nation zoom wie löschen

mad45 · 01.12.2013, 11:58

moin moin und einen schönen sonntag

Mein Problem ist, das sich beim installieren von CCleaner ein "Optimizer pro", ein prog "lollipop" und "nation zoom" mit installiert haben.
Ich bin dann über Google in einem anderen Beitrag zum gleichen Tehma hier im Board gelandet. Hier ist der Link zum anderen beitrag " www.trojaner-board.de/145355-nationzoom-entfernen.html " .
Habe nun leider Regel 1 schon gebrochen (zu späht gesehen) " NICHTS AUF EIGENE FAUST" .

Ich hätte nun leider nur frs log daten von danach (das problem mit nation zoom besteht noch)

so nun hier die log frs.txt und addition.txt von danach

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-12-2013
Ran by mad (administrator) on TASCHENHÜPFER on 01-12-2013 11:18:14
Running from C:\Users\mad\Desktop
Windows 8 Pro (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\WTabletServiceISD.exe
(Marvell Semiconductors, Inc.) C:\Windows\System32\mvbtrcsvcx64.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\ISD_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\ISD\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\ISD_Tablet.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16683_none_62280e15510f8e79\TiWorker.exe

==================== Registry (Whitelisted) ==================

HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [21504 2012-07-26] (Microsoft Corporation)
HKCU\...\Run: [DIMDownloading your update...1371249125851] - C:\ProgramData\Corel\Downloads\540232071_007003\1371249125851\dim_params.xml [977 2013-11-26] ()
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
AppInit_DLLs:   [ ] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF0D257F3C1E7CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1385888892&from=tugs&uid=C400-MTFDDAT064MAM_000000001306093110D6&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1385888892&from=tugs&uid=C400-MTFDDAT064MAM_000000001306093110D6
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1385888892&from=tugs&uid=C400-MTFDDAT064MAM_000000001306093110D6
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1385888892&from=tugs&uid=C400-MTFDDAT064MAM_000000001306093110D6&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1385888892&from=tugs&uid=C400-MTFDDAT064MAM_000000001306093110D6&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\mad\AppData\Roaming\Mozilla\Firefox\Profiles\7833v203.default
FF NewTab: hxxp://www.nationzoom.com/newtab/?type=nt&ts=1385888892&from=tugs&uid=C400-MTFDDAT064MAM_000000001306093110D6
FF Homepage: hxxp://www.nationzoom.com/?type=hp&ts=1385888892&from=tugs&uid=C400-MTFDDAT064MAM_000000001306093110D6
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\mad\AppData\Roaming\Mozilla\Firefox\Profiles\7833v203.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

