Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 8 GVU Trojaner

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 06.02.2014, 17:06   #1
elcardinal1
 
Windows 8 GVU Trojaner - Standard

Windows 8 GVU Trojaner



Habe mir auf meinem neuen Laptop den GVU Trojaner eingefangen. Habe eine youtube Anleitung zum Entfernen versucht, aber irgendwie bekomme ich das nicht hin.
Wäre sehr dankbar wenn mir jemand helfen könnte.

Alt 06.02.2014, 17:30   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8 GVU Trojaner - Standard

Windows 8 GVU Trojaner



hi,

Scan mit Farbar's Recovery Scan Tool (Recovery Mode - Windows Vista, 7, 8)
Hinweise für Windows 8-Nutzer: Anleitung 1 (FRST-Variante) und Anleitung 2 (zweiter Teil)
  • Downloade dir bitte die passende Version des Tools (im Zweifel beide) und speichere diese auf einen USB Stick: FRST Download FRST 32-Bit | FRST 64-Bit
  • Schließe den USB Stick an das infizierte System an und boote das System in die System Reparatur Option.
  • Scanne jetzt nach der bebilderten Anleitung oder verwende die folgende Kurzanleitung:
Über den Boot Manager:
  • Starte den Rechner neu.
  • Während dem Hochfahren drücke mehrmals die F8 Taste
  • Wähle nun Computer reparieren.
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".
Mit Windows CD/DVD (auch bei Windows 8 möglich):
  • Lege die Windows CD in dein Laufwerk.
  • Starte den Rechner neu und starte von der CD.
  • Wähle die Spracheinstellungen und klicke "Weiter".
  • Klicke auf Computerreparaturoptionen !
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".
Wähle in den Reparaturoptionen: Eingabeaufforderung
  • Gib nun bitte notepad ein und drücke Enter.
  • Im öffnenden Textdokument: Datei > Speichern unter... und wähle Computer.
    Hier wird dir der Laufwerksbuchstabe deines USB Sticks angezeigt, merke ihn dir.
  • Schließe Notepad wieder
  • Gib nun bitte folgenden Befehl ein.
    e:\frst.exe bzw. e:\frst64.exe
    Hinweis: e steht für den Laufwerksbuchstaben deines USB Sticks, den du dir gemerkt hast. Gegebenfalls anpassen.
  • Akzeptiere den Disclaimer mit Ja und klicke Untersuchen
Das Tool erstellt eine FRST.txt auf deinem USB Stick. Poste den Inhalt bitte hier nach Möglichkeit in Code-Tags (Anleitung).

__________________

__________________

Alt 06.02.2014, 18:31   #3
elcardinal1
 
Windows 8 GVU Trojaner - Standard

Windows 8 GVU Trojaner



Hallo!

Ich habe das Logfile jetzt, habe im Editor(bzw. finde es nicht) diese Raute Taste mit den anschließenden Code Tags.
Soll ich den Text einfach so kopieren?

Gruß
__________________

Alt 07.02.2014, 16:53   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8 GVU Trojaner - Standard

Windows 8 GVU Trojaner



Die is hier im Forum in der Schnellantworten Box unterhalb meiner Antwort
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.02.2014, 20:32   #5
elcardinal1
 
Windows 8 GVU Trojaner - Standard

Windows 8 GVU Trojaner



Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-02-2014
Ran by SYSTEM on MININT-3N9M6KN on 06-02-2014 18:03:29
Running from D:\
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.




==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2874256 2012-12-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13267016 2013-01-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1276488 2013-01-18] (Realtek Semiconductor)
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519408 2013-07-18] (Acronis)
HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.)
HKLM-x32\...\Run: [LManager] - [X]
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7843992 2013-10-24] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] - C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1104616 2013-10-10] (Acronis International GmbH)
HKLM-x32\...\Run: [emsisoft anti-malware] - c:\program files (x86)\emsisoft anti-malware\a2guard.exe [4329408 2013-12-04] (Emsisoft GmbH)
HKLM\...\Runonce: [MSPCLOCK] - rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}
HKLM\...\Runonce: [MSPQM] - rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}
HKLM\...\Runonce: [MSKSSRV] - rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}
HKLM\...\Runonce: [MSTEE.CxTransform] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [MSTEE.Splitter] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [WDM_DRMKAUD] - rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\Windows\inf\WDMAUDIO.inf,WDM_DRMKAUD.Interface.Install
HKLM\...\RunOnce: [BrowserChoice] - C:\Windows\BrowserChoice\browserchoice.exe [86696 2012-08-14] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-01-28] ( (Atheros Communications))
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\Default\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845832 2013-02-20] (Acer Incorporated)
HKU\Default User\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845832 2013-02-20] (Acer Incorporated)
HKU\maiko_000\...\Run: [DelayShred] - C:\Users\maiko_000\Documents\UseNeXT\wizard\Taxi.Tycoon.v2.4.GERMAN-HARPOON - (1_7) - _Taxi.Ty\Taxi.Tycoon.v2.4.GERMAN-HARPOON.exe [48625620 2014-01-06] ()
HKU\maiko_000\...\Winlogon: [Userinit] userinit.exe, [25088 2012-07-25] (Microsoft Corporation)
HKU\maiko_000\...\Winlogon: [Shell] explorer.exe [2391280 2013-06-01] (Microsoft Corporation) <==== ATTENTION 
HKU\user\...\RunOnce: [Report] - \AdwCleaner\AdwCleaner[S1].txt [862 2014-02-05] ()
Startup: C:\Users\maiko_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoStarter.lnk
ShortcutTarget: AutoStarter.lnk ->  (No File)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoStarter.lnk
ShortcutTarget: AutoStarter.lnk -> C:\Users\maiko_000\Documents\UseNeXT\wizard\Prison Tycoon - Backlash\Prison_Tycoon_GERMAN-BACKLASH.exe ()

==================== Services (Whitelisted) =================

S2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4161512 2013-12-04] (Emsisoft GmbH)
S2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations)
S2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
S2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [2650112 2010-05-28] (DATA BECKER GmbH & Co KG)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
S2 ETDService; C:\Program Files\Elantech\ETDService.exe [100752 2012-12-07] (ELAN Microelectronics Corp.)
S2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
S2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-11-28] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
S2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
S2 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
S2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 MfeASUM; C:\Program Files\McAfee\AppStats\MfeASUM.exe [335216 2014-01-12] (McAfee, Inc.)
S2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025232 2013-12-10] (McAfee, Inc.)
S2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-12-05] (McAfee, Inc.)
S2 mfevtp; C:\windows\system32\mfevtps.exe [184800 2013-12-05] (McAfee, Inc.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
S2 Polar Daemon; C:\Program Files (x86)\Polar\Daemon\polard.exe [413184 2012-08-17] ()
S2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2013-07-25] (Dritek System INC.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-01] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [70960 2013-08-24] (Emsisoft GmbH)
S1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-28] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
S1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-25] (Symantec Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-12-05] (McAfee, Inc.)
S3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179792 2013-12-05] (McAfee, Inc.)
S1 MfeASKM; C:\Program Files\McAfee\AppStats\MfeASKM.sys [31408 2014-01-12] (McAfee, Inc.)
S2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311120 2013-12-05] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69344 2013-12-05] (McAfee, Inc.)
S3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519576 2013-12-05] (McAfee, Inc.)
S2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [782616 2013-12-05] (McAfee, Inc.)
S3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [411944 2013-11-26] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96112 2013-11-26] (McAfee, Inc.)
S2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343696 2013-12-05] (McAfee, Inc.)
S3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-07-25] (Dritek System Inc.)
S0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-01-26] (Acronis International GmbH)
S0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2014-01-26] (Acronis International GmbH)

