| |
| |||||||
Log-Analyse und Auswertung: Windows 7 - USB-Stick erstellt nur noch Verknüpfungen Scans bisher erfolglosWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
13.02.2014, 09:10
| #1 |
| |  Windows 7 - USB-Stick erstellt nur noch Verknüpfungen Scans bisher erfolglos Hallo und Moin von der Küste! Crossposting ist aus verständlichen Gründen nicht erlaubt, daher eröffne ich nach einem verzweifeltem gestrigen Tag hier einnen neuen Thread. Ich habe ebenfalls nach dem Anstecken eines USB-Sticks meines Sohnes (ich Idiot!)  das Problem, das auf zumindest meinen eigenen nachfolgend angeschlossenen USB-Stick umgehend nach Kopieren von Dateien auf eben dieses Stick selbige zu versteckt werden und stattdessen nur noch Verknüpfungen sichtbar sind.Ich habe mir den aktuellen Thread zum Thema bereits durchgelesen, kann aber nicht selbst eignenen Code generieren und benötige daher bitte Hilfe! Momentan ist neben meinem Rechner, welchen ich aber momentan nicht ohne Weiteres einfach mal eben schnell neu aufsetzen kann, nur noch ein USB-Stick (inzwischen formatiert, Daten unwichtig) betroffen. Der "Uralt-USB-Stick" meines Sohnes wurde entsorgt! Der Rechner meiens Sohnes bereits neu aufgesetzt bzw. in Arbeit. Es betrifft daher "nur" noch meinen Rechner mit Windows 7 Home Premium 64 Bit. Installiert ist ein aktuelles Norton Internet Security. Ich habe diverse Scans durchgeführt, u.a. mit MBAR: Code:
ATTFilter ---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 11.0.9600.16476
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, E:\ DRIVE_FIXED, H:\ DRIVE_FIXED
CPU speed: 3.166000 GHz
Memory total: 8553488384, free: 6530846720
Downloaded database version: v2014.02.12.07
Downloaded database version: v2013.12.18.01
Initializing...
======================
------------ Kernel report ------------
02/12/2014 18:07:30
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\FLTMGR.SYS
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\intelide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\vmci.sys
\SystemRoot\system32\DRIVERS\pciide.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\vsock.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\NISx64\1501000.012\SYMDS64.SYS
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\drivers\NISx64\1501000.012\SYMEFA64.SYS
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\drivers\NISx64\1501000.012\ccSetx64.sys
\SystemRoot\System32\Drivers\NISx64\1501000.012\SRTSP64.SYS
\SystemRoot\system32\drivers\NISx64\1501000.012\SRTSPX64.SYS
\SystemRoot\system32\drivers\NISx64\1501000.012\Ironx64.SYS
\??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
\??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140211.033\EX64.SYS
\??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140211.033\ENG64.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\VBoxUSBMon.sys
\SystemRoot\system32\DRIVERS\VBoxDrv.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\System32\Drivers\NISx64\1501000.012\SYMNETS.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140211.001\IDSvia64.sys
\SystemRoot\System32\Drivers\ElbyCDIO.sys
\??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
\??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx64.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\drivers\1394ohci.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\fpcibase.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\AVMCOWAN.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\VBoxNetAdp.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\drivers\mouclass.sys
\SystemRoot\system32\DRIVERS\VClone.sys
\SystemRoot\system32\DRIVERS\SCSIPORT.SYS
\SystemRoot\system32\DRIVERS\VBoxNetFlt.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\vmnetadapter.sys
\SystemRoot\system32\DRIVERS\VMNET.SYS
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\drivers\usbccgp.sys
\SystemRoot\system32\DRIVERS\dc3d.sys
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\drivers\hidusb.sys
\SystemRoot\system32\drivers\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\udfs.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\vmnetbridge.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\??\C:\Windows\system32\drivers\hcmon.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\??\C:\Windows\system32\drivers\VMparport.sys
\??\C:\Windows\system32\drivers\vmx86.sys
\SystemRoot\sysWOW64\drivers\npf_devolo.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\??\C:\Windows\system32\drivers\vmnetuserif.sys
\SystemRoot\SysWOW64\drivers\vstor2-mntapi20-shared.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk3\DR3
Upper Device Object: 0xfffffa800a0fa790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000088\
Lower Device Object: 0xfffffa8009f87b60
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR2
Upper Device Object: 0xfffffa800a108060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000082\
Lower Device Object: 0xfffffa8009f48b60
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa8007c93060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP2T1L0-3\
Lower Device Object: 0xfffffa8007af7060
Lower Device Driver Name: \Driver\atapi\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8007c92060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP2T0L0-2\
Lower Device Object: 0xfffffa800775a060
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8007c92060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007c92b20, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007c92060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8007758580, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa800775a060, DeviceName: \Device\Ide\IdeDeviceP2T0L0-2\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 241C6624
Partition information:
Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 204800
Partition file system is NTFS
Partition is bootable
Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 206848 Numsec = 1767219200
Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 1767426048 Numsec = 2139619328
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 2000409772032 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-3907030336-3907050336)...
Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa8007c93060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007c93ab0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007c93060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8007aea670, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8007af7060, DeviceName: \Device\Ide\IdeDeviceP2T1L0-3\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: E13E62E1
Partition information:
Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 1953519616
Partition file system is NTFS
Partition is bootable
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 1000204886016 bytes
Sector size: 512 bytes
Done!
Physical Sector Size: 512
Drive: 2, DevicePointer: 0xfffffa800a108060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8009f45a50, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800a108060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8009f48b60, DeviceName: \Device\00000082\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 2
Scanning MBR on drive 2...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 62F505B3
Partition information:
Partition 0 type is Other (0xc)
Partition is NOT ACTIVE.
Partition starts at LBA: 3112 Numsec = 30307288
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 15518924800 bytes
Sector size: 512 bytes
Done!
Physical Sector Size: 0
Drive: 3, DevicePointer: 0xfffffa800a0fa790, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8009f95b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800a0fa790, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8009f87b60, DeviceName: \Device\00000088\, DriverName: \Driver\USBSTOR\
------------ End ----------
Infected: C:\Users\Sascha Rahlf\Downloads\WYSIWYG_Web_Builder_6_-_Free_Button_Pack.exe --> [Backdoor.Bifrose]
Infected: C:\Users\Sascha Rahlf\Downloads\WYSIWYG_Web_Builder_6_-_Free_Stencil_Pack.exe --> [Backdoor.Bifrose]
Infected: C:\Users\Sascha Rahlf\Downloads\GOEMO_Free_Template_Pack.exe --> [Backdoor.Bifrose]
Scan finished
Creating System Restore point...
Cleaning up...
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-r.mbam...
Removal finished
Geändert von Bootsbauer (13.02.2014 um 09:49 Uhr) |
|
13.02.2014, 10:01
| #2 |
| /// TB-Ausbilder   | Windows 7 - USB-Stick erstellt nur noch Verknüpfungen Scans bisher erfolglos Hallo,
__________________mach bitte einen FRST-Scan: Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
13.02.2014, 10:28
| #3 |
| | Windows 7 - USB-Stick erstellt nur noch Verknüpfungen Scans bisher erfolglos Das ging schnell! :-) Danke schön und geht los...
__________________Hier die beiden FRST-Logs. FRST: FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-02-2014 01
Ran by Sascha Rahlf (administrator) on RMPC on 13-02-2014 10:14:23
Running from C:\Users\Sascha Rahlf\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Uniblue Systems Ltd) C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Space Sciences Laboratory) C:\Program Files\BOINC\boinctray.exe
(Space Sciences Laboratory) C:\Program Files\BOINC\boincmgr.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Somoto) C:\Users\Sascha Rahlf\AppData\Local\FilesFrog Update Checker\update_checker.exe
() C:\Users\Sascha Rahlf\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe
(Microsoft Corporation) C:\Users\Sascha Rahlf\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(GoPro) C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe
(AVM Berlin) C:\Program Files (x86)\FRITZ!\IWatch.exe
(sw4you, Siegfried Weckmann) C:\Program Files (x86)\Hardcopy\hardcopy.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Lexware GmbH & Co. KG) C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Space Sciences Laboratory) C:\Program Files\BOINC\boinc.exe
() C:\Program Files (x86)\Hardcopy\HcDLL2_ex.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Space Sciences Laboratory) C:\ProgramData\BOINC\projects\setiathome.berkeley.edu\setiathome_7.00_windows_intelx86.exe
(Space Sciences Laboratory) C:\ProgramData\BOINC\projects\setiathome.berkeley.edu\setiathome_7.00_windows_intelx86.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Lexware GmbH & Co. KG) C:\Program Files (x86)\Common Files\Lexware\LxWebAccess\LxWebAccess.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2710856 2009-11-01] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-03] (CANON INC.)
HKLM\...\Run: [boinctray] - C:\Program Files\BOINC\boinctray.exe [73360 2013-11-25] (Space Sciences Laboratory)
HKLM\...\Run: [boincmgr] - C:\Program Files\BOINC\boincmgr.exe [5878928 2013-11-25] (Space Sciences Laboratory)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2014-01-25] (Realtek Semiconductor)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-11] (DivX, LLC)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [LexwareInfoService] - C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe [339240 2008-11-03] (Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [IJNetworkScanUtility] - C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2009-09-28] (CANON INC.)
HKLM-x32\...\Run: [FreePDF Assistant] - C:\Program Files (x86)\FreePDF_XP\fpassist.exe [385024 2009-09-05] (shbox.de)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [vmware-tray.exe] - C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [111696 2013-08-27] (VMware, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-04-19] (Microsoft Corporation)
HKU\S-1-5-21-926187133-1428639338-2412746821-1001\...\Run: [SDP] - C:\Users\Sascha Rahlf\AppData\Local\FilesFrog Update Checker\update_checker.exe [201808 2013-01-31] (Somoto)
HKU\S-1-5-21-926187133-1428639338-2412746821-1001\...\Run: [Xvid] - C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-926187133-1428639338-2412746821-1001\...\Run: [FLV Player] - C:\Users\Sascha Rahlf\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [202752 2012-10-26] ()
HKU\S-1-5-21-926187133-1428639338-2412746821-1001\...\Run: [SkyDrive] - C:\Users\Sascha Rahlf\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2014-01-26] (Microsoft Corporation)
HKU\S-1-5-21-926187133-1428639338-2412746821-1001\...\Run: [zjfnzfducz] - C:\Users\Sascha Rahlf\AppData\Local\Temp\zjfnzfducz..vbs [156526 2014-01-23] () <===== ATTENTION
HKU\S-1-5-21-926187133-1428639338-2412746821-1001\...\MountPoints2: {fb2b6591-a909-11e2-a67c-806e6f6e6963} - G:\AUTOPLAY.EXE
Startup: C:\Users\Sascha Rahlf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!fax.lnk
ShortcutTarget: FRITZ!fax.lnk -> C:\Program Files (x86)\FRITZ!\FriFax32.exe (AVM Berlin)
Startup: C:\Users\Sascha Rahlf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK
ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you, Siegfried Weckmann)
Startup: C:\Users\Sascha Rahlf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zjfnzfducz..vbs ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x10B8A773183DCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?ptr=100&crg=3.1010000.10039&barid={9772AA5D-CF6C-11E2-B7D9-404E57434401}
SearchScopes: HKLM-x32 - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&ptr=100&q={searchTerms}&crg=3.1010000.10039&barid={9772AA5D-CF6C-11E2-B7D9-404E57434401}
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&ptr=100&q={searchTerms}&crg=3.1010000.10039&barid={9772AA5D-CF6C-11E2-B7D9-404E57434401}
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=DE&ver=20&locale=de_DE&gct=kwd&qsrc=2869
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&ptr=100&q={searchTerms}&crg=3.1010000.10039&barid={9772AA5D-CF6C-11E2-B7D9-404E57434401}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\..\Interfaces\{D0C788C4-668C-45BE-A04D-B221745B40A5}: [NameServer]192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Sascha Rahlf\AppData\Roaming\Mozilla\Firefox\Profiles\9fkauv9o.default
FF user.js: detected! => C:\Users\Sascha Rahlf\AppData\Roaming\Mozilla\Firefox\Profiles\9fkauv9o.default\user.js
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Sascha Rahlf\AppData\Roaming\Mozilla\Firefox\Profiles\9fkauv9o.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Sascha Rahlf\AppData\Roaming\Mozilla\Firefox\Profiles\9fkauv9o.default\searchplugins\BrowserProtect.xml
FF SearchPlugin: C:\Users\Sascha Rahlf\AppData\Roaming\Mozilla\Firefox\Profiles\9fkauv9o.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Sascha Rahlf\AppData\Roaming\Mozilla\Firefox\Profiles\9fkauv9o.default\searchplugins\SweetIM Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013-11-22]
==================== Services (Whitelisted) =================
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3304768 2010-12-23] (devolo AG)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe [275696 2013-10-08] (Symantec Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
S2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14401104 2013-08-27] ()
==================== Drivers (Whitelisted) ====================
R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2009-06-10] (AVM GmbH)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1501000.012\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-12-03] (Symantec Corporation)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-20] (Symantec Corporation)
R3 FPCIBASE; C:\Windows\System32\DRIVERS\fpcibase.sys [899328 2009-06-10] (AVM Berlin)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140212.001\IDSvia64.sys [521944 2014-01-21] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140212.019\ENG64.SYS [126040 2014-02-12] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140212.019\EX64.SYS [2099288 2014-02-12] (Symantec Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2010-06-10] (CACE Technologies)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1501000.012\SRTSP64.SYS [858200 2013-09-27] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1501000.012\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1501000.012\SYMEFA64.SYS [1147480 2013-09-27] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-21] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1501000.012\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1501000.012\SYMNETS.SYS [590936 2013-09-26] (Symantec Corporation)
R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [31824 2013-08-27] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-08-15] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-13 10:14 - 2014-02-13 10:15 - 00020899 _____ () C:\Users\Sascha Rahlf\Desktop\FRST.txt
2014-02-13 10:14 - 2014-02-13 10:14 - 00000000 ____D () C:\FRST
2014-02-13 10:05 - 2014-02-13 10:05 - 02152448 _____ (Farbar) C:\Users\Sascha Rahlf\Desktop\FRST64.exe
2014-02-12 18:54 - 2014-02-12 22:56 - 00000000 ____D () C:\Program Files (x86)\Remo Drive Wipe
2014-02-12 18:54 - 2014-02-12 18:54 - 00001071 _____ () C:\Users\Public\Desktop\Remo Drive Wipe.lnk
2014-02-12 18:54 - 2009-02-12 15:11 - 00026024 _____ (EldoS Corporation) C:\Windows\system32\Drivers\rsdrvx64.sys
2014-02-12 18:53 - 2014-02-12 18:54 - 09992760 _____ (Remo Software ) C:\Users\Sascha Rahlf\Downloads\deleteforever-drive-wipe.exe
2014-02-12 18:07 - 2014-02-12 18:07 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-02-12 18:07 - 2014-02-12 18:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-12 18:06 - 2014-02-12 18:32 - 00000000 ____D () C:\Users\Sascha Rahlf\Desktop\mbar
2014-02-12 18:06 - 2014-02-12 18:06 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-12 18:03 - 2014-02-12 18:03 - 00000815 _____ () C:\Users\Sascha Rahlf\Desktop\h2testw - Verknüpfung.lnk
2014-02-12 18:02 - 2014-02-12 18:02 - 00218129 _____ () C:\Users\Sascha Rahlf\Downloads\h2testw_1.4.zip
2014-02-12 18:02 - 2014-02-12 18:02 - 00000000 ____D () C:\Users\Sascha Rahlf\Downloads\h2testw_1.4
2014-02-12 17:46 - 2014-02-12 17:46 - 00038396 _____ () C:\Users\Sascha Rahlf\Documents\HitmanPro_20140212_1746.log
2014-02-12 17:46 - 2014-02-12 17:46 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2014-02-12 17:30 - 2014-02-12 17:47 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-12 15:56 - 2014-02-12 18:30 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Local\NPE
2014-02-12 14:46 - 2014-02-12 14:47 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Sascha Rahlf\Downloads\mbar-1.07.0.1009.exe
2014-02-12 14:44 - 2014-02-12 17:30 - 10820032 _____ (SurfRight B.V.) C:\Users\Sascha Rahlf\Downloads\hitmanpro_x64.exe
2014-02-12 14:06 - 2014-02-12 14:06 - 07873813 _____ () C:\Users\Sascha Rahlf\Downloads\PPFScan.zip
2014-02-12 14:06 - 2014-02-12 14:06 - 00000000 ____D () C:\Users\Sascha Rahlf\Downloads\PPFScan
2014-02-12 12:25 - 2014-02-12 12:25 - 00654752 _____ ( ) C:\Users\Sascha Rahlf\Downloads\sp55238.exe
2014-02-09 17:54 - 2014-02-09 17:54 - 00261703 _____ () C:\Users\Sascha Rahlf\Downloads\germany_2013.kmz
2014-02-09 17:54 - 2014-02-09 17:54 - 00002228 _____ () C:\Users\Sascha Rahlf\Desktop\Google Earth.lnk
2014-02-09 10:38 - 2014-02-09 10:38 - 00001108 _____ () C:\Users\Sascha Rahlf\Desktop\GoPro Studio.lnk
2014-02-09 10:28 - 2014-02-09 10:37 - 115345816 _____ () C:\Users\Sascha Rahlf\Downloads\GoProStudioPC-2.0.1.319.exe
2014-02-06 11:57 - 2014-02-06 11:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-01-29 18:31 - 2014-01-29 18:34 - 115303376 _____ () C:\Users\Sascha Rahlf\Downloads\GoProStudioPC-2.0.1.317.exe
2014-01-27 09:46 - 2014-02-13 10:13 - 00005148 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for RMPC-Sascha Rahlf RMPC
2014-01-27 09:46 - 2014-01-27 09:46 - 00000000 ____D () C:\Users\Sascha Rahlf\Documents\Benutzerdefinierte Office-Vorlagen
2014-01-27 09:38 - 2014-01-27 09:38 - 00002451 _____ () C:\Users\Sascha Rahlf\Desktop\Word 2013.lnk
2014-01-27 09:38 - 2014-01-27 09:38 - 00002447 _____ () C:\Users\Sascha Rahlf\Desktop\Excel 2013.lnk
2014-01-26 15:27 - 2014-02-13 10:13 - 00000000 ___RD () C:\Users\Sascha Rahlf\SkyDrive
2014-01-26 15:27 - 2014-01-26 15:27 - 00002193 _____ () C:\Users\Sascha Rahlf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-01-26 15:27 - 2014-01-26 15:27 - 00002120 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-01-26 15:27 - 2014-01-26 15:27 - 00002120 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-01-26 15:27 - 2014-01-26 15:27 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive
2014-01-26 15:27 - 2014-01-26 15:27 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2014-01-26 15:26 - 2013-12-04 20:28 - 06164256 _____ (Landesfinanzdirektion Thüringen) C:\Users\Sascha Rahlf\Downloads\install_gst12.exe
2014-01-26 15:26 - 2013-12-04 20:27 - 09939368 _____ (Landesfinanzdirektion Thüringen) C:\Users\Sascha Rahlf\Downloads\install_est12.exe
2014-01-26 15:26 - 2013-12-04 20:27 - 06212848 _____ (Landesfinanzdirektion Thüringen) C:\Users\Sascha Rahlf\Downloads\install_ust12.exe
2014-01-26 15:26 - 2013-12-04 20:24 - 44971216 _____ (Landesfinanzdirektion Thüringen) C:\Users\Sascha Rahlf\Downloads\install_pica.exe
2014-01-26 15:26 - 2013-12-04 20:22 - 06478632 _____ (Landesfinanzdirektion Thüringen) C:\Users\Sascha Rahlf\Downloads\install_eur12.exe
2014-01-26 15:26 - 2013-04-20 14:36 - 00055221 _____ () C:\Users\Sascha Rahlf\Downloads\produkey_1.56.zip
2014-01-26 15:26 - 2012-08-29 07:53 - 103974608 _____ (Landesfinanzdirektion Thüringen) C:\Users\Sascha Rahlf\Downloads\ElsterFormular-13.3.0.9066k.exe
2014-01-26 14:49 - 2014-01-26 14:50 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-01-26 14:49 - 2014-01-26 14:49 - 00575168 _____ (Microsoft Corporation) C:\Users\Sascha Rahlf\Downloads\Setup.X86.de-DE_O365HomePremRetail_114b7722-f595-4ff2-aad8-46b9299f692c_TX_DB_.exe
2014-01-26 12:56 - 2014-01-26 13:03 - 85965001 _____ (Hewlett-Packard Company ) C:\Users\Sascha Rahlf\Downloads\sp53261.exe
2014-01-26 12:26 - 2014-01-26 12:26 - 00001304 _____ () C:\Users\Sascha Rahlf\Desktop\Notepad.lnk
2014-01-26 12:23 - 2014-01-26 12:23 - 05581624 _____ (Uniblue Systems Ltd ) C:\Users\Sascha Rahlf\Downloads\driverscanner.exe