==================== Services (Whitelisted) =================

S3 Marvell AVASTAR Bluetooth Radio Adapter; C:\Windows\system32\mvbtrcsvcx64.exe [97792 2013-03-08] (Marvell Semiconductors, Inc.)
R2 Marvell Bluetooth Radio Control Service; C:\Windows\system32\mvbtrcsvcx64.exe [97792 2013-03-08] (Marvell Semiconductors, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
U3 mvbtradio; C:\windows\system32\mvbtrcsvcx64.exe [97792 2013-03-08] (Marvell Semiconductors, Inc.)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 WTabletServiceISD; C:\Program Files\Tablet\ISD\WTabletServiceISD.exe [559416 2013-06-07] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [104960 2012-07-07] (ASIX Electronics Corp.)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 kbfilter; C:\Windows\System32\drivers\SurfaceTouchCover.sys [23488 2013-10-10] (Microsoft Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 mmxavs; C:\Windows\System32\Drivers\mmxavs.sys [357968 2011-09-15] (Native Instruments GmbH)
S3 mmxusb_svc; C:\Windows\System32\Drivers\mmxusb.sys [45648 2011-09-15] (Native Instruments GmbH)
R3 mwlu97w8; C:\Windows\system32\DRIVERS\mwlu97w8x64.sys [1534464 2013-03-11] (Marvell Semiconductors, Inc.)
R3 NIWinCDEmu; C:\Windows\System32\drivers\NIWinCDEmu.sys [112408 2013-11-24] ()
R3 SensorsHIDClassDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
R3 SurfaceAccessoryDevice; C:\Windows\System32\drivers\SurfaceAccessoryDevice.sys [1613232 2013-09-13] (Microsoft Corporation)
R3 SurfaceTouchCover; C:\Windows\System32\drivers\SurfaceTouchCover.sys [23488 2013-10-10] (Microsoft Corporation)
R3 TrackpadSettingsDriver; C:\Windows\System32\drivers\TrackpadSettingsDriver.sys [46168 2013-03-25] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-01 11:18 - 2013-12-01 11:18 - 00007109 _____ C:\Users\mad\Desktop\FRST.txt
2013-12-01 11:18 - 2013-12-01 11:18 - 00000000 ____D C:\FRST
2013-12-01 11:15 - 2013-12-01 11:15 - 01959184 _____ (Farbar) C:\Users\mad\Desktop\FRST64.exe
2013-12-01 11:01 - 2013-12-01 11:01 - 00000614 _____ C:\Users\mad\Desktop\JRT.txt
2013-12-01 10:57 - 2013-12-01 10:57 - 00000000 ____D C:\windows\ERUNT
2013-12-01 10:55 - 2013-12-01 10:55 - 01034531 _____ (Thisisu) C:\Users\mad\Desktop\JRT.exe
2013-12-01 10:48 - 2013-12-01 11:05 - 00000000 ____D C:\AdwCleaner
2013-12-01 10:47 - 2013-12-01 10:47 - 01091882 _____ C:\Users\mad\Desktop\adwcleaner.exe
2013-12-01 10:34 - 2013-12-01 10:34 - 00001120 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-01 10:34 - 2013-12-01 10:34 - 00000000 ____D C:\Users\mad\AppData\Roaming\Malwarebytes
2013-12-01 10:34 - 2013-12-01 10:34 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-01 10:34 - 2013-12-01 10:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-01 10:34 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2013-12-01 10:29 - 2013-12-01 10:29 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\mad\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-01 09:55 - 2013-12-01 09:53 - 06143206 _____ C:\Users\mad\Desktop\Adobe_Creative_Cloud_Cleaner_Tool.zip
2013-11-30 22:29 - 2013-11-30 22:29 - 00000000 ____D C:\Users\mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-11-30 07:26 - 2013-11-30 07:26 - 01179648 _____ C:\Users\mad\Documents\AutoHotkey.exe
2013-11-30 07:24 - 2013-11-30 07:24 - 00001351 _____ C:\Users\mad\Documents\AutoHotkey.ahk
2013-11-28 13:04 - 2013-11-28 13:04 - 00000000 ____D C:\Users\mad\AppData\Local\LooksBuilder
2013-11-28 13:02 - 2013-11-28 13:09 - 00000000 ____D C:\Users\mad\AppData\Roaming\Red Giant Link
2013-11-28 12:56 - 2013-11-28 12:56 - 00000000 ____D C:\ProgramData\RedGiant
2013-11-28 12:46 - 2013-11-28 12:46 - 00000000 ____D C:\Users\mad\AppData\Roaming\MAXON
2013-11-27 19:48 - 2013-11-27 19:48 - 00000000 ____D C:\Program Files\Common Files\Protexis
2013-11-27 19:46 - 2013-11-27 19:46 - 00000000 ____D C:\Program Files\Corel
2013-11-27 19:06 - 2013-11-27 19:06 - 00000000 ____D C:\artdock
2013-11-27 19:01 - 2013-11-27 19:01 - 02641401 _____ C:\Users\mad\Downloads\AutoHotkey_L_Install.exe
2013-11-27 19:01 - 2013-11-27 19:01 - 00000000 ____D C:\Program Files\AutoHotkey
2013-11-27 18:28 - 2013-11-27 18:28 - 00000000 ____D C:\Users\mad\AppData\Roaming\Thunderbird
2013-11-27 18:28 - 2013-11-27 18:28 - 00000000 ____D C:\Users\mad\AppData\Local\Thunderbird
2013-11-27 18:28 - 2013-11-27 18:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-11-27 18:26 - 2013-11-27 18:26 - 21978136 _____ (Mozilla) C:\Users\mad\Downloads\Thunderbird Setup 24.1.1.exe
2013-11-27 07:17 - 2013-11-27 07:18 - 00000000 ____D C:\Users\mad\Documents\Premiere_Hauptordner
2013-11-27 07:16 - 2013-11-27 07:16 - 00000000 ____D C:\Users\mad\Documents\Adobe
2013-11-27 07:16 - 2013-11-27 07:16 - 00000000 ____D C:\Users\mad\AppData\Roaming\PACE Anti-Piracy
2013-11-27 07:16 - 2013-11-27 07:16 - 00000000 ____D C:\Users\mad\AppData\Local\PACE Anti-Piracy
2013-11-27 07:16 - 2013-11-27 07:16 - 00000000 ____D C:\ProgramData\PACE Anti-Piracy
2013-11-26 17:10 - 2013-11-26 17:10 - 00058853 _____ C:\Users\mad\Desktop\hallo.wma
2013-11-26 16:56 - 2013-11-27 15:52 - 01381429 _____ C:\Users\mad\Desktop\test.mprj
2013-11-26 16:43 - 2013-11-26 16:44 - 00000000 ____D C:\Users\mad\Documents\Photoshop _Hauptordner
2013-11-26 14:00 - 2013-11-26 14:00 - 00000000 ____D C:\Users\mad\Documents\Arduino
2013-11-26 14:00 - 2013-11-26 14:00 - 00000000 ____D C:\Users\mad\AppData\Roaming\Arduino
2013-11-26 13:19 - 2013-11-26 13:20 - 55115064 _____ C:\Users\mad\Downloads\arduino-1.0.5-windows.exe
2013-11-26 11:22 - 2013-11-26 11:22 - 01190894 _____ C:\Users\mad\Desktop\Untitled.mprj
2013-11-26 10:42 - 2013-11-27 19:13 - 01240084 _____ C:\Users\mad\Desktop\flur.rif
2013-11-26 10:42 - 2013-11-27 19:11 - 01261636 _____ C:\Users\mad\Desktop\flur_bak.rif
2013-11-25 20:22 - 2013-12-01 09:45 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2013-11-25 20:03 - 2013-12-01 09:50 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-11-25 06:23 - 2013-11-25 06:23 - 00000000 __HDC C:\ProgramData\{C5A9D49F-FB00-46E2-BB29-AC4E9A6B75F6}
2013-11-25 06:22 - 2013-11-25 06:22 - 00000000 ____D C:\Program Files\Common Files\Avid
2013-11-25 06:06 - 2013-11-25 06:08 - 97365354 _____ C:\Users\mad\Downloads\arduino-1.0.5-windows.zip
2013-11-25 06:04 - 2013-11-25 06:08 - 244740096 _____ C:\Users\mad\Downloads\Massive.iso
2013-11-24 20:35 - 2013-11-24 20:35 - 00000000 __HDC C:\ProgramData\{56C5D4F0-9E6D-421F-AA70-A7EF727C1C69}
2013-11-24 20:32 - 2013-11-24 20:32 - 00000000 __HDC C:\ProgramData\{B49C92CB-1A73-4A41-A84C-5091582E7AA8}
2013-11-24 20:32 - 2013-11-24 20:32 - 00000000 __HDC C:\ProgramData\{9C588B44-42B6-434D-90BD-824BBB1F328A}
2013-11-24 20:28 - 2013-11-24 20:28 - 00000000 __HDC C:\ProgramData\{36D6E7A6-1DA8-4D35-A74B-0159C59D934D}
2013-11-24 19:29 - 2013-11-24 19:29 - 00000000 __HDC C:\ProgramData\{F57C376F-E7ED-4527-9EE2-4D50799418BC}
2013-11-24 19:29 - 2013-11-24 19:29 - 00000000 __HDC C:\ProgramData\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14}
2013-11-24 19:29 - 2013-11-24 19:29 - 00000000 __HDC C:\ProgramData\{6495CC1D-C10B-40C5-A92B-241A2B2C8D20}
2013-11-24 19:03 - 2013-11-25 06:35 - 00000000 ____D C:\Users\mad\Documents\Native Instruments
2013-11-24 19:03 - 2013-11-25 06:35 - 00000000 ____D C:\Users\mad\AppData\Local\Native Instruments
2013-11-24 19:03 - 2013-11-24 19:03 - 00000000 ____D C:\Users\Public\Documents\Maschine Library
2013-11-24 19:02 - 2013-11-24 20:32 - 00000000 ____D C:\Program Files\Native Instruments
2013-11-24 18:56 - 2013-07-19 23:13 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-11-24 18:56 - 2013-07-19 23:13 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-11-24 18:53 - 2013-11-24 18:53 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2013-11-24 18:52 - 2013-11-24 18:52 - 01640984 _____ C:\Users\mad\Downloads\SetupVirtualCloneDrive5470.exe
2013-11-24 17:04 - 2013-11-24 17:04 - 00112408 _____ C:\windows\system32\Drivers\NIWinCDEmu.sys
2013-11-24 17:04 - 2013-11-24 17:04 - 00000000 ____D C:\Program Files (x86)\Native Instruments
2013-11-24 15:57 - 2013-11-24 15:57 - 00000000 ____D C:\Users\mad\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2013-11-24 14:58 - 2013-11-24 14:58 - 00000000 ____D C:\Users\mad\.thumbnails
2013-11-24 14:57 - 2013-11-26 09:56 - 00000000 ____D C:\Program Files\Blender Foundation
2013-11-24 14:05 - 2013-11-26 08:23 - 00000000 ____D C:\Program Files (x86)\Duden
2013-11-24 14:05 - 2013-11-25 16:26 - 00000000 ____D C:\ProgramData\Duden
2013-11-24 14:05 - 2013-11-24 14:06 - 00000000 ____D C:\Users\mad\AppData\Roaming\Duden
2013-11-24 14:04 - 2013-11-24 14:04 - 00000000 ____D C:\windows\SysWOW64\XPSViewer
2013-11-24 14:04 - 2013-11-24 14:04 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-11-24 14:04 - 2013-11-24 14:04 - 00000000 ____D C:\Program Files\MSBuild
2013-11-24 14:04 - 2013-11-24 14:04 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-11-24 14:02 - 2012-07-06 03:02 - 01166440 _____ (Microsoft Corporation) C:\windows\system32\PresentationNative_v0300.dll
2013-11-24 14:02 - 2012-07-06 03:02 - 00778856 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationNative_v0300.dll
2013-11-24 14:02 - 2012-07-06 03:02 - 00035400 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2013-11-24 14:02 - 2012-07-06 03:02 - 00035400 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2013-11-24 13:20 - 2013-11-24 13:20 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2013-11-24 12:49 - 2013-11-24 12:49 - 00000000 ____D C:\windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-11-24 12:48 - 2013-11-25 16:23 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-11-24 12:47 - 2013-11-26 07:56 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-24 12:47 - 2013-11-26 07:55 - 00000000 ____D C:\Program Files\Microsoft Office
2013-11-24 12:47 - 2013-11-24 12:47 - 00000000 ____D C:\Users\mad\AppData\Local\Microsoft Help
2013-11-24 12:21 - 2013-11-24 12:21 - 00000000 ____D C:\Program Files (x86)\Pixologic
2013-11-24 12:20 - 2013-11-28 13:21 - 00000000 ____D C:\Users\mad\AppData\Local\Downloaded Installations
2013-11-24 11:35 - 2013-11-24 11:35 - 00000000 ____D C:\Users\mad\Documents\Mudbox
2013-11-24 11:25 - 2013-11-24 11:29 - 00000000 ____D C:\ProgramData\Autodesk
2013-11-24 11:25 - 2013-11-24 11:25 - 00000000 ____D C:\Users\mad\AppData\Roaming\Autodesk
2013-11-24 10:42 - 2013-11-19 11:21 - 00267936 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2013-11-24 09:11 - 2013-11-24 09:11 - 00000000 ____D C:\Users\mad\AppData\Local\CANON_INC
2013-11-24 09:10 - 2013-11-24 09:10 - 00000000 ____H C:\windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-11-24 09:09 - 2013-11-24 09:10 - 00000000 ____D C:\Program Files (x86)\Canon
2013-11-24 09:09 - 2013-11-24 09:09 - 00000000 ____D C:\Users\mad\AppData\Roaming\canon
2013-11-24 09:09 - 2013-11-24 09:09 - 00000000 ____D C:\ProgramData\Canon_Inc_IC
2013-11-24 09:02 - 2013-11-24 09:04 - 00000605 _____ C:\Users\mad\Desktop\CanonUpdate.reg.txt
2013-11-24 08:10 - 2013-12-01 09:33 - 00000000 ____D C:\windows\system32\appmgmt
2013-11-24 07:45 - 2013-11-24 07:45 - 00000000 ____H C:\windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2013-11-23 22:42 - 2013-11-23 22:42 - 00000000 ____D C:\Users\mad\Documents\Adobe Scripts
2013-11-23 21:45 - 2013-12-01 09:46 - 00000000 ____D C:\ProgramData\Adobe
2013-11-23 21:45 - 2013-11-25 20:22 - 00000000 ____D C:\Users\mad\AppData\Local\Adobe
2013-11-23 21:36 - 2013-11-23 21:36 - 00000000 ____D C:\sources
2013-11-23 20:49 - 2013-11-23 20:49 - 00000000 ___DC C:\ProgramData\{63587E26-1A2F-4FCB-84B3-485CF73F34AF}
2013-11-23 20:48 - 2013-11-26 13:59 - 00208946 _____ C:\windows\DPINST.LOG
2013-11-23 20:47 - 2013-11-24 20:28 - 00000000 ____D C:\Program Files\Common Files\Native Instruments
2013-11-23 20:47 - 2013-11-23 20:48 - 00000000 ____D C:\ProgramData\Native Instruments
2013-11-23 19:27 - 2013-11-23 19:27 - 00000000 ____D C:\Program Files\7-Zip
2013-11-23 19:26 - 2013-11-23 19:26 - 01376768 _____ C:\Users\mad\Downloads\7z920-x64.msi
2013-11-23 12:40 - 2013-12-01 10:04 - 05041816 _____ C:\windows\system32\FNTCACHE.DAT
2013-11-23 12:37 - 2013-11-23 12:40 - 00000000 ___RD C:\windows\BrowserChoice
2013-11-23 12:34 - 2013-11-23 12:34 - 00000000 ____D C:\Program Files (x86)\Intel
2013-11-23 12:17 - 2013-11-23 12:17 - 00000000 ____D C:\windows\system32\MRT
2013-11-23 12:17 - 2013-11-07 16:00 - 82896128 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-11-23 12:06 - 2013-10-09 02:33 - 00059416 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2013-11-23 12:06 - 2013-10-08 23:30 - 00628736 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2013-11-23 12:06 - 2013-10-08 23:30 - 00126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2013-11-23 12:06 - 2013-10-08 23:30 - 00084992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2013-11-23 12:06 - 2013-10-08 23:30 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2013-11-23 12:06 - 2013-10-08 23:28 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2013-11-23 12:06 - 2013-10-08 23:27 - 03279872 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2013-11-23 12:06 - 2013-10-08 23:27 - 01622016 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2013-11-23 12:06 - 2013-10-08 23:27 - 00773120 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2013-11-23 12:06 - 2013-10-08 23:27 - 00252928 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2013-11-23 12:06 - 2013-10-08 23:27 - 00175104 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2013-11-23 12:06 - 2013-10-08 23:27 - 00142848 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2013-11-23 12:06 - 2013-10-08 23:27 - 00099328 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2013-11-23 12:06 - 2013-10-05 07:10 - 00285016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\spaceport.sys
2013-11-23 12:06 - 2013-10-03 23:09 - 00385528 _____ C:\windows\system32\ApnDatabase.xml
2013-11-23 12:06 - 2013-10-02 03:50 - 00447320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBHUB3.SYS
2013-11-23 12:06 - 2013-10-02 00:37 - 02035712 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2013-11-23 12:06 - 2013-10-02 00:26 - 02304512 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2013-11-23 12:06 - 2013-09-28 06:48 - 00778752 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2013-11-23 12:06 - 2013-09-28 04:58 - 00551424 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2013-11-23 12:06 - 2013-09-24 23:18 - 00288768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys
2013-11-23 12:06 - 2013-09-19 08:32 - 01455448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2013-11-23 12:06 - 2013-08-30 06:19 - 00626688 _____ (Microsoft Corporation) C:\windows\system32\resutils.dll
2013-11-23 12:06 - 2013-08-30 06:18 - 00374784 _____ (Microsoft Corporation) C:\windows\system32\clusapi.dll
2013-11-23 12:06 - 2013-08-30 00:48 - 00488960 _____ (Microsoft Corporation) C:\windows\SysWOW64\resutils.dll
2013-11-23 12:06 - 2013-08-30 00:47 - 00302080 _____ (Microsoft Corporation) C:\windows\SysWOW64\clusapi.dll
2013-11-23 12:06 - 2013-08-23 08:22 - 02062848 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll
2013-11-23 12:06 - 2013-08-23 02:44 - 01711616 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll
2013-11-23 12:06 - 2013-08-02 07:28 - 10116608 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2013-11-23 12:06 - 2013-08-02 06:08 - 08858112 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2013-11-23 12:06 - 2013-04-03 00:37 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptdlg.dll
2013-11-23 12:06 - 2013-04-03 00:12 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\cryptdlg.dll
2013-11-23 12:06 - 2013-03-22 04:49 - 02382336 _____ (Microsoft Corporation) C:\windows\SysWOW64\esent.dll
2013-11-23 12:06 - 2013-03-21 23:47 - 02851840 _____ (Microsoft Corporation) C:\windows\system32\esent.dll
2013-11-23 12:06 - 2013-03-02 11:39 - 00069864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pdc.sys
2013-11-23 12:06 - 2013-03-02 09:23 - 00375808 _____ (Microsoft Corporation) C:\windows\SysWOW64\ReAgent.dll
2013-11-23 12:06 - 2013-03-02 03:44 - 01011200 _____ (Microsoft Corporation) C:\windows\system32\reseteng.dll
2013-11-23 12:06 - 2013-03-02 03:43 - 02146304 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2013-11-23 12:05 - 2013-07-02 01:44 - 00036288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdBoot.sys
2013-11-23 12:05 - 2013-07-01 23:08 - 00247216 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdFilter.sys
2013-11-23 12:05 - 2013-06-01 12:34 - 02391280 _____ (Microsoft Corporation) C:\windows\explorer.exe
2013-11-23 12:05 - 2013-06-01 12:26 - 06987008 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2013-11-23 12:05 - 2013-06-01 12:26 - 00327936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volsnap.sys
2013-11-23 12:05 - 2013-06-01 11:24 - 02106176 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2013-11-23 12:05 - 2013-06-01 10:25 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2013-11-23 12:05 - 2013-06-01 10:25 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\samlib.dll
2013-11-23 12:05 - 2013-06-01 10:24 - 01453568 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfcore.dll
2013-11-23 12:05 - 2013-06-01 10:24 - 00850944 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfasfsrcsnk.dll
2013-11-23 12:05 - 2013-06-01 10:24 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscms.dll
2013-11-23 12:05 - 2013-06-01 10:23 - 01842176 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2013-11-23 12:05 - 2013-06-01 10:23 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\vds.exe
2013-11-23 12:05 - 2013-06-01 10:22 - 00523264 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2013-11-23 12:05 - 2013-06-01 10:22 - 00190976 _____ (Microsoft Corporation) C:\windows\system32\vdsutil.dll
2013-11-23 12:05 - 2013-06-01 10:22 - 00080896 _____ (Microsoft Corporation) C:\windows\system32\MbaeParserTask.exe
2013-11-23 12:05 - 2013-06-01 10:21 - 00729600 _____ (Microsoft Corporation) C:\windows\system32\samsrv.dll
2013-11-23 12:05 - 2013-06-01 10:21 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\samlib.dll
2013-11-23 12:05 - 2013-06-01 10:20 - 02219520 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2013-11-23 12:05 - 2013-06-01 10:20 - 01527808 _____ (Microsoft Corporation) C:\windows\system32\mfcore.dll
2013-11-23 12:05 - 2013-06-01 10:20 - 01048576 _____ (Microsoft Corporation) C:\windows\system32\mfasfsrcsnk.dll
2013-11-23 12:05 - 2013-06-01 10:20 - 00583168 _____ (Microsoft Corporation) C:\windows\system32\mscms.dll
2013-11-23 12:05 - 2013-06-01 10:19 - 00785408 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2013-11-23 12:05 - 2013-06-01 10:19 - 00207872 _____ (Microsoft Corporation) C:\windows\system32\DeviceSetupManager.dll
2013-11-23 12:05 - 2013-06-01 04:08 - 00037632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\BthAvrcpTg.sys
2013-11-23 12:05 - 2013-05-24 23:09 - 01403296 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2013-11-23 12:05 - 2013-05-24 23:09 - 01271584 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2013-11-23 12:05 - 2013-05-24 23:09 - 01217352 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2013-11-23 12:05 - 2013-05-24 23:09 - 01093904 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2013-11-23 12:04 - 2013-06-16 23:41 - 00997632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2013-11-23 12:03 - 2013-10-10 12:53 - 00096600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wfplwfs.sys
2013-11-23 12:03 - 2013-10-10 10:21 - 01160192 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2013-11-23 12:03 - 2013-10-10 10:20 - 00723968 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
2013-11-23 12:03 - 2013-09-04 04:11 - 00576512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2013-11-23 12:03 - 2013-08-16 06:41 - 00058200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dam.sys
2013-11-23 12:03 - 2013-08-16 06:39 - 02371728 _____ (Microsoft Corporation) C:\windows\system32\WSService.dll
2013-11-23 12:03 - 2013-08-16 06:32 - 00209200 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2013-11-23 12:03 - 2013-08-16 06:22 - 04917760 _____ (Microsoft Corporation) C:\windows\system32\sppsvc.exe
2013-11-23 12:03 - 2013-08-16 06:21 - 01164288 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2013-11-23 12:03 - 2013-08-16 06:21 - 00688640 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2013-11-23 12:03 - 2013-08-16 06:21 - 00368640 _____ (Microsoft Corporation) C:\windows\system32\sppwinob.dll
2013-11-23 12:03 - 2013-08-16 06:21 - 00204800 _____ (Microsoft Corporation) C:\windows\system32\WSClient.dll
2013-11-23 12:03 - 2013-08-16 06:21 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.dll
2013-11-23 12:03 - 2013-08-16 06:21 - 00183808 _____ (Microsoft Corporation) C:\windows\system32\WSSync.dll
2013-11-23 12:03 - 2013-08-16 06:21 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-23 12:03 - 2013-08-16 06:21 - 00120320 _____ (Microsoft Corporation) C:\windows\system32\sppc.dll
2013-11-23 12:03 - 2013-08-16 06:21 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\setupcln.dll
2013-11-23 12:03 - 2013-08-16 06:20 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2013-11-23 12:03 - 2013-08-15 23:43 - 00562688 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2013-11-23 12:03 - 2013-08-15 23:43 - 00167424 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSClient.dll
2013-11-23 12:03 - 2013-08-15 23:43 - 00159232 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSSync.dll
2013-11-23 12:03 - 2013-08-15 23:43 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-11-23 12:03 - 2013-08-15 23:43 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-23 12:03 - 2013-08-15 23:43 - 00083968 _____ C:\windows\SysWOW64\OEMLicense.dll
2013-11-23 12:03 - 2013-08-15 23:42 - 00091648 _____ (Microsoft Corporation) C:\windows\SysWOW64\sppc.dll
2013-11-23 12:03 - 2013-08-15 23:42 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\setupcln.dll
2013-11-23 12:03 - 2013-07-06 01:15 - 00652288 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2013-11-23 12:03 - 2013-07-04 03:13 - 00541696 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2013-11-23 12:02 - 2013-10-03 00:25 - 01300992 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2013-11-23 12:02 - 2013-10-02 00:37 - 01569280 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2013-11-23 12:02 - 2013-10-02 00:26 - 01890816 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2013-11-23 12:02 - 2013-10-01 23:22 - 01022976 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2013-11-23 12:02 - 2013-09-13 23:36 - 00247296 _____ (Microsoft Corporation) C:\windows\SysWOW64\ubpm.dll
2013-11-23 12:02 - 2013-09-13 23:33 - 00328192 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2013-11-23 12:02 - 2013-08-30 06:43 - 00061784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\crashdmp.sys
2013-11-23 12:02 - 2013-08-30 06:20 - 01173504 _____ (Microsoft Corporation) C:\windows\system32\UIAutomationCore.dll
2013-11-23 12:02 - 2013-08-30 00:48 - 00914432 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIAutomationCore.dll
2013-11-23 12:02 - 2013-08-21 07:39 - 00465240 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fvevol.sys
2013-11-23 12:02 - 2013-08-16 06:21 - 00049664 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2013-11-23 12:02 - 2013-08-16 06:21 - 00049152 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2013-11-23 12:02 - 2013-08-15 23:43 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2013-11-23 12:02 - 2013-08-10 07:30 - 00151896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tpm.sys
2013-11-23 12:02 - 2013-08-10 06:21 - 00817152 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2013-11-23 12:02 - 2013-08-10 04:58 - 00656896 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2013-11-23 12:02 - 2013-07-25 00:10 - 10799104 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll
2013-11-23 12:02 - 2013-07-25 00:07 - 13661696 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll
2013-11-23 12:02 - 2013-07-12 02:38 - 00599040 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll
2013-11-23 12:02 - 2013-07-12 02:30 - 00485376 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll
2013-11-23 12:02 - 2013-03-02 11:57 - 00332520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2013-11-23 12:02 - 2013-03-02 11:57 - 00077544 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storahci.sys
2013-11-23 12:02 - 2013-03-02 11:39 - 00495336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vhdmp.sys
2013-11-23 12:02 - 2013-03-02 09:23 - 01338880 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2013-11-23 12:02 - 2013-03-02 09:23 - 00893952 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmde.dll
2013-11-23 12:02 - 2013-03-02 09:23 - 00601088 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Globalization.dll
2013-11-23 12:02 - 2013-03-02 09:23 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2013-11-23 12:02 - 2013-03-02 09:22 - 05091840 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2013-11-23 12:02 - 2013-03-02 09:22 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcfgx.dll
2013-11-23 12:02 - 2013-03-02 09:21 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\drvstore.dll
2013-11-23 12:02 - 2013-03-02 09:21 - 00145408 _____ (Microsoft Corporation) C:\windows\SysWOW64\powercfg.cpl
2013-11-23 12:02 - 2013-03-02 09:21 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\DevDispItemProvider.dll
2013-11-23 12:02 - 2013-03-02 03:45 - 01627648 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2013-11-23 12:02 - 2013-03-02 03:45 - 01149952 _____ (Microsoft Corporation) C:\windows\system32\winmde.dll
2013-11-23 12:02 - 2013-03-02 03:45 - 01101824 _____ (Microsoft Corporation) C:\windows\system32\wmpmde.dll
2013-11-23 12:02 - 2013-03-02 03:45 - 00951808 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2013-11-23 12:02 - 2013-03-02 03:45 - 00645120 _____ (Microsoft Corporation) C:\windows\system32\Windows.Security.Authentication.OnlineId.dll
2013-11-23 12:02 - 2013-03-02 03:45 - 00245248 _____ (Microsoft Corporation) C:\windows\system32\usbmon.dll
2013-11-23 12:02 - 2013-03-02 03:45 - 00240640 _____ (Microsoft Corporation) C:\windows\system32\fsquirt.exe
2013-11-23 12:02 - 2013-03-02 03:45 - 00180224 _____ (Microsoft Corporation) C:\windows\system32\SystemEventsBrokerServer.dll
2013-11-23 12:02 - 2013-03-02 03:45 - 00171008 _____ (Microsoft Corporation) C:\windows\system32\TimeBrokerServer.dll
2013-11-23 12:02 - 2013-03-02 03:45 - 00103936 _____ (Microsoft Corporation) C:\windows\system32\wpdbusenum.dll
2013-11-23 12:02 - 2013-03-02 03:45 - 00071168 _____ (Microsoft Corporation) C:\windows\system32\WSDPrintProxy.DLL
2013-11-23 12:02 - 2013-03-02 03:44 - 05978624 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2013-11-23 12:02 - 2013-03-02 03:44 - 00703488 _____ (Microsoft Corporation) C:\windows\system32\drvstore.dll
2013-11-23 12:02 - 2013-03-02 03:44 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\netcfgx.dll
2013-11-23 12:02 - 2013-03-02 03:44 - 00150016 _____ (Microsoft Corporation) C:\windows\system32\discan.dll
2013-11-23 12:02 - 2013-03-02 03:44 - 00117248 _____ (Microsoft Corporation) C:\windows\system32\NdisImPlatform.dll
2013-11-23 12:02 - 2013-03-02 03:44 - 00049152 _____ (Microsoft Corporation) C:\windows\system32\DevDispItemProvider.dll
2013-11-23 12:02 - 2013-03-02 03:43 - 00156160 _____ (Microsoft Corporation) C:\windows\system32\powercfg.cpl
2013-11-23 12:02 - 2013-03-02 03:15 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mouhid.sys
2013-11-23 12:02 - 2013-03-01 05:56 - 00156672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rfcomm.sys
2013-11-23 12:02 - 2013-03-01 05:56 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\monitor.sys
2013-11-23 12:02 - 2013-03-01 05:55 - 01175040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthport.sys
2013-11-23 12:01 - 2013-07-09 09:04 - 00120144 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msgpioclx.sys
2013-11-23 12:01 - 2013-07-09 07:18 - 00439488 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2013-11-23 12:01 - 2013-07-09 05:25 - 00385768 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2013-11-23 12:01 - 2013-07-09 04:57 - 00245760 _____ (Microsoft Corporation) C:\windows\SysWOW64\LocationApi.dll
2013-11-23 12:01 - 2013-07-08 23:46 - 00543744 _____ (Microsoft Corporation) C:\windows\system32\wwanmm.dll
2013-11-23 12:01 - 2013-07-08 23:46 - 00414208 _____ (Microsoft Corporation) C:\windows\system32\wwanconn.dll
2013-11-23 12:01 - 2013-07-08 23:46 - 00370688 _____ (Microsoft Corporation) C:\windows\system32\Wwanadvui.dll
2013-11-23 12:01 - 2013-07-08 23:45 - 00312832 _____ (Microsoft Corporation) C:\windows\system32\LocationApi.dll
