Hallo,
ich habe seit heute morgen
immer die meldung das die Explorer.exe nicht mehr reagiert und muss beendet werden.
Könntet ihr mir evlt helfen?
Habe schon nen Scan durchgeführt.
ps. Ich bekomme auch noch die Meldung Desktopfenster-Manager wurde beendet und geschlossen.


sfcdetails.txt

Code: Alles auswählenAufklappen

ATTFilter

2014-03-27 15:25:39, Info                  CSI    00000010 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:25:39, Info                  CSI    00000011 [SR] Beginning Verify and Repair transaction
2014-03-27 15:25:45, Info                  CSI    00000013 [SR] Verify complete
2014-03-27 15:25:45, Info                  CSI    00000014 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:25:45, Info                  CSI    00000015 [SR] Beginning Verify and Repair transaction
2014-03-27 15:25:50, Info                  CSI    00000017 [SR] Verify complete
2014-03-27 15:25:51, Info                  CSI    00000018 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:25:51, Info                  CSI    00000019 [SR] Beginning Verify and Repair transaction
2014-03-27 15:25:58, Info                  CSI    0000001b [SR] Verify complete
2014-03-27 15:25:58, Info                  CSI    0000001c [SR] Verifying 100 (0x00000064) components
2014-03-27 15:25:58, Info                  CSI    0000001d [SR] Beginning Verify and Repair transaction
2014-03-27 15:25:59, Info                  CSI    0000001f [SR] Verify complete
2014-03-27 15:26:00, Info                  CSI    00000020 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:26:00, Info                  CSI    00000021 [SR] Beginning Verify and Repair transaction
2014-03-27 15:26:01, Info                  CSI    00000023 [SR] Verify complete
2014-03-27 15:26:01, Info                  CSI    00000024 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:26:01, Info                  CSI    00000025 [SR] Beginning Verify and Repair transaction
2014-03-27 15:26:05, Info                  CSI    00000027 [SR] Verify complete
2014-03-27 15:26:06, Info                  CSI    00000028 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:26:06, Info                  CSI    00000029 [SR] Beginning Verify and Repair transaction
2014-03-27 15:26:10, Info                  CSI    0000002b [SR] Verify complete
2014-03-27 15:26:11, Info                  CSI    0000002c [SR] Verifying 100 (0x00000064) components
2014-03-27 15:26:11, Info                  CSI    0000002d [SR] Beginning Verify and Repair transaction
2014-03-27 15:26:14, Info                  CSI    0000002f [SR] Verify complete
2014-03-27 15:26:15, Info                  CSI    00000030 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:26:15, Info                  CSI    00000031 [SR] Beginning Verify and Repair transaction
2014-03-27 15:26:20, Info                  CSI    00000033 [SR] Verify complete
2014-03-27 15:26:20, Info                  CSI    00000034 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:26:20, Info                  CSI    00000035 [SR] Beginning Verify and Repair transaction
2014-03-27 15:26:24, Info                  CSI    00000037 [SR] Verify complete
2014-03-27 15:26:25, Info                  CSI    00000038 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:26:25, Info                  CSI    00000039 [SR] Beginning Verify and Repair transaction
2014-03-27 15:26:28, Info                  CSI    0000003b [SR] Verify complete
2014-03-27 15:26:28, Info                  CSI    0000003c [SR] Verifying 100 (0x00000064) components
2014-03-27 15:26:28, Info                  CSI    0000003d [SR] Beginning Verify and Repair transaction
2014-03-27 15:26:32, Info                  CSI    0000003f [SR] Verify complete
2014-03-27 15:26:32, Info                  CSI    00000040 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:26:32, Info                  CSI    00000041 [SR] Beginning Verify and Repair transaction
2014-03-27 15:26:37, Info                  CSI    00000043 [SR] Verify complete
2014-03-27 15:26:38, Info                  CSI    00000044 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:26:38, Info                  CSI    00000045 [SR] Beginning Verify and Repair transaction
2014-03-27 15:26:41, Info                  CSI    0000004a [SR] Verify complete
2014-03-27 15:26:42, Info                  CSI    0000004b [SR] Verifying 100 (0x00000064) components
2014-03-27 15:26:42, Info                  CSI    0000004c [SR] Beginning Verify and Repair transaction
2014-03-27 15:26:45, Info                  CSI    0000004f [SR] Verify complete
2014-03-27 15:26:46, Info                  CSI    00000050 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:26:46, Info                  CSI    00000051 [SR] Beginning Verify and Repair transaction
2014-03-27 15:26:50, Info                  CSI    00000055 [SR] Verify complete
2014-03-27 15:26:51, Info                  CSI    00000056 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:26:51, Info                  CSI    00000057 [SR] Beginning Verify and Repair transaction
2014-03-27 15:27:01, Info                  CSI    00000061 [SR] Verify complete
2014-03-27 15:27:02, Info                  CSI    00000062 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:27:02, Info                  CSI    00000063 [SR] Beginning Verify and Repair transaction
2014-03-27 15:27:06, Info                  CSI    00000065 [SR] Verify complete
2014-03-27 15:27:07, Info                  CSI    00000066 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:27:07, Info                  CSI    00000067 [SR] Beginning Verify and Repair transaction
2014-03-27 15:27:14, Info                  CSI    00000069 [SR] Verify complete
2014-03-27 15:27:14, Info                  CSI    0000006a [SR] Verifying 100 (0x00000064) components
2014-03-27 15:27:14, Info                  CSI    0000006b [SR] Beginning Verify and Repair transaction
2014-03-27 15:27:18, Info                  CSI    0000006d [SR] Verify complete
2014-03-27 15:27:19, Info                  CSI    0000006e [SR] Verifying 100 (0x00000064) components
2014-03-27 15:27:19, Info                  CSI    0000006f [SR] Beginning Verify and Repair transaction
2014-03-27 15:27:23, Info                  CSI    00000071 [SR] Verify complete
2014-03-27 15:27:23, Info                  CSI    00000072 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:27:23, Info                  CSI    00000073 [SR] Beginning Verify and Repair transaction
2014-03-27 15:27:29, Info                  CSI    00000075 [SR] Verify complete
2014-03-27 15:27:29, Info                  CSI    00000076 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:27:29, Info                  CSI    00000077 [SR] Beginning Verify and Repair transaction
2014-03-27 15:27:39, Info                  CSI    0000007b [SR] Verify complete
2014-03-27 15:27:39, Info                  CSI    0000007c [SR] Verifying 100 (0x00000064) components
2014-03-27 15:27:39, Info                  CSI    0000007d [SR] Beginning Verify and Repair transaction
2014-03-27 15:27:46, Info                  CSI    0000007f [SR] Verify complete
2014-03-27 15:27:47, Info                  CSI    00000080 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:27:47, Info                  CSI    00000081 [SR] Beginning Verify and Repair transaction
2014-03-27 15:27:58, Info                  CSI    00000083 [SR] Verify complete
2014-03-27 15:27:59, Info                  CSI    00000084 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:27:59, Info                  CSI    00000085 [SR] Beginning Verify and Repair transaction
2014-03-27 15:28:07, Info                  CSI    00000087 [SR] Verify complete
2014-03-27 15:28:08, Info                  CSI    00000088 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:28:08, Info                  CSI    00000089 [SR] Beginning Verify and Repair transaction
2014-03-27 15:28:12, Info                  CSI    0000008b [SR] Verify complete
2014-03-27 15:28:12, Info                  CSI    0000008c [SR] Verifying 100 (0x00000064) components
2014-03-27 15:28:12, Info                  CSI    0000008d [SR] Beginning Verify and Repair transaction
2014-03-27 15:28:14, Info                  CSI    0000008f [SR] Verify complete
2014-03-27 15:28:14, Info                  CSI    00000090 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:28:14, Info                  CSI    00000091 [SR] Beginning Verify and Repair transaction
2014-03-27 15:28:18, Info                  CSI    00000093 [SR] Verify complete
2014-03-27 15:28:18, Info                  CSI    00000094 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:28:18, Info                  CSI    00000095 [SR] Beginning Verify and Repair transaction
2014-03-27 15:28:31, Info                  CSI    000000b3 [SR] Verify complete
2014-03-27 15:28:31, Info                  CSI    000000b4 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:28:31, Info                  CSI    000000b5 [SR] Beginning Verify and Repair transaction
2014-03-27 15:28:32, Info                  CSI    000000b7 [SR] Verify complete
2014-03-27 15:28:33, Info                  CSI    000000b8 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:28:33, Info                  CSI    000000b9 [SR] Beginning Verify and Repair transaction
2014-03-27 15:28:36, Info                  CSI    000000bb [SR] Verify complete
2014-03-27 15:28:37, Info                  CSI    000000bc [SR] Verifying 100 (0x00000064) components
2014-03-27 15:28:37, Info                  CSI    000000bd [SR] Beginning Verify and Repair transaction
2014-03-27 15:28:38, Info                  CSI    000000bf [SR] Verify complete
2014-03-27 15:28:39, Info                  CSI    000000c0 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:28:39, Info                  CSI    000000c1 [SR] Beginning Verify and Repair transaction
2014-03-27 15:28:45, Info                  CSI    000000c3 [SR] Verify complete
2014-03-27 15:28:45, Info                  CSI    000000c4 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:28:45, Info                  CSI    000000c5 [SR] Beginning Verify and Repair transaction
2014-03-27 15:28:54, Info                  CSI    000000c7 [SR] Verify complete
2014-03-27 15:28:54, Info                  CSI    000000c8 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:28:54, Info                  CSI    000000c9 [SR] Beginning Verify and Repair transaction
2014-03-27 15:28:57, Info                  CSI    000000cb [SR] Verify complete
2014-03-27 15:28:58, Info                  CSI    000000cc [SR] Verifying 100 (0x00000064) components
2014-03-27 15:28:58, Info                  CSI    000000cd [SR] Beginning Verify and Repair transaction
2014-03-27 15:29:00, Info                  CSI    000000cf [SR] Verify complete
2014-03-27 15:29:01, Info                  CSI    000000d0 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:29:01, Info                  CSI    000000d1 [SR] Beginning Verify and Repair transaction
2014-03-27 15:29:08, Info                  CSI    000000d3 [SR] Verify complete
2014-03-27 15:29:09, Info                  CSI    000000d4 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:29:09, Info                  CSI    000000d5 [SR] Beginning Verify and Repair transaction
2014-03-27 15:29:15, Info                  CSI    000000d7 [SR] Verify complete
2014-03-27 15:29:16, Info                  CSI    000000d8 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:29:16, Info                  CSI    000000d9 [SR] Beginning Verify and Repair transaction
2014-03-27 15:29:21, Info                  CSI    000000db [SR] Verify complete
2014-03-27 15:29:21, Info                  CSI    000000dc [SR] Verifying 100 (0x00000064) components
