 2013-05-26 22:32 - 00000000 ____A C:\Users\dennis\defogger_reenable
2013-05-26 22:32 - 2013-05-26 18:38 - 00000000 ____D C:\users\dennis
2013-05-26 22:30 - 2013-05-26 22:30 - 00000020 ___SH C:\Users\UpdatusUser.DENNIS\ntuser.ini
2013-05-26 22:30 - 2013-05-26 22:30 - 00000000 __SHD C:\Users\UpdatusUser.DENNIS\Vorlagen
2013-05-26 22:30 - 2013-05-26 22:30 - 00000000 __SHD C:\Users\UpdatusUser.DENNIS\Startmenü
2013-05-26 22:30 - 2013-05-26 22:30 - 00000000 __SHD C:\Users\UpdatusUser.DENNIS\Netzwerkumgebung
2013-05-26 22:30 - 2013-05-26 22:30 - 00000000 __SHD C:\Users\UpdatusUser.DENNIS\Lokale Einstellungen
2013-05-26 22:30 - 2013-05-26 22:30 - 00000000 __SHD C:\Users\UpdatusUser.DENNIS\Eigene Dateien
2013-05-26 22:30 - 2013-05-26 22:30 - 00000000 __SHD C:\Users\UpdatusUser.DENNIS\Druckumgebung
2013-05-26 22:30 - 2013-05-26 22:30 - 00000000 __SHD C:\Users\UpdatusUser.DENNIS\Documents\Eigene Musik
2013-05-26 22:30 - 2013-05-26 22:30 - 00000000 __SHD C:\Users\UpdatusUser.DENNIS\Documents\Eigene Bilder
2013-05-26 22:30 - 2013-05-26 22:30 - 00000000 __SHD C:\Users\UpdatusUser.DENNIS\AppData\Local\Verlauf
2013-05-26 22:30 - 2013-05-26 22:30 - 00000000 __SHD C:\Users\UpdatusUser.DENNIS\AppData\Local\Anwendungsdaten
2013-05-26 22:30 - 2013-05-26 22:30 - 00000000 __SHD C:\Users\UpdatusUser.DENNIS\Anwendungsdaten
2013-05-26 22:30 - 2013-05-26 22:30 - 00000000 ____D C:\users\UpdatusUser.DENNIS
2013-05-26 22:30 - 2013-05-26 22:30 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-05-26 22:30 - 2013-05-26 22:29 - 00000000 ____D C:\ProgramData\NVIDIA
2013-05-26 22:30 - 2012-09-04 21:16 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-05-26 22:30 - 2012-09-04 21:16 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-05-26 22:28 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\Help
2013-05-26 22:27 - 2013-05-26 22:26 - 00000000 ____D C:\Program Files (x86)\Security Task Manager
2013-05-26 22:26 - 2013-05-26 22:26 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-05-26 22:19 - 2013-05-26 22:18 - 00281248 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-26 22:17 - 2013-05-26 22:17 - 02365840 ____A C:\Users\dennis\Downloads\SecurityTaskManager_Setup.exe
2013-05-26 22:04 - 2012-12-20 00:52 - 00000000 ___RD C:\Users\dennis\Desktop\Sicherheit
2013-05-26 21:56 - 2013-05-26 20:11 - 00000000 ____D C:\Users\dennis\AppData\Local\clear.fi
2013-05-26 21:56 - 2012-08-02 13:35 - 00000000 ____D C:\Program Files (x86)\Acer
2013-05-26 21:56 - 2012-08-02 13:32 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-05-26 21:56 - 2012-08-02 13:29 - 00000000 ____D C:\ProgramData\WildTangent
2013-05-26 21:51 - 2013-05-26 21:44 - 00000000 ___RD C:\Windows\BrowserChoice
2013-05-26 21:51 - 2012-08-02 13:25 - 00000000 ____D C:\ProgramData\PRICache
2013-05-26 21:45 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-05-26 21:41 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\System32\oobe
2013-05-26 21:38 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-05-26 21:37 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-05-26 21:36 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-05-26 21:36 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-05-26 21:22 - 2013-05-26 21:21 - 36271144 ____A (Safer-Networking Ltd.                                       ) C:\Users\dennis\Downloads\spybot-2.1.exe
2013-05-26 20:53 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-05-26 20:50 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\NDF
2013-05-26 20:49 - 2013-05-26 20:49 - 00000117 ____A C:\Windows\System32\netcfg-2419578.txt
2013-05-26 20:48 - 2013-05-26 20:48 - 00000117 ____A C:\Windows\System32\netcfg-2362562.txt
2013-05-26 20:48 - 2013-05-26 20:48 - 00000117 ____A C:\Windows\System32\netcfg-2362468.txt