2013-11-23 12:01 - 2013-07-06 01:16 - 01025024 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2013-11-23 12:01 - 2013-07-05 23:02 - 00121984 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBAUDIO.sys
2013-11-23 12:01 - 2013-07-05 23:02 - 00099328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbcir.sys
2013-11-23 12:01 - 2013-07-05 23:01 - 00210560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbvideo.sys
2013-11-23 12:01 - 2013-07-03 01:23 - 00391168 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-11-23 12:01 - 2013-07-03 01:22 - 02839552 _____ (Microsoft Corporation) C:\windows\system32\msftedit.dll
2013-11-23 12:01 - 2013-07-03 01:11 - 00268800 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-11-23 12:01 - 2013-07-03 01:10 - 02273792 _____ (Microsoft Corporation) C:\windows\SysWOW64\msftedit.dll
2013-11-23 12:01 - 2013-07-01 23:14 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbprint.sys
2013-11-23 12:01 - 2013-06-30 23:30 - 00067072 _____ (Microsoft Corporation) C:\windows\SysWOW64\openfiles.exe
2013-11-23 12:01 - 2013-06-30 23:29 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\openfiles.exe
2013-11-23 12:01 - 2013-06-29 07:15 - 00195416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys
2013-11-23 12:01 - 2013-06-29 07:15 - 00125784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dumpsd.sys
2013-11-23 12:01 - 2013-06-29 06:43 - 00327512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys
2013-11-23 12:01 - 2013-06-29 04:08 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2013-11-23 12:01 - 2013-06-29 04:07 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2013-11-23 12:01 - 2013-06-26 04:01 - 00321536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\udfs.sys
2013-11-23 12:01 - 2013-06-26 03:59 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\HdAudio.sys
2013-11-23 12:01 - 2013-06-24 23:54 - 00447488 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2013-11-23 12:01 - 2013-06-24 23:54 - 00263680 _____ (Microsoft Corporation) C:\windows\system32\wcmsvc.dll
2013-11-23 12:01 - 2013-06-24 23:54 - 00074240 _____ (Microsoft Corporation) C:\windows\system32\wcmcsp.dll
2013-11-23 12:01 - 2013-06-22 06:45 - 00785624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Wdf01000.sys
2013-11-23 12:01 - 2013-06-22 06:45 - 00054488 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdfLdr.sys
2013-11-23 12:01 - 2013-06-19 06:36 - 00183808 _____ (Microsoft Corporation) C:\windows\system32\winmmbase.dll
2013-11-23 12:01 - 2013-06-19 06:36 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\winmm.dll
2013-11-23 12:01 - 2013-06-18 23:38 - 00160256 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmmbase.dll
2013-11-23 12:01 - 2013-06-18 23:38 - 00125440 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmm.dll
2013-11-23 12:01 - 2013-06-12 00:43 - 00154112 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinSCard.dll
2013-11-23 12:01 - 2013-06-12 00:26 - 00230912 _____ (Microsoft Corporation) C:\windows\system32\WinSCard.dll
2013-11-23 12:01 - 2013-06-10 20:16 - 00888832 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2013-11-23 12:01 - 2013-06-10 20:15 - 00381952 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2013-11-23 12:01 - 2013-06-10 20:10 - 00702464 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2013-11-23 12:01 - 2013-06-10 20:10 - 00245248 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2013-11-23 12:01 - 2013-06-06 09:03 - 00119040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBSTOR.SYS
2013-11-23 12:01 - 2013-05-04 05:48 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidusb.sys
2013-11-23 12:00 - 2013-09-23 23:30 - 00419328 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2013-11-23 12:00 - 2013-09-23 23:30 - 00323072 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2013-11-23 12:00 - 2013-08-23 06:11 - 04040192 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-11-23 12:00 - 2013-07-01 02:42 - 00623448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2013-11-23 12:00 - 2013-07-01 02:42 - 00498008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2013-11-23 12:00 - 2013-07-01 02:42 - 00079192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2013-11-23 12:00 - 2013-07-01 02:42 - 00021848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2013-11-23 12:00 - 2013-06-29 04:07 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2013-11-23 12:00 - 2013-06-29 04:06 - 00120832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2013-11-23 12:00 - 2013-06-01 10:25 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2013-11-23 12:00 - 2013-06-01 10:21 - 00595968 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2013-11-23 12:00 - 2013-05-27 00:17 - 00035328 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2013-11-23 12:00 - 2013-05-26 23:59 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2013-11-23 12:00 - 2013-05-25 04:15 - 00362496 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2013-11-23 12:00 - 2013-05-25 03:32 - 00300032 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2013-11-23 12:00 - 2013-05-24 00:02 - 01314816 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2013-11-23 12:00 - 2013-05-23 23:25 - 00694272 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2013-11-23 12:00 - 2013-04-24 00:13 - 01013248 _____ (Microsoft Corporation) C:\windows\SysWOW64\certutil.exe
2013-11-23 12:00 - 2013-04-24 00:12 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2013-11-23 12:00 - 2013-04-23 23:56 - 01255936 _____ (Microsoft Corporation) C:\windows\system32\certutil.exe
2013-11-23 12:00 - 2013-04-23 23:55 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2013-11-23 12:00 - 2013-04-11 23:30 - 01421312 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2013-11-23 12:00 - 2013-04-11 23:22 - 01838080 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2013-11-23 11:59 - 2013-10-12 09:43 - 19269632 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-11-23 11:59 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-11-23 11:59 - 2013-07-13 07:18 - 00337408 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2013-11-23 11:59 - 2013-07-13 07:16 - 00068096 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2013-11-23 11:59 - 2013-07-13 07:15 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\apprepapi.dll
2013-11-23 11:59 - 2013-07-13 07:15 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\apprepsync.dll
2013-11-23 11:59 - 2013-07-13 05:24 - 00261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2013-11-23 11:59 - 2013-07-13 05:23 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\apprepapi.dll
2013-11-23 11:59 - 2013-07-13 05:23 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\apprepsync.dll
2013-11-23 11:59 - 2013-05-31 00:24 - 01257472 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2013-11-23 11:59 - 2013-05-31 00:08 - 00974848 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2013-11-23 11:59 - 2013-05-15 03:25 - 00888320 _____ (Microsoft Corporation) C:\windows\system32\autochk.exe
2013-11-23 11:59 - 2013-05-15 03:25 - 00542208 _____ (Microsoft Corporation) C:\windows\system32\untfs.dll
2013-11-23 11:59 - 2013-05-15 03:24 - 00793088 _____ (Microsoft Corporation) C:\windows\SysWOW64\autochk.exe
2013-11-23 11:59 - 2013-05-15 03:24 - 00482816 _____ (Microsoft Corporation) C:\windows\SysWOW64\untfs.dll
2013-11-23 11:59 - 2013-05-04 08:58 - 00120736 _____ (Microsoft Corporation) C:\windows\system32\AuthHost.exe
2013-11-23 11:59 - 2013-05-04 07:59 - 02842112 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2013-11-23 11:59 - 2013-05-04 07:59 - 01483776 _____ (Microsoft Corporation) C:\windows\system32\VSSVC.exe
2013-11-23 11:59 - 2013-05-04 07:59 - 00812544 _____ (Microsoft Corporation) C:\windows\system32\Magnify.exe
2013-11-23 11:59 - 2013-05-04 07:58 - 01332736 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2013-11-23 11:59 - 2013-05-04 07:58 - 00470528 _____ (Microsoft Corporation) C:\windows\system32\netprofmsvc.dll
2013-11-23 11:59 - 2013-05-04 07:58 - 00330240 _____ (Microsoft Corporation) C:\windows\system32\stobject.dll
2013-11-23 11:59 - 2013-05-04 07:58 - 00169984 _____ (Microsoft Corporation) C:\windows\system32\netplwiz.dll
2013-11-23 11:59 - 2013-05-04 07:58 - 00151552 _____ (Microsoft Corporation) C:\windows\system32\netprofm.dll
2013-11-23 11:59 - 2013-05-04 07:58 - 00093696 _____ (Microsoft Corporation) C:\windows\system32\psmsrv.dll
2013-11-23 11:59 - 2013-05-04 07:57 - 01131520 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentServer.dll
2013-11-23 11:59 - 2013-05-04 07:57 - 00820736 _____ (Microsoft Corporation) C:\windows\system32\gpprefcl.dll
2013-11-23 11:59 - 2013-05-04 07:57 - 00708096 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentExtensions.dll
2013-11-23 11:59 - 2013-05-04 07:57 - 00560640 _____ (Microsoft Corporation) C:\windows\system32\mfmp4srcsnk.dll
2013-11-23 11:59 - 2013-05-04 07:57 - 00501760 _____ (Microsoft Corporation) C:\windows\system32\DevicePairing.dll
2013-11-23 11:59 - 2013-05-04 07:57 - 00389120 _____ (Microsoft Corporation) C:\windows\system32\BCP47Langs.dll
2013-11-23 11:59 - 2013-05-04 07:57 - 00179712 _____ (Microsoft Corporation) C:\windows\system32\bisrv.dll
2013-11-23 11:59 - 2013-05-04 07:57 - 00122368 _____ (Microsoft Corporation) C:\windows\system32\biwinrt.dll
2013-11-23 11:59 - 2013-05-04 07:57 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\muifontsetup.dll
2013-11-23 11:59 - 2013-05-04 07:56 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\intl.cpl
2013-11-23 11:59 - 2013-05-04 05:58 - 00758784 _____ (Microsoft Corporation) C:\windows\SysWOW64\Magnify.exe
2013-11-23 11:59 - 2013-05-04 05:57 - 02620928 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2013-11-23 11:59 - 2013-05-04 05:57 - 00303616 _____ (Microsoft Corporation) C:\windows\SysWOW64\stobject.dll
2013-11-23 11:59 - 2013-05-04 05:57 - 00151040 _____ (Microsoft Corporation) C:\windows\SysWOW64\netplwiz.dll
2013-11-23 11:59 - 2013-05-04 05:57 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\netprofm.dll
2013-11-23 11:59 - 2013-05-04 05:57 - 00018432 _____ (Microsoft Corporation) C:\windows\SysWOW64\npmproxy.dll
2013-11-23 11:59 - 2013-05-04 05:57 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\muifontsetup.dll
2013-11-23 11:59 - 2013-05-04 05:56 - 00582144 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpprefcl.dll
2013-11-23 11:59 - 2013-05-04 05:56 - 00449536 _____ (Microsoft Corporation) C:\windows\SysWOW64\DevicePairing.dll
2013-11-23 11:59 - 2013-05-04 05:56 - 00411136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmp4srcsnk.dll
2013-11-23 11:59 - 2013-05-04 05:56 - 00309760 _____ (Microsoft Corporation) C:\windows\SysWOW64\BCP47Langs.dll
2013-11-23 11:59 - 2013-05-04 05:56 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\biwinrt.dll
2013-11-23 11:59 - 2013-05-04 05:55 - 00389632 _____ (Microsoft Corporation) C:\windows\SysWOW64\intl.cpl
2013-11-23 11:59 - 2013-05-04 05:51 - 00014848 _____ (Microsoft) C:\windows\system32\rars.rs
2013-11-23 11:59 - 2013-05-04 05:47 - 00427520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdbss.sys
2013-11-23 11:59 - 2013-05-04 05:10 - 00014848 _____ (Microsoft) C:\windows\SysWOW64\rars.rs
2013-11-23 11:59 - 2013-04-27 06:20 - 00733184 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2013-11-23 11:59 - 2013-03-06 08:10 - 00112872 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2013-11-23 11:59 - 2013-03-06 07:29 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2013-11-23 11:59 - 2013-03-02 03:45 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\taskhost.exe
2013-11-23 11:59 - 2013-03-02 03:45 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\taskhostex.exe
2013-11-23 11:58 - 2013-10-12 09:45 - 02241536 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-11-23 11:58 - 2013-10-12 09:45 - 01364992 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-11-23 11:58 - 2013-10-12 09:45 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-11-23 11:58 - 2013-10-12 09:43 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-11-23 11:58 - 2013-10-12 09:43 - 03959808 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-11-23 11:58 - 2013-10-12 09:43 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-11-23 11:58 - 2013-10-12 09:43 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-11-23 11:58 - 2013-10-12 09:43 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-11-23 11:58 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-11-23 11:58 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-11-23 11:58 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-11-23 11:58 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-11-23 11:58 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-11-23 11:58 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-11-23 11:58 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-11-23 11:58 - 2013-07-02 02:41 - 00337752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBXHCI.SYS
2013-11-23 11:58 - 2013-07-02 02:41 - 00213336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\UCX01000.SYS
2013-11-23 11:58 - 2013-05-15 23:37 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2013-11-23 11:58 - 2013-05-15 23:35 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2013-11-23 11:58 - 2013-05-14 14:14 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-11-23 11:58 - 2013-05-14 10:23 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-11-23 11:58 - 2013-04-28 23:28 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2013-11-23 11:58 - 2013-03-15 01:17 - 00861184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2013-11-23 11:58 - 2013-02-21 11:29 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-11-23 11:58 - 2013-02-21 11:29 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-11-23 11:58 - 2013-02-21 11:29 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-11-23 11:58 - 2013-02-21 11:29 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-11-23 11:58 - 2013-02-21 11:14 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-11-23 11:58 - 2013-02-21 11:14 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-11-23 11:58 - 2013-02-19 10:53 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2013-11-23 11:56 - 2013-11-23 11:56 - 00000295 _____ C:\Users\mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb.lnk
2013-11-23 11:56 - 2013-08-10 06:21 - 00448512 _____ (Microsoft Corporation) C:\windows\system32\SettingSync.dll
2013-11-23 11:56 - 2013-08-10 06:21 - 00128512 _____ (Microsoft Corporation) C:\windows\system32\SettingSyncInfo.dll
2013-11-23 11:56 - 2013-08-10 04:58 - 00356352 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSync.dll
2013-11-23 11:56 - 2013-08-02 07:28 - 19758080 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2013-11-23 11:56 - 2013-08-02 07:28 - 00222208 _____ (Microsoft Corporation) C:\windows\system32\shdocvw.dll
2013-11-23 11:56 - 2013-08-02 06:08 - 17561088 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2013-11-23 11:56 - 2013-08-02 06:08 - 00199168 _____ (Microsoft Corporation) C:\windows\SysWOW64\shdocvw.dll
2013-11-23 11:56 - 2013-08-01 11:41 - 02233688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2013-11-23 11:56 - 2013-07-25 00:10 - 00158208 _____ (Microsoft Corporation) C:\windows\SysWOW64\mbsmsapi.dll
2013-11-23 11:56 - 2013-07-25 00:06 - 00225280 _____ (Microsoft Corporation) C:\windows\system32\mbsmsapi.dll
2013-11-23 11:56 - 2013-07-13 07:15 - 00459776 _____ (Microsoft Corporation) C:\windows\system32\appmgr.dll
2013-11-23 11:56 - 2013-07-13 05:23 - 00366592 _____ (Microsoft Corporation) C:\windows\SysWOW64\appmgr.dll
2013-11-23 11:56 - 2013-04-10 00:17 - 01125888 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2013-11-23 11:56 - 2013-04-09 23:29 - 00893952 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2013-11-23 11:56 - 2013-04-09 06:33 - 00489576 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2013-11-23 11:56 - 2013-04-09 06:33 - 00446792 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2013-11-23 11:56 - 2013-04-09 06:33 - 00253544 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2013-11-23 11:56 - 2013-04-09 06:20 - 00306952 _____ (Microsoft Corporation) C:\windows\system32\kd_02_10ec.dll
2013-11-23 11:56 - 2013-04-09 06:20 - 00086280 _____ (Microsoft Corporation) C:\windows\system32\kdnet.dll
2013-11-23 11:56 - 2013-04-09 06:18 - 00077960 _____ (Microsoft Corporation) C:\windows\system32\kdvm.dll
2013-11-23 11:56 - 2013-04-09 06:17 - 01829408 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2013-11-23 11:56 - 2013-04-09 05:52 - 00816128 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe
2013-11-23 11:56 - 2013-04-09 05:52 - 00804352 _____ (Microsoft Corporation) C:\windows\system32\RecoveryDrive.exe
2013-11-23 11:56 - 2013-04-09 05:52 - 00373760 _____ (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe
2013-11-23 11:56 - 2013-04-09 05:52 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\SearchFilterHost.exe
2013-11-23 11:56 - 2013-04-09 05:52 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\Robocopy.exe
2013-11-23 11:56 - 2013-04-09 05:51 - 14267904 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2013-11-23 11:56 - 2013-04-09 05:51 - 03552768 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
2013-11-23 11:56 - 2013-04-09 05:51 - 00595456 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.dll
2013-11-23 11:56 - 2013-04-09 05:51 - 00456704 _____ (Microsoft Corporation) C:\windows\system32\wpncore.dll
2013-11-23 11:56 - 2013-04-09 05:51 - 00367616 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2013-11-23 11:56 - 2013-04-09 05:51 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\wscsvc.dll
2013-11-23 11:56 - 2013-04-09 05:50 - 02107904 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2013-11-23 11:56 - 2013-04-09 05:50 - 01285632 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2013-11-23 11:56 - 2013-04-09 05:50 - 00745984 _____ (Microsoft Corporation) C:\windows\system32\mssvp.dll
2013-11-23 11:56 - 2013-04-09 05:50 - 00435200 _____ (Microsoft Corporation) C:\windows\system32\mssph.dll
2013-11-23 11:56 - 2013-04-09 05:50 - 00414720 _____ (Microsoft Corporation) C:\windows\system32\GenuineCenter.dll
2013-11-23 11:56 - 2013-04-09 05:50 - 00096256 _____ (Microsoft Corporation) C:\windows\system32\mssprxy.dll
2013-11-23 11:56 - 2013-04-09 05:50 - 00065024 _____ (Microsoft Corporation) C:\windows\system32\msscntrs.dll
2013-11-23 11:56 - 2013-04-09 05:50 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\msshooks.dll
2013-11-23 11:56 - 2013-04-09 05:49 - 01444864 _____ (Microsoft Corporation) C:\windows\system32\MSAudDecMFT.dll
2013-11-23 11:56 - 2013-04-09 05:49 - 00468992 _____ (Microsoft Corporation) C:\windows\system32\MFMediaEngine.dll
2013-11-23 11:56 - 2013-04-09 05:49 - 00281088 _____ (Microsoft Corporation) C:\windows\system32\mfreadwrite.dll
2013-11-23 11:56 - 2013-04-09 05:49 - 00231936 _____ (Microsoft Corporation) C:\windows\system32\fhengine.dll
2013-11-23 11:56 - 2013-04-09 05:49 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\iuilp.dll
2013-11-23 11:56 - 2013-04-09 05:49 - 00196096 _____ (Microsoft Corporation) C:\windows\system32\dmvdsitf.dll
2013-11-23 11:56 - 2013-04-09 05:49 - 00172544 _____ (Microsoft Corporation) C:\windows\system32\dwmredir.dll
2013-11-23 11:56 - 2013-04-09 05:49 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\fmifs.dll
2013-11-23 11:56 - 2013-04-09 05:48 - 00169472 _____ (Microsoft Corporation) C:\windows\system32\AudioEndpointBuilder.dll
2013-11-23 11:56 - 2013-04-09 03:34 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidbth.sys
2013-11-23 11:56 - 2013-04-09 03:33 - 00623104 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2013-11-23 11:56 - 2013-04-09 03:33 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndproxy.sys
2013-11-23 11:56 - 2013-04-09 03:32 - 00805376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2013-11-23 11:56 - 2013-04-09 03:31 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2013-11-23 11:56 - 2013-04-09 03:31 - 00083456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wanarp.sys
2013-11-23 11:56 - 2013-04-09 00:44 - 00123880 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscapi.dll
2013-11-23 11:56 - 2013-04-09 00:39 - 01408896 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2013-11-23 11:56 - 2013-04-09 00:37 - 00426024 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2013-11-23 11:56 - 2013-04-09 00:37 - 00324368 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2013-11-23 11:56 - 2013-04-08 22:52 - 11878912 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2013-11-23 11:56 - 2013-04-08 22:52 - 00670208 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe
2013-11-23 11:56 - 2013-04-08 22:52 - 00302592 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe
2013-11-23 11:56 - 2013-04-08 22:52 - 00171008 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchFilterHost.exe
2013-11-23 11:56 - 2013-04-08 22:52 - 00106496 _____ (Microsoft Corporation) C:\windows\SysWOW64\Robocopy.exe
2013-11-23 11:56 - 2013-04-08 22:51 - 02767360 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll
2013-11-23 11:56 - 2013-04-08 22:51 - 01593344 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2013-11-23 11:56 - 2013-04-08 22:51 - 01113600 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSAudDecMFT.dll
2013-11-23 11:56 - 2013-04-08 22:51 - 00659456 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssvp.dll
2013-11-23 11:56 - 2013-04-08 22:51 - 00411136 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.dll
2013-11-23 11:56 - 2013-04-08 22:51 - 00403968 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssph.dll
2013-11-23 11:56 - 2013-04-08 22:51 - 00361984 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFMediaEngine.dll
2013-11-23 11:56 - 2013-04-08 22:51 - 00214528 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfreadwrite.dll
2013-11-23 11:56 - 2013-04-08 22:51 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssphtb.dll
2013-11-23 11:56 - 2013-04-08 22:51 - 00155648 _____ (Microsoft Corporation) C:\windows\SysWOW64\dmvdsitf.dll
2013-11-23 11:56 - 2013-04-08 22:51 - 00041984 _____ (Microsoft Corporation) C:\windows\SysWOW64\fmifs.dll
2013-11-23 11:56 - 2013-04-08 22:51 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssprxy.dll
2013-11-23 11:56 - 2013-04-08 22:51 - 00010752 _____ (Microsoft Corporation) C:\windows\SysWOW64\msshooks.dll
2013-11-23 11:56 - 2013-04-05 00:30 - 00503080 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2013-11-23 11:56 - 2013-03-15 23:05 - 00298456 _____ (Microsoft Corporation) C:\windows\system32\rsaenh.dll
2013-11-23 11:56 - 2013-03-15 23:05 - 00252928 _____ (Microsoft Corporation) C:\windows\SysWOW64\rsaenh.dll
2013-11-23 11:56 - 2013-03-02 10:59 - 00411880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2013-11-23 11:56 - 2013-03-02 09:23 - 00100864 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSyncInfo.dll
2013-11-23 11:55 - 2013-08-07 06:15 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\tssdisai.dll
2013-11-23 11:55 - 2013-08-03 07:40 - 01374208 _____ (Microsoft Corporation) C:\windows\system32\wdc.dll
2013-11-23 11:55 - 2013-08-03 07:40 - 00566784 _____ (Microsoft Corporation) C:\windows\system32\wvc.dll
2013-11-23 11:55 - 2013-08-03 07:40 - 00462336 _____ (Microsoft Corporation) C:\windows\system32\sysmon.ocx
2013-11-23 11:55 - 2013-08-03 06:14 - 00399360 _____ (Microsoft Corporation) C:\windows\SysWOW64\sysmon.ocx
2013-11-23 11:55 - 2013-08-03 06:13 - 01245696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdc.dll
2013-11-23 11:55 - 2013-08-03 06:13 - 00437248 _____ (Microsoft Corporation) C:\windows\SysWOW64\wvc.dll
2013-11-23 10:03 - 2013-11-23 10:03 - 00000000 ____D C:\Users\mad\Documents\ArtRage Paintings
2013-11-23 07:22 - 2013-11-23 07:22 - 00000000 ____D C:\Users\mad\AppData\Roaming\WTablet
2013-11-23 07:22 - 2013-06-07 19:15 - 01957688 _____ (Wacom Technology, Corp.) C:\windows\system32\ISD_Tablet.dll
2013-11-23 07:22 - 2013-06-07 19:15 - 01950520 _____ (Wacom Technology, Corp.) C:\windows\system32\ISD_Touch_Tablet.dll
2013-11-23 07:22 - 2013-06-07 19:15 - 01819448 _____ (Wacom Technology, Corp.) C:\windows\system32\Wintab32.dll
2013-11-23 07:22 - 2013-06-07 19:15 - 01607992 _____ (Wacom Technology, Corp.) C:\windows\SysWOW64\ISD_Tablet.dll
2013-11-23 07:22 - 2013-06-07 19:15 - 01601336 _____ (Wacom Technology, Corp.) C:\windows\SysWOW64\ISD_Touch_Tablet.dll
2013-11-23 07:22 - 2013-06-07 19:15 - 01488184 _____ (Wacom Technology, Corp.) C:\windows\SysWOW64\Wintab32.dll
2013-11-23 07:22 - 2013-06-06 00:35 - 00089400 _____ (Wacom Technology) C:\windows\system32\Drivers\wachidrouter.sys
2013-11-23 07:22 - 2012-12-20 23:20 - 00015344 _____ (Wacom Technology) C:\windows\system32\Drivers\wacomrouterfilter.sys
2013-11-23 07:21 - 2013-11-23 07:22 - 00000000 ____D C:\Program Files\Tablet
2013-11-23 07:20 - 2013-11-23 07:21 - 23724480 _____ C:\Users\mad\Downloads\ISD_DualTouch_711-16.exe
2013-11-23 00:07 - 2013-11-23 00:07 - 00000017 _____ C:\Users\mad\AppData\Local\resmon.resmoncfg
2013-11-23 00:00 - 2012-04-11 23:34 - 01721576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wdfcoinstaller01009.dll
2013-11-22 22:55 - 2013-11-22 22:56 - 00000000 ____D C:\Users\mad\AppData\Roaming\Ambient Design
2013-11-22 22:55 - 2013-11-22 22:55 - 00000000 ____D C:\Program Files (x86)\Ambient Design
2013-11-22 22:22 - 2013-11-22 22:27 - 00000000 ____D C:\ProgramData\Protexis64
2013-11-22 22:22 - 2013-11-22 22:22 - 00000000 ____D C:\Users\mad\AppData\Roaming\Corel
2013-11-22 22:20 - 2013-11-27 19:48 - 00000000 ____D C:\ProgramData\Corel
2013-11-22 22:16 - 2013-11-27 19:48 - 00000000 ____D C:\ProgramData\Corel Painter X3
2013-11-22 21:44 - 2013-11-22 21:44 - 00000000 ____D C:\Users\mad\AppData\Local\Macromedia
2013-11-22 21:34 - 2013-11-28 13:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-22 21:34 - 2013-11-22 21:34 - 00000000 ____D C:\Users\mad\AppData\Roaming\Mozilla
2013-11-22 21:34 - 2013-11-22 21:34 - 00000000 ____D C:\Users\mad\AppData\Local\Mozilla
2013-11-22 21:34 - 2013-11-22 21:34 - 00000000 ____D C:\ProgramData\Mozilla
2013-11-22 21:34 - 2013-11-22 21:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-22 21:32 - 2013-11-22 21:32 - 00000000 ____D C:\Users\mad\AppData\Roaming\Macromedia
2013-11-22 21:05 - 2013-12-01 11:17 - 00003598 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3239287756-2313639032-4105574938-1001
2013-11-22 20:33 - 2013-12-01 10:08 - 00001667 _____ C:\Users\mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-22 20:33 - 2013-12-01 09:46 - 00000000 ____D C:\Users\mad\AppData\Roaming\Adobe
2013-11-22 20:33 - 2013-11-23 12:41 - 00000438 _____ C:\Users\mad\Downloads\Desktop.lnk
2013-11-22 20:33 - 2013-11-23 12:41 - 00000000 ___RD C:\Users\mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-22 20:33 - 2013-11-23 12:41 - 00000000 ___RD C:\Users\mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-22 20:32 - 2013-12-01 11:17 - 01179851 _____ C:\windows\WindowsUpdate.log
2013-11-22 20:32 - 2013-11-30 22:29 - 00000000 ____D C:\Users\mad\AppData\Local\Packages
2013-11-22 20:32 - 2013-11-24 14:58 - 00000000 ____D C:\Users\mad
2013-11-22 20:32 - 2013-11-22 20:32 - 00000020 ___SH C:\Users\mad\ntuser.ini
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Vorlagen
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Startmenü
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Netzwerkumgebung
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Lokale Einstellungen
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Eigene Dateien
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Druckumgebung
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Documents\Eigene Musik
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Documents\Eigene Bilder
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\AppData\Local\Verlauf
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\AppData\Local\Anwendungsdaten
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Anwendungsdaten
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 ____D C:\Users\mad\AppData\Local\VirtualStore
2013-11-22 20:32 - 2013-03-28 13:56 - 00000000 ___RD C:\Users\mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-11-22 20:32 - 2012-07-26 09:13 - 00000000 ___RD C:\Users\mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-11-22 20:32 - 2012-07-26 09:13 - 00000000 ___RD C:\Users\mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-11-22 20:32 - 2012-07-26 09:13 - 00000000 ____D C:\Users\mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-11-22 20:26 - 2013-11-22 20:26 - 00000000 ____D C:\windows\CSC