========================== Drivers MD5 =======================

C:\Windows\System32\drivers\1394ohci.sys E890C46E4754F0DF51BAFCC8D2E07498
C:\Windows\System32\drivers\3ware.sys 4F18D4C7EA14F11A7211F60D553C03DB
C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys 797E1068EE061C5DEE668F0DC6B3C601
C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys D27A8B7BB0E15DFBFC6B4E774EE17AD9
C:\Windows\system32\drivers\acedrv11.sys A3769020F7E8A70FD3E824C050F33306
C:\Windows\System32\drivers\ACPI.sys 975AABEB243B800C23626D6B652C5A9C
C:\Windows\System32\Drivers\acpiex.sys DC968C37822117E576B933F34A2D130C
C:\Windows\System32\drivers\acpipagr.sys 0CA9F7C3A78227C21A0A7854E245CFB2
C:\Windows\System32\drivers\acpipmi.sys 8EB8DA03B142D3DD1EB9ED8107A76C43
C:\Windows\System32\drivers\acpitime.sys CBCE725C5D86ABA7D2604E22951AA9B8
C:\Windows\System32\drivers\adp94xx.sys 93C6388592B99925C1D1576E465BC80F
C:\Windows\System32\drivers\adpahci.sys D27763E0247292654E7F7D16444C7C72
C:\Windows\System32\drivers\adpu320.sys 67B90070FF48F794AF19F9FCF0080D75
C:\Windows\System32\DRIVERS\afcdp.sys ABCF9C80EAACE03021BB7F450EB8993F
C:\Windows\system32\drivers\afd.sys 7C0E0EDF18D6CC565D7BFBB451709FA5
C:\Windows\System32\drivers\agp440.sys 01590377A5AB19E792528C628A2A68F9
C:\Windows\System32\drivers\amdk8.sys 5A81054B824004B1ECC04F0034A1CDF9
C:\Windows\System32\drivers\amdppm.sys B849D453E644FAB9BC8EF6DC8CA9C4C6
C:\Windows\System32\drivers\amdsata.sys 35A0EB5AECB0FA3C41A2FB514A562304
C:\Windows\System32\drivers\amdsbs.sys 00452671904F5EE94B50BF0219C97164
C:\Windows\System32\drivers\amdxata.sys EA3FFE53E92E59C87E3ECA9BEB20D9B7
C:\Windows\system32\drivers\appid.sys 83B3682CE922FB0F415734B26D9D6233
C:\Windows\System32\drivers\arc.sys E933401B392387F4BE34DE8BAF1722A7
C:\Windows\System32\drivers\arcsas.sys 07CA323EF2E8247A568AB0F3662AD644
C:\Windows\system32\DRIVERS\asyncmac.sys 74DBAEC35366C4EE7670428808715A6A
C:\Windows\System32\drivers\atapi.sys A721FF570C2387E383BDDEA9632863C9
C:\Windows\system32\DRIVERS\btath_flt.sys 62A40F3DFF2B40915A1981285B14EFD4
C:\Windows\system32\DRIVERS\athw8x.sys 667153FCB54CD80626A5AC5A2F49F068
C:\Windows\System32\drivers\bxvbda.sys 87AB5BB072A3F128541D5B815F82FFDD
C:\Windows\System32\drivers\BasicDisplay.sys 81703BC5D68DEDBB086C2368FBE7B334
C:\Windows\System32\drivers\BasicRender.sys 5EC68164E14D25675C98BBB5F09E8606
C:\Windows\System32\Drivers\Beep.sys 9E7AEA59776D904607985AFFE7E5E183
C:\Windows\System32\DRIVERS\bowser.sys B17AC10B47C7FCB44D22A1F06415840E
C:\Windows\system32\drivers\btath_a2dp.sys 6BF12F3F3A5D3F2866E69B8B463BC0CD
C:\Windows\system32\drivers\btath_avdt.sys DC7038090A369FE866B76DB18E356558
C:\Windows\System32\drivers\btath_bus.sys C6978F7EBA6F37D626482AC6B9390630
C:\Windows\System32\drivers\btath_hcrp.sys 4AF7C20F94DAC343C01ED671C82DCB99
C:\Windows\system32\DRIVERS\btath_lwflt.sys 785C38070043BEEE9E9D591DE4067244
C:\Windows\System32\drivers\btath_rcp.sys A6019537D6125099363F90D0C6D181F9
C:\Windows\system32\DRIVERS\btfilter.sys 7A38787D2CF43FA2812E2BF86F636BB9
C:\Windows\System32\drivers\BthAvrcpTg.sys 6695200F455E251F0BCC9CE4D0978D59
C:\Windows\System32\drivers\BthEnum.sys A8B20D852B07AE19A13B5D47EC4E4C3B
C:\Windows\System32\drivers\bthhfenum.sys 616EB8748C988AEE98D93DA141C3D3B4
C:\Windows\System32\drivers\BthHFHid.sys DCB4EBD928A6FB368BE6CAE522412DE1
C:\Windows\system32\DRIVERS\BthLEEnum.sys 42201C346F0B8C458E1E9CDE04D68A2C
C:\Windows\System32\drivers\bthmodem.sys 033916CE8784A848B9A3D686B7F66D97
C:\Windows\system32\DRIVERS\bthpan.sys 091BB978E9504D0AD14586929431A957
C:\Windows\System32\Drivers\BTHport.sys 13795CAA34239D97A7211E7F9D96E012
C:\Windows\System32\Drivers\BTHUSB.sys 1F715957F5236D30B6020A19A4271F6A
C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys E41F70406C34F1CB667B4B27D81AD162
C:\Windows\System32\DRIVERS\cdfs.sys 990B1BABE6E81FB18E65A87EBEFB1772
C:\Windows\System32\drivers\cdrom.sys 339BFF85D788268752DA8C9644B188EE
C:\Windows\System32\drivers\cfwids.sys EE8C92831C615EB2266200C73BA58536
C:\Windows\System32\drivers\circlass.sys F64B7D1A37CC1D5F421D5359EEC81E2E
C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys B794DCF38C965FA2F93C45A7C3D582C5
C:\Windows\System32\drivers\CLFS.sys 9905168708DB68849B879B5548F68AB3
C:\Windows\System32\drivers\CmBatt.sys 2DC8538A2260647484A6C921CA837313
C:\Windows\System32\Drivers\cng.sys E708BFF0473EC6B271EA46B65B16CA56
C:\Windows\System32\drivers\CompositeBus.sys 0E5B1E9E7122EDAAF1F6CE047965CA92
C:\Windows\System32\drivers\condrv.sys D9CB0782AF819548072AA45B70F8B22D
C:\Windows\System32\drivers\dam.sys FAEF4C245BE832DB41B15DAAC336AFB7
C:\Windows\System32\Drivers\dfsc.sys 09D9EB9E7898F8E6561473A20CC808B9
C:\Windows\system32\DRIVERS\ssudbus.sys 955FFE2B1D74A9E0E3E0E558E6A17F3B
C:\Windows\System32\drivers\discache.sys 3C736FAE17BA6F91BA37594AAB139CD0
C:\Windows\System32\drivers\disk.sys AE3786294CC246A5403783E1B86A0168
C:\Windows\System32\drivers\dmvsc.sys 82A7C72593793FE1EADA7A305BD1567A
C:\Windows\system32\drivers\drmkaud.sys 9C7C183F937951AE17C5B8B3259CF3FF
C:\Windows\System32\drivers\dxgkrnl.sys E6AF4DF1817953D73C519B17CF849756
C:\Windows\System32\drivers\evbda.sys 5AB97B3282D7D6114949D1EB5C8598E4
C:\Windows\System32\drivers\EhStorClass.sys 66D60BD9A4C05616ABECA2A901475098
C:\Windows\System32\drivers\EhStorTcgDrv.sys A61D0F543024E458C0FE32352E1978E2
C:\Windows\System32\drivers\errdev.sys D790D058D67582DB9C84C2D33695FE6B
C:\Windows\system32\DRIVERS\ETD.sys 5507BF71815ECF0BCF9D97924D805839
C:\Windows\System32\Drivers\exfat.sys 7A4D6FEB8C52B3FE855E4DCDF9107E03
C:\Windows\System32\Drivers\fastfat.sys 60996602A7111FD2D086E803F33E4282
C:\Windows\System32\drivers\fdc.sys 73B2D11DF0B6E03A0CB0323218ACB3E4
C:\Windows\System32\drivers\fileinfo.sys 88A9EBACD1058ABB237A6B4E96E7F397
C:\Windows\System32\drivers\filetrace.sys 9E4EE3A0B00FF7D5F42A4AF9744CBA02
C:\Windows\System32\drivers\flpydisk.sys B1D4C168FF7B8579E3745888658FFB1D
C:\Windows\System32\drivers\fltmgr.sys B33EC133AE4E6C1881D2302D93D2467D
C:\Windows\System32\DRIVERS\fltsrv.sys FDD776FAC4159A2983940D1E411FE9F3
C:\Windows\System32\drivers\FsDepends.sys A5F7873A39E4E9FAAAE59B7E9E36B705
C:\Windows\System32\Drivers\Fs_Rec.sys A6DD7D491F587F4BC13FB972977DC8E8
C:\Windows\System32\DRIVERS\fvevol.sys C1646A95EAC515F60CDB2A7A8A013C1E
C:\Windows\System32\drivers\fxppm.sys A969D92973DFA895E7776B4BFE36DBB2
C:\Windows\System32\drivers\gagp30kx.sys 52BC441E07A827EBAB70CDC7EAEDB28D
C:\Windows\System32\drivers\vmgencounter.sys 721F8EEF5E9747F32670DEFF7FB92541
C:\Windows\System32\Drivers\msgpioclx.sys FC2B8B06BDBD3B6457F5A3DA9AD2410E
C:\Windows\system32\drivers\HdAudio.sys 630555943E5A3FE21010CE91EC7FC84F
C:\Windows\System32\drivers\HDAudBus.sys 7D87B5B6C7188D553E11B59DC7F0B111
C:\Windows\System32\drivers\HidBatt.sys 3F76BBA53D65E85A7F53E7A71082082C
C:\Windows\System32\drivers\hidbth.sys 085F150D002B7F0153D3C06DDF33A143
C:\Windows\System32\drivers\hidi2c.sys CC4A07E51D89575CAB6F4EB590D87CD4
C:\Windows\System32\drivers\hidir.sys DC96F7DACB777CDEAEF9958A50BFDA06
C:\Windows\System32\drivers\hidusb.sys 012C354B4AB48E9A7A657DF39E3A2073
C:\Windows\System32\drivers\HipShieldK.sys 29F981739E50305128022CBE10B3659C
C:\Windows\System32\drivers\HpSAMD.sys 64DB7A8D97CA53DCCF93D0A1E08342CF
C:\Windows\System32\drivers\HTTP.sys F4A91D985EB9D1D2717D538F3424603C
C:\Windows\System32\drivers\hwpolicy.sys 2A98301068801700906C06649860FE94
C:\Windows\System32\drivers\hyperkbd.sys DC76901D82097C9E297F20C287CB9A27
C:\Windows\system32\DRIVERS\HyperVideo.sys 716413AB3CA12DE0A7222D28C1C9352C
C:\Windows\System32\drivers\i8042prt.sys C9E9CBF73AFFBFE3E801EFB516787BA3
C:\Windows\System32\drivers\iaStorA.sys 6C024B3AE192D72B216166802AF345DD
C:\Windows\System32\drivers\iaStorV.sys 5E394EBD26FD68AA9300332C46BEDD62
C:\Windows\system32\DRIVERS\igdkmd64.sys A1CF07D24EDCDC6870535471654D957C
C:\Windows\System32\drivers\iirsp.sys 24847A06B84339FEEDE5CABF3D27D320
C:\Windows\system32\drivers\RTKVHD64.sys CCC757B8FD330D0AEF548ACE265BD196
C:\Windows\system32\DRIVERS\IntcDAud.sys F5495B38BFB9149925F54F65AB40EFBF
C:\Windows\System32\drivers\intelide.sys 4F37726CF764CA18A8A84F85EF3A7F24
C:\Windows\System32\drivers\intelppm.sys E15CDF68DD73423F15D4AC404793AF0D
C:\Windows\System32\DRIVERS\ipfltdrv.sys 8FCA66234A0933D796BB780B7953BAB9
C:\Windows\System32\drivers\IPMIDrv.sys 6E98A046A12AA113F8898AA5D612BD6E
C:\Windows\System32\drivers\ipnat.sys 3969B9C218DD3FAA9F4ED2FFC3651C02
C:\Windows\System32\drivers\irenum.sys 25CD7C4BB2863FFC2B0B311F0AEBF77C
C:\Windows\System32\drivers\isapnp.sys D940C5BB9DC92E588533C19ABCC3D2C2
C:\Windows\System32\drivers\msiscsi.sys 69C8BF0BC2B0EA10F130F4D3104DC2EF
C:\Windows\System32\drivers\kbdclass.sys 8FBD94B69D6423E20ABCD59D86368B21
C:\Windows\System32\drivers\kbdhid.sys E88C932ABDF8185A62C8F2FC7B051FB6
C:\Windows\system32\DRIVERS\kdnic.sys FB6C185092E18011EF49989425C2AA87
C:\Windows\System32\Drivers\ksecdd.sys DFA480F6DED551464F3A5B959F437800
C:\Windows\System32\Drivers\ksecpkg.sys 127FB0AAD232BAAD2C9BBACD374F4FC5
C:\Windows\system32\drivers\ksthunk.sys 81492FEEBF2F26455B00EE8DBAE8A1B0
C:\Windows\system32\DRIVERS\L1C63x64.sys CBD16721541EE334F6D623CE0B4003BF
C:\Windows\system32\DRIVERS\lltdio.sys CEEFD29FC551F289810B0B9381B321DC
C:\Windows\System32\drivers\lsi_sas.sys 022CDD12161B063D7852B1075BF3FFF2
C:\Windows\System32\drivers\lsi_sas2.sys 07AD59D669B996F29F91817F0ECFA34F
C:\Windows\System32\drivers\lsi_scsi.sys 216FB796AA4E252ACCE93B1BCB80B5EC
C:\Windows\System32\drivers\lsi_sss.sys 5E80530AF37102488EE980B4A92AF99F
C:\Windows\system32\drivers\luafv.sys 2BDC5D711FA61307CE6190D47C956368
C:\Windows\System32\drivers\megasas.sys 9B0D829C3BE4E7472DB9DD2B79908E3C
C:\Windows\System32\drivers\MegaSR.sys ECC3F54C7AFC318271C4F0B4606D8DB0
C:\Windows\System32\drivers\HECIx64.sys 772A1DEEDFDBC244183B5C805D1B7D85
C:\Windows\System32\drivers\mfeapfk.sys 671A013C9DCDCDC8D73725B88ED30953
C:\Program Files\McAfee\AppStats\MfeASKM.sys 7490FCC76EA46340F2CA851288A924B8
C:\Windows\System32\drivers\mfeavfk.sys 63AC279378C9197B8A03276AB49EC901
C:\Windows\System32\drivers\mfeelamk.sys 9C57EC86D3C7816B34EEEE1115F5DC52
C:\Windows\System32\drivers\mfefirek.sys 4A4BD0739E09ED8BE7FF1F1EACA3903C
C:\Windows\System32\drivers\mfehidk.sys 22A1B5071906D76A87530F3AFA343943
C:\Windows\system32\DRIVERS\mfencbdc.sys FDB02B0C2865DBDE9571D57D3ABC6A6B
C:\Windows\system32\DRIVERS\mfencrk.sys C3EE053D6A0CCD75C07FADC73D7BA4E4
C:\Windows\System32\drivers\mfewfpk.sys B8B1577B6447710B3399D3501ADE6FEC
C:\Windows\System32\drivers\modem.sys 780098AD5DA8A4822E2563984C85EF7B
C:\Windows\System32\drivers\monitor.sys EA8EAD3F5B762F889CC7F3966625B48B
C:\Windows\System32\drivers\mouclass.sys 618446B98C79776654340CE27C73485E
C:\Windows\System32\drivers\mouhid.sys C0ADEBED913295803B579ED288936CBB
C:\Windows\System32\drivers\mountmgr.sys 89D263DBF08119CE16273991C120D6DD
C:\Windows\System32\drivers\mpsdrv.sys 4CCBBD4944777CA100B9A6C2F149A46F
C:\Windows\system32\drivers\mrxdav.sys 3D70147F55F1EC84EB9139ED7FFE48BC
C:\Windows\System32\DRIVERS\mrxsmb.sys 93179D48066918323628CB016D8C94DC
C:\Windows\System32\DRIVERS\mrxsmb10.sys 06D5F2FA3C61E8EA91648EA8E9F99FD3
C:\Windows\System32\DRIVERS\mrxsmb20.sys 5C7DD2E5759FFCCD2C7341C1B90F2B26
C:\Windows\system32\DRIVERS\bridge.sys 98487487D6B3797CA927E9D7B030AE13
C:\Windows\System32\Drivers\Msfs.sys 3886F1F2A4D2900ABAA7E4486BEEE6A2
C:\Windows\System32\drivers\msgpiowin32.sys C32A7A39B960A42BA9D4FBE47213CA03
C:\Windows\System32\drivers\mshidkmdf.sys D3857A767B91A061B408CCAB02DA4F40
C:\Windows\System32\drivers\mshidumdf.sys 839B48910FB1E887635C48F3EC11A05E
C:\Windows\System32\drivers\msisadrv.sys 55C0DB741E3AB7463242B185B1C2997C
C:\Windows\system32\drivers\MSKSSRV.sys 509809566E49F4411055864EA8D437CD
C:\Windows\system32\DRIVERS\mslldp.sys 63145201D6458E4958E572E7D6FC2604
C:\Windows\system32\drivers\MSPCLOCK.sys 99D526E803DB6D7FF290FD98B6204641
C:\Windows\system32\drivers\MSPQM.sys 06FA77C3E2A491ADCD704C5E73006269
C:\Windows\System32\Drivers\MsRPC.sys E134EC4DE11CF78CB01432D180710D84
C:\Windows\System32\drivers\mssmbios.sys B5AECF12F09DEE97C9FCAA5BA016CE1E
C:\Windows\system32\drivers\MSTEE.sys 72D66A05E0F99F2528F6C6204FD22AA1
C:\Windows\System32\drivers\MTConfig.sys 8AAAE399FC255FA105D4158CBA289001
C:\Windows\System32\Drivers\mup.sys 3BCB702F3E6CC622DCAFCAA45D7CDE0A
C:\Windows\System32\drivers\mvumis.sys 3A1E095277BBD406CEA8EA6B76950664
C:\Windows\system32\DRIVERS\nwifi.sys 43D7388A90A4C6EA346A4D6FF0377479
C:\Windows\System32\drivers\ndis.sys A10E176F3B2BF83EDE7B5C4658C93B66
C:\Windows\system32\DRIVERS\ndiscap.sys 39C8A1D9D46F5E83A016BCAB72455284
C:\Windows\system32\DRIVERS\NdisImPlatform.sys 762941932B7E4C588E48A577BA9D6440
C:\Windows\system32\DRIVERS\ndistapi.sys 7A6F8A6D0E01432EBA294EF29CDD0FA7
C:\Windows\system32\DRIVERS\ndisuio.sys 79AB68BB3FFF974AD4F41FA559F4EC67
C:\Windows\system32\DRIVERS\ndiswan.sys 62C7DBF4F9301F76CF87D4B9D8F57BF8
C:\Windows\system32\DRIVERS\ndiswan.sys 62C7DBF4F9301F76CF87D4B9D8F57BF8
C:\Windows\System32\Drivers\NDProxy.sys 3730942D7DB2F8BB5F84542B7FF6F650
C:\Windows\System32\drivers\Ndu.sys D3F60A4345FCA9C1BE68AD7D0D6DE770
C:\Windows\System32\DRIVERS\netbios.sys 7C203A76394F9AE68F69EEE5F9612C4A
C:\Windows\System32\DRIVERS\netbt.sys 7CEC25C682D319D484630B3952C31A11
C:\Windows\System32\drivers\nfrd960.sys 12DD2800E4EEA37DC9AE256AD62423B4
C:\Windows\System32\Drivers\Npfs.sys 17E19A742FB30C002F8B43575451DBE1
C:\Windows\System32\drivers\npsvctrig.sys 8ED299C30792544264E558BEA79F0947
C:\Windows\System32\drivers\nsiproxy.sys 689B3B1E95C70ABF7AFF29F9406EF1E0
C:\Windows\System32\Drivers\Ntfs.sys 76929F4A69E425911A63B407E26C2589
C:\Windows\System32\Drivers\Null.sys 4163ADE07DB51843AE31F65B94F5398D
C:\Windows\System32\drivers\nvraid.sys D6D34118263412D3AAA8348A9572B7F2
C:\Windows\System32\drivers\nvstor.sys 27AFC428D1D32ABD04A86763A4EDDEA9
C:\Windows\System32\drivers\nv_agp.sys 051CFB5107BAAE510419BDC41F8C4036
C:\Windows\System32\drivers\parport.sys 4563DAF8C6A740AD7F501E219BD10766
C:\Windows\System32\drivers\partmgr.sys D6ACCF9F2EEEEA711C14EFD976E573F3
C:\Windows\System32\drivers\pci.sys 4A003E8F718C1E6A2050CA98CD53E3E2
C:\Windows\System32\drivers\pciide.sys F9908D274D458220F91E89B54D78D837
C:\Windows\System32\drivers\pcmcia.sys 84D19CB6102627932DCB5DFDF89FE269
C:\Windows\System32\drivers\pcw.sys CEBBAD5391C2644560C55628A40BFD27
C:\Windows\System32\drivers\pdc.sys 0698DEDEAD6A00AD0D468C687D830FBF
C:\Windows\System32\drivers\peauth.sys 61FE70659CD43E07F94DA4DC31DEC493
C:\Windows\system32\DRIVERS\raspptp.sys 362D47E5B4D67270DE4B8606036F4ADD
C:\Windows\System32\drivers\processr.sys DD979EB6A7212F60E4AFBE96EDC7AE6D
C:\Windows\System32\drivers\aPs2Kb2Hid.sys AF038FA3D3748B7595FE7096AD803696
C:\Windows\system32\DRIVERS\pacer.sys EB8034147D4820CD31BFCB11A2A652DF
C:\Windows\system32\drivers\qwavedrv.sys 13D47BB0CCA2FC51BD15F8E85C6A078E
C:\Windows\System32\DRIVERS\rasacd.sys 873C60F8178100557740A832FCE10B5F
C:\Windows\system32\DRIVERS\AgileVpn.sys 69B93F623B130976243ECA3D84CC99CA
C:\Windows\system32\DRIVERS\rasl2tp.sys A14D625C5AEE5FFE0F47D1A1D419FAAE
C:\Windows\system32\DRIVERS\raspppoe.sys 00695B9C2DB6111064499C529E90C042
C:\Windows\system32\DRIVERS\rassstp.sys A7F24D8CD1956B0A1FDCB86CC5114DE4
C:\Windows\System32\DRIVERS\rdbss.sys CA03D642ACE58E1BA54E4B383F91CD69
C:\Windows\System32\drivers\rdpbus.sys CA7DF5EC95D8DE0DD24BE7FF97369F68
C:\Windows\System32\drivers\rdpdr.sys B2A3AD74FF2E2FFA73AF2567108231B3
C:\Windows\System32\drivers\rdpvideominiport.sys 57F4787E4602A3FCA719C0A33137C6DA
C:\Windows\System32\Drivers\RDPWD.sys B3CB0721E81E30419CE7D837EF4EA151
C:\Windows\System32\drivers\rdyboost.sys 62C1F8A0685FE07E998AA296C4F697C4
C:\Windows\System32\drivers\rfcomm.sys CCBFCABDFE2BC22F0645CEAADDB36004
C:\Windows\system32\DRIVERS\RtsPStor.sys B868B9C46B11067A809987415E8A08A0
C:\Windows\system32\DRIVERS\rspndr.sys E04E770DD198B9399640717145E79EBF
C:\Windows\System32\drivers\vms3cap.sys 752EC7DCD2F96871A3857EEE6AFE965A
C:\Windows\System32\drivers\sbp2port.sys 9C7B28CE0D136DB226E24DB3BC817F92
C:\Windows\System32\DRIVERS\scfilter.sys 5D7733A12756B267FCA021672B26BC9E
C:\Windows\System32\drivers\sdbus.sys F58B030A0664385C707B8C1C63682041
C:\Windows\System32\drivers\sdstor.sys BB107AA9980B0DA4E19A3A90C3BD4460
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\SerCx.sys 87C46B239A7EEF30FDFDD5E9BD46130C
C:\Windows\System32\drivers\serenum.sys 7A1F9347C85FD55E39B8A76B3A25C5AD
C:\Windows\System32\drivers\serial.sys F640A0A218BBF857F1D04A15D7D939F6
C:\Windows\System32\drivers\sermouse.sys F1A5F56B2620B862CC28FF96A0A6DAAB
C:\Windows\System32\drivers\sfloppy.sys 7EE65419B29302C795714FF8073969A1
C:\Windows\System32\drivers\SiSRaid2.sys 2560721D6F16D5B611C36A3A9D28C1B2
C:\Windows\System32\drivers\sisraid4.sys 3AA8FDE1DBF65BB8B88B053529554A0D
C:\Windows\System32\DRIVERS\snapman.sys FBE0201AB61E18934C812C34D31A4403
C:\Windows\System32\drivers\spaceport.sys 9110193D93960E38B8692E4519C75D72
C:\Windows\System32\drivers\SpbCx.sys 3D8679C8DF52EB26EB7583A4E0A29202
C:\Windows\System32\DRIVERS\srv.sys 0F1FCD575A03ABDE13FCA9D0ADE4DDA6
C:\Windows\System32\DRIVERS\srv2.sys 56218A571ECF8D55E0CDFF8DF2546CF1
C:\Windows\System32\DRIVERS\srvnet.sys 14FC338B80CFF7E04215133B568D15C4
C:\Windows\system32\DRIVERS\ssudmdm.sys BB94A5E2CEE5FD83BA5A72A37AECADDF
C:\Windows\System32\drivers\stexstor.sys 4E85355B94CFCB67C135F6521A4895A7
C:\Windows\System32\drivers\storahci.sys B240874B2CA0CD02E8CD11E140B14C57
C:\Windows\System32\DRIVERS\vmstorfl.sys F74DBC95A57B1EE866D3732EB5F79BE2
C:\Windows\System32\drivers\storvsc.sys 543CD3CC0E05B8D8815E0D4F040B6F59
C:\Windows\System32\drivers\swenum.sys 4AFD66AAE74FFB5986BC240744DC5FC9
C:\Windows\System32\drivers\tcpip.sys 37D85E873C9531A2F88DD9C63D3F8A9E
C:\Windows\system32\DRIVERS\tcpip.sys 37D85E873C9531A2F88DD9C63D3F8A9E
C:\Windows\System32\drivers\tcpipreg.sys 8F2A13A5DF99D72FDDE87F502A66F989
C:\Windows\system32\DRIVERS\tdrpman.sys 07330E30921C70E9D9B416EE43A06349
C:\Windows\system32\DRIVERS\tdx.sys 73DC722CE5DF26D7638CE2446F2655C7
C:\Windows\System32\drivers\terminpt.sys F7C8AB5D8AFFAA318D6A21093D139BF4
C:\Windows\System32\DRIVERS\tib.sys DE604462206F7D8C203F767F425FCA8D
C:\Windows\System32\DRIVERS\tib_mounter.sys 3C29FB9FC9B4C511AD69DC50257FEC75
C:\Windows\system32\drivers\tpm.sys E94F7A7B48C7638D1F3F8089344C97B7
C:\Windows\System32\drivers\tsusbflt.sys 4E7C5FB10A50435523DE0CAA37DE2BD3
C:\Windows\System32\drivers\TsUsbGD.sys 16D684A820872EE54F6370703AC0B513
C:\Windows\system32\DRIVERS\tunnel.sys 78C9EE193AC2B4CBDBC48B620314D740
C:\Windows\System32\drivers\uagp35.sys 6D4F67CA56ACA2085DFA2CD89EAFBC1A
C:\Windows\System32\drivers\uaspstor.sys 6FD6D03B7752C78712E5CFF29A305026
C:\Windows\System32\drivers\ucx01000.sys 061BA3EE0D2BE17944990544008CF190
C:\Windows\System32\DRIVERS\udfs.sys 25C50F4EDF70D0A831E0566BD181CCF2
C:\Windows\System32\drivers\uliagpkx.sys 07FEBCDF24FABA0D47B635D85A0FFB7A
C:\Windows\System32\drivers\umbus.sys 02CEB3FE6152668A7BA420B93B664860
C:\Windows\System32\drivers\umpass.sys 991EE6B5FC41EAEF99C8AF5B92F2CA09
C:\Windows\System32\drivers\usbccgp.sys C976C4306F9AE133D6BBD47FDFC3BF92
C:\Windows\System32\drivers\usbcir.sys 427B6DB8C05A5A977E8C3525370A2595
C:\Windows\System32\drivers\usbehci.sys B24FDEB1B18496F1B463782235AA3AF1
C:\Windows\System32\drivers\usbhub.sys F8C2A832DF9403F5EA8080CBDBDA95FB
C:\Windows\System32\drivers\UsbHub3.sys E5F7328B1D29BCE791862CD3C0DD382A
C:\Windows\System32\drivers\usbohci.sys 325F6179009B5A7F6118951A5BA422AB
C:\Windows\System32\drivers\usbprint.sys 9FDBA6982582A6F2354144980F641E7B
C:\Windows\system32\DRIVERS\usbscan.sys AD91D1BBE5D3CF4501887DC1C09384FD
C:\Windows\System32\drivers\USBSTOR.SYS BFC7FE4AAEB61317A921871B4085EF4B
C:\Windows\System32\drivers\usbuhci.sys 1ABF657259DB57F7E5558E4DF1357C0C
C:\Windows\System32\Drivers\usbvideo.sys 9EF7C01D3ACCBC243B5CB1A95865B2FF
C:\Windows\System32\drivers\USBXHCI.SYS 8DC398D7B8E02C929A2096E74A170970
C:\Windows\System32\drivers\vdrvroot.sys BACECBFF9C97F7627A60B0E0F1FE7EE8
C:\Windows\System32\drivers\VerifierExt.sys 74FA2D4368DE6F6CE14393EDF1F342BE
C:\Windows\System32\drivers\vhdmp.sys 500BE6B2E49883720D0AE8BB859ED7A3
C:\Windows\System32\drivers\viaide.sys F5B4A14B00E89250C50982AC762DDD1D
C:\Windows\System32\drivers\vmbus.sys 78DB50F7329F6D1311658DABFFFC8BE0
C:\Windows\System32\drivers\VMBusHID.sys ECFEE2F2BA3932C7880D1A8F67D68F91
C:\Windows\System32\drivers\volmgr.sys CB60FAAED8B49B812EBBF77EB87D9B18
C:\Windows\System32\drivers\volmgrx.sys A74101DA9809251BCD0E5A26BAE0F824
C:\Windows\System32\drivers\volsnap.sys 78A5BBA3819FFFC62FFEC3E2220D102D