2014-03-27 15:29:21, Info                  CSI    000000dd [SR] Beginning Verify and Repair transaction
2014-03-27 15:29:34, Info                  CSI    000000ff [SR] Verify complete
2014-03-27 15:29:35, Info                  CSI    00000100 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:29:35, Info                  CSI    00000101 [SR] Beginning Verify and Repair transaction
2014-03-27 15:29:43, Info                  CSI    00000107 [SR] Verify complete
2014-03-27 15:29:43, Info                  CSI    00000108 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:29:43, Info                  CSI    00000109 [SR] Beginning Verify and Repair transaction
2014-03-27 15:30:04, Info                  CSI    0000010b [SR] Verify complete
2014-03-27 15:30:05, Info                  CSI    0000010c [SR] Verifying 100 (0x00000064) components
2014-03-27 15:30:05, Info                  CSI    0000010d [SR] Beginning Verify and Repair transaction
2014-03-27 15:30:11, Info                  CSI    0000010f [SR] Verify complete
2014-03-27 15:30:11, Info                  CSI    00000110 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:30:11, Info                  CSI    00000111 [SR] Beginning Verify and Repair transaction
2014-03-27 15:30:24, Info                  CSI    00000114 [SR] Verify complete
2014-03-27 15:30:25, Info                  CSI    00000115 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:30:25, Info                  CSI    00000116 [SR] Beginning Verify and Repair transaction
2014-03-27 15:30:29, Info                  CSI    00000118 [SR] Cannot repair member file [l:14{7}]"pla.dll" of Microsoft-Windows-PerformanceCounterInfrastructureConsumer, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2014-03-27 15:30:32, Info                  CSI    0000011a [SR] Verify complete
2014-03-27 15:30:33, Info                  CSI    0000011b [SR] Verifying 100 (0x00000064) components
2014-03-27 15:30:33, Info                  CSI    0000011c [SR] Beginning Verify and Repair transaction
2014-03-27 15:30:38, Info                  CSI    0000011e [SR] Verify complete
2014-03-27 15:30:39, Info                  CSI    0000011f [SR] Verifying 100 (0x00000064) components
2014-03-27 15:30:39, Info                  CSI    00000120 [SR] Beginning Verify and Repair transaction
2014-03-27 15:30:43, Info                  CSI    00000122 [SR] Verify complete
2014-03-27 15:30:43, Info                  CSI    00000123 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:30:43, Info                  CSI    00000124 [SR] Beginning Verify and Repair transaction
2014-03-27 15:30:47, Info                  CSI    00000127 [SR] Verify complete
2014-03-27 15:30:48, Info                  CSI    00000128 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:30:48, Info                  CSI    00000129 [SR] Beginning Verify and Repair transaction
2014-03-27 15:31:02, Info                  CSI    0000012b [SR] Verify complete
2014-03-27 15:31:02, Info                  CSI    0000012c [SR] Verifying 100 (0x00000064) components
2014-03-27 15:31:02, Info                  CSI    0000012d [SR] Beginning Verify and Repair transaction
2014-03-27 15:31:11, Info                  CSI    00000130 [SR] Verify complete
2014-03-27 15:31:11, Info                  CSI    00000131 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:31:11, Info                  CSI    00000132 [SR] Beginning Verify and Repair transaction
2014-03-27 15:31:18, Info                  CSI    00000134 [SR] Verify complete
2014-03-27 15:31:19, Info                  CSI    00000135 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:31:19, Info                  CSI    00000136 [SR] Beginning Verify and Repair transaction
2014-03-27 15:31:23, Info                  CSI    00000138 [SR] Verify complete
2014-03-27 15:31:24, Info                  CSI    00000139 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:31:24, Info                  CSI    0000013a [SR] Beginning Verify and Repair transaction
2014-03-27 15:31:37, Info                  CSI    0000013d [SR] Verify complete
2014-03-27 15:31:37, Info                  CSI    0000013e [SR] Verifying 100 (0x00000064) components
2014-03-27 15:31:37, Info                  CSI    0000013f [SR] Beginning Verify and Repair transaction
2014-03-27 15:31:44, Info                  CSI    00000141 [SR] Verify complete
2014-03-27 15:31:44, Info                  CSI    00000142 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:31:44, Info                  CSI    00000143 [SR] Beginning Verify and Repair transaction
2014-03-27 15:31:51, Info                  CSI    00000145 [SR] Verify complete
2014-03-27 15:31:51, Info                  CSI    00000146 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:31:51, Info                  CSI    00000147 [SR] Beginning Verify and Repair transaction
2014-03-27 15:31:58, Info                  CSI    00000149 [SR] Verify complete
2014-03-27 15:31:58, Info                  CSI    0000014a [SR] Verifying 100 (0x00000064) components
2014-03-27 15:31:58, Info                  CSI    0000014b [SR] Beginning Verify and Repair transaction
2014-03-27 15:32:06, Info                  CSI    0000014e [SR] Verify complete
2014-03-27 15:32:06, Info                  CSI    0000014f [SR] Verifying 100 (0x00000064) components
2014-03-27 15:32:06, Info                  CSI    00000150 [SR] Beginning Verify and Repair transaction
2014-03-27 15:32:11, Info                  CSI    00000152 [SR] Verify complete
2014-03-27 15:32:11, Info                  CSI    00000153 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:32:11, Info                  CSI    00000154 [SR] Beginning Verify and Repair transaction
2014-03-27 15:32:17, Info                  CSI    00000156 [SR] Verify complete
2014-03-27 15:32:18, Info                  CSI    00000157 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:32:18, Info                  CSI    00000158 [SR] Beginning Verify and Repair transaction
2014-03-27 15:32:25, Info                  CSI    0000015b [SR] Verify complete
2014-03-27 15:32:26, Info                  CSI    0000015c [SR] Verifying 100 (0x00000064) components
2014-03-27 15:32:26, Info                  CSI    0000015d [SR] Beginning Verify and Repair transaction
2014-03-27 15:32:32, Info                  CSI    0000015f [SR] Verify complete
2014-03-27 15:32:32, Info                  CSI    00000160 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:32:32, Info                  CSI    00000161 [SR] Beginning Verify and Repair transaction
2014-03-27 15:32:43, Info                  CSI    00000163 [SR] Verify complete
2014-03-27 15:32:44, Info                  CSI    00000164 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:32:44, Info                  CSI    00000165 [SR] Beginning Verify and Repair transaction
2014-03-27 15:32:52, Info                  CSI    00000167 [SR] Verify complete
2014-03-27 15:32:52, Info                  CSI    00000168 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:32:52, Info                  CSI    00000169 [SR] Beginning Verify and Repair transaction
2014-03-27 15:32:55, Info                  CSI    0000016b [SR] Verify complete
2014-03-27 15:32:55, Info                  CSI    0000016c [SR] Verifying 100 (0x00000064) components
2014-03-27 15:32:55, Info                  CSI    0000016d [SR] Beginning Verify and Repair transaction
2014-03-27 15:33:00, Info                  CSI    0000016f [SR] Verify complete
2014-03-27 15:33:01, Info                  CSI    00000170 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:33:01, Info                  CSI    00000171 [SR] Beginning Verify and Repair transaction
2014-03-27 15:33:07, Info                  CSI    00000173 [SR] Verify complete
2014-03-27 15:33:07, Info                  CSI    00000174 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:33:07, Info                  CSI    00000175 [SR] Beginning Verify and Repair transaction
2014-03-27 15:33:14, Info                  CSI    00000177 [SR] Verify complete
2014-03-27 15:33:14, Info                  CSI    00000178 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:33:14, Info                  CSI    00000179 [SR] Beginning Verify and Repair transaction
2014-03-27 15:33:20, Info                  CSI    0000017b [SR] Verify complete
2014-03-27 15:33:20, Info                  CSI    0000017c [SR] Verifying 100 (0x00000064) components
2014-03-27 15:33:20, Info                  CSI    0000017d [SR] Beginning Verify and Repair transaction
2014-03-27 15:33:24, Info                  CSI    0000017f [SR] Verify complete
2014-03-27 15:33:25, Info                  CSI    00000180 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:33:25, Info                  CSI    00000181 [SR] Beginning Verify and Repair transaction
2014-03-27 15:33:45, Info                  CSI    00000183 [SR] Verify complete
2014-03-27 15:33:45, Info                  CSI    00000184 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:33:45, Info                  CSI    00000185 [SR] Beginning Verify and Repair transaction
2014-03-27 15:34:28, Info                  CSI    00000187 [SR] Verify complete
2014-03-27 15:34:28, Info                  CSI    00000188 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:34:28, Info                  CSI    00000189 [SR] Beginning Verify and Repair transaction
2014-03-27 15:34:37, Info                  CSI    0000018b [SR] Verify complete
2014-03-27 15:34:37, Info                  CSI    0000018c [SR] Verifying 100 (0x00000064) components
2014-03-27 15:34:37, Info                  CSI    0000018d [SR] Beginning Verify and Repair transaction
2014-03-27 15:34:46, Info                  CSI    0000018f [SR] Verify complete
2014-03-27 15:34:46, Info                  CSI    00000190 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:34:46, Info                  CSI    00000191 [SR] Beginning Verify and Repair transaction
2014-03-27 15:34:48, Info                  CSI    00000193 [SR] Verify complete
2014-03-27 15:34:48, Info                  CSI    00000194 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:34:48, Info                  CSI    00000195 [SR] Beginning Verify and Repair transaction
2014-03-27 15:34:54, Info                  CSI    00000197 [SR] Verify complete
2014-03-27 15:34:54, Info                  CSI    00000198 [SR] Verifying 100 (0x00000064) components
2014-03-27 15:34:54, Info                  CSI    00000199 [SR] Beginning Verify and Repair transaction
2014-03-27 15:35:01, Info                  CSI    0000019b [SR] Verify complete
2014-03-27 15:35:01, Info                  CSI    0000019c [SR] Verifying 100 (0x00000064) components
2014-03-27 15:35:01, Info                  CSI    0000019d [SR] Beginning Verify and Repair transaction
2014-03-27 15:35:10, Info                  CSI    0000019f [SR] Verify complete
2014-03-27 15:35:10, Info                  CSI    000001a0 [SR] Verifying 19 (0x00000013) components
2014-03-27 15:35:10, Info                  CSI    000001a1 [SR] Beginning Verify and Repair transaction
2014-03-27 15:35:11, Info                  CSI    000001a3 [SR] Verify complete
2014-03-27 15:35:11, Info                  CSI    000001a4 [SR] Repairing 1 components
2014-03-27 15:35:11, Info                  CSI    000001a5 [SR] Beginning Verify and Repair transaction
2014-03-27 15:35:12, Info                  CSI    000001a7 [SR] Repair complete
2014-03-27 15:35:12, Info                  CSI    000001a8 [SR] Committing transaction
2014-03-27 15:35:12, Info                  CSI    000001ac [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction  have been successfully repaired
         