==================== One Month Modified Files and Folders =======

2013-12-01 11:18 - 2013-12-01 11:18 - 00007109 _____ C:\Users\mad\Desktop\FRST.txt
2013-12-01 11:18 - 2013-12-01 11:18 - 00000000 ____D C:\FRST
2013-12-01 11:17 - 2013-11-22 21:05 - 00003598 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3239287756-2313639032-4105574938-1001
2013-12-01 11:17 - 2013-11-22 20:32 - 01179851 _____ C:\windows\WindowsUpdate.log
2013-12-01 11:15 - 2013-12-01 11:15 - 01959184 _____ (Farbar) C:\Users\mad\Desktop\FRST64.exe
2013-12-01 11:11 - 2013-03-28 13:02 - 00753134 _____ C:\windows\system32\perfh007.dat
2013-12-01 11:11 - 2013-03-28 13:02 - 00155826 _____ C:\windows\system32\perfc007.dat
2013-12-01 11:11 - 2012-07-26 08:28 - 01745416 _____ C:\windows\system32\PerfStringBackup.INI
2013-12-01 11:06 - 2012-07-26 08:22 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-12-01 11:05 - 2013-12-01 10:48 - 00000000 ____D C:\AdwCleaner
2013-12-01 11:01 - 2013-12-01 11:01 - 00000614 _____ C:\Users\mad\Desktop\JRT.txt
2013-12-01 11:00 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\sru
2013-12-01 10:57 - 2013-12-01 10:57 - 00000000 ____D C:\windows\ERUNT
2013-12-01 10:55 - 2013-12-01 10:55 - 01034531 _____ (Thisisu) C:\Users\mad\Desktop\JRT.exe
2013-12-01 10:47 - 2013-12-01 10:47 - 01091882 _____ C:\Users\mad\Desktop\adwcleaner.exe
2013-12-01 10:45 - 2013-03-28 06:26 - 00011438 _____ C:\windows\PFRO.log
2013-12-01 10:34 - 2013-12-01 10:34 - 00001120 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-01 10:34 - 2013-12-01 10:34 - 00000000 ____D C:\Users\mad\AppData\Roaming\Malwarebytes
2013-12-01 10:34 - 2013-12-01 10:34 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-01 10:34 - 2013-12-01 10:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-01 10:29 - 2013-12-01 10:29 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\mad\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-01 10:08 - 2013-11-22 20:33 - 00001667 _____ C:\Users\mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-01 10:04 - 2013-11-23 12:40 - 05041816 _____ C:\windows\system32\FNTCACHE.DAT
2013-12-01 10:04 - 2012-07-26 06:26 - 00262144 ___SH C:\windows\system32\config\BBI
2013-12-01 09:53 - 2013-12-01 09:55 - 06143206 _____ C:\Users\mad\Desktop\Adobe_Creative_Cloud_Cleaner_Tool.zip
2013-12-01 09:50 - 2013-11-25 20:03 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-12-01 09:46 - 2013-11-23 21:45 - 00000000 ____D C:\ProgramData\Adobe
2013-12-01 09:46 - 2013-11-22 20:33 - 00000000 ____D C:\Users\mad\AppData\Roaming\Adobe
2013-12-01 09:45 - 2013-11-25 20:22 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2013-12-01 09:33 - 2013-11-24 08:10 - 00000000 ____D C:\windows\system32\appmgmt
2013-11-30 22:29 - 2013-11-30 22:29 - 00000000 ____D C:\Users\mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-11-30 22:29 - 2013-11-22 20:32 - 00000000 ____D C:\Users\mad\AppData\Local\Packages
2013-11-30 22:29 - 2012-07-26 09:12 - 00000000 ____D C:\windows\AUInstallAgent
2013-11-30 07:26 - 2013-11-30 07:26 - 01179648 _____ C:\Users\mad\Documents\AutoHotkey.exe
2013-11-30 07:24 - 2013-11-30 07:24 - 00001351 _____ C:\Users\mad\Documents\AutoHotkey.ahk
2013-11-28 13:21 - 2013-11-24 12:20 - 00000000 ____D C:\Users\mad\AppData\Local\Downloaded Installations
2013-11-28 13:16 - 2013-11-22 21:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-28 13:09 - 2013-11-28 13:02 - 00000000 ____D C:\Users\mad\AppData\Roaming\Red Giant Link
2013-11-28 13:04 - 2013-11-28 13:04 - 00000000 ____D C:\Users\mad\AppData\Local\LooksBuilder
2013-11-28 12:56 - 2013-11-28 12:56 - 00000000 ____D C:\ProgramData\RedGiant
2013-11-28 12:46 - 2013-11-28 12:46 - 00000000 ____D C:\Users\mad\AppData\Roaming\MAXON
2013-11-27 19:48 - 2013-11-27 19:48 - 00000000 ____D C:\Program Files\Common Files\Protexis
2013-11-27 19:48 - 2013-11-22 22:20 - 00000000 ____D C:\ProgramData\Corel
2013-11-27 19:48 - 2013-11-22 22:16 - 00000000 ____D C:\ProgramData\Corel Painter X3
2013-11-27 19:46 - 2013-11-27 19:46 - 00000000 ____D C:\Program Files\Corel
2013-11-27 19:13 - 2013-11-26 10:42 - 01240084 _____ C:\Users\mad\Desktop\flur.rif
2013-11-27 19:11 - 2013-11-26 10:42 - 01261636 _____ C:\Users\mad\Desktop\flur_bak.rif
2013-11-27 19:06 - 2013-11-27 19:06 - 00000000 ____D C:\artdock
2013-11-27 19:01 - 2013-11-27 19:01 - 02641401 _____ C:\Users\mad\Downloads\AutoHotkey_L_Install.exe
2013-11-27 19:01 - 2013-11-27 19:01 - 00000000 ____D C:\Program Files\AutoHotkey
2013-11-27 19:01 - 2012-07-26 10:45 - 00000000 ____D C:\windows\ShellNew
2013-11-27 18:28 - 2013-11-27 18:28 - 00000000 ____D C:\Users\mad\AppData\Roaming\Thunderbird
2013-11-27 18:28 - 2013-11-27 18:28 - 00000000 ____D C:\Users\mad\AppData\Local\Thunderbird
2013-11-27 18:28 - 2013-11-27 18:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-11-27 18:26 - 2013-11-27 18:26 - 21978136 _____ (Mozilla) C:\Users\mad\Downloads\Thunderbird Setup 24.1.1.exe
2013-11-27 15:52 - 2013-11-26 16:56 - 01381429 _____ C:\Users\mad\Desktop\test.mprj
2013-11-27 09:09 - 2012-07-26 08:21 - 00032995 _____ C:\windows\setupact.log
2013-11-27 07:18 - 2013-11-27 07:17 - 00000000 ____D C:\Users\mad\Documents\Premiere_Hauptordner
2013-11-27 07:16 - 2013-11-27 07:16 - 00000000 ____D C:\Users\mad\Documents\Adobe
2013-11-27 07:16 - 2013-11-27 07:16 - 00000000 ____D C:\Users\mad\AppData\Roaming\PACE Anti-Piracy
2013-11-27 07:16 - 2013-11-27 07:16 - 00000000 ____D C:\Users\mad\AppData\Local\PACE Anti-Piracy
2013-11-27 07:16 - 2013-11-27 07:16 - 00000000 ____D C:\ProgramData\PACE Anti-Piracy
2013-11-27 07:16 - 2013-09-28 16:31 - 00000000 ___HD C:\Users\mad\AppData\Local\nrA5EZEHCA1AA
2013-11-27 07:16 - 2012-05-27 19:34 - 00000000 ___HD C:\Users\mad\AppData\Local\h9Jw3zWtahi
2013-11-26 17:10 - 2013-11-26 17:10 - 00058853 _____ C:\Users\mad\Desktop\hallo.wma
2013-11-26 16:44 - 2013-11-26 16:43 - 00000000 ____D C:\Users\mad\Documents\Photoshop _Hauptordner
2013-11-26 14:00 - 2013-11-26 14:00 - 00000000 ____D C:\Users\mad\Documents\Arduino
2013-11-26 14:00 - 2013-11-26 14:00 - 00000000 ____D C:\Users\mad\AppData\Roaming\Arduino
2013-11-26 13:59 - 2013-11-23 20:48 - 00208946 _____ C:\windows\DPINST.LOG
2013-11-26 13:20 - 2013-11-26 13:19 - 55115064 _____ C:\Users\mad\Downloads\arduino-1.0.5-windows.exe
2013-11-26 11:22 - 2013-11-26 11:22 - 01190894 _____ C:\Users\mad\Desktop\Untitled.mprj
2013-11-26 09:56 - 2013-11-24 14:57 - 00000000 ____D C:\Program Files\Blender Foundation
2013-11-26 09:36 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\NDF
2013-11-26 08:23 - 2013-11-24 14:05 - 00000000 ____D C:\Program Files (x86)\Duden
2013-11-26 08:14 - 2012-07-26 09:12 - 00000000 ____D C:\windows\rescache
2013-11-26 07:56 - 2013-11-24 12:47 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-26 07:56 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-11-26 07:55 - 2013-11-24 12:47 - 00000000 ____D C:\Program Files\Microsoft Office
2013-11-25 20:22 - 2013-11-23 21:45 - 00000000 ____D C:\Users\mad\AppData\Local\Adobe
2013-11-25 16:26 - 2013-11-24 14:05 - 00000000 ____D C:\ProgramData\Duden
2013-11-25 16:23 - 2013-11-24 12:48 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-11-25 16:23 - 2012-07-26 06:26 - 00000076 _____ C:\windows\win.ini
2013-11-25 06:35 - 2013-11-24 19:03 - 00000000 ____D C:\Users\mad\Documents\Native Instruments
2013-11-25 06:35 - 2013-11-24 19:03 - 00000000 ____D C:\Users\mad\AppData\Local\Native Instruments
2013-11-25 06:23 - 2013-11-25 06:23 - 00000000 __HDC C:\ProgramData\{C5A9D49F-FB00-46E2-BB29-AC4E9A6B75F6}
2013-11-25 06:22 - 2013-11-25 06:22 - 00000000 ____D C:\Program Files\Common Files\Avid
2013-11-25 06:08 - 2013-11-25 06:06 - 97365354 _____ C:\Users\mad\Downloads\arduino-1.0.5-windows.zip
2013-11-25 06:08 - 2013-11-25 06:04 - 244740096 _____ C:\Users\mad\Downloads\Massive.iso
2013-11-24 20:35 - 2013-11-24 20:35 - 00000000 __HDC C:\ProgramData\{56C5D4F0-9E6D-421F-AA70-A7EF727C1C69}
2013-11-24 20:32 - 2013-11-24 20:32 - 00000000 __HDC C:\ProgramData\{B49C92CB-1A73-4A41-A84C-5091582E7AA8}
2013-11-24 20:32 - 2013-11-24 20:32 - 00000000 __HDC C:\ProgramData\{9C588B44-42B6-434D-90BD-824BBB1F328A}
2013-11-24 20:32 - 2013-11-24 19:02 - 00000000 ____D C:\Program Files\Native Instruments
2013-11-24 20:28 - 2013-11-24 20:28 - 00000000 __HDC C:\ProgramData\{36D6E7A6-1DA8-4D35-A74B-0159C59D934D}
2013-11-24 20:28 - 2013-11-23 20:47 - 00000000 ____D C:\Program Files\Common Files\Native Instruments
2013-11-24 19:29 - 2013-11-24 19:29 - 00000000 __HDC C:\ProgramData\{F57C376F-E7ED-4527-9EE2-4D50799418BC}
2013-11-24 19:29 - 2013-11-24 19:29 - 00000000 __HDC C:\ProgramData\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14}
2013-11-24 19:29 - 2013-11-24 19:29 - 00000000 __HDC C:\ProgramData\{6495CC1D-C10B-40C5-A92B-241A2B2C8D20}
2013-11-24 19:03 - 2013-11-24 19:03 - 00000000 ____D C:\Users\Public\Documents\Maschine Library
2013-11-24 18:53 - 2013-11-24 18:53 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2013-11-24 18:52 - 2013-11-24 18:52 - 01640984 _____ C:\Users\mad\Downloads\SetupVirtualCloneDrive5470.exe
2013-11-24 17:04 - 2013-11-24 17:04 - 00112408 _____ C:\windows\system32\Drivers\NIWinCDEmu.sys
2013-11-24 17:04 - 2013-11-24 17:04 - 00000000 ____D C:\Program Files (x86)\Native Instruments
2013-11-24 15:57 - 2013-11-24 15:57 - 00000000 ____D C:\Users\mad\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2013-11-24 14:58 - 2013-11-24 14:58 - 00000000 ____D C:\Users\mad\.thumbnails
2013-11-24 14:58 - 2013-11-22 20:32 - 00000000 ____D C:\Users\mad
2013-11-24 14:06 - 2013-11-24 14:05 - 00000000 ____D C:\Users\mad\AppData\Roaming\Duden
2013-11-24 14:04 - 2013-11-24 14:04 - 00000000 ____D C:\windows\SysWOW64\XPSViewer
2013-11-24 14:04 - 2013-11-24 14:04 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-11-24 14:04 - 2013-11-24 14:04 - 00000000 ____D C:\Program Files\MSBuild
2013-11-24 14:04 - 2013-11-24 14:04 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-11-24 13:20 - 2013-11-24 13:20 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2013-11-24 12:51 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Common Files\System
2013-11-24 12:49 - 2013-11-24 12:49 - 00000000 ____D C:\windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-11-24 12:47 - 2013-11-24 12:47 - 00000000 ____D C:\Users\mad\AppData\Local\Microsoft Help
2013-11-24 12:21 - 2013-11-24 12:21 - 00000000 ____D C:\Program Files (x86)\Pixologic
2013-11-24 11:35 - 2013-11-24 11:35 - 00000000 ____D C:\Users\mad\Documents\Mudbox
2013-11-24 11:29 - 2013-11-24 11:25 - 00000000 ____D C:\ProgramData\Autodesk
2013-11-24 11:25 - 2013-11-24 11:25 - 00000000 ____D C:\Users\mad\AppData\Roaming\Autodesk
2013-11-24 09:11 - 2013-11-24 09:11 - 00000000 ____D C:\Users\mad\AppData\Local\CANON_INC
2013-11-24 09:10 - 2013-11-24 09:10 - 00000000 ____H C:\windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-11-24 09:10 - 2013-11-24 09:09 - 00000000 ____D C:\Program Files (x86)\Canon
2013-11-24 09:09 - 2013-11-24 09:09 - 00000000 ____D C:\Users\mad\AppData\Roaming\canon
2013-11-24 09:09 - 2013-11-24 09:09 - 00000000 ____D C:\ProgramData\Canon_Inc_IC
2013-11-24 09:04 - 2013-11-24 09:02 - 00000605 _____ C:\Users\mad\Desktop\CanonUpdate.reg.txt
2013-11-24 07:45 - 2013-11-24 07:45 - 00000000 ____H C:\windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2013-11-23 22:42 - 2013-11-23 22:42 - 00000000 ____D C:\Users\mad\Documents\Adobe Scripts
2013-11-23 21:37 - 2012-07-26 10:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-11-23 21:37 - 2012-07-26 10:43 - 00000000 ____D C:\windows\SysWOW64\winrm
2013-11-23 21:37 - 2012-07-26 10:43 - 00000000 ____D C:\windows\SysWOW64\WCN
2013-11-23 21:37 - 2012-07-26 10:43 - 00000000 ____D C:\windows\SysWOW64\sysprep
2013-11-23 21:37 - 2012-07-26 10:43 - 00000000 ____D C:\windows\SysWOW64\slmgr
2013-11-23 21:37 - 2012-07-26 10:43 - 00000000 ____D C:\windows\SysWOW64\Printing_Admin_Scripts
2013-11-23 21:37 - 2012-07-26 10:43 - 00000000 ____D C:\windows\system32\winrm
2013-11-23 21:37 - 2012-07-26 10:43 - 00000000 ____D C:\windows\system32\WCN
2013-11-23 21:37 - 2012-07-26 10:43 - 00000000 ____D C:\windows\system32\slmgr
2013-11-23 21:37 - 2012-07-26 10:43 - 00000000 ____D C:\windows\system32\Printing_Admin_Scripts
2013-11-23 21:37 - 2012-07-26 09:12 - 00000000 ___RD C:\windows\ImmersiveControlPanel
2013-11-23 21:37 - 2012-07-26 09:12 - 00000000 ____D C:\windows\WinStore
2013-11-23 21:37 - 2012-07-26 09:12 - 00000000 ____D C:\windows\SysWOW64\MUI
2013-11-23 21:37 - 2012-07-26 09:12 - 00000000 ____D C:\windows\SysWOW64\migwiz
2013-11-23 21:37 - 2012-07-26 09:12 - 00000000 ____D C:\windows\SysWOW64\Com
2013-11-23 21:37 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\SystemResetPlatform
2013-11-23 21:37 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\MUI
2013-11-23 21:37 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\migwiz
2013-11-23 21:37 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\Com
2013-11-23 21:37 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-11-23 21:37 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-11-23 21:37 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-11-23 21:37 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-11-23 21:37 - 2012-07-26 06:38 - 00000000 ____D C:\windows\SysWOW64\oobe
2013-11-23 21:37 - 2012-07-26 06:38 - 00000000 ____D C:\windows\SysWOW64\Dism
2013-11-23 21:37 - 2012-07-26 06:38 - 00000000 ____D C:\windows\system32\Sysprep
2013-11-23 21:37 - 2012-07-26 06:38 - 00000000 ____D C:\windows\system32\oobe
2013-11-23 21:37 - 2012-07-26 06:38 - 00000000 ____D C:\windows\system32\Dism
2013-11-23 21:36 - 2013-11-23 21:36 - 00000000 ____D C:\sources
2013-11-23 21:36 - 2012-07-26 09:12 - 00000000 ____D C:\windows\SysWOW64\en-GB
2013-11-23 21:36 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\en-GB
2013-11-23 21:36 - 2012-07-26 09:12 - 00000000 ____D C:\windows\PolicyDefinitions
2013-11-23 20:49 - 2013-11-23 20:49 - 00000000 ___DC C:\ProgramData\{63587E26-1A2F-4FCB-84B3-485CF73F34AF}
2013-11-23 20:48 - 2013-11-23 20:47 - 00000000 ____D C:\ProgramData\Native Instruments
2013-11-23 19:27 - 2013-11-23 19:27 - 00000000 ____D C:\Program Files\7-Zip
2013-11-23 19:26 - 2013-11-23 19:26 - 01376768 _____ C:\Users\mad\Downloads\7z920-x64.msi
2013-11-23 12:41 - 2013-11-22 20:33 - 00000438 _____ C:\Users\mad\Downloads\Desktop.lnk
2013-11-23 12:41 - 2013-11-22 20:33 - 00000000 ___RD C:\Users\mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-23 12:41 - 2013-11-22 20:33 - 00000000 ___RD C:\Users\mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-23 12:40 - 2013-11-23 12:37 - 00000000 ___RD C:\windows\BrowserChoice
2013-11-23 12:40 - 2013-03-28 06:30 - 00000000 ____D C:\ProgramData\PRICache
2013-11-23 12:40 - 2012-07-26 06:37 - 00000000 ____D C:\windows\servicing
2013-11-23 12:37 - 2012-07-26 09:12 - 00000000 ___RD C:\windows\ToastData
2013-11-23 12:37 - 2012-07-26 09:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-11-23 12:37 - 2012-07-26 09:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-11-23 12:37 - 2012-07-26 09:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-11-23 12:37 - 2012-07-26 09:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-11-23 12:34 - 2013-11-23 12:34 - 00000000 ____D C:\Program Files (x86)\Intel
2013-11-23 12:34 - 2013-03-28 13:08 - 00000000 ____D C:\windows\Firmware
2013-11-23 12:17 - 2013-11-23 12:17 - 00000000 ____D C:\windows\system32\MRT
2013-11-23 11:56 - 2013-11-23 11:56 - 00000295 _____ C:\Users\mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb.lnk
2013-11-23 10:03 - 2013-11-23 10:03 - 00000000 ____D C:\Users\mad\Documents\ArtRage Paintings
2013-11-23 07:22 - 2013-11-23 07:22 - 00000000 ____D C:\Users\mad\AppData\Roaming\WTablet
2013-11-23 07:22 - 2013-11-23 07:21 - 00000000 ____D C:\Program Files\Tablet
2013-11-23 07:21 - 2013-11-23 07:20 - 23724480 _____ C:\Users\mad\Downloads\ISD_DualTouch_711-16.exe
2013-11-23 00:07 - 2013-11-23 00:07 - 00000017 _____ C:\Users\mad\AppData\Local\resmon.resmoncfg
2013-11-22 22:56 - 2013-11-22 22:55 - 00000000 ____D C:\Users\mad\AppData\Roaming\Ambient Design
2013-11-22 22:55 - 2013-11-22 22:55 - 00000000 ____D C:\Program Files (x86)\Ambient Design
2013-11-22 22:55 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\restore
2013-11-22 22:27 - 2013-11-22 22:22 - 00000000 ____D C:\ProgramData\Protexis64
2013-11-22 22:22 - 2013-11-22 22:22 - 00000000 ____D C:\Users\mad\AppData\Roaming\Corel
2013-11-22 21:44 - 2013-11-22 21:44 - 00000000 ____D C:\Users\mad\AppData\Local\Macromedia
2013-11-22 21:34 - 2013-11-22 21:34 - 00000000 ____D C:\Users\mad\AppData\Roaming\Mozilla
2013-11-22 21:34 - 2013-11-22 21:34 - 00000000 ____D C:\Users\mad\AppData\Local\Mozilla
2013-11-22 21:34 - 2013-11-22 21:34 - 00000000 ____D C:\ProgramData\Mozilla
2013-11-22 21:34 - 2013-11-22 21:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-22 21:32 - 2013-11-22 21:32 - 00000000 ____D C:\Users\mad\AppData\Roaming\Macromedia
2013-11-22 20:32 - 2013-11-22 20:32 - 00000020 ___SH C:\Users\mad\ntuser.ini
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Vorlagen
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Startmenü
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Netzwerkumgebung
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Lokale Einstellungen
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Eigene Dateien
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Druckumgebung
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Documents\Eigene Musik
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Documents\Eigene Bilder
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\AppData\Local\Verlauf
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\AppData\Local\Anwendungsdaten
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Anwendungsdaten
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 ____D C:\Users\mad\AppData\Local\VirtualStore
2013-11-22 20:26 - 2013-11-22 20:26 - 00000000 ____D C:\windows\CSC
2013-11-19 11:21 - 2013-11-24 10:42 - 00267936 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2013-11-07 16:00 - 2013-11-23 12:17 - 82896128 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-11-05 23:58 - 2012-07-26 09:14 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-11-05 23:58 - 2012-07-26 09:14 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\mad\AppData\Local\Temp\AcDeltree.exe
C:\Users\mad\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\mad\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\mad\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\mad\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-08 17:30

==================== End Of Log ============================

--- --- ---

und die Addition.txt

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-12-2013
Ran by mad at 2013-12-01 11:18:48
Running from C:\Users\mad\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Arduino (x32 Version: 1.0.5)
ArtRage Studio Pro (x32 Version: 3.5.11)
AutoHotkey 1.1.13.01 (Version: 1.1.13.01)
Canon Utilities EOS Utility (x32 Version: 2.13.25.1)
Corel Painter 13 - IPM (Version: 13.1)
Corel Painter 13 - IPM Content (Version: 13.1)
Corel Painter X3 (Version: 13.0.1.920)
IconHandler 64 bit (Version: 2.0)
Intel(R) Processor Graphics (x32 Version: 9.17.10.3062)
ISD Tablett (Version: 7.1.1-16)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 24.1.1)
Mozilla Thunderbird 24.1.1 (x86 de) (x32 Version: 24.1.1)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
Native Instruments Controller Editor (Version: 1.6.0.1528)
Native Instruments Controller Editor (x32 Version: 1.6.0.1528)
Native Instruments Maschine (Version: 1.8.2.247)
Native Instruments Maschine (x32)
Native Instruments Maschine Controller (x32)
Native Instruments Maschine Controller Driver (Version: 3.0.1.648)
Native Instruments Maschine Controller Driver (x32)
Native Instruments Maschine Controller MK2 Driver (Version: 3.0.4.719)
Native Instruments Maschine Controller MK2 Driver (x32)
Native Instruments Maschine Mikro (x32)
Native Instruments Maschine Mikro Driver (Version: 3.0.2.664)
Native Instruments Maschine Mikro Driver (x32)
Native Instruments Maschine Mikro MK2 Driver (Version: 3.0.4.719)
Native Instruments Maschine Mikro MK2 Driver (x32)
Native Instruments Massive (Version: 1.4.0.292)
Native Instruments Massive (x32 Version: 1.4.0.292)
Native Instruments Service Center (Version: 2.3.2.926)
Native Instruments Service Center (x32)
Painter 13 - Contentx64 (Version: 13.1)
Painter 13 - Core (Version: 13.1)
Painter 13 - Corex64 (Version: 13.0)
Painter 13 - DE (Version: 13.1)
Painter 13 - EN (Version: 13.1)
Painter 13 - FR (Version: 13.1)
Painter 13 - Setup Files (Version: 13.1)
VirtualCloneDrive (x32 Version: 5.4.7.0)

==================== Restore Points  =========================

01-12-2013 08:33:34 Removed Adobe Acrobat X Pro - English, Français, Deutsch.

==================== Hosts content: ==========================

2012-07-26 06:26 - 2013-11-23 05:37 - 00001704 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 hl2rcv.adobe.com
127.0.0.1 209.34.83.73:443
127.0.0.1 209.34.83.73:43
127.0.0.1 209.34.83.73
127.0.0.1 209.34.83.67:443
127.0.0.1 209.34.83.67:43
127.0.0.1 209.34.83.67
127.0.0.1 ood.opsource.net
127.0.0.1 CRL.VERISIGN.NET
127.0.0.1 199.7.52.190:80
127.0.0.1 199.7.52.190
127.0.0.1 adobeereg.com
127.0.0.1 OCSP.SPO1.VERISIGN.COM
127.0.0.1 199.7.54.72:80
127.0.0.1 199.7.54.72


==================== Scheduled Tasks (whitelisted) =============

Task: {AB83AC58-C319-4BD6-A18F-A2E137E48033} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\System32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState

==================== Loaded Modules (whitelisted) =============

2013-11-22 21:34 - 2013-11-13 04:39 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\mad\Cookies:Dinw5xXHxa17EhktkfR
AlternateDataStreams: C:\Users\mad\Cookies:RrVbeQ4D4jU7AyOhqWUeF
AlternateDataStreams: C:\Users\mad\AppData\Local\Temp:BvN98gSPSVn21konmLIgD

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Marvell AVASTAR Bluetooth Radio Adapter
Description: Marvell AVASTAR Bluetooth Radio Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Marvell Semiconductor, Inc.
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 33%
Total physical RAM: 3979.75 MB
Available physical RAM: 2636.53 MB
Total Pagefile: 4683.75 MB
Available Pagefile: 3343.6 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:50.22 GB) (Free:19.82 GB) NTFS
Drive d: () (Removable) (Total:59.46 GB) (Free:38.86 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 60 GB) (Disk ID: 6E98846B)

Partition: GPT Partition Type
========================================================
Disk: 1 (Size: 59 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=59 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Die anderen Log Dateien hätte ich aber noch, ich suche sie und reiche sie gleich nach.

bis gleich

mbam.log

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-12-2013
Ran by mad at 2013-12-01 11:18:48
Running from C:\Users\mad\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Arduino (x32 Version: 1.0.5)
ArtRage Studio Pro (x32 Version: 3.5.11)
AutoHotkey 1.1.13.01 (Version: 1.1.13.01)
Canon Utilities EOS Utility (x32 Version: 2.13.25.1)
Corel Painter 13 - IPM (Version: 13.1)
Corel Painter 13 - IPM Content (Version: 13.1)
Corel Painter X3 (Version: 13.0.1.920)
IconHandler 64 bit (Version: 2.0)
Intel(R) Processor Graphics (x32 Version: 9.17.10.3062)
ISD Tablett (Version: 7.1.1-16)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 24.1.1)
Mozilla Thunderbird 24.1.1 (x86 de) (x32 Version: 24.1.1)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
Native Instruments Controller Editor (Version: 1.6.0.1528)
Native Instruments Controller Editor (x32 Version: 1.6.0.1528)
Native Instruments Maschine (Version: 1.8.2.247)
Native Instruments Maschine (x32)
Native Instruments Maschine Controller (x32)
Native Instruments Maschine Controller Driver (Version: 3.0.1.648)
Native Instruments Maschine Controller Driver (x32)
Native Instruments Maschine Controller MK2 Driver (Version: 3.0.4.719)
Native Instruments Maschine Controller MK2 Driver (x32)
Native Instruments Maschine Mikro (x32)
Native Instruments Maschine Mikro Driver (Version: 3.0.2.664)
Native Instruments Maschine Mikro Driver (x32)
Native Instruments Maschine Mikro MK2 Driver (Version: 3.0.4.719)
Native Instruments Maschine Mikro MK2 Driver (x32)
Native Instruments Massive (Version: 1.4.0.292)
Native Instruments Massive (x32 Version: 1.4.0.292)
Native Instruments Service Center (Version: 2.3.2.926)
Native Instruments Service Center (x32)
Painter 13 - Contentx64 (Version: 13.1)
Painter 13 - Core (Version: 13.1)
Painter 13 - Corex64 (Version: 13.0)
Painter 13 - DE (Version: 13.1)
Painter 13 - EN (Version: 13.1)
Painter 13 - FR (Version: 13.1)
Painter 13 - Setup Files (Version: 13.1)
VirtualCloneDrive (x32 Version: 5.4.7.0)

==================== Restore Points  =========================

01-12-2013 08:33:34 Removed Adobe Acrobat X Pro - English, Français, Deutsch.