2014-01-26 11:46 - 2014-01-26 11:46 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Local\.elfohilfe
2014-01-26 11:44 - 2013-12-09 12:53 - 00035914 _____ () C:\Users\Sascha Rahlf\Documents\EUER2012_Sascha_Rahlf.elfo
2014-01-26 11:44 - 2013-12-09 12:53 - 00031888 _____ () C:\Users\Sascha Rahlf\Documents\USt2012_Rahlf_Sascha.elfo
2014-01-26 11:44 - 2013-12-09 12:46 - 00043141 _____ () C:\Users\Sascha Rahlf\Documents\GewSt2012_Rahlf_Sascha.elfo
2014-01-26 11:44 - 2013-12-09 12:44 - 00109570 _____ () C:\Users\Sascha Rahlf\Documents\ESt2012_Rahlf_Sascha_und_Rahlf_Gaby.elfo
2014-01-26 11:38 - 2014-01-26 11:38 - 00001115 _____ () C:\Users\Sascha Rahlf\Desktop\ElsterFormular.lnk
2014-01-26 11:38 - 2014-01-26 11:38 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Roaming\elsterformular
2014-01-26 11:38 - 2014-01-26 11:38 - 00000000 ____D () C:\ProgramData\elsterformular
2014-01-26 11:37 - 2014-01-26 11:37 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-01-25 12:24 - 2014-01-25 12:24 - 10093647 _____ (DJI ) C:\Users\Sascha Rahlf\Downloads\iosd_installer_4.0.exe
2014-01-25 12:24 - 2014-01-25 12:24 - 00001235 _____ () C:\Users\Public\Desktop\DJI iOSD Assistant 4.0.lnk
2014-01-25 11:11 - 2014-01-25 11:11 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-01-25 11:11 - 2014-01-25 11:11 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-01-25 11:11 - 2014-01-25 11:11 - 00000000 ____D () C:\Program Files\Realtek
2014-01-25 11:10 - 2014-01-25 11:10 - 38251008 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-01-25 11:10 - 2014-01-25 11:10 - 27644160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 14152960 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 06217904 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 05681192 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-01-25 11:10 - 2014-01-25 11:10 - 05538072 _____ (ASUSTeKcomputer.Inc Inc) C:\Windows\system32\RTKSMlfx.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 03714304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 03698904 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-01-25 11:10 - 2014-01-25 11:10 - 02810072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 02587352 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 02036992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01938608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01921792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-01-25 11:10 - 2014-01-25 11:10 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01345280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01286400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01286360 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01084160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01021656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01014016 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01012992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00907008 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00897792 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00790272 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00754488 _____ (ASUSTeKcomputer.Inc Inc) C:\Windows\system32\RTKSMSettingsIPC.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00722688 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00676825 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-01-25 11:10 - 2014-01-25 11:10 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00617176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00605496 _____ () C:\Windows\system32\audioLibVc.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00313520 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00260272 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00244480 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00151256 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 15546880 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 11405824 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 10629408 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2014-01-25 10:52 - 2014-01-25 10:52 - 06549504 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 04896768 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 04338688 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 03158584 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00571904 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdx32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00511032 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00418360 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00387640 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00380416 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00272384 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00244224 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00228864 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00224824 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00189552 _____ () C:\Windows\system32\Gfxres.th-TH.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00178407 _____ () C:\Windows\system32\Gfxres.el-GR.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00165395 _____ () C:\Windows\system32\Gfxres.ru-RU.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00163384 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00154680 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00139909 _____ () C:\Windows\system32\Gfxres.ar-SA.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00136401 _____ () C:\Windows\system32\Gfxres.ja-JP.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00133746 _____ () C:\Windows\system32\Gfxres.he-IL.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00125558 _____ () C:\Windows\system32\Gfxres.it-IT.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00123230 _____ () C:\Windows\system32\Gfxres.ko-KR.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00122927 _____ () C:\Windows\system32\Gfxres.es-ES.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00122709 _____ () C:\Windows\system32\Gfxres.de-DE.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00122368 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2014-01-25 10:52 - 2014-01-25 10:52 - 00121173 _____ () C:\Windows\system32\Gfxres.tr-TR.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00120800 _____ () C:\Windows\system32\Gfxres.fr-FR.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00120366 _____ () C:\Windows\system32\Gfxres.pt-BR.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00119808 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00119616 _____ () C:\Windows\system32\Gfxres.hu-HU.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00119586 _____ () C:\Windows\system32\Gfxres.nl-NL.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00119360 _____ () C:\Windows\system32\Gfxres.sv-SE.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00119067 _____ () C:\Windows\system32\Gfxres.pt-PT.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00118745 _____ () C:\Windows\system32\Gfxres.cs-CZ.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00118697 _____ () C:\Windows\system32\Gfxres.fi-FI.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00118409 _____ () C:\Windows\system32\Gfxres.pl-PL.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00118058 _____ () C:\Windows\system32\Gfxres.sk-SK.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00114852 _____ () C:\Windows\system32\Gfxres.nb-NO.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00114372 _____ () C:\Windows\system32\Gfxres.sl-SI.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00114261 _____ () C:\Windows\system32\Gfxres.da-DK.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00110211 _____ () C:\Windows\system32\Gfxres.en-US.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00104044 _____ () C:\Windows\system32\Gfxres.zh-TW.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00102883 _____ () C:\Windows\system32\Gfxres.zh-CN.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00090112 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2869.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087040 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087040 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00083968 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00083968 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00027648 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00023552 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00005448 _____ () C:\Windows\system32\iglhxs64.vp
2014-01-25 10:52 - 2014-01-25 10:52 - 00004096 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2014-01-25 10:50 - 2014-01-25 10:50 - 00883928 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-01-25 10:50 - 2014-01-25 10:50 - 00074456 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-01-25 10:33 - 2014-01-25 10:33 - 00001213 _____ () C:\Users\Sascha Rahlf\Desktop\DriverScanner.lnk
2014-01-25 10:30 - 2014-01-25 10:32 - 04684216 _____ (Uniblue Systems Ltd ) C:\Users\Sascha Rahlf\Downloads\systemtweaker.exe
2014-01-25 10:19 - 2014-02-13 10:12 - 00000286 _____ () C:\Windows\Tasks\dsmonitor.job
2014-01-25 10:19 - 2014-01-25 10:19 - 00002524 _____ () C:\Windows\System32\Tasks\dsmonitor
2014-01-18 15:41 - 2014-01-18 15:41 - 00001278 _____ () C:\Users\Public\Desktop\DJI Phantom RC Assistant_1.0.lnk
2014-01-18 15:41 - 2014-01-18 15:41 - 00001273 _____ () C:\Users\Public\Desktop\DJI Phantom 2 Assistant_1.08.lnk
2014-01-17 09:01 - 2014-01-17 09:01 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-17 09:01 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-17 09:01 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-17 09:01 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-17 09:01 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-15 13:55 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 13:55 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 13:55 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 13:55 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 13:55 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 13:55 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 13:55 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 13:55 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 13:55 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-14 19:56 - 2014-01-14 19:56 - 00000000 ____D () C:\ProgramData\dbg
2014-01-14 14:05 - 2014-01-14 14:05 - 00001250 _____ () C:\Users\Sascha Rahlf\Desktop\DJI NAZAM Assistant_2.20.lnk
==================== One Month Modified Files and Folders =======
2014-02-13 10:15 - 2014-02-13 10:14 - 00020899 _____ () C:\Users\Sascha Rahlf\Desktop\FRST.txt
2014-02-13 10:14 - 2014-02-13 10:14 - 00000000 ____D () C:\FRST
2014-02-13 10:13 - 2014-01-27 09:46 - 00005148 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for RMPC-Sascha Rahlf RMPC
2014-02-13 10:13 - 2014-01-26 15:27 - 00000000 ___RD () C:\Users\Sascha Rahlf\SkyDrive
2014-02-13 10:13 - 2013-05-12 12:42 - 00000000 ____D () C:\ProgramData\BOINC
2014-02-13 10:13 - 2013-04-22 05:53 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Local\FRITZ!
2014-02-13 10:12 - 2014-01-25 10:19 - 00000286 _____ () C:\Windows\Tasks\dsmonitor.job
2014-02-13 10:12 - 2013-10-31 11:21 - 00000000 ____D () C:\ProgramData\VMware
2014-02-13 10:12 - 2013-08-31 07:52 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-13 10:12 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-13 10:12 - 2009-07-14 05:51 - 00052141 _____ () C:\Windows\setupact.log
2014-02-13 10:10 - 2013-04-20 09:35 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-13 10:10 - 2013-04-19 17:01 - 01359159 _____ () C:\Windows\WindowsUpdate.log
2014-02-13 10:08 - 2013-08-31 07:52 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-13 10:07 - 2013-04-19 16:29 - 00000000 ____D () C:\Users\Sascha Rahlf\Documents\Outlook-Dateien
2014-02-13 10:05 - 2014-02-13 10:05 - 02152448 _____ (Farbar) C:\Users\Sascha Rahlf\Desktop\FRST64.exe
2014-02-12 22:56 - 2014-02-12 18:54 - 00000000 ____D () C:\Program Files (x86)\Remo Drive Wipe
2014-02-12 18:54 - 2014-02-12 18:54 - 00001071 _____ () C:\Users\Public\Desktop\Remo Drive Wipe.lnk
2014-02-12 18:54 - 2014-02-12 18:53 - 09992760 _____ (Remo Software ) C:\Users\Sascha Rahlf\Downloads\deleteforever-drive-wipe.exe
2014-02-12 18:33 - 2009-07-14 05:45 - 00013232 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-12 18:33 - 2009-07-14 05:45 - 00013232 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-12 18:32 - 2014-02-12 18:06 - 00000000 ____D () C:\Users\Sascha Rahlf\Desktop\mbar
2014-02-12 18:30 - 2014-02-12 15:56 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Local\NPE
2014-02-12 18:25 - 2013-04-19 17:55 - 00311152 _____ () C:\Windows\PFRO.log
2014-02-12 18:25 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-12 18:07 - 2014-02-12 18:07 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-02-12 18:07 - 2014-02-12 18:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-12 18:06 - 2014-02-12 18:06 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-12 18:03 - 2014-02-12 18:03 - 00000815 _____ () C:\Users\Sascha Rahlf\Desktop\h2testw - Verknüpfung.lnk
2014-02-12 18:02 - 2014-02-12 18:02 - 00218129 _____ () C:\Users\Sascha Rahlf\Downloads\h2testw_1.4.zip
2014-02-12 18:02 - 2014-02-12 18:02 - 00000000 ____D () C:\Users\Sascha Rahlf\Downloads\h2testw_1.4
2014-02-12 17:47 - 2014-02-12 17:30 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-12 17:46 - 2014-02-12 17:46 - 00038396 _____ () C:\Users\Sascha Rahlf\Documents\HitmanPro_20140212_1746.log
2014-02-12 17:46 - 2014-02-12 17:46 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2014-02-12 17:30 - 2014-02-12 14:44 - 10820032 _____ (SurfRight B.V.) C:\Users\Sascha Rahlf\Downloads\hitmanpro_x64.exe
2014-02-12 17:27 - 2013-12-28 11:00 - 00000000 ____D () C:\Users\Outposter
2014-02-12 16:07 - 2013-04-19 17:14 - 00000000 ____D () C:\ProgramData\Norton
2014-02-12 14:47 - 2014-02-12 14:46 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Sascha Rahlf\Downloads\mbar-1.07.0.1009.exe
2014-02-12 14:06 - 2014-02-12 14:06 - 07873813 _____ () C:\Users\Sascha Rahlf\Downloads\PPFScan.zip
2014-02-12 14:06 - 2014-02-12 14:06 - 00000000 ____D () C:\Users\Sascha Rahlf\Downloads\PPFScan
2014-02-12 13:43 - 2013-11-23 13:05 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-12 12:25 - 2014-02-12 12:25 - 00654752 _____ ( ) C:\Users\Sascha Rahlf\Downloads\sp55238.exe
2014-02-12 12:23 - 2009-07-14 18:58 - 00702138 _____ () C:\Windows\system32\perfh007.dat
2014-02-12 12:23 - 2009-07-14 18:58 - 00150804 _____ () C:\Windows\system32\perfc007.dat
2014-02-12 12:23 - 2009-07-14 06:13 - 01628954 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-12 12:21 - 2013-04-19 17:09 - 00000000 ___RD () C:\Users\Sascha Rahlf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-11 16:59 - 2013-04-20 17:59 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Roaming\vlc
2014-02-11 09:03 - 2013-04-20 19:34 - 00009300 _____ () C:\fpRedmon.log
2014-02-11 09:03 - 2013-04-20 19:34 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Local\FreePDF_XP
2014-02-09 17:54 - 2014-02-09 17:54 - 00261703 _____ () C:\Users\Sascha Rahlf\Downloads\germany_2013.kmz
2014-02-09 17:54 - 2014-02-09 17:54 - 00002228 _____ () C:\Users\Sascha Rahlf\Desktop\Google Earth.lnk
2014-02-09 10:47 - 2013-08-08 16:23 - 00337408 ___SH () C:\Users\Sascha Rahlf\Thumbs.db
2014-02-09 10:47 - 2013-04-19 17:09 - 00000000 ____D () C:\Users\Sascha Rahlf
2014-02-09 10:38 - 2014-02-09 10:38 - 00001108 _____ () C:\Users\Sascha Rahlf\Desktop\GoPro Studio.lnk
2014-02-09 10:38 - 2013-11-01 09:21 - 00000000 ____D () C:\Program Files (x86)\GoPro
2014-02-09 10:38 - 2013-06-13 12:21 - 00057060 _____ () C:\Windows\DPINST.LOG
2014-02-09 10:37 - 2014-02-09 10:28 - 115345816 _____ () C:\Users\Sascha Rahlf\Downloads\GoProStudioPC-2.0.1.319.exe
2014-02-07 08:09 - 2013-04-20 07:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-06 11:57 - 2014-02-06 11:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-06 09:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-05 11:27 - 2013-09-29 09:59 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Local\FilesFrog Update Checker
2014-02-05 09:24 - 2013-04-20 09:58 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Local\Adobe
2014-02-05 09:24 - 2013-04-20 09:35 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 09:24 - 2013-04-20 09:35 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 09:24 - 2013-04-20 09:35 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-04 17:23 - 2013-04-20 15:28 - 00000000 ____D () C:\ProgramData\Lexware
2014-02-04 14:38 - 2013-04-20 15:28 - 00000000 ____D () C:\ProgramData\BTrieve
2014-01-29 19:55 - 2013-09-05 21:06 - 01443328 _____ (CineForm Inc.) C:\Windows\system32\CFHD.dll
2014-01-29 19:52 - 2013-09-05 21:03 - 01474560 _____ (CineForm Inc.) C:\Windows\SysWOW64\CFHD.dll
2014-01-29 18:34 - 2014-01-29 18:31 - 115303376 _____ () C:\Users\Sascha Rahlf\Downloads\GoProStudioPC-2.0.1.317.exe
2014-01-29 18:30 - 2013-12-02 13:37 - 00000000 ____D () C:\Program Files\Adobe
2014-01-27 09:53 - 2013-04-20 14:40 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Local\Microsoft Help
2014-01-27 09:46 - 2014-01-27 09:46 - 00000000 ____D () C:\Users\Sascha Rahlf\Documents\Benutzerdefinierte Office-Vorlagen
2014-01-27 09:38 - 2014-01-27 09:38 - 00002451 _____ () C:\Users\Sascha Rahlf\Desktop\Word 2013.lnk
2014-01-27 09:38 - 2014-01-27 09:38 - 00002447 _____ () C:\Users\Sascha Rahlf\Desktop\Excel 2013.lnk
2014-01-27 09:11 - 2013-04-19 18:36 - 00120704 _____ () C:\Users\Sascha Rahlf\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-27 09:10 - 2009-07-14 05:45 - 00470904 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-26 15:27 - 2014-01-26 15:27 - 00002193 _____ () C:\Users\Sascha Rahlf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-01-26 15:27 - 2014-01-26 15:27 - 00002120 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-01-26 15:27 - 2014-01-26 15:27 - 00002120 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-01-26 15:27 - 2014-01-26 15:27 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive
2014-01-26 15:27 - 2014-01-26 15:27 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2014-01-26 15:26 - 2013-04-20 14:40 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-26 14:57 - 2013-04-20 14:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-01-26 14:51 - 2013-04-19 17:09 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Local\VirtualStore
2014-01-26 14:50 - 2014-01-26 14:49 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-01-26 14:49 - 2014-01-26 14:49 - 00575168 _____ (Microsoft Corporation) C:\Users\Sascha Rahlf\Downloads\Setup.X86.de-DE_O365HomePremRetail_114b7722-f595-4ff2-aad8-46b9299f692c_TX_DB_.exe
2014-01-26 13:03 - 2014-01-26 12:56 - 85965001 _____ (Hewlett-Packard Company ) C:\Users\Sascha Rahlf\Downloads\sp53261.exe
2014-01-26 12:26 - 2014-01-26 12:26 - 00001304 _____ () C:\Users\Sascha Rahlf\Desktop\Notepad.lnk
2014-01-26 12:23 - 2014-01-26 12:23 - 05581624 _____ (Uniblue Systems Ltd ) C:\Users\Sascha Rahlf\Downloads\driverscanner.exe
2014-01-26 11:46 - 2014-01-26 11:46 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Local\.elfohilfe
2014-01-26 11:38 - 2014-01-26 11:38 - 00001115 _____ () C:\Users\Sascha Rahlf\Desktop\ElsterFormular.lnk
2014-01-26 11:38 - 2014-01-26 11:38 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Roaming\elsterformular
2014-01-26 11:38 - 2014-01-26 11:38 - 00000000 ____D () C:\ProgramData\elsterformular
2014-01-26 11:37 - 2014-01-26 11:37 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-01-25 12:24 - 2014-01-25 12:24 - 10093647 _____ (DJI ) C:\Users\Sascha Rahlf\Downloads\iosd_installer_4.0.exe
2014-01-25 12:24 - 2014-01-25 12:24 - 00001235 _____ () C:\Users\Public\Desktop\DJI iOSD Assistant 4.0.lnk
2014-01-25 12:24 - 2013-11-05 14:37 - 00000000 ____D () C:\Program Files (x86)\DJI Product
2014-01-25 11:11 - 2014-01-25 11:11 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-01-25 11:11 - 2014-01-25 11:11 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-01-25 11:11 - 2014-01-25 11:11 - 00000000 ____D () C:\Program Files\Realtek
