Trojaner-Board
Seite 2 von 4 1 2 34
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Immer wieder Musik im Hintergrund (https://www.trojaner-board.de/149480-immer-musik-hintergrund.html)

Larusso 09.02.2014 21:05
Ne, aber mich würde denoch mal intersieren, ob der auch im abgesicherten Modus auftritt.
Du sagtest ja, er kommt auch ohne Verbindung mit dem Internet.

justblack 09.02.2014 22:00
werde ich mal eben probieren....
ja selbst bei getrennter leitung läuft es weiter.
bis gleich denn

leider unterstützt windows 8 im abgesicherten modus die soundtreiber nicht:(
die Musik lief komischer weiße weiter während der Rechner neu startete und wurde mal lauter mal leise. diesmal ein Englischer Sender. Das ganze dauerte aber irgendwie nur so drei bis vier Minuten

Vielleicht hilft das weiter....
habe mal den mbrcheck durch laufen lassen....
Code:
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:                       
Windows Version:               
Windows Information:                (build 9200), 64-bit
Base Board Manufacturer:        MEDION
BIOS Manufacturer:                American Megatrends Inc.
System Manufacturer:                MEDION
System Product Name:                MS-7848
Logical Drives Mask:                0x0000147c

Kernel Drivers (total 153):
  0x6801A000 \SystemRoot\system32\ntoskrnl.exe
  0x6879B000 \SystemRoot\system32\hal.dll
  0x67566000 \SystemRoot\system32\kd.dll
  0x000A0000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
  0x00106000 \SystemRoot\System32\drivers\werkernel.sys
  0x00114000 \SystemRoot\System32\drivers\CLFS.SYS
  0x00176000 \SystemRoot\System32\drivers\tm.sys
  0x00198000 \SystemRoot\system32\PSHED.dll
  0x001AD000 \SystemRoot\system32\BOOTVID.dll
  0x00000000 \SystemRoot\system32\CI.dll
  0x00288000 \SystemRoot\System32\drivers\msrpc.sys
  0x002E5000 \SystemRoot\system32\drivers\Wdf01000.sys
  0x003B4000 \SystemRoot\system32\drivers\WDFLDR.SYS
  0x003C5000 \SystemRoot\System32\Drivers\acpiex.sys
  0x003DD000 \SystemRoot\System32\Drivers\WppRecorder.sys
  0x00200000 \SystemRoot\System32\drivers\ACPI.sys
  0x003E8000 \SystemRoot\System32\drivers\WMILIB.SYS
  0x00479000 \SystemRoot\System32\Drivers\cng.sys
  0x00504000 \SystemRoot\System32\drivers\msisadrv.sys
  0x0050E000 \SystemRoot\System32\drivers\pci.sys
  0x00557000 \SystemRoot\System32\drivers\vdrvroot.sys
  0x00564000 \SystemRoot\system32\drivers\pdc.sys
  0x00580000 \SystemRoot\System32\drivers\partmgr.sys
  0x00598000 \SystemRoot\System32\drivers\spaceport.sys
  0x00400000 \SystemRoot\System32\drivers\volmgr.sys
  0x00415000 \SystemRoot\System32\drivers\volmgrx.sys
  0x001B7000 \SystemRoot\System32\drivers\mountmgr.sys
  0x001D2000 \SystemRoot\System32\drivers\storahci.sys
  0x00673000 \SystemRoot\System32\drivers\storport.sys
  0x006EC000 \SystemRoot\system32\drivers\fltmgr.sys
  0x00748000 \SystemRoot\System32\drivers\fileinfo.sys
  0x008EA000 \SystemRoot\System32\Drivers\Ntfs.sys
  0x00AE0000 \SystemRoot\System32\Drivers\ksecdd.sys
  0x00AFC000 \SystemRoot\System32\drivers\pcw.sys
  0x00B0C000 \SystemRoot\System32\Drivers\Fs_Rec.sys
  0x00C90000 \SystemRoot\system32\drivers\ndis.sys
  0x00C00000 \SystemRoot\system32\drivers\NETIO.SYS
  0x00DA8000 \SystemRoot\System32\Drivers\ksecpkg.sys
  0x00E14000 \SystemRoot\System32\drivers\tcpip.sys
  0x01092000 \SystemRoot\System32\drivers\fwpkclnt.sys
  0x010FE000 \SystemRoot\system32\DRIVERS\wfplwfs.sys
  0x01123000 \SystemRoot\System32\DRIVERS\fvevol.sys
  0x00B17000 \SystemRoot\System32\drivers\volsnap.sys
  0x011B6000 \SystemRoot\System32\drivers\rdyboost.sys
  0x00DDC000 \SystemRoot\System32\Drivers\mup.sys
  0x00E00000 \SystemRoot\System32\drivers\intelpep.sys
  0x00B67000 \SystemRoot\System32\drivers\disk.sys
  0x00B83000 \SystemRoot\System32\drivers\CLASSPNP.SYS
  0x00800000 \SystemRoot\System32\Drivers\aswVmm.sys
  0x00C79000 \SystemRoot\System32\Drivers\aswRvrt.sys
  0x00834000 \SystemRoot\System32\Drivers\crashdmp.sys
  0x0087C000 \SystemRoot\System32\drivers\dtsoftbus01.sys
  0x008C4000 \SystemRoot\System32\DRIVERS\cmderd.sys
  0x0075E000 \SystemRoot\System32\drivers\cdrom.sys
  0x01437000 \??\C:\Windows\system32\drivers\aswSnx.sys
  0x01537000 \SystemRoot\system32\DRIVERS\cmdguard.sys
  0x015EA000 \SystemRoot\System32\Drivers\Null.SYS
  0x015F3000 \SystemRoot\System32\Drivers\Beep.SYS
  0x01400000 \SystemRoot\System32\drivers\BasicRender.sys
  0x01648000 \SystemRoot\System32\drivers\dxgkrnl.sys
  0x017C2000 \SystemRoot\System32\drivers\watchdog.sys
  0x0078C000 \SystemRoot\System32\drivers\dxgmms1.sys
  0x017D4000 \SystemRoot\System32\drivers\BasicDisplay.sys
  0x017E6000 \SystemRoot\System32\Drivers\Npfs.SYS
  0x01600000 \SystemRoot\System32\Drivers\Msfs.SYS
  0x0160C000 \SystemRoot\system32\DRIVERS\tdx.sys
  0x0162C000 \SystemRoot\system32\DRIVERS\TDI.SYS
  0x0163A000 \SystemRoot\system32\DRIVERS\cmdhlp.sys
  0x00600000 \SystemRoot\System32\DRIVERS\netbt.sys
  0x0140E000 \??\C:\Windows\system32\drivers\aswRdr2.sys
  0x0185C000 \SystemRoot\system32\drivers\afd.sys
  0x018EF000 \SystemRoot\system32\DRIVERS\pacer.sys
  0x01919000 \SystemRoot\system32\DRIVERS\inspect.sys
  0x01938000 \SystemRoot\system32\DRIVERS\netbios.sys
  0x01949000 \SystemRoot\system32\DRIVERS\rdbss.sys
  0x019B9000 \SystemRoot\system32\DRIVERS\VBoxUSBMon.sys
  0x01800000 \SystemRoot\system32\DRIVERS\VBoxDrv.sys
  0x01842000 \SystemRoot\system32\drivers\nsiproxy.sys
  0x01850000 \SystemRoot\System32\drivers\npsvctrig.sys
  0x019DF000 \SystemRoot\System32\drivers\mssmbios.sys
  0x00BD9000 \SystemRoot\System32\Drivers\dfsc.sys
  0x01A0F000 \??\C:\Windows\system32\drivers\aswSP.sys
  0x01A78000 \SystemRoot\system32\DRIVERS\ahcache.sys
  0x01A8F000 \SystemRoot\system32\DRIVERS\VBoxNetAdp.sys
  0x01AB7000 \SystemRoot\System32\drivers\CompositeBus.sys
  0x01AC6000 \SystemRoot\system32\DRIVERS\kdnic.sys
  0x01AD1000 \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys
  0x01AFC000 \SystemRoot\System32\drivers\umbus.sys
  0x02A8C000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
  0x036C3000 \SystemRoot\System32\drivers\HDAudBus.sys
  0x036DC000 \SystemRoot\System32\drivers\USBXHCI.SYS
  0x03731000 \SystemRoot\System32\drivers\ucx01000.sys
  0x03763000 \SystemRoot\System32\drivers\usbehci.sys
  0x0377B000 \SystemRoot\System32\drivers\USBPORT.SYS
  0x01B0D000 \SystemRoot\system32\DRIVERS\Rt630x64.sys
  0x037EA000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
  0x02A00000 \SystemRoot\System32\drivers\intelppm.sys
  0x02A1E000 \SystemRoot\System32\drivers\UEFI.sys
  0x02A29000 \SystemRoot\System32\drivers\NdisVirtualBus.sys
  0x02A34000 \SystemRoot\System32\drivers\swenum.sys
  0x02A36000 \SystemRoot\System32\drivers\ks.sys
  0x037F1000 \SystemRoot\System32\drivers\rdpbus.sys
  0x01C62000 \SystemRoot\System32\drivers\usbhub.sys
  0x01CCD000 \SystemRoot\System32\drivers\USBD.SYS
  0x01CD9000 \SystemRoot\System32\Drivers\fastfat.SYS
  0x01D12000 \SystemRoot\System32\drivers\UsbHub3.sys
  0x01D8A000 \SystemRoot\system32\drivers\HdAudio.sys
  0x01C00000 \SystemRoot\system32\drivers\portcls.sys
  0x01BA1000 \SystemRoot\system32\drivers\drmk.sys
  0x01C47000 \SystemRoot\system32\drivers\ksthunk.sys
  0x01C4D000 \SystemRoot\System32\drivers\hidusb.sys
  0x01BBD000 \SystemRoot\System32\drivers\HIDCLASS.SYS
  0x01DF0000 \SystemRoot\System32\drivers\HIDPARSE.SYS
  0x01BDC000 \SystemRoot\System32\drivers\mouhid.sys
  0x01BE9000 \SystemRoot\System32\drivers\mouclass.sys
  0x00849000 \SystemRoot\System32\drivers\USBSTOR.SYS
  0x01E3B000 \SystemRoot\System32\drivers\usbccgp.sys
  0x01E65000 \SystemRoot\System32\drivers\kbdhid.sys
  0x01E73000 \SystemRoot\System32\drivers\kbdclass.sys
  0x01E83000 \SystemRoot\system32\DRIVERS\V0330Vid.sys
  0x001BA000 \SystemRoot\System32\win32k.sys
  0x00791000 \SystemRoot\System32\TSDDD.dll
  0x00A73000 \SystemRoot\System32\ATMFD.DLL
  0x0083E000 \SystemRoot\System32\cdd.dll
  0x01ECD000 \SystemRoot\system32\drivers\luafv.sys
  0x01EF1000 \??\C:\Windows\system32\drivers\aswMonFlt.sys
  0x01F1E000 \??\C:\Windows\system32\drivers\aswFsBlk.sys
  0x01F2A000 \SystemRoot\System32\drivers\monitor.sys
  0x01F38000 \SystemRoot\System32\Drivers\dump_diskdump.sys
  0x01F44000 \SystemRoot\System32\Drivers\dump_storahci.sys
  0x01F61000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
  0x01F77000 \SystemRoot\system32\DRIVERS\lltdio.sys
  0x01F8B000 \SystemRoot\system32\DRIVERS\rspndr.sys
  0x01FA3000 \SystemRoot\System32\drivers\condrv.sys
  0x04092000 \SystemRoot\system32\drivers\HTTP.sys
  0x0418C000 \SystemRoot\system32\DRIVERS\bowser.sys
  0x041AC000 \SystemRoot\System32\drivers\mpsdrv.sys
  0x04000000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
  0x041C3000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
  0x01FB3000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
  0x0406C000 \SystemRoot\system32\drivers\Ndu.sys
  0x042C0000 \SystemRoot\system32\drivers\peauth.sys
  0x04369000 \SystemRoot\System32\Drivers\secdrv.SYS
  0x04374000 \SystemRoot\System32\DRIVERS\srvnet.sys
  0x043B7000 \SystemRoot\System32\drivers\tcpipreg.sys
  0x043C9000 \??\C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys
  0x04200000 \SystemRoot\System32\DRIVERS\srv2.sys
  0x0448A000 \SystemRoot\System32\DRIVERS\srv.sys
  0x04522000 \SystemRoot\system32\DRIVERS\tunnel.sys
  0x045CB000 \SystemRoot\system32\drivers\WudfPf.sys
  0x04400000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
  0x0443E000 \SystemRoot\System32\drivers\WpdUpFltr.sys
  0x04449000 \SystemRoot\System32\drivers\umpass.sys

Processes (total 62):
      0 System Idle Process
      4 System
    388 C:\Windows\System32\smss.exe
    504 csrss.exe
    584 C:\Windows\System32\wininit.exe
    600 csrss.exe
    644 C:\Windows\System32\services.exe
    672 C:\Windows\System32\lsass.exe
    684 C:\Windows\System32\winlogon.exe
    780 C:\Windows\System32\svchost.exe
    812 C:\Windows\System32\svchost.exe
    908 dwm.exe
    992 C:\Windows\System32\nvvsvc.exe
    284 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    292 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    420 C:\Windows\System32\nvvsvc.exe
    444 C:\Windows\System32\svchost.exe
    736 C:\Windows\System32\svchost.exe
    856 C:\Windows\System32\svchost.exe
    1112 C:\Windows\System32\svchost.exe
    1160 C:\Windows\System32\svchost.exe
    1260 C:\Program Files\HitmanPro\hmpsched.exe
    1376 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    1492 C:\Windows\explorer.exe
    1580 C:\Program Files\Classic Shell\ClassicStartMenu.exe
    1152 C:\Windows\System32\spoolsv.exe
    1204 C:\Windows\System32\taskhostex.exe
    1512 C:\Windows\System32\svchost.exe
    1632 C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
    2440 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    2836 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    2844 C:\Program Files\UltraMon\UltraMon.exe
    2896 dasHost.exe
    3372 C:\xampp\mysql\bin\mysqld.exe
    3424 C:\Windows\System32\svchost.exe
    3624 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
    3940 C:\Windows\System32\SearchIndexer.exe
    3284 C:\Windows\System32\svchost.exe
    3664 WUDFHost.exe
    4492 C:\Windows\System32\SettingSyncHost.exe
    4736 C:\Windows\System32\svchost.exe
    4760 C:\Program Files\AVAST Software\Avast\AvastUI.exe
    5108 cavwp.exe
    4732 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    5492 dllhost.exe
    5548 C:\Program Files\COMODO\COMODO Internet Security\cis.exe
    5952 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    5216 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    5336 C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
    5636 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    4040 C:\Program Files\Windows Media Player\wmpnetwk.exe
    3956 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
    3904 C:\Program Files\UltraMon\UltraMonUiAcc.exe
    400 C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
    5816 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    5820 C:\Windows\System32\SearchProtocolHost.exe
    2816 C:\Windows\System32\SearchFilterHost.exe
    2372 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    5176 C:\Windows\System32\audiodg.exe
    5856 C:\Users\frank\Downloads\MBRCheck.exe
    2756 C:\Windows\System32\conhost.exe
    824 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`21100000  (NTFS)
\\.\K: --> \\.\PhysicalDrive0 at offset 0x000000f6`07100000  (NTFS)
\\.\M: --> \\.\PhysicalDrive0 at offset 0x00000170`19000000  (NTFS)

PhysicalDrive0 Model Number: ST2000DM001-1CH164, Rev: CC27   

      Size  Device Name          MBR Status
  --------------------------------------------
  1863 GB  \\.\PhysicalDrive0  Unknown MBR code
            SHA1: 639AC5CDF8A5CF3245975932C6A4215450A7B98F


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
  [1] Dump the MBR of a physical disk to file.
  [2] Restore the MBR of a physical disk with a standard boot code.
  [3] Exit.

Enter your choice: Enter the physical disk number to fix (0-99, -1 to cancel): 1Available MBR codes:
 [ 0] Default (UNKNOWN)
 [ 1] Windows XP
 [ 2] Windows Server 2003
 [ 3] Windows Vista
 [ 4] Windows 2008
 [ 5] Windows 7
 [-1] Cancel

Please select the MBR code to write to this drive:

Larusso 10.02.2014 12:10
Hy.

Mbrcheck ist ein tool welches ich eher nicht nutze.
Hast du eventuell etwas mehr zeit damit wir die Ursache finden ?

justblack 10.02.2014 12:27
moin,
na klar habe ich zeit dafür. bin ja selber interessiert woran das liegt.
sag mir was du brauchst.
mfg
frank

Larusso 10.02.2014 14:03
Melde mich dann später. Bin noch auf Arbeit

Larusso 10.02.2014 15:44
Okay, lets get it on.