==================== Hosts content: ==========================

2012-07-26 06:26 - 2013-11-23 05:37 - 00001704 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 hl2rcv.adobe.com
127.0.0.1 209.34.83.73:443
127.0.0.1 209.34.83.73:43
127.0.0.1 209.34.83.73
127.0.0.1 209.34.83.67:443
127.0.0.1 209.34.83.67:43
127.0.0.1 209.34.83.67
127.0.0.1 ood.opsource.net
127.0.0.1 CRL.VERISIGN.NET
127.0.0.1 199.7.52.190:80
127.0.0.1 199.7.52.190
127.0.0.1 adobeereg.com
127.0.0.1 OCSP.SPO1.VERISIGN.COM
127.0.0.1 199.7.54.72:80
127.0.0.1 199.7.54.72


==================== Scheduled Tasks (whitelisted) =============

Task: {AB83AC58-C319-4BD6-A18F-A2E137E48033} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\System32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState

==================== Loaded Modules (whitelisted) =============

2013-11-22 21:34 - 2013-11-13 04:39 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\mad\Cookies:Dinw5xXHxa17EhktkfR
AlternateDataStreams: C:\Users\mad\Cookies:RrVbeQ4D4jU7AyOhqWUeF
AlternateDataStreams: C:\Users\mad\AppData\Local\Temp:BvN98gSPSVn21konmLIgD

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Marvell AVASTAR Bluetooth Radio Adapter
Description: Marvell AVASTAR Bluetooth Radio Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Marvell Semiconductor, Inc.
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 33%
Total physical RAM: 3979.75 MB
Available physical RAM: 2636.53 MB
Total Pagefile: 4683.75 MB
Available Pagefile: 3343.6 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:50.22 GB) (Free:19.82 GB) NTFS
Drive d: () (Removable) (Total:59.46 GB) (Free:38.86 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 60 GB) (Disk ID: 6E98846B)

Partition: GPT Partition Type
========================================================
Disk: 1 (Size: 59 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=59 GB) - (Type=07 NTFS)

==================== End Of Log ============================

protection.log

Code:

ATTFilter

2013/12/01 10:34:38 +0100	TASCHENHÜPFER	mad	MESSAGE	Starting protection
2013/12/01 10:34:38 +0100	TASCHENHÜPFER	mad	MESSAGE	Protection started successfully
2013/12/01 10:34:38 +0100	TASCHENHÜPFER	mad	MESSAGE	Starting IP protection
2013/12/01 10:34:49 +0100	TASCHENHÜPFER	mad	MESSAGE	IP Protection started successfully
2013/12/01 10:35:01 +0100	TASCHENHÜPFER	mad	MESSAGE	Starting database refresh
2013/12/01 10:35:01 +0100	TASCHENHÜPFER	mad	MESSAGE	Stopping IP protection
2013/12/01 10:35:02 +0100	TASCHENHÜPFER	mad	MESSAGE	IP Protection stopped successfully
2013/12/01 10:35:04 +0100	TASCHENHÜPFER	mad	MESSAGE	Database refreshed successfully
2013/12/01 10:35:04 +0100	TASCHENHÜPFER	mad	MESSAGE	Starting IP protection
2013/12/01 10:35:06 +0100	TASCHENHÜPFER	mad	MESSAGE	IP Protection started successfully
2013/12/01 10:46:09 +0100	TASCHENHÜPFER	mad	MESSAGE	Starting protection
2013/12/01 10:46:09 +0100	TASCHENHÜPFER	mad	MESSAGE	Protection started successfully
2013/12/01 10:46:09 +0100	TASCHENHÜPFER	mad	MESSAGE	Starting IP protection
2013/12/01 10:46:12 +0100	TASCHENHÜPFER	mad	MESSAGE	IP Protection started successfully
2013/12/01 10:51:53 +0100	TASCHENHÜPFER	mad	MESSAGE	Starting protection
2013/12/01 10:51:53 +0100	TASCHENHÜPFER	mad	MESSAGE	Protection started successfully
2013/12/01 10:51:53 +0100	TASCHENHÜPFER	mad	MESSAGE	Starting IP protection
2013/12/01 10:51:55 +0100	TASCHENHÜPFER	mad	MESSAGE	IP Protection started successfully
2013/12/01 11:06:52 +0100	TASCHENHÜPFER	mad	MESSAGE	Starting protection
2013/12/01 11:06:52 +0100	TASCHENHÜPFER	mad	MESSAGE	Protection started successfully
2013/12/01 11:06:52 +0100	TASCHENHÜPFER	mad	MESSAGE	Starting IP protection
2013/12/01 11:06:54 +0100	TASCHENHÜPFER	mad	MESSAGE	IP Protection started successfully

die adw cleaner log

Code:

ATTFilter

# AdwCleaner v3.013 - Bericht erstellt am 01/12/2013 um 10:50:32
# Updated 24/11/2013 von Xplode
# Betriebssystem : Windows 8 Pro  (64 bits)
# Benutzername : mad - TASCHENHÜPFER
# Gestartet von : C:\Users\mad\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files (x86)\optimizer pro
Ordner Gelöscht : C:\Users\mad\AppData\Local\lollipop
Datei Gelöscht : C:\Users\mad\AppData\Roaming\Mozilla\Firefox\Profiles\7833v203.default\user.js

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKCU\Software\lollipop
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Mozilla Firefox v25.0.1 (de)

[ Datei : C:\Users\mad\AppData\Roaming\Mozilla\Firefox\Profiles\7833v203.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1436 octets] - [01/12/2013 10:48:48]
AdwCleaner[S0].txt - [1306 octets] - [01/12/2013 10:50:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1366 octets] ##########

und die jrt log

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 8 Pro x64
Ran by mad on 01.12.2013 at 10:57:02,61
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.12.2013 at 11:01:41,23
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

So mehr hab ich nun erstmal nicht im Angebot.

mad

schrauber · 01.12.2013, 12:34

hi,

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

und ein frisches FRST log bitte.

mad45 · 01.12.2013, 12:48

neues mbam log, keine funde

Code:

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.12.01.02

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16736
mad :: TASCHENHÜPFER [Administrator]

Schutz: Aktiviert

01.12.2013 12:38:07
mbam-log-2013-12-01 (12-38-07).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 202309
Laufzeit: 2 Minute(n), 

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

und das neue frst log

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-12-2013
Ran by mad (administrator) on TASCHENHÜPFER on 01-12-2013 12:47:27
Running from C:\Users\mad\Desktop
Windows 8 Pro (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\WTabletServiceISD.exe
(Marvell Semiconductors, Inc.) C:\Windows\System32\mvbtrcsvcx64.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\ISD_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\ISD\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\ISD_Tablet.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [21504 2012-07-26] (Microsoft Corporation)
HKCU\...\Run: [DIMDownloading your update...1371249125851] - C:\ProgramData\Corel\Downloads\540232071_007003\1371249125851\dim_params.xml [977 2013-11-26] ()
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
AppInit_DLLs:   [ ] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF0D257F3C1E7CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1385888892&from=tugs&uid=C400-MTFDDAT064MAM_000000001306093110D6&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1385888892&from=tugs&uid=C400-MTFDDAT064MAM_000000001306093110D6
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1385888892&from=tugs&uid=C400-MTFDDAT064MAM_000000001306093110D6
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1385888892&from=tugs&uid=C400-MTFDDAT064MAM_000000001306093110D6&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1385888892&from=tugs&uid=C400-MTFDDAT064MAM_000000001306093110D6&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\mad\AppData\Roaming\Mozilla\Firefox\Profiles\7833v203.default
FF NewTab: hxxp://www.nationzoom.com/newtab/?type=nt&ts=1385888892&from=tugs&uid=C400-MTFDDAT064MAM_000000001306093110D6
FF Homepage: hxxp://www.nationzoom.com/?type=hp&ts=1385888892&from=tugs&uid=C400-MTFDDAT064MAM_000000001306093110D6
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\mad\AppData\Roaming\Mozilla\Firefox\Profiles\7833v203.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