C:\Windows\System32\drivers\vpci.sys A8DA1C1B52ECEA3726DEBED4FF1B700D
C:\Windows\System32\drivers\vsmraid.sys 38A60CD9C009C55C6D3B5586F8E6A353
C:\Windows\System32\drivers\vstxraid.sys A0F6FE0FC2F647C22BBFD6BD4249DBCC
C:\Windows\System32\drivers\vwifibus.sys 62460A45435A26A334907E3F2EA45611
C:\Windows\system32\DRIVERS\vwififlt.sys 095E943D27025E4D588AF0A72CC2318F
C:\Windows\system32\DRIVERS\vwifimp.sys 73FA1A41A97A5C34ADC03B3577FF1A86
C:\Windows\System32\drivers\wacompen.sys 6B806E893714019969E2B50D7EF6A4D9
C:\Windows\system32\DRIVERS\wanarp.sys 61F6972FF9AC9A8D0B4D62076DC30051
C:\Windows\system32\DRIVERS\wanarp.sys 61F6972FF9AC9A8D0B4D62076DC30051
C:\Windows\System32\drivers\wd.sys B3A4D918DAB90505B6BC7B70632913CB
C:\Windows\system32\drivers\WdBoot.sys FD47DF026B32969B8A68721A0243E8EE
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\system32\drivers\WdFilter.sys 5F425D842DD6ADE9F95A51A0616AFAD7
C:\Windows\System32\DRIVERS\wfplwfs.sys 44BB9C31E6242C4BD1CE7C2B440C2533
C:\Windows\System32\drivers\wimmount.sys A3C7624A42A3447EF5EDD1ED37FE4E60
C:\Windows\system32\DRIVERS\WinUsb.sys BB20956C424531003F7FA6CD36F11D5D
C:\Windows\System32\drivers\wmiacpi.sys E2A596CACFC6504306CDB7B593B90084
C:\Windows\System32\DRIVERS\wpcfltr.sys C6FF953D5D6F2EAE3B8883474D5076B3
C:\Windows\System32\drivers\WpdUpFltr.sys 0346CAFC181C91C6E2330332EB332ED6
C:\Windows\system32\drivers\ws2ifsl.sys BC8B5CB336E63BB25EAD1CE8EDD34B81
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\drivers\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\system32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\system32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-06 18:02 - 2014-02-06 18:02 - 00000000 ____D () C:\FRST
2014-02-06 08:49 - 2014-02-06 08:49 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-02-05 12:06 - 2014-02-06 08:11 - 00000000 ____D () C:\Users\maiko_000\AppData\Local\CrashDumps
2014-02-05 12:04 - 2014-02-05 12:04 - 00002231 _____ () C:\Users\Public\Desktop\BewerbungsGenie 7.lnk
2014-02-05 12:04 - 2014-02-05 12:04 - 00000000 ____D () C:\Users\user\AppData\Roaming\ProtectDisc
2014-02-05 12:02 - 2014-02-05 12:02 - 00000000 ____D () C:\Program Files (x86)\DATA BECKER
2014-02-05 11:00 - 2014-02-05 11:00 - 00000000 ____D () C:\Users\maiko_000\Documents\Anti-Malware
2014-02-05 10:21 - 2014-02-05 10:21 - 00001095 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-02-05 10:20 - 2014-02-06 08:54 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-02-05 10:20 - 2014-02-05 10:20 - 00000000 ____D () C:\Users\user\Documents\Anti-Malware
2014-02-05 09:27 - 2014-02-05 09:18 - 00000000 _____ () C:\Users\maiko_000\Desktop\mbam-setup-1.75.0.1300.exe
2014-02-05 07:55 - 2014-02-05 07:55 - 00000000 ____D () C:\Windows\pss
2014-02-05 07:52 - 2014-02-05 07:53 - 129598176 _____ () C:\Users\maiko_000\Downloads\avira_free344_antivirus_de.exe
2014-02-02 11:45 - 2014-02-02 11:45 - 00380653 _____ () C:\Users\maiko_000\Downloads\exercise-2014-2-2.gpx
2014-01-31 13:24 - 2014-01-31 13:24 - 00448512 _____ (OldTimer Tools) C:\Users\maiko_000\Downloads\TFC.exe
2014-01-31 13:18 - 2014-01-31 13:20 - 00000000 ____D () C:\AdwCleaner
2014-01-31 13:16 - 2014-01-31 13:16 - 01166132 _____ () C:\Users\maiko_000\Downloads\adwcleaner.exe
2014-01-31 06:30 - 2014-01-31 06:30 - 00821760 _____ (Browser Opt-out) C:\Users\maiko_000\Downloads\uninstall(1).exe
2014-01-31 06:29 - 2014-01-31 06:29 - 00821760 _____ (Browser Opt-out) C:\Users\maiko_000\Downloads\uninstall.exe
2014-01-30 12:36 - 2014-01-30 13:02 - 00113664 _____ () C:\Users\maiko_000\Desktop\Spesen Januar 2014.xls
2014-01-30 12:31 - 2014-01-30 12:31 - 00565248 _____ () C:\Users\maiko_000\Downloads\reisekosten-inland-2014.xls
2014-01-30 12:25 - 2014-02-06 08:53 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-30 12:25 - 2014-02-05 07:35 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-30 12:25 - 2014-01-30 12:30 - 00004100 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-30 12:25 - 2014-01-30 12:30 - 00003864 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-30 12:25 - 2014-01-30 12:25 - 00003086 _____ () C:\Windows\System32\Tasks\Fifth
2014-01-30 12:25 - 2014-01-30 12:25 - 00003078 _____ () C:\Windows\System32\Tasks\OMESupervisor
2014-01-30 12:25 - 2014-01-30 12:25 - 00000000 ____D () C:\Users\user\AppData\Roaming\Mozilla
2014-01-30 12:25 - 2014-01-30 12:25 - 00000000 ____D () C:\Users\user\AppData\Roaming\Fifth
2014-01-30 12:25 - 2014-01-30 12:25 - 00000000 ____D () C:\Users\user\AppData\Local\Mozilla
2014-01-30 12:25 - 2014-01-30 12:25 - 00000000 ____D () C:\Users\user\AppData\Local\Google
2014-01-30 12:25 - 2014-01-30 12:25 - 00000000 ____D () C:\Users\user\AppData\Local\ext_offermosquito
2014-01-30 12:25 - 2014-01-30 12:25 - 00000000 ____D () C:\Program Files (x86)\Google
2014-01-30 12:24 - 2014-01-31 13:19 - 00000000 ____D () C:\Users\user\AppData\Roaming\Common
2014-01-30 12:24 - 2014-01-30 12:24 - 00000759 _____ () C:\Users\user\Desktop\Reisekosten 2014 TEST.lnk
2014-01-30 12:24 - 2014-01-30 12:24 - 00000759 _____ () C:\Users\maiko_000\Desktop\Reisekosten 2014 TEST.lnk
2014-01-30 12:24 - 2014-01-30 12:24 - 00000000 ____D () C:\Reisekosten
2014-01-30 12:23 - 2014-01-30 12:23 - 02096296 _____ () C:\Users\user\Desktop\spesen.exe
2014-01-30 12:22 - 2014-01-30 12:22 - 00000000 ____D () C:\Users\user\AppData\Roaming\Macromedia
2014-01-30 12:21 - 2014-01-30 12:22 - 00401760 _____ (Softonic ) C:\Users\maiko_000\Downloads\SoftonicDownloader_fuer_sd-reisekosten.exe
2014-01-26 06:06 - 2014-01-26 06:06 - 13079688 _____ (Microsoft Corporation) C:\Users\maiko_000\Downloads\Silverlight_x64.exe
2014-01-26 06:06 - 2014-01-26 06:06 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-01-26 06:06 - 2014-01-26 06:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-01-26 03:39 - 2014-01-26 03:39 - 00000000 ____D () C:\Users\user\AppData\Roaming\8floor
2014-01-26 03:28 - 2014-01-26 03:30 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-01-26 00:49 - 2014-01-26 00:49 - 00000000 ____D () C:\Users\user\AppData\Roaming\Acronis
2014-01-26 00:47 - 2014-01-26 00:47 - 01464096 _____ (Acronis International GmbH) C:\Windows\System32\Drivers\tdrpman.sys
2014-01-26 00:47 - 2014-01-26 00:47 - 01120032 _____ (Acronis International GmbH) C:\Windows\System32\Drivers\tib.sys
2014-01-26 00:47 - 2014-01-26 00:47 - 00367200 _____ (Acronis) C:\Windows\System32\Drivers\afcdp.sys
2014-01-26 00:47 - 2014-01-26 00:47 - 00198432 _____ (Acronis International GmbH) C:\Windows\System32\Drivers\tib_mounter.sys
2014-01-26 00:47 - 2014-01-26 00:47 - 00000000 ____D () C:\ProgramData\Acronis
2014-01-26 00:46 - 2014-01-26 00:46 - 00269600 _____ (Acronis International GmbH) C:\Windows\System32\Drivers\snapman.sys
2014-01-26 00:46 - 2014-01-26 00:46 - 00116000 _____ (Acronis International GmbH) C:\Windows\System32\Drivers\fltsrv.sys
2014-01-26 00:46 - 2014-01-26 00:46 - 00001205 _____ () C:\Users\Public\Desktop\Acronis True Image 2014.lnk
2014-01-26 00:46 - 2014-01-26 00:46 - 00000000 ____D () C:\Program Files (x86)\Acronis
2014-01-25 13:48 - 2014-01-25 13:48 - 00522143 _____ () C:\Users\maiko_000\Downloads\exercise-2013-12-15.gpx
2014-01-25 13:42 - 2014-01-25 13:42 - 00475008 _____ () C:\Users\maiko_000\Downloads\exercise-2014-1-19.gpx
2014-01-25 13:39 - 2014-01-25 13:39 - 00467685 _____ () C:\Users\maiko_000\Downloads\Sorpe-2014-1-17.gpx
2014-01-25 13:34 - 2014-01-25 13:34 - 00437466 _____ () C:\Users\maiko_000\Downloads\exercise-2014-1-14.gpx
2014-01-25 13:30 - 2014-01-25 13:30 - 00499004 _____ () C:\Users\maiko_000\Downloads\exercise-2014-1-3.gpx
2014-01-25 13:19 - 2014-01-25 13:19 - 00338623 _____ () C:\Users\maiko_000\Downloads\exercise-2014-1-22.gpx
2014-01-25 13:15 - 2014-01-25 13:15 - 00622051 _____ () C:\Users\maiko_000\Downloads\exercise-2014-1-25(1).gpx
2014-01-25 13:14 - 2014-01-25 13:15 - 00622051 _____ () C:\Users\maiko_000\Downloads\exercise-2014-1-25.gpx
2014-01-25 12:32 - 2014-01-25 12:33 - 43340104 _____ (Polar Electro Oy ) C:\Users\maiko_000\Downloads\websync_2.8.1(4).exe
2014-01-24 10:29 - 2014-01-24 10:31 - 00000000 ____D () C:\Users\maiko_000\Desktop\ebay-bücher
2014-01-23 11:46 - 2013-09-23 04:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\System32\Drivers\HipShieldK.sys
2014-01-23 00:08 - 2014-01-23 00:08 - 02239256 _____ () C:\Users\user\AppData\Local\omesuperv.exe
2014-01-21 11:30 - 2014-01-21 11:30 - 00062888 _____ () C:\Users\maiko_000\Desktop\Unbenannt 1.odt
2014-01-20 12:01 - 2014-01-20 12:04 - 00000000 ____D () C:\Users\maiko_000\Documents\Fax
2014-01-19 12:51 - 2014-01-19 12:51 - 00000771 _____ () C:\Users\maiko_000\Downloads\confirmation.de.ics
2014-01-18 15:21 - 2014-01-18 15:21 - 00191563 _____ () C:\Users\maiko_000\Desktop\Oschmann, Maik - Einkommensteuererklärung 2013.s14
2014-01-18 15:21 - 2014-01-18 15:21 - 00000000 ____D () C:\Users\maiko_000\Documents\Steuer-Sparbuch
2014-01-18 09:55 - 2014-01-18 14:45 - 00000000 ____D () C:\Users\maiko_000\.gimp-2.8
2014-01-18 09:55 - 2014-01-18 09:55 - 00000000 ____D () C:\Users\maiko_000\AppData\Local\gegl-0.2
2014-01-17 11:35 - 2014-01-17 11:35 - 43340104 _____ (Polar Electro Oy ) C:\Users\maiko_000\Downloads\websync_2.8.1(3).exe
2014-01-15 12:32 - 2014-01-15 12:34 - 00000000 ____D () C:\Program Files\GIMP 2
2014-01-15 12:30 - 2014-01-15 12:31 - 90396104 _____ (The GIMP Team ) C:\Users\maiko_000\Downloads\gimp-2.8.10-setup.exe
2014-01-15 10:05 - 2013-12-06 22:37 - 00688640 _____ (Microsoft Corporation) C:\Windows\System32\WSShared.dll
2014-01-15 10:05 - 2013-12-06 22:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 10:05 - 2013-12-06 21:15 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-01-15 10:05 - 2013-12-06 21:15 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-14 11:18 - 2014-01-14 11:22 - 00000000 ____D () C:\Users\maiko_000\Desktop\ebay - pc
2014-01-14 10:16 - 2013-10-30 21:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\System32\MPSSVC.dll
2014-01-14 10:16 - 2013-10-30 21:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\System32\FirewallAPI.dll
2014-01-14 10:16 - 2013-10-30 20:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2014-01-14 10:16 - 2013-10-30 19:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mpsdrv.sys
2014-01-14 10:16 - 2013-10-27 21:50 - 00588288 _____ (Microsoft Corporation) C:\Windows\System32\SHCore.dll
2014-01-14 10:16 - 2013-10-27 20:05 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-01-14 10:16 - 2013-10-13 12:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\disk.sys
2014-01-14 10:16 - 2013-08-26 21:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\System32\WebClnt.dll
2014-01-14 10:16 - 2013-08-26 21:19 - 00104448 _____ (Microsoft Corporation) C:\Windows\System32\davclnt.dll
2014-01-14 10:16 - 2013-08-26 14:29 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-01-14 10:16 - 2013-08-26 14:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-01-14 10:11 - 2014-01-14 10:11 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-01-13 12:29 - 2014-01-18 13:52 - 00000000 ____D () C:\Users\maiko_000\AppData\Local\Buhl
2014-01-13 12:29 - 2014-01-13 12:29 - 00000080 _____ () C:\Windows\wiso.ini
2014-01-13 12:29 - 2014-01-13 12:29 - 00000000 ____D () C:\Users\user\AppData\Local\Buhl
2014-01-13 12:28 - 2014-01-13 12:28 - 00002099 _____ () C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2014.lnk
2014-01-13 12:27 - 2014-01-13 12:27 - 00000000 ____D () C:\Program Files (x86)\WISO
2014-01-13 12:26 - 2014-01-13 12:29 - 00000000 ____D () C:\ProgramData\Buhl Data Service GmbH
2014-01-12 10:17 - 2014-01-25 12:34 - 00002055 _____ () C:\Users\Public\Desktop\Polar WebSync.lnk
2014-01-12 10:14 - 2014-01-12 10:15 - 43340104 _____ (Polar Electro Oy ) C:\Users\maiko_000\Downloads\websync_2.8.1(2).exe
2014-01-12 10:14 - 2014-01-12 10:15 - 11642681 _____ (Polar Electro Oy ) C:\Users\maiko_000\Downloads\daemon_win32_2.2.2_distribution.exe
2014-01-12 05:16 - 2014-01-12 05:17 - 00307760 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-01-12 05:09 - 2014-01-12 05:09 - 00000000 ____D () C:\Users\maiko_000\Polar WebSync
2014-01-12 04:44 - 2014-01-12 04:44 - 03571656 _____ (Piriform Ltd) C:\Users\maiko_000\Downloads\ccsetup409_slim.exe
2014-01-12 04:37 - 2014-01-12 04:37 - 00000000 ____D () C:\Users\user\Polar WebSync
2014-01-12 04:35 - 2014-01-12 04:35 - 43340104 _____ (Polar Electro Oy ) C:\Users\maiko_000\Downloads\websync_2.8.1(1).exe
2014-01-12 04:12 - 2014-01-12 10:17 - 00000000 ____D () C:\Program Files (x86)\Polar
2014-01-12 04:10 - 2014-01-12 04:11 - 43340104 _____ (Polar Electro Oy ) C:\Users\maiko_000\Downloads\websync_2.8.1.exe
2014-01-12 02:17 - 2014-01-12 02:17 - 00000000 ____D () C:\Users\maiko_000\AppData\Roaming\OpenOffice
2014-01-12 01:42 - 2014-01-12 01:42 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-01-12 01:41 - 2014-01-12 01:41 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-01-12 01:38 - 2014-01-12 01:38 - 00000000 ____D () C:\Users\user\Desktop\OpenOffice 4.0.1 (de) Installation Files
2014-01-12 01:36 - 2014-01-12 01:37 - 163606685 _____ () C:\Users\maiko_000\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-01-11 14:58 - 2014-01-21 21:06 - 00000000 ____D () C:\Users\maiko_000\AppData\Roaming\vlc
2014-01-11 14:57 - 2014-01-11 14:57 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-01-11 14:57 - 2014-01-11 14:57 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-01-11 14:55 - 2014-01-11 14:56 - 24097311 _____ () C:\Users\maiko_000\Downloads\vlc-2.1.2-win32.exe
2014-01-11 14:03 - 2014-02-02 10:59 - 00000000 ____D () C:\Users\maiko_000\AppData\Roaming\UseNeXT
2014-01-11 14:03 - 2014-02-02 10:46 - 00000000 ____D () C:\Users\maiko_000\Documents\UseNeXT
2014-01-11 14:03 - 2014-01-11 14:03 - 00001861 _____ () C:\Users\user\Desktop\UseNeXT by Tangysoft.lnk
2014-01-11 14:03 - 2014-01-11 14:03 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-01-11 13:59 - 2014-01-11 14:00 - 05343592 _____ (Tangysoft Ltd. ) C:\Users\maiko_000\Downloads\UseNeXTSetup_5.62.exe
2014-01-11 13:30 - 2013-10-08 17:33 - 00059416 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2014-01-11 13:30 - 2013-10-08 14:30 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-01-11 13:30 - 2013-10-08 14:30 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-01-11 13:30 - 2013-10-08 14:30 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-01-11 13:30 - 2013-10-08 14:30 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-01-11 13:30 - 2013-10-08 14:28 - 00040448 _____ (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2014-01-11 13:30 - 2013-10-08 14:27 - 03279872 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2014-01-11 13:30 - 2013-10-08 14:27 - 01622016 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2014-01-11 13:30 - 2013-10-08 14:27 - 00773120 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2014-01-11 13:30 - 2013-10-08 14:27 - 00252928 _____ (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll
2014-01-11 13:30 - 2013-10-08 14:27 - 00175104 _____ (Microsoft Corporation) C:\Windows\System32\storewuauth.dll
2014-01-11 13:30 - 2013-10-08 14:27 - 00142848 _____ (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2014-01-11 13:30 - 2013-10-08 14:27 - 00099328 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2014-01-11 13:30 - 2013-10-04 22:10 - 00285016 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys
2014-01-11 13:30 - 2013-10-03 14:09 - 00385528 _____ () C:\Windows\System32\ApnDatabase.xml
2014-01-11 13:30 - 2013-10-01 18:50 - 00447320 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS
2014-01-11 13:30 - 2013-09-27 21:48 - 00778752 _____ (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2014-01-11 13:30 - 2013-09-27 19:58 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-01-11 13:30 - 2013-09-18 23:32 - 01455448 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2014-01-11 13:30 - 2013-08-29 21:19 - 00626688 _____ (Microsoft Corporation) C:\Windows\System32\resutils.dll
2014-01-11 13:30 - 2013-08-29 21:18 - 00374784 _____ (Microsoft Corporation) C:\Windows\System32\clusapi.dll
2014-01-11 13:30 - 2013-08-29 15:48 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2014-01-11 13:30 - 2013-08-29 15:47 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-01-11 13:30 - 2013-06-16 14:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2014-01-11 13:30 - 2013-06-01 03:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-01-11 13:30 - 2013-06-01 03:26 - 06987008 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2014-01-11 13:30 - 2013-06-01 03:26 - 00327936 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\volsnap.sys
2014-01-11 13:30 - 2013-06-01 02:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-01-11 13:30 - 2013-06-01 01:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-01-11 13:30 - 2013-06-01 01:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2014-01-11 13:30 - 2013-06-01 01:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-01-11 13:30 - 2013-06-01 01:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2014-01-11 13:30 - 2013-06-01 01:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2014-01-11 13:30 - 2013-06-01 01:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2014-01-11 13:30 - 2013-06-01 01:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\System32\vds.exe
2014-01-11 13:30 - 2013-06-01 01:22 - 00523264 _____ (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2014-01-11 13:30 - 2013-06-01 01:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\System32\vdsutil.dll
2014-01-11 13:30 - 2013-06-01 01:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\System32\MbaeParserTask.exe
2014-01-11 13:30 - 2013-06-01 01:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\System32\samsrv.dll
2014-01-11 13:30 - 2013-06-01 01:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\System32\samlib.dll
2014-01-11 13:30 - 2013-06-01 01:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\System32\dwmcore.dll
2014-01-11 13:30 - 2013-06-01 01:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\System32\mfcore.dll
2014-01-11 13:30 - 2013-06-01 01:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\System32\mfasfsrcsnk.dll
2014-01-11 13:30 - 2013-06-01 01:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\System32\mscms.dll
2014-01-11 13:30 - 2013-06-01 01:19 - 00785408 _____ (Microsoft Corporation) C:\Windows\System32\audiosrv.dll
2014-01-11 13:30 - 2013-06-01 01:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\System32\DeviceSetupManager.dll
2014-01-11 13:30 - 2013-05-31 19:08 - 00037632 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\BthAvrcpTg.sys
2014-01-11 13:30 - 2013-05-24 14:09 - 01403296 _____ (Microsoft Corporation) C:\Windows\System32\winload.efi
2014-01-11 13:30 - 2013-05-24 14:09 - 01271584 _____ (Microsoft Corporation) C:\Windows\System32\winload.exe
2014-01-11 13:30 - 2013-05-24 14:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\System32\winresume.efi
2014-01-11 13:30 - 2013-05-24 14:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\System32\winresume.exe
2014-01-11 13:24 - 2013-09-13 14:36 - 00247296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2014-01-11 13:24 - 2013-09-13 14:33 - 00328192 _____ (Microsoft Corporation) C:\Windows\System32\ubpm.dll
2014-01-11 13:24 - 2013-08-29 21:43 - 00061784 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\crashdmp.sys
2014-01-11 13:24 - 2013-08-29 21:20 - 01173504 _____ (Microsoft Corporation) C:\Windows\System32\UIAutomationCore.dll
2014-01-11 13:24 - 2013-08-29 15:48 - 00914432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2014-01-11 13:24 - 2013-08-20 22:39 - 00465240 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2014-01-11 13:24 - 2013-08-09 22:30 - 00151896 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tpm.sys
2014-01-11 13:24 - 2013-08-09 21:21 - 00817152 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2014-01-11 13:24 - 2013-08-09 19:58 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-01-11 13:24 - 2013-07-24 15:10 - 10799104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-01-11 13:24 - 2013-07-24 15:07 - 13661696 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
2014-01-11 13:24 - 2013-07-11 17:38 - 00599040 _____ (Microsoft Corporation) C:\Windows\System32\WSDApi.dll
2014-01-11 13:24 - 2013-07-11 17:30 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2014-01-11 13:22 - 2013-07-09 00:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\msgpioclx.sys