2014-01-25 11:10 - 2014-01-25 11:10 - 38251008 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-01-25 11:10 - 2014-01-25 11:10 - 27644160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 14152960 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 06217904 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 05681192 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-01-25 11:10 - 2014-01-25 11:10 - 05538072 _____ (ASUSTeKcomputer.Inc Inc) C:\Windows\system32\RTKSMlfx.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 03714304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 03698904 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-01-25 11:10 - 2014-01-25 11:10 - 02810072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 02587352 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 02036992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01938608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01921792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-01-25 11:10 - 2014-01-25 11:10 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01345280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01286400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01286360 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01084160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01021656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01014016 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01012992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00907008 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00897792 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00790272 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00754488 _____ (ASUSTeKcomputer.Inc Inc) C:\Windows\system32\RTKSMSettingsIPC.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00722688 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00676825 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-01-25 11:10 - 2014-01-25 11:10 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00617176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00605496 _____ () C:\Windows\system32\audioLibVc.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00313520 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00260272 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00244480 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00151256 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 15546880 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 11405824 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 10629408 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2014-01-25 10:52 - 2014-01-25 10:52 - 06549504 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 04896768 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 04338688 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 03158584 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00571904 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdx32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00511032 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00418360 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00387640 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00380416 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00272384 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00244224 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00228864 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00224824 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00189552 _____ () C:\Windows\system32\Gfxres.th-TH.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00178407 _____ () C:\Windows\system32\Gfxres.el-GR.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00165395 _____ () C:\Windows\system32\Gfxres.ru-RU.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00163384 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00154680 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00139909 _____ () C:\Windows\system32\Gfxres.ar-SA.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00136401 _____ () C:\Windows\system32\Gfxres.ja-JP.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00133746 _____ () C:\Windows\system32\Gfxres.he-IL.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00125558 _____ () C:\Windows\system32\Gfxres.it-IT.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00123230 _____ () C:\Windows\system32\Gfxres.ko-KR.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00122927 _____ () C:\Windows\system32\Gfxres.es-ES.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00122709 _____ () C:\Windows\system32\Gfxres.de-DE.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00122368 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2014-01-25 10:52 - 2014-01-25 10:52 - 00121173 _____ () C:\Windows\system32\Gfxres.tr-TR.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00120800 _____ () C:\Windows\system32\Gfxres.fr-FR.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00120366 _____ () C:\Windows\system32\Gfxres.pt-BR.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00119808 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00119616 _____ () C:\Windows\system32\Gfxres.hu-HU.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00119586 _____ () C:\Windows\system32\Gfxres.nl-NL.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00119360 _____ () C:\Windows\system32\Gfxres.sv-SE.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00119067 _____ () C:\Windows\system32\Gfxres.pt-PT.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00118745 _____ () C:\Windows\system32\Gfxres.cs-CZ.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00118697 _____ () C:\Windows\system32\Gfxres.fi-FI.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00118409 _____ () C:\Windows\system32\Gfxres.pl-PL.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00118058 _____ () C:\Windows\system32\Gfxres.sk-SK.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00114852 _____ () C:\Windows\system32\Gfxres.nb-NO.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00114372 _____ () C:\Windows\system32\Gfxres.sl-SI.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00114261 _____ () C:\Windows\system32\Gfxres.da-DK.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00110211 _____ () C:\Windows\system32\Gfxres.en-US.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00104044 _____ () C:\Windows\system32\Gfxres.zh-TW.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00102883 _____ () C:\Windows\system32\Gfxres.zh-CN.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00090112 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2869.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087040 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087040 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00083968 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00083968 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00027648 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00023552 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00005448 _____ () C:\Windows\system32\iglhxs64.vp
2014-01-25 10:52 - 2014-01-25 10:52 - 00004096 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2014-01-25 10:52 - 2011-02-11 17:46 - 00061952 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2014-01-25 10:52 - 2011-02-11 17:45 - 00830464 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2014-01-25 10:52 - 2011-02-11 17:45 - 00108544 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2014-01-25 10:52 - 2009-07-13 22:59 - 04722176 _____ (Intel Corporation) C:\Windows\system32\igd10umd64.dll
2014-01-25 10:50 - 2014-01-25 10:50 - 00883928 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-01-25 10:50 - 2014-01-25 10:50 - 00074456 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-01-25 10:50 - 2011-06-10 05:34 - 00108760 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-01-25 10:33 - 2014-01-25 10:33 - 00001213 _____ () C:\Users\Sascha Rahlf\Desktop\DriverScanner.lnk
2014-01-25 10:32 - 2014-01-25 10:30 - 04684216 _____ (Uniblue Systems Ltd ) C:\Users\Sascha Rahlf\Downloads\systemtweaker.exe
2014-01-25 10:19 - 2014-01-25 10:19 - 00002524 _____ () C:\Windows\System32\Tasks\dsmonitor
2014-01-24 07:26 - 2013-04-20 16:22 - 00000000 ____D () C:\Program Files (x86)\FreePDF_XP
2014-01-18 15:41 - 2014-01-18 15:41 - 00001278 _____ () C:\Users\Public\Desktop\DJI Phantom RC Assistant_1.0.lnk
2014-01-18 15:41 - 2014-01-18 15:41 - 00001273 _____ () C:\Users\Public\Desktop\DJI Phantom 2 Assistant_1.08.lnk
2014-01-18 09:58 - 2013-04-20 09:49 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Roaming\FileZilla
2014-01-17 09:01 - 2014-01-17 09:01 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-17 09:01 - 2013-10-17 07:57 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-17 09:01 - 2013-06-22 19:05 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-15 17:38 - 2013-08-15 18:25 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 17:37 - 2013-04-19 20:13 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-14 19:56 - 2014-01-14 19:56 - 00000000 ____D () C:\ProgramData\dbg
2014-01-14 14:05 - 2014-01-14 14:05 - 00001250 _____ () C:\Users\Sascha Rahlf\Desktop\DJI NAZAM Assistant_2.20.lnk
Files to move or delete:
====================
C:\Users\Sascha Rahlf\AppData\Local\Temp\zjfnzfducz..vbs
Some content of TEMP:
====================
C:\Users\Sascha Rahlf\AppData\Local\Temp\7z920.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\appshat-distribution.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\BI_RunOnce (1).exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\BI_RunOnce.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\bundlesweetimsetup.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\DivXSetup.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\FLVPlayerSetup.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\GenericUninstall.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\mgsqlite3.dll
C:\Users\Sascha Rahlf\AppData\Local\Temp\MoviesToolbarSetup_Somoto.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\MoviesToolbarSetup_Somoto_9_10_2013.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Sascha Rahlf\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Sascha Rahlf\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\ose00000.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\setup.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\uninst1.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\uninstaller.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\vlc-2.0.8-win32.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\vlc-2.1.2-win32.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\WSSetup.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\WYSIWYG_Web_Builder_7_-_Deutsches_Sprachpaket.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\WYSIWYG_Web_Builder_8_-_Deutsches_Sprachpaket.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-08 16:29
==================== End Of Log ============================
--- --- --- --- --- --- --- --- --- Und noch die Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-02-2014 01
Ran by Sascha Rahlf at 2014-02-13 10:16:04
Running from C:\Users\Sascha Rahlf\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Installed Programs ======================
Adobe AIR (x32 Version: 3.9.0.1210 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1210 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.3 64-bit (Version: 5.3.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.2.122 - Adobe Systems, Inc.)
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
AviSynth 2.5 (x32 Version: - )
AVM FRITZ! (x32 Version: - AVM Berlin)
BOINC (Version: 7.2.33 - Space Sciences Laboratory, U.C. Berkeley)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Bundled software uninstaller (x32 Version: - ) <==== ATTENTION
Camtasia Studio 8 (x32 Version: 8.1.2.1344 - TechSmith Corporation)
Canon Easy-WebPrint EX (x32 Version: - )
Canon IJ Network Scan Utility (x32 Version: - )
Canon IJ Network Tool (x32 Version: - )
Canon MP Navigator EX 3.1 (x32 Version: - )
Canon MX350 series Benutzerregistrierung (x32 Version: - )
Canon MX350 series MP Drivers (Version: - )
Canon Utilities Easy-PhotoPrint EX (x32 Version: - )
Canon Utilities My Printer (x32 Version: - )
Canon Utilities Solution Menu (x32 Version: - )
Corel Shell Extension - 64Bit (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Capture (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Content (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Draw (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Filters (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - FontNav (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics SUite X4 - ICA (x32 Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - IPM (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang BR (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang DE (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang EN (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang ES (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang FR (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang IT (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang NL (x32 Version: 14.2 - Uw bedrijfsnaam) Hidden
CorelDRAW Graphics Suite X4 - PP (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - VBA (x32 Version: 14.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 (x32 Version: 14.2 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (x32 Version: - Corel Corporation)
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (x32 Version: 1.0 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 (x32 Version: - Corel Corporation)
CutStudio (x32 Version: - )
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version: - Microsoft)
devolo dLAN Cockpit (x32 Version: 3.0.0.0 - devolo AG)
DivX-Setup (x32 Version: 2.6.1.87 - DivX, LLC)
DJI driver version 1.0 (x32 Version: 1.0 - DJI)
DJI iOSD Assistant version 4.0 (x32 Version: 4.0 - DJI)
DJI NAZAM Assistant version 2.20 (x32 Version: 2.20 - DJI)
DJI Phantom 2 Assistant version 1.08 (x32 Version: 1.08 - DJI)
DJI Phantom RC Assistant version 1.0 (x32 Version: 1.0 - DJI)
dLAN Cockpit (x32 Version: 3 (23.12.2010) - devolo AG)
dLAN Cockpit (x32 Version: 3.23.12 - devolo AG) Hidden
DriverScanner (x32 Version: 4.0.12.2 - Uniblue Systems Ltd)
Easy Video Cutter 2.3 (x32 Version: - AVN Media Technologies.)
FilesFrog Update Checker (x32 Version: - ) <==== ATTENTION
FileZilla Client 3.7.3 (HKCU Version: 3.7.3 - Tim Kosse)
FLV Player (HKCU Version: 1.0 - Somoto Ltd.) <==== ATTENTION
Free AVI Video Converter version 5.0.30.1029 (x32 Version: 5.0.30.1029 - DVDVideoSoft Ltd.)
Free Video to MP3 Converter version 5.0.30.1029 (x32 Version: 5.0.30.1029 - DVDVideoSoft Ltd.)
FreePDF (Remove only) (x32 Version: - )
GalleryImages (x32 Version: 1.00.0000 - Your Company Name) Hidden
Google Earth (x32 Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
GoPro Studio 2.0.1 (x32 Version: 2.0.1 - WoodmanLabs Inc. d.b.a. GoPro)
GPL Ghostscript 8.71 (x32 Version: - )
Hardcopy (C:\Program Files (x86)\Hardcopy) (x32 Version: 16.1.06 - )
iLoad (Version: 5.24.0 - Paloma Networks, Inc.)
IrfanView (remove only) (x32 Version: 4.28 - Irfan Skiljan)
iTunes (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
K-Lite Codec Pack 7.1.0 (Basic) (x32 Version: 7.1.0 - )
Lexware faktura+auftrag 2010 (x32 Version: 14.60.00.0032 - Haufe-Lexware GmbH & Co. KG)
Lexware Info Service (x32 Version: 2.61.00.0033 - Lexware GmbH & Co. KG)
Lexware Sepa Check (x32 Version: 1.00.00.0003 - Haufe-Lexware GmbH & Co.KG) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 365 Home Premium - de-de (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
Mozilla Firefox 27.0 (x86 de) (x32 Version: 27.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 27.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Norton Internet Security (x32 Version: 21.1.0.18 - Symantec Corporation)
Nur Entfernen der CopyTrans Suite möglich (HKCU Version: 2.37 - WindSolutions)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 4.2.16 (Version: 4.2.16 - Oracle Corporation)
Outpost 2 (x32 Version: - )
proDAD ProDRENALIN 1.0 (64bit) (Version: 1.0.66.1 - proDAD GmbH)
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.7076 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (Version: - )
Remo Drive Wipe 2.0.0 (x32 Version: 2.0.0.20 - Remo Software)
RENESIS® Player Browser Plugins (x32 Version: 1.1.1 - examotion® GmbH)
Roland STIKA DRIVER [SV-8] (x32 Version: 1.00.0000 - Roland DG Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Servicepack Datumsaktualisierung (x32 Version: 1.00.00.0005 - Haufe-Lexware) Hidden
SP2GalleryImages (x32 Version: 1.00.0000 - Your Company Name) Hidden
StreamTransport version: 1.1.0.1 (x32 Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 9 (x32 Version: 9.0.25942 - TeamViewer)
tools-freebsd (x32 Version: 9.6.0.1295980 - VMware, Inc.) Hidden
tools-linux (x32 Version: 9.6.0.1295980 - VMware, Inc.) Hidden
tools-netware (x32 Version: 9.6.0.1295980 - VMware, Inc.) Hidden
tools-solaris (x32 Version: 9.6.0.1295980 - VMware, Inc.) Hidden
tools-windows (x32 Version: 9.6.0.1295980 - VMware, Inc.) Hidden
tools-winPre2k (x32 Version: 9.6.0.1295980 - VMware, Inc.) Hidden
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32 Version: - Microsoft)
USM-RC-2 Sound-Teacher V1.11 (x32 Version: - BEIER-Electronic)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VirtualCloneDrive (x32 Version: - Elaborate Bytes)
Visual Basic for Applications (R) Core - English (x32 Version: 6.4.99.69 - Microsoft Corporation) Hidden
Visual Basic for Applications (R) Core - German (x32 Version: 6.4.99.69 - Microsoft Corporation) Hidden
Visual Basic for Applications (R) Core (x32 Version: 6.4.99.69 - Microsoft Corporation) Hidden
VLC media player 2.1.2 (x32 Version: 2.1.2 - VideoLAN)
VMware Workstation (Version: 10.0.0 - VMware, Inc.) Hidden
VMware Workstation (x32 Version: 10.0.0 - VMware, Inc)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (Version: 03/07/2012 - GoPro)
Windows Driver Package - Silicon Laboratories (silabenm) Ports (10/05/2012 6.6.0.0) (Version: 10/05/2012 6.6.0.0 - Silicon Laboratories)
Windows-Treiberpaket - dji-innovations inc. (usbser) Ports (01/19/2011 5.1.2600.5512) (Version: 01/19/2011 5.1.2600.5512 - dji-innovations inc.)
Windows-Treiberpaket - Silicon Laboratories (silabenm) Ports (10/18/2013 6.6.1.0) (Version: 10/18/2013 6.6.1.0 - Silicon Laboratories)
WinRAR Archivierer (x32 Version: - )
WYSIWYG Web Builder 7 (x32 Version: - )
WYSIWYG Web Builder 8 (x32 Version: - )
Xvid Video Codec (x32 Version: 1.3.2 - Xvid Team)
==================== Restore Points =========================
25-01-2014 09:19:59 Uniblue DriverScanner installation
25-01-2014 09:34:41 DriverScanner - 25.01.2014 10:34:41
25-01-2014 09:40:35 DriverScanner - 25.01.2014 10:40:15
25-01-2014 09:49:55 DriverScanner - 25.01.2014 10:49:49
25-01-2014 09:51:59 DriverScanner - 25.01.2014 10:51:59
25-01-2014 10:02:11 DriverScanner - 25.01.2014 11:02:05
25-01-2014 10:09:15 DriverScanner - 25.01.2014 11:09:14
03-02-2014 06:21:38 Geplanter Prüfpunkt
12-02-2014 15:46:50 Geplanter Prüfpunkt
12-02-2014 16:21:25 Norton_Power_Eraser_20140212172125324
12-02-2014 17:22:33 Malwarebytes Anti-Rootkit Restore Point
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {17CFECD5-9063-4E2B-AE16-BBB970691FB7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-31] (Google Inc.)
Task: {3FD6ED58-B3FC-41E0-B786-2FD9276F9CB7} - System32\Tasks\DSite => C:\Users\SASCHA~1\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {4E553C00-E3F6-421F-9DB5-D2DDD2DBF264} - System32\Tasks\Microsoft Office 15 Sync Maintenance for RMPC-Sascha Rahlf RMPC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-01-26] (Microsoft Corporation)
Task: {62874C77-4B8B-414C-98A1-7644F2F8C087} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
Task: {629C8AF6-CC0E-42E8-A3A3-82E55C1DA97E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-01-26] (Microsoft Corporation)
Task: {A39A0828-332F-4096-AB2B-7037744E90E0} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {A555AAF8-2DA0-4164-A1D0-026036CB2176} - System32\Tasks\dsmonitor => C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe [2014-01-07] (Uniblue Systems Ltd)
Task: {B71E0E99-A936-4D0E-ADE8-A79BC47BA659} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)
Task: {F6F69AF1-CD13-4AC0-8B0D-C258BC89CE3B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05] (Adobe Systems Incorporated)
Task: {FC4F4E01-06A8-439F-964C-5837F7151D41} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {FCA24B0D-AFBB-48A5-90FD-48275ACAAAC7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-31] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DSite.job => C:\Users\SASCHA~1\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\dsmonitor.job => C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2006-09-12 10:43 - 2006-09-12 10:43 - 00061440 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_H_x64.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-10-26 07:49 - 2012-10-26 07:49 - 00202752 _____ () C:\Users\Sascha Rahlf\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe
2012-10-19 13:18 - 2012-10-19 13:18 - 00079872 _____ () C:\Program Files\BOINC\zlib1.dll
2006-09-12 06:17 - 2006-09-12 06:17 - 00046592 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_ex.exe
2013-08-29 01:23 - 2013-08-29 01:23 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2013-01-28 12:08 - 2013-01-28 12:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 12:08 - 2013-01-28 12:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-07 20:25 - 2013-08-07 20:25 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2013-08-27 12:42 - 2013-08-27 12:42 - 01260624 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2006-09-12 10:44 - 2006-09-12 10:44 - 00065536 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_H_Win32.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2006-10-30 05:59 - 2006-10-30 05:59 - 00434176 _____ () C:\Program Files (x86)\Hardcopy\HcDllS.dll
2003-11-20 11:18 - 2003-11-20 11:18 - 00045056 _____ () C:\Program Files (x86)\Hardcopy\hardcopy.dll
2013-08-29 01:25 - 2013-08-29 01:25 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-01-10 17:35 - 2014-01-10 17:35 - 01049920 _____ () C:\ProgramData\BOINC\projects\setiathome.berkeley.edu\libfftw3f-3-3_upx.dll
2014-01-26 14:50 - 2014-01-26 14:50 - 00316584 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
2014-01-26 14:50 - 2014-01-26 14:50 - 00359592 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\c2r32.dll
2014-01-26 14:51 - 2014-01-26 15:10 - 00316584 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2014-01-26 14:51 - 2014-01-26 15:10 - 00359592 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\c2r32.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/12/2014 05:29:00 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (02/12/2014 05:28:59 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (02/12/2014 04:10:07 PM) (Source: vmauthd) (User: )
Description: 2014-02-12T16:10:07.666+01:00| vmware-authd.exe| E105: StartServiceCtrlDispatcher error = 1063
Error: (01/29/2014 05:22:37 PM) (Source: Application Hang) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 448
Startzeit: 01cf1cb60c716f11
Endzeit: 0
Anwendungspfad: C:\Windows\Explorer.EXE
Berichts-ID:
Error: (01/27/2014 01:14:51 PM) (Source: Windows Search Service) (User: )
Description: Fehler beim Laden des Protokollhandlers Mapi15. Fehlerbeschreibung: Die angegebene Prozedur wurde nicht gefunden. (HRESULT : 0x8007007f).