==================== Services (Whitelisted) =================

S3 Marvell AVASTAR Bluetooth Radio Adapter; C:\Windows\system32\mvbtrcsvcx64.exe [97792 2013-03-08] (Marvell Semiconductors, Inc.)
R2 Marvell Bluetooth Radio Control Service; C:\Windows\system32\mvbtrcsvcx64.exe [97792 2013-03-08] (Marvell Semiconductors, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
U3 mvbtradio; C:\windows\system32\mvbtrcsvcx64.exe [97792 2013-03-08] (Marvell Semiconductors, Inc.)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 WTabletServiceISD; C:\Program Files\Tablet\ISD\WTabletServiceISD.exe [559416 2013-06-07] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [104960 2012-07-07] (ASIX Electronics Corp.)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 kbfilter; C:\Windows\System32\drivers\SurfaceTouchCover.sys [23488 2013-10-10] (Microsoft Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 mmxavs; C:\Windows\System32\Drivers\mmxavs.sys [357968 2011-09-15] (Native Instruments GmbH)
S3 mmxusb_svc; C:\Windows\System32\Drivers\mmxusb.sys [45648 2011-09-15] (Native Instruments GmbH)
R3 mwlu97w8; C:\Windows\system32\DRIVERS\mwlu97w8x64.sys [1534464 2013-03-11] (Marvell Semiconductors, Inc.)
R3 NIWinCDEmu; C:\Windows\System32\drivers\NIWinCDEmu.sys [112408 2013-11-24] ()
R3 SensorsHIDClassDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
R3 SurfaceAccessoryDevice; C:\Windows\System32\drivers\SurfaceAccessoryDevice.sys [1613232 2013-09-13] (Microsoft Corporation)
R3 SurfaceTouchCover; C:\Windows\System32\drivers\SurfaceTouchCover.sys [23488 2013-10-10] (Microsoft Corporation)
R3 TrackpadSettingsDriver; C:\Windows\System32\drivers\TrackpadSettingsDriver.sys [46168 2013-03-25] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-01 11:19 - 2013-12-01 11:20 - 00000000 ____D C:\Users\mad\Desktop\viriusnixgut
2013-12-01 11:18 - 2013-12-01 12:47 - 00006960 _____ C:\Users\mad\Desktop\FRST.txt
2013-12-01 11:18 - 2013-12-01 11:19 - 00006882 _____ C:\Users\mad\Desktop\Addition.txt
2013-12-01 11:18 - 2013-12-01 11:18 - 00000000 ____D C:\FRST
2013-12-01 11:15 - 2013-12-01 11:15 - 01959184 _____ (Farbar) C:\Users\mad\Desktop\FRST64.exe
2013-12-01 11:01 - 2013-12-01 11:01 - 00000614 _____ C:\Users\mad\Desktop\JRT.txt
2013-12-01 10:57 - 2013-12-01 10:57 - 00000000 ____D C:\windows\ERUNT
2013-12-01 10:55 - 2013-12-01 10:55 - 01034531 _____ (Thisisu) C:\Users\mad\Desktop\JRT.exe
2013-12-01 10:48 - 2013-12-01 11:05 - 00000000 ____D C:\AdwCleaner
2013-12-01 10:47 - 2013-12-01 10:47 - 01091882 _____ C:\Users\mad\Desktop\adwcleaner.exe
2013-12-01 10:34 - 2013-12-01 10:34 - 00001120 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-01 10:34 - 2013-12-01 10:34 - 00000000 ____D C:\Users\mad\AppData\Roaming\Malwarebytes
2013-12-01 10:34 - 2013-12-01 10:34 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-01 10:34 - 2013-12-01 10:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-01 10:34 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2013-12-01 10:29 - 2013-12-01 10:29 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\mad\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-01 09:55 - 2013-12-01 09:53 - 06143206 _____ C:\Users\mad\Desktop\Adobe_Creative_Cloud_Cleaner_Tool.zip
2013-11-30 22:29 - 2013-11-30 22:29 - 00000000 ____D C:\Users\mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-11-30 07:26 - 2013-11-30 07:26 - 01179648 _____ C:\Users\mad\Documents\AutoHotkey.exe
2013-11-30 07:24 - 2013-11-30 07:24 - 00001351 _____ C:\Users\mad\Documents\AutoHotkey.ahk
2013-11-28 13:04 - 2013-11-28 13:04 - 00000000 ____D C:\Users\mad\AppData\Local\LooksBuilder
2013-11-28 13:02 - 2013-11-28 13:09 - 00000000 ____D C:\Users\mad\AppData\Roaming\Red Giant Link
2013-11-28 12:56 - 2013-11-28 12:56 - 00000000 ____D C:\ProgramData\RedGiant
2013-11-28 12:46 - 2013-11-28 12:46 - 00000000 ____D C:\Users\mad\AppData\Roaming\MAXON
2013-11-27 19:48 - 2013-11-27 19:48 - 00000000 ____D C:\Program Files\Common Files\Protexis
2013-11-27 19:46 - 2013-11-27 19:46 - 00000000 ____D C:\Program Files\Corel
2013-11-27 19:06 - 2013-11-27 19:06 - 00000000 ____D C:\artdock
2013-11-27 19:01 - 2013-11-27 19:01 - 02641401 _____ C:\Users\mad\Downloads\AutoHotkey_L_Install.exe
2013-11-27 19:01 - 2013-11-27 19:01 - 00000000 ____D C:\Program Files\AutoHotkey
2013-11-27 18:28 - 2013-11-27 18:28 - 00000000 ____D C:\Users\mad\AppData\Roaming\Thunderbird
2013-11-27 18:28 - 2013-11-27 18:28 - 00000000 ____D C:\Users\mad\AppData\Local\Thunderbird
2013-11-27 18:28 - 2013-11-27 18:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-11-27 18:26 - 2013-11-27 18:26 - 21978136 _____ (Mozilla) C:\Users\mad\Downloads\Thunderbird Setup 24.1.1.exe
2013-11-27 07:17 - 2013-11-27 07:18 - 00000000 ____D C:\Users\mad\Documents\Premiere_Hauptordner
2013-11-27 07:16 - 2013-11-27 07:16 - 00000000 ____D C:\Users\mad\Documents\Adobe
2013-11-27 07:16 - 2013-11-27 07:16 - 00000000 ____D C:\Users\mad\AppData\Roaming\PACE Anti-Piracy
2013-11-27 07:16 - 2013-11-27 07:16 - 00000000 ____D C:\Users\mad\AppData\Local\PACE Anti-Piracy
2013-11-27 07:16 - 2013-11-27 07:16 - 00000000 ____D C:\ProgramData\PACE Anti-Piracy
2013-11-26 17:10 - 2013-11-26 17:10 - 00058853 _____ C:\Users\mad\Desktop\hallo.wma
2013-11-26 16:56 - 2013-11-27 15:52 - 01381429 _____ C:\Users\mad\Desktop\test.mprj
2013-11-26 16:43 - 2013-11-26 16:44 - 00000000 ____D C:\Users\mad\Documents\Photoshop _Hauptordner
2013-11-26 14:00 - 2013-11-26 14:00 - 00000000 ____D C:\Users\mad\Documents\Arduino
2013-11-26 14:00 - 2013-11-26 14:00 - 00000000 ____D C:\Users\mad\AppData\Roaming\Arduino
2013-11-26 13:19 - 2013-11-26 13:20 - 55115064 _____ C:\Users\mad\Downloads\arduino-1.0.5-windows.exe
2013-11-26 11:22 - 2013-11-26 11:22 - 01190894 _____ C:\Users\mad\Desktop\Untitled.mprj
2013-11-26 10:42 - 2013-11-27 19:13 - 01240084 _____ C:\Users\mad\Desktop\flur.rif
2013-11-26 10:42 - 2013-11-27 19:11 - 01261636 _____ C:\Users\mad\Desktop\flur_bak.rif
2013-11-25 20:22 - 2013-12-01 09:45 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2013-11-25 20:03 - 2013-12-01 09:50 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-11-25 06:23 - 2013-11-25 06:23 - 00000000 __HDC C:\ProgramData\{C5A9D49F-FB00-46E2-BB29-AC4E9A6B75F6}
2013-11-25 06:22 - 2013-11-25 06:22 - 00000000 ____D C:\Program Files\Common Files\Avid
2013-11-25 06:06 - 2013-11-25 06:08 - 97365354 _____ C:\Users\mad\Downloads\arduino-1.0.5-windows.zip
2013-11-25 06:04 - 2013-11-25 06:08 - 244740096 _____ C:\Users\mad\Downloads\Massive.iso
2013-11-24 20:35 - 2013-11-24 20:35 - 00000000 __HDC C:\ProgramData\{56C5D4F0-9E6D-421F-AA70-A7EF727C1C69}
2013-11-24 20:32 - 2013-11-24 20:32 - 00000000 __HDC C:\ProgramData\{B49C92CB-1A73-4A41-A84C-5091582E7AA8}
2013-11-24 20:32 - 2013-11-24 20:32 - 00000000 __HDC C:\ProgramData\{9C588B44-42B6-434D-90BD-824BBB1F328A}
2013-11-24 20:28 - 2013-11-24 20:28 - 00000000 __HDC C:\ProgramData\{36D6E7A6-1DA8-4D35-A74B-0159C59D934D}
2013-11-24 19:29 - 2013-11-24 19:29 - 00000000 __HDC C:\ProgramData\{F57C376F-E7ED-4527-9EE2-4D50799418BC}
2013-11-24 19:29 - 2013-11-24 19:29 - 00000000 __HDC C:\ProgramData\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14}
2013-11-24 19:29 - 2013-11-24 19:29 - 00000000 __HDC C:\ProgramData\{6495CC1D-C10B-40C5-A92B-241A2B2C8D20}
2013-11-24 19:03 - 2013-11-25 06:35 - 00000000 ____D C:\Users\mad\Documents\Native Instruments
2013-11-24 19:03 - 2013-11-25 06:35 - 00000000 ____D C:\Users\mad\AppData\Local\Native Instruments
2013-11-24 19:03 - 2013-11-24 19:03 - 00000000 ____D C:\Users\Public\Documents\Maschine Library
2013-11-24 19:02 - 2013-11-24 20:32 - 00000000 ____D C:\Program Files\Native Instruments
2013-11-24 18:56 - 2013-07-19 23:13 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-11-24 18:56 - 2013-07-19 23:13 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-11-24 18:53 - 2013-11-24 18:53 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2013-11-24 18:52 - 2013-11-24 18:52 - 01640984 _____ C:\Users\mad\Downloads\SetupVirtualCloneDrive5470.exe
2013-11-24 17:04 - 2013-11-24 17:04 - 00112408 _____ C:\windows\system32\Drivers\NIWinCDEmu.sys
2013-11-24 17:04 - 2013-11-24 17:04 - 00000000 ____D C:\Program Files (x86)\Native Instruments
2013-11-24 15:57 - 2013-11-24 15:57 - 00000000 ____D C:\Users\mad\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2013-11-24 14:58 - 2013-11-24 14:58 - 00000000 ____D C:\Users\mad\.thumbnails
2013-11-24 14:57 - 2013-11-26 09:56 - 00000000 ____D C:\Program Files\Blender Foundation
2013-11-24 14:05 - 2013-11-26 08:23 - 00000000 ____D C:\Program Files (x86)\Duden
2013-11-24 14:05 - 2013-11-25 16:26 - 00000000 ____D C:\ProgramData\Duden
2013-11-24 14:05 - 2013-11-24 14:06 - 00000000 ____D C:\Users\mad\AppData\Roaming\Duden
2013-11-24 14:04 - 2013-11-24 14:04 - 00000000 ____D C:\windows\SysWOW64\XPSViewer
2013-11-24 14:04 - 2013-11-24 14:04 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-11-24 14:04 - 2013-11-24 14:04 - 00000000 ____D C:\Program Files\MSBuild
2013-11-24 14:04 - 2013-11-24 14:04 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-11-24 14:02 - 2012-07-06 03:02 - 01166440 _____ (Microsoft Corporation) C:\windows\system32\PresentationNative_v0300.dll
2013-11-24 14:02 - 2012-07-06 03:02 - 00778856 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationNative_v0300.dll
2013-11-24 14:02 - 2012-07-06 03:02 - 00035400 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2013-11-24 14:02 - 2012-07-06 03:02 - 00035400 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2013-11-24 13:20 - 2013-11-24 13:20 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2013-11-24 12:49 - 2013-11-24 12:49 - 00000000 ____D C:\windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-11-24 12:48 - 2013-11-25 16:23 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-11-24 12:47 - 2013-11-26 07:56 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-24 12:47 - 2013-11-26 07:55 - 00000000 ____D C:\Program Files\Microsoft Office
2013-11-24 12:47 - 2013-11-24 12:47 - 00000000 ____D C:\Users\mad\AppData\Local\Microsoft Help
2013-11-24 12:21 - 2013-11-24 12:21 - 00000000 ____D C:\Program Files (x86)\Pixologic
2013-11-24 12:20 - 2013-11-28 13:21 - 00000000 ____D C:\Users\mad\AppData\Local\Downloaded Installations
2013-11-24 11:35 - 2013-11-24 11:35 - 00000000 ____D C:\Users\mad\Documents\Mudbox
2013-11-24 11:25 - 2013-11-24 11:29 - 00000000 ____D C:\ProgramData\Autodesk
2013-11-24 11:25 - 2013-11-24 11:25 - 00000000 ____D C:\Users\mad\AppData\Roaming\Autodesk
2013-11-24 10:42 - 2013-11-19 11:21 - 00267936 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2013-11-24 09:11 - 2013-11-24 09:11 - 00000000 ____D C:\Users\mad\AppData\Local\CANON_INC
2013-11-24 09:10 - 2013-11-24 09:10 - 00000000 ____H C:\windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-11-24 09:09 - 2013-11-24 09:10 - 00000000 ____D C:\Program Files (x86)\Canon
2013-11-24 09:09 - 2013-11-24 09:09 - 00000000 ____D C:\Users\mad\AppData\Roaming\canon
2013-11-24 09:09 - 2013-11-24 09:09 - 00000000 ____D C:\ProgramData\Canon_Inc_IC
2013-11-24 09:02 - 2013-11-24 09:04 - 00000605 _____ C:\Users\mad\Desktop\CanonUpdate.reg.txt
2013-11-24 08:10 - 2013-12-01 09:33 - 00000000 ____D C:\windows\system32\appmgmt
2013-11-24 07:45 - 2013-11-24 07:45 - 00000000 ____H C:\windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2013-11-23 22:42 - 2013-11-23 22:42 - 00000000 ____D C:\Users\mad\Documents\Adobe Scripts
2013-11-23 21:45 - 2013-12-01 09:46 - 00000000 ____D C:\ProgramData\Adobe
2013-11-23 21:45 - 2013-11-25 20:22 - 00000000 ____D C:\Users\mad\AppData\Local\Adobe
2013-11-23 21:36 - 2013-11-23 21:36 - 00000000 ____D C:\sources
2013-11-23 20:49 - 2013-11-23 20:49 - 00000000 ___DC C:\ProgramData\{63587E26-1A2F-4FCB-84B3-485CF73F34AF}
2013-11-23 20:48 - 2013-11-26 13:59 - 00208946 _____ C:\windows\DPINST.LOG
2013-11-23 20:47 - 2013-11-24 20:28 - 00000000 ____D C:\Program Files\Common Files\Native Instruments
2013-11-23 20:47 - 2013-11-23 20:48 - 00000000 ____D C:\ProgramData\Native Instruments
2013-11-23 19:27 - 2013-11-23 19:27 - 00000000 ____D C:\Program Files\7-Zip
2013-11-23 19:26 - 2013-11-23 19:26 - 01376768 _____ C:\Users\mad\Downloads\7z920-x64.msi
2013-11-23 12:40 - 2013-12-01 10:04 - 05041816 _____ C:\windows\system32\FNTCACHE.DAT
2013-11-23 12:37 - 2013-11-23 12:40 - 00000000 ___RD C:\windows\BrowserChoice
2013-11-23 12:34 - 2013-11-23 12:34 - 00000000 ____D C:\Program Files (x86)\Intel
2013-11-23 12:17 - 2013-11-23 12:17 - 00000000 ____D C:\windows\system32\MRT
2013-11-23 12:17 - 2013-11-07 16:00 - 82896128 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-11-23 12:06 - 2013-10-09 02:33 - 00059416 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2013-11-23 12:06 - 2013-10-08 23:30 - 00628736 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2013-11-23 12:06 - 2013-10-08 23:30 - 00126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2013-11-23 12:06 - 2013-10-08 23:30 - 00084992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2013-11-23 12:06 - 2013-10-08 23:30 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2013-11-23 12:06 - 2013-10-08 23:28 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2013-11-23 12:06 - 2013-10-08 23:27 - 03279872 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2013-11-23 12:06 - 2013-10-08 23:27 - 01622016 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2013-11-23 12:06 - 2013-10-08 23:27 - 00773120 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2013-11-23 12:06 - 2013-10-08 23:27 - 00252928 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2013-11-23 12:06 - 2013-10-08 23:27 - 00175104 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2013-11-23 12:06 - 2013-10-08 23:27 - 00142848 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2013-11-23 12:06 - 2013-10-08 23:27 - 00099328 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2013-11-23 12:06 - 2013-10-05 07:10 - 00285016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\spaceport.sys
2013-11-23 12:06 - 2013-10-03 23:09 - 00385528 _____ C:\windows\system32\ApnDatabase.xml
2013-11-23 12:06 - 2013-10-02 03:50 - 00447320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBHUB3.SYS
2013-11-23 12:06 - 2013-10-02 00:37 - 02035712 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2013-11-23 12:06 - 2013-10-02 00:26 - 02304512 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2013-11-23 12:06 - 2013-09-28 06:48 - 00778752 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2013-11-23 12:06 - 2013-09-28 04:58 - 00551424 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2013-11-23 12:06 - 2013-09-24 23:18 - 00288768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys
2013-11-23 12:06 - 2013-09-19 08:32 - 01455448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2013-11-23 12:06 - 2013-08-30 06:19 - 00626688 _____ (Microsoft Corporation) C:\windows\system32\resutils.dll
2013-11-23 12:06 - 2013-08-30 06:18 - 00374784 _____ (Microsoft Corporation) C:\windows\system32\clusapi.dll
2013-11-23 12:06 - 2013-08-30 00:48 - 00488960 _____ (Microsoft Corporation) C:\windows\SysWOW64\resutils.dll
2013-11-23 12:06 - 2013-08-30 00:47 - 00302080 _____ (Microsoft Corporation) C:\windows\SysWOW64\clusapi.dll
2013-11-23 12:06 - 2013-08-23 08:22 - 02062848 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll
2013-11-23 12:06 - 2013-08-23 02:44 - 01711616 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll
2013-11-23 12:06 - 2013-08-02 07:28 - 10116608 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2013-11-23 12:06 - 2013-08-02 06:08 - 08858112 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2013-11-23 12:06 - 2013-04-03 00:37 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptdlg.dll
2013-11-23 12:06 - 2013-04-03 00:12 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\cryptdlg.dll
2013-11-23 12:06 - 2013-03-22 04:49 - 02382336 _____ (Microsoft Corporation) C:\windows\SysWOW64\esent.dll
2013-11-23 12:06 - 2013-03-21 23:47 - 02851840 _____ (Microsoft Corporation) C:\windows\system32\esent.dll
2013-11-23 12:06 - 2013-03-02 11:39 - 00069864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pdc.sys
2013-11-23 12:06 - 2013-03-02 09:23 - 00375808 _____ (Microsoft Corporation) C:\windows\SysWOW64\ReAgent.dll
2013-11-23 12:06 - 2013-03-02 03:44 - 01011200 _____ (Microsoft Corporation) C:\windows\system32\reseteng.dll
2013-11-23 12:06 - 2013-03-02 03:43 - 02146304 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2013-11-23 12:05 - 2013-07-02 01:44 - 00036288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdBoot.sys
2013-11-23 12:05 - 2013-07-01 23:08 - 00247216 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdFilter.sys
2013-11-23 12:05 - 2013-06-01 12:34 - 02391280 _____ (Microsoft Corporation) C:\windows\explorer.exe
2013-11-23 12:05 - 2013-06-01 12:26 - 06987008 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2013-11-23 12:05 - 2013-06-01 12:26 - 00327936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volsnap.sys
2013-11-23 12:05 - 2013-06-01 11:24 - 02106176 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2013-11-23 12:05 - 2013-06-01 10:25 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2013-11-23 12:05 - 2013-06-01 10:25 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\samlib.dll
2013-11-23 12:05 - 2013-06-01 10:24 - 01453568 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfcore.dll
2013-11-23 12:05 - 2013-06-01 10:24 - 00850944 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfasfsrcsnk.dll
2013-11-23 12:05 - 2013-06-01 10:24 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscms.dll
2013-11-23 12:05 - 2013-06-01 10:23 - 01842176 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2013-11-23 12:05 - 2013-06-01 10:23 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\vds.exe
2013-11-23 12:05 - 2013-06-01 10:22 - 00523264 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2013-11-23 12:05 - 2013-06-01 10:22 - 00190976 _____ (Microsoft Corporation) C:\windows\system32\vdsutil.dll
2013-11-23 12:05 - 2013-06-01 10:22 - 00080896 _____ (Microsoft Corporation) C:\windows\system32\MbaeParserTask.exe
2013-11-23 12:05 - 2013-06-01 10:21 - 00729600 _____ (Microsoft Corporation) C:\windows\system32\samsrv.dll
2013-11-23 12:05 - 2013-06-01 10:21 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\samlib.dll
2013-11-23 12:05 - 2013-06-01 10:20 - 02219520 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2013-11-23 12:05 - 2013-06-01 10:20 - 01527808 _____ (Microsoft Corporation) C:\windows\system32\mfcore.dll
2013-11-23 12:05 - 2013-06-01 10:20 - 01048576 _____ (Microsoft Corporation) C:\windows\system32\mfasfsrcsnk.dll
2013-11-23 12:05 - 2013-06-01 10:20 - 00583168 _____ (Microsoft Corporation) C:\windows\system32\mscms.dll
2013-11-23 12:05 - 2013-06-01 10:19 - 00785408 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2013-11-23 12:05 - 2013-06-01 10:19 - 00207872 _____ (Microsoft Corporation) C:\windows\system32\DeviceSetupManager.dll
2013-11-23 12:05 - 2013-06-01 04:08 - 00037632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\BthAvrcpTg.sys
2013-11-23 12:05 - 2013-05-24 23:09 - 01403296 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2013-11-23 12:05 - 2013-05-24 23:09 - 01271584 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2013-11-23 12:05 - 2013-05-24 23:09 - 01217352 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2013-11-23 12:05 - 2013-05-24 23:09 - 01093904 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2013-11-23 12:04 - 2013-06-16 23:41 - 00997632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2013-11-23 12:03 - 2013-10-10 12:53 - 00096600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wfplwfs.sys
2013-11-23 12:03 - 2013-10-10 10:21 - 01160192 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2013-11-23 12:03 - 2013-10-10 10:20 - 00723968 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
2013-11-23 12:03 - 2013-09-04 04:11 - 00576512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2013-11-23 12:03 - 2013-08-16 06:41 - 00058200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dam.sys
2013-11-23 12:03 - 2013-08-16 06:39 - 02371728 _____ (Microsoft Corporation) C:\windows\system32\WSService.dll
2013-11-23 12:03 - 2013-08-16 06:32 - 00209200 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2013-11-23 12:03 - 2013-08-16 06:22 - 04917760 _____ (Microsoft Corporation) C:\windows\system32\sppsvc.exe
2013-11-23 12:03 - 2013-08-16 06:21 - 01164288 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2013-11-23 12:03 - 2013-08-16 06:21 - 00688640 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2013-11-23 12:03 - 2013-08-16 06:21 - 00368640 _____ (Microsoft Corporation) C:\windows\system32\sppwinob.dll
2013-11-23 12:03 - 2013-08-16 06:21 - 00204800 _____ (Microsoft Corporation) C:\windows\system32\WSClient.dll
2013-11-23 12:03 - 2013-08-16 06:21 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.dll
2013-11-23 12:03 - 2013-08-16 06:21 - 00183808 _____ (Microsoft Corporation) C:\windows\system32\WSSync.dll
2013-11-23 12:03 - 2013-08-16 06:21 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-23 12:03 - 2013-08-16 06:21 - 00120320 _____ (Microsoft Corporation) C:\windows\system32\sppc.dll
2013-11-23 12:03 - 2013-08-16 06:21 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\setupcln.dll
2013-11-23 12:03 - 2013-08-16 06:20 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2013-11-23 12:03 - 2013-08-15 23:43 - 00562688 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2013-11-23 12:03 - 2013-08-15 23:43 - 00167424 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSClient.dll
2013-11-23 12:03 - 2013-08-15 23:43 - 00159232 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSSync.dll
2013-11-23 12:03 - 2013-08-15 23:43 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-11-23 12:03 - 2013-08-15 23:43 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-23 12:03 - 2013-08-15 23:43 - 00083968 _____ C:\windows\SysWOW64\OEMLicense.dll
2013-11-23 12:03 - 2013-08-15 23:42 - 00091648 _____ (Microsoft Corporation) C:\windows\SysWOW64\sppc.dll
2013-11-23 12:03 - 2013-08-15 23:42 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\setupcln.dll
2013-11-23 12:03 - 2013-07-06 01:15 - 00652288 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2013-11-23 12:03 - 2013-07-04 03:13 - 00541696 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2013-11-23 12:02 - 2013-10-03 00:25 - 01300992 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2013-11-23 12:02 - 2013-10-02 00:37 - 01569280 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2013-11-23 12:02 - 2013-10-02 00:26 - 01890816 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2013-11-23 12:02 - 2013-10-01 23:22 - 01022976 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2013-11-23 12:02 - 2013-09-13 23:36 - 00247296 _____ (Microsoft Corporation) C:\windows\SysWOW64\ubpm.dll
2013-11-23 12:02 - 2013-09-13 23:33 - 00328192 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2013-11-23 12:02 - 2013-08-30 06:43 - 00061784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\crashdmp.sys
2013-11-23 12:02 - 2013-08-30 06:20 - 01173504 _____ (Microsoft Corporation) C:\windows\system32\UIAutomationCore.dll
2013-11-23 12:02 - 2013-08-30 00:48 - 00914432 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIAutomationCore.dll
2013-11-23 12:02 - 2013-08-21 07:39 - 00465240 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fvevol.sys
2013-11-23 12:02 - 2013-08-16 06:21 - 00049664 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2013-11-23 12:02 - 2013-08-16 06:21 - 00049152 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2013-11-23 12:02 - 2013-08-15 23:43 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2013-11-23 12:02 - 2013-08-10 07:30 - 00151896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tpm.sys
2013-11-23 12:02 - 2013-08-10 06:21 - 00817152 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2013-11-23 12:02 - 2013-08-10 04:58 - 00656896 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2013-11-23 12:02 - 2013-07-25 00:10 - 10799104 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll
2013-11-23 12:02 - 2013-07-25 00:07 - 13661696 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll
2013-11-23 12:02 - 2013-07-12 02:38 - 00599040 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll
2013-11-23 12:02 - 2013-07-12 02:30 - 00485376 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll
2013-11-23 12:02 - 2013-03-02 11:57 - 00332520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2013-11-23 12:02 - 2013-03-02 11:57 - 00077544 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storahci.sys
2013-11-23 12:02 - 2013-03-02 11:39 - 00495336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vhdmp.sys
2013-11-23 12:02 - 2013-03-02 09:23 - 01338880 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2013-11-23 12:02 - 2013-03-02 09:23 - 00893952 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmde.dll
2013-11-23 12:02 - 2013-03-02 09:23 - 00601088 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Globalization.dll
2013-11-23 12:02 - 2013-03-02 09:23 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2013-11-23 12:02 - 2013-03-02 09:22 - 05091840 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2013-11-23 12:02 - 2013-03-02 09:22 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcfgx.dll
2013-11-23 12:02 - 2013-03-02 09:21 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\drvstore.dll
2013-11-23 12:02 - 2013-03-02 09:21 - 00145408 _____ (Microsoft Corporation) C:\windows\SysWOW64\powercfg.cpl
2013-11-23 12:02 - 2013-03-02 09:21 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\DevDispItemProvider.dll
2013-11-23 12:02 - 2013-03-02 03:45 - 01627648 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2013-11-23 12:02 - 2013-03-02 03:45 - 01149952 _____ (Microsoft Corporation) C:\windows\system32\winmde.dll
2013-11-23 12:02 - 2013-03-02 03:45 - 01101824 _____ (Microsoft Corporation) C:\windows\system32\wmpmde.dll
2013-11-23 12:02 - 2013-03-02 03:45 - 00951808 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2013-11-23 12:02 - 2013-03-02 03:45 - 00645120 _____ (Microsoft Corporation) C:\windows\system32\Windows.Security.Authentication.OnlineId.dll
2013-11-23 12:02 - 2013-03-02 03:45 - 00245248 _____ (Microsoft Corporation) C:\windows\system32\usbmon.dll
2013-11-23 12:02 - 2013-03-02 03:45 - 00240640 _____ (Microsoft Corporation) C:\windows\system32\fsquirt.exe
2013-11-23 12:02 - 2013-03-02 03:45 - 00180224 _____ (Microsoft Corporation) C:\windows\system32\SystemEventsBrokerServer.dll
2013-11-23 12:02 - 2013-03-02 03:45 - 00171008 _____ (Microsoft Corporation) C:\windows\system32\TimeBrokerServer.dll
2013-11-23 12:02 - 2013-03-02 03:45 - 00103936 _____ (Microsoft Corporation) C:\windows\system32\wpdbusenum.dll
2013-11-23 12:02 - 2013-03-02 03:45 - 00071168 _____ (Microsoft Corporation) C:\windows\system32\WSDPrintProxy.DLL
2013-11-23 12:02 - 2013-03-02 03:44 - 05978624 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2013-11-23 12:02 - 2013-03-02 03:44 - 00703488 _____ (Microsoft Corporation) C:\windows\system32\drvstore.dll
2013-11-23 12:02 - 2013-03-02 03:44 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\netcfgx.dll
2013-11-23 12:02 - 2013-03-02 03:44 - 00150016 _____ (Microsoft Corporation) C:\windows\system32\discan.dll
2013-11-23 12:02 - 2013-03-02 03:44 - 00117248 _____ (Microsoft Corporation) C:\windows\system32\NdisImPlatform.dll
2013-11-23 12:02 - 2013-03-02 03:44 - 00049152 _____ (Microsoft Corporation) C:\windows\system32\DevDispItemProvider.dll
2013-11-23 12:02 - 2013-03-02 03:43 - 00156160 _____ (Microsoft Corporation) C:\windows\system32\powercfg.cpl
2013-11-23 12:02 - 2013-03-02 03:15 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mouhid.sys
2013-11-23 12:02 - 2013-03-01 05:56 - 00156672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rfcomm.sys
2013-11-23 12:02 - 2013-03-01 05:56 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\monitor.sys
2013-11-23 12:02 - 2013-03-01 05:55 - 01175040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthport.sys
2013-11-23 12:01 - 2013-07-09 09:04 - 00120144 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msgpioclx.sys
2013-11-23 12:01 - 2013-07-09 07:18 - 00439488 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2013-11-23 12:01 - 2013-07-09 05:25 - 00385768 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2013-11-23 12:01 - 2013-07-09 04:57 - 00245760 _____ (Microsoft Corporation) C:\windows\SysWOW64\LocationApi.dll
2013-11-23 12:01 - 2013-07-08 23:46 - 00543744 _____ (Microsoft Corporation) C:\windows\system32\wwanmm.dll
2013-11-23 12:01 - 2013-07-08 23:46 - 00414208 _____ (Microsoft Corporation) C:\windows\system32\wwanconn.dll
2013-11-23 12:01 - 2013-07-08 23:46 - 00370688 _____ (Microsoft Corporation) C:\windows\system32\Wwanadvui.dll