2014-01-11 13:22 - 2013-07-08 22:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\System32\WerFault.exe
2014-01-11 13:22 - 2013-07-08 20:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2014-01-11 13:22 - 2013-07-08 19:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2014-01-11 13:22 - 2013-07-08 14:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\System32\wwanmm.dll
2014-01-11 13:22 - 2013-07-08 14:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\System32\wwanconn.dll
2014-01-11 13:22 - 2013-07-08 14:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\System32\Wwanadvui.dll
2014-01-11 13:22 - 2013-07-08 14:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\System32\LocationApi.dll
2014-01-11 13:22 - 2013-07-05 16:16 - 01025024 _____ (Microsoft Corporation) C:\Windows\System32\localspl.dll
2014-01-11 13:22 - 2013-07-02 16:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll
2014-01-11 13:22 - 2013-07-02 16:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\System32\msftedit.dll
2014-01-11 13:22 - 2013-07-02 16:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2014-01-11 13:22 - 2013-07-02 16:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2014-01-11 13:22 - 2013-06-30 14:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe
2014-01-11 13:22 - 2013-06-30 14:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\System32\openfiles.exe
2014-01-11 13:22 - 2013-06-28 22:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sdbus.sys
2014-01-11 13:22 - 2013-06-28 22:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dumpsd.sys
2014-01-11 13:22 - 2013-06-28 21:43 - 00327512 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\Classpnp.sys
2014-01-11 13:22 - 2013-06-25 19:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\udfs.sys
2014-01-11 13:22 - 2013-06-25 18:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\HdAudio.sys
2014-01-11 13:22 - 2013-06-24 14:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2014-01-11 13:22 - 2013-06-24 14:54 - 00263680 _____ (Microsoft Corporation) C:\Windows\System32\wcmsvc.dll
2014-01-11 13:22 - 2013-06-24 14:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\System32\wcmcsp.dll
2014-01-11 13:22 - 2013-06-18 21:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\System32\winmmbase.dll
2014-01-11 13:22 - 2013-06-18 21:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\System32\winmm.dll
2014-01-11 13:22 - 2013-06-18 14:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2014-01-11 13:22 - 2013-06-18 14:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2014-01-11 13:22 - 2013-06-11 15:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2014-01-11 13:22 - 2013-06-11 15:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\System32\WinSCard.dll
2014-01-11 13:22 - 2013-06-06 00:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS
2014-01-11 13:21 - 2013-08-02 22:40 - 01374208 _____ (Microsoft Corporation) C:\Windows\System32\wdc.dll
2014-01-11 13:21 - 2013-08-02 22:40 - 00566784 _____ (Microsoft Corporation) C:\Windows\System32\wvc.dll
2014-01-11 13:21 - 2013-08-02 22:40 - 00462336 _____ (Microsoft Corporation) C:\Windows\System32\sysmon.ocx
2014-01-11 13:21 - 2013-08-02 21:14 - 00399360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2014-01-11 13:21 - 2013-08-02 21:13 - 01245696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2014-01-11 13:21 - 2013-08-02 21:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2014-01-11 13:20 - 2013-08-09 21:21 - 00448512 _____ (Microsoft Corporation) C:\Windows\System32\SettingSync.dll
2014-01-11 13:20 - 2013-08-09 21:21 - 00128512 _____ (Microsoft Corporation) C:\Windows\System32\SettingSyncInfo.dll
2014-01-11 13:20 - 2013-08-09 19:58 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2014-01-11 13:20 - 2013-08-01 22:28 - 19758080 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2014-01-11 13:20 - 2013-08-01 22:28 - 00222208 _____ (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2014-01-11 13:20 - 2013-08-01 21:08 - 17561088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-01-11 13:20 - 2013-08-01 21:08 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-01-11 13:20 - 2013-08-01 02:41 - 02233688 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2014-01-11 13:20 - 2013-07-24 15:10 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2014-01-11 13:20 - 2013-07-24 15:06 - 00225280 _____ (Microsoft Corporation) C:\Windows\System32\mbsmsapi.dll
2014-01-11 13:20 - 2013-04-09 15:17 - 01125888 _____ (Microsoft Corporation) C:\Windows\System32\msctf.dll
2014-01-11 13:20 - 2013-04-09 14:29 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2014-01-11 13:11 - 2013-07-01 16:44 - 00036288 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WdBoot.sys
2014-01-11 13:11 - 2013-07-01 14:08 - 00247216 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WdFilter.sys
2014-01-11 13:10 - 2013-11-22 22:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2014-01-11 13:10 - 2013-11-22 21:05 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-01-11 13:10 - 2013-08-22 23:22 - 02062848 _____ (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2014-01-11 13:10 - 2013-08-22 17:44 - 01711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-01-11 13:10 - 2013-08-01 22:28 - 10116608 _____ (Microsoft Corporation) C:\Windows\System32\twinui.dll
2014-01-11 13:10 - 2013-08-01 21:08 - 08858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-01-11 13:10 - 2013-04-02 15:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-01-11 13:10 - 2013-04-02 15:12 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2014-01-11 13:10 - 2013-03-21 19:49 - 02382336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2014-01-11 13:10 - 2013-03-21 14:47 - 02851840 _____ (Microsoft Corporation) C:\Windows\System32\esent.dll
2014-01-11 13:10 - 2013-03-02 00:23 - 00375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2014-01-11 13:10 - 2013-03-01 18:44 - 01011200 _____ (Microsoft Corporation) C:\Windows\System32\reseteng.dll
2014-01-11 13:10 - 2012-10-23 19:25 - 00026624 _____ (Microsoft Corporation) C:\Windows\System32\ReAgentc.exe
2014-01-11 13:10 - 2012-10-23 18:48 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2014-01-11 13:09 - 2013-10-31 21:38 - 00312320 _____ (Microsoft Corporation) C:\Windows\System32\msieftp.dll
2014-01-11 13:09 - 2013-10-31 19:49 - 00273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-01-11 13:09 - 2013-10-01 15:37 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-01-11 13:09 - 2013-10-01 15:26 - 02304512 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll
2014-01-11 13:00 - 2014-01-09 00:02 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-11 13:00 - 2014-01-09 00:02 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-11 12:55 - 2014-01-11 13:08 - 00000000 ___RD () C:\Windows\BrowserChoice
2014-01-10 00:27 - 2014-01-20 11:24 - 00000000 ____D () C:\Users\maiko_000\AppData\Local\clear.fi
2014-01-10 00:27 - 2014-01-10 00:27 - 00000000 ____D () C:\Users\maiko_000\Documents\clear.fi
2014-01-10 00:27 - 2014-01-10 00:27 - 00000000 ____D () C:\Users\maiko_000\AppData\Local\MusicPlayer
2014-01-09 08:02 - 2014-01-15 12:29 - 00000000 ____D () C:\Windows\System32\MRT
2014-01-09 08:02 - 2014-01-15 12:28 - 86054176 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-01-09 00:58 - 2013-11-19 02:21 - 00267936 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2014-01-08 15:13 - 2014-01-08 15:13 - 00000000 ____D () C:\Users\maiko_000\AppData\Local\Macromedia
2014-01-08 15:12 - 2014-01-08 15:13 - 00000000 ____D () C:\Users\user\AppData\Local\Adobe
2014-01-07 19:48 - 2014-01-26 11:21 - 00000000 ____D () C:\Users\maiko_000\Desktop\Iomega Platte
2014-01-07 19:48 - 2014-01-07 19:48 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-01-07 19:26 - 2014-01-07 19:26 - 00000000 ____D () C:\Users\maiko_000\AppData\Roaming\Mozilla
2014-01-07 19:26 - 2014-01-07 19:26 - 00000000 ____D () C:\Users\maiko_000\AppData\Local\Mozilla
2014-01-07 19:25 - 2014-01-07 19:25 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-07 19:25 - 2014-01-07 19:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-01-07 19:24 - 2014-01-07 19:24 - 00000000 ____D () C:\Users\maiko_000\AppData\Roaming\Macromedia
2014-01-07 19:00 - 2014-01-09 14:48 - 00000000 ____D () C:\Users\maiko_000\Desktop\Werdohler SV 08.09.13(PC)29.12.13
2014-01-07 18:56 - 2013-03-02 02:57 - 00332520 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2014-01-07 18:56 - 2013-03-02 02:39 - 00495336 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\vhdmp.sys
2014-01-07 18:56 - 2013-03-02 00:23 - 01338880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-01-07 18:56 - 2013-03-02 00:23 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-01-07 18:56 - 2013-03-02 00:23 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2014-01-07 18:56 - 2013-03-02 00:23 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2014-01-07 18:56 - 2013-03-02 00:22 - 05091840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-01-07 18:56 - 2013-03-02 00:22 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2014-01-07 18:56 - 2013-03-02 00:21 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
2014-01-07 18:56 - 2013-03-01 18:45 - 01627648 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2014-01-07 18:56 - 2013-03-01 18:45 - 01149952 _____ (Microsoft Corporation) C:\Windows\System32\winmde.dll
2014-01-07 18:56 - 2013-03-01 18:45 - 01101824 _____ (Microsoft Corporation) C:\Windows\System32\wmpmde.dll
2014-01-07 18:56 - 2013-03-01 18:45 - 00951808 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Globalization.dll
2014-01-07 18:56 - 2013-03-01 18:45 - 00645120 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Security.Authentication.OnlineId.dll
2014-01-07 18:56 - 2013-03-01 18:45 - 00245248 _____ (Microsoft Corporation) C:\Windows\System32\usbmon.dll
2014-01-07 18:56 - 2013-03-01 18:45 - 00180224 _____ (Microsoft Corporation) C:\Windows\System32\SystemEventsBrokerServer.dll
2014-01-07 18:56 - 2013-03-01 18:45 - 00171008 _____ (Microsoft Corporation) C:\Windows\System32\TimeBrokerServer.dll
2014-01-07 18:56 - 2013-03-01 18:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\System32\wpdbusenum.dll
2014-01-07 18:56 - 2013-03-01 18:44 - 05978624 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2014-01-07 18:56 - 2013-03-01 18:44 - 00703488 _____ (Microsoft Corporation) C:\Windows\System32\drvstore.dll
2014-01-07 18:56 - 2013-03-01 18:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\System32\netcfgx.dll
2014-01-07 18:56 - 2013-02-28 20:55 - 01175040 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys
2014-01-07 18:55 - 2013-03-02 02:57 - 00077544 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\storahci.sys
2014-01-07 18:55 - 2013-03-02 00:23 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncInfo.dll
2014-01-07 18:55 - 2013-03-02 00:21 - 00145408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2014-01-07 18:55 - 2013-03-02 00:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevDispItemProvider.dll
2014-01-07 18:55 - 2013-03-01 18:45 - 00240640 _____ (Microsoft Corporation) C:\Windows\System32\fsquirt.exe
2014-01-07 18:55 - 2013-03-01 18:45 - 00071168 _____ (Microsoft Corporation) C:\Windows\System32\WSDPrintProxy.DLL
2014-01-07 18:55 - 2013-03-01 18:44 - 00150016 _____ (Microsoft Corporation) C:\Windows\System32\discan.dll
2014-01-07 18:55 - 2013-03-01 18:44 - 00117248 _____ (Microsoft Corporation) C:\Windows\System32\NdisImPlatform.dll
2014-01-07 18:55 - 2013-03-01 18:44 - 00049152 _____ (Microsoft Corporation) C:\Windows\System32\DevDispItemProvider.dll
2014-01-07 18:55 - 2013-03-01 18:43 - 00156160 _____ (Microsoft Corporation) C:\Windows\System32\powercfg.cpl
2014-01-07 18:55 - 2013-03-01 18:15 - 00026112 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mouhid.sys
2014-01-07 18:55 - 2013-02-28 20:56 - 00156672 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rfcomm.sys
2014-01-07 18:55 - 2013-02-28 20:56 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\monitor.sys
2014-01-07 18:38 - 2013-05-30 15:24 - 01257472 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2014-01-07 18:38 - 2013-05-30 15:08 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-01-07 18:38 - 2013-05-14 18:25 - 00888320 _____ (Microsoft Corporation) C:\Windows\System32\autochk.exe
2014-01-07 18:38 - 2013-05-14 18:25 - 00542208 _____ (Microsoft Corporation) C:\Windows\System32\untfs.dll
2014-01-07 18:38 - 2013-05-14 18:24 - 00793088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2014-01-07 18:38 - 2013-05-14 18:24 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2014-01-07 18:38 - 2013-05-03 23:58 - 00120736 _____ (Microsoft Corporation) C:\Windows\System32\AuthHost.exe
2014-01-07 18:38 - 2013-05-03 22:59 - 01483776 _____ (Microsoft Corporation) C:\Windows\System32\VSSVC.exe
2014-01-07 18:38 - 2013-05-03 22:59 - 00812544 _____ (Microsoft Corporation) C:\Windows\System32\Magnify.exe
2014-01-07 18:38 - 2013-05-03 22:58 - 01332736 _____ (Microsoft Corporation) C:\Windows\System32\sysmain.dll
2014-01-07 18:38 - 2013-05-03 22:58 - 00470528 _____ (Microsoft Corporation) C:\Windows\System32\netprofmsvc.dll
2014-01-07 18:38 - 2013-05-03 22:58 - 00330240 _____ (Microsoft Corporation) C:\Windows\System32\stobject.dll
2014-01-07 18:38 - 2013-05-03 22:58 - 00169984 _____ (Microsoft Corporation) C:\Windows\System32\netplwiz.dll
2014-01-07 18:38 - 2013-05-03 22:58 - 00151552 _____ (Microsoft Corporation) C:\Windows\System32\netprofm.dll
2014-01-07 18:38 - 2013-05-03 22:58 - 00093696 _____ (Microsoft Corporation) C:\Windows\System32\psmsrv.dll
2014-01-07 18:38 - 2013-05-03 22:57 - 01131520 _____ (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll
2014-01-07 18:38 - 2013-05-03 22:57 - 00708096 _____ (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.dll
2014-01-07 18:38 - 2013-05-03 22:57 - 00560640 _____ (Microsoft Corporation) C:\Windows\System32\mfmp4srcsnk.dll
2014-01-07 18:38 - 2013-05-03 22:57 - 00501760 _____ (Microsoft Corporation) C:\Windows\System32\DevicePairing.dll
2014-01-07 18:38 - 2013-05-03 22:57 - 00389120 _____ (Microsoft Corporation) C:\Windows\System32\BCP47Langs.dll
2014-01-07 18:38 - 2013-05-03 22:57 - 00179712 _____ (Microsoft Corporation) C:\Windows\System32\bisrv.dll
2014-01-07 18:38 - 2013-05-03 22:57 - 00122368 _____ (Microsoft Corporation) C:\Windows\System32\biwinrt.dll
2014-01-07 18:38 - 2013-05-03 22:57 - 00017408 _____ (Microsoft Corporation) C:\Windows\System32\muifontsetup.dll
2014-01-07 18:38 - 2013-05-03 22:56 - 00419840 _____ (Microsoft Corporation) C:\Windows\System32\intl.cpl
2014-01-07 18:38 - 2013-05-03 20:58 - 00758784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2014-01-07 18:38 - 2013-05-03 20:57 - 00303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2014-01-07 18:38 - 2013-05-03 20:57 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2014-01-07 18:38 - 2013-05-03 20:57 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2014-01-07 18:38 - 2013-05-03 20:57 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2014-01-07 18:38 - 2013-05-03 20:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2014-01-07 18:38 - 2013-05-03 20:56 - 00449536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2014-01-07 18:38 - 2013-05-03 20:56 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-01-07 18:38 - 2013-05-03 20:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2014-01-07 18:38 - 2013-05-03 20:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll
2014-01-07 18:38 - 2013-05-03 20:55 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2014-01-07 18:38 - 2013-05-03 20:51 - 00014848 _____ (Microsoft) C:\Windows\System32\rars.rs
2014-01-07 18:38 - 2013-05-03 20:47 - 00427520 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys
2014-01-07 18:38 - 2013-05-03 20:10 - 00014848 _____ (Microsoft) C:\Windows\SysWOW64\rars.rs
2014-01-07 18:38 - 2013-04-08 21:33 - 00489576 _____ (Microsoft Corporation) C:\Windows\System32\AudioEng.dll
2014-01-07 18:38 - 2013-04-08 21:33 - 00446792 _____ (Microsoft Corporation) C:\Windows\System32\AudioSes.dll
2014-01-07 18:38 - 2013-04-08 21:33 - 00253544 _____ (Microsoft Corporation) C:\Windows\System32\audiodg.exe
2014-01-07 18:38 - 2013-04-08 21:20 - 00306952 _____ (Microsoft Corporation) C:\Windows\System32\kd_02_10ec.dll
2014-01-07 18:38 - 2013-04-08 21:20 - 00086280 _____ (Microsoft Corporation) C:\Windows\System32\kdnet.dll
2014-01-07 18:38 - 2013-04-08 21:18 - 00077960 _____ (Microsoft Corporation) C:\Windows\System32\kdvm.dll
2014-01-07 18:38 - 2013-04-08 21:17 - 01829408 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2014-01-07 18:38 - 2013-04-08 20:52 - 00816128 _____ (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2014-01-07 18:38 - 2013-04-08 20:52 - 00804352 _____ (Microsoft Corporation) C:\Windows\System32\RecoveryDrive.exe
2014-01-07 18:38 - 2013-04-08 20:52 - 00373760 _____ (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2014-01-07 18:38 - 2013-04-08 20:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2014-01-07 18:38 - 2013-04-08 20:52 - 00126464 _____ (Microsoft Corporation) C:\Windows\System32\Robocopy.exe
2014-01-07 18:38 - 2013-04-08 20:51 - 14267904 _____ (Microsoft Corporation) C:\Windows\System32\wmp.dll
2014-01-07 18:38 - 2013-04-08 20:51 - 03552768 _____ (Microsoft Corporation) C:\Windows\System32\tquery.dll
2014-01-07 18:38 - 2013-04-08 20:51 - 00595456 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Networking.dll
2014-01-07 18:38 - 2013-04-08 20:51 - 00456704 _____ (Microsoft Corporation) C:\Windows\System32\wpncore.dll
2014-01-07 18:38 - 2013-04-08 20:51 - 00367616 _____ (Microsoft Corporation) C:\Windows\System32\conhost.exe
2014-01-07 18:38 - 2013-04-08 20:51 - 00099840 _____ (Microsoft Corporation) C:\Windows\System32\wscsvc.dll
2014-01-07 18:38 - 2013-04-08 20:50 - 02107904 _____ (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2014-01-07 18:38 - 2013-04-08 20:50 - 01285632 _____ (Microsoft Corporation) C:\Windows\System32\schedsvc.dll
2014-01-07 18:38 - 2013-04-08 20:50 - 00745984 _____ (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2014-01-07 18:38 - 2013-04-08 20:50 - 00435200 _____ (Microsoft Corporation) C:\Windows\System32\mssph.dll
2014-01-07 18:38 - 2013-04-08 20:50 - 00414720 _____ (Microsoft Corporation) C:\Windows\System32\GenuineCenter.dll
2014-01-07 18:38 - 2013-04-08 20:50 - 00096256 _____ (Microsoft Corporation) C:\Windows\System32\mssprxy.dll
2014-01-07 18:38 - 2013-04-08 20:50 - 00065024 _____ (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2014-01-07 18:38 - 2013-04-08 20:50 - 00013824 _____ (Microsoft Corporation) C:\Windows\System32\msshooks.dll
2014-01-07 18:38 - 2013-04-08 20:49 - 01444864 _____ (Microsoft Corporation) C:\Windows\System32\MSAudDecMFT.dll
2014-01-07 18:38 - 2013-04-08 20:49 - 00468992 _____ (Microsoft Corporation) C:\Windows\System32\MFMediaEngine.dll
2014-01-07 18:38 - 2013-04-08 20:49 - 00281088 _____ (Microsoft Corporation) C:\Windows\System32\mfreadwrite.dll
2014-01-07 18:38 - 2013-04-08 20:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\System32\fhengine.dll
2014-01-07 18:38 - 2013-04-08 20:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\System32\iuilp.dll
2014-01-07 18:38 - 2013-04-08 20:49 - 00196096 _____ (Microsoft Corporation) C:\Windows\System32\dmvdsitf.dll
2014-01-07 18:38 - 2013-04-08 20:49 - 00172544 _____ (Microsoft Corporation) C:\Windows\System32\dwmredir.dll
2014-01-07 18:38 - 2013-04-08 20:49 - 00050176 _____ (Microsoft Corporation) C:\Windows\System32\fmifs.dll
2014-01-07 18:38 - 2013-04-08 20:48 - 00169472 _____ (Microsoft Corporation) C:\Windows\System32\AudioEndpointBuilder.dll
2014-01-07 18:38 - 2013-04-08 18:34 - 00095744 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidbth.sys
2014-01-07 18:38 - 2013-04-08 18:33 - 00623104 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2014-01-07 18:38 - 2013-04-08 18:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndproxy.sys
2014-01-07 18:38 - 2013-04-08 18:32 - 00805376 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\PEAuth.sys
2014-01-07 18:38 - 2013-04-08 18:31 - 00247808 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2014-01-07 18:38 - 2013-04-08 18:31 - 00083456 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wanarp.sys