2013-05-26 20:48 - 2013-05-26 20:48 - 00000117 ____A C:\Windows\System32\netcfg-2357921.txt
2013-05-26 20:47 - 2012-11-30 23:38 - 00000219 ____A C:\Users\dennis\Desktop\Left 4 Dead 2.url
2013-05-26 20:46 - 2013-05-26 20:46 - 00000219 ____A C:\Users\dennis\Desktop\Counter-Strike Global Offensive.url
2013-05-26 20:19 - 2013-05-26 20:19 - 00000000 ____D C:\Encryption
2013-05-26 20:14 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\restore
2013-05-26 20:13 - 2013-05-26 20:12 - 08531968 ____A C:\Users\dennis\Downloads\SteamInstall_German.msi
2013-05-26 20:10 - 2013-05-26 20:10 - 00000117 ____A C:\Windows\System32\netcfg-85265.txt
2013-05-26 20:08 - 2013-05-26 20:08 - 00000117 ____A C:\Windows\System32\netcfg-1030421.txt
2013-05-26 20:02 - 2013-05-26 20:02 - 00050145 ____A C:\Users\dennis\Downloads\FRST.txt
2013-05-26 20:02 - 2013-05-26 20:01 - 00012701 ____A C:\Users\dennis\Downloads\Addition.txt
2013-05-26 19:59 - 2013-05-26 19:59 - 00000000 ____D C:\FRST
2013-05-26 19:59 - 2013-05-26 19:58 - 01915176 ____A (Farbar) C:\Users\dennis\Desktop\FRST64.exe
2013-05-26 19:56 - 2013-05-26 19:56 - 00002220 ____A C:\Users\dennis\Desktop\Sicherer Zahlungsverkehr.lnk
2013-05-26 19:55 - 2013-05-26 19:56 - 00001082 ____A C:\Users\Public\Desktop\Kaspersky PURE 3.0.lnk
2013-05-26 19:55 - 2013-05-26 19:55 - 00000167 ____A C:\Windows\System32\netcfg-276171.txt
2013-05-26 19:55 - 2012-07-26 07:26 - 00262144 __ASH C:\Windows\System32\config\ELAM
2013-05-26 19:54 - 2013-05-26 19:54 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2013-05-26 19:54 - 2012-07-26 10:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-05-26 19:52 - 2013-05-26 19:52 - 00000117 ____A C:\Windows\System32\netcfg-80171.txt
2013-05-26 19:50 - 2013-05-26 19:50 - 00000117 ____A C:\Windows\System32\netcfg-583093.txt
2013-05-26 19:50 - 2012-07-26 07:26 - 00262144 __ASH C:\Windows\System32\config\BBI
2013-05-26 19:48 - 2013-05-26 19:48 - 00000117 ____A C:\Windows\System32\netcfg-476375.txt
2013-05-26 19:39 - 2013-05-26 19:37 - 00000000 ___HD C:\kleaner.tmp
2013-05-26 19:38 - 2013-05-26 19:38 - 00000117 ____A C:\Windows\System32\netcfg-3715921.txt
2013-05-26 19:21 - 2013-05-26 19:21 - 00000246 ____A C:\Users\dennis\Downloads\defogger_enable.log
2013-05-26 19:21 - 2013-05-26 19:20 - 00000000 ____D C:\Users\dennis\AppData\Roaming\Mozilla
2013-05-26 19:20 - 2013-05-26 19:20 - 00000000 ____D C:\Users\dennis\AppData\Local\Mozilla
2013-05-26 19:18 - 2013-05-26 19:18 - 00001151 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-05-26 19:18 - 2013-05-26 19:18 - 00000000 ____D C:\ProgramData\Mozilla
2013-05-26 19:18 - 2013-05-26 19:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-05-26 19:18 - 2013-05-26 19:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-05-26 19:17 - 2013-05-26 19:17 - 21151576 ____A (Mozilla) C:\Users\dennis\Downloads\Firefox Setup 21.0 (1).exe
2013-05-26 19:17 - 2013-05-26 19:17 - 00000000 ____D C:\Users\dennis\AppData\Roaming\Macromedia
2013-05-26 19:13 - 2013-05-26 19:13 - 00000117 ____A C:\Windows\System32\netcfg-2186703.txt
2013-05-26 19:13 - 2013-05-26 19:13 - 00000117 ____A C:\Windows\System32\netcfg-2186203.txt
2013-05-26 18:53 - 2013-05-26 18:53 - 00000000 ____D C:\Users\dennis\AppData\Local\EgisTec IPS
2013-05-26 18:53 - 2012-08-02 13:36 - 00000000 ____D C:\ProgramData\EgisTec IPS
2013-05-26 18:48 - 2013-05-26 18:48 - 00000000 ____D C:\Users\dennis\AppData\Roaming\Atheros
2013-05-26 18:47 - 2012-08-02 14:09 - 00000000 ___HD C:\OEM
2013-05-26 18:46 - 2013-05-26 18:46 - 00002609 ____A C:\Users\Public\Desktop\eBay.lnk
2013-05-26 18:46 - 2013-05-26 18:46 - 00000000 ____D C:\Program Files (x86)\OEM
2013-05-26 18:45 - 2013-05-26 18:45 - 00000000 ____D C:\Users\dennis\AppData\Roaming\lm