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

• Starte jetzt FRST.
• Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
• Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
• Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Danke für deine schnelle Hilfestellung.

FRST:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014  01
Ran by Florian (administrator) on FLORIAN-PC on 27-03-2014 17:23:24
Running from C:\Users\Florian\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\WU-IE10-Windows7-x86.exe
(Microsoft Corporation) C:\Windows\TEMP\IE13824.tmp\IE10-support\ienrcore.exe
(Microsoft Corporation) C:\Windows\System32\dism.exe
(Microsoft Corporation) C:\Users\Florian\AppData\Local\Temp\3FA3585A-C79E-484A-ACD4-A21EAF328C57\dismhost.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0370CE5BC349CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\bwz8m87f.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml

========================== Services (Whitelisted) =================

R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
R1 MpKsl72334176; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C2DD4375-5096-4A7E-A651-D3525900131D}\MpKsl72334176.sys [39464 2014-03-27] (Microsoft Corporation)
R3 Ph6xIB32; C:\Windows\System32\DRIVERS\Ph6xIB32.sys [1277952 2009-07-13] (NXP Semiconductors GmbH)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-27 17:23 - 2014-03-27 17:23 - 00004707 _____ () C:\Users\Florian\Desktop\FRST.txt
2014-03-27 17:23 - 2014-03-27 17:23 - 00000000 ____D () C:\FRST
2014-03-27 17:22 - 2014-03-27 17:22 - 01145856 _____ (Farbar) C:\Users\Florian\Desktop\FRST.exe
2014-03-27 17:18 - 2014-03-27 17:23 - 00008713 _____ () C:\Windows\IE10_main.log
2014-03-27 16:06 - 2014-03-27 17:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-27 16:06 - 2014-03-27 16:06 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-27 16:06 - 2014-03-27 16:06 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-03-27 16:06 - 2014-03-27 16:06 - 00000000 ____D () C:\Windows\system32\Macromed
2014-03-27 16:06 - 2014-03-27 16:06 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Macromedia
2014-03-27 16:06 - 2014-03-27 16:06 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Adobe
2014-03-27 16:06 - 2014-03-27 16:06 - 00000000 ____D () C:\Users\Florian\AppData\Local\Macromedia
2014-03-27 16:04 - 2014-03-27 16:06 - 00000000 ____D () C:\Users\Florian\AppData\Local\Adobe
2014-03-27 15:53 - 2014-03-27 15:55 - 00000000 ____D () C:\Users\Florian\Documents\USB
2014-03-27 15:48 - 2014-03-27 15:48 - 04113320 _____ () C:\Users\Florian\Downloads\tdsskiller26.zip
2014-03-27 15:48 - 2014-03-27 15:48 - 00000000 ____D () C:\Users\Florian\Downloads\tdsskiller26
2014-03-27 15:44 - 2014-03-27 15:44 - 00023787 _____ () C:\Users\Florian\Desktop\sfcdetails.txt
2014-03-27 15:42 - 2014-03-27 15:42 - 00023787 _____ () C:\Windows\system32\sfcdetails.txt
2014-03-27 15:38 - 2014-03-27 15:40 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Notepad++
2014-03-27 15:38 - 2014-03-27 15:38 - 07624808 _____ () C:\Users\Florian\Downloads\npp.6.5.5.Installer.exe
2014-03-27 15:38 - 2014-03-27 15:38 - 00001027 _____ () C:\Users\UpdatusUser\Desktop\Notepad++.lnk
2014-03-27 15:38 - 2014-03-27 15:38 - 00001027 _____ () C:\Users\Florian\Desktop\Notepad++.lnk
2014-03-27 15:38 - 2014-03-27 15:38 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-03-27 15:38 - 2014-03-27 15:38 - 00000000 ____D () C:\Program Files\Notepad++
2014-03-27 15:13 - 2014-03-27 15:13 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-03-27 15:13 - 2014-03-27 15:13 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-03-27 15:07 - 2014-03-27 15:07 - 00435741 __RSH () C:\NILPZ
2014-03-27 15:03 - 2014-03-27 15:56 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-27 15:02 - 2014-03-27 15:02 - 00001060 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-27 15:02 - 2014-03-27 15:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-27 15:02 - 2014-03-27 15:02 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-03-27 15:02 - 2014-03-05 09:26 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-27 15:02 - 2014-03-05 09:26 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-27 15:02 - 2014-03-05 09:26 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-27 15:01 - 2014-03-27 15:01 - 00001426 _____ () C:\Users\Public\Desktop\LibreOffice 4.2.lnk
2014-03-27 15:01 - 2014-03-27 15:01 - 00000000 ____D () C:\Program Files\LibreOffice 4
2014-03-27 15:01 - 2014-01-19 08:32 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-03-27 14:57 - 2014-03-27 14:57 - 00000000 ____D () C:\Program Files\Tracker Software
2014-03-27 14:55 - 2014-03-27 14:55 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Mozilla
2014-03-27 14:55 - 2014-03-27 14:55 - 00000000 ____D () C:\Users\Florian\AppData\Local\Mozilla
2014-03-27 14:54 - 2014-03-27 14:54 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-03-27 14:54 - 2014-03-27 14:54 - 00000000 _SHDL () C:\Users\UpdatusUser\Startmenü
2014-03-27 14:54 - 2014-03-27 14:54 - 00000000 _SHDL () C:\Users\UpdatusUser\Netzwerkumgebung
2014-03-27 14:54 - 2014-03-27 14:54 - 00000000 _SHDL () C:\Users\UpdatusUser\Druckumgebung
2014-03-27 14:54 - 2014-03-27 14:54 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Musik
2014-03-27 14:54 - 2014-03-27 14:54 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Bilder
2014-03-27 14:54 - 2014-03-27 14:54 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-27 14:54 - 2014-03-27 14:54 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Verlauf
2014-03-27 14:54 - 2014-03-27 14:54 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-27 14:54 - 2013-02-19 21:33 - 00053024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-03-27 14:54 - 2013-01-31 10:01 - 03970848 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-03-27 14:54 - 2013-01-31 10:01 - 02859296 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll
2014-03-27 14:54 - 2013-01-31 10:00 - 02557728 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-03-27 14:54 - 2013-01-31 10:00 - 00634656 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-03-27 14:54 - 2013-01-31 10:00 - 00108832 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-03-27 14:54 - 2013-01-31 10:00 - 00062752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-03-27 14:54 - 2009-07-14 05:42 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-27 14:54 - 2009-07-14 05:37 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-27 14:53 - 2014-03-27 14:54 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-27 14:53 - 2014-03-27 14:53 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-27 14:52 - 2014-03-27 14:57 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-27 14:52 - 2014-03-27 14:52 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-27 14:52 - 2014-03-27 14:52 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-27 14:52 - 2014-03-27 14:52 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-27 14:49 - 2014-03-27 14:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-03-27 14:45 - 2014-03-27 14:45 - 00001409 _____ () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-27 14:45 - 2012-06-02 23:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-03-27 14:45 - 2012-06-02 23:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-03-27 14:45 - 2012-06-02 23:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-03-27 14:45 - 2012-06-02 23:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-03-27 14:45 - 2012-06-02 23:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-03-27 14:45 - 2012-06-02 23:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-03-27 14:45 - 2012-06-02 23:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-03-27 14:45 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-03-27 14:45 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-03-27 14:44 - 2014-03-27 15:13 - 00069896 _____ () C:\Users\Florian\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-27 14:44 - 2014-03-27 14:45 - 00000000 ____D () C:\Users\Florian
2014-03-27 14:44 - 2014-03-27 14:44 - 00000020 ___SH () C:\Users\Florian\ntuser.ini
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Florian\Startmenü
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Florian\Netzwerkumgebung
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Florian\Druckumgebung
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Florian\Documents\Eigene Musik
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Florian\Documents\Eigene Bilder
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Florian\AppData\Local\Verlauf
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Programme
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 __SHD () C:\Recovery
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 ____D () C:\Users\Florian\AppData\Local\VirtualStore
2014-03-27 14:44 - 2009-07-14 05:42 - 00000000 ___RD () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-27 14:44 - 2009-07-14 05:37 - 00000000 ___RD () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-27 14:40 - 2014-03-27 17:18 - 01115991 _____ () C:\Windows\WindowsUpdate.log
2014-03-27 14:37 - 2014-03-27 14:40 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-03-27 14:35 - 2014-03-27 14:44 - 00000000 ____D () C:\Windows\Panther
2014-03-27 14:35 - 2014-03-27 14:35 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-03-27 14:35 - 2010-11-20 22:29 - 00383786 __RSH () C:\bootmgr
2014-03-15 18:27 - 2014-03-15 18:27 - 02115072 _____ (Legolash2o) C:\Windows\system32\WinToolkitRunOnce.exe
2014-03-15 18:26 - 2014-03-15 18:26 - 11020800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-15 18:26 - 2014-03-15 18:26 - 06041088 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-15 18:26 - 2014-03-15 18:26 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-15 18:26 - 2014-03-15 18:26 - 02078208 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-15 18:26 - 2014-03-15 18:26 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-15 18:26 - 2014-03-15 18:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-03-15 18:26 - 2014-03-15 18:26 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-15 18:26 - 2014-03-15 18:26 - 00981504 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-15 18:26 - 2014-03-15 18:26 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-15 18:26 - 2014-03-15 18:26 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-15 18:26 - 2014-03-15 18:26 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-15 18:26 - 2014-03-15 18:26 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-15 18:26 - 2014-03-15 18:26 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-15 18:26 - 2014-03-15 18:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-15 18:26 - 2014-03-15 18:26 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-03-15 18:26 - 2014-03-15 18:26 - 00000000 ____D () C:\Windows\WinToolkit
2014-03-15 18:25 - 2014-03-15 18:25 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-15 18:25 - 2014-03-15 18:25 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-03-15 18:25 - 2014-03-15 18:25 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-03-15 18:25 - 2014-03-15 18:25 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-03-15 18:25 - 2014-03-15 18:25 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-03-15 18:25 - 2014-03-15 18:25 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-03-15 18:25 - 2014-03-15 18:25 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-03-15 18:25 - 2014-03-15 18:25 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-03-15 18:24 - 2014-03-15 18:24 - 01293760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-03-15 18:24 - 2014-03-15 18:24 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 01038848 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00729024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-03-15 18:24 - 2014-03-15 18:24 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-03-15 18:24 - 2014-03-15 18:24 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-03-15 18:24 - 2014-03-15 18:24 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00240496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-03-15 18:24 - 2014-03-15 18:24 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00218984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-03-15 18:24 - 2014-03-15 18:24 - 00187752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-03-15 18:24 - 2014-03-15 18:24 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-03-15 18:24 - 2014-03-15 18:24 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-03-15 18:24 - 2014-03-15 18:24 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2014-03-15 18:24 - 2014-03-15 18:24 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-03-15 18:24 - 2014-03-15 18:24 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-03-15 18:24 - 2014-03-15 18:24 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-03-15 18:23 - 2014-03-15 18:23 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-03-15 18:23 - 2014-03-15 18:23 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-03-15 18:23 - 2014-03-15 18:23 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-03-15 18:23 - 2014-03-15 18:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-03-15 18:23 - 2014-03-15 18:23 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-03-15 18:23 - 2014-03-15 18:23 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-03-15 18:23 - 2014-03-15 18:23 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-03-15 18:23 - 2014-03-15 18:23 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-03-15 18:23 - 2014-03-15 18:23 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-03-15 18:23 - 2014-03-15 18:23 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-03-15 18:22 - 2014-03-15 18:22 - 03968960 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-03-15 18:22 - 2014-03-15 18:22 - 03913664 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-03-15 18:22 - 2014-03-15 18:22 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-03-15 18:22 - 2014-03-15 18:22 - 01077760 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-03-15 18:22 - 2014-03-15 18:22 - 00808448 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-03-15 18:22 - 2014-03-15 18:22 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-03-15 18:22 - 2014-03-15 18:22 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-03-15 18:22 - 2014-03-15 18:22 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-03-15 18:22 - 2014-03-15 18:22 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-03-15 18:22 - 2014-03-15 18:22 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-03-15 18:22 - 2014-03-15 18:22 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-03-15 18:22 - 2014-03-15 18:22 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-03-15 18:22 - 2014-03-15 18:22 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-03-15 18:22 - 2014-03-15 18:22 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-03-15 18:22 - 2014-03-15 18:22 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-03-15 18:22 - 2014-03-15 18:22 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-03-15 18:22 - 2014-03-15 18:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-03-15 18:22 - 2014-03-15 18:22 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-03-15 18:22 - 2014-03-15 18:22 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-03-15 18:22 - 2014-03-15 18:22 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-03-15 18:21 - 2014-03-15 18:21 - 01211752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-03-15 18:21 - 2014-03-15 18:21 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-03-15 18:21 - 2014-03-15 18:21 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-03-15 18:21 - 2014-03-15 18:21 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-03-15 18:21 - 2014-03-15 18:21 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-03-15 18:21 - 2014-03-15 18:21 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-03-15 18:21 - 2014-03-15 18:21 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-03-15 18:20 - 2014-03-15 18:20 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-03-15 18:20 - 2014-03-15 18:20 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-03-15 18:20 - 2014-03-15 18:20 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-03-15 18:20 - 2014-03-15 18:20 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-03-15 18:20 - 2014-03-15 18:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-03-15 18:20 - 2014-03-15 18:20 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-03-15 18:19 - 2014-03-15 18:19 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-03-15 18:19 - 2014-03-15 18:19 - 01389568 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-03-15 18:19 - 2014-03-15 18:19 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-03-15 18:18 - 2014-03-15 18:18 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-03-15 18:17 - 2014-03-15 18:17 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-03-15 18:17 - 2014-03-15 18:17 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-03-15 18:17 - 2014-03-15 18:17 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-03-15 18:17 - 2014-03-15 18:17 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-03-15 18:17 - 2014-03-15 18:17 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-03-15 18:17 - 2014-03-15 18:17 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-03-15 18:16 - 2014-03-15 18:16 - 12873728 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-03-15 18:16 - 2014-03-15 18:16 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-03-15 18:16 - 2014-03-15 18:16 - 00056176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-03-15 18:15 - 2014-03-15 18:15 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-03-15 18:15 - 2014-03-15 18:15 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-03-15 18:15 - 2014-03-15 18:15 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-03-15 18:15 - 2014-03-15 18:15 - 00019824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-03-15 18:15 - 2014-03-15 18:15 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-03-15 18:15 - 2014-03-15 18:15 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-03-15 18:14 - 2014-03-15 18:14 - 01328128 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-03-15 18:14 - 2014-03-15 18:14 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-03-15 18:14 - 2014-03-15 18:14 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-03-15 18:14 - 2014-03-15 18:14 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-03-15 18:14 - 2014-03-15 18:14 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-03-15 18:14 - 2014-03-15 18:14 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-03-15 18:13 - 2014-03-15 18:13 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-03-15 18:13 - 2014-03-15 18:13 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-03-15 18:13 - 2014-03-15 18:13 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-03-15 18:13 - 2014-03-15 18:13 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\odbcjt32.dll
2014-03-15 18:13 - 2014-03-15 18:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-03-15 18:13 - 2014-03-15 18:13 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-03-15 18:13 - 2014-03-15 18:13 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-03-15 18:13 - 2014-03-15 18:13 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-03-15 18:13 - 2014-03-15 18:13 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-03-15 18:13 - 2014-03-15 18:13 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-03-15 18:13 - 2014-03-15 18:13 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-03-15 18:13 - 2014-03-15 18:13 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-03-15 18:12 - 2014-03-15 18:12 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-15 18:12 - 2014-03-15 18:12 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-03-15 18:12 - 2014-03-15 18:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-03-15 18:12 - 2014-03-15 18:12 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-03-15 18:12 - 2014-03-15 18:12 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-03-15 18:12 - 2014-03-15 18:12 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-03-15 18:12 - 2014-03-15 18:12 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-03-15 18:12 - 2014-03-15 18:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-03-15 18:12 - 2014-03-15 18:12 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-03-15 18:12 - 2014-03-15 18:12 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-03-15 18:12 - 2014-03-15 18:12 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-03-15 18:11 - 2014-03-15 18:11 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-03-15 18:11 - 2014-03-15 18:11 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-03-15 18:11 - 2014-03-15 18:11 - 00850944 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-03-15 18:11 - 2014-03-15 18:11 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-03-15 18:11 - 2014-03-15 18:11 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-03-15 18:11 - 2014-03-15 18:11 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-03-15 18:11 - 2014-03-15 18:11 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-02-27 16:37 - 2014-02-27 16:37 - 00773968 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll
2014-02-27 16:37 - 2014-02-27 16:37 - 00421200 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll

==================== One Month Modified Files and Folders =======

2014-03-27 17:23 - 2014-03-27 17:23 - 00004707 _____ () C:\Users\Florian\Desktop\FRST.txt
2014-03-27 17:23 - 2014-03-27 17:23 - 00000000 ____D () C:\FRST
2014-03-27 17:23 - 2014-03-27 17:18 - 00008713 _____ () C:\Windows\IE10_main.log
2014-03-27 17:23 - 2014-03-27 16:06 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-27 17:22 - 2014-03-27 17:22 - 01145856 _____ (Farbar) C:\Users\Florian\Desktop\FRST.exe
2014-03-27 17:18 - 2014-03-27 14:40 - 01115991 _____ () C:\Windows\WindowsUpdate.log
2014-03-27 17:18 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-03-27 16:06 - 2014-03-27 16:06 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-27 16:06 - 2014-03-27 16:06 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-03-27 16:06 - 2014-03-27 16:06 - 00000000 ____D () C:\Windows\system32\Macromed
2014-03-27 16:06 - 2014-03-27 16:06 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Macromedia
2014-03-27 16:06 - 2014-03-27 16:06 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Adobe
2014-03-27 16:06 - 2014-03-27 16:06 - 00000000 ____D () C:\Users\Florian\AppData\Local\Macromedia
2014-03-27 16:06 - 2014-03-27 16:04 - 00000000 ____D () C:\Users\Florian\AppData\Local\Adobe
2014-03-27 15:56 - 2014-03-27 15:03 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-27 15:55 - 2014-03-27 15:53 - 00000000 ____D () C:\Users\Florian\Documents\USB
2014-03-27 15:55 - 2010-11-20 22:01 - 01472002 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-27 15:48 - 2014-03-27 15:48 - 04113320 _____ () C:\Users\Florian\Downloads\tdsskiller26.zip
2014-03-27 15:48 - 2014-03-27 15:48 - 00000000 ____D () C:\Users\Florian\Downloads\tdsskiller26
2014-03-27 15:44 - 2014-03-27 15:44 - 00023787 _____ () C:\Users\Florian\Desktop\sfcdetails.txt
2014-03-27 15:42 - 2014-03-27 15:42 - 00023787 _____ () C:\Windows\system32\sfcdetails.txt
2014-03-27 15:40 - 2014-03-27 15:38 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Notepad++
2014-03-27 15:38 - 2014-03-27 15:38 - 07624808 _____ () C:\Users\Florian\Downloads\npp.6.5.5.Installer.exe
2014-03-27 15:38 - 2014-03-27 15:38 - 00001027 _____ () C:\Users\UpdatusUser\Desktop\Notepad++.lnk
2014-03-27 15:38 - 2014-03-27 15:38 - 00001027 _____ () C:\Users\Florian\Desktop\Notepad++.lnk
2014-03-27 15:38 - 2014-03-27 15:38 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-03-27 15:38 - 2014-03-27 15:38 - 00000000 ____D () C:\Program Files\Notepad++
2014-03-27 15:18 - 2009-07-14 05:34 - 00028128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-27 15:18 - 2009-07-14 05:34 - 00028128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-27 15:13 - 2014-03-27 15:13 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-03-27 15:13 - 2014-03-27 15:13 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-03-27 15:13 - 2014-03-27 14:44 - 00069896 _____ () C:\Users\Florian\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-27 15:08 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-27 15:08 - 2009-07-14 05:39 - 00022639 _____ () C:\Windows\setupact.log
2014-03-27 15:08 - 2009-07-14 05:33 - 00321704 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-27 15:07 - 2014-03-27 15:07 - 00435741 __RSH () C:\NILPZ
2014-03-27 15:02 - 2014-03-27 15:02 - 00001060 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-27 15:02 - 2014-03-27 15:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-27 15:02 - 2014-03-27 15:02 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-03-27 15:01 - 2014-03-27 15:01 - 00001426 _____ () C:\Users\Public\Desktop\LibreOffice 4.2.lnk
2014-03-27 15:01 - 2014-03-27 15:01 - 00000000 ____D () C:\Program Files\LibreOffice 4
2014-03-27 14:57 - 2014-03-27 14:57 - 00000000 ____D () C:\Program Files\Tracker Software
2014-03-27 14:57 - 2014-03-27 14:52 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-27 14:55 - 2014-03-27 14:55 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Mozilla
2014-03-27 14:55 - 2014-03-27 14:55 - 00000000 ____D () C:\Users\Florian\AppData\Local\Mozilla
2014-03-27 14:54 - 2014-03-27 14:54 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-03-27 14:54 - 2014-03-27 14:54 - 00000000 _SHDL () C:\Users\UpdatusUser\Startmenü
2014-03-27 14:54 - 2014-03-27 14:54 - 00000000 _SHDL () C:\Users\UpdatusUser\Netzwerkumgebung
2014-03-27 14:54 - 2014-03-27 14:54 - 00000000 _SHDL () C:\Users\UpdatusUser\Druckumgebung
2014-03-27 14:54 - 2014-03-27 14:54 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Musik
2014-03-27 14:54 - 2014-03-27 14:54 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Bilder
2014-03-27 14:54 - 2014-03-27 14:54 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-27 14:54 - 2014-03-27 14:54 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Verlauf
2014-03-27 14:54 - 2014-03-27 14:54 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-27 14:54 - 2014-03-27 14:53 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-27 14:54 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Help
2014-03-27 14:53 - 2014-03-27 14:53 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-27 14:52 - 2014-03-27 14:52 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-27 14:52 - 2014-03-27 14:52 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-27 14:52 - 2014-03-27 14:52 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-27 14:49 - 2014-03-27 14:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-03-27 14:45 - 2014-03-27 14:45 - 00001409 _____ () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-27 14:45 - 2014-03-27 14:44 - 00000000 ____D () C:\Users\Florian
2014-03-27 14:45 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-03-27 14:44 - 2014-03-27 14:44 - 00000020 ___SH () C:\Users\Florian\ntuser.ini
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Florian\Startmenü
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Florian\Netzwerkumgebung
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Florian\Druckumgebung
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Florian\Documents\Eigene Musik
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Florian\Documents\Eigene Bilder
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Florian\AppData\Local\Verlauf
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\Programme
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 __SHD () C:\Recovery
2014-03-27 14:44 - 2014-03-27 14:44 - 00000000 ____D () C:\Users\Florian\AppData\Local\VirtualStore
2014-03-27 14:44 - 2014-03-27 14:35 - 00000000 ____D () C:\Windows\Panther
2014-03-27 14:44 - 2009-07-14 05:52 - 00000000 ____D () C:\Windows\system32\restore
2014-03-27 14:44 - 2009-07-14 03:37 - 00000000 __RHD () C:\Users\Public\Libraries
2014-03-27 14:44 - 2009-07-14 03:37 - 00000000 __RHD () C:\Users\Default
2014-03-27 14:44 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\Recovery
2014-03-27 14:44 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Windows NT
2014-03-27 14:43 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-03-27 14:40 - 2014-03-27 14:37 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-03-27 14:37 - 2009-07-14 05:34 - 00002790 _____ () C:\Windows\DtcInstall.log
2014-03-27 14:35 - 2014-03-27 14:35 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-03-27 14:35 - 2009-07-14 05:57 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-03-27 14:35 - 2009-07-14 05:52 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-03-15 18:27 - 2014-03-15 18:27 - 02115072 _____ (Legolash2o) C:\Windows\system32\WinToolkitRunOnce.exe
2014-03-15 18:26 - 2014-03-15 18:26 - 11020800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-15 18:26 - 2014-03-15 18:26 - 06041088 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-15 18:26 - 2014-03-15 18:26 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-15 18:26 - 2014-03-15 18:26 - 02078208 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-15 18:26 - 2014-03-15 18:26 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-15 18:26 - 2014-03-15 18:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-03-15 18:26 - 2014-03-15 18:26 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-15 18:26 - 2014-03-15 18:26 - 00981504 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-15 18:26 - 2014-03-15 18:26 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-15 18:26 - 2014-03-15 18:26 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-15 18:26 - 2014-03-15 18:26 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-15 18:26 - 2014-03-15 18:26 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-15 18:26 - 2014-03-15 18:26 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-15 18:26 - 2014-03-15 18:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-15 18:26 - 2014-03-15 18:26 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-03-15 18:26 - 2014-03-15 18:26 - 00000000 ____D () C:\Windows\WinToolkit
2014-03-15 18:25 - 2014-03-15 18:25 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-15 18:25 - 2014-03-15 18:25 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-03-15 18:25 - 2014-03-15 18:25 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-03-15 18:25 - 2014-03-15 18:25 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-03-15 18:25 - 2014-03-15 18:25 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-03-15 18:25 - 2014-03-15 18:25 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-03-15 18:25 - 2014-03-15 18:25 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-03-15 18:25 - 2014-03-15 18:25 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-03-15 18:24 - 2014-03-15 18:24 - 01293760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-03-15 18:24 - 2014-03-15 18:24 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 01038848 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00729024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-03-15 18:24 - 2014-03-15 18:24 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-03-15 18:24 - 2014-03-15 18:24 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-03-15 18:24 - 2014-03-15 18:24 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00240496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-03-15 18:24 - 2014-03-15 18:24 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00218984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-03-15 18:24 - 2014-03-15 18:24 - 00187752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-03-15 18:24 - 2014-03-15 18:24 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-03-15 18:24 - 2014-03-15 18:24 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-03-15 18:24 - 2014-03-15 18:24 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2014-03-15 18:24 - 2014-03-15 18:24 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-03-15 18:24 - 2014-03-15 18:24 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-03-15 18:24 - 2014-03-15 18:24 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-03-15 18:24 - 2014-03-15 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-03-15 18:23 - 2014-03-15 18:23 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-03-15 18:23 - 2014-03-15 18:23 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-03-15 18:23 - 2014-03-15 18:23 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-03-15 18:23 - 2014-03-15 18:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-03-15 18:23 - 2014-03-15 18:23 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-03-15 18:23 - 2014-03-15 18:23 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-03-15 18:23 - 2014-03-15 18:23 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-03-15 18:23 - 2014-03-15 18:23 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-03-15 18:23 - 2014-03-15 18:23 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-03-15 18:23 - 2014-03-15 18:23 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-03-15 18:22 - 2014-03-15 18:22 - 03968960 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-03-15 18:22 - 2014-03-15 18:22 - 03913664 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-03-15 18:22 - 2014-03-15 18:22 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-03-15 18:22 - 2014-03-15 18:22 - 01077760 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-03-15 18:22 - 2014-03-15 18:22 - 00808448 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-03-15 18:22 - 2014-03-15 18:22 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-03-15 18:22 - 2014-03-15 18:22 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-03-15 18:22 - 2014-03-15 18:22 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-03-15 18:22 - 2014-03-15 18:22 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-03-15 18:22 - 2014-03-15 18:22 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-03-15 18:22 - 2014-03-15 18:22 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-03-15 18:22 - 2014-03-15 18:22 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-03-15 18:22 - 2014-03-15 18:22 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-03-15 18:22 - 2014-03-15 18:22 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-03-15 18:22 - 2014-03-15 18:22 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-03-15 18:22 - 2014-03-15 18:22 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-03-15 18:22 - 2014-03-15 18:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-03-15 18:22 - 2014-03-15 18:22 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-03-15 18:22 - 2014-03-15 18:22 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-03-15 18:22 - 2014-03-15 18:22 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-03-15 18:22 - 2009-07-14 05:52 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-15 18:21 - 2014-03-15 18:21 - 01211752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-03-15 18:21 - 2014-03-15 18:21 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-03-15 18:21 - 2014-03-15 18:21 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-03-15 18:21 - 2014-03-15 18:21 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-03-15 18:21 - 2014-03-15 18:21 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-03-15 18:21 - 2014-03-15 18:21 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-03-15 18:21 - 2014-03-15 18:21 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-03-15 18:21 - 2011-04-12 02:38 - 00000000 ____D () C:\Program Files\Windows Journal
2014-03-15 18:20 - 2014-03-15 18:20 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-03-15 18:20 - 2014-03-15 18:20 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-03-15 18:20 - 2014-03-15 18:20 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-03-15 18:20 - 2014-03-15 18:20 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-03-15 18:20 - 2014-03-15 18:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-03-15 18:20 - 2014-03-15 18:20 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-03-15 18:19 - 2014-03-15 18:19 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-03-15 18:19 - 2014-03-15 18:19 - 01389568 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-03-15 18:19 - 2014-03-15 18:19 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-03-15 18:18 - 2014-03-15 18:18 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-03-15 18:17 - 2014-03-15 18:17 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-03-15 18:17 - 2014-03-15 18:17 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-03-15 18:17 - 2014-03-15 18:17 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-03-15 18:17 - 2014-03-15 18:17 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-03-15 18:17 - 2014-03-15 18:17 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-03-15 18:17 - 2014-03-15 18:17 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-03-15 18:16 - 2014-03-15 18:16 - 12873728 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-03-15 18:16 - 2014-03-15 18:16 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-03-15 18:16 - 2014-03-15 18:16 - 00056176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-03-15 18:15 - 2014-03-15 18:15 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-03-15 18:15 - 2014-03-15 18:15 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-03-15 18:15 - 2014-03-15 18:15 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-03-15 18:15 - 2014-03-15 18:15 - 00019824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-03-15 18:15 - 2014-03-15 18:15 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-03-15 18:15 - 2014-03-15 18:15 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-03-15 18:14 - 2014-03-15 18:14 - 01328128 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-03-15 18:14 - 2014-03-15 18:14 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-03-15 18:14 - 2014-03-15 18:14 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-03-15 18:14 - 2014-03-15 18:14 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-03-15 18:14 - 2014-03-15 18:14 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-03-15 18:14 - 2014-03-15 18:14 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-03-15 18:14 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\System
2014-03-15 18:13 - 2014-03-15 18:13 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-03-15 18:13 - 2014-03-15 18:13 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-03-15 18:13 - 2014-03-15 18:13 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-03-15 18:13 - 2014-03-15 18:13 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\odbcjt32.dll
2014-03-15 18:13 - 2014-03-15 18:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-03-15 18:13 - 2014-03-15 18:13 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-03-15 18:13 - 2014-03-15 18:13 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-03-15 18:13 - 2014-03-15 18:13 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-03-15 18:13 - 2014-03-15 18:13 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-03-15 18:13 - 2014-03-15 18:13 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-03-15 18:13 - 2014-03-15 18:13 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-03-15 18:13 - 2014-03-15 18:13 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-03-15 18:12 - 2014-03-15 18:12 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-15 18:12 - 2014-03-15 18:12 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-03-15 18:12 - 2014-03-15 18:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-03-15 18:12 - 2014-03-15 18:12 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-03-15 18:12 - 2014-03-15 18:12 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-03-15 18:12 - 2014-03-15 18:12 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-03-15 18:12 - 2014-03-15 18:12 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-03-15 18:12 - 2014-03-15 18:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-03-15 18:12 - 2014-03-15 18:12 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-03-15 18:12 - 2014-03-15 18:12 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-03-15 18:12 - 2014-03-15 18:12 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-03-15 18:11 - 2014-03-15 18:11 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-03-15 18:11 - 2014-03-15 18:11 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-03-15 18:11 - 2014-03-15 18:11 - 00850944 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-03-15 18:11 - 2014-03-15 18:11 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-03-15 18:11 - 2014-03-15 18:11 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-03-15 18:11 - 2014-03-15 18:11 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-03-15 18:11 - 2014-03-15 18:11 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-03-05 09:26 - 2014-03-27 15:02 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-05 09:26 - 2014-03-27 15:02 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-05 09:26 - 2014-03-27 15:02 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-27 16:37 - 2014-02-27 16:37 - 00773968 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll
2014-02-27 16:37 - 2014-02-27 16:37 - 00421200 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll

Some content of TEMP:
====================
C:\Users\Florian\AppData\Local\Temp\install_flashplayer12x32_mssd_aaa_aih.exe
C:\Users\Florian\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-27 14:37

==================== End Of Log ============================
         

--- --- ---



Addition:

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014  01
Ran by Florian at 2014-03-27 17:23:57
Running from C:\Users\Florian\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
LibreOffice 4.2.2.1 (HKLM\...\{0ECDB550-79ED-4E9E-851B-19A8B2B4EBFA}) (Version: 4.2.2.1 - The Document Foundation)
Malwarebytes Anti-Malware Version 2.00.0.1000 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.00.0.1000 - Malwarebytes Corporation)
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.4.304.0 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Notepad++ (HKLM\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
NVIDIA Grafiktreiber 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 307.83 (Version: 307.83 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.2 - Tracker Software Products Ltd)

==================== Restore Points  =========================

27-03-2014 13:44:39 Windows Update
27-03-2014 13:53:01 Windows Update
27-03-2014 14:00:13 Installed LibreOffice 4.2.2.1
27-03-2014 14:14:32 Windows-Sicherung
27-03-2014 16:16:14 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {8819499C-E7DB-496F-8A6F-6AE0578C3072} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {E060DC5F-6BCD-44A2-B327-378F406E5C2E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-27] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-03-27 14:54 - 2013-01-31 10:00 - 00079648 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-03-27 14:52 - 2014-03-15 09:40 - 03642480 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/27/2014 04:04:36 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: install_flashplayer12x32_mssd_aaa_aih.exe, Version: 3.3.9.0, Zeitstempel: 0x51c7f3cd
Name des fehlerhaften Moduls: mshtml.dll, Version: 8.0.7601.18392, Zeitstempel: 0x530b6567
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0017f4c1
ID des fehlerhaften Prozesses: 0x7a0
Startzeit der fehlerhaften Anwendung: 0xinstall_flashplayer12x32_mssd_aaa_aih.exe0
Pfad der fehlerhaften Anwendung: install_flashplayer12x32_mssd_aaa_aih.exe1
Pfad des fehlerhaften Moduls: install_flashplayer12x32_mssd_aaa_aih.exe2
Berichtskennung: install_flashplayer12x32_mssd_aaa_aih.exe3

Error: (03/27/2014 03:59:57 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Dwm.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc225
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0xef54198d
ID des fehlerhaften Prozesses: 0x79c
Startzeit der fehlerhaften Anwendung: 0xDwm.exe0
Pfad der fehlerhaften Anwendung: Dwm.exe1
Pfad des fehlerhaften Moduls: Dwm.exe2
Berichtskennung: Dwm.exe3

Error: (03/27/2014 03:48:19 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17514, Zeitstempel: 0x4ce796f3
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x74a9a9d0
ID des fehlerhaften Prozesses: 0x1cc
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (03/27/2014 03:23:22 PM) (Source: Application Error) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm Windows-Explorer wurde wegen dieses Fehlers geschlossen.

Programm: Windows-Explorer
Datei: 

Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
	- diese sich im Netzwerk befindet, 
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
	- diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt. 
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.

Zusätzliche Daten
Fehlerwert: 00000000
Datenträgertyp: 0

Error: (03/27/2014 03:23:22 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17514, Zeitstempel: 0x4ce796f3
Name des fehlerhaften Moduls: comctl32.dll, Version: 6.10.7601.17514, Zeitstempel: 0x4ce7b71c
Ausnahmecode: 0xc000001d
Fehleroffset: 0x00027f87
ID des fehlerhaften Prozesses: 0x7c8
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (03/27/2014 03:10:06 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/27/2014 03:04:46 PM) (Source: Application Error) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm Windows Loader.exe wurde wegen dieses Fehlers geschlossen.

Programm: Windows Loader.exe
Datei: 

Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
	- diese sich im Netzwerk befindet, 
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
	- diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt. 
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.

Zusätzliche Daten
Fehlerwert: 00000000
Datenträgertyp: 0

Error: (03/27/2014 03:04:46 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Windows Loader.exe, Version: 2.2.1.0, Zeitstempel: 0x4728b2ff
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc000001d
Fehleroffset: 0x01c5d76f
ID des fehlerhaften Prozesses: 0xaa0
Startzeit der fehlerhaften Anwendung: 0xWindows Loader.exe0
Pfad der fehlerhaften Anwendung: Windows Loader.exe1
Pfad des fehlerhaften Moduls: Windows Loader.exe2
Berichtskennung: Windows Loader.exe3

Error: (03/27/2014 02:57:48 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17514, Zeitstempel: 0x4ce796f3
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x74b5853d
ID des fehlerhaften Prozesses: 0x90c
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (03/27/2014 02:49:55 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7601.17514, Zeitstempel: 0x4ce79912
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x77914b00
ID des fehlerhaften Prozesses: 0xc8
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3


System errors:
=============
Error: (03/27/2014 03:53:22 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (03/27/2014 03:53:21 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (03/27/2014 02:36:45 PM) (Source: volmgr) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.


Microsoft Office Sessions:
=========================
Error: (03/27/2014 04:04:36 PM) (Source: Application Error)(User: )
Description: install_flashplayer12x32_mssd_aaa_aih.exe3.3.9.051c7f3cdmshtml.dll8.0.7601.18392530b6567c00000050017f4c17a001cf49cdd934538bC:\Users\Florian\AppData\Local\Temp\install_flashplayer12x32_mssd_aaa_aih.exeC:\Windows\System32\mshtml.dll1c12a6fb-b5c1-11e3-b541-0016e61fb86c

Error: (03/27/2014 03:59:57 PM) (Source: Application Error)(User: )
Description: Dwm.exe6.1.7600.163854a5bc225unknown0.0.0.000000000c0000005ef54198d79c01cf49c615ee9706C:\Windows\system32\Dwm.exeunknown75d4a34b-b5c0-11e3-b541-0016e61fb86c

Error: (03/27/2014 03:48:19 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.175144ce796f3unknown0.0.0.000000000c000000574a9a9d01cc01cf49c8269f017eC:\Windows\Explorer.EXEunknownd5d6a87e-b5be-11e3-b541-0016e61fb86c

Error: (03/27/2014 03:23:22 PM) (Source: Application Error)(User: )
Description: Windows-Explorer000000000

Error: (03/27/2014 03:23:22 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.175144ce796f3comctl32.dll6.10.7601.175144ce7b71cc000001d00027f877c801cf49c6165c4332C:\Windows\Explorer.EXEC:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll598e95fe-b5bb-11e3-b541-0016e61fb86c

Error: (03/27/2014 03:10:06 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/27/2014 03:04:46 PM) (Source: Application Error)(User: )
Description: Windows Loader.exe000000000

Error: (03/27/2014 03:04:46 PM) (Source: Application Error)(User: )
Description: Windows Loader.exe2.2.1.04728b2ffunknown0.0.0.000000000c000001d01c5d76faa001cf49c579b70e61C:\Users\Florian\Desktop\Windows_Loader_v2.2.1\Windows Loader\Windows Loader.exeunknownc03ef691-b5b8-11e3-90da-0016e61fb86c

Error: (03/27/2014 02:57:48 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.175144ce796f3unknown0.0.0.000000000c000000574b5853d90c01cf49c321758379C:\Windows\Explorer.EXEunknownc70e0c8b-b5b7-11e3-90da-0016e61fb86c

Error: (03/27/2014 02:49:55 PM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.7601.175144ce79912unknown0.0.0.000000000c000000577914b00c801cf49c3545b16c3C:\Program Files\Internet Explorer\iexplore.exeunknownad63ed10-b5b6-11e3-90da-0016e61fb86c


==================== Memory info =========================== 

Percentage of memory in use: 44%
Total physical RAM: 3326.55 MB
Available physical RAM: 1831.64 MB
Total Pagefile: 6651.4 MB
Available Pagefile: 5060.24 MB
Total Virtual: 2047.88 MB
Available Virtual: 1900.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.88 GB) (Free:215.6 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:232.88 GB) (Free:221.5 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 233 GB) (Disk ID: 000795CB)
Partition 1: (Not Active) - (Size=233 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 0003D58A)
Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

MfG Dump

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

• WICHTIG: Speichere Combofix auf deinem Desktop.
• Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
• Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
• Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
• Wenn Combofix fertig ist, wird es ein Logfile erstellen.
• Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