2014-01-07 18:38 - 2013-04-08 15:44 - 00123880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2014-01-07 18:38 - 2013-04-08 15:39 - 01408896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-01-07 18:38 - 2013-04-08 15:37 - 00426024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-01-07 18:38 - 2013-04-08 15:37 - 00324368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-01-07 18:38 - 2013-04-08 13:52 - 11878912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-01-07 18:38 - 2013-04-08 13:52 - 00670208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2014-01-07 18:38 - 2013-04-08 13:52 - 00302592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-01-07 18:38 - 2013-04-08 13:52 - 00171008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2014-01-07 18:38 - 2013-04-08 13:52 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-01-07 18:38 - 2013-04-08 13:51 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2014-01-07 18:38 - 2013-04-08 13:51 - 01593344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2014-01-07 18:38 - 2013-04-08 13:51 - 01113600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll
2014-01-07 18:38 - 2013-04-08 13:51 - 00659456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2014-01-07 18:38 - 2013-04-08 13:51 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2014-01-07 18:38 - 2013-04-08 13:51 - 00403968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2014-01-07 18:38 - 2013-04-08 13:51 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-01-07 18:38 - 2013-04-08 13:51 - 00214528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-01-07 18:38 - 2013-04-08 13:51 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2014-01-07 18:38 - 2013-04-08 13:51 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
2014-01-07 18:38 - 2013-04-08 13:51 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fmifs.dll
2014-01-07 18:38 - 2013-04-08 13:51 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2014-01-07 18:38 - 2013-04-08 13:51 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2014-01-07 18:38 - 2013-04-04 15:30 - 00503080 _____ (Microsoft Corporation) C:\Windows\System32\ci.dll
2014-01-07 18:38 - 2013-03-15 14:05 - 00298456 _____ (Microsoft Corporation) C:\Windows\System32\rsaenh.dll
2014-01-07 18:38 - 2013-03-15 14:05 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2014-01-07 18:38 - 2013-03-02 02:39 - 00069864 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\pdc.sys
2014-01-07 18:38 - 2013-03-01 18:45 - 00077824 _____ (Microsoft Corporation) C:\Windows\System32\taskhost.exe
2014-01-07 18:38 - 2013-03-01 18:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\System32\taskhostex.exe
2014-01-07 18:38 - 2013-03-01 18:43 - 02146304 _____ (Microsoft Corporation) C:\Windows\System32\actxprxy.dll
2014-01-07 18:38 - 2013-02-06 17:33 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-01-07 18:38 - 2013-02-02 00:40 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2014-01-07 18:38 - 2013-02-02 00:39 - 00015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlmproxy.dll
2014-01-07 18:38 - 2013-02-02 00:39 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlmsprep.dll
2014-01-07 18:38 - 2013-02-02 00:23 - 00228352 _____ (Microsoft Corporation) C:\Windows\System32\XpsRasterService.dll
2014-01-07 18:37 - 2013-10-24 22:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-01-07 18:36 - 2013-10-24 22:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-01-07 18:36 - 2013-10-24 22:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-01-07 18:36 - 2013-10-24 22:19 - 00915968 _____ (Microsoft Corporation) C:\Windows\System32\uxtheme.dll
2014-01-07 18:36 - 2013-10-24 22:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-01-07 18:36 - 2013-10-24 22:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-01-07 18:36 - 2013-10-24 22:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-01-07 18:36 - 2013-10-24 22:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-01-07 18:36 - 2013-10-24 22:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-01-07 18:36 - 2013-10-24 22:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2014-01-07 18:36 - 2013-10-24 20:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-01-07 18:36 - 2013-10-24 20:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-01-07 18:36 - 2013-10-24 20:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-01-07 18:36 - 2013-10-24 20:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-01-07 18:36 - 2013-10-24 20:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-01-07 18:36 - 2013-10-24 20:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-01-07 18:36 - 2013-10-24 20:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-07 18:36 - 2013-10-24 20:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-07 18:36 - 2013-05-15 14:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-01-07 18:36 - 2013-05-15 14:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\UXInit.dll
2014-01-07 18:36 - 2013-05-14 05:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-01-07 18:36 - 2013-05-14 01:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-01-07 18:36 - 2013-02-21 02:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-01-07 18:36 - 2013-02-21 02:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-01-07 18:36 - 2013-02-21 02:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-01-07 18:36 - 2013-02-21 02:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-01-07 18:36 - 2013-02-21 02:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2014-01-07 18:36 - 2013-02-21 02:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-01-07 18:36 - 2013-02-19 01:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-01-07 18:29 - 2013-10-18 21:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2014-01-07 18:29 - 2013-10-18 20:04 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-01-07 18:29 - 2013-10-10 03:53 - 00096600 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wfplwfs.sys
2014-01-07 18:29 - 2013-10-10 01:21 - 01160192 _____ (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL
2014-01-07 18:29 - 2013-10-10 01:20 - 00723968 _____ (Microsoft Corporation) C:\Windows\System32\BFE.DLL
2014-01-07 18:29 - 2013-09-03 19:11 - 00576512 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2014-01-07 18:29 - 2013-08-15 21:41 - 00058200 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dam.sys
2014-01-07 18:29 - 2013-08-15 21:39 - 02371728 _____ (Microsoft Corporation) C:\Windows\System32\WSService.dll
2014-01-07 18:29 - 2013-08-15 21:32 - 00209200 _____ (Microsoft Corporation) C:\Windows\System32\NotificationUI.exe
2014-01-07 18:29 - 2013-08-15 21:22 - 04917760 _____ (Microsoft Corporation) C:\Windows\System32\sppsvc.exe
2014-01-07 18:29 - 2013-08-15 21:21 - 01164288 _____ (Microsoft Corporation) C:\Windows\System32\sppobjs.dll
2014-01-07 18:29 - 2013-08-15 21:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\System32\sppwinob.dll
2014-01-07 18:29 - 2013-08-15 21:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\System32\WSClient.dll
2014-01-07 18:29 - 2013-08-15 21:21 - 00198656 _____ (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.dll
2014-01-07 18:29 - 2013-08-15 21:21 - 00183808 _____ (Microsoft Corporation) C:\Windows\System32\WSSync.dll
2014-01-07 18:29 - 2013-08-15 21:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\System32\sppc.dll
2014-01-07 18:29 - 2013-08-15 21:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\System32\setupcln.dll
2014-01-07 18:29 - 2013-08-15 21:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\System32\wups.dll
2014-01-07 18:29 - 2013-08-15 21:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\System32\wups2.dll
2014-01-07 18:29 - 2013-08-15 21:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\System32\WinSetupUI.dll
2014-01-07 18:29 - 2013-08-15 14:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2014-01-07 18:29 - 2013-08-15 14:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2014-01-07 18:29 - 2013-08-15 14:43 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-01-07 18:29 - 2013-08-15 14:43 - 00083968 _____ () C:\Windows\SysWOW64\OEMLicense.dll
2014-01-07 18:29 - 2013-08-15 14:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-01-07 18:29 - 2013-08-15 14:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2014-01-07 18:29 - 2013-08-15 14:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2014-01-07 18:29 - 2013-07-05 16:15 - 00652288 _____ (Microsoft Corporation) C:\Windows\System32\comctl32.dll
2014-01-07 18:29 - 2013-07-03 18:13 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-01-07 18:29 - 2013-06-10 11:16 - 00888832 _____ (Microsoft Corporation) C:\Windows\System32\nshwfp.dll
2014-01-07 18:29 - 2013-06-10 11:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\System32\FWPUCLNT.DLL
2014-01-07 18:29 - 2013-06-10 11:10 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-01-07 18:29 - 2013-06-10 11:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-01-07 18:28 - 2013-10-02 15:25 - 01300992 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2014-01-07 18:28 - 2013-10-01 15:37 - 01569280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-01-07 18:28 - 2013-10-01 15:26 - 01890816 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2014-01-07 18:28 - 2013-10-01 14:22 - 01022976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-01-07 18:28 - 2013-07-05 14:02 - 00099328 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbcir.sys
2014-01-07 18:28 - 2013-07-05 14:01 - 00210560 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbvideo.sys
2014-01-07 18:28 - 2013-07-01 14:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbscan.sys
2014-01-07 18:28 - 2013-07-01 14:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbprint.sys
2014-01-07 18:28 - 2013-06-28 19:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidparse.sys
2014-01-07 18:28 - 2013-06-28 19:07 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2014-01-07 18:28 - 2013-06-21 21:45 - 00785624 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2014-01-07 18:28 - 2013-06-21 21:45 - 00054488 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WdfLdr.sys
2014-01-07 18:28 - 2013-05-23 15:02 - 01314816 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2014-01-07 18:28 - 2013-05-23 14:25 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-01-07 18:28 - 2013-05-03 20:48 - 00027648 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys
2014-01-07 18:27 - 2014-01-07 18:27 - 00000000 ____D () C:\Users\user\AppData\Local\BMExplorer
2014-01-07 18:27 - 2013-04-23 15:13 - 01013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-01-07 18:27 - 2013-04-23 15:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-01-07 18:27 - 2013-04-23 14:56 - 01255936 _____ (Microsoft Corporation) C:\Windows\System32\certutil.exe
2014-01-07 18:27 - 2013-04-23 14:55 - 00141312 _____ (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2014-01-07 18:27 - 2013-03-02 01:59 - 00411880 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2014-01-07 18:26 - 2013-06-01 01:25 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-01-07 18:26 - 2013-06-01 01:21 - 00595968 _____ (Microsoft Corporation) C:\Windows\System32\qedit.dll
2014-01-07 18:26 - 2013-04-11 14:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-01-07 18:26 - 2013-04-11 14:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2014-01-07 18:26 - 2013-02-02 00:38 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\duser.dll
2014-01-07 18:26 - 2013-02-02 00:20 - 00729600 _____ (Microsoft Corporation) C:\Windows\System32\duser.dll
2014-01-07 18:25 - 2014-01-07 18:25 - 00000000 ____D () C:\Users\user\Documents\Bluetooth Folder
2014-01-07 18:25 - 2013-11-06 15:18 - 04036608 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2014-01-07 18:25 - 2013-10-10 01:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-01-07 18:25 - 2013-10-10 01:30 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2014-01-07 18:25 - 2013-10-10 01:30 - 00156160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-01-07 18:25 - 2013-10-10 01:24 - 00143872 _____ (Microsoft Corporation) C:\Windows\System32\wshom.ocx
2014-01-07 18:25 - 2013-10-10 01:23 - 00146944 _____ (Microsoft Corporation) C:\Windows\System32\cscript.exe
2014-01-07 18:25 - 2013-10-10 01:22 - 00222720 _____ (Microsoft Corporation) C:\Windows\System32\scrobj.dll
2014-01-07 18:25 - 2013-10-10 01:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\System32\scrrun.dll
2014-01-07 18:25 - 2013-09-27 19:35 - 00288768 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\portcls.sys
2014-01-07 18:25 - 2013-09-23 14:30 - 00419328 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2014-01-07 18:25 - 2013-09-23 14:30 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-01-07 18:25 - 2013-07-19 14:13 - 00124112 _____ (Microsoft Corporation) C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2014-01-07 18:25 - 2013-07-19 14:13 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-01-07 18:25 - 2013-07-12 22:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2014-01-07 18:25 - 2013-07-12 22:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2014-01-07 18:25 - 2013-07-12 22:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\System32\apprepapi.dll
2014-01-07 18:25 - 2013-07-12 22:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\System32\apprepsync.dll
2014-01-07 18:25 - 2013-07-12 20:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-01-07 18:25 - 2013-07-12 20:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2014-01-07 18:25 - 2013-07-12 20:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2014-01-07 18:25 - 2013-07-01 17:41 - 00337752 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBXHCI.SYS
2014-01-07 18:25 - 2013-07-01 17:41 - 00213336 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\UCX01000.SYS
2014-01-07 18:25 - 2013-06-30 17:42 - 00623448 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2014-01-07 18:25 - 2013-06-30 17:42 - 00498008 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2014-01-07 18:25 - 2013-06-30 17:42 - 00079192 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2014-01-07 18:25 - 2013-06-30 17:42 - 00021848 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
2014-01-07 18:25 - 2013-06-28 19:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
2014-01-07 18:25 - 2013-06-28 19:06 - 00120832 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2014-01-07 18:25 - 2013-05-26 15:17 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-01-07 18:25 - 2013-05-26 14:59 - 00046080 _____ (Adobe Systems) C:\Windows\System32\atmlib.dll
2014-01-07 18:25 - 2013-05-24 19:15 - 00362496 _____ (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2014-01-07 18:25 - 2013-05-24 18:32 - 00300032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-01-07 18:25 - 2013-05-03 22:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
2014-01-07 18:25 - 2013-05-03 20:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-01-07 18:25 - 2013-04-26 21:20 - 00733184 _____ (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2014-01-07 18:25 - 2013-03-14 16:17 - 00861184 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\http.sys
2014-01-07 18:25 - 2013-03-05 23:10 - 00112872 _____ (Microsoft Corporation) C:\Windows\System32\consent.exe
2014-01-07 18:25 - 2013-03-05 22:29 - 00070144 _____ (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2014-01-07 18:25 - 2013-02-11 16:17 - 00020992 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2014-01-07 18:25 - 2013-02-05 14:29 - 00370688 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2014-01-07 18:25 - 2013-02-05 14:28 - 00215552 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2014-01-07 18:25 - 2013-02-02 02:54 - 01933544 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2014-01-07 18:25 - 2013-02-02 00:40 - 00410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlroamextension.dll
2014-01-07 18:25 - 2013-02-02 00:40 - 00370688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2014-01-07 18:25 - 2013-02-02 00:40 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2014-01-07 18:25 - 2013-02-02 00:40 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tasklist.exe
2014-01-07 18:25 - 2013-02-02 00:40 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskkill.exe
2014-01-07 18:25 - 2013-02-02 00:39 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2014-01-07 18:25 - 2013-02-02 00:24 - 00107520 _____ (Microsoft Corporation) C:\Windows\System32\taskkill.exe
2014-01-07 18:25 - 2013-02-02 00:24 - 00102400 _____ (Microsoft Corporation) C:\Windows\System32\tasklist.exe
2014-01-07 18:25 - 2013-02-02 00:23 - 00611840 _____ (Microsoft Corporation) C:\Windows\System32\wpd_ci.dll
2014-01-07 18:25 - 2013-02-02 00:23 - 00543232 _____ (Microsoft Corporation) C:\Windows\System32\wlroamextension.dll
2014-01-07 18:25 - 2013-02-02 00:23 - 00475136 _____ (Microsoft Corporation) C:\Windows\System32\WWanAPI.dll
2014-01-07 18:25 - 2013-02-02 00:23 - 00293376 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Networking.Connectivity.dll
2014-01-07 18:25 - 2013-02-02 00:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\System32\wersvc.dll
2014-01-07 18:25 - 2013-02-02 00:21 - 00385024 _____ (Microsoft Corporation) C:\Windows\System32\ncsi.dll
2014-01-07 18:25 - 2013-02-02 00:20 - 00260096 _____ (Microsoft Corporation) C:\Windows\System32\hotspotauth.dll
2014-01-07 18:25 - 2013-02-01 23:25 - 00297984 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ks.sys
2014-01-07 18:25 - 2013-02-01 21:41 - 01437184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2014-01-07 18:25 - 2013-02-01 21:31 - 01690624 _____ (Microsoft Corporation) C:\Windows\System32\GdiPlus.dll
2014-01-07 18:24 - 2013-08-06 21:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\System32\tssdisai.dll
2014-01-07 18:24 - 2012-11-09 20:23 - 00148480 _____ (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2014-01-07 18:24 - 2012-11-09 20:23 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-01-07 18:24 - 2012-11-09 20:22 - 00126976 _____ (Microsoft Corporation) C:\Windows\System32\RDWebAI.dll
2014-01-07 18:24 - 2012-11-09 20:22 - 00122880 _____ (Microsoft Corporation) C:\Windows\System32\VmHostAI.dll
2014-01-07 18:24 - 2012-11-09 20:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\appserverai.dll
2014-01-07 17:50 - 2014-02-05 06:47 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3049176386-3505927428-341134551-1002
2014-01-07 17:48 - 2014-01-07 17:48 - 00000000 ____D () C:\Users\maiko_000\AppData\Local\BMExplorer
2014-01-07 17:46 - 2014-01-07 17:46 - 00000000 ____D () C:\Users\maiko_000\Documents\Bluetooth Folder
2014-01-07 17:45 - 2014-01-07 17:45 - 00000000 ____D () C:\Users\maiko_000\AppData\Roaming\Atheros
2014-01-07 17:44 - 2014-01-18 09:55 - 00000000 ____D () C:\users\maiko_000
2014-01-07 17:44 - 2014-01-11 13:08 - 00000000 ____D () C:\Users\maiko_000\AppData\Local\Packages
2014-01-07 17:44 - 2014-01-07 17:44 - 00000020 ___SH () C:\Users\maiko_000\ntuser.ini
2014-01-07 17:44 - 2014-01-07 17:44 - 00000000 _SHDL () C:\Users\maiko_000\Vorlagen
2014-01-07 17:44 - 2014-01-07 17:44 - 00000000 _SHDL () C:\Users\maiko_000\Startmenü
2014-01-07 17:44 - 2014-01-07 17:44 - 00000000 _SHDL () C:\Users\maiko_000\Netzwerkumgebung
2014-01-07 17:44 - 2014-01-07 17:44 - 00000000 _SHDL () C:\Users\maiko_000\Lokale Einstellungen
2014-01-07 17:44 - 2014-01-07 17:44 - 00000000 _SHDL () C:\Users\maiko_000\Eigene Dateien
2014-01-07 17:44 - 2014-01-07 17:44 - 00000000 _SHDL () C:\Users\maiko_000\Druckumgebung
2014-01-07 17:44 - 2014-01-07 17:44 - 00000000 _SHDL () C:\Users\maiko_000\Documents\Eigene Musik
2014-01-07 17:44 - 2014-01-07 17:44 - 00000000 _SHDL () C:\Users\maiko_000\Documents\Eigene Bilder
2014-01-07 17:44 - 2014-01-07 17:44 - 00000000 _SHDL () C:\Users\maiko_000\AppData\Local\Verlauf
2014-01-07 17:44 - 2014-01-07 17:44 - 00000000 _SHDL () C:\Users\maiko_000\AppData\Local\Anwendungsdaten
2014-01-07 17:44 - 2014-01-07 17:44 - 00000000 _SHDL () C:\Users\maiko_000\Anwendungsdaten
2014-01-07 17:44 - 2014-01-07 17:44 - 00000000 ____D () C:\Users\maiko_000\AppData\Roaming\lm
2014-01-07 17:44 - 2014-01-07 17:44 - 00000000 ____D () C:\Users\maiko_000\AppData\Roaming\Adobe
2014-01-07 17:44 - 2014-01-07 17:44 - 00000000 ____D () C:\Users\maiko_000\AppData\Local\VirtualStore