2013-05-26 18:45 - 2013-05-26 18:45 - 00000000 ____D C:\Users\dennis\AppData\Roaming\Adobe
2013-05-26 18:45 - 2013-05-26 18:45 - 00000000 ____D C:\Program Files\Preload
2013-05-26 18:45 - 2013-05-26 18:45 - 00000000 ____D C:\Program Files\Accessory Store
2013-05-26 18:45 - 2012-11-30 22:43 - 00000000 ____D C:\Users\dennis\AppData\Local\Packages
2013-05-26 18:45 - 2012-09-04 21:53 - 00000000 ____D C:\ProgramData\OEM
2013-05-26 18:43 - 2013-05-26 18:43 - 00000020 ___SH C:\Users\dennis\ntuser.ini
2013-05-26 18:43 - 2013-05-26 18:43 - 00000000 ____D C:\Users\dennis\AppData\Local\VirtualStore
2013-05-26 18:43 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2013-05-26 18:39 - 2013-05-26 18:38 - 00043818 ____A C:\Windows\diagwrn.xml
2013-05-26 18:39 - 2013-05-26 18:38 - 00043818 ____A C:\Windows\diagerr.xml
2013-05-26 18:39 - 2013-05-26 18:38 - 00000000 ____D C:\users\UpdatusUser.004
2013-05-26 18:39 - 2013-05-26 18:38 - 00000000 ____D C:\users\UpdatusUser.003
2013-05-26 18:39 - 2013-05-26 18:38 - 00000000 ____D C:\users\UpdatusUser.002
2013-05-26 18:39 - 2013-03-27 22:37 - 00000000 ____D C:\Users\dennis\Desktop\Divx
2013-05-26 18:39 - 2012-12-02 12:29 - 00000000 ____D C:\Users\dennis\Desktop\Energiefachberater
2013-05-26 18:39 - 2012-07-26 10:12 - 00000000 __RHD C:\Users\Public\Libraries
2013-05-26 18:39 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\Recovery
2013-05-26 18:39 - 2012-07-26 07:37 - 00000000 __RHD C:\users\Default
2013-05-26 18:38 - 2013-05-26 18:38 - 00000117 ____A C:\Windows\System32\netcfg-87468.txt
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.004\Vorlagen
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.004\Startmenü
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.004\Netzwerkumgebung
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.004\Lokale Einstellungen
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.004\Eigene Dateien
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.004\Druckumgebung
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.004\Documents\Eigene Musik
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.004\Documents\Eigene Bilder
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.004\AppData\Local\Verlauf
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.004\AppData\Local\Anwendungsdaten
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.004\Anwendungsdaten
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.003\Vorlagen
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.003\Startmenü
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.003\Netzwerkumgebung
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.003\Lokale Einstellungen
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.003\Eigene Dateien
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.003\Druckumgebung
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.003\Documents\Eigene Musik
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.003\Documents\Eigene Bilder
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.003\AppData\Local\Verlauf
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.003\AppData\Local\Anwendungsdaten
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.003\Anwendungsdaten
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.002\Vorlagen
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.002\Startmenü
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.002\Netzwerkumgebung
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.002\Lokale Einstellungen
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.002\Eigene Dateien
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.002\Druckumgebung
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.002\Documents\Eigene Musik