Zu aller erst möchte ich, dass du entweder Avast oder Comodo deinstallierst.
Warum 2 AVPs nicht gut ist, erklär ich dir später. Vertrau mir in der Hinsicht einfach mal.


Dann bitte folgende Dateien herunter laden.
Process Explorer
Process Monitor

Entpacke jedes Archiv in seinen eigenen Ordner.

Starte nun Process Explorer aber bitte keine andere Software, Browser etc
Dieses Tool ist weit aus komplexer als der Task Manager also nicht wundern :D

Warte nun bis der Sound wieder kommt. Process Explorer hinterlegt neue Prozesse mit giftgrüner Farbe. Sieh bitte genau hin, ob sich ein neuer Prozess öffnet und wenn ja, sag mir bitte welcher. Mit der Space Taste kannst du pausieren, so dass keine weiteren änderungen angezeigt werden.

justblack 11.02.2014 15:50
Hallo Daniel,
leider lief das Radio schon als ich den Rechner angeschaltet habe.Ich
habe ein paar screenshots gemacht um zu vergleichen wie das morgen ohne Radio aussieht.
Da müsste sich ja einige Dateien geändert haben.
Ich poste Morgen wenn ich was weiß.
mfg
frank

Hallo Daniel,
folgende Prozesse waren heute im gegensatz (gleiche bedingungen am Rechner) weg.
WmiPrsvSE.EXE
RTSHOOKINTERUPT
Taskeng.EXE
Taskhost
Spoolsv.EXE
Mysqld.EXE
Wmpnetwk.EXE
und alle Nvdia exe-Dateien

Mfg
Frank

zudem hat zusätzlich HitmanPro zwei verdächtige Dateien gefunden.
-vList.x32
-ShockFiler.X32

Beide im Ordner:C:\User\Frank\AppData\Local\Temp\Tempfolder.aae\extras\

Larusso 11.02.2014 16:03
Bitte keine Scans ohne Anweisung. Das kann meine Arbeit zunichte machen.

Okay, für mich ist da jetzt nichts ungewöhnlich daran, bis auf den WmiPrsvSE.EXE.
Mal sehen ob folgendes mehr aufzeigt.

Downloade dir bitte ListDLL

Extrahiere das Archiv und kopiere die Listdlls.exe nach C:\Windows\System32


Starte bitte ProcessExplorer. Warte bis sich der Radiosound hören lässt und pausiere dann mit der Space Taste den Explorer. ( unten steht dann paused )


In die Windows Suche bitte cmd eingeben und als Admin ausführen.
Hier bitte folgendes eingeben

listdlls -u wmiprvse

Sag mir mal, ob er eine .dll Datei ausgibt.

justblack 11.02.2014 19:49
Hallo Daniel,
kein Problem mit den Scan`s...das lief bei mir immer im hintergrund.
Bis auf die Programm-version etc sagt er gar nichts und springt wieder in das system32-verzeichnis.

Larusso 11.02.2014 20:20
Okay, ansich schon mal gut, für unsere Diagnose schlecht :D

Mal sehen ob dieses Tool was findet für uns.


Downloade dir bitte Rogue Killer von hier.
  • Speichere das Tool auf deinem Desktop !
  • Schließe alle laufenden Programme.
  • Starte die RogueKiller.exe
  • Warte bis Prescan abgeschlossen erscheint und klicke dann auf Scannen.
  • Wenn der Scan beendet wurde, klicke auf Bericht und poste diesen hier.
  • Du findest die Logdatei RKreport[1].txt auch auf deinem Desktop.
http://i121.photobucket.com/albums/o...iller/TRK2.png

justblack 11.02.2014 20:58
so,
endlich mal was gefunden^^
Hier ist der Log:
Code:
RogueKiller V8.8.7 _x64_ [Feb 11 2014] durch Tigzy
mail: tigzyRK<at>gmail<dot>com

mail : tigzyRK<at>gmail<dot>com
Kommentare : hxxp://forum.adlice.com
Webseite : hxxp://www.adlice.com/softwares/roguekiller/
Blog : hxxp://www.adlice.com

Betriebssystem : Windows 8.1 (6.3.9200 ) 64 bits version
Gestartet in : Normaler Modus
Benutzer : frank [Admin Rechte]
Funktion : Scannen -- Datum : 02/11/2014 20:56:31
| ARK || FAK || MBR |

¤¤¤ Böswillige Prozesse : 0 ¤¤¤

¤¤¤ Registry-Einträge : 3 ¤¤¤
[RUN][SUSP PATH] HKLM\[...]\Run : CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82} ("C:\ProgramData\cis9B69.exe" --PostUninstall {81EFDD93-DBBE-415B-BE6E-49B9664E3E82} [x][x]) -> GEFUNDEN
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> GEFUNDEN
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> GEFUNDEN

¤¤¤ Geplante Tasks : 0 ¤¤¤

¤¤¤ Autostart-Einträge : 0 ¤¤¤

¤¤¤ Web-Browsern : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Bestimmte Dateien / Ordner: ¤¤¤

¤¤¤ Treiber : [NICHT GELADEN 0x0] ¤¤¤

¤¤¤ Externe Hives: ¤¤¤

¤¤¤ Infektion :  ¤¤¤

¤¤¤ Hosts-Datei: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

Larusso 11.02.2014 21:14
Kannst du bitte einmal folgende Datei bei Virustotal prüfen

C:\ProgramData\cis9B69.exe

justblack 11.02.2014 21:25
so blöd es auch klingt, aber diese datei ist nicht auffindbar....weder im ordner noch auf dem rechner selbst.....

Larusso 11.02.2014 21:33
Okay, dann ist das nicht unser Feind. Ein Reg Eintrag ohne Datei ist nutzlos.

Starte bitte FRST erneut im Recovery Mode, so wie hier beschrieben.

In die Search Leiste, tippe bitte
csrss.exe;rpcss.dll

und klicke Search Files.


Es wird eine Search.txt auf deinem USB Stick erstellt. Diese bitte posten.

justblack 11.02.2014 22:00
der neue Log ist da:
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2014
Ran by SYSTEM on MININT-157I5D0 on 11-02-2014 21:54:05
Running from F:\
Windows 8.1 (X64) OS Language: English(UK)
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.



==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2014-01-27] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PrivDogService] - C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.18\trustedadssvc.exe [525480 2013-12-13] (AdTrustMedia)
HKLM-x32\...\Run: [V0330Mon.exe] - C:\Windows\V0330Mon.exe [32768 2007-04-30] (Creative Technology Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-06] (Apple Inc.)