==================== One Month Modified Files and Folders =======

2014-02-06 18:02 - 2014-02-06 18:02 - 00000000 ____D () C:\FRST
2014-02-06 08:55 - 2012-07-25 21:26 - 00524288 ___SH () C:\Windows\System32\config\BBI
2014-02-06 08:54 - 2014-02-05 10:20 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-02-06 08:53 - 2014-01-30 12:25 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-06 08:49 - 2014-02-06 08:49 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-02-06 08:49 - 2013-04-17 20:36 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-02-06 08:49 - 2012-07-25 23:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-06 08:11 - 2014-02-05 12:06 - 00000000 ____D () C:\Users\maiko_000\AppData\Local\CrashDumps
2014-02-06 08:02 - 2013-04-17 20:38 - 00001848 _____ () C:\Users\Public\Desktop\McAfee Internet Security Suite.lnk
2014-02-06 07:54 - 2013-04-17 18:46 - 00332518 _____ () C:\Windows\PFRO.log
2014-02-05 12:04 - 2014-02-05 12:04 - 00002231 _____ () C:\Users\Public\Desktop\BewerbungsGenie 7.lnk
2014-02-05 12:04 - 2014-02-05 12:04 - 00000000 ____D () C:\Users\user\AppData\Roaming\ProtectDisc
2014-02-05 12:02 - 2014-02-05 12:02 - 00000000 ____D () C:\Program Files (x86)\DATA BECKER
2014-02-05 11:00 - 2014-02-05 11:00 - 00000000 ____D () C:\Users\maiko_000\Documents\Anti-Malware
2014-02-05 10:21 - 2014-02-05 10:21 - 00001095 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-02-05 10:20 - 2014-02-05 10:20 - 00000000 ____D () C:\Users\user\Documents\Anti-Malware
2014-02-05 09:18 - 2014-02-05 09:27 - 00000000 _____ () C:\Users\maiko_000\Desktop\mbam-setup-1.75.0.1300.exe
2014-02-05 07:55 - 2014-02-05 07:55 - 00000000 ____D () C:\Windows\pss
2014-02-05 07:55 - 2013-07-25 11:14 - 00753134 _____ () C:\Windows\System32\perfh007.dat
2014-02-05 07:55 - 2013-07-25 11:14 - 00155826 _____ () C:\Windows\System32\perfc007.dat
2014-02-05 07:55 - 2013-07-25 01:36 - 01210066 _____ () C:\Windows\WindowsUpdate.log
2014-02-05 07:55 - 2012-07-25 23:28 - 01745416 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-02-05 07:53 - 2014-02-05 07:52 - 129598176 _____ () C:\Users\maiko_000\Downloads\avira_free344_antivirus_de.exe
2014-02-05 07:35 - 2014-01-30 12:25 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-05 07:22 - 2012-07-26 00:12 - 00000000 ____D () C:\Windows\System32\sru
2014-02-05 06:47 - 2014-01-07 17:50 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3049176386-3505927428-341134551-1002
2014-02-04 10:51 - 2012-07-26 00:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-02-02 11:45 - 2014-02-02 11:45 - 00380653 _____ () C:\Users\maiko_000\Downloads\exercise-2014-2-2.gpx
2014-02-02 10:59 - 2014-01-11 14:03 - 00000000 ____D () C:\Users\maiko_000\AppData\Roaming\UseNeXT
2014-02-02 10:46 - 2014-01-11 14:03 - 00000000 ____D () C:\Users\maiko_000\Documents\UseNeXT
2014-01-31 13:24 - 2014-01-31 13:24 - 00448512 _____ (OldTimer Tools) C:\Users\maiko_000\Downloads\TFC.exe
2014-01-31 13:20 - 2014-01-31 13:18 - 00000000 ____D () C:\AdwCleaner
2014-01-31 13:19 - 2014-01-30 12:24 - 00000000 ____D () C:\Users\user\AppData\Roaming\Common
2014-01-31 13:16 - 2014-01-31 13:16 - 01166132 _____ () C:\Users\maiko_000\Downloads\adwcleaner.exe
2014-01-31 13:02 - 2012-07-25 21:26 - 00262144 ___SH () C:\Windows\System32\config\ELAM
2014-01-31 06:31 - 2013-07-25 02:00 - 00002916 _____ () C:\Windows\System32\Tasks\Power Management
2014-01-31 06:31 - 2013-07-25 01:58 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3049176386-3505927428-341134551-500
2014-01-31 06:31 - 2013-04-17 20:38 - 00004404 _____ () C:\Windows\System32\Tasks\ALUAgent
2014-01-31 06:31 - 2013-04-17 20:38 - 00003628 _____ () C:\Windows\System32\Tasks\ALU
2014-01-31 06:30 - 2014-01-31 06:30 - 00821760 _____ (Browser Opt-out) C:\Users\maiko_000\Downloads\uninstall(1).exe
2014-01-31 06:29 - 2014-01-31 06:29 - 00821760 _____ (Browser Opt-out) C:\Users\maiko_000\Downloads\uninstall.exe
2014-01-30 13:02 - 2014-01-30 12:36 - 00113664 _____ () C:\Users\maiko_000\Desktop\Spesen Januar 2014.xls
2014-01-30 12:31 - 2014-01-30 12:31 - 00565248 _____ () C:\Users\maiko_000\Downloads\reisekosten-inland-2014.xls
2014-01-30 12:30 - 2014-01-30 12:25 - 00004100 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-30 12:30 - 2014-01-30 12:25 - 00003864 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-30 12:25 - 2014-01-30 12:25 - 00003086 _____ () C:\Windows\System32\Tasks\Fifth
2014-01-30 12:25 - 2014-01-30 12:25 - 00003078 _____ () C:\Windows\System32\Tasks\OMESupervisor
2014-01-30 12:25 - 2014-01-30 12:25 - 00000000 ____D () C:\Users\user\AppData\Roaming\Mozilla
2014-01-30 12:25 - 2014-01-30 12:25 - 00000000 ____D () C:\Users\user\AppData\Roaming\Fifth
2014-01-30 12:25 - 2014-01-30 12:25 - 00000000 ____D () C:\Users\user\AppData\Local\Mozilla
2014-01-30 12:25 - 2014-01-30 12:25 - 00000000 ____D () C:\Users\user\AppData\Local\Google
2014-01-30 12:25 - 2014-01-30 12:25 - 00000000 ____D () C:\Users\user\AppData\Local\ext_offermosquito
2014-01-30 12:25 - 2014-01-30 12:25 - 00000000 ____D () C:\Program Files (x86)\Google
2014-01-30 12:24 - 2014-01-30 12:24 - 00000759 _____ () C:\Users\user\Desktop\Reisekosten 2014 TEST.lnk
2014-01-30 12:24 - 2014-01-30 12:24 - 00000759 _____ () C:\Users\maiko_000\Desktop\Reisekosten 2014 TEST.lnk
2014-01-30 12:24 - 2014-01-30 12:24 - 00000000 ____D () C:\Reisekosten
2014-01-30 12:23 - 2014-01-30 12:23 - 02096296 _____ () C:\Users\user\Desktop\spesen.exe
2014-01-30 12:22 - 2014-01-30 12:22 - 00000000 ____D () C:\Users\user\AppData\Roaming\Macromedia
2014-01-30 12:22 - 2014-01-30 12:21 - 00401760 _____ (Softonic ) C:\Users\maiko_000\Downloads\SoftonicDownloader_fuer_sd-reisekosten.exe
2014-01-26 11:21 - 2014-01-07 19:48 - 00000000 ____D () C:\Users\maiko_000\Desktop\Iomega Platte
2014-01-26 06:06 - 2014-01-26 06:06 - 13079688 _____ (Microsoft Corporation) C:\Users\maiko_000\Downloads\Silverlight_x64.exe
2014-01-26 06:06 - 2014-01-26 06:06 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-01-26 06:06 - 2014-01-26 06:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-01-26 03:39 - 2014-01-26 03:39 - 00000000 ____D () C:\Users\user\AppData\Roaming\8floor
2014-01-26 03:30 - 2014-01-26 03:28 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-01-26 00:49 - 2014-01-26 00:49 - 00000000 ____D () C:\Users\user\AppData\Roaming\Acronis
2014-01-26 00:47 - 2014-01-26 00:47 - 01464096 _____ (Acronis International GmbH) C:\Windows\System32\Drivers\tdrpman.sys
2014-01-26 00:47 - 2014-01-26 00:47 - 01120032 _____ (Acronis International GmbH) C:\Windows\System32\Drivers\tib.sys
2014-01-26 00:47 - 2014-01-26 00:47 - 00367200 _____ (Acronis) C:\Windows\System32\Drivers\afcdp.sys
2014-01-26 00:47 - 2014-01-26 00:47 - 00198432 _____ (Acronis International GmbH) C:\Windows\System32\Drivers\tib_mounter.sys
2014-01-26 00:47 - 2014-01-26 00:47 - 00000000 ____D () C:\ProgramData\Acronis
2014-01-26 00:46 - 2014-01-26 00:46 - 00269600 _____ (Acronis International GmbH) C:\Windows\System32\Drivers\snapman.sys
2014-01-26 00:46 - 2014-01-26 00:46 - 00116000 _____ (Acronis International GmbH) C:\Windows\System32\Drivers\fltsrv.sys
2014-01-26 00:46 - 2014-01-26 00:46 - 00001205 _____ () C:\Users\Public\Desktop\Acronis True Image 2014.lnk
2014-01-26 00:46 - 2014-01-26 00:46 - 00000000 ____D () C:\Program Files (x86)\Acronis
2014-01-25 13:48 - 2014-01-25 13:48 - 00522143 _____ () C:\Users\maiko_000\Downloads\exercise-2013-12-15.gpx
2014-01-25 13:42 - 2014-01-25 13:42 - 00475008 _____ () C:\Users\maiko_000\Downloads\exercise-2014-1-19.gpx
2014-01-25 13:39 - 2014-01-25 13:39 - 00467685 _____ () C:\Users\maiko_000\Downloads\Sorpe-2014-1-17.gpx
2014-01-25 13:34 - 2014-01-25 13:34 - 00437466 _____ () C:\Users\maiko_000\Downloads\exercise-2014-1-14.gpx
2014-01-25 13:30 - 2014-01-25 13:30 - 00499004 _____ () C:\Users\maiko_000\Downloads\exercise-2014-1-3.gpx
2014-01-25 13:19 - 2014-01-25 13:19 - 00338623 _____ () C:\Users\maiko_000\Downloads\exercise-2014-1-22.gpx
2014-01-25 13:15 - 2014-01-25 13:15 - 00622051 _____ () C:\Users\maiko_000\Downloads\exercise-2014-1-25(1).gpx
2014-01-25 13:15 - 2014-01-25 13:14 - 00622051 _____ () C:\Users\maiko_000\Downloads\exercise-2014-1-25.gpx
2014-01-25 12:34 - 2014-01-12 10:17 - 00002055 _____ () C:\Users\Public\Desktop\Polar WebSync.lnk
2014-01-25 12:33 - 2014-01-25 12:32 - 43340104 _____ (Polar Electro Oy ) C:\Users\maiko_000\Downloads\websync_2.8.1(4).exe
2014-01-24 10:31 - 2014-01-24 10:29 - 00000000 ____D () C:\Users\maiko_000\Desktop\ebay-bücher
2014-01-23 11:41 - 2013-04-17 20:36 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-01-23 11:40 - 2012-07-26 00:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-01-23 00:08 - 2014-01-23 00:08 - 02239256 _____ () C:\Users\user\AppData\Local\omesuperv.exe
2014-01-21 21:06 - 2014-01-11 14:58 - 00000000 ____D () C:\Users\maiko_000\AppData\Roaming\vlc
2014-01-21 11:46 - 2012-07-25 23:21 - 00033018 _____ () C:\Windows\setupact.log
2014-01-21 11:30 - 2014-01-21 11:30 - 00062888 _____ () C:\Users\maiko_000\Desktop\Unbenannt 1.odt
2014-01-20 12:07 - 2012-07-26 00:12 - 00000000 ____D () C:\Windows\System32\FxsTmp
2014-01-20 12:04 - 2014-01-20 12:01 - 00000000 ____D () C:\Users\maiko_000\Documents\Fax
2014-01-20 11:25 - 2013-07-25 02:03 - 00000000 ____D () C:\ProgramData\Norton
2014-01-20 11:24 - 2014-01-10 00:27 - 00000000 ____D () C:\Users\maiko_000\AppData\Local\clear.fi
2014-01-19 12:51 - 2014-01-19 12:51 - 00000771 _____ () C:\Users\maiko_000\Downloads\confirmation.de.ics
2014-01-18 15:21 - 2014-01-18 15:21 - 00191563 _____ () C:\Users\maiko_000\Desktop\Oschmann, Maik - Einkommensteuererklärung 2013.s14
2014-01-18 15:21 - 2014-01-18 15:21 - 00000000 ____D () C:\Users\maiko_000\Documents\Steuer-Sparbuch
2014-01-18 14:45 - 2014-01-18 09:55 - 00000000 ____D () C:\Users\maiko_000\.gimp-2.8
2014-01-18 13:52 - 2014-01-13 12:29 - 00000000 ____D () C:\Users\maiko_000\AppData\Local\Buhl
2014-01-18 09:55 - 2014-01-18 09:55 - 00000000 ____D () C:\Users\maiko_000\AppData\Local\gegl-0.2
2014-01-18 09:55 - 2014-01-07 17:44 - 00000000 ____D () C:\users\maiko_000
2014-01-18 08:05 - 2012-07-26 00:12 - 00000000 ____D () C:\Windows\WinStore
2014-01-17 11:35 - 2014-01-17 11:35 - 43340104 _____ (Polar Electro Oy ) C:\Users\maiko_000\Downloads\websync_2.8.1(3).exe
2014-01-17 10:30 - 2012-07-26 00:12 - 00000000 ____D () C:\Windows\rescache
2014-01-15 12:34 - 2014-01-15 12:32 - 00000000 ____D () C:\Program Files\GIMP 2
2014-01-15 12:31 - 2014-01-15 12:30 - 90396104 _____ (The GIMP Team ) C:\Users\maiko_000\Downloads\gimp-2.8.10-setup.exe
2014-01-15 12:29 - 2014-01-09 08:02 - 00000000 ____D () C:\Windows\System32\MRT
2014-01-15 12:28 - 2014-01-09 08:02 - 86054176 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-01-14 11:22 - 2014-01-14 11:18 - 00000000 ____D () C:\Users\maiko_000\Desktop\ebay - pc
2014-01-14 10:11 - 2014-01-14 10:11 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-01-13 12:29 - 2014-01-13 12:29 - 00000080 _____ () C:\Windows\wiso.ini
2014-01-13 12:29 - 2014-01-13 12:29 - 00000000 ____D () C:\Users\user\AppData\Local\Buhl
2014-01-13 12:29 - 2014-01-13 12:26 - 00000000 ____D () C:\ProgramData\Buhl Data Service GmbH
2014-01-13 12:28 - 2014-01-13 12:28 - 00002099 _____ () C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2014.lnk
2014-01-13 12:27 - 2014-01-13 12:27 - 00000000 ____D () C:\Program Files (x86)\WISO
2014-01-13 12:27 - 2013-04-17 20:42 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-01-12 10:17 - 2014-01-12 04:12 - 00000000 ____D () C:\Program Files (x86)\Polar
2014-01-12 10:15 - 2014-01-12 10:14 - 43340104 _____ (Polar Electro Oy ) C:\Users\maiko_000\Downloads\websync_2.8.1(2).exe
2014-01-12 10:15 - 2014-01-12 10:14 - 11642681 _____ (Polar Electro Oy ) C:\Users\maiko_000\Downloads\daemon_win32_2.2.2_distribution.exe
2014-01-12 05:17 - 2014-01-12 05:16 - 00307760 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-01-12 05:09 - 2014-01-12 05:09 - 00000000 ____D () C:\Users\maiko_000\Polar WebSync
2014-01-12 04:44 - 2014-01-12 04:44 - 03571656 _____ (Piriform Ltd) C:\Users\maiko_000\Downloads\ccsetup409_slim.exe
2014-01-12 04:37 - 2014-01-12 04:37 - 00000000 ____D () C:\Users\user\Polar WebSync
2014-01-12 04:35 - 2014-01-12 04:35 - 43340104 _____ (Polar Electro Oy ) C:\Users\maiko_000\Downloads\websync_2.8.1(1).exe
2014-01-12 04:16 - 2012-07-26 00:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-01-12 04:16 - 2012-07-26 00:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-01-12 04:15 - 2012-07-26 00:12 - 00000000 ___RD () C:\Windows\ToastData
2014-01-12 04:15 - 2012-07-26 00:12 - 00000000 ____D () C:\Windows\System32\SecureBootUpdates
2014-01-12 04:15 - 2012-07-25 21:38 - 00000000 ____D () C:\Windows\System32\oobe
2014-01-12 04:11 - 2014-01-12 04:10 - 43340104 _____ (Polar Electro Oy ) C:\Users\maiko_000\Downloads\websync_2.8.1.exe
2014-01-12 02:17 - 2014-01-12 02:17 - 00000000 ____D () C:\Users\maiko_000\AppData\Roaming\OpenOffice
2014-01-12 01:42 - 2014-01-12 01:42 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-01-12 01:41 - 2014-01-12 01:41 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-01-12 01:38 - 2014-01-12 01:38 - 00000000 ____D () C:\Users\user\Desktop\OpenOffice 4.0.1 (de) Installation Files
2014-01-12 01:37 - 2014-01-12 01:36 - 163606685 _____ () C:\Users\maiko_000\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-01-12 01:33 - 2013-04-17 20:36 - 00000000 ____D () C:\ProgramData\McAfee
2014-01-11 14:57 - 2014-01-11 14:57 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-01-11 14:57 - 2014-01-11 14:57 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-01-11 14:56 - 2014-01-11 14:55 - 24097311 _____ () C:\Users\maiko_000\Downloads\vlc-2.1.2-win32.exe
2014-01-11 14:03 - 2014-01-11 14:03 - 00001861 _____ () C:\Users\user\Desktop\UseNeXT by Tangysoft.lnk
2014-01-11 14:03 - 2014-01-11 14:03 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-01-11 14:00 - 2014-01-11 13:59 - 05343592 _____ (Tangysoft Ltd. ) C:\Users\maiko_000\Downloads\UseNeXTSetup_5.62.exe
2014-01-11 13:08 - 2014-01-11 12:55 - 00000000 ___RD () C:\Windows\BrowserChoice
2014-01-11 13:08 - 2014-01-07 17:44 - 00000000 ____D () C:\Users\maiko_000\AppData\Local\Packages
2014-01-11 13:08 - 2013-04-17 18:58 - 00000000 ____D () C:\ProgramData\PRICache
2014-01-11 13:05 - 2013-04-17 20:36 - 00000000 ____D () C:\Program Files\mcafee
2014-01-11 13:01 - 2012-07-25 21:37 - 00000000 ____D () C:\Windows\servicing
2014-01-11 12:56 - 2012-07-26 00:12 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-01-11 12:56 - 2012-07-26 00:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-01-11 12:55 - 2012-07-25 23:52 - 00000000 ____D () C:\Program Files\Windows Journal
2014-01-11 12:51 - 2012-07-26 00:12 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-01-11 12:51 - 2012-07-26 00:12 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-01-11 12:51 - 2012-07-25 21:38 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-01-11 12:50 - 2012-07-25 21:38 - 00000000 ____D () C:\Windows\System32\Dism
2014-01-10 00:27 - 2014-01-10 00:27 - 00000000 ____D () C:\Users\maiko_000\Documents\clear.fi
2014-01-10 00:27 - 2014-01-10 00:27 - 00000000 ____D () C:\Users\maiko_000\AppData\Local\MusicPlayer
2014-01-09 14:48 - 2014-01-07 19:00 - 00000000 ____D () C:\Users\maiko_000\Desktop\Werdohler SV 08.09.13(PC)29.12.13
2014-01-09 00:02 - 2014-01-11 13:00 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-09 00:02 - 2014-01-11 13:00 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-08 15:13 - 2014-01-08 15:13 - 00000000 ____D () C:\Users\maiko_000\AppData\Local\Macromedia
2014-01-08 15:13 - 2014-01-08 15:12 - 00000000 ____D () C:\Users\user\AppData\Local\Adobe
2014-01-07 19:48 - 2014-01-07 19:48 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-01-07 19:26 - 2014-01-07 19:26 - 00000000 ____D () C:\Users\maiko_000\AppData\Roaming\Mozilla
2014-01-07 19:26 - 2014-01-07 19:26 - 00000000 ____D () C:\Users\maiko_000\AppData\Local\Mozilla
2014-01-07 19:25 - 2014-01-07 19:25 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-07 19:25 - 2014-01-07 19:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-01-07 19:24 - 2014-01-07 19:24 - 00000000 ____D () C:\Users\maiko_000\AppData\Roaming\Macromedia
2014-01-07 18:28 - 2013-11-30 08:12 - 00000000 ____D () C:\Users\user\AppData\Local\Packages
2014-01-07 18:27 - 2014-01-07 18:27 - 00000000 ____D () C:\Users\user\AppData\Local\BMExplorer
2014-01-07 18:25 - 2014-01-07 18:25 - 00000000 ____D () C:\Users\user\Documents\Bluetooth Folder
2014-01-07 18:25 - 2013-07-25 01:52 - 00000000 ____D () C:\ProgramData\Atheros
2014-01-07 18:03 - 2013-11-30 09:21 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3049176386-3505927428-341134551-1001
2014-01-07 17:48 - 2014-01-07 17:48 - 00000000 ____D () C:\Users\maiko_000\AppData\Local\BMExplorer
2014-01-07 17:46 - 2014-01-07 17:46 - 00000000 ____D () C:\Users\maiko_000\Documents\Bluetooth Folder
2014-01-07 17:45 - 2014-01-07 17:45 - 00000000 ____D () C:\Users\maiko_000\AppData\Roaming\Atheros
2014-01-07 17:45 - 2013-11-30 08:16 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-01-07 17:44 - 2014-01-07 17:44 - 00000020 ___SH () C:\Users\maiko_000\ntuser.ini
2014-01-07 17:44 - 2014-01-07 17:44 - 00000000 _SHDL () C:\Users\maiko_000\Vorlagen
2014-01-07 17:44 - 2014-01-07 17:44 - 00000000 _SHDL () C:\Users\maiko_000\Startmenü
2014-01-07 17:44 - 2014-01-07 17:44 - 00000000 _SHDL () C:\Users\maiko_000\Netzwerkumgebung
2014-01-07 17:44 - 2014-01-07 17:44 - 00000000 _SHDL () C:\Users\maiko_000\Lokale Einstellungen
2014-01-07 17:44 - 2014-01-07 17:44 - 00000000 _SHDL () C:\Users\maiko_000\Eigene Dateien
2014-01-07 17:44 - 2014-01-07 17:44 - 00000000 _SHDL () C:\Users\maiko_000\Druckumgebung
2014-01-07 17:44 - 2014-01-07 17:44 - 00000000 _SHDL () C:\Users\maiko_000\Documents\Eigene Musik
2014-01-07 17:44 - 2014-01-07 17:44 - 00000000 _SHDL () C:\Users\maiko_000\Documents\Eigene Bilder
2014-01-07 17:44 - 2014-01-07 17:44 - 00000000 _SHDL () C:\Users\maiko_000\AppData\Local\Verlauf
2014-01-07 17:44 - 2014-01-07 17:44 - 00000000 _SHDL () C:\Users\maiko_000\AppData\Local\Anwendungsdaten
2014-01-07 17:44 - 2014-01-07 17:44 - 00000000 _SHDL () C:\Users\maiko_000\Anwendungsdaten
2014-01-07 17:44 - 2014-01-07 17:44 - 00000000 ____D () C:\Users\maiko_000\AppData\Roaming\lm
2014-01-07 17:44 - 2014-01-07 17:44 - 00000000 ____D () C:\Users\maiko_000\AppData\Roaming\Adobe
2014-01-07 17:44 - 2014-01-07 17:44 - 00000000 ____D () C:\Users\maiko_000\AppData\Local\VirtualStore
2014-01-07 16:57 - 2013-12-04 09:29 - 00000000 ____D () C:\Users\user\AppData\Local\CrashDumps
2014-01-07 16:57 - 2013-11-30 10:44 - 00000000 ____D () C:\Users\user\AppData\Local\clear.fi

Some content of TEMP:
====================
C:\Users\maiko_000\AppData\Local\Temp\player.exe
C:\Users\user\AppData\Local\Temp\Quarantine.exe


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
         


Alt 07.02.2014, 20:33   #6
elcardinal1
 
Windows 8 GVU Trojaner - Standard

Windows 8 GVU Trojaner



Code:
ATTFilter
==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2014-01-13 12:27:27
Restore point made on: 2014-01-24 10:37:52

==================== BCD ================================

Start-Manager fr Firmware
--------------------------
Bezeichner              {fwbootmgr}
displayorder            {bootmgr}
timeout                 2

Windows-Start-Manager
---------------------
Bezeichner              {bootmgr}
device                  partition=\Device\HarddiskVolume2
path                    \EFI\Microsoft\Boot\bootmgfw.efi
description             Windows Boot Manager
locale                  de-DE
inherit                 {globalsettings}
default                 {default}
resumeobject            {b4925a27-f56a-11e2-b6c9-7c0507fef83f}
displayorder            {default}
toolsdisplayorder       {memdiag}
timeout                 30

Windows-Startladeprogramm
-------------------------
Bezeichner              {default}
device                  partition=C:
path                    \Windows\system32\winload.efi
description             Windows 8
locale                  de-DE
inherit                 {bootloadersettings}
recoverysequence        {current}
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
osdevice                partition=C:
systemroot              \Windows
resumeobject            {b4925a27-f56a-11e2-b6c9-7c0507fef83f}
nx                      OptIn
bootmenupolicy          Standard
detecthal               Yes