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.002\Documents\Eigene Bilder
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.002\AppData\Local\Verlauf
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.002\AppData\Local\Anwendungsdaten
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.002\Anwendungsdaten
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.000\Vorlagen
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.000\Startmenü
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.000\Netzwerkumgebung
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.000\Lokale Einstellungen
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.000\Eigene Dateien
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.000\Druckumgebung
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.000\Documents\Eigene Musik
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.000\Documents\Eigene Bilder
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.000\AppData\Local\Verlauf
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.000\AppData\Local\Anwendungsdaten
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\UpdatusUser.000\Anwendungsdaten
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\dennis\Vorlagen
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\dennis\Startmenü
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\dennis\Netzwerkumgebung
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\dennis\Lokale Einstellungen
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\dennis\Eigene Dateien
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\dennis\Druckumgebung
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\dennis\Documents\Eigene Musik
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\dennis\Documents\Eigene Bilder
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\dennis\AppData\Local\Verlauf
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\dennis\AppData\Local\Anwendungsdaten
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 __SHD C:\Users\dennis\Anwendungsdaten
2013-05-26 18:38 - 2013-05-26 18:38 - 00000000 ____D C:\users\UpdatusUser.000
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\Users\Public\Documents\Eigene Musik
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\Users\Public\Documents\Eigene Bilder
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\Users\Default\Vorlagen
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\Users\Default\Startmenü
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\Users\Default\Netzwerkumgebung
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\Users\Default\Lokale Einstellungen
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\Users\Default\Eigene Dateien
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\Users\Default\Druckumgebung
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\Users\Default\Documents\Eigene Musik
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\Users\Default\Documents\Eigene Bilder
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\Users\Default\AppData\Local\Verlauf
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\Users\Default\AppData\Local\Anwendungsdaten
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\Users\Default\Anwendungsdaten
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\ProgramData\Vorlagen
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\ProgramData\Startmenü
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\ProgramData\Dokumente
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\ProgramData\Anwendungsdaten
2013-05-26 18:37 - 2013-05-26 18:37 - 00000000 __SHD C:\Program Files\Gemeinsame Dateien
2013-05-25 00:19 - 2013-05-25 00:15 - 165141856 ____A (Kaspersky Lab) C:\Users\dennis\Downloads\kav13.0.1.4190de-de.exe