==================== Services (Whitelisted) =================

S2 Apache2.4; C:\xampp\apache\bin\httpd.exe [22016 2013-02-23] (Apache Software Foundation)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-27] (AVAST Software)
S2 FileZilla Server; C:\xampp\filezillaftp\filezillaserver.exe [632320 2012-02-26] (FileZilla Project)
S2 mysql; C:\xampp\mysql\bin\mysqld.exe [10900480 2013-04-05] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2014-01-27] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2014-01-27] (AVAST Software)
S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2014-01-27] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-01-27] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2014-01-27] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2014-01-27] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2014-01-27] ()
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows (R) Win 7 DDK provider)
S1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-01-27] (Disc Soft Ltd)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
S0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 V0330VID; C:\Windows\system32\DRIVERS\V0330Vid.sys [193408 2009-07-03] (Creative Technology Ltd.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-11 21:50 - 2014-02-11 21:50 - 00000000 _____ () C:\Recovery.txt
2014-02-11 20:38 - 2014-02-11 20:38 - 02151424 _____ (Farbar) C:\Users\frank\Downloads\FRST64 (2).exe
2014-02-11 20:37 - 2014-02-11 20:37 - 00001756 _____ () C:\Users\frank\Desktop\RKreport[0]_D_02112014_213727.txt
2014-02-11 19:56 - 2014-02-11 19:56 - 00001714 _____ () C:\Users\frank\Desktop\RKreport[0]_S_02112014_205631.txt
2014-02-11 19:54 - 2014-02-11 19:54 - 04408320 _____ () C:\Users\frank\Desktop\RogueKillerX64.exe
2014-02-11 19:53 - 2014-02-11 20:37 - 00000000 ____D () C:\Users\frank\Desktop\RK_Quarantine
2014-02-11 19:51 - 2014-02-11 19:51 - 02467477 _____ () C:\Users\frank\Downloads\RogueKiller_8.8.5.zip
2014-02-11 18:12 - 2014-02-11 18:12 - 00000000 ____D () C:\Users\frank\Downloads\ListDlls
2014-02-11 18:12 - 2011-07-07 12:28 - 00520496 _____ (Sysinternals) C:\Windows\System32\Listdlls.exe
2014-02-11 18:12 - 2006-07-28 08:32 - 00007005 ____N () C:\Users\frank\Desktop\Eula.txt
2014-02-11 18:11 - 2014-02-11 18:11 - 00269722 _____ () C:\Users\frank\Downloads\ListDlls.zip
2014-02-11 11:44 - 2014-02-11 11:44 - 00003822 _____ () C:\Users\frank\Downloads\schach_bewegung_dkr (3).php
2014-02-11 11:06 - 2014-02-11 11:06 - 00001753 _____ () C:\Users\frank\Downloads\fotoalbum (1).php
2014-02-11 11:04 - 2014-02-11 11:04 - 00001753 _____ () C:\Users\frank\Downloads\fotoalbum.php
2014-02-11 10:35 - 2014-02-11 10:35 - 00000462 _____ () C:\Windows\System32\.crusader
2014-02-10 15:41 - 2014-02-10 15:42 - 00000000 ____D () C:\Users\frank\Desktop\ProcessMonitor
2014-02-10 15:41 - 2014-02-10 15:42 - 00000000 ____D () C:\Users\frank\Desktop\ProcessExplorer
2014-02-10 15:40 - 2014-02-03 23:43 - 02924736 _____ (Sysinternals - www.sysinternals.com) C:\Users\frank\Downloads\procexp.exe
2014-02-10 15:40 - 2012-10-15 12:23 - 00072154 _____ () C:\Users\frank\Downloads\procexp.chm
2014-02-10 15:40 - 2006-07-28 07:32 - 00007005 _____ () C:\Users\frank\Downloads\Eula.txt
2014-02-09 20:52 - 2014-02-09 20:52 - 00080384 _____ () C:\Users\frank\Downloads\MBRCheck.exe
2014-02-09 20:45 - 2014-02-09 20:45 - 00007597 _____ () C:\Users\frank\AppData\Local\Resmon.ResmonCfg
2014-02-09 20:17 - 2014-02-09 20:17 - 00000000 ____D () C:\Windows\pss
2014-02-09 08:45 - 2014-02-09 08:57 - 00000000 ____D () C:\Users\frank\AppData\Roaming\Apple Computer
2014-02-09 08:45 - 2014-02-09 08:45 - 00000000 ____D () C:\Users\frank\AppData\Local\Apple Computer
2014-02-09 08:45 - 2014-02-09 08:45 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-02-09 08:45 - 2014-02-09 08:45 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-09 08:45 - 2014-02-09 08:45 - 00000000 ____D () C:\Program Files\iTunes
2014-02-09 08:45 - 2014-02-09 08:45 - 00000000 ____D () C:\Program Files\iPod
2014-02-09 08:45 - 2014-02-09 08:45 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-09 08:45 - 2012-08-21 12:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\System32\Drivers\GEARAspiWDM.sys
2014-02-09 08:40 - 2014-02-09 08:40 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-02-09 08:40 - 2014-02-09 08:40 - 00000000 ____D () C:\Users\frank\AppData\Local\Apple
2014-02-09 08:40 - 2014-02-09 08:40 - 00000000 ____D () C:\ProgramData\Apple
2014-02-09 08:40 - 2014-02-09 08:40 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-02-09 08:40 - 2014-02-09 08:40 - 00000000 ____D () C:\Program Files\Bonjour
2014-02-09 08:40 - 2014-02-09 08:40 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-02-09 08:40 - 2014-02-09 08:40 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-02-09 08:34 - 2014-02-09 08:35 - 148896080 _____ (Apple Inc.) C:\Users\frank\Downloads\iTunes64Setup.exe
2014-02-09 08:32 - 2014-02-09 08:33 - 02751750 _____ () C:\Users\frank\Downloads\images.zip
2014-02-09 08:13 - 2014-02-09 08:13 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-02-08 21:51 - 2014-02-08 21:59 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-08 21:50 - 2014-02-09 20:13 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys
2014-02-08 21:49 - 2014-02-08 21:50 - 12589848 _____ (Malwarebytes Corp.) C:\Users\frank\Downloads\mbar-1.07.0.1009.exe
2014-02-08 21:17 - 2014-02-08 21:17 - 00710558 _____ () C:\Users\frank\Downloads\gmer.txt
2014-02-08 21:00 - 2014-02-08 21:00 - 00028263 _____ () C:\Users\frank\Downloads\Addition.txt
2014-02-08 20:59 - 2014-02-09 17:41 - 00000000 ____D () C:\FRST
2014-02-08 20:59 - 2014-02-08 21:00 - 00120970 _____ () C:\Users\frank\Downloads\FRST.txt
2014-02-08 20:58 - 2014-02-08 20:58 - 00000542 _____ () C:\Users\frank\Downloads\defogger_disable.log
2014-02-08 20:58 - 2014-02-08 20:58 - 00000168 _____ () C:\Users\frank\defogger_reenable
2014-02-08 20:57 - 2014-02-08 20:57 - 02079744 _____ (Farbar) C:\Users\frank\Downloads\FRST64.exe
2014-02-08 20:57 - 2014-02-08 20:57 - 00050477 _____ () C:\Users\frank\Downloads\Defogger.exe
2014-02-08 20:53 - 2014-02-08 20:53 - 00009263 _____ () C:\Users\frank\Downloads\hijackthis.log
2014-02-08 20:52 - 2014-02-08 20:52 - 00388608 _____ (Trend Micro Inc.) C:\Users\frank\Downloads\hijackthis.exe
2014-02-08 20:42 - 2014-02-08 20:42 - 00003822 _____ () C:\Users\frank\Downloads\schach_bewegung_dkr (2).php
2014-02-08 20:25 - 2014-02-08 20:25 - 00003822 _____ () C:\Users\frank\Downloads\schach_bewegung_dkr (1).php
2014-02-08 20:07 - 2014-02-08 20:07 - 00000650 _____ () C:\Users\Public\Desktop\Finale PrintMusic 2011.lnk
2014-02-08 20:07 - 2014-02-08 20:07 - 00000000 ____D () C:\Users\frank\Documents\Finale Files
2014-02-08 19:59 - 2014-02-08 19:59 - 12513728 _____ () C:\Users\frank\Downloads\Mein_Foto_Puzzle.exe
2014-02-08 19:59 - 2014-02-08 19:59 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-08 19:58 - 2014-02-08 19:58 - 00710848 _____ ( ) C:\Users\frank\Downloads\COMPUTER_BILD-Download-Manager_fuer_Mein_Foto_Puzzle.exe
2014-02-08 19:52 - 2014-02-08 19:52 - 05987556 _____ ( ) C:\Users\frank\Downloads\sonnensystem.exe
2014-02-08 19:47 - 2014-02-08 19:59 - 146421352 _____ () C:\Users\frank\Downloads\UMBackup_FinalePmusic.rar
2014-02-08 14:27 - 2014-02-08 14:28 - 27783201 _____ () C:\Users\frank\Downloads\Finale-NotePad-2008.rar
2014-02-08 14:11 - 2014-02-08 14:11 - 00065910 _____ () C:\Users\frank\Downloads\pong.zip
2014-02-07 18:24 - 2014-02-07 18:39 - 00000000 ____D () C:\Users\frank\AppData\Roaming\TeamViewer
2014-02-07 16:26 - 2014-02-08 15:32 - 00006884 _____ () C:\Windows\PFRO.log
2014-02-07 14:16 - 2014-02-11 18:10 - 00000000 ____D () C:\Program Files\HitmanPro
2014-02-07 14:14 - 2014-02-07 14:19 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-07 14:13 - 2014-02-07 14:13 - 00000000 ____D () C:\Users\frank\Pavark
2014-02-07 13:58 - 2014-02-07 13:58 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-07 13:58 - 2014-02-07 13:58 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-07 13:58 - 2014-02-07 13:58 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-07 13:58 - 2014-02-07 13:58 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-07 13:58 - 2014-02-07 13:58 - 00000000 ____D () C:\ProgramData\Sun
2014-02-07 13:58 - 2014-02-07 13:58 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-07 13:58 - 2014-02-07 13:58 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-07 13:09 - 2014-02-11 10:32 - 00000000 ____D () C:\Users\frank\Documents\SupervisionCam
2014-02-07 13:09 - 2014-02-07 13:09 - 00000000 ____D () C:\Program Files (x86)\SupervisionCam
2014-02-07 12:58 - 2014-02-07 13:08 - 00000000 ____D () C:\Program Files (x86)\WatchMyCam
2014-02-07 12:47 - 2014-02-07 12:47 - 00000000 ____D () C:\Users\frank\AppData\Roaming\CrazyPixels
2014-02-07 12:39 - 2014-02-07 12:51 - 00000000 ____D () C:\Program Files (x86)\go1984
2014-02-07 12:39 - 2014-02-07 12:39 - 00000000 ____D () C:\ProgramData\logiware gmbh
2014-02-07 12:38 - 2014-02-07 12:38 - 00000000 ____D () C:\Live! Cam
2014-02-07 12:38 - 2009-07-06 17:58 - 00005366 _____ () C:\Windows\VF0330.uns
2014-02-07 12:38 - 2009-07-06 00:12 - 00282624 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\V0330Cvw.dll
2014-02-07 12:38 - 2009-07-03 15:25 - 00193408 _____ (Creative Technology Ltd.) C:\Windows\System32\Drivers\V0330Vid.sys
2014-02-07 12:38 - 2009-07-03 10:38 - 00057856 _____ (Creative Technology Ltd.) C:\Windows\System32\V0330Pin.dll
2014-02-07 12:38 - 2009-07-01 00:12 - 00108032 _____ (Creative Technology Ltd.) C:\Windows\System32\V0330Ext.ax
2014-02-07 12:38 - 2009-07-01 00:12 - 00098304 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\V0330Ext.ax
2014-02-07 12:38 - 2009-07-01 00:12 - 00049152 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\V0330Ext.crl
2014-02-07 12:38 - 2009-07-01 00:12 - 00041472 _____ (Creative Technology Ltd.) C:\Windows\System32\V0330Ext.crl
2014-02-07 12:38 - 2009-06-26 00:12 - 00253952 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\V0330Cvw.crl
2014-02-07 12:38 - 2009-06-16 14:17 - 00036864 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\CtCamMgr.dll
2014-02-07 12:38 - 2009-06-16 14:17 - 00029184 _____ (Creative Technology Ltd.) C:\Windows\System32\CtCamMgr.dll
2014-02-07 12:38 - 2009-03-18 17:30 - 00108032 _____ (Creative Technology Ltd.) C:\Windows\CtDrvIns.exe
2014-02-07 12:38 - 2007-08-23 18:46 - 00010752 _____ (Creative Technology Ltd.) C:\Windows\System32\CtCamPin.crl
2014-02-07 12:38 - 2007-04-30 00:03 - 00032768 _____ (Creative Technology Ltd.) C:\Windows\V0330Mon.exe
2014-02-07 12:38 - 2007-04-26 00:10 - 00032768 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\V0330Hwx.dll
2014-02-07 12:38 - 2007-04-26 00:10 - 00023552 _____ (Creative Technology Ltd.) C:\Windows\System32\V0330Hwx.dll
2014-02-07 12:38 - 2007-02-15 12:26 - 00811008 _____ (Pizzolato Davide - www.xdp.it) C:\Windows\SysWOW64\cximage.dll
2014-02-07 12:38 - 2006-11-10 00:00 - 00126976 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\V0330Vfw.dll
2014-02-07 12:38 - 2006-09-19 12:56 - 00057656 _____ () C:\Windows\System32\V0330PC.bmp
2014-02-07 12:38 - 2006-08-28 13:22 - 00188891 _____ () C:\Windows\SysWOW64\V0330Cvw.bff
2014-02-07 12:30 - 2014-02-07 12:33 - 00000000 ____D () C:\Program Files (x86)\CamAlert
2014-02-07 12:28 - 2014-02-07 12:28 - 00003957 _____ () C:\Users\frank\Desktop\vlc - Verknüpfung.lnk
2014-02-07 10:13 - 2014-02-09 16:48 - 00000000 ____D () C:\Users\frank\Desktop\Office
2014-02-07 10:13 - 2014-02-07 10:13 - 00000000 ____D () C:\Users\frank\Desktop\Schule
2014-02-07 10:12 - 2014-02-10 11:46 - 00000000 ____D () C:\Users\frank\Desktop\Sicherheit
2014-02-07 10:12 - 2014-02-07 10:12 - 00000000 ____D () C:\Users\frank\Desktop\Netzwerk
2014-02-07 10:11 - 2014-02-07 10:12 - 00000000 ____D () C:\Users\frank\Desktop\Programmierung
2014-02-07 08:02 - 2014-02-07 08:07 - 586924032 _____ () C:\Users\frank\Downloads\ubcd528.iso
2014-02-07 07:55 - 2014-01-19 07:38 - 00270496 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2014-02-06 14:07 - 2013-12-11 07:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\System32\winbici.dll
2014-02-06 14:07 - 2013-12-09 00:34 - 01227264 _____ (Microsoft Corporation) C:\Windows\System32\mispace.dll
2014-02-06 14:07 - 2013-12-09 00:04 - 00980480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-02-06 14:07 - 2013-11-27 15:34 - 03210528 _____ (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2014-02-06 14:07 - 2013-11-27 15:27 - 00809872 _____ (Microsoft Corporation) C:\Windows\System32\mfmp4srcsnk.dll
2014-02-06 14:07 - 2013-11-27 14:00 - 00663680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-02-06 14:07 - 2013-11-27 13:47 - 02804528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-02-06 14:07 - 2013-11-27 12:02 - 00142848 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ipnat.sys
2014-02-06 14:07 - 2013-11-27 10:54 - 00461824 _____ (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2014-02-06 14:07 - 2013-11-27 10:24 - 00306688 _____ (Microsoft Corporation) C:\Windows\System32\msieftp.dll
2014-02-06 14:07 - 2013-11-27 10:08 - 00336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-02-06 14:07 - 2013-11-27 09:46 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-02-06 14:07 - 2013-11-27 09:41 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\psmsrv.dll
2014-02-06 14:07 - 2013-11-27 09:17 - 00263168 _____ (Microsoft Corporation) C:\Windows\System32\bisrv.dll
2014-02-06 14:07 - 2013-11-27 09:10 - 00273408 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Graphics.dll
2014-02-06 14:07 - 2013-11-27 08:58 - 01503232 _____ (Microsoft Corporation) C:\Windows\System32\wlansvc.dll
2014-02-06 14:07 - 2013-11-27 08:56 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.dll
2014-02-06 14:07 - 2013-11-27 08:20 - 04106240 _____ (Microsoft Corporation) C:\Windows\System32\SyncEngine.dll
2014-02-06 14:07 - 2013-11-27 04:01 - 00385614 _____ () C:\Windows\System32\ApnDatabase.xml
2014-02-06 14:07 - 2013-11-26 13:22 - 01928144 _____ (Microsoft Corporation) C:\Windows\System32\combase.dll
2014-02-06 14:07 - 2013-11-26 13:20 - 02131120 _____ (Microsoft Corporation) C:\Windows\System32\mfcore.dll
2014-02-06 14:07 - 2013-11-26 13:20 - 01399176 _____ (Microsoft Corporation) C:\Windows\System32\winmde.dll
2014-02-06 14:07 - 2013-11-26 13:20 - 01374384 _____ (Microsoft Corporation) C:\Windows\System32\wmpmde.dll
2014-02-06 14:07 - 2013-11-26 11:50 - 01371312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2014-02-06 14:07 - 2013-11-26 11:44 - 02142936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-02-06 14:07 - 2013-11-26 11:44 - 01204968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-02-06 14:07 - 2013-11-26 10:13 - 04191232 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2014-02-06 14:07 - 2013-11-26 09:21 - 18577920 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
2014-02-06 14:07 - 2013-11-26 08:28 - 13925888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-02-06 14:07 - 2013-11-25 01:45 - 00142680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS
2014-02-06 14:07 - 2013-11-25 01:32 - 01119064 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2014-02-06 14:07 - 2013-11-24 23:30 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-02-06 14:07 - 2013-11-24 23:28 - 00589824 _____ (Microsoft Corporation) C:\Windows\System32\rastls.dll
2014-02-06 14:07 - 2013-11-23 12:47 - 00032088 _____ (Microsoft Corporation) C:\Windows\System32\ploptin.dll
2014-02-06 14:07 - 2013-11-23 11:49 - 21196664 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2014-02-06 14:07 - 2013-11-23 08:19 - 18642504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-02-06 14:07 - 2013-11-23 07:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\System32\bi.dll
2014-02-06 14:07 - 2013-11-23 07:13 - 00019456 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\BtaMPM.sys
2014-02-06 14:07 - 2013-11-23 07:08 - 00403456 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2014-02-06 14:07 - 2013-11-23 04:50 - 00282112 _____ (Microsoft Corporation) C:\Windows\System32\SystemEventsBrokerServer.dll
2014-02-06 14:07 - 2013-11-23 03:57 - 00637952 _____ (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
2014-02-06 14:07 - 2013-11-23 03:48 - 00479744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2014-02-06 14:07 - 2013-11-23 03:25 - 00744448 _____ (Microsoft Corporation) C:\Windows\System32\SettingSyncCore.dll
2014-02-06 14:07 - 2013-11-23 03:25 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2014-02-06 14:07 - 2013-11-23 03:19 - 02617344 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll
2014-02-06 14:07 - 2013-11-23 03:15 - 02295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-02-06 14:07 - 2013-11-21 06:58 - 00207872 _____ (Microsoft Corporation) C:\Windows\System32\deviceregistration.dll
2014-02-06 14:07 - 2013-11-21 06:26 - 01415680 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2014-02-06 14:07 - 2013-11-16 05:11 - 00764856 _____ (Microsoft Corporation) C:\Windows\System32\mfmpeg2srcsnk.dll
2014-02-06 14:07 - 2013-11-15 18:19 - 00669344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-02-06 14:07 - 2013-11-15 14:59 - 00470016 _____ (Microsoft Corporation) C:\Windows\System32\mfds.dll
2014-02-06 14:07 - 2013-11-15 14:25 - 00433664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2014-02-06 14:07 - 2013-11-15 14:08 - 00202240 _____ (Microsoft Corporation) C:\Windows\System32\ubpm.dll
2014-02-06 14:07 - 2013-11-15 13:24 - 00834048 _____ (Microsoft Corporation) C:\Windows\System32\audiosrv.dll