Error: (01/27/2014 10:14:51 AM) (Source: Windows Search Service) (User: )
Description: Fehler beim Laden des Protokollhandlers Mapi15. Fehlerbeschreibung: Die angegebene Prozedur wurde nicht gefunden. (HRESULT : 0x8007007f).
Error: (01/27/2014 09:14:45 AM) (Source: Windows Search Service) (User: )
Description: Fehler beim Laden des Protokollhandlers Mapi. Fehlerbeschreibung: Eine DLL-Initialisierungsroutine ist fehlgeschlagen. (HRESULT : 0x8007045a).
Error: (01/26/2014 03:26:26 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (01/26/2014 03:26:26 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (01/16/2014 07:00:52 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 26.0.0.5087, Zeitstempel: 0x52a0d273
Name des fehlerhaften Moduls: xul.dll, Version: 26.0.0.5087, Zeitstempel: 0x52a0d20a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0014e1a8
ID des fehlerhaften Prozesses: 0x1618
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
System errors:
=============
Error: (02/13/2014 10:12:38 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "VMware Workstation Server" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1.
Error: (02/12/2014 06:25:39 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "VMware Workstation Server" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1.
Error: (02/12/2014 06:23:06 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (02/12/2014 05:55:19 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "VMware Workstation Server" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1.
Error: (02/12/2014 05:27:07 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070420
Error: (02/12/2014 05:25:24 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "VMware Workstation Server" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1.
Error: (02/12/2014 05:07:09 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error: (02/12/2014 05:07:08 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error: (02/12/2014 04:10:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "TeamViewer 9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 2000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/12/2014 04:10:07 PM) (Source: Service Control Manager) (User: )
Description: Dienst "VMware Authorization Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office Sessions:
=========================
Error: (02/12/2014 05:29:00 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\Sascha Rahlf\Downloads\SoftonicDownloader_fuer_unlocker.exe
Error: (02/12/2014 05:28:59 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\Sascha Rahlf\Downloads\SoftonicDownloader64864.exe
Error: (02/12/2014 04:10:07 PM) (Source: vmauthd)(User: )
Description: 2014-02-12T16:10:07.666+01:00| vmware-authd.exe| E105: StartServiceCtrlDispatcher error = 1063
Error: (01/29/2014 05:22:37 PM) (Source: Application Hang)(User: )
Description: Explorer.EXE6.1.7601.1756744801cf1cb60c716f110C:\Windows\Explorer.EXE
Error: (01/27/2014 01:14:51 PM) (Source: Windows Search Service)(User: )
Description: Mapi15Die angegebene Prozedur wurde nicht gefunden. (HRESULT : 0x8007007f)
Error: (01/27/2014 10:14:51 AM) (Source: Windows Search Service)(User: )
Description: Mapi15Die angegebene Prozedur wurde nicht gefunden. (HRESULT : 0x8007007f)
Error: (01/27/2014 09:14:45 AM) (Source: Windows Search Service)(User: )
Description: MapiEine DLL-Initialisierungsroutine ist fehlgeschlagen. (HRESULT : 0x8007045a)
Error: (01/26/2014 03:26:26 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\Sascha Rahlf\Downloads\SoftonicDownloader64864.exe
Error: (01/26/2014 03:26:26 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\Sascha Rahlf\Downloads\SoftonicDownloader_fuer_unlocker.exe
Error: (01/16/2014 07:00:52 PM) (Source: Application Error)(User: )
Description: firefox.exe26.0.0.508752a0d273xul.dll26.0.0.508752a0d20ac00000050014e1a8161801cf12934b1d031eC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dll23159866-7ed8-11e3-b48f-005056c00008
CodeIntegrity Errors:
===================================
Date: 2013-10-19 11:13:03.616
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\NXQuery.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-19 11:13:03.553
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\NXQuery.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 30%
Total physical RAM: 8157.24 MB
Available physical RAM: 5665.61 MB
Total Pagefile: 16312.66 MB
Available Pagefile: 13760.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:842.68 GB) (Free:757.64 GB) NTFS
Drive e: (Daten) (Fixed) (Total:1020.25 GB) (Free:615.67 GB) NTFS
Drive f: (WOLTERA) (CDROM) (Total:0.03 GB) (Free:0 GB) UDF
Drive g: (Outpost2) (CDROM) (Total:0.43 GB) (Free:0 GB) CDFS
Drive h: (Sicherungen) (Fixed) (Total:931.51 GB) (Free:700.54 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive k: (INTENSO) (Removable) (Total:14.44 GB) (Free:14.44 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 241C6624)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=843 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1020 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: E13E62E1)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 14 GB) (Disk ID: 62F505B3)
Partition 1: (Not Active) - (Size=14 GB) - (Type=0C)
==================== End Of Log ============================
|
|
13.02.2014, 10:43
| #4 | |
| /// TB-Ausbilder | Windows 7 - USB-Stick erstellt nur noch Verknüpfungen Scans bisher erfolglosZitat:
Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter (Microsoft Corporation) C:\Windows\System32\wscript.exe
HKU\S-1-5-21-926187133-1428639338-2412746821-1001\...\Run: [zjfnzfducz] - C:\Users\Sascha Rahlf\AppData\Local\Temp\zjfnzfducz..vbs [156526 2014-01-23] () <===== ATTENTION
C:\Users\Sascha Rahlf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zjfnzfducz..vbs
C:\Users\Sascha Rahlf\AppData\Local\Temp\zjfnzfducz..vbs
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 3 Starte noch einmal FRST.
__________________ cheers, Leo |
|
13.02.2014, 10:50
| #5 |
| | Windows 7 - USB-Stick erstellt nur noch Verknüpfungen Scans bisher erfolglos Zum WYSIWYG-Editor: Das sind Erweiterungen zu einem Website-Editor, ganz normal erworben bzw. kostenfrei heruntergeladen direkt von der Site des WYSIWYG-Vertreibers GOEMO. Habe ich bereits vor Jahren installiert, alles OK bisher. Seit Gestern wurden eben diese Dateien auch von Norton nach einem vollständigem Scan bemängelt. Kann notfalls gelöscht werden, wenn möglich. |
|
13.02.2014, 10:57
| #6 |
| /// TB-Ausbilder | Windows 7 - USB-Stick erstellt nur noch Verknüpfungen Scans bisher erfolglos Lade mal eine dieser Dateien bei VirusTotal zur Analyse hoch und poste den Link hier. (Und mach auch mit den angegebenen Schritten weiter.)
__________________ --> Windows 7 - USB-Stick erstellt nur noch Verknüpfungen Scans bisher erfolglos |
|
13.02.2014, 11:10
| #7 |
| | Windows 7 - USB-Stick erstellt nur noch Verknüpfungen Scans bisher erfolglos Argh, ich habe MIst gebaut! Schande über mich...! Ich habe zuerst Schritt 2 ausgeführt.... Wahrscheinlich ist jetzt die Arbeit völlig sinnlos gewesen? Na, hier erst mal die Fixlog Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-02-2014 01
Ran by Sascha Rahlf at 2014-02-13 11:03:44 Run:1
Running from C:\Users\Sascha Rahlf\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
(Microsoft Corporation) C:\Windows\System32\wscript.exe
HKU\S-1-5-21-926187133-1428639338-2412746821-1001\...\Run: [zjfnzfducz] - C:\Users\Sascha Rahlf\AppData\Local\Temp\zjfnzfducz..vbs [156526 2014-01-23] () <===== ATTENTION
C:\Users\Sascha Rahlf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zjfnzfducz..vbs
C:\Users\Sascha Rahlf\AppData\Local\Temp\zjfnzfducz..vbs
*****************
[3564] C:\Windows\System32\wscript.exe => Process closed successfully.
HKU\S-1-5-21-926187133-1428639338-2412746821-1001\Software\Microsoft\Windows\CurrentVersion\Run\\zjfnzfducz => Value deleted successfully.
C:\Users\Sascha Rahlf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zjfnzfducz..vbs => Moved successfully.
C:\Users\Sascha Rahlf\AppData\Local\Temp\zjfnzfducz..vbs => Moved successfully.
==== End of Fixlog ====
 )Code:
ATTFilter # AdwCleaner v3.018 - Bericht erstellt am 13/02/2014 um 10:57:19
# Updated 28/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Sascha Rahlf - RMPC
# Gestartet von : C:\Users\Sascha Rahlf\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\ProgramData\Uniblue\DriverScanner
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue\DriverScanner
Ordner Gelöscht : C:\Program Files (x86)\SweetIM
Ordner Gelöscht : C:\Program Files (x86)\Uniblue\DriverScanner
Ordner Gelöscht : C:\Users\Sascha Rahlf\AppData\Local\FilesFrog Update Checker
Ordner Gelöscht : C:\Users\SASCHA~1\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Sascha Rahlf\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\Sascha Rahlf\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Sascha Rahlf\AppData\Roaming\DSite
Ordner Gelöscht : C:\Users\Sascha Rahlf\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Sascha Rahlf\AppData\Roaming\Uniblue\DriverScanner
Ordner Gelöscht : C:\Users\Sascha Rahlf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Sascha Rahlf\Desktop\driverscanner.lnk
Datei Gelöscht : C:\Users\Sascha Rahlf\AppData\Roaming\Mozilla\Firefox\Profiles\9fkauv9o.default\invalidprefs.js
Datei Gelöscht : C:\Users\Sascha Rahlf\AppData\Roaming\Mozilla\Firefox\Profiles\9fkauv9o.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\Sascha Rahlf\AppData\Roaming\Mozilla\Firefox\Profiles\9fkauv9o.default\searchplugins\BrowserProtect.xml
Datei Gelöscht : C:\Users\Sascha Rahlf\AppData\Roaming\Mozilla\Firefox\Profiles\9fkauv9o.default\searchplugins\delta.xml
Datei Gelöscht : C:\Users\Sascha Rahlf\AppData\Roaming\Mozilla\Firefox\Profiles\9fkauv9o.default\searchplugins\SweetIM Search.xml
Datei Gelöscht : C:\Users\Sascha Rahlf\AppData\Roaming\Mozilla\Firefox\Profiles\9fkauv9o.default\user.js
Datei Gelöscht : C:\Windows\Tasks\DSite.job
Datei Gelöscht : C:\Windows\System32\Tasks\DSite
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\Users\Sascha Rahlf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player\Uninstall.lnk
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SDP]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Schlüssel Gelöscht : HKCU\Software\5cedf88b53cba42
Schlüssel Gelöscht : HKLM\SOFTWARE\5cedf88b53cba42
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gelöscht : HKCU\Software\BI
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\DataMngr
[#] Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Somoto
Schlüssel Gelöscht : HKCU\Software\Webplayer
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Uniblue\DriverScanner
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Tarma Installer
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16428
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v27.0 (de)
[ Datei : C:\Users\Sascha Rahlf\AppData\Roaming\Mozilla\Firefox\Profiles\9fkauv9o.default\prefs.js ]
Zeile gelöscht : user_pref("extensions.delta.admin", false);
Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.dfltLng", "en");
Zeile gelöscht : user_pref("extensions.delta.excTlbr", false);
Zeile gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Zeile gelöscht : user_pref("extensions.delta.id", "781a10f30000000000000024215ec0e9");
Zeile gelöscht : user_pref("extensions.delta.instlDay", "15815");
Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.delta.newTab", false);
Zeile gelöscht : user_pref("extensions.delta.prdct", "delta");
Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Zeile gelöscht : user_pref("extensions.delta.rvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.16.16");
Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.16.1610:37:17");
Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.16.16");
*************************
AdwCleaner[R0].txt - [8144 octets] - [13/02/2014 10:54:57]
AdwCleaner[S0].txt - [6767 octets] - [13/02/2014 10:57:19]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6827 octets] ##########
|
|
13.02.2014, 11:12
| #8 |
| /// TB-Ausbilder | Windows 7 - USB-Stick erstellt nur noch Verknüpfungen Scans bisher erfolglos Dann starte den Rechner neu und mach dann Schritt 3.
__________________ cheers, Leo |
|
13.02.2014, 11:28
| #9 |
| | Windows 7 - USB-Stick erstellt nur noch Verknüpfungen Scans bisher erfolglos Hier die neue FRST.txt FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-02-2014 01
Ran by Sascha Rahlf (administrator) on RMPC on 13-02-2014 11:25:46
Running from C:\Users\Sascha Rahlf\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Space Sciences Laboratory) C:\Program Files\BOINC\boinctray.exe
(Space Sciences Laboratory) C:\Program Files\BOINC\boincmgr.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Users\Sascha Rahlf\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe
(Microsoft Corporation) C:\Users\Sascha Rahlf\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Space Sciences Laboratory) C:\Program Files\BOINC\boinc.exe
(GoPro) C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe
(AVM Berlin) C:\Program Files (x86)\FRITZ!\IWatch.exe
(sw4you, Siegfried Weckmann) C:\Program Files (x86)\Hardcopy\hardcopy.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
() C:\Program Files (x86)\Hardcopy\HcDLL2_ex.exe
(Lexware GmbH & Co. KG) C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Space Sciences Laboratory) C:\ProgramData\BOINC\projects\setiathome.berkeley.edu\setiathome_7.00_windows_intelx86.exe
(Space Sciences Laboratory) C:\ProgramData\BOINC\projects\setiathome.berkeley.edu\setiathome_7.00_windows_intelx86.exe
(Lexware GmbH & Co. KG) C:\Program Files (x86)\Common Files\Lexware\LxWebAccess\LxWebAccess.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2710856 2009-11-01] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-03] (CANON INC.)
HKLM\...\Run: [boinctray] - C:\Program Files\BOINC\boinctray.exe [73360 2013-11-25] (Space Sciences Laboratory)
HKLM\...\Run: [boincmgr] - C:\Program Files\BOINC\boincmgr.exe [5878928 2013-11-25] (Space Sciences Laboratory)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2014-01-25] (Realtek Semiconductor)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-11] (DivX, LLC)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [LexwareInfoService] - C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe [339240 2008-11-03] (Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [IJNetworkScanUtility] - C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2009-09-28] (CANON INC.)