2013-05-25 00:18 - 2013-05-25 00:15 - 176212264 ____A (Kaspersky Lab) C:\Users\dennis\Downloads\kis13.0.1.4190de-de.exe
2013-05-25 00:17 - 2013-05-25 00:13 - 188740896 ____A (Kaspersky Lab) C:\Users\dennis\Downloads\pure13.0.2.558DE_4340.exe
2013-05-24 23:34 - 2013-05-24 23:34 - 00172052 ____A C:\Users\dennis\Documents\cc_20130524_233440.reg
2013-05-24 21:39 - 2013-05-24 21:39 - 00076252 ____A C:\Users\dennis\Downloads\Extras.Txt
2013-05-24 21:38 - 2013-05-24 21:38 - 00140104 ____A C:\Users\dennis\Downloads\OTL.Txt
2013-05-24 20:20 - 2013-05-24 20:20 - 00050477 ____A C:\Users\dennis\Downloads\Defogger.exe
2013-05-24 20:20 - 2013-05-24 20:18 - 00602112 ____A (OldTimer Tools) C:\Users\dennis\Downloads\OTL.exe
2013-05-24 19:36 - 2013-05-24 19:36 - 00377856 ____A C:\Users\dennis\Downloads\gmer_2.1.19163.exe
2013-05-24 19:25 - 2013-05-24 19:25 - 00003344 ____A C:\{7BCD4120-C69E-4398-888E-C6C2B5425867}
2013-05-24 19:22 - 2013-05-24 19:12 - 12917756 ____A C:\Users\dennis\Downloads\mbar-1.05.0.1001.zip
2013-05-24 18:45 - 2013-05-24 18:45 - 01183936 ____A (Developer Tribe (Pvt) Ltd.                                  ) C:\Users\dennis\Downloads\setup_rr.exe
2013-05-24 18:42 - 2013-05-24 18:42 - 00483809 ____A (Lars Hederer                                                ) C:\Users\dennis\Downloads\ntregopt-setup.exe
2013-05-24 18:15 - 2013-05-24 18:14 - 165050896 ____N (Symantec Corporation) C:\Users\dennis\Downloads\NIS_20.3.1.22_SYMTB_TMD_MRFTT_620_9001.exe
2013-05-24 18:12 - 2013-05-24 18:12 - 00065893 ____A C:\Users\dennis\Downloads\antivir11_rootkit.zip
2013-05-24 18:00 - 2013-05-24 18:00 - 02140631 ____A C:\Users\dennis\Downloads\SharePod_3.99.zip
2013-05-24 17:53 - 2013-05-24 17:52 - 01339288 ____A C:\Users\dennis\Downloads\sar_15_sfx.exe
2013-05-24 01:38 - 2013-02-11 21:34 - 00000000 ____D C:\Users\dennis\Desktop\11.02
2013-05-24 01:38 - 2013-02-10 20:11 - 00000000 ____D C:\Users\dennis\Desktop\Sandra
2013-05-24 01:38 - 2012-12-14 22:54 - 00000000 ____D C:\Users\dennis\Documents\Command and Conquer Generals Zero Hour Data
2013-05-23 21:59 - 2013-05-20 23:44 - 00000000 ____D C:\Users\dennis\Desktop\Musik
2013-05-23 21:49 - 2013-05-20 18:17 - 00000000 ____D C:\Users\dennis\Desktop\Best of Summer
2013-05-23 18:46 - 2013-05-23 18:46 - 00000000 ____D C:\Users\dennis\Desktop\RetroshARE
2013-05-17 03:33 - 2013-05-17 03:33 - 21151576 ____A (Mozilla) C:\Users\dennis\Downloads\Firefox Setup 21.0.exe
2013-05-17 00:35 - 2013-05-17 00:35 - 04346816 ____A (Piriform Ltd) C:\Users\dennis\Downloads\ccsetup401.exe
2013-05-16 21:42 - 2013-05-16 21:25 - 00000009 ____A C:\END
2013-05-16 21:34 - 2013-05-16 21:33 - 00081536 ____A (Conduit) C:\ministub.exe
2013-05-16 10:42 - 2013-05-16 10:42 - 03389035 ____A C:\Users\dennis\Downloads\eMule0.50a-Installer.exe
2013-05-16 01:27 - 2013-05-16 00:30 - 00000000 ____D C:\Users\dennis\dwhelper
2013-05-16 00:44 - 2013-05-16 00:44 - 00804552 ____A (Koyote-Lab Inc.) C:\Users\dennis\Downloads\FreeFLVConverter75Setup.exe
2013-05-15 01:14 - 2013-05-15 01:14 - 07757362 ____A C:\Users\dennis\Downloads\DIR-300_fw_revb_214b01_ALL_de_20130206.zip
2013-05-15 01:14 - 2013-05-15 01:14 - 02501599 ____A C:\Users\dennis\Downloads\DIR-300_fw_reva_106b02_ALL_de_20130411.zip
2013-05-15 01:11 - 2013-05-15 01:11 - 00001908 ____A C:\Users\dennis\Downloads\config.bin
2013-05-07 22:07 - 2013-05-26 21:50 - 00693112 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-05-07 22:07 - 2013-05-26 21:50 - 00078200 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-05-03 16:15 - 2013-05-26 20:50 - 75016696 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2012-07-26 01:55] - [2012-07-26 05:08] - 0516608 ____A (Microsoft Corporation) 93AB226C07A9789B2EC7B41F73602F76