2014-02-06 14:07 - 2013-11-05 20:12 - 02551128 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2014-02-06 14:07 - 2013-10-31 00:29 - 00745336 _____ (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2014-02-06 14:07 - 2013-10-30 23:41 - 00552624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-02-06 10:28 - 2014-02-06 10:28 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-02-06 08:12 - 2014-02-06 08:12 - 00000046 _____ () C:\Windows\wininit.ini
2014-02-06 07:35 - 2014-02-06 07:35 - 00000000 ____D () C:\Users\frank\AppData\Roaming\OpenOffice
2014-02-06 07:34 - 2014-02-06 07:34 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-02-06 07:31 - 2014-02-06 07:32 - 163606685 _____ () C:\Users\frank\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-02-05 14:38 - 2014-02-05 14:38 - 00003822 _____ () C:\Users\frank\Downloads\schach_bewegung_dkr.php
2014-02-03 14:04 - 2014-02-11 14:40 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F81F6709-A6D3-45E6-A9BC-D60ACD28289C}
2014-02-03 10:14 - 2014-02-03 10:14 - 00064472 _____ () C:\Users\frank\Downloads\2014.01.27 ER Modell Fahrradhändler.graphml
2014-02-03 10:14 - 2014-02-03 10:14 - 00000000 ____D () C:\Users\frank\AppData\Roaming\yWorks
2014-02-03 09:11 - 2014-02-09 09:05 - 00074752 ___SH () C:\Users\frank\Downloads\Thumbs.db
2014-02-02 20:53 - 2014-02-02 20:53 - 00116138 _____ () C:\Users\frank\Downloads\tabellen.zip
2014-02-02 16:38 - 2014-02-02 16:38 - 32093427 _____ ( ) C:\Users\frank\Downloads\Childsplay-1.5_www_freispiel_de.exe
2014-02-02 16:36 - 2014-02-02 16:37 - 01446932 _____ () C:\Users\frank\Downloads\bubble97.zip
2014-02-02 16:35 - 2014-02-02 16:35 - 00000000 ____D () C:\Users\frank\AppData\Local\DownloadGuide
2014-02-01 20:45 - 2014-02-09 08:44 - 00002357 _____ () C:\Windows\setupact.log
2014-02-01 20:45 - 2014-02-01 20:45 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-01 20:41 - 2014-02-01 20:41 - 00000000 ____D () C:\Users\frank\Downloads\Schandmaul-Unendlich-2CD-2014_
2014-02-01 19:48 - 2014-02-01 19:48 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-02-01 19:48 - 2014-02-01 19:48 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-02-01 19:48 - 2014-02-01 19:48 - 00000000 ____D () C:\Program Files\MSBuild
2014-02-01 19:47 - 2013-08-03 04:48 - 01166520 _____ (Microsoft Corporation) C:\Windows\System32\PresentationNative_v0300.dll
2014-02-01 19:47 - 2013-08-03 04:48 - 00124112 _____ (Microsoft Corporation) C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2014-02-01 19:47 - 2013-08-03 04:48 - 00035480 _____ (Microsoft Corporation) C:\Windows\System32\TsWpfWrp.exe
2014-02-01 19:47 - 2013-08-03 04:41 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2014-02-01 19:47 - 2013-08-03 04:41 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-02-01 19:47 - 2013-08-03 04:41 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-02-01 19:42 - 2014-02-01 19:45 - 00000000 ____D () C:\Users\frank\AppData\Roaming\Notepad++
2014-02-01 19:42 - 2014-02-01 19:45 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-02-01 19:41 - 2014-02-01 19:42 - 07598942 _____ () C:\Users\frank\Downloads\npp.6.5.3.Installer.exe
2014-02-01 19:37 - 2013-12-31 13:48 - 00000000 ____D () C:\PowerEditor
2014-02-01 18:27 - 2014-02-01 18:27 - 26351664 _____ (Salfeld Computer GmbH ) C:\Users\frank\Downloads\nw_28334_kisiexe.exe
2014-01-31 11:41 - 2014-01-31 11:41 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2014-01-31 11:41 - 2014-01-31 11:41 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-01-31 10:16 - 2014-01-31 20:05 - 00000000 ___SD () C:\Users\frank\Documents\Meine Websites
2014-01-31 08:34 - 2014-01-31 10:06 - 281129273 _____ () C:\Users\frank\Downloads\Fishdom.exe
2014-01-31 07:51 - 2014-01-31 07:51 - 00000000 ____D () C:\Users\frank\AppData\Local\Apps\2.0
2014-01-30 17:08 - 2014-01-30 17:08 - 00895466 _____ () C:\Windows\Die Planeten Uninstaller.exe
2014-01-30 17:08 - 2014-01-30 17:08 - 00000000 ____D () C:\Program Files (x86)\Die Planeten
2014-01-30 14:43 - 2014-01-28 08:54 - 00000000 ____D () C:\Users\frank\Downloads\netnet
2014-01-30 14:42 - 2014-01-30 14:42 - 93084883 _____ () C:\Users\frank\Downloads\netnet_pwfisi2014.rar
2014-01-30 14:16 - 2014-02-10 19:00 - 00000000 ____D () C:\Program Files\COMODO
2014-01-30 14:16 - 2014-01-30 14:16 - 00000000 ____D () C:\Users\frank\AppData\Local\AdTrustMedia
2014-01-30 14:16 - 2014-01-30 14:16 - 00000000 ____D () C:\ProgramData\COMODO
2014-01-30 14:16 - 2014-01-30 14:16 - 00000000 ____D () C:\ProgramData\Adtrustmedia
2014-01-30 14:16 - 2014-01-30 14:16 - 00000000 ____D () C:\Program Files\AdTrustMedia
2014-01-30 14:16 - 2014-01-30 14:16 - 00000000 ____D () C:\Program Files (x86)\AdTrustMedia
2014-01-30 14:16 - 2014-01-30 14:16 - 00000000 ____D () C:\first_launch
2014-01-30 14:15 - 2014-02-11 18:55 - 00000000 ____D () C:\Program Files (x86)\Comodo
2014-01-30 14:15 - 2014-01-30 14:15 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-01-30 14:05 - 2014-01-30 14:05 - 00003138 _____ () C:\Windows\System32\Tasks\{33B9F1BB-4ED2-4D27-998A-D02280BE0F11}
2014-01-30 13:53 - 2014-01-30 13:56 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-01-30 13:52 - 2014-01-30 13:53 - 00000000 ____D () C:\Program Files (x86)\Security Task Manager
2014-01-30 13:52 - 2014-01-30 13:52 - 02365840 _____ () C:\Users\frank\Downloads\SecurityTaskManager_Setup.exe
2014-01-30 10:16 - 2014-01-31 09:09 - 00000188 _____ () C:\Users\frank\.packettracer
2014-01-30 10:16 - 2014-01-30 10:20 - 00000000 ____D () C:\Users\frank\Cisco Packet Tracer 6.0.1
2014-01-30 09:37 - 2014-01-30 09:40 - 00000000 ____D () C:\Users\frank\AppData\Roaming\Dream Aquarium
2014-01-30 09:16 - 2014-02-02 15:32 - 00000000 ____D () C:\ProgramData\Adobe
2014-01-30 09:16 - 2014-01-30 09:16 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-01-30 09:15 - 2014-01-30 10:15 - 00000000 ____D () C:\Users\frank\AppData\Local\Adobe
2014-01-30 08:04 - 2014-02-11 14:41 - 00116736 ___SH () C:\Users\frank\Desktop\Thumbs.db
2014-01-30 06:51 - 2014-01-30 06:51 - 00073584 _____ () C:\Users\frank\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-30 06:49 - 2014-01-30 06:50 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-01-30 06:48 - 2014-01-30 06:50 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-01-30 06:48 - 2014-01-30 06:48 - 25755856 _____ (Microsoft Corporation) C:\Users\frank\Downloads\wordview_de-de.exe
2014-01-29 18:22 - 2014-01-29 18:40 - 00000000 ___RD () C:\Windows\BrowserChoice
2014-01-29 18:22 - 2014-01-29 18:22 - 2321575125 _____ () C:\Windows\MEMORY.DMP
2014-01-29 15:17 - 2014-02-07 13:22 - 00000000 ____D () C:\Users\frank\AppData\Roaming\vlc
2014-01-29 15:16 - 2014-01-29 15:16 - 00000000 ____D () C:\Program Files\VideoLAN
2014-01-29 12:34 - 2014-01-29 12:34 - 00276276 _____ () C:\Users\frank\Documents\version1.pcapng
2014-01-29 12:25 - 2014-01-29 12:25 - 00000000 ____D () C:\Users\frank\AppData\Roaming\Wireshark
2014-01-29 12:24 - 2014-01-29 12:24 - 00000000 ____D () C:\Program Files (x86)\WinPcap
2014-01-29 12:23 - 2014-01-29 12:24 - 00000000 ____D () C:\Program Files\Wireshark
2014-01-29 12:22 - 2014-01-29 12:23 - 27976248 _____ (Wireshark development team) C:\Users\frank\Downloads\Wireshark-win64-1.10.4.exe
2014-01-29 11:04 - 2013-05-07 14:11 - 00000000 ____D () C:\Users\frank\Downloads\Portscanner
2014-01-29 10:41 - 2014-01-29 10:41 - 00000000 ____D () C:\Users\frank\AppData\Roaming\WinRAR
2014-01-29 10:24 - 2014-01-29 10:24 - 00000036 _____ () C:\Users\frank\AppData\Local\housecall.guid.cache
2014-01-29 09:54 - 2014-01-29 09:54 - 12734464 _____ () C:\Users\frank\Downloads\zwischenzeit_divx240.avi
2014-01-28 20:40 - 2014-01-06 15:20 - 86054176 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-01-28 20:39 - 2014-01-28 20:39 - 24859352 _____ (Microsoft Corporation) C:\Users\frank\Downloads\Windows-KB890830-x64-V5.8.exe
2014-01-28 20:37 - 2014-01-28 20:37 - 00000000 ____D () C:\Users\frank\AppData\Roaming\QuickScan
2014-01-28 18:24 - 2013-11-26 11:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-01-28 18:24 - 2013-11-26 10:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-01-28 18:24 - 2013-11-26 08:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-01-28 18:24 - 2013-11-26 07:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-01-28 18:24 - 2013-10-23 11:29 - 00044936 _____ (Microsoft Corporation) C:\Windows\System32\wldp.dll
2014-01-28 18:24 - 2013-10-23 11:21 - 00155480 ____C (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2014-01-28 18:24 - 2013-10-23 11:13 - 00171864 _____ (Microsoft Corporation) C:\Windows\System32\kd_02_8086.dll
2014-01-28 18:24 - 2013-10-22 08:18 - 01287064 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2014-01-28 18:24 - 2013-10-22 07:55 - 02328872 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-01-28 18:24 - 2013-10-22 06:03 - 02065448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-01-28 18:24 - 2013-10-22 05:15 - 00558080 _____ (Microsoft Corporation) C:\Windows\System32\apphelp.dll
2014-01-28 18:24 - 2013-10-22 04:04 - 00618496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2014-01-28 18:24 - 2013-10-22 04:02 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-01-28 18:24 - 2013-10-22 03:56 - 00186880 _____ (Microsoft Corporation) C:\Windows\System32\WorkFoldersShell.dll
2014-01-28 18:24 - 2013-10-22 03:44 - 00761856 _____ (Microsoft Corporation) C:\Windows\System32\WorkfoldersControl.dll
2014-01-28 18:24 - 2013-10-22 02:38 - 01362944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-01-28 18:24 - 2013-10-22 02:22 - 00381952 _____ (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll
2014-01-28 18:24 - 2013-10-22 02:13 - 01704448 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2014-01-28 18:24 - 2013-10-22 01:53 - 01584128 _____ (Microsoft Corporation) C:\Windows\System32\workfolderssvc.dll
2014-01-28 18:24 - 2013-10-19 08:51 - 00481392 _____ (Microsoft Corporation) C:\Windows\System32\mfsvr.dll
2014-01-28 18:24 - 2013-10-19 07:12 - 00380656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-01-28 18:24 - 2013-10-19 04:48 - 00607744 _____ (Microsoft Corporation) C:\Windows\System32\comdlg32.dll
2014-01-28 18:24 - 2013-10-19 04:03 - 00531968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2014-01-28 18:24 - 2013-10-19 03:26 - 01231360 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Media.dll
2014-01-28 18:24 - 2013-10-19 03:14 - 00888832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-01-28 18:24 - 2013-10-16 09:34 - 00518656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2014-01-28 18:24 - 2013-10-16 09:33 - 00631296 _____ (Microsoft Corporation) C:\Windows\System32\WWAHost.exe
2014-01-28 18:24 - 2013-10-13 03:06 - 00258904 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdyboost.sys
2014-01-28 18:24 - 2013-10-13 02:43 - 00708616 _____ (Microsoft Corporation) C:\Windows\System32\iuilp.dll
2014-01-28 18:24 - 2013-10-10 16:26 - 00317616 _____ (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2014-01-28 18:24 - 2013-10-10 16:26 - 00104320 _____ (Microsoft Corporation) C:\Windows\System32\ncryptsslp.dll
2014-01-28 18:24 - 2013-10-10 14:53 - 00235960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-01-28 18:24 - 2013-10-10 14:53 - 00088272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2014-01-28 18:24 - 2013-10-10 11:38 - 00221184 _____ (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2014-01-28 18:24 - 2013-10-08 10:28 - 00523096 ____C (Microsoft Corporation) C:\Windows\System32\Drivers\acpi.sys
2014-01-28 18:24 - 2013-10-08 06:46 - 00113152 _____ (Microsoft Corporation) C:\Windows\System32\shsetup.dll
2014-01-28 18:24 - 2013-10-08 05:58 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll
2014-01-28 18:24 - 2013-10-08 05:50 - 00656384 _____ (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2014-01-28 18:24 - 2013-10-08 05:48 - 00255488 _____ (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2014-01-28 18:24 - 2013-10-08 05:15 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-01-28 18:24 - 2013-10-08 05:09 - 01160704 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Web.Http.dll
2014-01-28 18:24 - 2013-10-08 04:50 - 00903168 _____ (Microsoft Corporation) C:\Windows\System32\iphlpsvc.dll
2014-01-28 18:24 - 2013-10-08 04:50 - 00762368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll
2014-01-28 18:24 - 2013-10-07 07:21 - 00054776 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2014-01-28 18:24 - 2013-10-07 02:13 - 03532288 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2014-01-28 18:24 - 2013-10-05 15:25 - 00057176 ____C (Microsoft Corporation) C:\Windows\System32\Drivers\stornvme.sys
2014-01-28 18:24 - 2013-10-05 14:21 - 00699840 _____ (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2014-01-28 18:24 - 2013-10-05 12:05 - 00578952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-01-28 18:24 - 2013-10-05 11:01 - 00454656 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2014-01-28 18:24 - 2013-10-05 09:36 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\TSWbPrxy.exe
2014-01-28 18:24 - 2013-10-05 09:18 - 01011712 _____ (Microsoft Corporation) C:\Windows\System32\TSWorkspace.dll
2014-01-28 18:24 - 2013-10-05 09:07 - 00830464 _____ (Microsoft Corporation) C:\Windows\System32\samsrv.dll
2014-01-28 18:24 - 2013-10-05 08:56 - 01147904 _____ (Microsoft Corporation) C:\Windows\System32\UIAutomationCore.dll
2014-01-28 18:24 - 2013-10-05 08:55 - 00226304 _____ (Microsoft Corporation) C:\Windows\System32\miutils.dll
2014-01-28 18:24 - 2013-10-05 08:40 - 00795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-01-28 18:24 - 2013-10-05 08:24 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\miutils.dll
2014-01-28 18:24 - 2013-10-05 08:21 - 00920064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2014-01-28 18:24 - 2013-10-05 08:15 - 00286208 _____ (Microsoft Corporation) C:\Windows\System32\pcsvDevice.dll
2014-01-28 18:24 - 2013-10-05 07:43 - 00578560 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll
2014-01-28 18:24 - 2013-10-05 07:39 - 06639616 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2014-01-28 18:24 - 2013-10-05 07:35 - 00411648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2014-01-28 18:24 - 2013-10-05 07:32 - 05769728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-01-28 18:24 - 2013-10-04 08:10 - 00533504 _____ (Microsoft Corporation) C:\Windows\System32\AppReadiness.dll
2014-01-28 18:24 - 2013-09-17 09:06 - 01067080 _____ (Microsoft Corporation) C:\Windows\System32\mfasfsrcsnk.dll
2014-01-28 18:24 - 2013-09-17 09:06 - 00465960 _____ (Microsoft Corporation) C:\Windows\System32\AudioSes.dll
2014-01-28 18:24 - 2013-09-17 06:31 - 00883184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2014-01-28 18:24 - 2013-09-17 06:31 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-01-28 18:24 - 2013-09-17 04:37 - 00092672 _____ (Microsoft Corporation) C:\Windows\System32\dafBth.dll
2014-01-28 18:24 - 2013-09-14 14:07 - 02134120 _____ (Microsoft Corporation) C:\Windows\System32\d3d9.dll
2014-01-28 18:24 - 2013-09-14 14:00 - 00391512 _____ (Microsoft Corporation) C:\Windows\System32\tsmf.dll
2014-01-28 18:24 - 2013-09-14 12:39 - 01799944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-01-28 18:24 - 2013-09-14 12:33 - 00345552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2014-01-28 18:24 - 2013-09-14 10:05 - 00338944 _____ (Microsoft Corporation) C:\Windows\System32\rdpclip.exe
2014-01-28 18:24 - 2013-09-14 09:11 - 00433664 _____ (Microsoft Corporation) C:\Windows\System32\ipnathlp.dll
2014-01-28 18:24 - 2013-09-13 08:22 - 00053248 _____ (Microsoft Corporation) C:\Windows\System32\ftp.exe
2014-01-28 18:24 - 2013-09-13 07:47 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftp.exe
2014-01-28 18:24 - 2013-09-12 08:45 - 00101888 _____ (Microsoft Corporation) C:\Windows\System32\eappgnui.dll
2014-01-28 18:24 - 2013-09-12 08:08 - 00325120 _____ (Microsoft Corporation) C:\Windows\System32\eapp3hst.dll
2014-01-28 18:24 - 2013-09-12 08:08 - 00103424 _____ (Microsoft Corporation) C:\Windows\System32\WiFiDisplay.dll
2014-01-28 18:24 - 2013-09-12 08:02 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2014-01-28 18:24 - 2013-09-12 07:44 - 00331776 _____ (Microsoft Corporation) C:\Windows\System32\eapphost.dll
2014-01-28 18:24 - 2013-09-12 07:37 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2014-01-28 18:24 - 2013-09-12 07:37 - 00184832 _____ (Microsoft Corporation) C:\Windows\System32\dafWfdProvider.dll
2014-01-28 18:24 - 2013-09-12 07:21 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2014-01-28 18:24 - 2013-09-12 07:16 - 00335360 _____ (Microsoft Corporation) C:\Windows\System32\eappcfg.dll
2014-01-28 18:24 - 2013-09-12 07:01 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2014-01-28 18:24 - 2013-09-10 05:26 - 04599808 _____ (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2014-01-28 18:24 - 2013-09-10 04:52 - 00132608 _____ (Microsoft Corporation) C:\Windows\System32\msched.dll
2014-01-28 18:24 - 2013-09-10 04:34 - 03934208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-01-28 18:23 - 2013-11-27 15:36 - 03395920 _____ (Microsoft Corporation) C:\Windows\System32\WSService.dll
2014-01-28 18:23 - 2013-11-27 11:41 - 00084480 _____ (Microsoft Corporation) C:\Windows\System32\WSCollect.exe
2014-01-28 18:23 - 2013-11-27 10:34 - 00138240 _____ () C:\Windows\System32\OEMLicense.dll
2014-01-28 18:23 - 2013-11-27 09:54 - 00103936 _____ () C:\Windows\SysWOW64\OEMLicense.dll
2014-01-28 18:23 - 2013-11-27 08:48 - 00249856 _____ (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-28 18:23 - 2013-11-27 08:45 - 00206336 _____ (Microsoft Corporation) C:\Windows\System32\WSClient.dll