HKLM-x32\...\Run: [FreePDF Assistant] - C:\Program Files (x86)\FreePDF_XP\fpassist.exe [385024 2009-09-05] (shbox.de)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [vmware-tray.exe] - C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [111696 2013-08-27] (VMware, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-04-19] (Microsoft Corporation)
HKU\S-1-5-21-926187133-1428639338-2412746821-1001\...\Run: [Xvid] - C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-926187133-1428639338-2412746821-1001\...\Run: [FLV Player] - C:\Users\Sascha Rahlf\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [202752 2012-10-26] ()
HKU\S-1-5-21-926187133-1428639338-2412746821-1001\...\Run: [SkyDrive] - C:\Users\Sascha Rahlf\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2014-01-26] (Microsoft Corporation)
HKU\S-1-5-21-926187133-1428639338-2412746821-1001\...\MountPoints2: {fb2b6591-a909-11e2-a67c-806e6f6e6963} - G:\AUTOPLAY.EXE
Startup: C:\Users\Sascha Rahlf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!fax.lnk
ShortcutTarget: FRITZ!fax.lnk -> C:\Program Files (x86)\FRITZ!\FriFax32.exe (AVM Berlin)
Startup: C:\Users\Sascha Rahlf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK
ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you, Siegfried Weckmann)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x10B8A773183DCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\..\Interfaces\{D0C788C4-668C-45BE-A04D-B221745B40A5}: [NameServer]192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Sascha Rahlf\AppData\Roaming\Mozilla\Firefox\Profiles\9fkauv9o.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013-11-22]
==================== Services (Whitelisted) =================
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3304768 2010-12-23] (devolo AG)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe [275696 2013-10-08] (Symantec Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
S2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14401104 2013-08-27] ()
==================== Drivers (Whitelisted) ====================
R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2009-06-10] (AVM GmbH)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1501000.012\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-12-03] (Symantec Corporation)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-20] (Symantec Corporation)
R3 FPCIBASE; C:\Windows\System32\DRIVERS\fpcibase.sys [899328 2009-06-10] (AVM Berlin)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140212.001\IDSvia64.sys [521944 2014-01-21] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140212.019\ENG64.SYS [126040 2014-02-12] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140212.019\EX64.SYS [2099288 2014-02-12] (Symantec Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2010-06-10] (CACE Technologies)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1501000.012\SRTSP64.SYS [858200 2013-09-27] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1501000.012\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1501000.012\SYMEFA64.SYS [1147480 2013-09-27] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-21] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1501000.012\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1501000.012\SYMNETS.SYS [590936 2013-09-26] (Symantec Corporation)
R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [31824 2013-08-27] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-08-15] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-13 10:54 - 2014-02-13 10:57 - 00000000 ____D () C:\AdwCleaner
2014-02-13 10:51 - 2014-02-13 10:51 - 01166132 _____ () C:\Users\Sascha Rahlf\Desktop\adwcleaner.exe
2014-02-13 10:16 - 2014-02-13 10:16 - 00035043 _____ () C:\Users\Sascha Rahlf\Desktop\Addition.txt
2014-02-13 10:14 - 2014-02-13 11:25 - 00018528 _____ () C:\Users\Sascha Rahlf\Desktop\FRST.txt
2014-02-13 10:14 - 2014-02-13 11:25 - 00000000 ____D () C:\FRST
2014-02-13 10:05 - 2014-02-13 10:05 - 02152448 _____ (Farbar) C:\Users\Sascha Rahlf\Desktop\FRST64.exe
2014-02-12 18:54 - 2014-02-12 22:56 - 00000000 ____D () C:\Program Files (x86)\Remo Drive Wipe
2014-02-12 18:54 - 2014-02-12 18:54 - 00001071 _____ () C:\Users\Public\Desktop\Remo Drive Wipe.lnk
2014-02-12 18:54 - 2009-02-12 15:11 - 00026024 _____ (EldoS Corporation) C:\Windows\system32\Drivers\rsdrvx64.sys
2014-02-12 18:53 - 2014-02-12 18:54 - 09992760 _____ (Remo Software ) C:\Users\Sascha Rahlf\Downloads\deleteforever-drive-wipe.exe
2014-02-12 18:07 - 2014-02-12 18:07 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-02-12 18:07 - 2014-02-12 18:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-12 18:06 - 2014-02-12 18:32 - 00000000 ____D () C:\Users\Sascha Rahlf\Desktop\mbar
2014-02-12 18:06 - 2014-02-12 18:06 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-12 18:03 - 2014-02-12 18:03 - 00000815 _____ () C:\Users\Sascha Rahlf\Desktop\h2testw - Verknüpfung.lnk
2014-02-12 18:02 - 2014-02-12 18:02 - 00218129 _____ () C:\Users\Sascha Rahlf\Downloads\h2testw_1.4.zip
2014-02-12 18:02 - 2014-02-12 18:02 - 00000000 ____D () C:\Users\Sascha Rahlf\Downloads\h2testw_1.4
2014-02-12 17:46 - 2014-02-12 17:46 - 00038396 _____ () C:\Users\Sascha Rahlf\Documents\HitmanPro_20140212_1746.log
2014-02-12 17:46 - 2014-02-12 17:46 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2014-02-12 17:30 - 2014-02-12 17:47 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-12 15:56 - 2014-02-12 18:30 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Local\NPE
2014-02-12 14:46 - 2014-02-12 14:47 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Sascha Rahlf\Downloads\mbar-1.07.0.1009.exe
2014-02-12 14:44 - 2014-02-12 17:30 - 10820032 _____ (SurfRight B.V.) C:\Users\Sascha Rahlf\Downloads\hitmanpro_x64.exe
2014-02-12 14:06 - 2014-02-12 14:06 - 07873813 _____ () C:\Users\Sascha Rahlf\Downloads\PPFScan.zip
2014-02-12 14:06 - 2014-02-12 14:06 - 00000000 ____D () C:\Users\Sascha Rahlf\Downloads\PPFScan
2014-02-12 12:25 - 2014-02-12 12:25 - 00654752 _____ ( ) C:\Users\Sascha Rahlf\Downloads\sp55238.exe
2014-02-09 17:54 - 2014-02-09 17:54 - 00261703 _____ () C:\Users\Sascha Rahlf\Downloads\germany_2013.kmz
2014-02-09 17:54 - 2014-02-09 17:54 - 00002228 _____ () C:\Users\Sascha Rahlf\Desktop\Google Earth.lnk
2014-02-09 10:38 - 2014-02-09 10:38 - 00001108 _____ () C:\Users\Sascha Rahlf\Desktop\GoPro Studio.lnk
2014-02-09 10:28 - 2014-02-09 10:37 - 115345816 _____ () C:\Users\Sascha Rahlf\Downloads\GoProStudioPC-2.0.1.319.exe
2014-02-06 11:57 - 2014-02-06 11:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-01-29 18:31 - 2014-01-29 18:34 - 115303376 _____ () C:\Users\Sascha Rahlf\Downloads\GoProStudioPC-2.0.1.317.exe
2014-01-27 09:46 - 2014-02-13 11:24 - 00005148 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for RMPC-Sascha Rahlf RMPC
2014-01-27 09:46 - 2014-01-27 09:46 - 00000000 ____D () C:\Users\Sascha Rahlf\Documents\Benutzerdefinierte Office-Vorlagen
2014-01-27 09:38 - 2014-01-27 09:38 - 00002451 _____ () C:\Users\Sascha Rahlf\Desktop\Word 2013.lnk
2014-01-27 09:38 - 2014-01-27 09:38 - 00002447 _____ () C:\Users\Sascha Rahlf\Desktop\Excel 2013.lnk
2014-01-26 15:27 - 2014-02-13 11:24 - 00000000 ___RD () C:\Users\Sascha Rahlf\SkyDrive
2014-01-26 15:27 - 2014-01-26 15:27 - 00002193 _____ () C:\Users\Sascha Rahlf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-01-26 15:27 - 2014-01-26 15:27 - 00002120 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-01-26 15:27 - 2014-01-26 15:27 - 00002120 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-01-26 15:27 - 2014-01-26 15:27 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive
2014-01-26 15:27 - 2014-01-26 15:27 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2014-01-26 15:26 - 2013-12-04 20:28 - 06164256 _____ (Landesfinanzdirektion Thüringen) C:\Users\Sascha Rahlf\Downloads\install_gst12.exe
2014-01-26 15:26 - 2013-12-04 20:27 - 09939368 _____ (Landesfinanzdirektion Thüringen) C:\Users\Sascha Rahlf\Downloads\install_est12.exe
2014-01-26 15:26 - 2013-12-04 20:27 - 06212848 _____ (Landesfinanzdirektion Thüringen) C:\Users\Sascha Rahlf\Downloads\install_ust12.exe
2014-01-26 15:26 - 2013-12-04 20:24 - 44971216 _____ (Landesfinanzdirektion Thüringen) C:\Users\Sascha Rahlf\Downloads\install_pica.exe
2014-01-26 15:26 - 2013-12-04 20:22 - 06478632 _____ (Landesfinanzdirektion Thüringen) C:\Users\Sascha Rahlf\Downloads\install_eur12.exe
2014-01-26 15:26 - 2013-04-20 14:36 - 00055221 _____ () C:\Users\Sascha Rahlf\Downloads\produkey_1.56.zip
2014-01-26 15:26 - 2012-08-29 07:53 - 103974608 _____ (Landesfinanzdirektion Thüringen) C:\Users\Sascha Rahlf\Downloads\ElsterFormular-13.3.0.9066k.exe
2014-01-26 14:49 - 2014-01-26 14:50 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-01-26 14:49 - 2014-01-26 14:49 - 00575168 _____ (Microsoft Corporation) C:\Users\Sascha Rahlf\Downloads\Setup.X86.de-DE_O365HomePremRetail_114b7722-f595-4ff2-aad8-46b9299f692c_TX_DB_.exe
2014-01-26 12:56 - 2014-01-26 13:03 - 85965001 _____ (Hewlett-Packard Company ) C:\Users\Sascha Rahlf\Downloads\sp53261.exe
2014-01-26 12:26 - 2014-01-26 12:26 - 00001304 _____ () C:\Users\Sascha Rahlf\Desktop\Notepad.lnk
2014-01-26 12:23 - 2014-01-26 12:23 - 05581624 _____ (Uniblue Systems Ltd ) C:\Users\Sascha Rahlf\Downloads\driverscanner.exe
2014-01-26 11:46 - 2014-01-26 11:46 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Local\.elfohilfe
2014-01-26 11:44 - 2013-12-09 12:53 - 00035914 _____ () C:\Users\Sascha Rahlf\Documents\EUER2012_Sascha_Rahlf.elfo
2014-01-26 11:44 - 2013-12-09 12:53 - 00031888 _____ () C:\Users\Sascha Rahlf\Documents\USt2012_Rahlf_Sascha.elfo
2014-01-26 11:44 - 2013-12-09 12:46 - 00043141 _____ () C:\Users\Sascha Rahlf\Documents\GewSt2012_Rahlf_Sascha.elfo
2014-01-26 11:44 - 2013-12-09 12:44 - 00109570 _____ () C:\Users\Sascha Rahlf\Documents\ESt2012_Rahlf_Sascha_und_Rahlf_Gaby.elfo
2014-01-26 11:38 - 2014-01-26 11:38 - 00001115 _____ () C:\Users\Sascha Rahlf\Desktop\ElsterFormular.lnk
2014-01-26 11:38 - 2014-01-26 11:38 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Roaming\elsterformular
2014-01-26 11:38 - 2014-01-26 11:38 - 00000000 ____D () C:\ProgramData\elsterformular
2014-01-26 11:37 - 2014-01-26 11:37 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-01-25 12:24 - 2014-01-25 12:24 - 10093647 _____ (DJI ) C:\Users\Sascha Rahlf\Downloads\iosd_installer_4.0.exe
2014-01-25 12:24 - 2014-01-25 12:24 - 00001235 _____ () C:\Users\Public\Desktop\DJI iOSD Assistant 4.0.lnk
2014-01-25 11:11 - 2014-01-25 11:11 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-01-25 11:11 - 2014-01-25 11:11 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-01-25 11:11 - 2014-01-25 11:11 - 00000000 ____D () C:\Program Files\Realtek
2014-01-25 11:10 - 2014-01-25 11:10 - 38251008 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-01-25 11:10 - 2014-01-25 11:10 - 27644160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 14152960 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 06217904 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 05681192 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-01-25 11:10 - 2014-01-25 11:10 - 05538072 _____ (ASUSTeKcomputer.Inc Inc) C:\Windows\system32\RTKSMlfx.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 03714304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 03698904 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-01-25 11:10 - 2014-01-25 11:10 - 02810072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 02587352 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 02036992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01938608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01921792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-01-25 11:10 - 2014-01-25 11:10 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01345280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01286400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01286360 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01084160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01021656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01014016 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01012992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00907008 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00897792 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00790272 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00754488 _____ (ASUSTeKcomputer.Inc Inc) C:\Windows\system32\RTKSMSettingsIPC.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00722688 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00676825 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-01-25 11:10 - 2014-01-25 11:10 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00617176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00605496 _____ () C:\Windows\system32\audioLibVc.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00313520 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00260272 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00244480 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00151256 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 15546880 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 11405824 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 10629408 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2014-01-25 10:52 - 2014-01-25 10:52 - 06549504 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 04896768 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 04338688 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 03158584 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00571904 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdx32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00511032 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00418360 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00387640 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00380416 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00272384 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00244224 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00228864 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00224824 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00189552 _____ () C:\Windows\system32\Gfxres.th-TH.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00178407 _____ () C:\Windows\system32\Gfxres.el-GR.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00165395 _____ () C:\Windows\system32\Gfxres.ru-RU.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00163384 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00154680 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00139909 _____ () C:\Windows\system32\Gfxres.ar-SA.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00136401 _____ () C:\Windows\system32\Gfxres.ja-JP.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00133746 _____ () C:\Windows\system32\Gfxres.he-IL.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00125558 _____ () C:\Windows\system32\Gfxres.it-IT.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00123230 _____ () C:\Windows\system32\Gfxres.ko-KR.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00122927 _____ () C:\Windows\system32\Gfxres.es-ES.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00122709 _____ () C:\Windows\system32\Gfxres.de-DE.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00122368 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2014-01-25 10:52 - 2014-01-25 10:52 - 00121173 _____ () C:\Windows\system32\Gfxres.tr-TR.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00120800 _____ () C:\Windows\system32\Gfxres.fr-FR.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00120366 _____ () C:\Windows\system32\Gfxres.pt-BR.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00119808 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00119616 _____ () C:\Windows\system32\Gfxres.hu-HU.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00119586 _____ () C:\Windows\system32\Gfxres.nl-NL.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00119360 _____ () C:\Windows\system32\Gfxres.sv-SE.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00119067 _____ () C:\Windows\system32\Gfxres.pt-PT.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00118745 _____ () C:\Windows\system32\Gfxres.cs-CZ.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00118697 _____ () C:\Windows\system32\Gfxres.fi-FI.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00118409 _____ () C:\Windows\system32\Gfxres.pl-PL.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00118058 _____ () C:\Windows\system32\Gfxres.sk-SK.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00114852 _____ () C:\Windows\system32\Gfxres.nb-NO.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00114372 _____ () C:\Windows\system32\Gfxres.sl-SI.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00114261 _____ () C:\Windows\system32\Gfxres.da-DK.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00110211 _____ () C:\Windows\system32\Gfxres.en-US.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00104044 _____ () C:\Windows\system32\Gfxres.zh-TW.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00102883 _____ () C:\Windows\system32\Gfxres.zh-CN.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00090112 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2869.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087040 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087040 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00083968 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00083968 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00027648 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00023552 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00005448 _____ () C:\Windows\system32\iglhxs64.vp
2014-01-25 10:52 - 2014-01-25 10:52 - 00004096 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2014-01-25 10:50 - 2014-01-25 10:50 - 00883928 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-01-25 10:50 - 2014-01-25 10:50 - 00074456 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-01-25 10:30 - 2014-01-25 10:32 - 04684216 _____ (Uniblue Systems Ltd ) C:\Users\Sascha Rahlf\Downloads\systemtweaker.exe
2014-01-25 10:19 - 2014-02-13 11:23 - 00000286 _____ () C:\Windows\Tasks\dsmonitor.job
2014-01-25 10:19 - 2014-01-25 10:19 - 00002524 _____ () C:\Windows\System32\Tasks\dsmonitor
2014-01-18 15:41 - 2014-01-18 15:41 - 00001278 _____ () C:\Users\Public\Desktop\DJI Phantom RC Assistant_1.0.lnk
2014-01-18 15:41 - 2014-01-18 15:41 - 00001273 _____ () C:\Users\Public\Desktop\DJI Phantom 2 Assistant_1.08.lnk
2014-01-17 09:01 - 2014-01-17 09:01 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-17 09:01 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-17 09:01 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-17 09:01 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-17 09:01 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-15 13:55 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 13:55 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 13:55 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 13:55 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 13:55 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 13:55 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 13:55 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 13:55 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 13:55 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-14 19:56 - 2014-01-14 19:56 - 00000000 ____D () C:\ProgramData\dbg
2014-01-14 14:05 - 2014-01-14 14:05 - 00001250 _____ () C:\Users\Sascha Rahlf\Desktop\DJI NAZAM Assistant_2.20.lnk
==================== One Month Modified Files and Folders =======
2014-02-13 11:26 - 2014-02-13 10:14 - 00018528 _____ () C:\Users\Sascha Rahlf\Desktop\FRST.txt
2014-02-13 11:25 - 2014-02-13 10:14 - 00000000 ____D () C:\FRST
2014-02-13 11:24 - 2014-01-27 09:46 - 00005148 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for RMPC-Sascha Rahlf RMPC
2014-02-13 11:24 - 2014-01-26 15:27 - 00000000 ___RD () C:\Users\Sascha Rahlf\SkyDrive
2014-02-13 11:23 - 2014-01-25 10:19 - 00000286 _____ () C:\Windows\Tasks\dsmonitor.job
2014-02-13 11:23 - 2013-08-31 07:52 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-13 11:23 - 2013-05-12 12:42 - 00000000 ____D () C:\ProgramData\BOINC
2014-02-13 11:23 - 2013-04-22 05:53 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Local\FRITZ!