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe
[2012-07-26 02:00] - [2012-07-26 05:08] - 0030208 ____A (Microsoft Corporation) 57350BEDE3834915B6145B67C71C7BDA

C:\Windows\SysWOW64\svchost.exe
[2012-07-26 02:01] - [2012-07-26 05:20] - 0023040 ____A (Microsoft Corporation) 0A175AF8B65797BD22C11903A8BFEB2D

C:\Windows\System32\services.exe
[2012-07-26 07:26] - [2012-07-26 07:26] - 0410624 ____A (Microsoft Corporation) 754A2CC1F32107EA87CBD305ABE3E618

C:\Windows\System32\User32.dll
[2012-07-26 02:01] - [2012-07-26 05:07] - 1342464 ____A (Microsoft Corporation) 1D08594400EE1B500B93256795FE30AE

C:\Windows\SysWOW64\User32.dll
[2012-07-26 02:02] - [2012-07-26 02:02] - 1126912 ____A (Microsoft Corporation) 8A93F57772FD24959F76A65FF79D282D

C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


Last Boot: 2012-08-02 13:15

==================== End Of Log ============================

Habe eine Fehlermeldung direkt bei Start von MBAR :

Registry value "AppInit_Dlls" has been found, which may be caused by rootkit activity.

Note: Press "No" button if youre not sure. If the tool crashes or terminates unexpectedly during a system scan, restart the tool and press "Yes" should this message appear again.

Do you want to remove this value and restart the tool?

Soll ich da jetzt Ja oder Nein drücken??

ryder · 26.05.2013, 22:43

Da ist kein Rootkit - mach ruhig ja.

Dennis29 · 26.05.2013, 23:12

MBAR ist sowies aussieht bei :

....le.Bin\S-1-5-21-1682322521-158705993-1847856961-1002\.....

hängen geblieben.

Jedenfalls tut sich da seit über 7min nix mehr.

Das warten hat sich gelohnt nach 25 min gings weiter scheint eine Riesendatei zusein ......

ryder · 27.05.2013, 08:40

Logfile?

Dennis29 · 27.05.2013, 11:27

Hätte die Logfile heute morgen um 06:00 schon hochgeladen aber irgendwas scheint meinem i5 3. Generation so auszubremsen, dass er heute morgen noch nicht fertig gescannt hatte, werde nach der Arbeit, so gegen 17 Uhr sofort nachschauen ob der endlich fertig ist.

Soo nun die logfile :

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.06.0.1003
www.malwarebytes.org

Database version: v2013.05.26.05

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16580
dennis :: DENNIS [administrator]

27.05.2013 07:26:39
-log-2013-05-27 (07-26-39).txt

Scan type: Quick scan
Scan options enabled: PUM | P2P
Scan options disabled: Anti-Rootkit | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | Deep Anti-Rootkit Scan | PUP
Objects scanned: 0
Time elapsed: 

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Ich könnt kotzen das Wlan ist schon wieder blockiert, zeigt kein einziges Wlan in der Umgebung an......

Ist es ok wenn ich screenshots zur analyse von meinem Task-Manager poste, denn da tauchen immer täglich neue auf

Ach du scheisse sehe gerade das die Logfile komplett anders ist als die Suchoptionen die ich eingegeben habe....

Wieso steht da Search Option: Rootkit disabled? kapier es nicht ^^

ryder · 27.05.2013, 20:06

Ich sehe da keinen Malwarebefall.

Schritt 1: (Erinnerung: Antworte mir erst, wenn du alle Schritte abgearbeitet hast!)

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner

Lade und starte Eset Online Scanner

Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Bitte poste das Logfile hier oder teile mir mit, dass nichts gefunden wurde.

Hinweis: Der Scan kann sehr lange (einige Stunden) dauern!

Schritt 2:
Scan mit SecurityCheck

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

Dennis29 · 27.05.2013, 20:23

So kleines Update, habe mit Spybot im Abgesicherten Modus 1 Trojaner entdeckt, nur hängt der PC immernoch und wlan möchte er trotzdem noch nicht freigeben.
Wenigstens ist eins der Schadprogramme behoben.

Den Rest arbeite ich jetzt sofort ab.