2014-01-28 18:23 - 2013-11-27 08:40 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-28 18:23 - 2013-11-27 08:38 - 00174592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2014-01-28 18:23 - 2013-11-27 08:17 - 00695808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-01-28 18:23 - 2013-11-27 08:12 - 00848384 _____ (Microsoft Corporation) C:\Windows\System32\WSShared.dll
2014-01-28 18:23 - 2013-11-26 09:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-01-28 18:23 - 2013-11-26 08:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-01-28 18:23 - 2013-11-26 08:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-01-28 18:23 - 2013-11-26 08:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-01-28 18:23 - 2013-11-26 08:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-01-28 18:23 - 2013-11-26 07:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-01-28 18:23 - 2013-11-26 07:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-01-28 18:23 - 2013-11-26 07:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-01-28 18:23 - 2013-11-26 06:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-01-28 18:23 - 2013-11-26 06:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-01-28 18:23 - 2013-11-26 06:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-01-28 18:23 - 2013-11-26 06:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-01-28 18:23 - 2013-11-26 06:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-01-28 18:23 - 2013-11-23 04:34 - 00393216 _____ (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2014-01-28 18:23 - 2013-11-23 04:13 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-01-28 18:23 - 2013-11-23 03:10 - 00568832 _____ (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
2014-01-28 18:23 - 2013-11-11 02:48 - 00039768 ____C (Microsoft Corporation) C:\Windows\System32\Drivers\intelpep.sys
2014-01-28 18:23 - 2013-11-09 11:55 - 00325464 ____C (Microsoft Corporation) C:\Windows\System32\Drivers\USBXHCI.SYS
2014-01-28 18:23 - 2013-11-09 06:37 - 01756160 _____ (Microsoft Corporation) C:\Windows\System32\WMPDMC.exe
2014-01-28 18:23 - 2013-11-09 05:56 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2014-01-28 18:23 - 2013-11-08 10:26 - 00358896 _____ (Microsoft Corporation) C:\Windows\System32\dcomp.dll
2014-01-28 18:23 - 2013-11-08 04:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\System32\AppXDeploymentClient.dll
2014-01-28 18:23 - 2013-11-08 04:28 - 13177344 _____ (Microsoft Corporation) C:\Windows\System32\twinui.dll
2014-01-28 18:23 - 2013-11-08 04:26 - 11674624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-01-28 18:23 - 2013-11-08 04:16 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2014-01-28 18:23 - 2013-11-08 04:15 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2014-01-28 18:23 - 2013-11-08 03:41 - 01302528 _____ (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll
2014-01-28 18:23 - 2013-11-08 03:14 - 00922624 _____ (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.dll
2014-01-28 18:23 - 2013-11-05 14:19 - 00566784 _____ (Microsoft Corporation) C:\Windows\System32\wpncore.dll
2014-01-28 18:23 - 2013-11-04 17:13 - 01530200 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2014-01-28 18:23 - 2013-11-04 17:13 - 00382808 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2014-01-28 18:23 - 2013-11-04 13:07 - 01843712 _____ (Microsoft Corporation) C:\Windows\System32\Display.dll
2014-01-28 18:23 - 2013-11-04 11:50 - 02143744 _____ (Microsoft Corporation) C:\Windows\System32\dwmcore.dll
2014-01-28 18:23 - 2013-11-04 10:32 - 02570240 _____ (Microsoft Corporation) C:\Windows\System32\SettingsHandlers.dll
2014-01-28 18:23 - 2013-11-04 02:28 - 01816576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-01-28 18:23 - 2013-11-04 01:30 - 01765376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2014-01-28 18:23 - 2013-11-01 11:39 - 00086872 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\pdc.sys
2014-01-28 18:23 - 2013-11-01 06:08 - 00747008 _____ (Microsoft Corporation) C:\Windows\System32\wlidcli.dll
2014-01-28 18:23 - 2013-11-01 05:57 - 00544768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcli.dll
2014-01-28 18:23 - 2013-10-31 00:58 - 00372568 ____C (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys
2014-01-28 18:23 - 2013-10-31 00:42 - 07399256 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2014-01-28 18:23 - 2013-10-31 00:33 - 01642016 _____ (Microsoft Corporation) C:\Windows\System32\winload.efi
2014-01-28 18:23 - 2013-10-31 00:33 - 01506680 _____ (Microsoft Corporation) C:\Windows\System32\winload.exe
2014-01-28 18:23 - 2013-10-31 00:33 - 01476184 _____ (Microsoft Corporation) C:\Windows\System32\winresume.efi
2014-01-28 18:23 - 2013-10-31 00:33 - 01345536 _____ (Microsoft Corporation) C:\Windows\System32\winresume.exe
2014-01-28 18:23 - 2013-10-26 01:54 - 00146776 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\SerCx2.sys
2014-01-28 18:23 - 2013-10-24 09:31 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\CredentialMigrationHandler.dll
2014-01-28 18:23 - 2013-10-24 09:12 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll
2014-01-28 18:23 - 2013-10-23 11:01 - 00872840 _____ (Microsoft Corporation) C:\Windows\System32\mfplat.dll
2014-01-28 18:23 - 2013-10-23 08:59 - 00698232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-01-28 18:23 - 2013-10-19 08:53 - 00075360 _____ (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2014-01-28 18:23 - 2013-10-19 07:14 - 00070680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-01-28 18:23 - 2013-10-19 05:37 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2014-01-28 18:23 - 2013-10-17 11:21 - 02896896 _____ (Microsoft Corporation) C:\Windows\System32\msftedit.dll
2014-01-28 18:23 - 2013-10-17 10:36 - 02266624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2014-01-28 18:23 - 2013-10-15 08:54 - 00197120 _____ (Microsoft Corporation) C:\Windows\System32\scrrun.dll
2014-01-28 18:23 - 2013-10-15 08:03 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-01-28 18:23 - 2013-10-13 02:48 - 00136536 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wfplwfs.sys
2014-01-28 18:23 - 2013-10-12 21:48 - 00828416 _____ (Microsoft Corporation) C:\Windows\System32\BFE.DLL
2014-01-28 18:23 - 2013-10-12 21:34 - 01104384 _____ (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL
2014-01-28 18:23 - 2013-10-11 13:24 - 00909312 _____ (Microsoft Corporation) C:\Windows\System32\MrmCoreR.dll
2014-01-28 18:23 - 2013-10-11 13:03 - 00621056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-01-28 18:23 - 2013-10-10 11:53 - 00160768 _____ (Microsoft Corporation) C:\Windows\System32\AppxAllUserStore.dll
2014-01-28 18:23 - 2013-10-10 11:26 - 02801664 _____ (Microsoft Corporation) C:\Windows\System32\actxprxy.dll
2014-01-28 18:23 - 2013-10-10 11:21 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2014-01-28 18:23 - 2013-10-10 11:05 - 01019392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-01-28 18:23 - 2013-10-10 10:34 - 01085952 _____ (Microsoft Corporation) C:\Windows\System32\twinui.appcore.dll
2014-01-28 18:23 - 2013-10-10 10:27 - 00869888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-01-28 18:23 - 2013-10-05 14:21 - 02140888 _____ (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2014-01-28 18:23 - 2013-10-05 14:21 - 01341288 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2014-01-28 18:23 - 2013-10-05 14:21 - 00516496 _____ (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2014-01-28 18:23 - 2013-10-05 12:05 - 01765384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-01-28 18:23 - 2013-10-05 12:05 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-01-28 18:23 - 2013-10-05 08:39 - 01067008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-01-28 18:23 - 2013-10-03 09:16 - 00294400 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Devices.Sensors.dll
2014-01-28 18:23 - 2013-10-03 09:02 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2014-01-28 18:23 - 2013-10-02 11:00 - 01286552 _____ (Microsoft Corporation) C:\Windows\System32\msctf.dll
2014-01-28 18:23 - 2013-10-02 09:47 - 01018960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2014-01-28 18:23 - 2013-10-01 03:42 - 01217024 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Media.Streaming.dll
2014-01-28 18:23 - 2013-10-01 03:36 - 00977408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2014-01-28 18:23 - 2013-09-26 06:51 - 00669184 _____ (Microsoft Corporation) C:\Windows\System32\SkyDriveTelemetry.dll
2014-01-28 18:23 - 2013-09-26 06:34 - 00688640 _____ (Microsoft Corporation) C:\Windows\System32\MrmIndexer.dll
2014-01-28 18:23 - 2013-09-26 06:34 - 00515072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmIndexer.dll
2014-01-28 18:23 - 2013-09-25 10:25 - 00783504 _____ (Microsoft Corporation) C:\Windows\System32\mfnetcore.dll
2014-01-28 18:23 - 2013-09-25 08:58 - 00648648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2014-01-28 18:23 - 2013-09-24 05:54 - 02050560 _____ (Microsoft Corporation) C:\Windows\System32\SRH.dll
2014-01-28 18:23 - 2013-09-24 05:10 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2014-01-28 18:23 - 2013-09-24 05:05 - 01245696 _____ (Microsoft Corporation) C:\Windows\System32\sysmain.dll
2014-01-28 18:23 - 2013-09-24 03:56 - 00504320 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Networking.BackgroundTransfer.ContentPrefetchTask.dll
2014-01-28 18:23 - 2013-09-21 12:10 - 00236376 ____C (Microsoft Corporation) C:\Windows\System32\Drivers\sdbus.sys
2014-01-28 18:23 - 2013-09-21 11:48 - 00534048 _____ (Microsoft Corporation) C:\Windows\System32\wer.dll
2014-01-28 18:23 - 2013-09-21 11:48 - 00123480 _____ (Microsoft Corporation) C:\Windows\System32\dwmapi.dll
2014-01-28 18:23 - 2013-09-21 11:18 - 01109936 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2014-01-28 18:23 - 2013-09-21 11:04 - 00419160 _____ (Microsoft Corporation) C:\Windows\System32\hal.dll
2014-01-28 18:23 - 2013-09-21 10:53 - 01534504 _____ (Microsoft Corporation) C:\Windows\System32\ole32.dll
2014-01-28 18:23 - 2013-09-21 10:53 - 00996320 _____ (Microsoft Corporation) C:\Windows\System32\WinTypes.dll
2014-01-28 18:23 - 2013-09-21 10:53 - 00934856 _____ (Microsoft Corporation) C:\Windows\System32\mfsrcsnk.dll
2014-01-28 18:23 - 2013-09-21 10:53 - 00366688 _____ (Microsoft Corporation) C:\Windows\System32\msvproc.dll
2014-01-28 18:23 - 2013-09-21 10:51 - 01720552 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2014-01-28 18:23 - 2013-09-21 10:45 - 00171968 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2014-01-28 18:23 - 2013-09-21 09:23 - 00427096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-01-28 18:23 - 2013-09-21 09:12 - 01092896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2014-01-28 18:23 - 2013-09-21 09:09 - 01472048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-01-28 18:23 - 2013-09-21 09:09 - 00796928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2014-01-28 18:23 - 2013-09-21 09:09 - 00312936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2014-01-28 18:23 - 2013-09-21 07:58 - 00675328 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2014-01-28 18:23 - 2013-09-21 07:57 - 00207360 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2014-01-28 18:23 - 2013-09-21 07:55 - 00097280 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\agilevpn.sys
2014-01-28 18:23 - 2013-09-21 07:50 - 00240128 _____ (Microsoft Corporation) C:\Windows\System32\WinSCard.dll
2014-01-28 18:23 - 2013-09-21 07:17 - 00076800 _____ (Microsoft Corporation) C:\Windows\System32\BulkOperationHost.exe
2014-01-28 18:23 - 2013-09-21 07:05 - 00835584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-01-28 18:23 - 2013-09-21 06:33 - 11366912 _____ (Microsoft Corporation) C:\Windows\System32\glcndFilter.dll
2014-01-28 18:23 - 2013-09-21 06:27 - 00911872 _____ (Microsoft Corporation) C:\Windows\System32\ReAgent.dll
2014-01-28 18:23 - 2013-09-21 05:59 - 00940544 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2014-01-28 18:23 - 2013-09-21 05:57 - 00363520 _____ (Microsoft Corporation) C:\Windows\System32\livessp.dll
2014-01-28 18:23 - 2013-09-21 05:56 - 08712704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2014-01-28 18:23 - 2013-09-21 05:50 - 00767488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2014-01-28 18:23 - 2013-09-21 05:43 - 00194560 _____ (Microsoft Corporation) C:\Windows\System32\dpapisrv.dll
2014-01-28 18:23 - 2013-09-21 05:38 - 00365568 _____ (Microsoft Corporation) C:\Windows\System32\wcmsvc.dll
2014-01-28 18:23 - 2013-09-21 05:34 - 01555456 _____ (Microsoft Corporation) C:\Windows\System32\wlidsvc.dll
2014-01-28 18:23 - 2013-09-21 05:31 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-01-28 18:23 - 2013-09-21 05:26 - 00405504 _____ (Microsoft Corporation) C:\Windows\System32\vpnike.dll
2014-01-28 18:23 - 2013-09-21 05:10 - 12028416 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Data.Pdf.dll
2014-01-28 18:23 - 2013-09-21 05:08 - 00961024 _____ (Microsoft Corporation) C:\Windows\System32\MFMediaEngine.dll
2014-01-28 18:23 - 2013-09-21 05:05 - 08875008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2014-01-28 18:23 - 2013-09-21 04:58 - 00803328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-01-28 18:23 - 2013-09-21 04:49 - 04975104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-01-28 18:23 - 2013-09-21 04:48 - 07544320 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Search.dll
2014-01-28 18:23 - 2013-09-21 04:45 - 01106432 _____ (Microsoft Corporation) C:\Windows\System32\SearchFolder.dll
2014-01-28 18:23 - 2013-09-21 04:44 - 01662464 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Immersive.dll
2014-01-28 18:23 - 2013-09-21 04:42 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-01-28 18:23 - 2013-09-21 04:39 - 01455616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2014-01-28 18:23 - 2013-09-19 05:08 - 01150976 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Globalization.dll
2014-01-28 18:23 - 2013-09-19 05:01 - 00401920 _____ (Microsoft Corporation) C:\Windows\System32\wlidprov.dll
2014-01-28 18:23 - 2013-09-19 04:37 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2014-01-28 18:23 - 2013-09-19 04:32 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll
2014-01-28 18:23 - 2013-09-19 04:27 - 01730560 _____ (Microsoft Corporation) C:\Windows\System32\dui70.dll
2014-01-28 18:23 - 2013-09-19 04:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Security.Authentication.OnlineId.dll
2014-01-28 18:23 - 2013-09-19 04:11 - 01344000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dui70.dll
2014-01-28 18:23 - 2013-09-19 04:10 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2014-01-28 18:23 - 2013-09-19 03:59 - 00726528 _____ (Microsoft Corporation) C:\Windows\System32\twinapi.dll
2014-01-28 18:23 - 2013-09-19 03:55 - 00552448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
2014-01-28 18:23 - 2013-09-19 03:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2014-01-28 18:23 - 2013-09-19 03:32 - 00570880 _____ (Microsoft Corporation) C:\Windows\System32\SettingSync.dll
2014-01-28 18:23 - 2013-09-17 09:18 - 00467800 ____C (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS
2014-01-28 18:23 - 2013-09-17 05:00 - 00453632 _____ (Microsoft Corporation) C:\Windows\System32\wbiosrvc.dll
2014-01-28 18:23 - 2013-09-12 07:37 - 00459776 _____ (Microsoft Corporation) C:\Windows\System32\wcncsvc.dll
2014-01-28 18:23 - 2013-09-07 11:07 - 00273408 _____ (Microsoft Corporation) C:\Windows\System32\TetheringMgr.dll
2014-01-28 18:23 - 2013-09-07 10:51 - 00081408 _____ (Microsoft Corporation) C:\Windows\System32\SkyDriveShell.dll
2014-01-28 18:23 - 2013-09-04 05:47 - 00492032 _____ (Microsoft Corporation) C:\Windows\System32\tpmvsc.dll
2014-01-28 18:23 - 2013-08-31 14:18 - 00205024 _____ (Microsoft Corporation) C:\Windows\System32\mftranscode.dll
2014-01-28 18:23 - 2013-08-31 12:15 - 00180232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll
2014-01-28 18:22 - 2013-12-09 00:15 - 00787968 _____ (Microsoft Corporation) C:\Windows\System32\uDWM.dll
2014-01-28 18:22 - 2013-11-09 06:34 - 00615936 _____ (Microsoft Corporation) C:\Windows\System32\MDMAgent.exe
2014-01-28 18:22 - 2013-11-09 06:34 - 00287744 _____ (Microsoft Corporation) C:\Windows\System32\mdmregistration.dll
2014-01-28 18:22 - 2013-11-09 05:52 - 00240128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2014-01-28 18:22 - 2013-10-16 15:58 - 01943536 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2014-01-28 18:22 - 2013-10-16 13:54 - 01581968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-01-28 18:22 - 2013-09-26 09:20 - 00556032 _____ (Microsoft Corporation) C:\Windows\System32\recimg.exe
2014-01-28 18:22 - 2013-09-26 08:24 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-01-28 18:22 - 2013-09-26 07:32 - 00638464 _____ (Microsoft Corporation) C:\Windows\System32\wimgapi.dll
2014-01-28 18:22 - 2013-09-26 07:14 - 00528896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2014-01-28 18:22 - 2013-09-25 07:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\System32\BthRadioMedia.dll
2014-01-28 18:22 - 2013-09-25 05:40 - 00098304 _____ (Microsoft Corporation) C:\Windows\System32\windows.immersiveshell.serviceprovider.dll
2014-01-28 18:22 - 2013-09-24 06:55 - 00284160 _____ (Microsoft Corporation) C:\Windows\System32\mcbuilder.exe
2014-01-28 18:22 - 2013-09-24 05:59 - 00253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
2014-01-28 18:22 - 2013-09-21 12:10 - 00579416 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2014-01-28 18:22 - 2013-09-21 12:10 - 00151384 ____C (Microsoft Corporation) C:\Windows\System32\Drivers\dumpsd.sys
2014-01-28 18:22 - 2013-09-21 11:50 - 00528048 _____ (Microsoft Corporation) C:\Windows\System32\ci.dll
2014-01-28 18:22 - 2013-09-21 10:56 - 00101208 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2014-01-28 18:22 - 2013-09-21 10:53 - 00233912 _____ (Microsoft Corporation) C:\Windows\System32\mfps.dll