Windows-Startladeprogramm
-------------------------
Bezeichner              {current}
device                  ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{b4925a2a-f56a-11e2-b6c9-7c0507fef83f}
path                    \windows\system32\winload.efi
description             Windows Recovery Environment
locale                  en-us
inherit                 {bootloadersettings}
displaymessage          Recovery
osdevice                ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{b4925a2a-f56a-11e2-b6c9-7c0507fef83f}
systemroot              \windows
nx                      OptIn
bootmenupolicy          Standard
winpe                   Yes

Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner              {b4925a27-f56a-11e2-b6c9-7c0507fef83f}
device                  partition=C:
path                    \Windows\system32\winresume.efi
description             Windows Resume Application
locale                  de-DE
inherit                 {resumeloadersettings}
recoverysequence        {current}
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
filedevice              partition=C:
filepath                \hiberfil.sys
bootmenupolicy          Standard
debugoptionenabled      No

Windows-Speichertestprogramm
----------------------------
Bezeichner              {memdiag}
device                  partition=\Device\HarddiskVolume2
path                    \EFI\Microsoft\Boot\memtest.efi
description             Windows Memory Diagnostic
locale                  de-DE
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS-Einstellungen
-----------------
Bezeichner              {emssettings}
bootems                 No

Debuggereinstellungen
---------------------
Bezeichner              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM-Defekte
-----------
Bezeichner              {badmemory}

Globale Einstellungen
---------------------
Bezeichner              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Startladeprogramm-Einstellungen
-------------------------------
Bezeichner              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisoreinstellungen
-------------------
Bezeichner              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner              {resumeloadersettings}
inherit                 {globalsettings}

Ger„teoptionen
--------------
Bezeichner              {b4925a2a-f56a-11e2-b6c9-7c0507fef83f}
description             Windows Recovery
ramdisksdidevice        partition=\Device\HarddiskVolume1
ramdisksdipath          \Recovery\WindowsRE\boot.sdi


==================== Memory info =========================== 

Percentage of memory in use: 10%
Total physical RAM: 8010.27 MB
Available physical RAM: 7174.6 MB
Total Pagefile: 8010.27 MB
Available Pagefile: 7188.82 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:913.7 GB) (Free:502.54 GB) NTFS
Drive d: (STORE N GO) (Removable) (Total:3.73 GB) (Free:2.16 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 42AA141D)

Partition: GPT Partition Type
========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 4913AA6E)
Partition 1: (Not Active) - (Size=4 GB) - (Type=0C)


LastRegBack: 2014-01-27 13:04

==================== End Of Log ============================
         

Alt 08.02.2014, 15:03   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8 GVU Trojaner - Standard

Windows 8 GVU Trojaner



Ist der Rechner komplett gesperrt oder war der GVU nur im Browser?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.02.2014, 15:39   #8
elcardinal1
 
Windows 8 GVU Trojaner - Standard

Windows 8 GVU Trojaner



Der Rechner läuft momentan noch. Der war nur einmal auf dem Desktop bisher.
Nach neustart lief dann wieder alles.
Aber ich hatte das vor Jahren schonmal, da musste ich den Rechner formatieren.
Das möchte ich nach möglichkeit dieses mal nicht, da das Windows 8 ja nur vorinstalliert war und nicht auf CD.

Gruß,
Elcardinal

Alt 09.02.2014, 09:22   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8 GVU Trojaner - Standard

Windows 8 GVU Trojaner



Dann bitte im normalen Modus vom Desktop aus:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.02.2014, 12:46   #10
elcardinal1
 
Windows 8 GVU Trojaner - Standard

Windows 8 GVU Trojaner



FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-02-2014
Ran by maiko_000 (ATTENTION: The logged in user is not administrator) on ACER on 09-02-2014 12:41:59
Running from C:\Users\maiko_000\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
() C:\Program Files (x86)\Polar\WebSync\WebSync.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2874256 2012-12-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13267016 2013-01-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1276488 2013-01-18] (Realtek Semiconductor)
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519408 2013-07-18] (Acronis)
HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.)
HKLM-x32\...\Run: [LManager] - [X]
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7843992 2013-10-24] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] - C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1104616 2013-10-10] (Acronis International GmbH)
HKLM-x32\...\Run: [emsisoft anti-malware] - c:\program files (x86)\emsisoft anti-malware\a2guard.exe [4329408 2013-12-04] (Emsisoft GmbH)
HKLM\...\Runonce: [MSPCLOCK] - rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}
HKLM\...\Runonce: [MSPQM] - rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}
HKLM\...\Runonce: [MSKSSRV] - rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}
HKLM\...\Runonce: [MSTEE.CxTransform] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [MSTEE.Splitter] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [WDM_DRMKAUD] - rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\Windows\inf\WDMAUDIO.inf,WDM_DRMKAUD.Interface.Install
HKLM\...\RunOnce: [BrowserChoice] - C:\Windows\BrowserChoice\browserchoice.exe [86696 2012-08-15] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-01-28] ( (Atheros Communications))
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3049176386-3505927428-341134551-1002\...\Run: [DelayShred] - C:\Users\maiko_000\Documents\UseNeXT\wizard\Taxi.Tycoon.v2.4.GERMAN-HARPOON - (1_7) - _Taxi.Ty\Taxi.Tycoon.v2.4.GERMAN-HARPOON.exe [48625620 2014-01-06] ()
HKU\S-1-5-21-3049176386-3505927428-341134551-1002\...\Winlogon: [Userinit] userinit.exe, [25088 2012-07-26] (Microsoft Corporation)
HKU\S-1-5-21-3049176386-3505927428-341134551-1002\...\Winlogon: [Shell] explorer.exe [2391280 2013-06-01] (Microsoft Corporation) <==== ATTENTION 
Startup: C:\Users\maiko_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoStarter.lnk
ShortcutTarget: AutoStarter.lnk -> C:\Users\maiko_000\Documents\UseNeXT\wizard\Prison Tycoon - Backlash\Prison_Tycoon_GERMAN-BACKLASH.exe (No File)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoStarter.lnk
ShortcutTarget: AutoStarter.lnk -> C:\Users\maiko_000\Documents\UseNeXT\wizard\Prison Tycoon - Backlash\Prison_Tycoon_GERMAN-BACKLASH.exe (No File)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKLM - DefaultScope {6D2BF56D-8AAD-411D-8470-6B4A0C99C77C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {6D2BF56D-8AAD-411D-8470-6B4A0C99C77C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 - {6D2BF56D-8AAD-411D-8470-6B4A0C99C77C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKCU - {6D2BF56D-8AAD-411D-8470-6B4A0C99C77C} URL = 
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: OfferMosquito - {82B16A3D-F03E-4565-A532-666B219C9A53} - C:\Users\user\AppData\Local\ext_offermosquito\OfferMosquitoIEPlaceholder.dll (Bebo Media Ltd)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll (Google Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} -  No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll (Google Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Hosts: 127.0.0.1 activation.acronis.com 
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\maiko_000\AppData\Roaming\Mozilla\Firefox\Profiles\dzggwuzo.default
FF Homepage: hxxp://www.freenet.de/|about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-04-18]

==================== Services (Whitelisted) =================

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4161512 2013-12-04] (Emsisoft GmbH)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
R2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [2650112 2010-05-28] (DATA BECKER GmbH & Co KG)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100752 2012-12-07] (ELAN Microelectronics Corp.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 lmhosts; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-11-28] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
S2 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 MfeASUM; C:\Program Files\McAfee\AppStats\MfeASUM.exe [335216 2014-01-12] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025232 2013-12-11] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-12-05] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [184800 2013-12-05] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 NlaSvc; C:\Windows\System32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 Polar Daemon; C:\Program Files (x86)\Polar\Daemon\polard.exe [413184 2012-08-17] ()
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2013-07-25] (Dritek System INC.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [70960 2013-08-24] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [17384 2013-03-28] (Emsisoft GmbH)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-28] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-12-05] (McAfee, Inc.)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179792 2013-12-05] (McAfee, Inc.)
R1 MfeASKM; C:\Program Files\McAfee\AppStats\MfeASKM.sys [31408 2014-01-12] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311120 2013-12-05] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69344 2013-12-05] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519576 2013-12-05] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [782616 2013-12-05] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [411944 2013-11-26] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96112 2013-11-26] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343696 2013-12-05] (McAfee, Inc.)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-07-25] (Dritek System Inc.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-01-26] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2014-01-26] (Acronis International GmbH)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-09 12:41 - 2014-02-09 12:42 - 00018341 _____ () C:\Users\maiko_000\Downloads\FRST.txt
2014-02-09 12:40 - 2014-02-09 12:40 - 02170368 _____ (Farbar) C:\Users\maiko_000\Downloads\FRST64.exe
2014-02-07 03:02 - 2014-02-09 12:41 - 00000000 ____D () C:\FRST
2014-02-06 17:49 - 2014-02-06 17:49 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-02-05 21:06 - 2014-02-06 17:11 - 00000000 ____D () C:\Users\maiko_000\AppData\Local\CrashDumps
2014-02-05 21:04 - 2014-02-05 21:04 - 00002231 _____ () C:\Users\Public\Desktop\BewerbungsGenie 7.lnk
2014-02-05 21:04 - 2014-02-05 21:04 - 00000000 ____D () C:\Users\user\AppData\Roaming\ProtectDisc
2014-02-05 21:02 - 2014-02-05 21:02 - 00000000 ____D () C:\Program Files (x86)\DATA BECKER
2014-02-05 20:00 - 2014-02-05 20:00 - 00000000 ____D () C:\Users\maiko_000\Documents\Anti-Malware
2014-02-05 19:21 - 2014-02-05 19:21 - 00001095 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-02-05 19:20 - 2014-02-09 12:32 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-02-05 19:20 - 2014-02-05 19:20 - 00000000 ____D () C:\Users\user\Documents\Anti-Malware
2014-02-05 18:27 - 2014-02-05 18:18 - 00000000 _____ () C:\Users\maiko_000\Desktop\mbam-setup-1.75.0.1300.exe
2014-02-05 16:55 - 2014-02-05 16:55 - 00000000 ____D () C:\Windows\pss
2014-02-05 16:52 - 2014-02-05 16:53 - 129598176 _____ () C:\Users\maiko_000\Downloads\avira_free344_antivirus_de.exe
2014-02-02 20:45 - 2014-02-02 20:45 - 00380653 _____ () C:\Users\maiko_000\Downloads\exercise-2014-2-2.gpx
2014-01-31 22:24 - 2014-01-31 22:24 - 00448512 _____ (OldTimer Tools) C:\Users\maiko_000\Downloads\TFC.exe
2014-01-31 22:18 - 2014-01-31 22:20 - 00000000 ____D () C:\AdwCleaner
2014-01-31 22:16 - 2014-01-31 22:16 - 01166132 _____ () C:\Users\maiko_000\Downloads\adwcleaner.exe
2014-01-31 15:30 - 2014-01-31 15:30 - 00821760 _____ (Browser Opt-out) C:\Users\maiko_000\Downloads\uninstall(1).exe
2014-01-31 15:29 - 2014-01-31 15:29 - 00821760 _____ (Browser Opt-out) C:\Users\maiko_000\Downloads\uninstall.exe
2014-01-30 21:36 - 2014-01-30 22:02 - 00113664 _____ () C:\Users\maiko_000\Desktop\Spesen Januar 2014.xls
2014-01-30 21:31 - 2014-01-30 21:31 - 00565248 _____ () C:\Users\maiko_000\Downloads\reisekosten-inland-2014.xls
2014-01-30 21:25 - 2014-02-09 12:35 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-30 21:25 - 2014-02-09 12:29 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-30 21:25 - 2014-01-30 21:25 - 00000000 ____D () C:\Users\user\AppData\Roaming\Mozilla
2014-01-30 21:25 - 2014-01-30 21:25 - 00000000 ____D () C:\Users\user\AppData\Roaming\Fifth
2014-01-30 21:25 - 2014-01-30 21:25 - 00000000 ____D () C:\Users\user\AppData\Local\Mozilla
2014-01-30 21:25 - 2014-01-30 21:25 - 00000000 ____D () C:\Users\user\AppData\Local\Google
2014-01-30 21:25 - 2014-01-30 21:25 - 00000000 ____D () C:\Users\user\AppData\Local\ext_offermosquito
2014-01-30 21:25 - 2014-01-30 21:25 - 00000000 ____D () C:\Program Files (x86)\Google
2014-01-30 21:24 - 2014-01-31 22:19 - 00000000 ____D () C:\Users\user\AppData\Roaming\Common
2014-01-30 21:24 - 2014-01-30 21:24 - 00000759 _____ () C:\Users\user\Desktop\Reisekosten 2014 TEST.lnk
2014-01-30 21:24 - 2014-01-30 21:24 - 00000759 _____ () C:\Users\maiko_000\Desktop\Reisekosten 2014 TEST.lnk
2014-01-30 21:24 - 2014-01-30 21:24 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reisekosten 2014 TEST
2014-01-30 21:24 - 2014-01-30 21:24 - 00000000 ____D () C:\Reisekosten
2014-01-30 21:23 - 2014-01-30 21:23 - 02096296 _____ () C:\Users\user\Desktop\spesen.exe
2014-01-30 21:22 - 2014-01-30 21:22 - 00000000 ____D () C:\Users\user\AppData\Roaming\Macromedia
2014-01-30 21:21 - 2014-01-30 21:22 - 00401760 _____ (Softonic ) C:\Users\maiko_000\Downloads\SoftonicDownloader_fuer_sd-reisekosten.exe
2014-01-26 15:06 - 2014-01-26 15:06 - 13079688 _____ (Microsoft Corporation) C:\Users\maiko_000\Downloads\Silverlight_x64.exe
2014-01-26 15:06 - 2014-01-26 15:06 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-01-26 15:06 - 2014-01-26 15:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-01-26 12:39 - 2014-01-26 12:39 - 00000000 ____D () C:\Users\user\AppData\Roaming\8floor
2014-01-26 12:28 - 2014-01-26 12:30 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-01-26 09:49 - 2014-01-26 09:49 - 00000000 ____D () C:\Users\user\AppData\Roaming\Acronis
2014-01-26 09:47 - 2014-01-26 09:47 - 01464096 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tdrpman.sys
2014-01-26 09:47 - 2014-01-26 09:47 - 01120032 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys
2014-01-26 09:47 - 2014-01-26 09:47 - 00367200 _____ (Acronis) C:\Windows\system32\Drivers\afcdp.sys
2014-01-26 09:47 - 2014-01-26 09:47 - 00198432 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib_mounter.sys
2014-01-26 09:47 - 2014-01-26 09:47 - 00000000 ____D () C:\ProgramData\Acronis
2014-01-26 09:46 - 2014-01-26 09:46 - 00269600 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\snapman.sys
2014-01-26 09:46 - 2014-01-26 09:46 - 00116000 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys
2014-01-26 09:46 - 2014-01-26 09:46 - 00001205 _____ () C:\Users\Public\Desktop\Acronis True Image 2014.lnk
2014-01-26 09:46 - 2014-01-26 09:46 - 00000000 ____D () C:\Program Files (x86)\Acronis
2014-01-25 22:48 - 2014-01-25 22:48 - 00522143 _____ () C:\Users\maiko_000\Downloads\exercise-2013-12-15.gpx
2014-01-25 22:42 - 2014-01-25 22:42 - 00475008 _____ () C:\Users\maiko_000\Downloads\exercise-2014-1-19.gpx
2014-01-25 22:39 - 2014-01-25 22:39 - 00467685 _____ () C:\Users\maiko_000\Downloads\Sorpe-2014-1-17.gpx
2014-01-25 22:34 - 2014-01-25 22:34 - 00437466 _____ () C:\Users\maiko_000\Downloads\exercise-2014-1-14.gpx
2014-01-25 22:30 - 2014-01-25 22:30 - 00499004 _____ () C:\Users\maiko_000\Downloads\exercise-2014-1-3.gpx
2014-01-25 22:19 - 2014-01-25 22:19 - 00338623 _____ () C:\Users\maiko_000\Downloads\exercise-2014-1-22.gpx
2014-01-25 22:15 - 2014-01-25 22:15 - 00622051 _____ () C:\Users\maiko_000\Downloads\exercise-2014-1-25(1).gpx
2014-01-25 22:14 - 2014-01-25 22:15 - 00622051 _____ () C:\Users\maiko_000\Downloads\exercise-2014-1-25.gpx
2014-01-25 21:32 - 2014-01-25 21:33 - 43340104 _____ (Polar Electro Oy ) C:\Users\maiko_000\Downloads\websync_2.8.1(4).exe
2014-01-24 19:29 - 2014-01-24 19:31 - 00000000 ____D () C:\Users\maiko_000\Desktop\ebay-bücher
2014-01-23 20:46 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2014-01-23 09:08 - 2014-01-23 09:08 - 02239256 _____ () C:\Users\user\AppData\Local\omesuperv.exe
2014-01-21 20:30 - 2014-01-21 20:30 - 00062888 _____ () C:\Users\maiko_000\Desktop\Unbenannt 1.odt
2014-01-20 21:01 - 2014-01-20 21:04 - 00000000 ____D () C:\Users\maiko_000\Documents\Fax
2014-01-19 21:51 - 2014-01-19 21:51 - 00000771 _____ () C:\Users\maiko_000\Downloads\confirmation.de.ics
2014-01-19 00:21 - 2014-01-19 00:21 - 00191563 _____ () C:\Users\maiko_000\Desktop\Oschmann, Maik - Einkommensteuererklärung 2013.s14
2014-01-19 00:21 - 2014-01-19 00:21 - 00000000 ____D () C:\Users\maiko_000\Documents\Steuer-Sparbuch
2014-01-18 18:55 - 2014-01-18 23:45 - 00000000 ____D () C:\Users\maiko_000\.gimp-2.8
2014-01-18 18:55 - 2014-01-18 18:55 - 00000000 ____D () C:\Users\maiko_000\AppData\Local\gegl-0.2
2014-01-17 20:35 - 2014-01-17 20:35 - 43340104 _____ (Polar Electro Oy ) C:\Users\maiko_000\Downloads\websync_2.8.1(3).exe
2014-01-15 21:32 - 2014-01-15 21:34 - 00000000 ____D () C:\Program Files\GIMP 2
2014-01-15 21:30 - 2014-01-15 21:31 - 90396104 _____ (The GIMP Team ) C:\Users\maiko_000\Downloads\gimp-2.8.10-setup.exe
2014-01-15 19:05 - 2013-12-07 07:37 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-01-15 19:05 - 2013-12-07 07:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 19:05 - 2013-12-07 06:15 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-01-15 19:05 - 2013-12-07 06:15 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-14 20:18 - 2014-01-14 20:22 - 00000000 ____D () C:\Users\maiko_000\Desktop\ebay - pc
2014-01-14 19:16 - 2013-10-31 06:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2014-01-14 19:16 - 2013-10-31 06:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2014-01-14 19:16 - 2013-10-31 05:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2014-01-14 19:16 - 2013-10-31 04:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2014-01-14 19:16 - 2013-10-28 06:50 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-01-14 19:16 - 2013-10-28 05:05 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-01-14 19:16 - 2013-10-13 21:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2014-01-14 19:16 - 2013-08-27 06:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-01-14 19:16 - 2013-08-27 06:19 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-01-14 19:16 - 2013-08-26 23:29 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-01-14 19:16 - 2013-08-26 23:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-01-14 19:11 - 2014-01-14 19:11 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-01-13 21:29 - 2014-01-18 22:52 - 00000000 ____D () C:\Users\maiko_000\AppData\Local\Buhl
2014-01-13 21:29 - 2014-01-13 21:29 - 00000080 _____ () C:\Windows\wiso.ini
2014-01-13 21:29 - 2014-01-13 21:29 - 00000000 ____D () C:\Users\user\AppData\Local\Buhl
2014-01-13 21:28 - 2014-01-13 21:28 - 00002099 _____ () C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2014.lnk
2014-01-13 21:27 - 2014-01-13 21:27 - 00000000 ____D () C:\Program Files (x86)\WISO
2014-01-13 21:26 - 2014-01-13 21:29 - 00000000 ____D () C:\ProgramData\Buhl Data Service GmbH
2014-01-12 19:17 - 2014-01-25 21:34 - 00002055 _____ () C:\Users\Public\Desktop\Polar WebSync.lnk
2014-01-12 19:14 - 2014-01-12 19:15 - 43340104 _____ (Polar Electro Oy ) C:\Users\maiko_000\Downloads\websync_2.8.1(2).exe
2014-01-12 19:14 - 2014-01-12 19:15 - 11642681 _____ (Polar Electro Oy ) C:\Users\maiko_000\Downloads\daemon_win32_2.2.2_distribution.exe
2014-01-12 14:16 - 2014-01-12 14:17 - 00307760 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-12 14:09 - 2014-01-12 14:09 - 00000000 ____D () C:\Users\maiko_000\Polar WebSync
2014-01-12 13:44 - 2014-01-12 13:44 - 03571656 _____ (Piriform Ltd) C:\Users\maiko_000\Downloads\ccsetup409_slim.exe
2014-01-12 13:37 - 2014-01-12 13:37 - 00000000 ____D () C:\Users\user\Polar WebSync
2014-01-12 13:35 - 2014-01-12 13:35 - 43340104 _____ (Polar Electro Oy ) C:\Users\maiko_000\Downloads\websync_2.8.1(1).exe
2014-01-12 13:12 - 2014-01-12 19:17 - 00000000 ____D () C:\Program Files (x86)\Polar
2014-01-12 13:10 - 2014-01-12 13:11 - 43340104 _____ (Polar Electro Oy ) C:\Users\maiko_000\Downloads\websync_2.8.1.exe
2014-01-12 11:17 - 2014-01-12 11:17 - 00000000 ____D () C:\Users\maiko_000\AppData\Roaming\OpenOffice
2014-01-12 10:42 - 2014-01-12 10:42 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-01-12 10:41 - 2014-01-12 10:41 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-01-12 10:38 - 2014-01-12 10:38 - 00000000 ____D () C:\Users\user\Desktop\OpenOffice 4.0.1 (de) Installation Files
2014-01-12 10:36 - 2014-01-12 10:37 - 163606685 _____ () C:\Users\maiko_000\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-01-11 23:58 - 2014-01-22 06:06 - 00000000 ____D () C:\Users\maiko_000\AppData\Roaming\vlc
2014-01-11 23:57 - 2014-01-11 23:57 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-01-11 23:57 - 2014-01-11 23:57 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-01-11 23:55 - 2014-01-11 23:56 - 24097311 _____ () C:\Users\maiko_000\Downloads\vlc-2.1.2-win32.exe
2014-01-11 23:03 - 2014-02-06 20:02 - 00000000 ____D () C:\Users\maiko_000\AppData\Roaming\UseNeXT
2014-01-11 23:03 - 2014-02-06 20:01 - 00000000 ____D () C:\Users\maiko_000\Documents\UseNeXT
2014-01-11 23:03 - 2014-01-11 23:03 - 00001861 _____ () C:\Users\user\Desktop\UseNeXT by Tangysoft.lnk
2014-01-11 23:03 - 2014-01-11 23:03 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-01-11 22:59 - 2014-01-11 23:00 - 05343592 _____ (Tangysoft Ltd. ) C:\Users\maiko_000\Downloads\UseNeXTSetup_5.62.exe
2014-01-11 22:30 - 2013-10-09 02:33 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-01-11 22:30 - 2013-10-08 23:30 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-01-11 22:30 - 2013-10-08 23:30 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-01-11 22:30 - 2013-10-08 23:30 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-01-11 22:30 - 2013-10-08 23:30 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-01-11 22:30 - 2013-10-08 23:28 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-01-11 22:30 - 2013-10-08 23:27 - 03279872 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-01-11 22:30 - 2013-10-08 23:27 - 01622016 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-01-11 22:30 - 2013-10-08 23:27 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-01-11 22:30 - 2013-10-08 23:27 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-01-11 22:30 - 2013-10-08 23:27 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-01-11 22:30 - 2013-10-08 23:27 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-01-11 22:30 - 2013-10-08 23:27 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-01-11 22:30 - 2013-10-05 07:10 - 00285016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-01-11 22:30 - 2013-10-03 23:09 - 00385528 _____ () C:\Windows\system32\ApnDatabase.xml
2014-01-11 22:30 - 2013-10-02 03:50 - 00447320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-01-11 22:30 - 2013-09-28 06:48 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-01-11 22:30 - 2013-09-28 04:58 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-01-11 22:30 - 2013-09-19 08:32 - 01455448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-01-11 22:30 - 2013-08-30 06:19 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2014-01-11 22:30 - 2013-08-30 06:18 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-01-11 22:30 - 2013-08-30 00:48 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2014-01-11 22:30 - 2013-08-30 00:47 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-01-11 22:30 - 2013-06-16 23:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-01-11 22:30 - 2013-06-01 12:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-01-11 22:30 - 2013-06-01 12:26 - 06987008 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-01-11 22:30 - 2013-06-01 12:26 - 00327936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-01-11 22:30 - 2013-06-01 11:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-01-11 22:30 - 2013-06-01 10:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-01-11 22:30 - 2013-06-01 10:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2014-01-11 22:30 - 2013-06-01 10:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-01-11 22:30 - 2013-06-01 10:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2014-01-11 22:30 - 2013-06-01 10:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2014-01-11 22:30 - 2013-06-01 10:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2014-01-11 22:30 - 2013-06-01 10:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2014-01-11 22:30 - 2013-06-01 10:22 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-01-11 22:30 - 2013-06-01 10:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2014-01-11 22:30 - 2013-06-01 10:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe
2014-01-11 22:30 - 2013-06-01 10:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2014-01-11 22:30 - 2013-06-01 10:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2014-01-11 22:30 - 2013-06-01 10:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-01-11 22:30 - 2013-06-01 10:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-01-11 22:30 - 2013-06-01 10:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2014-01-11 22:30 - 2013-06-01 10:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2014-01-11 22:30 - 2013-06-01 10:19 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-01-11 22:30 - 2013-06-01 10:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll
2014-01-11 22:30 - 2013-06-01 04:08 - 00037632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys
2014-01-11 22:30 - 2013-05-24 23:09 - 01403296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-01-11 22:30 - 2013-05-24 23:09 - 01271584 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-01-11 22:30 - 2013-05-24 23:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-01-11 22:30 - 2013-05-24 23:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-01-11 22:24 - 2013-09-13 23:36 - 00247296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2014-01-11 22:24 - 2013-09-13 23:33 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2014-01-11 22:24 - 2013-08-30 06:43 - 00061784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2014-01-11 22:24 - 2013-08-30 06:20 - 01173504 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2014-01-11 22:24 - 2013-08-30 00:48 - 00914432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2014-01-11 22:24 - 2013-08-21 07:39 - 00465240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-01-11 22:24 - 2013-08-10 07:30 - 00151896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2014-01-11 22:24 - 2013-08-10 06:21 - 00817152 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-01-11 22:24 - 2013-08-10 04:58 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-01-11 22:24 - 2013-07-25 00:10 - 10799104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-01-11 22:24 - 2013-07-25 00:07 - 13661696 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-01-11 22:24 - 2013-07-12 02:38 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-01-11 22:24 - 2013-07-12 02:30 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2014-01-11 22:22 - 2013-07-09 09:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2014-01-11 22:22 - 2013-07-09 07:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2014-01-11 22:22 - 2013-07-09 05:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2014-01-11 22:22 - 2013-07-09 04:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2014-01-11 22:22 - 2013-07-08 23:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2014-01-11 22:22 - 2013-07-08 23:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2014-01-11 22:22 - 2013-07-08 23:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll
2014-01-11 22:22 - 2013-07-08 23:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2014-01-11 22:22 - 2013-07-06 01:16 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-01-11 22:22 - 2013-07-03 01:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2014-01-11 22:22 - 2013-07-03 01:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2014-01-11 22:22 - 2013-07-03 01:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2014-01-11 22:22 - 2013-07-03 01:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2014-01-11 22:22 - 2013-06-30 23:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe
2014-01-11 22:22 - 2013-06-30 23:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe
2014-01-11 22:22 - 2013-06-29 07:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2014-01-11 22:22 - 2013-06-29 07:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2014-01-11 22:22 - 2013-06-29 06:43 - 00327512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-01-11 22:22 - 2013-06-26 04:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2014-01-11 22:22 - 2013-06-26 03:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2014-01-11 22:22 - 2013-06-24 23:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-01-11 22:22 - 2013-06-24 23:54 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2014-01-11 22:22 - 2013-06-24 23:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2014-01-11 22:22 - 2013-06-19 06:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2014-01-11 22:22 - 2013-06-19 06:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2014-01-11 22:22 - 2013-06-18 23:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2014-01-11 22:22 - 2013-06-18 23:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2014-01-11 22:22 - 2013-06-12 00:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2014-01-11 22:22 - 2013-06-12 00:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2014-01-11 22:22 - 2013-06-06 09:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-01-11 22:21 - 2013-08-03 07:40 - 01374208 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2014-01-11 22:21 - 2013-08-03 07:40 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2014-01-11 22:21 - 2013-08-03 07:40 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2014-01-11 22:21 - 2013-08-03 06:14 - 00399360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2014-01-11 22:21 - 2013-08-03 06:13 - 01245696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2014-01-11 22:21 - 2013-08-03 06:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2014-01-11 22:20 - 2013-08-10 06:21 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2014-01-11 22:20 - 2013-08-10 06:21 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
2014-01-11 22:20 - 2013-08-10 04:58 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2014-01-11 22:20 - 2013-08-02 07:28 - 19758080 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-01-11 22:20 - 2013-08-02 07:28 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-01-11 22:20 - 2013-08-02 06:08 - 17561088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-01-11 22:20 - 2013-08-02 06:08 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-01-11 22:20 - 2013-08-01 11:41 - 02233688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-01-11 22:20 - 2013-07-25 00:10 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2014-01-11 22:20 - 2013-07-25 00:06 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2014-01-11 22:20 - 2013-04-10 00:17 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2014-01-11 22:20 - 2013-04-09 23:29 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2014-01-11 22:11 - 2013-07-02 01:44 - 00036288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-01-11 22:11 - 2013-07-01 23:08 - 00247216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-01-11 22:10 - 2013-11-23 07:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-01-11 22:10 - 2013-11-23 06:05 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-01-11 22:10 - 2013-08-23 08:22 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-01-11 22:10 - 2013-08-23 02:44 - 01711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-01-11 22:10 - 2013-08-02 07:28 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-01-11 22:10 - 2013-08-02 06:08 - 08858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-01-11 22:10 - 2013-04-03 00:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-01-11 22:10 - 2013-04-03 00:12 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-01-11 22:10 - 2013-03-22 04:49 - 02382336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2014-01-11 22:10 - 2013-03-21 23:47 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-01-11 22:10 - 2013-03-02 09:23 - 00375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2014-01-11 22:10 - 2013-03-02 03:44 - 01011200 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-01-11 22:10 - 2012-10-24 04:25 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\ReAgentc.exe
2014-01-11 22:10 - 2012-10-24 03:48 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2014-01-11 22:09 - 2013-11-01 06:38 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-01-11 22:09 - 2013-11-01 04:49 - 00273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-01-11 22:09 - 2013-10-02 00:37 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-01-11 22:09 - 2013-10-02 00:26 - 02304512 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-01-11 22:00 - 2014-01-30 22:10 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-11 22:00 - 2014-01-30 22:10 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-11 21:55 - 2014-01-11 22:08 - 00000000 ___RD () C:\Windows\BrowserChoice
2014-01-10 09:27 - 2014-01-20 20:24 - 00000000 ____D () C:\Users\maiko_000\AppData\Local\clear.fi
2014-01-10 09:27 - 2014-01-10 09:27 - 00000000 ____D () C:\Users\maiko_000\Documents\clear.fi
2014-01-10 09:27 - 2014-01-10 09:27 - 00000000 ____D () C:\Users\maiko_000\AppData\Local\MusicPlayer