Hier die Positive Log-Datei von Spybot :

Code:

ATTFilter

Search results from Spybot - Search & Destroy

27.05.2013 20:47:46
Scan took 00:23:50.
20 items found.

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\dennis\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\96VKZPPT\s.ytimg.com\videostats.sol
  Properties.size=275
  Properties.md5=6FC1E0C668652FBAC317F6FE8F917CCF
  Properties.filedate=1369678784
  Properties.filedatetext=2013-05-27 20:19:43

Generic: [SBI $8E73A7FB] Interface (IspCommand) (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FC856072-9CC4-4B33-8EBA-F62224A62A59}

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1682322521-158705993-1847856961-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1682322521-158705993-1847856961-1002\Software\Microsoft\Microsoft Management Console\Recent File List

MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1682322521-158705993-1847856961-1002\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows Explorer: [SBI $7308A845] Run history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1682322521-158705993-1847856961-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU

Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1682322521-158705993-1847856961-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1682322521-158705993-1847856961-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1682322521-158705993-1847856961-1002\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1682322521-158705993-1847856961-1002\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-1682322521-158705993-1847856961-1002\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Cache: [SBI $49804B54] Browser: Cache (2) (Browser: Cache, nothing done)
  

Verlauf: [SBI $49804B54] Browser: History (3) (Browser: History, nothing done)
  

Cookie: [SBI $49804B54] Browser: Cookie (141) (Browser: Cookie, nothing done)
  


--- Spybot - Search & Destroy version: 2.1.18.131  DLL (build: 20130516) ---

2013-05-16 blindman.exe (2.1.18.151)
2013-05-16 explorer.exe (2.1.18.177)
2013-05-16 SDBootCD.exe (2.1.18.109)
2013-05-16 SDCleaner.exe (2.1.18.110)
2013-05-16 SDDelFile.exe (2.1.18.94)
2013-05-16 SDFiles.exe (2.1.18.135)
2013-03-20 SDFileScanHelper.exe (2.1.16.1)
2013-05-16 SDFSSvc.exe (2.1.18.208)
2013-05-16 SDHookHelper.exe (2.1.18.2)
2013-05-16 SDHookInst32.exe (2.1.18.2)
2013-05-16 SDHookInst64.exe (2.1.18.2)
2013-05-16 SDImmunize.exe (2.1.18.130)
2013-05-16 SDLogReport.exe (2.1.18.107)
2013-05-16 SDOnAccess.exe (2.1.18.4)
2013-05-16 SDPESetup.exe (2.1.18.3)
2013-05-16 SDPEStart.exe (2.1.18.86)
2013-05-16 SDPhoneScan.exe (2.1.18.28)
2013-05-16 SDPRE.exe (2.1.18.22)
2013-05-16 SDPrepPos.exe (2.1.18.10)
2013-05-16 SDQuarantine.exe (2.1.18.103)
2013-05-16 SDRootAlyzer.exe (2.1.18.116)
2013-05-16 SDSBIEdit.exe (2.1.18.39)
2013-05-16 SDScan.exe (2.1.18.177)
2013-05-16 SDScript.exe (2.1.18.53)
2013-05-16 SDSettings.exe (2.1.18.136)
2013-05-16 SDShell.exe (2.1.18.2)
2013-05-16 SDShred.exe (2.1.18.107)
2013-05-16 SDSysRepair.exe (2.1.18.101)
2013-05-16 SDTools.exe (2.1.18.150)
2013-05-16 SDTray.exe (2.1.18.127)
2013-05-16 SDUpdate.exe (2.1.18.91)
2013-05-16 SDUpdSvc.exe (2.1.18.76)
2013-05-16 SDWelcome.exe (2.1.18.129)
2013-05-15 SDWSCSvc.exe (2.1.18.2)
2013-05-27 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
2013-05-16 SDAV.dll
2013-05-16 SDECon32.dll (2.1.18.113)
2013-05-16 SDECon64.dll (2.1.18.113)
2013-04-05 SDEvents.dll (2.1.16.2)
2013-05-16 SDFileScanLibrary.dll (2.1.18.12)
2013-05-16 SDHook32.dll (2.1.18.2)
2013-05-16 SDHook64.dll (2.1.18.2)
2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
2013-05-16 SDLicense.dll (2.1.18.0)
2013-05-16 SDLists.dll (2.1.18.4)
2013-05-16 SDResources.dll (2.1.18.7)
2013-05-16 SDScanLibrary.dll (2.1.18.131)
2013-05-16 SDTasks.dll (2.1.18.15)
2013-05-16 SDWinLogon.dll (2.1.18.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2013-05-16 Tools.dll (2.1.18.36)
2012-12-18 Includes\Adware.sbi (*)
2013-05-08 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2012-11-14 Includes\Dialer.sbi (*)
2012-11-14 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2012-11-14 Includes\Hijackers.sbi (*)
2012-11-14 Includes\HijackersC.sbi (*)
2012-11-14 Includes\iPhone.sbi (*)
2012-11-14 Includes\Keyloggers.sbi (*)
2012-12-18 Includes\KeyloggersC.sbi (*)
2012-11-21 Includes\Malware.sbi (*)
2013-05-22 Includes\MalwareC.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2013-05-22 Includes\PUPSC.sbi (*)
2012-11-14 Includes\Security.sbi (*)
2012-11-14 Includes\SecurityC.sbi (*)
2013-05-22 Includes\Spyware.sbi (*)
2013-05-08 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2013-01-16 Includes\Trojans.sbi (*)
2013-05-13 Includes\TrojansC-02.sbi (*)
2013-05-22 Includes\TrojansC-03.sbi (*)
2013-03-14 Includes\TrojansC-04.sbi (*)
2013-05-08 Includes\TrojansC-05.sbi (*)
2013-04-19 Includes\TrojansC.sbi (*)