2014-02-13 11:19 - 2013-10-31 11:21 - 00000000 ____D () C:\ProgramData\VMware
2014-02-13 11:19 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-13 11:19 - 2009-07-14 05:51 - 00052253 _____ () C:\Windows\setupact.log
2014-02-13 11:17 - 2013-04-19 17:01 - 01386273 _____ () C:\Windows\WindowsUpdate.log
2014-02-13 11:10 - 2013-04-20 09:35 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-13 11:08 - 2013-08-31 07:52 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-13 11:07 - 2009-07-14 05:45 - 00013232 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-13 11:07 - 2009-07-14 05:45 - 00013232 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-13 11:03 - 2013-04-19 17:09 - 00000000 ___RD () C:\Users\Sascha Rahlf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-13 10:57 - 2014-02-13 10:54 - 00000000 ____D () C:\AdwCleaner
2014-02-13 10:57 - 2013-11-23 12:51 - 00000000 ____D () C:\ProgramData\Uniblue
2014-02-13 10:57 - 2013-11-12 12:56 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player
2014-02-13 10:51 - 2014-02-13 10:51 - 01166132 _____ () C:\Users\Sascha Rahlf\Desktop\adwcleaner.exe
2014-02-13 10:16 - 2014-02-13 10:16 - 00035043 _____ () C:\Users\Sascha Rahlf\Desktop\Addition.txt
2014-02-13 10:07 - 2013-04-19 16:29 - 00000000 ____D () C:\Users\Sascha Rahlf\Documents\Outlook-Dateien
2014-02-13 10:05 - 2014-02-13 10:05 - 02152448 _____ (Farbar) C:\Users\Sascha Rahlf\Desktop\FRST64.exe
2014-02-12 22:56 - 2014-02-12 18:54 - 00000000 ____D () C:\Program Files (x86)\Remo Drive Wipe
2014-02-12 18:54 - 2014-02-12 18:54 - 00001071 _____ () C:\Users\Public\Desktop\Remo Drive Wipe.lnk
2014-02-12 18:54 - 2014-02-12 18:53 - 09992760 _____ (Remo Software ) C:\Users\Sascha Rahlf\Downloads\deleteforever-drive-wipe.exe
2014-02-12 18:32 - 2014-02-12 18:06 - 00000000 ____D () C:\Users\Sascha Rahlf\Desktop\mbar
2014-02-12 18:30 - 2014-02-12 15:56 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Local\NPE
2014-02-12 18:25 - 2013-04-19 17:55 - 00311152 _____ () C:\Windows\PFRO.log
2014-02-12 18:25 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-12 18:07 - 2014-02-12 18:07 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-02-12 18:07 - 2014-02-12 18:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-12 18:06 - 2014-02-12 18:06 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-12 18:03 - 2014-02-12 18:03 - 00000815 _____ () C:\Users\Sascha Rahlf\Desktop\h2testw - Verknüpfung.lnk
2014-02-12 18:02 - 2014-02-12 18:02 - 00218129 _____ () C:\Users\Sascha Rahlf\Downloads\h2testw_1.4.zip
2014-02-12 18:02 - 2014-02-12 18:02 - 00000000 ____D () C:\Users\Sascha Rahlf\Downloads\h2testw_1.4
2014-02-12 17:47 - 2014-02-12 17:30 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-12 17:46 - 2014-02-12 17:46 - 00038396 _____ () C:\Users\Sascha Rahlf\Documents\HitmanPro_20140212_1746.log
2014-02-12 17:46 - 2014-02-12 17:46 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2014-02-12 17:30 - 2014-02-12 14:44 - 10820032 _____ (SurfRight B.V.) C:\Users\Sascha Rahlf\Downloads\hitmanpro_x64.exe
2014-02-12 17:27 - 2013-12-28 11:00 - 00000000 ____D () C:\Users\Outposter
2014-02-12 16:07 - 2013-04-19 17:14 - 00000000 ____D () C:\ProgramData\Norton
2014-02-12 14:47 - 2014-02-12 14:46 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Sascha Rahlf\Downloads\mbar-1.07.0.1009.exe
2014-02-12 14:06 - 2014-02-12 14:06 - 07873813 _____ () C:\Users\Sascha Rahlf\Downloads\PPFScan.zip
2014-02-12 14:06 - 2014-02-12 14:06 - 00000000 ____D () C:\Users\Sascha Rahlf\Downloads\PPFScan
2014-02-12 13:43 - 2013-11-23 13:05 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-12 12:25 - 2014-02-12 12:25 - 00654752 _____ ( ) C:\Users\Sascha Rahlf\Downloads\sp55238.exe
2014-02-12 12:23 - 2009-07-14 18:58 - 00702138 _____ () C:\Windows\system32\perfh007.dat
2014-02-12 12:23 - 2009-07-14 18:58 - 00150804 _____ () C:\Windows\system32\perfc007.dat
2014-02-12 12:23 - 2009-07-14 06:13 - 01628954 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-11 16:59 - 2013-04-20 17:59 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Roaming\vlc
2014-02-11 09:03 - 2013-04-20 19:34 - 00009300 _____ () C:\fpRedmon.log
2014-02-11 09:03 - 2013-04-20 19:34 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Local\FreePDF_XP
2014-02-09 17:54 - 2014-02-09 17:54 - 00261703 _____ () C:\Users\Sascha Rahlf\Downloads\germany_2013.kmz
2014-02-09 17:54 - 2014-02-09 17:54 - 00002228 _____ () C:\Users\Sascha Rahlf\Desktop\Google Earth.lnk
2014-02-09 10:47 - 2013-08-08 16:23 - 00337408 ___SH () C:\Users\Sascha Rahlf\Thumbs.db
2014-02-09 10:47 - 2013-04-19 17:09 - 00000000 ____D () C:\Users\Sascha Rahlf
2014-02-09 10:38 - 2014-02-09 10:38 - 00001108 _____ () C:\Users\Sascha Rahlf\Desktop\GoPro Studio.lnk
2014-02-09 10:38 - 2013-11-01 09:21 - 00000000 ____D () C:\Program Files (x86)\GoPro
2014-02-09 10:38 - 2013-06-13 12:21 - 00057060 _____ () C:\Windows\DPINST.LOG
2014-02-09 10:37 - 2014-02-09 10:28 - 115345816 _____ () C:\Users\Sascha Rahlf\Downloads\GoProStudioPC-2.0.1.319.exe
2014-02-07 08:09 - 2013-04-20 07:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-06 11:57 - 2014-02-06 11:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-06 09:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-05 09:24 - 2013-04-20 09:58 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Local\Adobe
2014-02-05 09:24 - 2013-04-20 09:35 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 09:24 - 2013-04-20 09:35 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 09:24 - 2013-04-20 09:35 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-04 17:23 - 2013-04-20 15:28 - 00000000 ____D () C:\ProgramData\Lexware
2014-02-04 14:38 - 2013-04-20 15:28 - 00000000 ____D () C:\ProgramData\BTrieve
2014-01-29 19:55 - 2013-09-05 21:06 - 01443328 _____ (CineForm Inc.) C:\Windows\system32\CFHD.dll
2014-01-29 19:52 - 2013-09-05 21:03 - 01474560 _____ (CineForm Inc.) C:\Windows\SysWOW64\CFHD.dll
2014-01-29 18:34 - 2014-01-29 18:31 - 115303376 _____ () C:\Users\Sascha Rahlf\Downloads\GoProStudioPC-2.0.1.317.exe
2014-01-29 18:30 - 2013-12-02 13:37 - 00000000 ____D () C:\Program Files\Adobe
2014-01-27 09:53 - 2013-04-20 14:40 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Local\Microsoft Help
2014-01-27 09:46 - 2014-01-27 09:46 - 00000000 ____D () C:\Users\Sascha Rahlf\Documents\Benutzerdefinierte Office-Vorlagen
2014-01-27 09:38 - 2014-01-27 09:38 - 00002451 _____ () C:\Users\Sascha Rahlf\Desktop\Word 2013.lnk
2014-01-27 09:38 - 2014-01-27 09:38 - 00002447 _____ () C:\Users\Sascha Rahlf\Desktop\Excel 2013.lnk
2014-01-27 09:11 - 2013-04-19 18:36 - 00120704 _____ () C:\Users\Sascha Rahlf\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-27 09:10 - 2009-07-14 05:45 - 00470904 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-26 15:27 - 2014-01-26 15:27 - 00002193 _____ () C:\Users\Sascha Rahlf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-01-26 15:27 - 2014-01-26 15:27 - 00002120 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-01-26 15:27 - 2014-01-26 15:27 - 00002120 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-01-26 15:27 - 2014-01-26 15:27 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive
2014-01-26 15:27 - 2014-01-26 15:27 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2014-01-26 15:26 - 2013-04-20 14:40 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-26 14:57 - 2013-04-20 14:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-01-26 14:51 - 2013-04-19 17:09 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Local\VirtualStore
2014-01-26 14:50 - 2014-01-26 14:49 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-01-26 14:49 - 2014-01-26 14:49 - 00575168 _____ (Microsoft Corporation) C:\Users\Sascha Rahlf\Downloads\Setup.X86.de-DE_O365HomePremRetail_114b7722-f595-4ff2-aad8-46b9299f692c_TX_DB_.exe
2014-01-26 13:03 - 2014-01-26 12:56 - 85965001 _____ (Hewlett-Packard Company ) C:\Users\Sascha Rahlf\Downloads\sp53261.exe
2014-01-26 12:26 - 2014-01-26 12:26 - 00001304 _____ () C:\Users\Sascha Rahlf\Desktop\Notepad.lnk
2014-01-26 12:23 - 2014-01-26 12:23 - 05581624 _____ (Uniblue Systems Ltd ) C:\Users\Sascha Rahlf\Downloads\driverscanner.exe
2014-01-26 11:46 - 2014-01-26 11:46 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Local\.elfohilfe
2014-01-26 11:38 - 2014-01-26 11:38 - 00001115 _____ () C:\Users\Sascha Rahlf\Desktop\ElsterFormular.lnk
2014-01-26 11:38 - 2014-01-26 11:38 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Roaming\elsterformular
2014-01-26 11:38 - 2014-01-26 11:38 - 00000000 ____D () C:\ProgramData\elsterformular
2014-01-26 11:37 - 2014-01-26 11:37 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-01-25 12:24 - 2014-01-25 12:24 - 10093647 _____ (DJI ) C:\Users\Sascha Rahlf\Downloads\iosd_installer_4.0.exe
2014-01-25 12:24 - 2014-01-25 12:24 - 00001235 _____ () C:\Users\Public\Desktop\DJI iOSD Assistant 4.0.lnk
2014-01-25 12:24 - 2013-11-05 14:37 - 00000000 ____D () C:\Program Files (x86)\DJI Product
2014-01-25 11:11 - 2014-01-25 11:11 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-01-25 11:11 - 2014-01-25 11:11 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-01-25 11:11 - 2014-01-25 11:11 - 00000000 ____D () C:\Program Files\Realtek
2014-01-25 11:10 - 2014-01-25 11:10 - 38251008 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-01-25 11:10 - 2014-01-25 11:10 - 27644160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 14152960 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 06217904 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 05681192 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-01-25 11:10 - 2014-01-25 11:10 - 05538072 _____ (ASUSTeKcomputer.Inc Inc) C:\Windows\system32\RTKSMlfx.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 03714304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 03698904 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-01-25 11:10 - 2014-01-25 11:10 - 02810072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 02587352 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 02036992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01938608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01921792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-01-25 11:10 - 2014-01-25 11:10 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01345280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01286400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01286360 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01084160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01021656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01014016 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01012992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00907008 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00897792 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00790272 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00754488 _____ (ASUSTeKcomputer.Inc Inc) C:\Windows\system32\RTKSMSettingsIPC.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00722688 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00676825 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-01-25 11:10 - 2014-01-25 11:10 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00617176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00605496 _____ () C:\Windows\system32\audioLibVc.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00313520 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00260272 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00244480 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00151256 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 15546880 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 11405824 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 10629408 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2014-01-25 10:52 - 2014-01-25 10:52 - 06549504 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 04896768 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 04338688 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 03158584 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00571904 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdx32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00511032 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00418360 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00387640 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00380416 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00272384 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00244224 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00228864 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00224824 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00189552 _____ () C:\Windows\system32\Gfxres.th-TH.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00178407 _____ () C:\Windows\system32\Gfxres.el-GR.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00165395 _____ () C:\Windows\system32\Gfxres.ru-RU.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00163384 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00154680 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00139909 _____ () C:\Windows\system32\Gfxres.ar-SA.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00136401 _____ () C:\Windows\system32\Gfxres.ja-JP.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00133746 _____ () C:\Windows\system32\Gfxres.he-IL.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00125558 _____ () C:\Windows\system32\Gfxres.it-IT.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00123230 _____ () C:\Windows\system32\Gfxres.ko-KR.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00122927 _____ () C:\Windows\system32\Gfxres.es-ES.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00122709 _____ () C:\Windows\system32\Gfxres.de-DE.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00122368 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2014-01-25 10:52 - 2014-01-25 10:52 - 00121173 _____ () C:\Windows\system32\Gfxres.tr-TR.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00120800 _____ () C:\Windows\system32\Gfxres.fr-FR.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00120366 _____ () C:\Windows\system32\Gfxres.pt-BR.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00119808 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00119616 _____ () C:\Windows\system32\Gfxres.hu-HU.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00119586 _____ () C:\Windows\system32\Gfxres.nl-NL.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00119360 _____ () C:\Windows\system32\Gfxres.sv-SE.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00119067 _____ () C:\Windows\system32\Gfxres.pt-PT.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00118745 _____ () C:\Windows\system32\Gfxres.cs-CZ.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00118697 _____ () C:\Windows\system32\Gfxres.fi-FI.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00118409 _____ () C:\Windows\system32\Gfxres.pl-PL.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00118058 _____ () C:\Windows\system32\Gfxres.sk-SK.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00114852 _____ () C:\Windows\system32\Gfxres.nb-NO.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00114372 _____ () C:\Windows\system32\Gfxres.sl-SI.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00114261 _____ () C:\Windows\system32\Gfxres.da-DK.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00110211 _____ () C:\Windows\system32\Gfxres.en-US.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00104044 _____ () C:\Windows\system32\Gfxres.zh-TW.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00102883 _____ () C:\Windows\system32\Gfxres.zh-CN.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00090112 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2869.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087040 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087040 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00083968 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00083968 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00027648 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00023552 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00005448 _____ () C:\Windows\system32\iglhxs64.vp
2014-01-25 10:52 - 2014-01-25 10:52 - 00004096 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2014-01-25 10:52 - 2011-02-11 17:46 - 00061952 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2014-01-25 10:52 - 2011-02-11 17:45 - 00830464 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2014-01-25 10:52 - 2011-02-11 17:45 - 00108544 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2014-01-25 10:52 - 2009-07-13 22:59 - 04722176 _____ (Intel Corporation) C:\Windows\system32\igd10umd64.dll
2014-01-25 10:50 - 2014-01-25 10:50 - 00883928 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-01-25 10:50 - 2014-01-25 10:50 - 00074456 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-01-25 10:50 - 2011-06-10 05:34 - 00108760 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-01-25 10:32 - 2014-01-25 10:30 - 04684216 _____ (Uniblue Systems Ltd ) C:\Users\Sascha Rahlf\Downloads\systemtweaker.exe
2014-01-25 10:19 - 2014-01-25 10:19 - 00002524 _____ () C:\Windows\System32\Tasks\dsmonitor
2014-01-24 07:26 - 2013-04-20 16:22 - 00000000 ____D () C:\Program Files (x86)\FreePDF_XP
2014-01-18 15:41 - 2014-01-18 15:41 - 00001278 _____ () C:\Users\Public\Desktop\DJI Phantom RC Assistant_1.0.lnk
2014-01-18 15:41 - 2014-01-18 15:41 - 00001273 _____ () C:\Users\Public\Desktop\DJI Phantom 2 Assistant_1.08.lnk
2014-01-18 09:58 - 2013-04-20 09:49 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Roaming\FileZilla
2014-01-17 09:01 - 2014-01-17 09:01 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-17 09:01 - 2013-10-17 07:57 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-17 09:01 - 2013-06-22 19:05 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-15 17:38 - 2013-08-15 18:25 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 17:37 - 2013-04-19 20:13 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-14 19:56 - 2014-01-14 19:56 - 00000000 ____D () C:\ProgramData\dbg
2014-01-14 14:05 - 2014-01-14 14:05 - 00001250 _____ () C:\Users\Sascha Rahlf\Desktop\DJI NAZAM Assistant_2.20.lnk
Some content of TEMP:
====================
C:\Users\Sascha Rahlf\AppData\Local\Temp\7z920.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\appshat-distribution.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\BI_RunOnce (1).exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\BI_RunOnce.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\bundlesweetimsetup.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\DivXSetup.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\FLVPlayerSetup.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\GenericUninstall.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\mgsqlite3.dll
C:\Users\Sascha Rahlf\AppData\Local\Temp\MoviesToolbarSetup_Somoto.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\MoviesToolbarSetup_Somoto_9_10_2013.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Sascha Rahlf\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Sascha Rahlf\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\ose00000.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\Quarantine.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\setup.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\uninst1.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\uninstaller.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\vlc-2.0.8-win32.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\vlc-2.1.2-win32.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\WSSetup.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\WYSIWYG_Web_Builder_7_-_Deutsches_Sprachpaket.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\WYSIWYG_Web_Builder_8_-_Deutsches_Sprachpaket.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-08 16:29
==================== End Of Log ============================
--- --- --- |
|
13.02.2014, 11:34
| #10 |
| /// TB-Ausbilder | Windows 7 - USB-Stick erstellt nur noch Verknüpfungen Scans bisher erfolglos Hast du eine der angesprochenen Dateien bei Virustotal hochladen können? ESET Online Scanner
__________________ cheers, Leo |
|
13.02.2014, 11:49
| #11 |
| | Windows 7 - USB-Stick erstellt nur noch Verknüpfungen Scans bisher erfolglos Nein, die Dateien sind wohl bereits Gestern gelöscht worden. Zumindest kann ich keine mehr finden, auch keine ausgeblendeten... Interessant, dass diese 3 Dateien dennoch erkannt wurden..? Ich mache jetzt den ESET Online Scan, habe aber vorher noch eine Frage: Das Problem trat ja erwiesenermaßen zuerst am Rechner meines Sohnes auf. Er wollte seinen PC neu aufbauen und hatte dazu auf den inzwischen entsorgten alten USB-Stick Dateien abgelegt, welche er sichern wollte. Nach der Neuinstallation bemerkte er beim Versuch, diese dann vom Stick zurückzusichern, dass lediglich Verknüpfungen auf dem Stick waren... Seine Daten sind mir ehrlich gesagt jetzt in dieser Situation sowas von egal und ich werde jetzt auch nicht in der Mülltonne nach dem Speicher suchen. Ich habe seinen offensichtlich verseuchten USB-Stick ja nur an meinen Rechner angeschlossen, weil ich an einen Bedienerfehler glaubte und meinem Sohn helfen wollte.... ABER: Ich hatte zum besagten Zeitpunkt nur den zur Zeit permanent angesteckten Intenso-Stick in Gebrauch. Deshalb gehe ich davon aus, dass ich z.B. meine Hochgeschwindigkeitskarten micro SDHC z.B. aus einer GOPRO-Kamera jetzt nicht anschliessen muss oder? Ich mag das Risiko nicht unbedingt eingehen, dass diese ar***teuern Karten auch noch unbrauchbar werden, falls wir das Problem nicht fixen können... Was tun?  |
|
13.02.2014, 12:09
| #12 |
| /// TB-Ausbilder | Windows 7 - USB-Stick erstellt nur noch Verknüpfungen Scans bisher erfolglos Also. Da muss man weder USB-Sticks oder irgendwelche SD-Karten wegwerfen noch sind die Daten darauf verloren. Diese Malware blendet nur die Dateien und Ordner darauf aus und ersetzt sie durch Verknüpfungen. Wird eine dieser Verknüpfungen geöffnet, infiziert sich der Rechner, an welchem das Medium angeschlossen ist. Sobald der Rechner betroffen ist, befällt dieser wiederum automatisch jeden neuen Wechseldatenträger, welcher eingesteckt wird. Und so verbreitet sich das Ding weiter und weiter.. Eine Reinigung ist überhaupt kein Problem. Dein Rechner sollte jetzt von dem Ding befreit sein. Du kannst alle deine Sticks und so einstecken und kontrollieren, ob noch einer befallen ist. Falls noch einer infiziert ist (also nur noch Verknüpfungen zu sehen), dann lass ihn eingesteckt und teile mir den Laufwerksbuchstaben mit.
__________________ cheers, Leo |
|
13.02.2014, 15:12
| #13 |
| | Windows 7 - USB-Stick erstellt nur noch Verknüpfungen Scans bisher erfolglos Nachtrag: Rechner scannt.... erst einmal ohne meine weiteren SDHCs, rein von der Logik her müsste das passen. Nur der USB-Stick ist immer noch angesteckt. 1 hat er schon: VBS/Agent.NDH worm Log folgt gleich! Ja, also das mit dem ESET-Log wird wohl noch 2, 3 Minuten (Stunden/Tage) dauern  Da sich unsere Antworten hier gerade wohl fast überschnitten haben, sage ich schon mal ganz vorsichtig, aber dennoch GANZ LAUT DANKE SEHR!!!  (Auch auf die mögliche Gefahr hin, dass es noch nicht ganz ausgestanden ist) Das war aber auch das erste Mal, dass ich es nicht alleine geschafft habe.... werde wohl langsam alt... Würde aber dennoch gerne besser verstehen, was in dem von Dir anfänglich generierten Code stand... ;-) Da isser endlich, der ESET Log. Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=42940471600a4247b5d369737932f272
# engine=17054
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-02-13 01:52:36
# local_time=2014-02-13 02:52:36 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3591 16777213 100 88 22856 154896141 0 0
# compatibility_mode=5893 16776574 66 85 18429124 143929406 0 0
# scanned=342911
# found=2
# cleaned=0
# scan_time=9895
sh=E852B00C66146D1347581797C561523B3A08F264 ft=0 fh=0000000000000000 vn="VBS/Agent.NDH worm" ac=I fn="C:\FRST\Quarantine\zjfnzfducz..vbs13-02-2014_11-03-44"
sh=989379D81BA80312087A8AADC23E9CE4E45E48E5 ft=1 fh=c71c00113aa0cc9b vn="a variant of MSIL/Injector.BXU trojan" ac=I fn="E:\Alphaload\Donk VMware Unlocker for OS X 1.1.1.rar\Donk VMware Unlocker for OS X 1.1.1.exe"
Nachtrag, da ich es vorhin wohl doch überlesen hatte: nach Abschluss des Scans war leider immer noch eine Verknüpfung auf dem Stick sichtbar. Ich habe diesen dann nochmals formatiert. Inzwischen tritt der "Fehler" nicht mehr auf. Trotzdem: der Laufwerksbuchstabe ist K. |
|
13.02.2014, 15:38
| #14 |
| /// TB-Ausbilder | Windows 7 - USB-Stick erstellt nur noch Verknüpfungen Scans bisher erfolglos Ok, abschliessende Kontrolle: Starte noch einmal FRST.
__________________ cheers, Leo |
|
14.02.2014, 09:22
| #15 |
| | Windows 7 - USB-Stick erstellt nur noch Verknüpfungen Scans bisher erfolglos FRST.txt anbei. FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-02-2014 01
Ran by Sascha Rahlf (administrator) on RMPC on 13-02-2014 17:50:24
Running from C:\Users\Sascha Rahlf\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Space Sciences Laboratory) C:\Program Files\BOINC\boinctray.exe
(Space Sciences Laboratory) C:\Program Files\BOINC\boincmgr.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Users\Sascha Rahlf\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe
(Microsoft Corporation) C:\Users\Sascha Rahlf\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Space Sciences Laboratory) C:\Program Files\BOINC\boinc.exe
(GoPro) C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe
(AVM Berlin) C:\Program Files (x86)\FRITZ!\IWatch.exe
(sw4you, Siegfried Weckmann) C:\Program Files (x86)\Hardcopy\hardcopy.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Lexware GmbH & Co. KG) C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Reader_sl.exe
() C:\Program Files (x86)\Hardcopy\HcDLL2_ex.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Space Sciences Laboratory) C:\ProgramData\BOINC\projects\setiathome.berkeley.edu\setiathome_7.00_windows_intelx86.exe
(Space Sciences Laboratory) C:\ProgramData\BOINC\projects\setiathome.berkeley.edu\setiathome_7.00_windows_intelx86.exe
(Lexware GmbH & Co. KG) C:\Program Files (x86)\Common Files\Lexware\LxWebAccess\LxWebAccess.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2710856 2009-11-01] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-03] (CANON INC.)
HKLM\...\Run: [boinctray] - C:\Program Files\BOINC\boinctray.exe [73360 2013-11-25] (Space Sciences Laboratory)
HKLM\...\Run: [boincmgr] - C:\Program Files\BOINC\boincmgr.exe [5878928 2013-11-25] (Space Sciences Laboratory)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2014-01-25] (Realtek Semiconductor)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-11] (DivX, LLC)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [LexwareInfoService] - C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe [339240 2008-11-03] (Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [IJNetworkScanUtility] - C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2009-09-28] (CANON INC.)