Okay ausgeführt und gewartet die log datei mit dabei

Code: Alles auswählenAufklappen

ATTFilter

ComboFix 14-03-24.01 - Florian 28.03.2014   9:59.1.2 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3327.2275 [GMT 1:00]
ausgeführt von:: c:\users\Florian\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-02-28 bis 2014-03-28  ))))))))))))))))))))))))))))))
.
.
2014-03-28 09:04 . 2014-03-28 09:04	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-03-28 08:52 . 2014-03-28 08:53	--------	d-----w-	c:\program files\LibreOffice 4
2014-03-28 08:50 . 2014-03-28 08:50	--------	d-----w-	c:\program files\Notepad++
2014-03-28 08:46 . 2012-06-02 22:19	53784	----a-w-	c:\windows\system32\wuauclt.exe
2014-03-28 08:46 . 2012-06-02 22:19	45080	----a-w-	c:\windows\system32\wups2.dll
2014-03-28 08:46 . 2012-06-02 22:19	1933848	----a-w-	c:\windows\system32\wuaueng.dll
2014-03-28 08:46 . 2012-06-02 22:12	2422272	----a-w-	c:\windows\system32\wucltux.dll
2014-03-28 08:46 . 2012-06-02 14:19	171904	----a-w-	c:\windows\system32\wuwebv.dll
2014-03-28 08:46 . 2012-06-02 14:12	33792	----a-w-	c:\windows\system32\wuapp.exe
2014-03-28 08:42 . 2014-03-28 08:42	39464	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{23CCB805-52CD-4D52-B44A-ED76AC1D5E6C}\MpKsl5ba1d016.sys
2014-03-28 08:42 . 2014-03-28 08:42	62576	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{23CCB805-52CD-4D52-B44A-ED76AC1D5E6C}\offreg.dll
2014-03-28 08:41 . 2014-03-28 08:41	107736	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-03-28 08:41 . 2014-03-28 08:41	--------	d-----w-	c:\program files\ Malwarebytes Anti-Malware 
2014-03-28 08:41 . 2014-03-28 08:41	--------	d-----w-	c:\programdata\Malwarebytes
2014-03-28 08:41 . 2014-03-05 08:26	51416	----a-w-	c:\windows\system32\drivers\mwac.sys
2014-03-28 08:41 . 2014-03-05 08:26	73432	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-03-28 08:41 . 2014-03-05 08:26	23256	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-03-28 07:48 . 2014-03-28 07:48	--------	d-----w-	c:\users\UpdatusUser
2014-03-28 07:48 . 2014-03-28 07:48	--------	d-----w-	c:\programdata\NVIDIA
2014-03-28 07:48 . 2013-01-31 09:01	2859296	----a-w-	c:\windows\system32\nvsvc.dll
2014-03-28 07:48 . 2013-01-31 09:01	3970848	----a-w-	c:\windows\system32\nvcpl.dll
2014-03-28 07:48 . 2013-01-31 09:00	634656	----a-w-	c:\windows\system32\nvvsvc.exe
2014-03-28 07:48 . 2013-01-31 09:00	62752	----a-w-	c:\windows\system32\nvshext.dll
2014-03-28 07:48 . 2013-01-31 09:00	2557728	----a-w-	c:\windows\system32\nvsvcr.dll
2014-03-28 07:48 . 2013-01-31 09:00	108832	----a-w-	c:\windows\system32\nvmctray.dll
2014-03-28 07:47 . 2013-01-31 11:21	53024	----a-w-	c:\windows\system32\OpenCL.dll
2014-03-28 07:47 . 2014-03-28 07:47	--------	d-----w-	c:\programdata\NVIDIA Corporation
2014-03-28 07:47 . 2013-01-31 11:21	892704	----a-w-	c:\windows\system32\nvdispgenco32.dll
2014-03-28 07:47 . 2013-01-31 11:21	7754560	----a-w-	c:\windows\system32\nvcuda.dll
2014-03-28 07:47 . 2013-01-31 11:21	6162704	----a-w-	c:\windows\system32\nvopencl.dll
2014-03-28 07:47 . 2013-01-31 11:21	2577184	----a-w-	c:\windows\system32\nvcuvid.dll
2014-03-28 07:47 . 2013-01-31 11:21	2446416	----a-w-	c:\windows\system32\nvapi.dll
2014-03-28 07:47 . 2013-01-31 11:21	19915552	----a-w-	c:\windows\system32\nvoglv32.dll
2014-03-28 07:47 . 2013-01-31 11:21	1869088	----a-w-	c:\windows\system32\nvcuvenc.dll
2014-03-28 07:47 . 2013-01-31 11:21	17560352	----a-w-	c:\windows\system32\nvcompiler.dll
2014-03-28 07:47 . 2013-01-31 11:21	10919200	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2014-03-28 07:47 . 2013-01-31 11:21	1010464	----a-w-	c:\windows\system32\nvdispco32.dll
2014-03-28 07:44 . 2014-03-28 07:48	--------	d-----w-	c:\program files\NVIDIA Corporation
2014-03-28 07:43 . 2014-03-28 07:43	--------	d-----w-	C:\NVIDIA
2014-03-28 07:26 . 2014-03-28 07:35	--------	d-----w-	c:\windows\Panther
2014-03-28 07:26 . 2014-03-28 07:26	--------	d-----w-	C:\Boot
2014-02-27 15:37 . 2014-02-27 15:37	773968	----a-w-	c:\windows\system32\msvcr100.dll
2014-02-27 15:37 . 2014-02-27 15:37	421200	----a-w-	c:\windows\system32\msvcp100.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 104768]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe [2013-10-23 280288]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S1 MpKsl5ba1d016;MpKsl5ba1d016;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{23CCB805-52CD-4D52-B44A-ED76AC1D5E6C}\MpKsl5ba1d016.sys [2014-03-28 39464]
S3 Ph6xIB32;NXP 716x PCIe TV Card;c:\windows\system32\DRIVERS\Ph6xIB32.sys [2009-07-13 1277952]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MPFILTER
*NewlyCreated* - MPKSL5BA1D016
*NewlyCreated* - NISDRV
.
.
------- Zusätzlicher Suchlauf -------
.
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\udwgqqcr.default\
.
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, hxxp://www.gmer.net
Windows 6.1.7601 Disk: ST3250824AS rev.3.AAE -> Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-3 
.
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user != kernel MBR !!! 
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-03-28  10:07:16
ComboFix-quarantined-files.txt  2014-03-28 09:07
.
Vor Suchlauf: 6 Verzeichnis(se), 233.573.048.320 Bytes frei
Nach Suchlauf: 10 Verzeichnis(se), 233.532.579.840 Bytes frei
.
- - End Of File - - B9AC386358F5DF7DA4A91B18C27456E0
72B8CE41AF0DE751C946802B3ED844B4
         

Downloade Dir bitte Malwarebytes Anti-Malware

• Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
• Starte Malwarebytes' Anti-Malware (MBAM).
• Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
• Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
• Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
• Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
• Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
• Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte AdwCleaner auf deinen Desktop.

• Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
• Starte die AdwCleaner.exe mit einem Doppelklick.
• Stimme den Nutzungsbedingungen zu.
• Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
  • "Tracing" Schlüssel löschen
  • Winsock Einstellungen zurücksetzen
  • Proxy Einstellungen zurücksetzen
  • Internet Explorer Richtlinien zurücksetzen
  • Chrome Richtlinien zurücksetzen
  • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
• Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
• Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
• Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

• Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
• Drücke eine beliebige Taste, um das Tool zu starten.
• Je nach System kann der Scan eine Weile dauern.
• Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
• Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Hallo,
Danke hat zwar alles etwas gedauert aber jetzt bin ich fertig.

Malwarebytes Anti-Malware :

Code: Alles auswählenAufklappen

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 29.03.2014
Suchlauf-Zeit: 08:47:17
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.0.1000
Malware Datenbank: v2014.03.28.09
Rootkit Datenbank: v2014.03.27.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: Florian

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 244336
Verstrichene Zeit: 27 Min, 8 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)
         

AdwCleaner:

Code: Alles auswählenAufklappen

ATTFilter

# AdwCleaner v3.022 - Bericht erstellt am 29/03/2014 um 08:50:01
# Aktualisiert 13/03/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzername : Florian - FLORIAN-PC
# Gestartet von : C:\Users\Florian\Desktop\adwcleaner.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v8.0.7601.17514


-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\udwgqqcr.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [672 octets] - [29/03/2014 08:50:01]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [731 octets] ##########
         

Junkware Removal Tool:

Code: Alles auswählenAufklappen

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Home Premium x86
Ran by Florian on 29.03.2014 at  9:32:30,04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Florian\AppData\Roaming\mozilla\firefox\profiles\udwgqqcr.default\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29.03.2014 at  9:35:36,70
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

FRST:

FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014  01
Ran by Florian (administrator) on FLORIAN-PC on 29-03-2014 09:36:14
Running from C:\Users\Florian\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\system32\wbem\WMIADAP.EXE


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x74CEC8065A4ACF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\udwgqqcr.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\udwgqqcr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-28]