2013-11-23 12:01 - 2013-07-08 23:45 - 00312832 _____ (Microsoft Corporation) C:\windows\system32\LocationApi.dll
2013-11-23 12:01 - 2013-07-06 01:16 - 01025024 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2013-11-23 12:01 - 2013-07-05 23:02 - 00121984 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBAUDIO.sys
2013-11-23 12:01 - 2013-07-05 23:02 - 00099328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbcir.sys
2013-11-23 12:01 - 2013-07-05 23:01 - 00210560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbvideo.sys
2013-11-23 12:01 - 2013-07-03 01:23 - 00391168 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-11-23 12:01 - 2013-07-03 01:22 - 02839552 _____ (Microsoft Corporation) C:\windows\system32\msftedit.dll
2013-11-23 12:01 - 2013-07-03 01:11 - 00268800 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-11-23 12:01 - 2013-07-03 01:10 - 02273792 _____ (Microsoft Corporation) C:\windows\SysWOW64\msftedit.dll
2013-11-23 12:01 - 2013-07-01 23:14 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbprint.sys
2013-11-23 12:01 - 2013-06-30 23:30 - 00067072 _____ (Microsoft Corporation) C:\windows\SysWOW64\openfiles.exe
2013-11-23 12:01 - 2013-06-30 23:29 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\openfiles.exe
2013-11-23 12:01 - 2013-06-29 07:15 - 00195416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys
2013-11-23 12:01 - 2013-06-29 07:15 - 00125784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dumpsd.sys
2013-11-23 12:01 - 2013-06-29 06:43 - 00327512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys
2013-11-23 12:01 - 2013-06-29 04:08 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2013-11-23 12:01 - 2013-06-29 04:07 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2013-11-23 12:01 - 2013-06-26 04:01 - 00321536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\udfs.sys
2013-11-23 12:01 - 2013-06-26 03:59 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\HdAudio.sys
2013-11-23 12:01 - 2013-06-24 23:54 - 00447488 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2013-11-23 12:01 - 2013-06-24 23:54 - 00263680 _____ (Microsoft Corporation) C:\windows\system32\wcmsvc.dll
2013-11-23 12:01 - 2013-06-24 23:54 - 00074240 _____ (Microsoft Corporation) C:\windows\system32\wcmcsp.dll
2013-11-23 12:01 - 2013-06-22 06:45 - 00785624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Wdf01000.sys
2013-11-23 12:01 - 2013-06-22 06:45 - 00054488 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdfLdr.sys
2013-11-23 12:01 - 2013-06-19 06:36 - 00183808 _____ (Microsoft Corporation) C:\windows\system32\winmmbase.dll
2013-11-23 12:01 - 2013-06-19 06:36 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\winmm.dll
2013-11-23 12:01 - 2013-06-18 23:38 - 00160256 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmmbase.dll
2013-11-23 12:01 - 2013-06-18 23:38 - 00125440 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmm.dll
2013-11-23 12:01 - 2013-06-12 00:43 - 00154112 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinSCard.dll
2013-11-23 12:01 - 2013-06-12 00:26 - 00230912 _____ (Microsoft Corporation) C:\windows\system32\WinSCard.dll
2013-11-23 12:01 - 2013-06-10 20:16 - 00888832 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2013-11-23 12:01 - 2013-06-10 20:15 - 00381952 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2013-11-23 12:01 - 2013-06-10 20:10 - 00702464 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2013-11-23 12:01 - 2013-06-10 20:10 - 00245248 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2013-11-23 12:01 - 2013-06-06 09:03 - 00119040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBSTOR.SYS
2013-11-23 12:01 - 2013-05-04 05:48 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidusb.sys
2013-11-23 12:00 - 2013-09-23 23:30 - 00419328 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2013-11-23 12:00 - 2013-09-23 23:30 - 00323072 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2013-11-23 12:00 - 2013-08-23 06:11 - 04040192 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-11-23 12:00 - 2013-07-01 02:42 - 00623448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2013-11-23 12:00 - 2013-07-01 02:42 - 00498008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2013-11-23 12:00 - 2013-07-01 02:42 - 00079192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2013-11-23 12:00 - 2013-07-01 02:42 - 00021848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2013-11-23 12:00 - 2013-06-29 04:07 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2013-11-23 12:00 - 2013-06-29 04:06 - 00120832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2013-11-23 12:00 - 2013-06-01 10:25 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2013-11-23 12:00 - 2013-06-01 10:21 - 00595968 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2013-11-23 12:00 - 2013-05-27 00:17 - 00035328 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2013-11-23 12:00 - 2013-05-26 23:59 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2013-11-23 12:00 - 2013-05-25 04:15 - 00362496 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2013-11-23 12:00 - 2013-05-25 03:32 - 00300032 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2013-11-23 12:00 - 2013-05-24 00:02 - 01314816 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2013-11-23 12:00 - 2013-05-23 23:25 - 00694272 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2013-11-23 12:00 - 2013-04-24 00:13 - 01013248 _____ (Microsoft Corporation) C:\windows\SysWOW64\certutil.exe
2013-11-23 12:00 - 2013-04-24 00:12 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2013-11-23 12:00 - 2013-04-23 23:56 - 01255936 _____ (Microsoft Corporation) C:\windows\system32\certutil.exe
2013-11-23 12:00 - 2013-04-23 23:55 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2013-11-23 12:00 - 2013-04-11 23:30 - 01421312 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2013-11-23 12:00 - 2013-04-11 23:22 - 01838080 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2013-11-23 11:59 - 2013-10-12 09:43 - 19269632 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-11-23 11:59 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-11-23 11:59 - 2013-07-13 07:18 - 00337408 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2013-11-23 11:59 - 2013-07-13 07:16 - 00068096 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2013-11-23 11:59 - 2013-07-13 07:15 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\apprepapi.dll
2013-11-23 11:59 - 2013-07-13 07:15 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\apprepsync.dll
2013-11-23 11:59 - 2013-07-13 05:24 - 00261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2013-11-23 11:59 - 2013-07-13 05:23 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\apprepapi.dll
2013-11-23 11:59 - 2013-07-13 05:23 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\apprepsync.dll
2013-11-23 11:59 - 2013-05-31 00:24 - 01257472 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2013-11-23 11:59 - 2013-05-31 00:08 - 00974848 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2013-11-23 11:59 - 2013-05-15 03:25 - 00888320 _____ (Microsoft Corporation) C:\windows\system32\autochk.exe
2013-11-23 11:59 - 2013-05-15 03:25 - 00542208 _____ (Microsoft Corporation) C:\windows\system32\untfs.dll
2013-11-23 11:59 - 2013-05-15 03:24 - 00793088 _____ (Microsoft Corporation) C:\windows\SysWOW64\autochk.exe
2013-11-23 11:59 - 2013-05-15 03:24 - 00482816 _____ (Microsoft Corporation) C:\windows\SysWOW64\untfs.dll
2013-11-23 11:59 - 2013-05-04 08:58 - 00120736 _____ (Microsoft Corporation) C:\windows\system32\AuthHost.exe
2013-11-23 11:59 - 2013-05-04 07:59 - 02842112 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2013-11-23 11:59 - 2013-05-04 07:59 - 01483776 _____ (Microsoft Corporation) C:\windows\system32\VSSVC.exe
2013-11-23 11:59 - 2013-05-04 07:59 - 00812544 _____ (Microsoft Corporation) C:\windows\system32\Magnify.exe
2013-11-23 11:59 - 2013-05-04 07:58 - 01332736 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2013-11-23 11:59 - 2013-05-04 07:58 - 00470528 _____ (Microsoft Corporation) C:\windows\system32\netprofmsvc.dll
2013-11-23 11:59 - 2013-05-04 07:58 - 00330240 _____ (Microsoft Corporation) C:\windows\system32\stobject.dll
2013-11-23 11:59 - 2013-05-04 07:58 - 00169984 _____ (Microsoft Corporation) C:\windows\system32\netplwiz.dll
2013-11-23 11:59 - 2013-05-04 07:58 - 00151552 _____ (Microsoft Corporation) C:\windows\system32\netprofm.dll
2013-11-23 11:59 - 2013-05-04 07:58 - 00093696 _____ (Microsoft Corporation) C:\windows\system32\psmsrv.dll
2013-11-23 11:59 - 2013-05-04 07:57 - 01131520 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentServer.dll
2013-11-23 11:59 - 2013-05-04 07:57 - 00820736 _____ (Microsoft Corporation) C:\windows\system32\gpprefcl.dll
2013-11-23 11:59 - 2013-05-04 07:57 - 00708096 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentExtensions.dll
2013-11-23 11:59 - 2013-05-04 07:57 - 00560640 _____ (Microsoft Corporation) C:\windows\system32\mfmp4srcsnk.dll
2013-11-23 11:59 - 2013-05-04 07:57 - 00501760 _____ (Microsoft Corporation) C:\windows\system32\DevicePairing.dll
2013-11-23 11:59 - 2013-05-04 07:57 - 00389120 _____ (Microsoft Corporation) C:\windows\system32\BCP47Langs.dll
2013-11-23 11:59 - 2013-05-04 07:57 - 00179712 _____ (Microsoft Corporation) C:\windows\system32\bisrv.dll
2013-11-23 11:59 - 2013-05-04 07:57 - 00122368 _____ (Microsoft Corporation) C:\windows\system32\biwinrt.dll
2013-11-23 11:59 - 2013-05-04 07:57 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\muifontsetup.dll
2013-11-23 11:59 - 2013-05-04 07:56 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\intl.cpl
2013-11-23 11:59 - 2013-05-04 05:58 - 00758784 _____ (Microsoft Corporation) C:\windows\SysWOW64\Magnify.exe
2013-11-23 11:59 - 2013-05-04 05:57 - 02620928 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2013-11-23 11:59 - 2013-05-04 05:57 - 00303616 _____ (Microsoft Corporation) C:\windows\SysWOW64\stobject.dll
2013-11-23 11:59 - 2013-05-04 05:57 - 00151040 _____ (Microsoft Corporation) C:\windows\SysWOW64\netplwiz.dll
2013-11-23 11:59 - 2013-05-04 05:57 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\netprofm.dll
2013-11-23 11:59 - 2013-05-04 05:57 - 00018432 _____ (Microsoft Corporation) C:\windows\SysWOW64\npmproxy.dll
2013-11-23 11:59 - 2013-05-04 05:57 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\muifontsetup.dll
2013-11-23 11:59 - 2013-05-04 05:56 - 00582144 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpprefcl.dll
2013-11-23 11:59 - 2013-05-04 05:56 - 00449536 _____ (Microsoft Corporation) C:\windows\SysWOW64\DevicePairing.dll
2013-11-23 11:59 - 2013-05-04 05:56 - 00411136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmp4srcsnk.dll
2013-11-23 11:59 - 2013-05-04 05:56 - 00309760 _____ (Microsoft Corporation) C:\windows\SysWOW64\BCP47Langs.dll
2013-11-23 11:59 - 2013-05-04 05:56 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\biwinrt.dll
2013-11-23 11:59 - 2013-05-04 05:55 - 00389632 _____ (Microsoft Corporation) C:\windows\SysWOW64\intl.cpl
2013-11-23 11:59 - 2013-05-04 05:51 - 00014848 _____ (Microsoft) C:\windows\system32\rars.rs
2013-11-23 11:59 - 2013-05-04 05:47 - 00427520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdbss.sys
2013-11-23 11:59 - 2013-05-04 05:10 - 00014848 _____ (Microsoft) C:\windows\SysWOW64\rars.rs
2013-11-23 11:59 - 2013-04-27 06:20 - 00733184 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2013-11-23 11:59 - 2013-03-06 08:10 - 00112872 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2013-11-23 11:59 - 2013-03-06 07:29 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2013-11-23 11:59 - 2013-03-02 03:45 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\taskhost.exe
2013-11-23 11:59 - 2013-03-02 03:45 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\taskhostex.exe
2013-11-23 11:58 - 2013-10-12 09:45 - 02241536 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-11-23 11:58 - 2013-10-12 09:45 - 01364992 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-11-23 11:58 - 2013-10-12 09:45 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-11-23 11:58 - 2013-10-12 09:43 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-11-23 11:58 - 2013-10-12 09:43 - 03959808 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-11-23 11:58 - 2013-10-12 09:43 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-11-23 11:58 - 2013-10-12 09:43 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-11-23 11:58 - 2013-10-12 09:43 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-11-23 11:58 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-11-23 11:58 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-11-23 11:58 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-11-23 11:58 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-11-23 11:58 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-11-23 11:58 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-11-23 11:58 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-11-23 11:58 - 2013-07-02 02:41 - 00337752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBXHCI.SYS
2013-11-23 11:58 - 2013-07-02 02:41 - 00213336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\UCX01000.SYS
2013-11-23 11:58 - 2013-05-15 23:37 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2013-11-23 11:58 - 2013-05-15 23:35 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2013-11-23 11:58 - 2013-05-14 14:14 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-11-23 11:58 - 2013-05-14 10:23 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-11-23 11:58 - 2013-04-28 23:28 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2013-11-23 11:58 - 2013-03-15 01:17 - 00861184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2013-11-23 11:58 - 2013-02-21 11:29 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-11-23 11:58 - 2013-02-21 11:29 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-11-23 11:58 - 2013-02-21 11:29 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-11-23 11:58 - 2013-02-21 11:29 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-11-23 11:58 - 2013-02-21 11:14 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-11-23 11:58 - 2013-02-21 11:14 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-11-23 11:58 - 2013-02-19 10:53 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2013-11-23 11:56 - 2013-11-23 11:56 - 00000295 _____ C:\Users\mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb.lnk
2013-11-23 11:56 - 2013-08-10 06:21 - 00448512 _____ (Microsoft Corporation) C:\windows\system32\SettingSync.dll
2013-11-23 11:56 - 2013-08-10 06:21 - 00128512 _____ (Microsoft Corporation) C:\windows\system32\SettingSyncInfo.dll
2013-11-23 11:56 - 2013-08-10 04:58 - 00356352 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSync.dll
2013-11-23 11:56 - 2013-08-02 07:28 - 19758080 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2013-11-23 11:56 - 2013-08-02 07:28 - 00222208 _____ (Microsoft Corporation) C:\windows\system32\shdocvw.dll
2013-11-23 11:56 - 2013-08-02 06:08 - 17561088 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2013-11-23 11:56 - 2013-08-02 06:08 - 00199168 _____ (Microsoft Corporation) C:\windows\SysWOW64\shdocvw.dll
2013-11-23 11:56 - 2013-08-01 11:41 - 02233688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2013-11-23 11:56 - 2013-07-25 00:10 - 00158208 _____ (Microsoft Corporation) C:\windows\SysWOW64\mbsmsapi.dll
2013-11-23 11:56 - 2013-07-25 00:06 - 00225280 _____ (Microsoft Corporation) C:\windows\system32\mbsmsapi.dll
2013-11-23 11:56 - 2013-07-13 07:15 - 00459776 _____ (Microsoft Corporation) C:\windows\system32\appmgr.dll
2013-11-23 11:56 - 2013-07-13 05:23 - 00366592 _____ (Microsoft Corporation) C:\windows\SysWOW64\appmgr.dll
2013-11-23 11:56 - 2013-04-10 00:17 - 01125888 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2013-11-23 11:56 - 2013-04-09 23:29 - 00893952 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2013-11-23 11:56 - 2013-04-09 06:33 - 00489576 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2013-11-23 11:56 - 2013-04-09 06:33 - 00446792 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2013-11-23 11:56 - 2013-04-09 06:33 - 00253544 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2013-11-23 11:56 - 2013-04-09 06:20 - 00306952 _____ (Microsoft Corporation) C:\windows\system32\kd_02_10ec.dll
2013-11-23 11:56 - 2013-04-09 06:20 - 00086280 _____ (Microsoft Corporation) C:\windows\system32\kdnet.dll
2013-11-23 11:56 - 2013-04-09 06:18 - 00077960 _____ (Microsoft Corporation) C:\windows\system32\kdvm.dll
2013-11-23 11:56 - 2013-04-09 06:17 - 01829408 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2013-11-23 11:56 - 2013-04-09 05:52 - 00816128 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe
2013-11-23 11:56 - 2013-04-09 05:52 - 00804352 _____ (Microsoft Corporation) C:\windows\system32\RecoveryDrive.exe
2013-11-23 11:56 - 2013-04-09 05:52 - 00373760 _____ (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe
2013-11-23 11:56 - 2013-04-09 05:52 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\SearchFilterHost.exe
2013-11-23 11:56 - 2013-04-09 05:52 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\Robocopy.exe
2013-11-23 11:56 - 2013-04-09 05:51 - 14267904 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2013-11-23 11:56 - 2013-04-09 05:51 - 03552768 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
2013-11-23 11:56 - 2013-04-09 05:51 - 00595456 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.dll
2013-11-23 11:56 - 2013-04-09 05:51 - 00456704 _____ (Microsoft Corporation) C:\windows\system32\wpncore.dll
2013-11-23 11:56 - 2013-04-09 05:51 - 00367616 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2013-11-23 11:56 - 2013-04-09 05:51 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\wscsvc.dll
2013-11-23 11:56 - 2013-04-09 05:50 - 02107904 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2013-11-23 11:56 - 2013-04-09 05:50 - 01285632 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2013-11-23 11:56 - 2013-04-09 05:50 - 00745984 _____ (Microsoft Corporation) C:\windows\system32\mssvp.dll
2013-11-23 11:56 - 2013-04-09 05:50 - 00435200 _____ (Microsoft Corporation) C:\windows\system32\mssph.dll
2013-11-23 11:56 - 2013-04-09 05:50 - 00414720 _____ (Microsoft Corporation) C:\windows\system32\GenuineCenter.dll
2013-11-23 11:56 - 2013-04-09 05:50 - 00096256 _____ (Microsoft Corporation) C:\windows\system32\mssprxy.dll
2013-11-23 11:56 - 2013-04-09 05:50 - 00065024 _____ (Microsoft Corporation) C:\windows\system32\msscntrs.dll
2013-11-23 11:56 - 2013-04-09 05:50 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\msshooks.dll
2013-11-23 11:56 - 2013-04-09 05:49 - 01444864 _____ (Microsoft Corporation) C:\windows\system32\MSAudDecMFT.dll
2013-11-23 11:56 - 2013-04-09 05:49 - 00468992 _____ (Microsoft Corporation) C:\windows\system32\MFMediaEngine.dll
2013-11-23 11:56 - 2013-04-09 05:49 - 00281088 _____ (Microsoft Corporation) C:\windows\system32\mfreadwrite.dll
2013-11-23 11:56 - 2013-04-09 05:49 - 00231936 _____ (Microsoft Corporation) C:\windows\system32\fhengine.dll
2013-11-23 11:56 - 2013-04-09 05:49 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\iuilp.dll
2013-11-23 11:56 - 2013-04-09 05:49 - 00196096 _____ (Microsoft Corporation) C:\windows\system32\dmvdsitf.dll
2013-11-23 11:56 - 2013-04-09 05:49 - 00172544 _____ (Microsoft Corporation) C:\windows\system32\dwmredir.dll
2013-11-23 11:56 - 2013-04-09 05:49 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\fmifs.dll
2013-11-23 11:56 - 2013-04-09 05:48 - 00169472 _____ (Microsoft Corporation) C:\windows\system32\AudioEndpointBuilder.dll
2013-11-23 11:56 - 2013-04-09 03:34 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidbth.sys
2013-11-23 11:56 - 2013-04-09 03:33 - 00623104 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2013-11-23 11:56 - 2013-04-09 03:33 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndproxy.sys
2013-11-23 11:56 - 2013-04-09 03:32 - 00805376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2013-11-23 11:56 - 2013-04-09 03:31 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2013-11-23 11:56 - 2013-04-09 03:31 - 00083456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wanarp.sys
2013-11-23 11:56 - 2013-04-09 00:44 - 00123880 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscapi.dll
2013-11-23 11:56 - 2013-04-09 00:39 - 01408896 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2013-11-23 11:56 - 2013-04-09 00:37 - 00426024 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2013-11-23 11:56 - 2013-04-09 00:37 - 00324368 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2013-11-23 11:56 - 2013-04-08 22:52 - 11878912 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2013-11-23 11:56 - 2013-04-08 22:52 - 00670208 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe
2013-11-23 11:56 - 2013-04-08 22:52 - 00302592 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe
2013-11-23 11:56 - 2013-04-08 22:52 - 00171008 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchFilterHost.exe
2013-11-23 11:56 - 2013-04-08 22:52 - 00106496 _____ (Microsoft Corporation) C:\windows\SysWOW64\Robocopy.exe
2013-11-23 11:56 - 2013-04-08 22:51 - 02767360 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll
2013-11-23 11:56 - 2013-04-08 22:51 - 01593344 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2013-11-23 11:56 - 2013-04-08 22:51 - 01113600 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSAudDecMFT.dll
2013-11-23 11:56 - 2013-04-08 22:51 - 00659456 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssvp.dll
2013-11-23 11:56 - 2013-04-08 22:51 - 00411136 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.dll
2013-11-23 11:56 - 2013-04-08 22:51 - 00403968 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssph.dll
2013-11-23 11:56 - 2013-04-08 22:51 - 00361984 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFMediaEngine.dll
2013-11-23 11:56 - 2013-04-08 22:51 - 00214528 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfreadwrite.dll
2013-11-23 11:56 - 2013-04-08 22:51 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssphtb.dll
2013-11-23 11:56 - 2013-04-08 22:51 - 00155648 _____ (Microsoft Corporation) C:\windows\SysWOW64\dmvdsitf.dll
2013-11-23 11:56 - 2013-04-08 22:51 - 00041984 _____ (Microsoft Corporation) C:\windows\SysWOW64\fmifs.dll
2013-11-23 11:56 - 2013-04-08 22:51 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssprxy.dll
2013-11-23 11:56 - 2013-04-08 22:51 - 00010752 _____ (Microsoft Corporation) C:\windows\SysWOW64\msshooks.dll
2013-11-23 11:56 - 2013-04-05 00:30 - 00503080 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2013-11-23 11:56 - 2013-03-15 23:05 - 00298456 _____ (Microsoft Corporation) C:\windows\system32\rsaenh.dll
2013-11-23 11:56 - 2013-03-15 23:05 - 00252928 _____ (Microsoft Corporation) C:\windows\SysWOW64\rsaenh.dll
2013-11-23 11:56 - 2013-03-02 10:59 - 00411880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2013-11-23 11:56 - 2013-03-02 09:23 - 00100864 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSyncInfo.dll
2013-11-23 11:55 - 2013-08-07 06:15 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\tssdisai.dll
2013-11-23 11:55 - 2013-08-03 07:40 - 01374208 _____ (Microsoft Corporation) C:\windows\system32\wdc.dll
2013-11-23 11:55 - 2013-08-03 07:40 - 00566784 _____ (Microsoft Corporation) C:\windows\system32\wvc.dll
2013-11-23 11:55 - 2013-08-03 07:40 - 00462336 _____ (Microsoft Corporation) C:\windows\system32\sysmon.ocx
2013-11-23 11:55 - 2013-08-03 06:14 - 00399360 _____ (Microsoft Corporation) C:\windows\SysWOW64\sysmon.ocx
2013-11-23 11:55 - 2013-08-03 06:13 - 01245696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdc.dll
2013-11-23 11:55 - 2013-08-03 06:13 - 00437248 _____ (Microsoft Corporation) C:\windows\SysWOW64\wvc.dll
2013-11-23 10:03 - 2013-11-23 10:03 - 00000000 ____D C:\Users\mad\Documents\ArtRage Paintings
2013-11-23 07:22 - 2013-11-23 07:22 - 00000000 ____D C:\Users\mad\AppData\Roaming\WTablet
2013-11-23 07:22 - 2013-06-07 19:15 - 01957688 _____ (Wacom Technology, Corp.) C:\windows\system32\ISD_Tablet.dll
2013-11-23 07:22 - 2013-06-07 19:15 - 01950520 _____ (Wacom Technology, Corp.) C:\windows\system32\ISD_Touch_Tablet.dll
2013-11-23 07:22 - 2013-06-07 19:15 - 01819448 _____ (Wacom Technology, Corp.) C:\windows\system32\Wintab32.dll
2013-11-23 07:22 - 2013-06-07 19:15 - 01607992 _____ (Wacom Technology, Corp.) C:\windows\SysWOW64\ISD_Tablet.dll
2013-11-23 07:22 - 2013-06-07 19:15 - 01601336 _____ (Wacom Technology, Corp.) C:\windows\SysWOW64\ISD_Touch_Tablet.dll
2013-11-23 07:22 - 2013-06-07 19:15 - 01488184 _____ (Wacom Technology, Corp.) C:\windows\SysWOW64\Wintab32.dll
2013-11-23 07:22 - 2013-06-06 00:35 - 00089400 _____ (Wacom Technology) C:\windows\system32\Drivers\wachidrouter.sys
2013-11-23 07:22 - 2012-12-20 23:20 - 00015344 _____ (Wacom Technology) C:\windows\system32\Drivers\wacomrouterfilter.sys
2013-11-23 07:21 - 2013-11-23 07:22 - 00000000 ____D C:\Program Files\Tablet
2013-11-23 07:20 - 2013-11-23 07:21 - 23724480 _____ C:\Users\mad\Downloads\ISD_DualTouch_711-16.exe
2013-11-23 00:07 - 2013-11-23 00:07 - 00000017 _____ C:\Users\mad\AppData\Local\resmon.resmoncfg
2013-11-23 00:00 - 2012-04-11 23:34 - 01721576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wdfcoinstaller01009.dll
2013-11-22 22:55 - 2013-11-22 22:56 - 00000000 ____D C:\Users\mad\AppData\Roaming\Ambient Design
2013-11-22 22:55 - 2013-11-22 22:55 - 00000000 ____D C:\Program Files (x86)\Ambient Design
2013-11-22 22:22 - 2013-11-22 22:27 - 00000000 ____D C:\ProgramData\Protexis64
2013-11-22 22:22 - 2013-11-22 22:22 - 00000000 ____D C:\Users\mad\AppData\Roaming\Corel
2013-11-22 22:20 - 2013-11-27 19:48 - 00000000 ____D C:\ProgramData\Corel
2013-11-22 22:16 - 2013-11-27 19:48 - 00000000 ____D C:\ProgramData\Corel Painter X3
2013-11-22 21:44 - 2013-11-22 21:44 - 00000000 ____D C:\Users\mad\AppData\Local\Macromedia
2013-11-22 21:34 - 2013-11-28 13:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-22 21:34 - 2013-11-22 21:34 - 00000000 ____D C:\Users\mad\AppData\Roaming\Mozilla
2013-11-22 21:34 - 2013-11-22 21:34 - 00000000 ____D C:\Users\mad\AppData\Local\Mozilla
2013-11-22 21:34 - 2013-11-22 21:34 - 00000000 ____D C:\ProgramData\Mozilla
2013-11-22 21:34 - 2013-11-22 21:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-22 21:32 - 2013-11-22 21:32 - 00000000 ____D C:\Users\mad\AppData\Roaming\Macromedia
2013-11-22 21:05 - 2013-12-01 12:21 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3239287756-2313639032-4105574938-1001
2013-11-22 20:33 - 2013-12-01 10:08 - 00001667 _____ C:\Users\mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-22 20:33 - 2013-12-01 09:46 - 00000000 ____D C:\Users\mad\AppData\Roaming\Adobe
2013-11-22 20:33 - 2013-11-23 12:41 - 00000438 _____ C:\Users\mad\Downloads\Desktop.lnk
2013-11-22 20:33 - 2013-11-23 12:41 - 00000000 ___RD C:\Users\mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-22 20:33 - 2013-11-23 12:41 - 00000000 ___RD C:\Users\mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-22 20:32 - 2013-12-01 11:17 - 01179851 _____ C:\windows\WindowsUpdate.log
2013-11-22 20:32 - 2013-11-30 22:29 - 00000000 ____D C:\Users\mad\AppData\Local\Packages
2013-11-22 20:32 - 2013-11-24 14:58 - 00000000 ____D C:\Users\mad
2013-11-22 20:32 - 2013-11-22 20:32 - 00000020 ___SH C:\Users\mad\ntuser.ini
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Vorlagen
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Startmenü
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Netzwerkumgebung
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Lokale Einstellungen
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Eigene Dateien
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Druckumgebung
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Documents\Eigene Musik
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Documents\Eigene Bilder
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\AppData\Local\Verlauf
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\AppData\Local\Anwendungsdaten
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Anwendungsdaten
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 ____D C:\Users\mad\AppData\Local\VirtualStore
2013-11-22 20:32 - 2013-03-28 13:56 - 00000000 ___RD C:\Users\mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-11-22 20:32 - 2012-07-26 09:13 - 00000000 ___RD C:\Users\mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-11-22 20:32 - 2012-07-26 09:13 - 00000000 ___RD C:\Users\mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-11-22 20:32 - 2012-07-26 09:13 - 00000000 ____D C:\Users\mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-11-22 20:26 - 2013-11-22 20:26 - 00000000 ____D C:\windows\CSC