HKLM-x32\...\Run: [FreePDF Assistant] - C:\Program Files (x86)\FreePDF_XP\fpassist.exe [385024 2009-09-05] (shbox.de)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [vmware-tray.exe] - C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [111696 2013-08-27] (VMware, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-04-19] (Microsoft Corporation)
HKU\S-1-5-21-926187133-1428639338-2412746821-1001\...\Run: [Xvid] - C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-926187133-1428639338-2412746821-1001\...\Run: [FLV Player] - C:\Users\Sascha Rahlf\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [202752 2012-10-26] ()
HKU\S-1-5-21-926187133-1428639338-2412746821-1001\...\Run: [SkyDrive] - C:\Users\Sascha Rahlf\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2014-01-26] (Microsoft Corporation)
Startup: C:\Users\Sascha Rahlf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!fax.lnk
ShortcutTarget: FRITZ!fax.lnk -> C:\Program Files (x86)\FRITZ!\FriFax32.exe (AVM Berlin)
Startup: C:\Users\Sascha Rahlf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK
ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you, Siegfried Weckmann)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x10B8A773183DCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\..\Interfaces\{D0C788C4-668C-45BE-A04D-B221745B40A5}: [NameServer]192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Sascha Rahlf\AppData\Roaming\Mozilla\Firefox\Profiles\9fkauv9o.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013-11-22]
==================== Services (Whitelisted) =================
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3304768 2010-12-23] (devolo AG)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe [275696 2013-10-08] (Symantec Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
S2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14401104 2013-08-27] ()
==================== Drivers (Whitelisted) ====================
R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2009-06-10] (AVM GmbH)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1501000.012\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-12-03] (Symantec Corporation)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-20] (Symantec Corporation)
R3 FPCIBASE; C:\Windows\System32\DRIVERS\fpcibase.sys [899328 2009-06-10] (AVM Berlin)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140212.001\IDSvia64.sys [521944 2014-01-21] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140212.033\ENG64.SYS [126040 2014-02-13] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140212.033\EX64.SYS [2099288 2014-02-13] (Symantec Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2010-06-10] (CACE Technologies)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1501000.012\SRTSP64.SYS [858200 2013-09-27] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1501000.012\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1501000.012\SYMEFA64.SYS [1147480 2013-09-27] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-21] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1501000.012\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1501000.012\SYMNETS.SYS [590936 2013-09-26] (Symantec Corporation)
R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [31824 2013-08-27] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-08-15] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-13 17:50 - 2014-02-13 17:50 - 00018588 _____ () C:\Users\Sascha Rahlf\Desktop\FRST.txt
2014-02-13 15:22 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-13 15:22 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-13 15:21 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-13 15:21 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-13 15:21 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-13 15:21 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 15:21 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-13 15:21 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-13 15:21 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 15:21 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-13 15:21 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-13 15:21 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-13 15:21 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-13 15:21 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-13 15:21 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-13 15:21 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-13 15:21 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-13 15:21 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-13 15:21 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 15:21 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-13 15:21 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-13 15:21 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-13 15:21 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 15:21 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-13 15:21 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-13 15:21 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-13 15:21 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-13 15:21 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-13 15:21 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-13 15:21 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-13 15:21 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-13 15:21 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 15:21 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 15:21 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-13 15:21 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-13 15:21 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-13 15:21 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 15:21 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-13 15:21 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-13 15:21 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-13 15:21 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-13 12:01 - 2014-02-13 12:02 - 02347384 _____ (ESET) C:\Users\Sascha Rahlf\Downloads\esetsmartinstaller_enu.exe
2014-02-13 10:54 - 2014-02-13 10:57 - 00000000 ____D () C:\AdwCleaner
2014-02-13 10:51 - 2014-02-13 10:51 - 01166132 _____ () C:\Users\Sascha Rahlf\Desktop\adwcleaner.exe
2014-02-13 10:14 - 2014-02-13 17:50 - 00000000 ____D () C:\FRST
2014-02-13 10:05 - 2014-02-13 10:05 - 02152448 _____ (Farbar) C:\Users\Sascha Rahlf\Desktop\FRST64.exe
2014-02-13 06:42 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-13 06:42 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-13 06:42 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-13 06:42 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 06:42 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 06:42 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-13 06:42 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 06:42 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-13 06:42 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-13 06:42 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-13 06:42 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 06:42 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-13 06:42 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 06:42 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-13 06:42 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-13 06:42 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 06:42 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 06:42 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-13 06:42 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-13 06:42 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-13 06:42 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-13 06:42 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 06:42 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-13 06:42 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-13 06:42 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-13 06:42 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-13 06:42 - 2013-11-27 00:29 - 05693440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-02-13 06:42 - 2013-11-26 23:49 - 06573056 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-13 06:42 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-13 06:42 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-12 18:54 - 2014-02-12 22:56 - 00000000 ____D () C:\Program Files (x86)\Remo Drive Wipe
2014-02-12 18:54 - 2014-02-12 18:54 - 00001071 _____ () C:\Users\Public\Desktop\Remo Drive Wipe.lnk
2014-02-12 18:54 - 2009-02-12 15:11 - 00026024 _____ (EldoS Corporation) C:\Windows\system32\Drivers\rsdrvx64.sys
2014-02-12 18:53 - 2014-02-12 18:54 - 09992760 _____ (Remo Software ) C:\Users\Sascha Rahlf\Downloads\deleteforever-drive-wipe.exe
2014-02-12 18:07 - 2014-02-12 18:07 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-02-12 18:07 - 2014-02-12 18:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-12 18:06 - 2014-02-12 18:32 - 00000000 ____D () C:\Users\Sascha Rahlf\Desktop\mbar
2014-02-12 18:06 - 2014-02-12 18:06 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-12 18:02 - 2014-02-12 18:02 - 00218129 _____ () C:\Users\Sascha Rahlf\Downloads\h2testw_1.4.zip
2014-02-12 18:02 - 2014-02-12 18:02 - 00000000 ____D () C:\Users\Sascha Rahlf\Downloads\h2testw_1.4
2014-02-12 17:46 - 2014-02-12 17:46 - 00038396 _____ () C:\Users\Sascha Rahlf\Documents\HitmanPro_20140212_1746.log
2014-02-12 17:46 - 2014-02-12 17:46 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2014-02-12 17:30 - 2014-02-12 17:47 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-12 15:56 - 2014-02-12 18:30 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Local\NPE
2014-02-12 14:46 - 2014-02-12 14:47 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Sascha Rahlf\Downloads\mbar-1.07.0.1009.exe
2014-02-12 14:44 - 2014-02-12 17:30 - 10820032 _____ (SurfRight B.V.) C:\Users\Sascha Rahlf\Downloads\hitmanpro_x64.exe
2014-02-12 14:06 - 2014-02-12 14:06 - 07873813 _____ () C:\Users\Sascha Rahlf\Downloads\PPFScan.zip
2014-02-12 14:06 - 2014-02-12 14:06 - 00000000 ____D () C:\Users\Sascha Rahlf\Downloads\PPFScan
2014-02-12 12:25 - 2014-02-12 12:25 - 00654752 _____ ( ) C:\Users\Sascha Rahlf\Downloads\sp55238.exe
2014-02-09 17:54 - 2014-02-09 17:54 - 00261703 _____ () C:\Users\Sascha Rahlf\Downloads\germany_2013.kmz
2014-02-09 17:54 - 2014-02-09 17:54 - 00002228 _____ () C:\Users\Sascha Rahlf\Desktop\Google Earth.lnk
2014-02-09 10:38 - 2014-02-09 10:38 - 00001108 _____ () C:\Users\Sascha Rahlf\Desktop\GoPro Studio.lnk
2014-02-09 10:28 - 2014-02-09 10:37 - 115345816 _____ () C:\Users\Sascha Rahlf\Downloads\GoProStudioPC-2.0.1.319.exe
2014-02-06 11:57 - 2014-02-06 11:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-01-29 18:31 - 2014-01-29 18:34 - 115303376 _____ () C:\Users\Sascha Rahlf\Downloads\GoProStudioPC-2.0.1.317.exe
2014-01-27 09:46 - 2014-02-13 17:50 - 00005148 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for RMPC-Sascha Rahlf RMPC
2014-01-27 09:46 - 2014-01-27 09:46 - 00000000 ____D () C:\Users\Sascha Rahlf\Documents\Benutzerdefinierte Office-Vorlagen
2014-01-27 09:38 - 2014-01-27 09:38 - 00002451 _____ () C:\Users\Sascha Rahlf\Desktop\Word 2013.lnk
2014-01-27 09:38 - 2014-01-27 09:38 - 00002447 _____ () C:\Users\Sascha Rahlf\Desktop\Excel 2013.lnk
2014-01-26 15:27 - 2014-02-13 17:49 - 00000000 ___RD () C:\Users\Sascha Rahlf\SkyDrive
2014-01-26 15:27 - 2014-01-26 15:27 - 00002193 _____ () C:\Users\Sascha Rahlf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-01-26 15:27 - 2014-01-26 15:27 - 00002120 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-01-26 15:27 - 2014-01-26 15:27 - 00002120 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-01-26 15:27 - 2014-01-26 15:27 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive
2014-01-26 15:27 - 2014-01-26 15:27 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2014-01-26 15:26 - 2013-12-04 20:28 - 06164256 _____ (Landesfinanzdirektion Thüringen) C:\Users\Sascha Rahlf\Downloads\install_gst12.exe
2014-01-26 15:26 - 2013-12-04 20:27 - 09939368 _____ (Landesfinanzdirektion Thüringen) C:\Users\Sascha Rahlf\Downloads\install_est12.exe
2014-01-26 15:26 - 2013-12-04 20:27 - 06212848 _____ (Landesfinanzdirektion Thüringen) C:\Users\Sascha Rahlf\Downloads\install_ust12.exe
2014-01-26 15:26 - 2013-12-04 20:24 - 44971216 _____ (Landesfinanzdirektion Thüringen) C:\Users\Sascha Rahlf\Downloads\install_pica.exe
2014-01-26 15:26 - 2013-12-04 20:22 - 06478632 _____ (Landesfinanzdirektion Thüringen) C:\Users\Sascha Rahlf\Downloads\install_eur12.exe
2014-01-26 15:26 - 2013-04-20 14:36 - 00055221 _____ () C:\Users\Sascha Rahlf\Downloads\produkey_1.56.zip
2014-01-26 15:26 - 2012-08-29 07:53 - 103974608 _____ (Landesfinanzdirektion Thüringen) C:\Users\Sascha Rahlf\Downloads\ElsterFormular-13.3.0.9066k.exe
2014-01-26 14:49 - 2014-01-26 14:50 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-01-26 14:49 - 2014-01-26 14:49 - 00575168 _____ (Microsoft Corporation) C:\Users\Sascha Rahlf\Downloads\Setup.X86.de-DE_O365HomePremRetail_114b7722-f595-4ff2-aad8-46b9299f692c_TX_DB_.exe
2014-01-26 12:56 - 2014-01-26 13:03 - 85965001 _____ (Hewlett-Packard Company ) C:\Users\Sascha Rahlf\Downloads\sp53261.exe
2014-01-26 12:26 - 2014-01-26 12:26 - 00001304 _____ () C:\Users\Sascha Rahlf\Desktop\Notepad.lnk
2014-01-26 12:23 - 2014-01-26 12:23 - 05581624 _____ (Uniblue Systems Ltd ) C:\Users\Sascha Rahlf\Downloads\driverscanner.exe
2014-01-26 11:46 - 2014-01-26 11:46 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Local\.elfohilfe
2014-01-26 11:44 - 2013-12-09 12:53 - 00035914 _____ () C:\Users\Sascha Rahlf\Documents\EUER2012_Sascha_Rahlf.elfo
2014-01-26 11:44 - 2013-12-09 12:53 - 00031888 _____ () C:\Users\Sascha Rahlf\Documents\USt2012_Rahlf_Sascha.elfo
2014-01-26 11:44 - 2013-12-09 12:46 - 00043141 _____ () C:\Users\Sascha Rahlf\Documents\GewSt2012_Rahlf_Sascha.elfo
2014-01-26 11:44 - 2013-12-09 12:44 - 00109570 _____ () C:\Users\Sascha Rahlf\Documents\ESt2012_Rahlf_Sascha_und_Rahlf_Gaby.elfo
2014-01-26 11:38 - 2014-01-26 11:38 - 00001115 _____ () C:\Users\Sascha Rahlf\Desktop\ElsterFormular.lnk
2014-01-26 11:38 - 2014-01-26 11:38 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Roaming\elsterformular
2014-01-26 11:38 - 2014-01-26 11:38 - 00000000 ____D () C:\ProgramData\elsterformular
2014-01-26 11:37 - 2014-01-26 11:37 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-01-25 12:24 - 2014-01-25 12:24 - 10093647 _____ (DJI ) C:\Users\Sascha Rahlf\Downloads\iosd_installer_4.0.exe
2014-01-25 12:24 - 2014-01-25 12:24 - 00001235 _____ () C:\Users\Public\Desktop\DJI iOSD Assistant 4.0.lnk
2014-01-25 11:11 - 2014-01-25 11:11 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-01-25 11:11 - 2014-01-25 11:11 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-01-25 11:11 - 2014-01-25 11:11 - 00000000 ____D () C:\Program Files\Realtek
2014-01-25 11:10 - 2014-01-25 11:10 - 38251008 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-01-25 11:10 - 2014-01-25 11:10 - 27644160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 14152960 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 06217904 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 05681192 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-01-25 11:10 - 2014-01-25 11:10 - 05538072 _____ (ASUSTeKcomputer.Inc Inc) C:\Windows\system32\RTKSMlfx.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 03714304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 03698904 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-01-25 11:10 - 2014-01-25 11:10 - 02810072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 02587352 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 02036992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01938608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01921792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-01-25 11:10 - 2014-01-25 11:10 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01345280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01286400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01286360 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01084160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01021656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01014016 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01012992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00907008 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00897792 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00790272 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00754488 _____ (ASUSTeKcomputer.Inc Inc) C:\Windows\system32\RTKSMSettingsIPC.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00722688 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00676825 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-01-25 11:10 - 2014-01-25 11:10 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00617176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00605496 _____ () C:\Windows\system32\audioLibVc.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00313520 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00260272 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00244480 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00151256 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 15546880 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 11405824 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 10629408 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2014-01-25 10:52 - 2014-01-25 10:52 - 06549504 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 04896768 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 04338688 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 03158584 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00571904 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdx32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00511032 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00418360 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00387640 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00380416 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00272384 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00244224 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00228864 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00224824 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00189552 _____ () C:\Windows\system32\Gfxres.th-TH.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00178407 _____ () C:\Windows\system32\Gfxres.el-GR.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00165395 _____ () C:\Windows\system32\Gfxres.ru-RU.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00163384 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00154680 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00139909 _____ () C:\Windows\system32\Gfxres.ar-SA.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00136401 _____ () C:\Windows\system32\Gfxres.ja-JP.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00133746 _____ () C:\Windows\system32\Gfxres.he-IL.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00125558 _____ () C:\Windows\system32\Gfxres.it-IT.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00123230 _____ () C:\Windows\system32\Gfxres.ko-KR.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00122927 _____ () C:\Windows\system32\Gfxres.es-ES.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00122709 _____ () C:\Windows\system32\Gfxres.de-DE.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00122368 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2014-01-25 10:52 - 2014-01-25 10:52 - 00121173 _____ () C:\Windows\system32\Gfxres.tr-TR.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00120800 _____ () C:\Windows\system32\Gfxres.fr-FR.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00120366 _____ () C:\Windows\system32\Gfxres.pt-BR.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00119808 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00119616 _____ () C:\Windows\system32\Gfxres.hu-HU.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00119586 _____ () C:\Windows\system32\Gfxres.nl-NL.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00119360 _____ () C:\Windows\system32\Gfxres.sv-SE.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00119067 _____ () C:\Windows\system32\Gfxres.pt-PT.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00118745 _____ () C:\Windows\system32\Gfxres.cs-CZ.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00118697 _____ () C:\Windows\system32\Gfxres.fi-FI.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00118409 _____ () C:\Windows\system32\Gfxres.pl-PL.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00118058 _____ () C:\Windows\system32\Gfxres.sk-SK.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00114852 _____ () C:\Windows\system32\Gfxres.nb-NO.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00114372 _____ () C:\Windows\system32\Gfxres.sl-SI.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00114261 _____ () C:\Windows\system32\Gfxres.da-DK.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00110211 _____ () C:\Windows\system32\Gfxres.en-US.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00104044 _____ () C:\Windows\system32\Gfxres.zh-TW.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00102883 _____ () C:\Windows\system32\Gfxres.zh-CN.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00090112 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2869.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087040 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087040 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00083968 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00083968 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00027648 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00023552 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00005448 _____ () C:\Windows\system32\iglhxs64.vp
2014-01-25 10:52 - 2014-01-25 10:52 - 00004096 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2014-01-25 10:50 - 2014-01-25 10:50 - 00883928 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-01-25 10:50 - 2014-01-25 10:50 - 00074456 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-01-25 10:30 - 2014-01-25 10:32 - 04684216 _____ (Uniblue Systems Ltd ) C:\Users\Sascha Rahlf\Downloads\systemtweaker.exe
2014-01-25 10:19 - 2014-02-13 17:49 - 00000286 _____ () C:\Windows\Tasks\dsmonitor.job
2014-01-25 10:19 - 2014-01-25 10:19 - 00002524 _____ () C:\Windows\System32\Tasks\dsmonitor
2014-01-18 15:41 - 2014-01-18 15:41 - 00001278 _____ () C:\Users\Public\Desktop\DJI Phantom RC Assistant_1.0.lnk
2014-01-18 15:41 - 2014-01-18 15:41 - 00001273 _____ () C:\Users\Public\Desktop\DJI Phantom 2 Assistant_1.08.lnk
2014-01-17 09:01 - 2014-01-17 09:01 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-17 09:01 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-17 09:01 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-17 09:01 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-17 09:01 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-15 13:55 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 13:55 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 13:55 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 13:55 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 13:55 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 13:55 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 13:55 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 13:55 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 13:55 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-14 19:56 - 2014-01-14 19:56 - 00000000 ____D () C:\ProgramData\dbg
2014-01-14 14:05 - 2014-01-14 14:05 - 00001250 _____ () C:\Users\Sascha Rahlf\Desktop\DJI NAZAM Assistant_2.20.lnk
==================== One Month Modified Files and Folders =======
2014-02-13 17:50 - 2014-02-13 17:50 - 00018588 _____ () C:\Users\Sascha Rahlf\Desktop\FRST.txt
2014-02-13 17:50 - 2014-02-13 10:14 - 00000000 ____D () C:\FRST
2014-02-13 17:50 - 2014-01-27 09:46 - 00005148 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for RMPC-Sascha Rahlf RMPC
2014-02-13 17:49 - 2014-01-26 15:27 - 00000000 ___RD () C:\Users\Sascha Rahlf\SkyDrive
2014-02-13 17:49 - 2014-01-25 10:19 - 00000286 _____ () C:\Windows\Tasks\dsmonitor.job
2014-02-13 17:49 - 2013-08-31 07:52 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-13 17:49 - 2013-05-12 12:42 - 00000000 ____D () C:\ProgramData\BOINC
2014-02-13 17:49 - 2013-04-22 05:53 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Local\FRITZ!