2014-01-28 18:22 - 2013-09-21 09:23 - 00098104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-01-28 18:22 - 2013-09-21 06:55 - 00168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2014-01-28 18:22 - 2013-09-21 06:01 - 00200704 _____ (Microsoft Corporation) C:\Windows\System32\ReInfo.dll
2014-01-28 18:22 - 2013-09-21 05:37 - 00101376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-01-28 18:22 - 2013-09-21 05:20 - 00369664 _____ (Microsoft Corporation) C:\Windows\System32\wlanmsm.dll
2014-01-28 18:22 - 2013-09-21 05:09 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-01-28 18:22 - 2013-09-21 05:02 - 00158208 _____ (Microsoft Corporation) C:\Windows\System32\thumbcache.dll
2014-01-28 18:22 - 2013-09-21 04:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2014-01-28 18:22 - 2013-09-21 04:38 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2014-01-28 18:22 - 2013-09-21 04:38 - 00102400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
2014-01-28 18:22 - 2013-09-21 04:37 - 00131584 _____ (Microsoft Corporation) C:\Windows\System32\efswrt.dll
2014-01-28 18:22 - 2013-09-21 04:36 - 01185280 _____ (Microsoft Corporation) C:\Windows\System32\printui.dll
2014-01-28 18:22 - 2013-09-19 07:19 - 00117760 _____ (Microsoft Corporation) C:\Windows\System32\WorkFoldersRes.dll
2014-01-28 18:22 - 2013-09-19 06:39 - 00054784 _____ (Microsoft Corporation) C:\Windows\System32\pcaui.dll
2014-01-28 18:22 - 2013-09-19 06:27 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\WorkFolders.exe
2014-01-28 18:22 - 2013-09-19 06:23 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WorkFoldersRes.dll
2014-01-28 18:22 - 2013-09-19 06:17 - 00456192 _____ (Microsoft Corporation) C:\Windows\System32\sysmon.ocx
2014-01-28 18:22 - 2013-09-19 05:47 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pcaui.dll
2014-01-28 18:22 - 2013-09-19 05:29 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2014-01-28 18:22 - 2013-09-19 04:25 - 00471552 _____ (Microsoft Corporation) C:\Windows\System32\pcasvc.dll
2014-01-28 18:22 - 2013-09-17 06:58 - 00095744 _____ (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2014-01-28 18:22 - 2013-09-17 05:26 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-01-28 18:22 - 2013-09-17 05:15 - 01225728 _____ (Microsoft Corporation) C:\Windows\System32\usercpl.dll
2014-01-28 18:22 - 2013-09-17 04:09 - 01160704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2014-01-28 18:22 - 2013-09-17 04:08 - 00738304 _____ (Microsoft Corporation) C:\Windows\System32\msctfuimanager.dll
2014-01-28 18:22 - 2013-09-17 03:28 - 00695808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfuimanager.dll
2014-01-28 18:22 - 2013-09-14 14:06 - 00175960 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\VerifierExt.sys
2014-01-28 18:22 - 2013-09-14 14:06 - 00066904 _____ (Microsoft Corporation) C:\Windows\System32\PSHED.DLL
2014-01-28 18:22 - 2013-09-14 11:39 - 00083456 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\appid.sys
2014-01-28 18:22 - 2013-09-13 09:52 - 00159232 _____ (Microsoft Corporation) C:\Windows\System32\SensorsClassExtension.dll
2014-01-28 18:22 - 2013-09-13 08:54 - 00426496 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Devices.Usb.dll
2014-01-28 18:22 - 2013-09-13 08:10 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll
2014-01-28 18:22 - 2013-09-13 07:55 - 00233984 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Devices.HumanInterfaceDevice.dll
2014-01-28 18:22 - 2013-09-13 07:30 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2014-01-28 18:22 - 2013-09-12 12:33 - 06353952 _____ (Microsoft Corporation) C:\Windows\System32\sppsvc.exe
2014-01-28 18:22 - 2013-09-11 09:31 - 00442368 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\nwifi.sys
2014-01-28 18:22 - 2013-09-11 09:31 - 00244224 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2014-01-28 18:22 - 2013-09-11 07:41 - 00353792 _____ (Microsoft Corporation) C:\Windows\System32\dhcpcore.dll
2014-01-28 18:22 - 2013-09-11 07:09 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2014-01-28 18:22 - 2013-09-07 16:12 - 00458616 _____ (Microsoft Corporation) C:\Windows\System32\WerFault.exe
2014-01-28 18:22 - 2013-09-07 16:12 - 00407016 _____ (Microsoft Corporation) C:\Windows\System32\Faultrep.dll
2014-01-28 18:22 - 2013-09-07 14:45 - 00408480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2014-01-28 18:22 - 2013-09-07 14:45 - 00368736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2014-01-28 18:22 - 2013-09-07 12:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\System32\fdprint.dll
2014-01-28 18:22 - 2013-09-07 12:29 - 00503808 _____ (Microsoft Corporation) C:\Windows\System32\DeviceCenter.dll
2014-01-28 18:22 - 2013-09-07 12:00 - 00256000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdprint.dll
2014-01-28 18:22 - 2013-09-07 11:50 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceCenter.dll
2014-01-28 18:22 - 2013-09-07 11:45 - 00230400 _____ (Microsoft Corporation) C:\Windows\System32\CryptoWinRT.dll
2014-01-28 18:22 - 2013-09-07 11:30 - 00244736 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Networking.Vpn.dll
2014-01-28 18:22 - 2013-09-07 11:22 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CryptoWinRT.dll
2014-01-28 18:22 - 2013-09-07 11:13 - 00248320 _____ (Microsoft Corporation) C:\Windows\System32\rascustom.dll
2014-01-28 18:22 - 2013-09-07 10:51 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-01-28 18:22 - 2013-09-05 07:39 - 00285696 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ks.sys
2014-01-28 18:22 - 2013-09-05 06:42 - 00081920 _____ (Microsoft Corporation) C:\Windows\System32\Utilman.exe
2014-01-28 18:22 - 2013-09-05 05:40 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Utilman.exe
2014-01-28 18:22 - 2013-09-04 07:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\System32\WorkFoldersGPExt.dll
2014-01-28 18:22 - 2013-09-04 06:16 - 00358912 _____ (Microsoft Corporation) C:\Windows\System32\vmrdvcore.dll
2014-01-28 18:22 - 2013-09-04 05:12 - 00198656 _____ (Microsoft Corporation) C:\Windows\System32\DscCoreConfProv.dll
2014-01-28 18:22 - 2013-09-04 04:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\System32\DscCore.dll
2014-01-28 18:22 - 2013-09-04 04:48 - 00326656 _____ (Microsoft Corporation) C:\Windows\System32\SessEnv.dll
2014-01-28 18:22 - 2013-09-04 04:35 - 00280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2014-01-28 18:22 - 2013-08-31 12:04 - 00638464 _____ (Microsoft Corporation) C:\Windows\System32\riched20.dll
2014-01-28 18:22 - 2013-08-31 10:46 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\riched20.dll
2014-01-28 18:22 - 2013-08-31 10:00 - 00491520 _____ (Microsoft Corporation) C:\Windows\System32\GeofenceMonitorService.dll
2014-01-28 18:22 - 2013-08-31 09:25 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2014-01-28 18:22 - 2013-08-30 07:31 - 00109568 _____ (Microsoft Corporation) C:\Windows\System32\AxInstSv.dll
2014-01-28 18:22 - 2013-08-28 08:03 - 00249344 _____ (Microsoft Corporation) C:\Windows\System32\rdpencom.dll
2014-01-28 18:22 - 2013-08-28 07:55 - 00334336 _____ (Microsoft Corporation) C:\Windows\System32\MDEServer.exe
2014-01-28 18:22 - 2013-08-28 07:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\System32\msra.exe
2014-01-28 18:22 - 2013-08-28 07:09 - 00054272 _____ (Microsoft Corporation) C:\Windows\System32\rdsdwmdr.dll
2014-01-28 18:22 - 2013-08-28 07:04 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-01-28 18:22 - 2013-08-27 06:09 - 00970752 _____ (Microsoft Corporation) C:\Windows\System32\WebcamUi.dll
2014-01-28 18:22 - 2013-08-27 05:24 - 00813568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2014-01-28 13:04 - 2014-01-28 13:08 - 00000000 ____D () C:\Users\frank\AppData\Local\JDownloader v2.0
2014-01-28 07:43 - 2014-02-11 11:00 - 00000000 ____D () C:\Users\frank\Desktop\vitero Dateien
2014-01-28 07:02 - 2014-01-28 07:02 - 00000000 ____D () C:\Users\frank\AppData\Roaming\Macromedia
2014-01-28 07:01 - 2014-01-28 18:12 - 00000000 ____D () C:\Windows\Minidump
2014-01-27 19:14 - 2014-01-27 19:14 - 00000000 ____D () C:\Users\frank\AppData\Roaming\NVIDIA
2014-01-27 19:13 - 2014-02-10 15:42 - 00000000 ____D () C:\Users\frank\.VirtualBox
2014-01-27 19:13 - 2014-02-09 19:00 - 00000000 ____D () C:\Users\frank\VirtualBox VMs
2014-01-27 19:13 - 2013-12-18 16:19 - 00252688 _____ (Oracle Corporation) C:\Windows\System32\Drivers\VBoxDrv.sys
2014-01-27 19:12 - 2014-01-27 19:12 - 00000000 ____D () C:\Program Files\Oracle
2014-01-27 19:12 - 2013-12-18 16:16 - 00126736 _____ (Oracle Corporation) C:\Windows\System32\Drivers\VBoxUSBMon.sys
2014-01-27 19:07 - 2014-01-27 19:09 - 106322704 _____ (Oracle Corporation) C:\Users\frank\Downloads\VirtualBox-4.3.6-91406-Win.exe
2014-01-27 18:39 - 2014-01-27 18:39 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-01-27 18:38 - 2014-01-27 18:39 - 00000000 ____D () C:\Program Files (x86)\Cisco Packet Tracer 6.0.1
2014-01-27 18:38 - 2014-01-27 18:38 - 00000000 ____D () C:\Program Files\WinRAR
2014-01-27 18:25 - 2014-01-27 18:25 - 03171840 _____ () C:\Users\frank\Downloads\UltraMon_3.2.2_de_x64.msi
2014-01-27 18:25 - 2014-01-27 18:25 - 00000000 ____D () C:\Users\frank\AppData\Roaming\Realtime Soft
2014-01-27 18:25 - 2014-01-27 18:25 - 00000000 ____D () C:\ProgramData\Realtime Soft
2014-01-27 18:25 - 2014-01-27 18:25 - 00000000 ____D () C:\Program Files\UltraMon
2014-01-27 18:25 - 2014-01-27 18:25 - 00000000 ____D () C:\Program Files (x86)\WPF Toolkit
2014-01-27 18:25 - 2014-01-27 18:25 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-01-27 18:24 - 2014-01-27 18:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2014-01-27 18:24 - 2014-01-27 18:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Expression
2014-01-27 18:24 - 2014-01-27 18:24 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-01-27 18:24 - 2014-01-27 18:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-01-27 18:24 - 2008-07-12 07:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-01-27 18:23 - 2014-01-27 18:23 - 00000000 ____D () C:\Program Files (x86)\yWorks
2014-01-27 18:22 - 2014-01-28 08:14 - 00000000 ____D () C:\xampp
2014-01-27 18:02 - 2014-01-30 06:45 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-27 17:39 - 2014-01-27 17:39 - 00000424 _____ () C:\Users\frank\Desktop\Arbeitsplatz.lnk
2014-01-27 17:32 - 2014-02-11 20:48 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-01-27 17:32 - 2014-01-27 17:32 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Vorlagen
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Startmenü
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Netzwerkumgebung
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Lokale Einstellungen
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Eigene Dateien
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Druckumgebung
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Musik
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Bilder
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Verlauf
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Anwendungsdaten
2014-01-27 17:32 - 2013-10-23 08:20 - 06669600 _____ (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll
2014-01-27 17:32 - 2013-10-23 08:20 - 03489568 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll
2014-01-27 17:32 - 2013-10-23 08:20 - 03426956 _____ () C:\Windows\System32\nvcoproc.bin
2014-01-27 17:32 - 2013-10-23 08:20 - 02559776 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvcr.dll
2014-01-27 17:32 - 2013-10-23 08:20 - 00922912 _____ (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
2014-01-27 17:32 - 2013-10-23 08:20 - 00219424 _____ (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll
2014-01-27 17:32 - 2013-10-23 08:20 - 00063776 _____ (NVIDIA Corporation) C:\Windows\System32\nvshext.dll
2014-01-27 17:31 - 2014-01-27 17:32 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-01-27 17:31 - 2014-01-27 17:32 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-01-27 17:31 - 2014-01-27 17:32 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-01-27 17:31 - 2013-10-28 11:53 - 00061216 _____ (Khronos Group) C:\Windows\System32\OpenCL.dll
2014-01-27 17:31 - 2013-10-28 11:53 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-01-27 17:16 - 2014-02-11 10:31 - 00000000 ____D () C:\Users\frank\AppData\Roaming\vitero
2014-01-27 16:21 - 2014-01-27 16:21 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-01-27 16:06 - 2014-01-27 16:06 - 00000000 ____D () C:\Users\frank\AppData\Roaming\Malwarebytes
2014-01-27 16:06 - 2014-01-27 16:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-01-27 16:06 - 2014-01-27 16:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-27 16:06 - 2013-04-04 13:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2014-01-27 16:05 - 2014-02-11 20:48 - 00000000 ____D () C:\Users\frank\AppData\Roaming\ClassicShell
2014-01-27 16:05 - 2014-01-27 16:05 - 00000000 ____D () C:\ProgramData\ClassicShell
2014-01-27 16:05 - 2014-01-27 16:05 - 00000000 ____D () C:\Program Files\Classic Shell
2014-01-27 15:09 - 2014-02-11 20:48 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-27 15:09 - 2014-02-11 20:20 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-27 15:09 - 2014-01-27 17:15 - 00004094 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-27 15:09 - 2014-01-27 17:15 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-27 15:09 - 2014-01-27 15:28 - 50053120 _____ () C:\Program Files (x86)\GUT730F.tmp
2014-01-27 15:09 - 2014-01-27 15:28 - 00000000 ____D () C:\Program Files (x86)\GUM730E.tmp
2014-01-27 15:08 - 2014-02-09 18:50 - 00000000 ____D () C:\Users\frank\AppData\Roaming\DAEMON Tools Lite
2014-01-27 15:08 - 2014-01-27 15:08 - 00283064 _____ (Disc Soft Ltd) C:\Windows\System32\Drivers\dtsoftbus01.sys
2014-01-27 15:08 - 2014-01-27 15:08 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-01-27 15:06 - 2014-01-27 18:23 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-01-27 15:04 - 2014-01-27 18:00 - 00000000 ____D () C:\Install-Dateien
2014-01-27 14:59 - 2014-01-27 14:59 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-01-27 14:59 - 2014-01-27 14:59 - 00000000 ____D () C:\Users\frank\AppData\Roaming\AVAST Software
2014-01-27 14:59 - 2014-01-27 14:59 - 00000000 ____D () C:\Program Files\CCleaner
2014-01-27 14:47 - 2014-01-27 16:26 - 00000000 ____D () C:\Users\frank\AppData\Local\Google
2014-01-27 14:47 - 2014-01-27 16:15 - 00000000 ____D () C:\Program Files (x86)\Google
2014-01-27 14:47 - 2014-01-27 14:59 - 00409832 _____ (AVAST Software) C:\Windows\System32\Drivers\aswsp.sys
2014-01-27 14:47 - 2014-01-27 14:47 - 01032416 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2014-01-27 14:47 - 2014-01-27 14:47 - 00334648 _____ (AVAST Software) C:\Windows\System32\aswBoot.exe
2014-01-27 14:47 - 2014-01-27 14:47 - 00205320 _____ () C:\Windows\System32\Drivers\aswVmm.sys
2014-01-27 14:47 - 2014-01-27 14:47 - 00092544 _____ (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2014-01-27 14:47 - 2014-01-27 14:47 - 00084328 _____ (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2014-01-27 14:47 - 2014-01-27 14:47 - 00065776 _____ () C:\Windows\System32\Drivers\aswRvrt.sys
2014-01-27 14:47 - 2014-01-27 14:47 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-27 14:47 - 2014-01-27 14:47 - 00038984 _____ (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2014-01-27 14:47 - 2014-01-27 14:47 - 00000000 ____D () C:\Program Files\AVAST Software
2014-01-27 14:46 - 2014-01-27 14:46 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-01-27 14:23 - 2014-02-11 19:05 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1301974214-127450241-1762815529-1001
2014-01-27 14:20 - 2014-02-11 20:38 - 01776918 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-01-27 14:18 - 2014-02-11 20:47 - 00000000 __RDO () C:\Users\frank\SkyDrive
2014-01-27 14:16 - 2014-01-27 14:16 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-01-27 14:15 - 2014-02-08 20:09 - 00000000 ____D () C:\Users\frank\AppData\Local\VirtualStore
2014-01-27 14:15 - 2014-02-06 08:14 - 00000000 ____D () C:\Users\frank\AppData\Local\Packages
2014-01-27 14:15 - 2014-01-30 10:15 - 00000000 ____D () C:\Users\frank\AppData\Roaming\Adobe
2014-01-27 14:11 - 2014-02-08 20:58 - 00000000 ____D () C:\users\frank
2014-01-27 14:11 - 2014-01-27 14:11 - 00000020 ___SH () C:\Users\frank\ntuser.ini
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Vorlagen
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Startmenü
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Netzwerkumgebung
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Lokale Einstellungen
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Eigene Dateien
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Druckumgebung
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Documents\Eigene Musik
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Documents\Eigene Bilder
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\AppData\Local\Verlauf
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\AppData\Local\Anwendungsdaten
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Anwendungsdaten
2014-01-27 14:10 - 2013-08-22 05:17 - 02407936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2014-01-27 14:09 - 2014-02-11 18:20 - 01125563 _____ () C:\Windows\WindowsUpdate.log
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Programme
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-01-27 14:07 - 2014-02-09 17:37 - 00000000 __SHD () C:\Recovery
2014-01-27 14:07 - 2014-01-27 14:07 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_WpdFs_01_11_00.Wdf