ryder · 27.05.2013, 20:53

Hab ich irgendwas von Spybot gesagt? Die Erkennung von diesem Tool ist seit längerem nicht mehr gut.

Dennis29 · 27.05.2013, 21:21

Nein, aber ich habe die ganzen scans auch mal im Abgesicherten Modus mal laufen lassen, da diese dort anscheinend wesentlich schneller liefen, darum dachte ich es kann nebenher nicht schaden.

Absofort mach ich ausnahmslos nur das was du ratschlägst

ryder · 27.05.2013, 21:27

Fein, wie wäre es dann, wenn du mir die geforderten Logfiles zeigst?

Dennis29 · 27.05.2013, 21:28

Sobald ESET fertig ist poste ich diese.

So ESET hatte nichts gefunden,

Und hier ist die Logfile von Security Check:

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.63  
   x64 (UAC is enabled)  
 Internet Explorer 9  
``````````````Antivirus/Firewall Check:`````````````` 
Kaspersky PURE 3.0   
Windows Defender     
Avira Desktop        
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 MVPS Hosts File  
 Spybot - Search & Destroy 
 Adobe Flash Player 	11.7.700.202  
 Mozilla Firefox (21.0) 
````````Process Check: objlist.exe by Laurent````````  
 Spybot Teatimer.exe is disabled! 
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````

nebenbei fällt mir auf das Spybot den trojaner etc nicht gelöscht hat.....

26.05.2013, 22:16	#16
ryder /// TB-Ausbilder	Verseuchter Laptop Windows 8 64 bit version Schön, wo ist dann mein neues FRST? __________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM!

26.05.2013, 22:43	#20
ryder /// TB-Ausbilder	Verseuchter Laptop Windows 8 64 bit version Da ist kein Rootkit - mach ruhig ja. __________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM!

27.05.2013, 08:40	#22
ryder /// TB-Ausbilder	Verseuchter Laptop Windows 8 64 bit version Logfile? __________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM!

27.05.2013, 20:53	#26
ryder /// TB-Ausbilder	Verseuchter Laptop Windows 8 64 bit version Hab ich irgendwas von Spybot gesagt? Die Erkennung von diesem Tool ist seit längerem nicht mehr gut. __________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM!

27.05.2013, 21:27	#28
ryder /// TB-Ausbilder	Verseuchter Laptop Windows 8 64 bit version Fein, wie wäre es dann, wenn du mir die geforderten Logfiles zeigst? __________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM!

Verseuchter Laptop Windows 8 64 bit version

Log-Analyse und Auswertung: Verseuchter Laptop Windows 8 64 bit version