2014-02-13 17:10 - 2013-04-20 09:35 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-13 17:08 - 2013-08-31 07:52 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-13 16:25 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-13 15:41 - 2009-07-14 05:45 - 00013232 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-13 15:41 - 2009-07-14 05:45 - 00013232 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-13 15:40 - 2013-04-19 17:01 - 01692734 _____ () C:\Windows\WindowsUpdate.log
2014-02-13 15:36 - 2013-10-31 11:21 - 00000000 ____D () C:\ProgramData\VMware
2014-02-13 15:36 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-13 15:35 - 2009-07-14 05:51 - 00052365 _____ () C:\Windows\setupact.log
2014-02-13 15:33 - 2013-04-19 17:55 - 00317112 _____ () C:\Windows\PFRO.log
2014-02-13 15:32 - 2013-04-20 14:40 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-13 15:27 - 2013-06-23 14:47 - 01602298 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-13 15:27 - 2009-07-14 18:58 - 00702138 _____ () C:\Windows\system32\perfh007.dat
2014-02-13 15:27 - 2009-07-14 18:58 - 00150804 _____ () C:\Windows\system32\perfc007.dat
2014-02-13 15:27 - 2009-07-14 06:13 - 01602298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-13 15:22 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2014-02-13 15:19 - 2013-04-19 16:29 - 00000000 ____D () C:\Users\Sascha Rahlf\Documents\Outlook-Dateien
2014-02-13 12:02 - 2014-02-13 12:01 - 02347384 _____ (ESET) C:\Users\Sascha Rahlf\Downloads\esetsmartinstaller_enu.exe
2014-02-13 11:03 - 2013-04-19 17:09 - 00000000 ___RD () C:\Users\Sascha Rahlf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-13 10:57 - 2014-02-13 10:54 - 00000000 ____D () C:\AdwCleaner
2014-02-13 10:57 - 2013-11-23 12:51 - 00000000 ____D () C:\ProgramData\Uniblue
2014-02-13 10:57 - 2013-11-23 12:38 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Roaming\Uniblue
2014-02-13 10:57 - 2013-11-23 12:38 - 00000000 ____D () C:\Program Files (x86)\Uniblue
2014-02-13 10:57 - 2013-11-12 12:56 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player
2014-02-13 10:51 - 2014-02-13 10:51 - 01166132 _____ () C:\Users\Sascha Rahlf\Desktop\adwcleaner.exe
2014-02-13 10:05 - 2014-02-13 10:05 - 02152448 _____ (Farbar) C:\Users\Sascha Rahlf\Desktop\FRST64.exe
2014-02-12 22:56 - 2014-02-12 18:54 - 00000000 ____D () C:\Program Files (x86)\Remo Drive Wipe
2014-02-12 18:54 - 2014-02-12 18:54 - 00001071 _____ () C:\Users\Public\Desktop\Remo Drive Wipe.lnk
2014-02-12 18:54 - 2014-02-12 18:53 - 09992760 _____ (Remo Software ) C:\Users\Sascha Rahlf\Downloads\deleteforever-drive-wipe.exe
2014-02-12 18:32 - 2014-02-12 18:06 - 00000000 ____D () C:\Users\Sascha Rahlf\Desktop\mbar
2014-02-12 18:30 - 2014-02-12 15:56 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Local\NPE
2014-02-12 18:25 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-12 18:07 - 2014-02-12 18:07 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-02-12 18:07 - 2014-02-12 18:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-12 18:06 - 2014-02-12 18:06 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-12 18:02 - 2014-02-12 18:02 - 00218129 _____ () C:\Users\Sascha Rahlf\Downloads\h2testw_1.4.zip
2014-02-12 18:02 - 2014-02-12 18:02 - 00000000 ____D () C:\Users\Sascha Rahlf\Downloads\h2testw_1.4
2014-02-12 17:47 - 2014-02-12 17:30 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-12 17:46 - 2014-02-12 17:46 - 00038396 _____ () C:\Users\Sascha Rahlf\Documents\HitmanPro_20140212_1746.log
2014-02-12 17:46 - 2014-02-12 17:46 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2014-02-12 17:30 - 2014-02-12 14:44 - 10820032 _____ (SurfRight B.V.) C:\Users\Sascha Rahlf\Downloads\hitmanpro_x64.exe
2014-02-12 17:27 - 2013-12-28 11:00 - 00000000 ____D () C:\Users\Outposter
2014-02-12 16:07 - 2013-04-19 17:14 - 00000000 ____D () C:\ProgramData\Norton
2014-02-12 14:47 - 2014-02-12 14:46 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Sascha Rahlf\Downloads\mbar-1.07.0.1009.exe
2014-02-12 14:06 - 2014-02-12 14:06 - 07873813 _____ () C:\Users\Sascha Rahlf\Downloads\PPFScan.zip
2014-02-12 14:06 - 2014-02-12 14:06 - 00000000 ____D () C:\Users\Sascha Rahlf\Downloads\PPFScan
2014-02-12 13:43 - 2013-11-23 13:05 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-12 12:25 - 2014-02-12 12:25 - 00654752 _____ ( ) C:\Users\Sascha Rahlf\Downloads\sp55238.exe
2014-02-11 16:59 - 2013-04-20 17:59 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Roaming\vlc
2014-02-11 09:03 - 2013-04-20 19:34 - 00009300 _____ () C:\fpRedmon.log
2014-02-11 09:03 - 2013-04-20 19:34 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Local\FreePDF_XP
2014-02-09 17:54 - 2014-02-09 17:54 - 00261703 _____ () C:\Users\Sascha Rahlf\Downloads\germany_2013.kmz
2014-02-09 17:54 - 2014-02-09 17:54 - 00002228 _____ () C:\Users\Sascha Rahlf\Desktop\Google Earth.lnk
2014-02-09 10:47 - 2013-08-08 16:23 - 00337408 ___SH () C:\Users\Sascha Rahlf\Thumbs.db
2014-02-09 10:47 - 2013-04-19 17:09 - 00000000 ____D () C:\Users\Sascha Rahlf
2014-02-09 10:38 - 2014-02-09 10:38 - 00001108 _____ () C:\Users\Sascha Rahlf\Desktop\GoPro Studio.lnk
2014-02-09 10:38 - 2013-11-01 09:21 - 00000000 ____D () C:\Program Files (x86)\GoPro
2014-02-09 10:38 - 2013-06-13 12:21 - 00057060 _____ () C:\Windows\DPINST.LOG
2014-02-09 10:37 - 2014-02-09 10:28 - 115345816 _____ () C:\Users\Sascha Rahlf\Downloads\GoProStudioPC-2.0.1.319.exe
2014-02-07 08:09 - 2013-04-20 07:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-06 13:16 - 2014-02-13 15:21 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-13 15:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-13 15:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-13 15:21 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-13 15:21 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-13 15:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-13 15:21 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:57 - 2014-02-06 11:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-06 11:56 - 2014-02-13 15:21 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-13 15:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-13 15:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-13 15:21 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-13 15:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-13 15:21 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-13 15:21 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-13 15:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-13 15:21 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-13 15:21 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-13 15:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-13 15:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-13 15:21 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-13 15:21 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-13 15:21 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-13 15:21 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-13 15:21 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-13 15:21 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-13 15:21 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-13 15:21 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-13 15:21 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-13 15:21 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-13 15:21 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-13 15:21 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-13 15:21 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-13 15:21 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-13 15:21 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-13 15:21 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-13 15:21 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-13 15:21 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-13 15:21 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-13 15:21 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-06 09:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-05 09:24 - 2013-04-20 09:58 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Local\Adobe
2014-02-05 09:24 - 2013-04-20 09:35 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 09:24 - 2013-04-20 09:35 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 09:24 - 2013-04-20 09:35 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-04 17:23 - 2013-04-20 15:28 - 00000000 ____D () C:\ProgramData\Lexware
2014-02-04 14:38 - 2013-04-20 15:28 - 00000000 ____D () C:\ProgramData\BTrieve
2014-01-29 19:55 - 2013-09-05 21:06 - 01443328 _____ (CineForm Inc.) C:\Windows\system32\CFHD.dll
2014-01-29 19:52 - 2013-09-05 21:03 - 01474560 _____ (CineForm Inc.) C:\Windows\SysWOW64\CFHD.dll
2014-01-29 18:34 - 2014-01-29 18:31 - 115303376 _____ () C:\Users\Sascha Rahlf\Downloads\GoProStudioPC-2.0.1.317.exe
2014-01-29 18:30 - 2013-12-02 13:37 - 00000000 ____D () C:\Program Files\Adobe
2014-01-27 09:53 - 2013-04-20 14:40 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Local\Microsoft Help
2014-01-27 09:46 - 2014-01-27 09:46 - 00000000 ____D () C:\Users\Sascha Rahlf\Documents\Benutzerdefinierte Office-Vorlagen
2014-01-27 09:38 - 2014-01-27 09:38 - 00002451 _____ () C:\Users\Sascha Rahlf\Desktop\Word 2013.lnk
2014-01-27 09:38 - 2014-01-27 09:38 - 00002447 _____ () C:\Users\Sascha Rahlf\Desktop\Excel 2013.lnk
2014-01-27 09:11 - 2013-04-19 18:36 - 00120704 _____ () C:\Users\Sascha Rahlf\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-27 09:10 - 2009-07-14 05:45 - 00470904 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-26 15:27 - 2014-01-26 15:27 - 00002193 _____ () C:\Users\Sascha Rahlf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-01-26 15:27 - 2014-01-26 15:27 - 00002120 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-01-26 15:27 - 2014-01-26 15:27 - 00002120 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-01-26 15:27 - 2014-01-26 15:27 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive
2014-01-26 15:27 - 2014-01-26 15:27 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2014-01-26 14:57 - 2013-04-20 14:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-01-26 14:51 - 2013-04-19 17:09 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Local\VirtualStore
2014-01-26 14:50 - 2014-01-26 14:49 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-01-26 14:49 - 2014-01-26 14:49 - 00575168 _____ (Microsoft Corporation) C:\Users\Sascha Rahlf\Downloads\Setup.X86.de-DE_O365HomePremRetail_114b7722-f595-4ff2-aad8-46b9299f692c_TX_DB_.exe
2014-01-26 13:03 - 2014-01-26 12:56 - 85965001 _____ (Hewlett-Packard Company ) C:\Users\Sascha Rahlf\Downloads\sp53261.exe
2014-01-26 12:26 - 2014-01-26 12:26 - 00001304 _____ () C:\Users\Sascha Rahlf\Desktop\Notepad.lnk
2014-01-26 12:23 - 2014-01-26 12:23 - 05581624 _____ (Uniblue Systems Ltd ) C:\Users\Sascha Rahlf\Downloads\driverscanner.exe
2014-01-26 11:46 - 2014-01-26 11:46 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Local\.elfohilfe
2014-01-26 11:38 - 2014-01-26 11:38 - 00001115 _____ () C:\Users\Sascha Rahlf\Desktop\ElsterFormular.lnk
2014-01-26 11:38 - 2014-01-26 11:38 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Roaming\elsterformular
2014-01-26 11:38 - 2014-01-26 11:38 - 00000000 ____D () C:\ProgramData\elsterformular
2014-01-26 11:37 - 2014-01-26 11:37 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-01-25 12:24 - 2014-01-25 12:24 - 10093647 _____ (DJI ) C:\Users\Sascha Rahlf\Downloads\iosd_installer_4.0.exe
2014-01-25 12:24 - 2014-01-25 12:24 - 00001235 _____ () C:\Users\Public\Desktop\DJI iOSD Assistant 4.0.lnk
2014-01-25 12:24 - 2013-11-05 14:37 - 00000000 ____D () C:\Program Files (x86)\DJI Product
2014-01-25 11:11 - 2014-01-25 11:11 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-01-25 11:11 - 2014-01-25 11:11 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-01-25 11:11 - 2014-01-25 11:11 - 00000000 ____D () C:\Program Files\Realtek
2014-01-25 11:10 - 2014-01-25 11:10 - 38251008 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-01-25 11:10 - 2014-01-25 11:10 - 27644160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 14152960 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 06217904 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 05681192 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-01-25 11:10 - 2014-01-25 11:10 - 05538072 _____ (ASUSTeKcomputer.Inc Inc) C:\Windows\system32\RTKSMlfx.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 03714304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 03698904 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-01-25 11:10 - 2014-01-25 11:10 - 02810072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 02587352 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 02036992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01938608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01921792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-01-25 11:10 - 2014-01-25 11:10 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01345280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01286400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01286360 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01084160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01021656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01014016 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 01012992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00907008 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00897792 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00790272 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00754488 _____ (ASUSTeKcomputer.Inc Inc) C:\Windows\system32\RTKSMSettingsIPC.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00722688 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00676825 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-01-25 11:10 - 2014-01-25 11:10 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00617176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00605496 _____ () C:\Windows\system32\audioLibVc.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00313520 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00260272 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00244480 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00151256 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2014-01-25 11:10 - 2014-01-25 11:10 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 15546880 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 11405824 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 10629408 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2014-01-25 10:52 - 2014-01-25 10:52 - 06549504 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 04896768 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 04338688 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 03158584 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00571904 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdx32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00511032 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00418360 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00387640 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00380416 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00272384 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00244224 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00228864 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00224824 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00189552 _____ () C:\Windows\system32\Gfxres.th-TH.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00178407 _____ () C:\Windows\system32\Gfxres.el-GR.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00165395 _____ () C:\Windows\system32\Gfxres.ru-RU.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00163384 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00154680 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2014-01-25 10:52 - 2014-01-25 10:52 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00139909 _____ () C:\Windows\system32\Gfxres.ar-SA.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00136401 _____ () C:\Windows\system32\Gfxres.ja-JP.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00133746 _____ () C:\Windows\system32\Gfxres.he-IL.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00125558 _____ () C:\Windows\system32\Gfxres.it-IT.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00123230 _____ () C:\Windows\system32\Gfxres.ko-KR.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00122927 _____ () C:\Windows\system32\Gfxres.es-ES.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00122709 _____ () C:\Windows\system32\Gfxres.de-DE.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00122368 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2014-01-25 10:52 - 2014-01-25 10:52 - 00121173 _____ () C:\Windows\system32\Gfxres.tr-TR.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00120800 _____ () C:\Windows\system32\Gfxres.fr-FR.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00120366 _____ () C:\Windows\system32\Gfxres.pt-BR.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00119808 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00119616 _____ () C:\Windows\system32\Gfxres.hu-HU.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00119586 _____ () C:\Windows\system32\Gfxres.nl-NL.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00119360 _____ () C:\Windows\system32\Gfxres.sv-SE.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00119067 _____ () C:\Windows\system32\Gfxres.pt-PT.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00118745 _____ () C:\Windows\system32\Gfxres.cs-CZ.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00118697 _____ () C:\Windows\system32\Gfxres.fi-FI.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00118409 _____ () C:\Windows\system32\Gfxres.pl-PL.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00118058 _____ () C:\Windows\system32\Gfxres.sk-SK.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00114852 _____ () C:\Windows\system32\Gfxres.nb-NO.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00114372 _____ () C:\Windows\system32\Gfxres.sl-SI.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00114261 _____ () C:\Windows\system32\Gfxres.da-DK.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00110211 _____ () C:\Windows\system32\Gfxres.en-US.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00104044 _____ () C:\Windows\system32\Gfxres.zh-TW.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00102883 _____ () C:\Windows\system32\Gfxres.zh-CN.resources
2014-01-25 10:52 - 2014-01-25 10:52 - 00090112 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2869.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087040 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00087040 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00083968 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00083968 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2014-01-25 10:52 - 2014-01-25 10:52 - 00027648 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00023552 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2014-01-25 10:52 - 2014-01-25 10:52 - 00005448 _____ () C:\Windows\system32\iglhxs64.vp
2014-01-25 10:52 - 2014-01-25 10:52 - 00004096 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2014-01-25 10:52 - 2011-02-11 17:46 - 00061952 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2014-01-25 10:52 - 2011-02-11 17:45 - 00830464 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2014-01-25 10:52 - 2011-02-11 17:45 - 00108544 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2014-01-25 10:52 - 2009-07-13 22:59 - 04722176 _____ (Intel Corporation) C:\Windows\system32\igd10umd64.dll
2014-01-25 10:50 - 2014-01-25 10:50 - 00883928 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-01-25 10:50 - 2014-01-25 10:50 - 00074456 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-01-25 10:50 - 2011-06-10 05:34 - 00108760 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-01-25 10:32 - 2014-01-25 10:30 - 04684216 _____ (Uniblue Systems Ltd ) C:\Users\Sascha Rahlf\Downloads\systemtweaker.exe
2014-01-25 10:19 - 2014-01-25 10:19 - 00002524 _____ () C:\Windows\System32\Tasks\dsmonitor
2014-01-24 07:26 - 2013-04-20 16:22 - 00000000 ____D () C:\Program Files (x86)\FreePDF_XP
2014-01-18 15:41 - 2014-01-18 15:41 - 00001278 _____ () C:\Users\Public\Desktop\DJI Phantom RC Assistant_1.0.lnk
2014-01-18 15:41 - 2014-01-18 15:41 - 00001273 _____ () C:\Users\Public\Desktop\DJI Phantom 2 Assistant_1.08.lnk
2014-01-18 09:58 - 2013-04-20 09:49 - 00000000 ____D () C:\Users\Sascha Rahlf\AppData\Roaming\FileZilla
2014-01-17 09:01 - 2014-01-17 09:01 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-17 09:01 - 2013-10-17 07:57 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-17 09:01 - 2013-06-22 19:05 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-15 17:38 - 2013-08-15 18:25 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 17:37 - 2013-04-19 20:13 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-14 19:56 - 2014-01-14 19:56 - 00000000 ____D () C:\ProgramData\dbg
2014-01-14 14:05 - 2014-01-14 14:05 - 00001250 _____ () C:\Users\Sascha Rahlf\Desktop\DJI NAZAM Assistant_2.20.lnk
Some content of TEMP:
====================
C:\Users\Sascha Rahlf\AppData\Local\Temp\7z920.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\appshat-distribution.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\BI_RunOnce (1).exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\BI_RunOnce.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\bundlesweetimsetup.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\DivXSetup.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\FLVPlayerSetup.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\GenericUninstall.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\mgsqlite3.dll
C:\Users\Sascha Rahlf\AppData\Local\Temp\MoviesToolbarSetup_Somoto.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\MoviesToolbarSetup_Somoto_9_10_2013.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Sascha Rahlf\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Sascha Rahlf\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\ose00000.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\Quarantine.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\setup.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\uninst1.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\uninstaller.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\vlc-2.0.8-win32.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\vlc-2.1.2-win32.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\WSSetup.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\WYSIWYG_Web_Builder_7_-_Deutsches_Sprachpaket.exe
C:\Users\Sascha Rahlf\AppData\Local\Temp\WYSIWYG_Web_Builder_8_-_Deutsches_Sprachpaket.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-08 16:29
==================== End Of Log ============================
--- --- --- Nochmals Vielen, vielen Dank!  Grüße von der Küste! |
|
| Themen zu Windows 7 - USB-Stick erstellt nur noch Verknüpfungen Scans bisher erfolglos |
| anti-malware, aufsetzen, button, code, dateien, device driver, diverse, explorer, free, harddisk, home, internet, kopieren, neue, norton, not, object, problem, rechner, shutdown, symantec, system, system32, tan, wichtig, windows |
Linear-Darstellung