==================== One Month Modified Files and Folders =======

2013-12-01 12:47 - 2013-12-01 11:18 - 00006960 _____ C:\Users\mad\Desktop\FRST.txt
2013-12-01 12:21 - 2013-11-22 21:05 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3239287756-2313639032-4105574938-1001
2013-12-01 12:02 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\sru
2013-12-01 11:20 - 2013-12-01 11:19 - 00000000 ____D C:\Users\mad\Desktop\viriusnixgut
2013-12-01 11:19 - 2013-12-01 11:18 - 00006882 _____ C:\Users\mad\Desktop\Addition.txt
2013-12-01 11:18 - 2013-12-01 11:18 - 00000000 ____D C:\FRST
2013-12-01 11:17 - 2013-11-22 20:32 - 01179851 _____ C:\windows\WindowsUpdate.log
2013-12-01 11:15 - 2013-12-01 11:15 - 01959184 _____ (Farbar) C:\Users\mad\Desktop\FRST64.exe
2013-12-01 11:11 - 2013-03-28 13:02 - 00753134 _____ C:\windows\system32\perfh007.dat
2013-12-01 11:11 - 2013-03-28 13:02 - 00155826 _____ C:\windows\system32\perfc007.dat
2013-12-01 11:11 - 2012-07-26 08:28 - 01745416 _____ C:\windows\system32\PerfStringBackup.INI
2013-12-01 11:06 - 2012-07-26 08:22 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-12-01 11:05 - 2013-12-01 10:48 - 00000000 ____D C:\AdwCleaner
2013-12-01 11:01 - 2013-12-01 11:01 - 00000614 _____ C:\Users\mad\Desktop\JRT.txt
2013-12-01 10:57 - 2013-12-01 10:57 - 00000000 ____D C:\windows\ERUNT
2013-12-01 10:55 - 2013-12-01 10:55 - 01034531 _____ (Thisisu) C:\Users\mad\Desktop\JRT.exe
2013-12-01 10:47 - 2013-12-01 10:47 - 01091882 _____ C:\Users\mad\Desktop\adwcleaner.exe
2013-12-01 10:45 - 2013-03-28 06:26 - 00011438 _____ C:\windows\PFRO.log
2013-12-01 10:34 - 2013-12-01 10:34 - 00001120 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-01 10:34 - 2013-12-01 10:34 - 00000000 ____D C:\Users\mad\AppData\Roaming\Malwarebytes
2013-12-01 10:34 - 2013-12-01 10:34 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-01 10:34 - 2013-12-01 10:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-01 10:29 - 2013-12-01 10:29 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\mad\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-01 10:08 - 2013-11-22 20:33 - 00001667 _____ C:\Users\mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-01 10:04 - 2013-11-23 12:40 - 05041816 _____ C:\windows\system32\FNTCACHE.DAT
2013-12-01 10:04 - 2012-07-26 06:26 - 00262144 ___SH C:\windows\system32\config\BBI
2013-12-01 09:53 - 2013-12-01 09:55 - 06143206 _____ C:\Users\mad\Desktop\Adobe_Creative_Cloud_Cleaner_Tool.zip
2013-12-01 09:50 - 2013-11-25 20:03 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-12-01 09:46 - 2013-11-23 21:45 - 00000000 ____D C:\ProgramData\Adobe
2013-12-01 09:46 - 2013-11-22 20:33 - 00000000 ____D C:\Users\mad\AppData\Roaming\Adobe
2013-12-01 09:45 - 2013-11-25 20:22 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2013-12-01 09:33 - 2013-11-24 08:10 - 00000000 ____D C:\windows\system32\appmgmt
2013-11-30 22:29 - 2013-11-30 22:29 - 00000000 ____D C:\Users\mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-11-30 22:29 - 2013-11-22 20:32 - 00000000 ____D C:\Users\mad\AppData\Local\Packages
2013-11-30 22:29 - 2012-07-26 09:12 - 00000000 ____D C:\windows\AUInstallAgent
2013-11-30 07:26 - 2013-11-30 07:26 - 01179648 _____ C:\Users\mad\Documents\AutoHotkey.exe
2013-11-30 07:24 - 2013-11-30 07:24 - 00001351 _____ C:\Users\mad\Documents\AutoHotkey.ahk
2013-11-28 13:21 - 2013-11-24 12:20 - 00000000 ____D C:\Users\mad\AppData\Local\Downloaded Installations
2013-11-28 13:16 - 2013-11-22 21:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-28 13:09 - 2013-11-28 13:02 - 00000000 ____D C:\Users\mad\AppData\Roaming\Red Giant Link
2013-11-28 13:04 - 2013-11-28 13:04 - 00000000 ____D C:\Users\mad\AppData\Local\LooksBuilder
2013-11-28 12:56 - 2013-11-28 12:56 - 00000000 ____D C:\ProgramData\RedGiant
2013-11-28 12:46 - 2013-11-28 12:46 - 00000000 ____D C:\Users\mad\AppData\Roaming\MAXON
2013-11-27 19:48 - 2013-11-27 19:48 - 00000000 ____D C:\Program Files\Common Files\Protexis
2013-11-27 19:48 - 2013-11-22 22:20 - 00000000 ____D C:\ProgramData\Corel
2013-11-27 19:48 - 2013-11-22 22:16 - 00000000 ____D C:\ProgramData\Corel Painter X3
2013-11-27 19:46 - 2013-11-27 19:46 - 00000000 ____D C:\Program Files\Corel
2013-11-27 19:13 - 2013-11-26 10:42 - 01240084 _____ C:\Users\mad\Desktop\flur.rif
2013-11-27 19:11 - 2013-11-26 10:42 - 01261636 _____ C:\Users\mad\Desktop\flur_bak.rif
2013-11-27 19:06 - 2013-11-27 19:06 - 00000000 ____D C:\artdock
2013-11-27 19:01 - 2013-11-27 19:01 - 02641401 _____ C:\Users\mad\Downloads\AutoHotkey_L_Install.exe
2013-11-27 19:01 - 2013-11-27 19:01 - 00000000 ____D C:\Program Files\AutoHotkey
2013-11-27 19:01 - 2012-07-26 10:45 - 00000000 ____D C:\windows\ShellNew
2013-11-27 18:28 - 2013-11-27 18:28 - 00000000 ____D C:\Users\mad\AppData\Roaming\Thunderbird
2013-11-27 18:28 - 2013-11-27 18:28 - 00000000 ____D C:\Users\mad\AppData\Local\Thunderbird
2013-11-27 18:28 - 2013-11-27 18:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-11-27 18:26 - 2013-11-27 18:26 - 21978136 _____ (Mozilla) C:\Users\mad\Downloads\Thunderbird Setup 24.1.1.exe
2013-11-27 15:52 - 2013-11-26 16:56 - 01381429 _____ C:\Users\mad\Desktop\test.mprj
2013-11-27 09:09 - 2012-07-26 08:21 - 00032995 _____ C:\windows\setupact.log
2013-11-27 07:18 - 2013-11-27 07:17 - 00000000 ____D C:\Users\mad\Documents\Premiere_Hauptordner
2013-11-27 07:16 - 2013-11-27 07:16 - 00000000 ____D C:\Users\mad\Documents\Adobe
2013-11-27 07:16 - 2013-11-27 07:16 - 00000000 ____D C:\Users\mad\AppData\Roaming\PACE Anti-Piracy
2013-11-27 07:16 - 2013-11-27 07:16 - 00000000 ____D C:\Users\mad\AppData\Local\PACE Anti-Piracy
2013-11-27 07:16 - 2013-11-27 07:16 - 00000000 ____D C:\ProgramData\PACE Anti-Piracy
2013-11-27 07:16 - 2013-09-28 16:31 - 00000000 ___HD C:\Users\mad\AppData\Local\nrA5EZEHCA1AA
2013-11-27 07:16 - 2012-05-27 19:34 - 00000000 ___HD C:\Users\mad\AppData\Local\h9Jw3zWtahi
2013-11-26 17:10 - 2013-11-26 17:10 - 00058853 _____ C:\Users\mad\Desktop\hallo.wma
2013-11-26 16:44 - 2013-11-26 16:43 - 00000000 ____D C:\Users\mad\Documents\Photoshop _Hauptordner
2013-11-26 14:00 - 2013-11-26 14:00 - 00000000 ____D C:\Users\mad\Documents\Arduino
2013-11-26 14:00 - 2013-11-26 14:00 - 00000000 ____D C:\Users\mad\AppData\Roaming\Arduino
2013-11-26 13:59 - 2013-11-23 20:48 - 00208946 _____ C:\windows\DPINST.LOG
2013-11-26 13:20 - 2013-11-26 13:19 - 55115064 _____ C:\Users\mad\Downloads\arduino-1.0.5-windows.exe
2013-11-26 11:22 - 2013-11-26 11:22 - 01190894 _____ C:\Users\mad\Desktop\Untitled.mprj
2013-11-26 09:56 - 2013-11-24 14:57 - 00000000 ____D C:\Program Files\Blender Foundation
2013-11-26 09:36 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\NDF
2013-11-26 08:23 - 2013-11-24 14:05 - 00000000 ____D C:\Program Files (x86)\Duden
2013-11-26 08:14 - 2012-07-26 09:12 - 00000000 ____D C:\windows\rescache
2013-11-26 07:56 - 2013-11-24 12:47 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-26 07:56 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-11-26 07:55 - 2013-11-24 12:47 - 00000000 ____D C:\Program Files\Microsoft Office
2013-11-25 20:22 - 2013-11-23 21:45 - 00000000 ____D C:\Users\mad\AppData\Local\Adobe
2013-11-25 16:26 - 2013-11-24 14:05 - 00000000 ____D C:\ProgramData\Duden
2013-11-25 16:23 - 2013-11-24 12:48 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-11-25 16:23 - 2012-07-26 06:26 - 00000076 _____ C:\windows\win.ini
2013-11-25 06:35 - 2013-11-24 19:03 - 00000000 ____D C:\Users\mad\Documents\Native Instruments
2013-11-25 06:35 - 2013-11-24 19:03 - 00000000 ____D C:\Users\mad\AppData\Local\Native Instruments
2013-11-25 06:23 - 2013-11-25 06:23 - 00000000 __HDC C:\ProgramData\{C5A9D49F-FB00-46E2-BB29-AC4E9A6B75F6}
2013-11-25 06:22 - 2013-11-25 06:22 - 00000000 ____D C:\Program Files\Common Files\Avid
2013-11-25 06:08 - 2013-11-25 06:06 - 97365354 _____ C:\Users\mad\Downloads\arduino-1.0.5-windows.zip
2013-11-25 06:08 - 2013-11-25 06:04 - 244740096 _____ C:\Users\mad\Downloads\Massive.iso
2013-11-24 20:35 - 2013-11-24 20:35 - 00000000 __HDC C:\ProgramData\{56C5D4F0-9E6D-421F-AA70-A7EF727C1C69}
2013-11-24 20:32 - 2013-11-24 20:32 - 00000000 __HDC C:\ProgramData\{B49C92CB-1A73-4A41-A84C-5091582E7AA8}
2013-11-24 20:32 - 2013-11-24 20:32 - 00000000 __HDC C:\ProgramData\{9C588B44-42B6-434D-90BD-824BBB1F328A}
2013-11-24 20:32 - 2013-11-24 19:02 - 00000000 ____D C:\Program Files\Native Instruments
2013-11-24 20:28 - 2013-11-24 20:28 - 00000000 __HDC C:\ProgramData\{36D6E7A6-1DA8-4D35-A74B-0159C59D934D}
2013-11-24 20:28 - 2013-11-23 20:47 - 00000000 ____D C:\Program Files\Common Files\Native Instruments
2013-11-24 19:29 - 2013-11-24 19:29 - 00000000 __HDC C:\ProgramData\{F57C376F-E7ED-4527-9EE2-4D50799418BC}
2013-11-24 19:29 - 2013-11-24 19:29 - 00000000 __HDC C:\ProgramData\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14}
2013-11-24 19:29 - 2013-11-24 19:29 - 00000000 __HDC C:\ProgramData\{6495CC1D-C10B-40C5-A92B-241A2B2C8D20}
2013-11-24 19:03 - 2013-11-24 19:03 - 00000000 ____D C:\Users\Public\Documents\Maschine Library
2013-11-24 18:53 - 2013-11-24 18:53 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2013-11-24 18:52 - 2013-11-24 18:52 - 01640984 _____ C:\Users\mad\Downloads\SetupVirtualCloneDrive5470.exe
2013-11-24 17:04 - 2013-11-24 17:04 - 00112408 _____ C:\windows\system32\Drivers\NIWinCDEmu.sys
2013-11-24 17:04 - 2013-11-24 17:04 - 00000000 ____D C:\Program Files (x86)\Native Instruments
2013-11-24 15:57 - 2013-11-24 15:57 - 00000000 ____D C:\Users\mad\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2013-11-24 14:58 - 2013-11-24 14:58 - 00000000 ____D C:\Users\mad\.thumbnails
2013-11-24 14:58 - 2013-11-22 20:32 - 00000000 ____D C:\Users\mad
2013-11-24 14:06 - 2013-11-24 14:05 - 00000000 ____D C:\Users\mad\AppData\Roaming\Duden
2013-11-24 14:04 - 2013-11-24 14:04 - 00000000 ____D C:\windows\SysWOW64\XPSViewer
2013-11-24 14:04 - 2013-11-24 14:04 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-11-24 14:04 - 2013-11-24 14:04 - 00000000 ____D C:\Program Files\MSBuild
2013-11-24 14:04 - 2013-11-24 14:04 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-11-24 13:20 - 2013-11-24 13:20 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2013-11-24 12:51 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Common Files\System
2013-11-24 12:49 - 2013-11-24 12:49 - 00000000 ____D C:\windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-11-24 12:47 - 2013-11-24 12:47 - 00000000 ____D C:\Users\mad\AppData\Local\Microsoft Help
2013-11-24 12:21 - 2013-11-24 12:21 - 00000000 ____D C:\Program Files (x86)\Pixologic
2013-11-24 11:35 - 2013-11-24 11:35 - 00000000 ____D C:\Users\mad\Documents\Mudbox
2013-11-24 11:29 - 2013-11-24 11:25 - 00000000 ____D C:\ProgramData\Autodesk
2013-11-24 11:25 - 2013-11-24 11:25 - 00000000 ____D C:\Users\mad\AppData\Roaming\Autodesk
2013-11-24 09:11 - 2013-11-24 09:11 - 00000000 ____D C:\Users\mad\AppData\Local\CANON_INC
2013-11-24 09:10 - 2013-11-24 09:10 - 00000000 ____H C:\windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-11-24 09:10 - 2013-11-24 09:09 - 00000000 ____D C:\Program Files (x86)\Canon
2013-11-24 09:09 - 2013-11-24 09:09 - 00000000 ____D C:\Users\mad\AppData\Roaming\canon
2013-11-24 09:09 - 2013-11-24 09:09 - 00000000 ____D C:\ProgramData\Canon_Inc_IC
2013-11-24 09:04 - 2013-11-24 09:02 - 00000605 _____ C:\Users\mad\Desktop\CanonUpdate.reg.txt
2013-11-24 07:45 - 2013-11-24 07:45 - 00000000 ____H C:\windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2013-11-23 22:42 - 2013-11-23 22:42 - 00000000 ____D C:\Users\mad\Documents\Adobe Scripts
2013-11-23 21:37 - 2012-07-26 10:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-11-23 21:37 - 2012-07-26 10:43 - 00000000 ____D C:\windows\SysWOW64\winrm
2013-11-23 21:37 - 2012-07-26 10:43 - 00000000 ____D C:\windows\SysWOW64\WCN
2013-11-23 21:37 - 2012-07-26 10:43 - 00000000 ____D C:\windows\SysWOW64\sysprep
2013-11-23 21:37 - 2012-07-26 10:43 - 00000000 ____D C:\windows\SysWOW64\slmgr
2013-11-23 21:37 - 2012-07-26 10:43 - 00000000 ____D C:\windows\SysWOW64\Printing_Admin_Scripts
2013-11-23 21:37 - 2012-07-26 10:43 - 00000000 ____D C:\windows\system32\winrm
2013-11-23 21:37 - 2012-07-26 10:43 - 00000000 ____D C:\windows\system32\WCN
2013-11-23 21:37 - 2012-07-26 10:43 - 00000000 ____D C:\windows\system32\slmgr
2013-11-23 21:37 - 2012-07-26 10:43 - 00000000 ____D C:\windows\system32\Printing_Admin_Scripts
2013-11-23 21:37 - 2012-07-26 09:12 - 00000000 ___RD C:\windows\ImmersiveControlPanel
2013-11-23 21:37 - 2012-07-26 09:12 - 00000000 ____D C:\windows\WinStore
2013-11-23 21:37 - 2012-07-26 09:12 - 00000000 ____D C:\windows\SysWOW64\MUI
2013-11-23 21:37 - 2012-07-26 09:12 - 00000000 ____D C:\windows\SysWOW64\migwiz
2013-11-23 21:37 - 2012-07-26 09:12 - 00000000 ____D C:\windows\SysWOW64\Com
2013-11-23 21:37 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\SystemResetPlatform
2013-11-23 21:37 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\MUI
2013-11-23 21:37 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\migwiz
2013-11-23 21:37 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\Com
2013-11-23 21:37 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-11-23 21:37 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-11-23 21:37 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-11-23 21:37 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-11-23 21:37 - 2012-07-26 06:38 - 00000000 ____D C:\windows\SysWOW64\oobe
2013-11-23 21:37 - 2012-07-26 06:38 - 00000000 ____D C:\windows\SysWOW64\Dism
2013-11-23 21:37 - 2012-07-26 06:38 - 00000000 ____D C:\windows\system32\Sysprep
2013-11-23 21:37 - 2012-07-26 06:38 - 00000000 ____D C:\windows\system32\oobe
2013-11-23 21:37 - 2012-07-26 06:38 - 00000000 ____D C:\windows\system32\Dism
2013-11-23 21:36 - 2013-11-23 21:36 - 00000000 ____D C:\sources
2013-11-23 21:36 - 2012-07-26 09:12 - 00000000 ____D C:\windows\SysWOW64\en-GB
2013-11-23 21:36 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\en-GB
2013-11-23 21:36 - 2012-07-26 09:12 - 00000000 ____D C:\windows\PolicyDefinitions
2013-11-23 20:49 - 2013-11-23 20:49 - 00000000 ___DC C:\ProgramData\{63587E26-1A2F-4FCB-84B3-485CF73F34AF}
2013-11-23 20:48 - 2013-11-23 20:47 - 00000000 ____D C:\ProgramData\Native Instruments
2013-11-23 19:27 - 2013-11-23 19:27 - 00000000 ____D C:\Program Files\7-Zip
2013-11-23 19:26 - 2013-11-23 19:26 - 01376768 _____ C:\Users\mad\Downloads\7z920-x64.msi
2013-11-23 12:41 - 2013-11-22 20:33 - 00000438 _____ C:\Users\mad\Downloads\Desktop.lnk
2013-11-23 12:41 - 2013-11-22 20:33 - 00000000 ___RD C:\Users\mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-23 12:41 - 2013-11-22 20:33 - 00000000 ___RD C:\Users\mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-23 12:40 - 2013-11-23 12:37 - 00000000 ___RD C:\windows\BrowserChoice
2013-11-23 12:40 - 2013-03-28 06:30 - 00000000 ____D C:\ProgramData\PRICache
2013-11-23 12:40 - 2012-07-26 06:37 - 00000000 ____D C:\windows\servicing
2013-11-23 12:37 - 2012-07-26 09:12 - 00000000 ___RD C:\windows\ToastData
2013-11-23 12:37 - 2012-07-26 09:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-11-23 12:37 - 2012-07-26 09:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-11-23 12:37 - 2012-07-26 09:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-11-23 12:37 - 2012-07-26 09:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-11-23 12:34 - 2013-11-23 12:34 - 00000000 ____D C:\Program Files (x86)\Intel
2013-11-23 12:34 - 2013-03-28 13:08 - 00000000 ____D C:\windows\Firmware
2013-11-23 12:17 - 2013-11-23 12:17 - 00000000 ____D C:\windows\system32\MRT
2013-11-23 11:56 - 2013-11-23 11:56 - 00000295 _____ C:\Users\mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb.lnk
2013-11-23 10:03 - 2013-11-23 10:03 - 00000000 ____D C:\Users\mad\Documents\ArtRage Paintings
2013-11-23 07:22 - 2013-11-23 07:22 - 00000000 ____D C:\Users\mad\AppData\Roaming\WTablet
2013-11-23 07:22 - 2013-11-23 07:21 - 00000000 ____D C:\Program Files\Tablet
2013-11-23 07:21 - 2013-11-23 07:20 - 23724480 _____ C:\Users\mad\Downloads\ISD_DualTouch_711-16.exe
2013-11-23 00:07 - 2013-11-23 00:07 - 00000017 _____ C:\Users\mad\AppData\Local\resmon.resmoncfg
2013-11-22 22:56 - 2013-11-22 22:55 - 00000000 ____D C:\Users\mad\AppData\Roaming\Ambient Design
2013-11-22 22:55 - 2013-11-22 22:55 - 00000000 ____D C:\Program Files (x86)\Ambient Design
2013-11-22 22:55 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\restore
2013-11-22 22:27 - 2013-11-22 22:22 - 00000000 ____D C:\ProgramData\Protexis64
2013-11-22 22:22 - 2013-11-22 22:22 - 00000000 ____D C:\Users\mad\AppData\Roaming\Corel
2013-11-22 21:44 - 2013-11-22 21:44 - 00000000 ____D C:\Users\mad\AppData\Local\Macromedia
2013-11-22 21:34 - 2013-11-22 21:34 - 00000000 ____D C:\Users\mad\AppData\Roaming\Mozilla
2013-11-22 21:34 - 2013-11-22 21:34 - 00000000 ____D C:\Users\mad\AppData\Local\Mozilla
2013-11-22 21:34 - 2013-11-22 21:34 - 00000000 ____D C:\ProgramData\Mozilla
2013-11-22 21:34 - 2013-11-22 21:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-22 21:32 - 2013-11-22 21:32 - 00000000 ____D C:\Users\mad\AppData\Roaming\Macromedia
2013-11-22 20:32 - 2013-11-22 20:32 - 00000020 ___SH C:\Users\mad\ntuser.ini
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Vorlagen
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Startmenü
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Netzwerkumgebung
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Lokale Einstellungen
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Eigene Dateien
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Druckumgebung
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Documents\Eigene Musik
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Documents\Eigene Bilder
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\AppData\Local\Verlauf
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\AppData\Local\Anwendungsdaten
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 _SHDL C:\Users\mad\Anwendungsdaten
2013-11-22 20:32 - 2013-11-22 20:32 - 00000000 ____D C:\Users\mad\AppData\Local\VirtualStore
2013-11-22 20:26 - 2013-11-22 20:26 - 00000000 ____D C:\windows\CSC
2013-11-19 11:21 - 2013-11-24 10:42 - 00267936 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2013-11-07 16:00 - 2013-11-23 12:17 - 82896128 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-11-05 23:58 - 2012-07-26 09:14 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-11-05 23:58 - 2012-07-26 09:14 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\mad\AppData\Local\Temp\AcDeltree.exe
C:\Users\mad\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\mad\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\mad\AppData\Local\Temp\fp_pl_pfs_installer.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-08 17:30

==================== End Of Log ============================

--- --- ---

schrauber · 02.12.2013, 10:20

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

nation zoom wie löschen

Plagegeister aller Art und deren Bekämpfung: nation zoom wie löschen