==================== One Month Modified Files and Folders =======

2014-02-11 21:50 - 2014-02-11 21:50 - 00000000 _____ () C:\Recovery.txt
2014-02-11 20:49 - 2013-08-22 14:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-11 20:48 - 2014-01-27 17:32 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-11 20:48 - 2014-01-27 16:05 - 00000000 ____D () C:\Users\frank\AppData\Roaming\ClassicShell
2014-02-11 20:48 - 2014-01-27 15:09 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-11 20:47 - 2014-01-27 14:18 - 00000000 __RDO () C:\Users\frank\SkyDrive
2014-02-11 20:38 - 2014-02-11 20:38 - 02151424 _____ (Farbar) C:\Users\frank\Downloads\FRST64 (2).exe
2014-02-11 20:38 - 2014-01-27 14:20 - 01776918 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-02-11 20:38 - 2013-09-12 09:43 - 00764340 _____ () C:\Windows\System32\perfh007.dat
2014-02-11 20:38 - 2013-09-12 09:43 - 00159160 _____ () C:\Windows\System32\perfc007.dat
2014-02-11 20:37 - 2014-02-11 20:37 - 00001756 _____ () C:\Users\frank\Desktop\RKreport[0]_D_02112014_213727.txt
2014-02-11 20:37 - 2014-02-11 19:53 - 00000000 ____D () C:\Users\frank\Desktop\RK_Quarantine
2014-02-11 20:20 - 2014-01-27 15:09 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-11 20:00 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\System32\sru
2014-02-11 19:56 - 2014-02-11 19:56 - 00001714 _____ () C:\Users\frank\Desktop\RKreport[0]_S_02112014_205631.txt
2014-02-11 19:54 - 2014-02-11 19:54 - 04408320 _____ () C:\Users\frank\Desktop\RogueKillerX64.exe
2014-02-11 19:51 - 2014-02-11 19:51 - 02467477 _____ () C:\Users\frank\Downloads\RogueKiller_8.8.5.zip
2014-02-11 19:05 - 2014-01-27 14:23 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1301974214-127450241-1762815529-1001
2014-02-11 18:55 - 2014-01-30 14:15 - 00000000 ____D () C:\Program Files (x86)\Comodo
2014-02-11 18:20 - 2014-01-27 14:09 - 01125563 _____ () C:\Windows\WindowsUpdate.log
2014-02-11 18:12 - 2014-02-11 18:12 - 00000000 ____D () C:\Users\frank\Downloads\ListDlls
2014-02-11 18:11 - 2014-02-11 18:11 - 00269722 _____ () C:\Users\frank\Downloads\ListDlls.zip
2014-02-11 18:10 - 2014-02-07 14:16 - 00000000 ____D () C:\Program Files\HitmanPro
2014-02-11 14:41 - 2014-01-30 08:04 - 00116736 ___SH () C:\Users\frank\Desktop\Thumbs.db
2014-02-11 14:40 - 2014-02-03 14:04 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F81F6709-A6D3-45E6-A9BC-D60ACD28289C}
2014-02-11 11:44 - 2014-02-11 11:44 - 00003822 _____ () C:\Users\frank\Downloads\schach_bewegung_dkr (3).php
2014-02-11 11:06 - 2014-02-11 11:06 - 00001753 _____ () C:\Users\frank\Downloads\fotoalbum (1).php
2014-02-11 11:04 - 2014-02-11 11:04 - 00001753 _____ () C:\Users\frank\Downloads\fotoalbum.php
2014-02-11 11:00 - 2014-01-28 07:43 - 00000000 ____D () C:\Users\frank\Desktop\vitero Dateien
2014-02-11 10:35 - 2014-02-11 10:35 - 00000462 _____ () C:\Windows\System32\.crusader
2014-02-11 10:32 - 2014-02-07 13:09 - 00000000 ____D () C:\Users\frank\Documents\SupervisionCam
2014-02-11 10:31 - 2014-01-27 17:16 - 00000000 ____D () C:\Users\frank\AppData\Roaming\vitero
2014-02-11 10:30 - 2013-08-22 13:25 - 00262144 ___SH () C:\Windows\System32\config\BBI
2014-02-11 07:00 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-02-10 19:00 - 2014-01-30 14:16 - 00000000 ____D () C:\Program Files\COMODO
2014-02-10 15:42 - 2014-02-10 15:41 - 00000000 ____D () C:\Users\frank\Desktop\ProcessMonitor
2014-02-10 15:42 - 2014-02-10 15:41 - 00000000 ____D () C:\Users\frank\Desktop\ProcessExplorer
2014-02-10 15:42 - 2014-01-27 19:13 - 00000000 ____D () C:\Users\frank\.VirtualBox
2014-02-10 11:46 - 2014-02-07 10:12 - 00000000 ____D () C:\Users\frank\Desktop\Sicherheit
2014-02-09 20:52 - 2014-02-09 20:52 - 00080384 _____ () C:\Users\frank\Downloads\MBRCheck.exe
2014-02-09 20:45 - 2014-02-09 20:45 - 00007597 _____ () C:\Users\frank\AppData\Local\Resmon.ResmonCfg
2014-02-09 20:17 - 2014-02-09 20:17 - 00000000 ____D () C:\Windows\pss
2014-02-09 20:13 - 2014-02-08 21:50 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys
2014-02-09 19:00 - 2014-01-27 19:13 - 00000000 ____D () C:\Users\frank\VirtualBox VMs
2014-02-09 18:50 - 2014-01-27 15:08 - 00000000 ____D () C:\Users\frank\AppData\Roaming\DAEMON Tools Lite
2014-02-09 17:41 - 2014-02-08 20:59 - 00000000 ____D () C:\FRST
2014-02-09 17:37 - 2014-01-27 14:07 - 00000000 __SHD () C:\Recovery
2014-02-09 16:48 - 2014-02-07 10:13 - 00000000 ____D () C:\Users\frank\Desktop\Office
2014-02-09 15:09 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\rescache
2014-02-09 09:05 - 2014-02-03 09:11 - 00074752 ___SH () C:\Users\frank\Downloads\Thumbs.db
2014-02-09 08:57 - 2014-02-09 08:45 - 00000000 ____D () C:\Users\frank\AppData\Roaming\Apple Computer
2014-02-09 08:45 - 2014-02-09 08:45 - 00000000 ____D () C:\Users\frank\AppData\Local\Apple Computer
2014-02-09 08:45 - 2014-02-09 08:45 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-02-09 08:45 - 2014-02-09 08:45 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-09 08:45 - 2014-02-09 08:45 - 00000000 ____D () C:\Program Files\iTunes
2014-02-09 08:45 - 2014-02-09 08:45 - 00000000 ____D () C:\Program Files\iPod
2014-02-09 08:45 - 2014-02-09 08:45 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-09 08:44 - 2014-02-01 20:45 - 00002357 _____ () C:\Windows\setupact.log
2014-02-09 08:40 - 2014-02-09 08:40 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-02-09 08:40 - 2014-02-09 08:40 - 00000000 ____D () C:\Users\frank\AppData\Local\Apple
2014-02-09 08:40 - 2014-02-09 08:40 - 00000000 ____D () C:\ProgramData\Apple
2014-02-09 08:40 - 2014-02-09 08:40 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-02-09 08:40 - 2014-02-09 08:40 - 00000000 ____D () C:\Program Files\Bonjour
2014-02-09 08:40 - 2014-02-09 08:40 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-02-09 08:40 - 2014-02-09 08:40 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-02-09 08:35 - 2014-02-09 08:34 - 148896080 _____ (Apple Inc.) C:\Users\frank\Downloads\iTunes64Setup.exe
2014-02-09 08:33 - 2014-02-09 08:32 - 02751750 _____ () C:\Users\frank\Downloads\images.zip
2014-02-09 08:15 - 2013-08-22 14:44 - 00387472 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-02-09 08:13 - 2014-02-09 08:13 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-02-08 21:59 - 2014-02-08 21:51 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-08 21:50 - 2014-02-08 21:49 - 12589848 _____ (Malwarebytes Corp.) C:\Users\frank\Downloads\mbar-1.07.0.1009.exe
2014-02-08 21:17 - 2014-02-08 21:17 - 00710558 _____ () C:\Users\frank\Downloads\gmer.txt
2014-02-08 21:00 - 2014-02-08 21:00 - 00028263 _____ () C:\Users\frank\Downloads\Addition.txt
2014-02-08 21:00 - 2014-02-08 20:59 - 00120970 _____ () C:\Users\frank\Downloads\FRST.txt
2014-02-08 20:58 - 2014-02-08 20:58 - 00000542 _____ () C:\Users\frank\Downloads\defogger_disable.log
2014-02-08 20:58 - 2014-02-08 20:58 - 00000168 _____ () C:\Users\frank\defogger_reenable
2014-02-08 20:58 - 2014-01-27 14:11 - 00000000 ____D () C:\users\frank
2014-02-08 20:57 - 2014-02-08 20:57 - 02079744 _____ (Farbar) C:\Users\frank\Downloads\FRST64.exe
2014-02-08 20:57 - 2014-02-08 20:57 - 00050477 _____ () C:\Users\frank\Downloads\Defogger.exe
2014-02-08 20:53 - 2014-02-08 20:53 - 00009263 _____ () C:\Users\frank\Downloads\hijackthis.log
2014-02-08 20:52 - 2014-02-08 20:52 - 00388608 _____ (Trend Micro Inc.) C:\Users\frank\Downloads\hijackthis.exe
2014-02-08 20:42 - 2014-02-08 20:42 - 00003822 _____ () C:\Users\frank\Downloads\schach_bewegung_dkr (2).php
2014-02-08 20:25 - 2014-02-08 20:25 - 00003822 _____ () C:\Users\frank\Downloads\schach_bewegung_dkr (1).php
2014-02-08 20:09 - 2014-01-27 14:15 - 00000000 ____D () C:\Users\frank\AppData\Local\VirtualStore
2014-02-08 20:07 - 2014-02-08 20:07 - 00000650 _____ () C:\Users\Public\Desktop\Finale PrintMusic 2011.lnk
2014-02-08 20:07 - 2014-02-08 20:07 - 00000000 ____D () C:\Users\frank\Documents\Finale Files
2014-02-08 19:59 - 2014-02-08 19:59 - 12513728 _____ () C:\Users\frank\Downloads\Mein_Foto_Puzzle.exe
2014-02-08 19:59 - 2014-02-08 19:59 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-08 19:59 - 2014-02-08 19:47 - 146421352 _____ () C:\Users\frank\Downloads\UMBackup_FinalePmusic.rar
2014-02-08 19:58 - 2014-02-08 19:58 - 00710848 _____ ( ) C:\Users\frank\Downloads\COMPUTER_BILD-Download-Manager_fuer_Mein_Foto_Puzzle.exe
2014-02-08 19:52 - 2014-02-08 19:52 - 05987556 _____ ( ) C:\Users\frank\Downloads\sonnensystem.exe
2014-02-08 15:32 - 2014-02-07 16:26 - 00006884 _____ () C:\Windows\PFRO.log
2014-02-08 14:28 - 2014-02-08 14:27 - 27783201 _____ () C:\Users\frank\Downloads\Finale-NotePad-2008.rar
2014-02-08 14:11 - 2014-02-08 14:11 - 00065910 _____ () C:\Users\frank\Downloads\pong.zip
2014-02-07 18:39 - 2014-02-07 18:24 - 00000000 ____D () C:\Users\frank\AppData\Roaming\TeamViewer
2014-02-07 16:25 - 2013-08-22 15:36 - 00000000 ___RD () C:\Windows\ToastData
2014-02-07 16:25 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-02-07 16:25 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\FileManager
2014-02-07 16:25 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\Camera
2014-02-07 16:25 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-02-07 16:25 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\System32\Dism
2014-02-07 14:19 - 2014-02-07 14:14 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-07 14:13 - 2014-02-07 14:13 - 00000000 ____D () C:\Users\frank\Pavark
2014-02-07 13:58 - 2014-02-07 13:58 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-07 13:58 - 2014-02-07 13:58 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-07 13:58 - 2014-02-07 13:58 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-07 13:58 - 2014-02-07 13:58 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-07 13:58 - 2014-02-07 13:58 - 00000000 ____D () C:\ProgramData\Sun
2014-02-07 13:58 - 2014-02-07 13:58 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-07 13:58 - 2014-02-07 13:58 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-07 13:22 - 2014-01-29 15:17 - 00000000 ____D () C:\Users\frank\AppData\Roaming\vlc
2014-02-07 13:09 - 2014-02-07 13:09 - 00000000 ____D () C:\Program Files (x86)\SupervisionCam
2014-02-07 13:08 - 2014-02-07 12:58 - 00000000 ____D () C:\Program Files (x86)\WatchMyCam
2014-02-07 12:51 - 2014-02-07 12:39 - 00000000 ____D () C:\Program Files (x86)\go1984
2014-02-07 12:47 - 2014-02-07 12:47 - 00000000 ____D () C:\Users\frank\AppData\Roaming\CrazyPixels
2014-02-07 12:39 - 2014-02-07 12:39 - 00000000 ____D () C:\ProgramData\logiware gmbh
2014-02-07 12:38 - 2014-02-07 12:38 - 00000000 ____D () C:\Live! Cam
2014-02-07 12:33 - 2014-02-07 12:30 - 00000000 ____D () C:\Program Files (x86)\CamAlert
2014-02-07 12:28 - 2014-02-07 12:28 - 00003957 _____ () C:\Users\frank\Desktop\vlc - Verknüpfung.lnk
2014-02-07 10:13 - 2014-02-07 10:13 - 00000000 ____D () C:\Users\frank\Desktop\Schule
2014-02-07 10:12 - 2014-02-07 10:12 - 00000000 ____D () C:\Users\frank\Desktop\Netzwerk
2014-02-07 10:12 - 2014-02-07 10:11 - 00000000 ____D () C:\Users\frank\Desktop\Programmierung
2014-02-07 08:07 - 2014-02-07 08:02 - 586924032 _____ () C:\Users\frank\Downloads\ubcd528.iso
2014-02-06 10:28 - 2014-02-06 10:28 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-02-06 08:14 - 2014-01-27 14:15 - 00000000 ____D () C:\Users\frank\AppData\Local\Packages
2014-02-06 08:12 - 2014-02-06 08:12 - 00000046 _____ () C:\Windows\wininit.ini
2014-02-06 07:35 - 2014-02-06 07:35 - 00000000 ____D () C:\Users\frank\AppData\Roaming\OpenOffice
2014-02-06 07:34 - 2014-02-06 07:34 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-02-06 07:32 - 2014-02-06 07:31 - 163606685 _____ () C:\Users\frank\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-02-05 14:38 - 2014-02-05 14:38 - 00003822 _____ () C:\Users\frank\Downloads\schach_bewegung_dkr.php
2014-02-03 23:43 - 2014-02-10 15:40 - 02924736 _____ (Sysinternals - www.sysinternals.com) C:\Users\frank\Downloads\procexp.exe
2014-02-03 10:14 - 2014-02-03 10:14 - 00064472 _____ () C:\Users\frank\Downloads\2014.01.27 ER Modell Fahrradhändler.graphml
2014-02-03 10:14 - 2014-02-03 10:14 - 00000000 ____D () C:\Users\frank\AppData\Roaming\yWorks
2014-02-02 20:53 - 2014-02-02 20:53 - 00116138 _____ () C:\Users\frank\Downloads\tabellen.zip
2014-02-02 16:38 - 2014-02-02 16:38 - 32093427 _____ ( ) C:\Users\frank\Downloads\Childsplay-1.5_www_freispiel_de.exe
2014-02-02 16:37 - 2014-02-02 16:36 - 01446932 _____ () C:\Users\frank\Downloads\bubble97.zip
2014-02-02 16:35 - 2014-02-02 16:35 - 00000000 ____D () C:\Users\frank\AppData\Local\DownloadGuide
2014-02-02 15:32 - 2014-01-30 09:16 - 00000000 ____D () C:\ProgramData\Adobe
2014-02-01 20:45 - 2014-02-01 20:45 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-01 20:41 - 2014-02-01 20:41 - 00000000 ____D () C:\Users\frank\Downloads\Schandmaul-Unendlich-2CD-2014_
2014-02-01 19:48 - 2014-02-01 19:48 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-02-01 19:48 - 2014-02-01 19:48 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-02-01 19:48 - 2014-02-01 19:48 - 00000000 ____D () C:\Program Files\MSBuild
2014-02-01 19:48 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-02-01 19:48 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\System32\MUI
2014-02-01 19:45 - 2014-02-01 19:42 - 00000000 ____D () C:\Users\frank\AppData\Roaming\Notepad++
2014-02-01 19:45 - 2014-02-01 19:42 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-02-01 19:42 - 2014-02-01 19:41 - 07598942 _____ () C:\Users\frank\Downloads\npp.6.5.3.Installer.exe
2014-02-01 18:27 - 2014-02-01 18:27 - 26351664 _____ (Salfeld Computer GmbH ) C:\Users\frank\Downloads\nw_28334_kisiexe.exe
2014-01-31 20:05 - 2014-01-31 10:16 - 00000000 ___SD () C:\Users\frank\Documents\Meine Websites
2014-01-31 11:41 - 2014-01-31 11:41 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2014-01-31 11:41 - 2014-01-31 11:41 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-01-31 10:06 - 2014-01-31 08:34 - 281129273 _____ () C:\Users\frank\Downloads\Fishdom.exe
2014-01-31 09:09 - 2014-01-30 10:16 - 00000188 _____ () C:\Users\frank\.packettracer
2014-01-31 07:53 - 2013-08-22 20:59 - 00000000 ____D () C:\Program Files\Windows Journal
2014-01-31 07:53 - 2013-08-22 20:57 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2014-01-31 07:53 - 2013-08-22 20:57 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2014-01-31 07:53 - 2013-08-22 20:57 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2014-01-31 07:53 - 2013-08-22 20:57 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2014-01-31 07:53 - 2013-08-22 20:57 - 00000000 ____D () C:\Windows\System32\winrm
2014-01-31 07:53 - 2013-08-22 20:57 - 00000000 ____D () C:\Windows\System32\WCN
2014-01-31 07:53 - 2013-08-22 20:57 - 00000000 ____D () C:\Windows\System32\slmgr
2014-01-31 07:53 - 2013-08-22 20:57 - 00000000 ____D () C:\Windows\System32\Printing_Admin_Scripts
2014-01-31 07:53 - 2013-08-22 15:36 - 00000000 ___SD () C:\Windows\System32\dsc
2014-01-31 07:53 - 2013-08-22 15:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-01-31 07:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\WinStore
2014-01-31 07:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\Com
2014-01-31 07:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\System32\SystemResetPlatform
2014-01-31 07:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\System32\migwiz
2014-01-31 07:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\System32\Com
2014-01-31 07:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-01-31 07:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\IME
2014-01-31 07:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\Help
2014-01-31 07:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-01-31 07:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-01-31 07:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Common Files\System
2014-01-31 07:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-01-31 07:53 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-01-31 07:53 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-01-31 07:53 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\System32\Sysprep
2014-01-31 07:53 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\System32\oobe
2014-01-31 07:53 - 2013-08-22 13:36 - 00000000 ____D () C:\Windows\servicing
2014-01-31 07:51 - 2014-01-31 07:51 - 00000000 ____D () C:\Users\frank\AppData\Local\Apps\2.0
2014-01-30 20:47 - 2013-08-22 15:38 - 00693240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-30 20:47 - 2013-08-22 15:38 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-30 18:49 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\System32\NDF
2014-01-30 17:08 - 2014-01-30 17:08 - 00895466 _____ () C:\Windows\Die Planeten Uninstaller.exe
2014-01-30 17:08 - 2014-01-30 17:08 - 00000000 ____D () C:\Program Files (x86)\Die Planeten
2014-01-30 14:42 - 2014-01-30 14:42 - 93084883 _____ () C:\Users\frank\Downloads\netnet_pwfisi2014.rar
2014-01-30 14:16 - 2014-01-30 14:16 - 00000000 ____D () C:\Users\frank\AppData\Local\AdTrustMedia
2014-01-30 14:16 - 2014-01-30 14:16 - 00000000 ____D () C:\ProgramData\COMODO
2014-01-30 14:16 - 2014-01-30 14:16 - 00000000 ____D () C:\ProgramData\Adtrustmedia
2014-01-30 14:16 - 2014-01-30 14:16 - 00000000 ____D () C:\Program Files\AdTrustMedia
2014-01-30 14:16 - 2014-01-30 14:16 - 00000000 ____D () C:\Program Files (x86)\AdTrustMedia
2014-01-30 14:16 - 2014-01-30 14:16 - 00000000 ____D () C:\first_launch
2014-01-30 14:15 - 2014-01-30 14:15 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-01-30 14:05 - 2014-01-30 14:05 - 00003138 _____ () C:\Windows\System32\Tasks\{33B9F1BB-4ED2-4D27-998A-D02280BE0F11}
2014-01-30 13:56 - 2014-01-30 13:53 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-01-30 13:53 - 2014-01-30 13:52 - 00000000 ____D () C:\Program Files (x86)\Security Task Manager
2014-01-30 13:52 - 2014-01-30 13:52 - 02365840 _____ () C:\Users\frank\Downloads\SecurityTaskManager_Setup.exe
2014-01-30 10:20 - 2014-01-30 10:16 - 00000000 ____D () C:\Users\frank\Cisco Packet Tracer 6.0.1
2014-01-30 10:15 - 2014-01-30 09:15 - 00000000 ____D () C:\Users\frank\AppData\Local\Adobe
2014-01-30 10:15 - 2014-01-27 14:15 - 00000000 ____D () C:\Users\frank\AppData\Roaming\Adobe
2014-01-30 09:40 - 2014-01-30 09:37 - 00000000 ____D () C:\Users\frank\AppData\Roaming\Dream Aquarium
2014-01-30 09:16 - 2014-01-30 09:16 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-01-30 08:21 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
2014-01-30 08:21 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\System32\en-GB
2014-01-30 06:51 - 2014-01-30 06:51 - 00073584 _____ () C:\Users\frank\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-30 06:50 - 2014-01-30 06:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-01-30 06:50 - 2014-01-30 06:48 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-01-30 06:48 - 2014-01-30 06:48 - 25755856 _____ (Microsoft Corporation) C:\Users\frank\Downloads\wordview_de-de.exe
2014-01-30 06:45 - 2014-01-27 18:02 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-29 18:40 - 2014-01-29 18:22 - 00000000 ___RD () C:\Windows\BrowserChoice
2014-01-29 18:22 - 2014-01-29 18:22 - 2321575125 _____ () C:\Windows\MEMORY.DMP
2014-01-29 15:16 - 2014-01-29 15:16 - 00000000 ____D () C:\Program Files\VideoLAN
2014-01-29 12:34 - 2014-01-29 12:34 - 00276276 _____ () C:\Users\frank\Documents\version1.pcapng
2014-01-29 12:25 - 2014-01-29 12:25 - 00000000 ____D () C:\Users\frank\AppData\Roaming\Wireshark
2014-01-29 12:24 - 2014-01-29 12:24 - 00000000 ____D () C:\Program Files (x86)\WinPcap
2014-01-29 12:24 - 2014-01-29 12:23 - 00000000 ____D () C:\Program Files\Wireshark
2014-01-29 12:24 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-01-29 12:23 - 2014-01-29 12:22 - 27976248 _____ (Wireshark development team) C:\Users\frank\Downloads\Wireshark-win64-1.10.4.exe
2014-01-29 11:24 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\Registration
2014-01-29 10:41 - 2014-01-29 10:41 - 00000000 ____D () C:\Users\frank\AppData\Roaming\WinRAR
2014-01-29 10:24 - 2014-01-29 10:24 - 00000036 _____ () C:\Users\frank\AppData\Local\housecall.guid.cache
2014-01-29 09:54 - 2014-01-29 09:54 - 12734464 _____ () C:\Users\frank\Downloads\zwischenzeit_divx240.avi
2014-01-28 20:39 - 2014-01-28 20:39 - 24859352 _____ (Microsoft Corporation) C:\Users\frank\Downloads\Windows-KB890830-x64-V5.8.exe
2014-01-28 20:37 - 2014-01-28 20:37 - 00000000 ____D () C:\Users\frank\AppData\Roaming\QuickScan
2014-01-28 18:12 - 2014-01-28 07:01 - 00000000 ____D () C:\Windows\Minidump
2014-01-28 18:12 - 2013-09-12 10:47 - 00000000 ____D () C:\Windows\Panther
2014-01-28 13:08 - 2014-01-28 13:04 - 00000000 ____D () C:\Users\frank\AppData\Local\JDownloader v2.0
2014-01-28 08:54 - 2014-01-30 14:43 - 00000000 ____D () C:\Users\frank\Downloads\netnet
2014-01-28 08:14 - 2014-01-27 18:22 - 00000000 ____D () C:\xampp
2014-01-28 07:02 - 2014-01-28 07:02 - 00000000 ____D () C:\Users\frank\AppData\Roaming\Macromedia
2014-01-27 19:14 - 2014-01-27 19:14 - 00000000 ____D () C:\Users\frank\AppData\Roaming\NVIDIA
2014-01-27 19:12 - 2014-01-27 19:12 - 00000000 ____D () C:\Program Files\Oracle
2014-01-27 19:09 - 2014-01-27 19:07 - 106322704 _____ (Oracle Corporation) C:\Users\frank\Downloads\VirtualBox-4.3.6-91406-Win.exe
2014-01-27 18:39 - 2014-01-27 18:39 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-01-27 18:39 - 2014-01-27 18:38 - 00000000 ____D () C:\Program Files (x86)\Cisco Packet Tracer 6.0.1
2014-01-27 18:38 - 2014-01-27 18:38 - 00000000 ____D () C:\Program Files\WinRAR
2014-01-27 18:25 - 2014-01-27 18:25 - 03171840 _____ () C:\Users\frank\Downloads\UltraMon_3.2.2_de_x64.msi
2014-01-27 18:25 - 2014-01-27 18:25 - 00000000 ____D () C:\Users\frank\AppData\Roaming\Realtime Soft
2014-01-27 18:25 - 2014-01-27 18:25 - 00000000 ____D () C:\ProgramData\Realtime Soft
2014-01-27 18:25 - 2014-01-27 18:25 - 00000000 ____D () C:\Program Files\UltraMon
2014-01-27 18:25 - 2014-01-27 18:25 - 00000000 ____D () C:\Program Files (x86)\WPF Toolkit
2014-01-27 18:25 - 2014-01-27 18:25 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-01-27 18:25 - 2014-01-27 18:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2014-01-27 18:25 - 2014-01-27 18:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Expression
2014-01-27 18:24 - 2014-01-27 18:24 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-01-27 18:24 - 2014-01-27 18:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-01-27 18:23 - 2014-01-27 18:23 - 00000000 ____D () C:\Program Files (x86)\yWorks
2014-01-27 18:23 - 2014-01-27 15:06 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-01-27 18:00 - 2014-01-27 15:04 - 00000000 ____D () C:\Install-Dateien
2014-01-27 17:39 - 2014-01-27 17:39 - 00000424 _____ () C:\Users\frank\Desktop\Arbeitsplatz.lnk
2014-01-27 17:32 - 2014-01-27 17:32 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Vorlagen
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Startmenü
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Netzwerkumgebung
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Lokale Einstellungen
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Eigene Dateien
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Druckumgebung
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Musik
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Bilder
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Verlauf
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2014-01-27 17:32 - 2014-01-27 17:32 - 00000000 _SHDL () C:\Users\UpdatusUser\Anwendungsdaten
2014-01-27 17:32 - 2014-01-27 17:31 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-01-27 17:32 - 2014-01-27 17:31 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-01-27 17:32 - 2014-01-27 17:31 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-01-27 17:15 - 2014-01-27 15:09 - 00004094 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-27 17:15 - 2014-01-27 15:09 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-27 16:26 - 2014-01-27 14:47 - 00000000 ____D () C:\Users\frank\AppData\Local\Google
2014-01-27 16:21 - 2014-01-27 16:21 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-01-27 16:15 - 2014-01-27 14:47 - 00000000 ____D () C:\Program Files (x86)\Google
2014-01-27 16:06 - 2014-01-27 16:06 - 00000000 ____D () C:\Users\frank\AppData\Roaming\Malwarebytes
2014-01-27 16:06 - 2014-01-27 16:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-01-27 16:06 - 2014-01-27 16:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-27 16:05 - 2014-01-27 16:05 - 00000000 ____D () C:\ProgramData\ClassicShell
2014-01-27 16:05 - 2014-01-27 16:05 - 00000000 ____D () C:\Program Files\Classic Shell
2014-01-27 15:28 - 2014-01-27 15:09 - 50053120 _____ () C:\Program Files (x86)\GUT730F.tmp
2014-01-27 15:28 - 2014-01-27 15:09 - 00000000 ____D () C:\Program Files (x86)\GUM730E.tmp
2014-01-27 15:08 - 2014-01-27 15:08 - 00283064 _____ (Disc Soft Ltd) C:\Windows\System32\Drivers\dtsoftbus01.sys
2014-01-27 15:08 - 2014-01-27 15:08 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-01-27 15:06 - 2013-08-22 15:36 - 00262144 _____ () C:\Windows\System32\config\BCD-Template
2014-01-27 14:59 - 2014-01-27 14:59 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-01-27 14:59 - 2014-01-27 14:59 - 00000000 ____D () C:\Users\frank\AppData\Roaming\AVAST Software
2014-01-27 14:59 - 2014-01-27 14:59 - 00000000 ____D () C:\Program Files\CCleaner
2014-01-27 14:59 - 2014-01-27 14:47 - 00409832 _____ (AVAST Software) C:\Windows\System32\Drivers\aswsp.sys
2014-01-27 14:47 - 2014-01-27 14:47 - 01032416 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2014-01-27 14:47 - 2014-01-27 14:47 - 00334648 _____ (AVAST Software) C:\Windows\System32\aswBoot.exe
2014-01-27 14:47 - 2014-01-27 14:47 - 00205320 _____ () C:\Windows\System32\Drivers\aswVmm.sys
2014-01-27 14:47 - 2014-01-27 14:47 - 00092544 _____ (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2014-01-27 14:47 - 2014-01-27 14:47 - 00084328 _____ (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2014-01-27 14:47 - 2014-01-27 14:47 - 00065776 _____ () C:\Windows\System32\Drivers\aswRvrt.sys
2014-01-27 14:47 - 2014-01-27 14:47 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-27 14:47 - 2014-01-27 14:47 - 00038984 _____ (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2014-01-27 14:47 - 2014-01-27 14:47 - 00000000 ____D () C:\Program Files\AVAST Software
2014-01-27 14:46 - 2014-01-27 14:46 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-01-27 14:16 - 2014-01-27 14:16 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-01-27 14:11 - 2014-01-27 14:11 - 00000020 ___SH () C:\Users\frank\ntuser.ini
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Vorlagen
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Startmenü
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Netzwerkumgebung
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Lokale Einstellungen
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Eigene Dateien
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Druckumgebung
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Documents\Eigene Musik
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Documents\Eigene Bilder
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\AppData\Local\Verlauf
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\AppData\Local\Anwendungsdaten
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 _SHDL () C:\Users\frank\Anwendungsdaten
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Programme
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-01-27 14:08 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows NT
2014-01-27 14:08 - 2013-08-22 13:36 - 00000000 __RHD () C:\users\Default
2014-01-27 14:07 - 2014-01-27 14:07 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-01-27 14:07 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\System32\Recovery
2014-01-19 07:38 - 2014-02-07 07:55 - 00270496 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe

Some content of TEMP:
====================
C:\Users\frank\AppData\Local\Temp\CheckLang.dll
C:\Users\frank\AppData\Local\Temp\CtRunApp.dll
C:\Users\frank\AppData\Local\Temp\HitmanPro.exe
C:\Users\frank\AppData\Local\Temp\MAZDKJFL.exe
C:\Users\frank\AppData\Local\Temp\ntdll_dump.dll
C:\Users\frank\AppData\Local\Temp\proxy_vole4655281476205128139.dll
C:\Users\frank\AppData\Local\Temp\xmlUpdater.exe
C:\Users\frank\AppData\Local\Temp\ZLFG.exe


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2014-02-01 19:46:03
Restore point made on: 2014-02-06 07:33:05
Restore point made on: 2014-02-07 13:58:24
Restore point made on: 2014-02-09 08:41:02

==================== Memory info ===========================

Percentage of memory in use: 8%
Total physical RAM: 16340.29 MB
Available physical RAM: 15001.05 MB
Total Pagefile: 16340.29 MB
Available Pagefile: 15032.49 MB
Total Virtual: 131072 MB
Available Virtual: 131071.87 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:983.59 GB) (Free:893.05 GB) NTFS
Drive d: (Schule) (Fixed) (Total:488.28 GB) (Free:465.49 GB) NTFS
Drive e: (Privat) (Fixed) (Total:390.62 GB) (Free:295.58 GB) NTFS
Drive f: () (Removable) (Total:7.27 GB) (Free:7.16 GB) NTFS
Drive h: (DVD_ROM) (CDROM) (Total:4.28 GB) (Free:0 GB) UDF
Drive x: (Boot) (Fixed) (Total:0.5 GB) (Free:0.5 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 1ED72A27)

Partition: GPT Partition Type
========================================================
Disk: 1 (Size: 7 GB) (Disk ID: B045E18E)
Partition 1: (Active) - (Size=7 GB) - (Type=07 NTFS)


LastRegBack: 2014-02-09 08:38

==================== End Of Log ============================
--- --- ---

--- --- ---


Ich hoffe ich habe dich noch nicht zu sehr in Verzweiflung gebracht;)
mfg
Frank


Alle Zeitangaben in WEZ +1. Es ist jetzt 02:56 Uhr.
Seite 2 von 4 1 2 34
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29