========================== Services (Whitelisted) =================

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
R3 Ph6xIB32; C:\Windows\System32\DRIVERS\Ph6xIB32.sys [1277952 2009-07-13] (NXP Semiconductors GmbH)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Florian\AppData\Local\Temp\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-29 09:35 - 2014-03-29 09:35 - 00000760 _____ () C:\Users\Florian\Desktop\JRT.txt
2014-03-29 09:04 - 2014-03-29 09:04 - 00000000 ____D () C:\Windows\ERUNT
2014-03-29 08:56 - 2014-03-29 08:56 - 00003280 ____N () C:\bootsqm.dat
2014-03-29 08:49 - 2014-03-29 08:53 - 00000000 ____D () C:\AdwCleaner
2014-03-29 08:49 - 2014-03-29 08:49 - 00001150 _____ () C:\Users\Florian\Desktop\mbam.txt
2014-03-29 08:27 - 2014-03-29 08:27 - 01038974 _____ (Thisisu) C:\Users\Florian\Desktop\JRT.exe
2014-03-29 08:20 - 2014-03-29 08:20 - 01950720 _____ () C:\Users\Florian\Desktop\adwcleaner.exe
2014-03-28 21:26 - 2014-03-28 21:26 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-03-28 21:26 - 2014-03-28 21:26 - 00000000 _SHDL () C:\Users\UpdatusUser\Startmenü
2014-03-28 21:26 - 2014-03-28 21:26 - 00000000 _SHDL () C:\Users\UpdatusUser\Netzwerkumgebung
2014-03-28 21:26 - 2014-03-28 21:26 - 00000000 _SHDL () C:\Users\UpdatusUser\Druckumgebung
2014-03-28 21:26 - 2014-03-28 21:26 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Musik
2014-03-28 21:26 - 2014-03-28 21:26 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Bilder
2014-03-28 21:26 - 2014-03-28 21:26 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-28 21:26 - 2014-03-28 21:26 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Verlauf
2014-03-28 21:26 - 2014-03-28 21:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-28 21:26 - 2009-07-14 05:42 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-28 21:26 - 2009-07-14 05:37 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-28 21:25 - 2013-01-31 10:01 - 03970848 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-03-28 21:25 - 2013-01-31 10:01 - 02859296 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll
2014-03-28 21:25 - 2013-01-31 10:00 - 02557728 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-03-28 21:25 - 2013-01-31 10:00 - 00634656 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-03-28 21:25 - 2013-01-31 10:00 - 00108832 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-03-28 21:25 - 2013-01-31 10:00 - 00062752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-03-28 21:24 - 2014-03-28 21:24 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-28 21:24 - 2013-01-31 12:21 - 19915552 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2014-03-28 21:24 - 2013-01-31 12:21 - 17560352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-28 21:24 - 2013-01-31 12:21 - 10919200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-28 21:24 - 2013-01-31 12:21 - 07754560 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-28 21:24 - 2013-01-31 12:21 - 06162704 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-28 21:24 - 2013-01-31 12:21 - 02577184 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-28 21:24 - 2013-01-31 12:21 - 02446416 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll
2014-03-28 21:24 - 2013-01-31 12:21 - 01869088 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-28 21:24 - 2013-01-31 12:21 - 01010464 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco32.dll
2014-03-28 21:24 - 2013-01-31 12:21 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco32.dll
2014-03-28 21:24 - 2013-01-31 12:21 - 00012724 _____ () C:\Windows\system32\nvinfo.pb
2014-03-28 21:23 - 2014-03-28 21:26 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-28 21:22 - 2014-03-28 21:22 - 00143312 _____ () C:\Windows\Minidump\032814-36890-01.dmp
2014-03-28 21:16 - 2014-03-28 21:16 - 00143312 _____ () C:\Windows\Minidump\032814-19859-01.dmp
2014-03-28 21:08 - 2014-03-28 21:14 - 178931512 _____ (NVIDIA Corporation) C:\Users\Florian\Downloads\307.83-desktop-win7-winvista-32bit-international-whql.exe
2014-03-28 20:56 - 2014-03-28 20:56 - 00000000 ____D () C:\Users\Florian\Documents\My Games
2014-03-28 20:56 - 2014-03-28 20:56 - 00000000 ____D () C:\ProgramData\Steam
2014-03-28 20:53 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-03-28 20:53 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-03-28 20:53 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-03-28 20:53 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-03-28 20:53 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-03-28 20:53 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-03-28 20:53 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-03-28 20:53 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-03-28 20:53 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-03-28 20:53 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-03-28 20:53 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-03-28 20:53 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-03-28 20:53 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-03-28 20:53 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-03-28 20:53 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-03-28 20:53 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-03-28 20:53 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-03-28 20:53 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-03-28 20:53 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-03-28 20:53 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-03-28 20:53 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-03-28 20:53 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-03-28 20:52 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-03-28 20:52 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-03-28 20:52 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-03-28 20:52 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-03-28 20:52 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-03-28 20:52 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-03-28 20:52 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-03-28 20:52 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-03-28 20:52 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-03-28 20:52 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-03-28 20:52 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-03-28 20:52 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-03-28 20:52 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-03-28 20:52 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-03-28 20:52 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-03-28 20:52 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-03-28 20:52 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-03-28 20:52 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-03-28 20:52 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-03-28 20:52 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-03-28 20:52 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-03-28 20:52 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-03-28 20:52 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-03-28 20:52 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-03-28 20:52 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-03-28 20:52 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-03-28 20:52 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-03-28 20:52 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-03-28 20:52 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-03-28 20:52 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-03-28 20:52 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-03-28 20:52 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-03-28 20:52 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-03-28 20:52 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-03-28 20:52 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-03-28 20:52 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-03-28 20:52 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-03-28 20:52 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-03-28 20:52 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-03-28 20:52 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-03-28 20:52 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-03-28 20:52 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-03-28 20:52 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-03-28 20:52 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-03-28 20:52 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-03-28 20:52 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-03-28 20:52 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-03-28 20:52 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-03-28 20:52 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-03-28 20:52 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-03-28 20:52 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-03-28 20:52 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-03-28 20:52 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-03-28 20:52 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-03-28 20:52 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-03-28 20:52 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-03-28 20:52 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-03-28 20:52 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-03-28 20:52 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-03-28 20:52 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-03-28 20:52 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-03-28 20:52 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-03-28 20:52 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-03-28 20:52 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-03-28 20:52 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-03-28 20:52 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-03-28 20:52 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-03-28 20:52 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-03-28 20:52 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-03-28 20:18 - 2014-03-28 20:18 - 00002071 _____ () C:\Users\Florian\Desktop\South Park Der Stab der Wahrheit.lnk
2014-03-28 20:10 - 2014-03-28 20:10 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2014-03-28 20:10 - 2014-03-28 20:10 - 00000000 ____D () C:\Program Files (x86)
2014-03-28 20:09 - 2014-03-28 20:09 - 00001895 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-03-28 20:09 - 2014-03-28 20:09 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Canneverbe Limited
2014-03-28 20:09 - 2014-03-28 20:09 - 00000000 ____D () C:\Program Files\CDBurnerXP
2014-03-28 20:04 - 2014-03-04 22:30 - 00000000 ____D () C:\Users\Florian\Downloads\South.Park.Der.Stab.der.Wahrheit.Incl.Ultimate.Fellowship.Pack.MULTi2-x.X.RIDDICK.X.x
2014-03-28 17:34 - 2014-03-28 18:18 - 277872640 _____ () C:\Users\Florian\Downloads\openSUSE-13.1-DVD-x86_64.iso
2014-03-28 16:15 - 2014-03-28 16:15 - 00000000 ____D () C:\Users\Florian\Downloads\bootsect
2014-03-28 15:17 - 2014-03-28 15:17 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-03-28 15:14 - 2014-03-28 15:44 - 00000000 ____D () C:\Users\Florian\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2014-03-28 15:14 - 2014-03-28 15:14 - 00002514 _____ () C:\Users\Florian\Desktop\Windows 7 USB DVD Download Tool.lnk
2014-03-28 15:14 - 2014-03-28 15:14 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2014-03-28 15:01 - 2014-03-28 15:01 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\WinRAR
2014-03-28 15:01 - 2014-03-16 03:15 - 00000000 ____D () C:\Users\Florian\Downloads\arfa3.W7U.x64-iSM
2014-03-28 13:53 - 2014-03-28 13:53 - 00001983 _____ () C:\Users\Florian\Desktop\JDownloader.lnk
2014-03-28 13:52 - 2014-03-28 19:04 - 00000000 ____D () C:\Program Files\JDownloader
2014-03-28 13:51 - 2014-03-28 13:51 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-03-28 13:51 - 2014-03-28 13:51 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-03-28 13:51 - 2014-03-28 13:51 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-03-28 13:51 - 2014-03-28 13:51 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-03-28 13:51 - 2014-03-28 13:51 - 00000000 ____D () C:\ProgramData\Sun
2014-03-28 13:51 - 2014-03-28 13:51 - 00000000 ____D () C:\Program Files\Java
2014-03-28 13:51 - 2014-03-28 13:51 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-03-28 13:47 - 2014-03-28 13:47 - 00005188 _____ () C:\Users\Florian\Downloads\relink.us__W7USP1.MRZ14.x64-iSM__share-online.biz__40b101d209c326924fb28836067e11.dlc
2014-03-28 13:36 - 2014-03-28 13:37 - 00012344 _____ () C:\Users\Florian\Desktop\Addition.txt
2014-03-28 13:35 - 2014-03-29 09:36 - 00005126 _____ () C:\Users\Florian\Desktop\FRST.txt
2014-03-28 13:35 - 2014-03-29 09:36 - 00000000 ____D () C:\FRST
2014-03-28 13:35 - 2014-03-28 13:35 - 01145856 _____ (Farbar) C:\Users\Florian\Desktop\FRST.exe
2014-03-28 13:25 - 2014-03-28 13:25 - 00157592 _____ () C:\Windows\Minidump\032814-28156-01.dmp
2014-03-28 13:17 - 2014-03-28 13:17 - 00158456 _____ () C:\Windows\Minidump\032814-23750-01.dmp
2014-03-28 13:15 - 2014-03-28 13:15 - 00001087 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-03-28 13:15 - 2014-03-28 13:15 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Opera Software
2014-03-28 13:15 - 2014-03-28 13:15 - 00000000 ____D () C:\Users\Florian\AppData\Local\Opera Software
2014-03-28 13:14 - 2014-03-28 13:15 - 00000000 ____D () C:\Program Files\Opera
2014-03-28 13:13 - 2014-03-28 13:13 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft BlueScreenView
2014-03-28 13:13 - 2014-03-28 13:13 - 00000000 ____D () C:\Program Files\NirSoft
2014-03-28 13:12 - 2014-03-28 13:12 - 00154072 _____ () C:\Windows\Minidump\032814-22500-01.dmp
2014-03-28 13:08 - 2014-03-28 13:08 - 00151328 _____ () C:\Windows\Minidump\032814-22750-01.dmp
2014-03-28 11:59 - 2014-03-28 11:59 - 00000000 ____D () C:\Users\Florian\Downloads\MemTest4
2014-03-28 11:57 - 2014-03-28 11:57 - 00154000 _____ () C:\Windows\Minidump\032814-29296-01.dmp
2014-03-28 11:51 - 2014-03-28 21:22 - 00000000 ____D () C:\Windows\Minidump
2014-03-28 11:51 - 2014-03-28 11:51 - 00154392 _____ () C:\Windows\Minidump\032814-33000-01.dmp
2014-03-28 11:50 - 2014-03-28 21:22 - 220627025 _____ () C:\Windows\MEMORY.DMP
2014-03-28 11:12 - 2014-03-28 16:24 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Nettalk
2014-03-28 11:08 - 2014-03-28 11:08 - 00002032 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-03-28 11:08 - 2014-03-28 11:08 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Thunderbird
2014-03-28 11:08 - 2014-03-28 11:08 - 00000000 ____D () C:\Users\Florian\AppData\Local\Thunderbird
2014-03-28 11:08 - 2014-03-28 11:08 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-03-28 11:07 - 2014-03-28 11:15 - 00000000 ____D () C:\Program Files\Nettalk6
2014-03-28 11:07 - 2014-03-28 11:07 - 00000958 _____ () C:\Users\Public\Desktop\Nettalk.lnk
2014-03-28 10:07 - 2014-03-28 10:07 - 00007168 _____ () C:\ComboFix.txt
2014-03-28 09:57 - 2014-03-28 10:07 - 00000000 ____D () C:\Qoobox
2014-03-28 09:57 - 2014-03-28 10:05 - 00000000 ____D () C:\Windows\erdnt
2014-03-28 09:57 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-03-28 09:57 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-03-28 09:57 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-03-28 09:57 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-03-28 09:57 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-03-28 09:57 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-03-28 09:57 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-03-28 09:57 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-03-28 09:54 - 2012-02-17 06:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-03-28 09:54 - 2012-02-17 05:14 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-03-28 09:54 - 2012-02-17 05:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-03-28 09:53 - 2014-03-28 09:53 - 00001426 _____ () C:\Users\Public\Desktop\LibreOffice 4.2.lnk
2014-03-28 09:52 - 2014-03-28 09:53 - 00000000 ____D () C:\Program Files\LibreOffice 4
2014-03-28 09:50 - 2014-03-28 15:30 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Notepad++
2014-03-28 09:50 - 2014-03-28 09:50 - 00001027 _____ () C:\Users\Florian\Desktop\Notepad++.lnk
2014-03-28 09:50 - 2014-03-28 09:50 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-03-28 09:50 - 2014-03-28 09:50 - 00000000 ____D () C:\Program Files\Notepad++
2014-03-28 09:46 - 2012-06-02 23:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-03-28 09:46 - 2012-06-02 23:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-03-28 09:46 - 2012-06-02 23:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-03-28 09:46 - 2012-06-02 23:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-03-28 09:46 - 2012-06-02 23:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-03-28 09:46 - 2012-06-02 23:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-03-28 09:46 - 2012-06-02 23:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-03-28 09:46 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-03-28 09:46 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-03-28 09:41 - 2014-03-29 08:19 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-28 09:41 - 2014-03-28 09:41 - 00001060 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-28 09:41 - 2014-03-28 09:41 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-28 09:41 - 2014-03-28 09:41 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-03-28 09:41 - 2014-03-05 09:26 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-28 09:41 - 2014-03-05 09:26 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-28 09:41 - 2014-03-05 09:26 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-28 09:40 - 2014-03-28 09:40 - 00001171 _____ () C:\Users\Public\Desktop\PDF-Viewer.lnk
2014-03-28 09:40 - 2014-03-28 09:40 - 00000000 ____D () C:\Program Files\Tracker Software
2014-03-28 09:39 - 2014-03-28 09:39 - 05192353 ____R (Swearware) C:\Users\Florian\Desktop\ComboFix.exe
2014-03-28 09:36 - 2014-01-19 08:32 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-03-28 09:35 - 2014-03-28 09:35 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-03-28 09:35 - 2014-03-28 09:35 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-03-28 09:32 - 2014-03-28 09:32 - 00309230 __RSH () C:\JHFSG
2014-03-28 09:17 - 2014-03-28 09:17 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2014-03-28 09:13 - 2014-03-28 09:13 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-03-28 09:09 - 2014-03-28 11:19 - 00069896 _____ () C:\Users\Florian\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-28 09:04 - 2014-03-28 09:04 - 00000000 ____D () C:\Program Files\7-Zip
2014-03-28 09:03 - 2014-03-28 09:03 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Macromedia
2014-03-28 09:03 - 2014-03-28 09:03 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Adobe
2014-03-28 09:03 - 2014-03-28 09:03 - 00000000 ____D () C:\Users\Florian\AppData\Local\Macromedia
2014-03-28 09:02 - 2014-03-28 09:02 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-28 09:02 - 2014-03-28 09:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-03-28 09:02 - 2014-03-28 09:02 - 00000000 ____D () C:\Windows\system32\Macromed
2014-03-28 08:52 - 2014-03-28 09:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-28 08:52 - 2014-03-28 08:52 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-28 08:52 - 2014-03-28 08:52 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Mozilla
2014-03-28 08:52 - 2014-03-28 08:52 - 00000000 ____D () C:\Users\Florian\AppData\Local\Mozilla
2014-03-28 08:47 - 2013-01-31 12:21 - 00053024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-03-28 08:43 - 2014-03-28 08:43 - 00000000 ____D () C:\NVIDIA
2014-03-28 08:40 - 2014-03-28 08:40 - 00001409 _____ () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-28 08:35 - 2014-03-28 11:12 - 00000000 ____D () C:\Users\Florian\AppData\Local\VirtualStore
2014-03-28 08:35 - 2014-03-28 08:36 - 00000000 ____D () C:\Users\Florian
2014-03-28 08:35 - 2014-03-28 08:35 - 00000020 ___SH () C:\Users\Florian\ntuser.ini
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Florian\Startmenü
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Florian\Netzwerkumgebung
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Florian\Druckumgebung
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Florian\Documents\Eigene Musik
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Florian\Documents\Eigene Bilder
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Florian\AppData\Local\Verlauf
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Programme
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 ____D () C:\Recovery
2014-03-28 08:35 - 2009-07-14 05:42 - 00000000 ___RD () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-28 08:35 - 2009-07-14 05:37 - 00000000 ___RD () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-28 08:30 - 2014-03-29 09:00 - 01531349 _____ () C:\Windows\WindowsUpdate.log
2014-03-28 08:28 - 2014-03-28 08:31 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-03-28 08:26 - 2014-03-28 08:35 - 00000000 ____D () C:\Windows\Panther
2014-03-28 08:26 - 2014-03-28 08:26 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-03-28 08:26 - 2010-11-20 22:29 - 00383786 __RSH () C:\bootmgr
2014-02-27 16:37 - 2014-02-27 16:37 - 00773968 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll
2014-02-27 16:37 - 2014-02-27 16:37 - 00421200 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll

==================== One Month Modified Files and Folders =======

2014-03-29 09:36 - 2014-03-28 13:35 - 00005126 _____ () C:\Users\Florian\Desktop\FRST.txt
2014-03-29 09:36 - 2014-03-28 13:35 - 00000000 ____D () C:\FRST
2014-03-29 09:36 - 2010-11-20 22:01 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-29 09:36 - 2009-07-14 05:34 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-29 09:36 - 2009-07-14 05:34 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-29 09:35 - 2014-03-29 09:35 - 00000760 _____ () C:\Users\Florian\Desktop\JRT.txt
2014-03-29 09:32 - 2014-03-28 08:30 - 01531349 _____ () C:\Windows\WindowsUpdate.log
2014-03-29 09:29 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-29 09:29 - 2009-07-14 05:39 - 00023535 _____ () C:\Windows\setupact.log
2014-03-29 09:04 - 2014-03-29 09:04 - 00000000 ____D () C:\Windows\ERUNT
2014-03-29 08:56 - 2014-03-29 08:56 - 00003280 ____N () C:\bootsqm.dat
2014-03-29 08:53 - 2014-03-29 08:49 - 00000000 ____D () C:\AdwCleaner
2014-03-29 08:49 - 2014-03-29 08:49 - 00001150 _____ () C:\Users\Florian\Desktop\mbam.txt
2014-03-29 08:27 - 2014-03-29 08:27 - 01038974 _____ (Thisisu) C:\Users\Florian\Desktop\JRT.exe
2014-03-29 08:20 - 2014-03-29 08:20 - 01950720 _____ () C:\Users\Florian\Desktop\adwcleaner.exe
2014-03-29 08:19 - 2014-03-28 09:41 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-28 21:26 - 2014-03-28 21:26 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-03-28 21:26 - 2014-03-28 21:26 - 00000000 _SHDL () C:\Users\UpdatusUser\Startmenü
2014-03-28 21:26 - 2014-03-28 21:26 - 00000000 _SHDL () C:\Users\UpdatusUser\Netzwerkumgebung
2014-03-28 21:26 - 2014-03-28 21:26 - 00000000 _SHDL () C:\Users\UpdatusUser\Druckumgebung
2014-03-28 21:26 - 2014-03-28 21:26 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Musik
2014-03-28 21:26 - 2014-03-28 21:26 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Bilder
2014-03-28 21:26 - 2014-03-28 21:26 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-28 21:26 - 2014-03-28 21:26 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Verlauf
2014-03-28 21:26 - 2014-03-28 21:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-28 21:26 - 2014-03-28 21:23 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-28 21:25 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Help
2014-03-28 21:24 - 2014-03-28 21:24 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-28 21:22 - 2014-03-28 21:22 - 00143312 _____ () C:\Windows\Minidump\032814-36890-01.dmp
2014-03-28 21:22 - 2014-03-28 11:51 - 00000000 ____D () C:\Windows\Minidump
2014-03-28 21:22 - 2014-03-28 11:50 - 220627025 _____ () C:\Windows\MEMORY.DMP
2014-03-28 21:19 - 2009-07-14 05:53 - 00007184 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-28 21:16 - 2014-03-28 21:16 - 00143312 _____ () C:\Windows\Minidump\032814-19859-01.dmp
2014-03-28 21:14 - 2014-03-28 21:08 - 178931512 _____ (NVIDIA Corporation) C:\Users\Florian\Downloads\307.83-desktop-win7-winvista-32bit-international-whql.exe
2014-03-28 20:56 - 2014-03-28 20:56 - 00000000 ____D () C:\Users\Florian\Documents\My Games
2014-03-28 20:56 - 2014-03-28 20:56 - 00000000 ____D () C:\ProgramData\Steam
2014-03-28 20:52 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-03-28 20:18 - 2014-03-28 20:18 - 00002071 _____ () C:\Users\Florian\Desktop\South Park Der Stab der Wahrheit.lnk
2014-03-28 20:10 - 2014-03-28 20:10 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2014-03-28 20:10 - 2014-03-28 20:10 - 00000000 ____D () C:\Program Files (x86)
2014-03-28 20:09 - 2014-03-28 20:09 - 00001895 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-03-28 20:09 - 2014-03-28 20:09 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Canneverbe Limited
2014-03-28 20:09 - 2014-03-28 20:09 - 00000000 ____D () C:\Program Files\CDBurnerXP
2014-03-28 19:04 - 2014-03-28 13:52 - 00000000 ____D () C:\Program Files\JDownloader
2014-03-28 18:18 - 2014-03-28 17:34 - 277872640 _____ () C:\Users\Florian\Downloads\openSUSE-13.1-DVD-x86_64.iso
2014-03-28 16:24 - 2014-03-28 11:12 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Nettalk
2014-03-28 16:15 - 2014-03-28 16:15 - 00000000 ____D () C:\Users\Florian\Downloads\bootsect
2014-03-28 15:44 - 2014-03-28 15:14 - 00000000 ____D () C:\Users\Florian\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2014-03-28 15:30 - 2014-03-28 09:50 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Notepad++
2014-03-28 15:17 - 2014-03-28 15:17 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-03-28 15:14 - 2014-03-28 15:14 - 00002514 _____ () C:\Users\Florian\Desktop\Windows 7 USB DVD Download Tool.lnk
2014-03-28 15:14 - 2014-03-28 15:14 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2014-03-28 15:01 - 2014-03-28 15:01 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\WinRAR
2014-03-28 13:53 - 2014-03-28 13:53 - 00001983 _____ () C:\Users\Florian\Desktop\JDownloader.lnk
2014-03-28 13:51 - 2014-03-28 13:51 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-03-28 13:51 - 2014-03-28 13:51 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-03-28 13:51 - 2014-03-28 13:51 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-03-28 13:51 - 2014-03-28 13:51 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-03-28 13:51 - 2014-03-28 13:51 - 00000000 ____D () C:\ProgramData\Sun
2014-03-28 13:51 - 2014-03-28 13:51 - 00000000 ____D () C:\Program Files\Java
2014-03-28 13:51 - 2014-03-28 13:51 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-03-28 13:47 - 2014-03-28 13:47 - 00005188 _____ () C:\Users\Florian\Downloads\relink.us__W7USP1.MRZ14.x64-iSM__share-online.biz__40b101d209c326924fb28836067e11.dlc
2014-03-28 13:37 - 2014-03-28 13:36 - 00012344 _____ () C:\Users\Florian\Desktop\Addition.txt
2014-03-28 13:35 - 2014-03-28 13:35 - 01145856 _____ (Farbar) C:\Users\Florian\Desktop\FRST.exe
2014-03-28 13:25 - 2014-03-28 13:25 - 00157592 _____ () C:\Windows\Minidump\032814-28156-01.dmp
2014-03-28 13:17 - 2014-03-28 13:17 - 00158456 _____ () C:\Windows\Minidump\032814-23750-01.dmp
2014-03-28 13:15 - 2014-03-28 13:15 - 00001087 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-03-28 13:15 - 2014-03-28 13:15 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Opera Software
2014-03-28 13:15 - 2014-03-28 13:15 - 00000000 ____D () C:\Users\Florian\AppData\Local\Opera Software
2014-03-28 13:15 - 2014-03-28 13:14 - 00000000 ____D () C:\Program Files\Opera
2014-03-28 13:13 - 2014-03-28 13:13 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft BlueScreenView
2014-03-28 13:13 - 2014-03-28 13:13 - 00000000 ____D () C:\Program Files\NirSoft
2014-03-28 13:12 - 2014-03-28 13:12 - 00154072 _____ () C:\Windows\Minidump\032814-22500-01.dmp
2014-03-28 13:08 - 2014-03-28 13:08 - 00151328 _____ () C:\Windows\Minidump\032814-22750-01.dmp
2014-03-28 11:59 - 2014-03-28 11:59 - 00000000 ____D () C:\Users\Florian\Downloads\MemTest4
2014-03-28 11:57 - 2014-03-28 11:57 - 00154000 _____ () C:\Windows\Minidump\032814-29296-01.dmp
2014-03-28 11:51 - 2014-03-28 11:51 - 00154392 _____ () C:\Windows\Minidump\032814-33000-01.dmp
2014-03-28 11:44 - 2009-07-14 05:33 - 00321704 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-28 11:43 - 2010-11-20 22:48 - 00006100 _____ () C:\Windows\PFRO.log
2014-03-28 11:43 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-03-28 11:19 - 2014-03-28 09:09 - 00069896 _____ () C:\Users\Florian\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-28 11:15 - 2014-03-28 11:07 - 00000000 ____D () C:\Program Files\Nettalk6
2014-03-28 11:12 - 2014-03-28 08:35 - 00000000 ____D () C:\Users\Florian\AppData\Local\VirtualStore
2014-03-28 11:08 - 2014-03-28 11:08 - 00002032 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-03-28 11:08 - 2014-03-28 11:08 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Thunderbird
2014-03-28 11:08 - 2014-03-28 11:08 - 00000000 ____D () C:\Users\Florian\AppData\Local\Thunderbird
2014-03-28 11:08 - 2014-03-28 11:08 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-03-28 11:07 - 2014-03-28 11:07 - 00000958 _____ () C:\Users\Public\Desktop\Nettalk.lnk
2014-03-28 10:07 - 2014-03-28 10:07 - 00007168 _____ () C:\ComboFix.txt
2014-03-28 10:07 - 2014-03-28 09:57 - 00000000 ____D () C:\Qoobox
2014-03-28 10:07 - 2009-07-14 03:37 - 00000000 __RHD () C:\Users\Default
2014-03-28 10:07 - 2009-07-14 03:37 - 00000000 ___RD () C:\Users\Public
2014-03-28 10:05 - 2014-03-28 09:57 - 00000000 ____D () C:\Windows\erdnt
2014-03-28 10:04 - 2009-07-14 03:04 - 00000215 _____ () C:\Windows\system.ini
2014-03-28 09:53 - 2014-03-28 09:53 - 00001426 _____ () C:\Users\Public\Desktop\LibreOffice 4.2.lnk
2014-03-28 09:53 - 2014-03-28 09:52 - 00000000 ____D () C:\Program Files\LibreOffice 4
2014-03-28 09:50 - 2014-03-28 09:50 - 00001027 _____ () C:\Users\Florian\Desktop\Notepad++.lnk
2014-03-28 09:50 - 2014-03-28 09:50 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-03-28 09:50 - 2014-03-28 09:50 - 00000000 ____D () C:\Program Files\Notepad++
2014-03-28 09:41 - 2014-03-28 09:41 - 00001060 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-28 09:41 - 2014-03-28 09:41 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-28 09:41 - 2014-03-28 09:41 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-03-28 09:40 - 2014-03-28 09:40 - 00001171 _____ () C:\Users\Public\Desktop\PDF-Viewer.lnk
2014-03-28 09:40 - 2014-03-28 09:40 - 00000000 ____D () C:\Program Files\Tracker Software
2014-03-28 09:40 - 2014-03-28 08:52 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-28 09:39 - 2014-03-28 09:39 - 05192353 ____R (Swearware) C:\Users\Florian\Desktop\ComboFix.exe
2014-03-28 09:35 - 2014-03-28 09:35 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-03-28 09:35 - 2014-03-28 09:35 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-03-28 09:32 - 2014-03-28 09:32 - 00309230 __RSH () C:\JHFSG
2014-03-28 09:17 - 2014-03-28 09:17 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2014-03-28 09:13 - 2014-03-28 09:13 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-03-28 09:04 - 2014-03-28 09:04 - 00000000 ____D () C:\Program Files\7-Zip
2014-03-28 09:03 - 2014-03-28 09:03 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Macromedia
2014-03-28 09:03 - 2014-03-28 09:03 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Adobe
2014-03-28 09:03 - 2014-03-28 09:03 - 00000000 ____D () C:\Users\Florian\AppData\Local\Macromedia
2014-03-28 09:02 - 2014-03-28 09:02 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-28 09:02 - 2014-03-28 09:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-03-28 09:02 - 2014-03-28 09:02 - 00000000 ____D () C:\Windows\system32\Macromed
2014-03-28 08:57 - 2009-07-14 05:52 - 00000000 ____D () C:\Windows\system32\restore
2014-03-28 08:52 - 2014-03-28 08:52 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-28 08:52 - 2014-03-28 08:52 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Mozilla
2014-03-28 08:52 - 2014-03-28 08:52 - 00000000 ____D () C:\Users\Florian\AppData\Local\Mozilla
2014-03-28 08:43 - 2014-03-28 08:43 - 00000000 ____D () C:\NVIDIA
2014-03-28 08:40 - 2014-03-28 08:40 - 00001409 _____ () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-28 08:36 - 2014-03-28 08:35 - 00000000 ____D () C:\Users\Florian
2014-03-28 08:35 - 2014-03-28 08:35 - 00000020 ___SH () C:\Users\Florian\ntuser.ini
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Florian\Startmenü
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Florian\Netzwerkumgebung
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Florian\Druckumgebung
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Florian\Documents\Eigene Musik
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Florian\Documents\Eigene Bilder
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Florian\AppData\Local\Verlauf
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\Programme
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-03-28 08:35 - 2014-03-28 08:35 - 00000000 ____D () C:\Recovery
2014-03-28 08:35 - 2014-03-28 08:26 - 00000000 ____D () C:\Windows\Panther
2014-03-28 08:35 - 2009-07-14 03:37 - 00000000 __RHD () C:\Users\Public\Libraries
2014-03-28 08:35 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-03-28 08:35 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Windows NT
2014-03-28 08:31 - 2014-03-28 08:28 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-03-28 08:28 - 2009-07-14 05:34 - 00002790 _____ () C:\Windows\DtcInstall.log
2014-03-28 08:26 - 2014-03-28 08:26 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-03-28 08:26 - 2009-07-14 05:57 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-03-28 08:26 - 2009-07-14 05:52 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-03-16 03:15 - 2014-03-28 15:01 - 00000000 ____D () C:\Users\Florian\Downloads\arfa3.W7U.x64-iSM
2014-03-05 09:26 - 2014-03-28 09:41 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-05 09:26 - 2014-03-28 09:41 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-05 09:26 - 2014-03-28 09:41 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-04 22:30 - 2014-03-28 20:04 - 00000000 ____D () C:\Users\Florian\Downloads\South.Park.Der.Stab.der.Wahrheit.Incl.Ultimate.Fellowship.Pack.MULTi2-x.X.RIDDICK.X.x
2014-02-27 16:37 - 2014-02-27 16:37 - 00773968 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll
2014-02-27 16:37 - 2014-02-27 16:37 - 00421200 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll

Some content of TEMP:
====================
C:\Users\Florian\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-28 12:41

==================== End Of Log ============================
         

--- --- ---

--- --- ---


Aber ebend beim Post erstellen kam es wieder Desktop Manager reagiert nicht mehr und muss beendet werden

Bitte mal das machen:

http://www.trojaner-board.de/126216-...epair-aio.html