==================== One Month Modified Files and Folders =======

2014-02-09 12:42 - 2014-02-09 12:41 - 00018341 _____ () C:\Users\maiko_000\Downloads\FRST.txt
2014-02-09 12:41 - 2014-02-07 03:02 - 00000000 ____D () C:\FRST
2014-02-09 12:40 - 2014-02-09 12:40 - 02170368 _____ (Farbar) C:\Users\maiko_000\Downloads\FRST64.exe
2014-02-09 12:35 - 2014-01-30 21:25 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-09 12:35 - 2013-04-18 05:38 - 00001848 _____ () C:\Users\Public\Desktop\McAfee Internet Security Suite.lnk
2014-02-09 12:33 - 2013-07-25 10:36 - 01348481 _____ () C:\Windows\WindowsUpdate.log
2014-02-09 12:32 - 2014-02-05 19:20 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-02-09 12:31 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru
2014-02-09 12:29 - 2014-01-30 21:25 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-06 20:02 - 2014-01-11 23:03 - 00000000 ____D () C:\Users\maiko_000\AppData\Roaming\UseNeXT
2014-02-06 20:01 - 2014-01-11 23:03 - 00000000 ____D () C:\Users\maiko_000\Documents\UseNeXT
2014-02-06 18:47 - 2014-01-08 02:44 - 00000000 ____D () C:\Users\maiko_000\AppData\Local\VirtualStore
2014-02-06 18:32 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-06 17:49 - 2014-02-06 17:49 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-02-06 17:49 - 2013-04-18 05:36 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-02-06 17:11 - 2014-02-05 21:06 - 00000000 ____D () C:\Users\maiko_000\AppData\Local\CrashDumps
2014-02-06 16:54 - 2013-04-18 03:46 - 00332518 _____ () C:\Windows\PFRO.log
2014-02-05 21:04 - 2014-02-05 21:04 - 00002231 _____ () C:\Users\Public\Desktop\BewerbungsGenie 7.lnk
2014-02-05 21:04 - 2014-02-05 21:04 - 00000000 ____D () C:\Users\user\AppData\Roaming\ProtectDisc
2014-02-05 21:02 - 2014-02-05 21:02 - 00000000 ____D () C:\Program Files (x86)\DATA BECKER
2014-02-05 20:00 - 2014-02-05 20:00 - 00000000 ____D () C:\Users\maiko_000\Documents\Anti-Malware
2014-02-05 19:21 - 2014-02-05 19:21 - 00001095 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-02-05 19:20 - 2014-02-05 19:20 - 00000000 ____D () C:\Users\user\Documents\Anti-Malware
2014-02-05 18:18 - 2014-02-05 18:27 - 00000000 _____ () C:\Users\maiko_000\Desktop\mbam-setup-1.75.0.1300.exe
2014-02-05 16:55 - 2014-02-05 16:55 - 00000000 ____D () C:\Windows\pss
2014-02-05 16:55 - 2013-07-25 20:14 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2014-02-05 16:55 - 2013-07-25 20:14 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2014-02-05 16:55 - 2012-07-26 08:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-05 16:53 - 2014-02-05 16:52 - 129598176 _____ () C:\Users\maiko_000\Downloads\avira_free344_antivirus_de.exe
2014-02-04 19:51 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-02-02 20:45 - 2014-02-02 20:45 - 00380653 _____ () C:\Users\maiko_000\Downloads\exercise-2014-2-2.gpx
2014-02-01 21:30 - 2014-01-08 02:44 - 00000000 ___RD () C:\Users\maiko_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-31 22:24 - 2014-01-31 22:24 - 00448512 _____ (OldTimer Tools) C:\Users\maiko_000\Downloads\TFC.exe
2014-01-31 22:20 - 2014-01-31 22:18 - 00000000 ____D () C:\AdwCleaner
2014-01-31 22:19 - 2014-01-30 21:24 - 00000000 ____D () C:\Users\user\AppData\Roaming\Common
2014-01-31 22:16 - 2014-01-31 22:16 - 01166132 _____ () C:\Users\maiko_000\Downloads\adwcleaner.exe
2014-01-31 15:30 - 2014-01-31 15:30 - 00821760 _____ (Browser Opt-out) C:\Users\maiko_000\Downloads\uninstall(1).exe
2014-01-31 15:29 - 2014-01-31 15:29 - 00821760 _____ (Browser Opt-out) C:\Users\maiko_000\Downloads\uninstall.exe
2014-01-30 22:10 - 2014-01-11 22:00 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-30 22:10 - 2014-01-11 22:00 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-30 22:02 - 2014-01-30 21:36 - 00113664 _____ () C:\Users\maiko_000\Desktop\Spesen Januar 2014.xls
2014-01-30 21:31 - 2014-01-30 21:31 - 00565248 _____ () C:\Users\maiko_000\Downloads\reisekosten-inland-2014.xls
2014-01-30 21:25 - 2014-01-30 21:25 - 00000000 ____D () C:\Users\user\AppData\Roaming\Mozilla
2014-01-30 21:25 - 2014-01-30 21:25 - 00000000 ____D () C:\Users\user\AppData\Roaming\Fifth
2014-01-30 21:25 - 2014-01-30 21:25 - 00000000 ____D () C:\Users\user\AppData\Local\Mozilla
2014-01-30 21:25 - 2014-01-30 21:25 - 00000000 ____D () C:\Users\user\AppData\Local\Google
2014-01-30 21:25 - 2014-01-30 21:25 - 00000000 ____D () C:\Users\user\AppData\Local\ext_offermosquito
2014-01-30 21:25 - 2014-01-30 21:25 - 00000000 ____D () C:\Program Files (x86)\Google
2014-01-30 21:24 - 2014-01-30 21:24 - 00000759 _____ () C:\Users\user\Desktop\Reisekosten 2014 TEST.lnk
2014-01-30 21:24 - 2014-01-30 21:24 - 00000759 _____ () C:\Users\maiko_000\Desktop\Reisekosten 2014 TEST.lnk
2014-01-30 21:24 - 2014-01-30 21:24 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reisekosten 2014 TEST
2014-01-30 21:24 - 2014-01-30 21:24 - 00000000 ____D () C:\Reisekosten
2014-01-30 21:23 - 2014-01-30 21:23 - 02096296 _____ () C:\Users\user\Desktop\spesen.exe
2014-01-30 21:22 - 2014-01-30 21:22 - 00000000 ____D () C:\Users\user\AppData\Roaming\Macromedia
2014-01-30 21:22 - 2014-01-30 21:21 - 00401760 _____ (Softonic ) C:\Users\maiko_000\Downloads\SoftonicDownloader_fuer_sd-reisekosten.exe
2014-01-26 20:21 - 2014-01-08 04:48 - 00000000 ____D () C:\Users\maiko_000\Desktop\Iomega Platte
2014-01-26 15:06 - 2014-01-26 15:06 - 13079688 _____ (Microsoft Corporation) C:\Users\maiko_000\Downloads\Silverlight_x64.exe
2014-01-26 15:06 - 2014-01-26 15:06 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-01-26 15:06 - 2014-01-26 15:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-01-26 12:39 - 2014-01-26 12:39 - 00000000 ____D () C:\Users\user\AppData\Roaming\8floor
2014-01-26 12:30 - 2014-01-26 12:28 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-01-26 12:29 - 2013-11-30 17:15 - 00000000 ___RD () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-26 09:49 - 2014-01-26 09:49 - 00000000 ____D () C:\Users\user\AppData\Roaming\Acronis
2014-01-26 09:47 - 2014-01-26 09:47 - 01464096 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tdrpman.sys
2014-01-26 09:47 - 2014-01-26 09:47 - 01120032 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys
2014-01-26 09:47 - 2014-01-26 09:47 - 00367200 _____ (Acronis) C:\Windows\system32\Drivers\afcdp.sys
2014-01-26 09:47 - 2014-01-26 09:47 - 00198432 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib_mounter.sys
2014-01-26 09:47 - 2014-01-26 09:47 - 00000000 ____D () C:\ProgramData\Acronis
2014-01-26 09:46 - 2014-01-26 09:46 - 00269600 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\snapman.sys
2014-01-26 09:46 - 2014-01-26 09:46 - 00116000 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys
2014-01-26 09:46 - 2014-01-26 09:46 - 00001205 _____ () C:\Users\Public\Desktop\Acronis True Image 2014.lnk
2014-01-26 09:46 - 2014-01-26 09:46 - 00000000 ____D () C:\Program Files (x86)\Acronis
2014-01-25 22:48 - 2014-01-25 22:48 - 00522143 _____ () C:\Users\maiko_000\Downloads\exercise-2013-12-15.gpx
2014-01-25 22:42 - 2014-01-25 22:42 - 00475008 _____ () C:\Users\maiko_000\Downloads\exercise-2014-1-19.gpx
2014-01-25 22:39 - 2014-01-25 22:39 - 00467685 _____ () C:\Users\maiko_000\Downloads\Sorpe-2014-1-17.gpx
2014-01-25 22:34 - 2014-01-25 22:34 - 00437466 _____ () C:\Users\maiko_000\Downloads\exercise-2014-1-14.gpx
2014-01-25 22:30 - 2014-01-25 22:30 - 00499004 _____ () C:\Users\maiko_000\Downloads\exercise-2014-1-3.gpx
2014-01-25 22:19 - 2014-01-25 22:19 - 00338623 _____ () C:\Users\maiko_000\Downloads\exercise-2014-1-22.gpx
2014-01-25 22:15 - 2014-01-25 22:15 - 00622051 _____ () C:\Users\maiko_000\Downloads\exercise-2014-1-25(1).gpx
2014-01-25 22:15 - 2014-01-25 22:14 - 00622051 _____ () C:\Users\maiko_000\Downloads\exercise-2014-1-25.gpx
2014-01-25 21:34 - 2014-01-12 19:17 - 00002055 _____ () C:\Users\Public\Desktop\Polar WebSync.lnk
2014-01-25 21:33 - 2014-01-25 21:32 - 43340104 _____ (Polar Electro Oy ) C:\Users\maiko_000\Downloads\websync_2.8.1(4).exe
2014-01-24 19:31 - 2014-01-24 19:29 - 00000000 ____D () C:\Users\maiko_000\Desktop\ebay-bücher
2014-01-23 20:41 - 2013-04-18 05:36 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-01-23 20:40 - 2012-07-26 09:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-01-23 09:08 - 2014-01-23 09:08 - 02239256 _____ () C:\Users\user\AppData\Local\omesuperv.exe
2014-01-22 06:06 - 2014-01-11 23:58 - 00000000 ____D () C:\Users\maiko_000\AppData\Roaming\vlc
2014-01-21 20:46 - 2012-07-26 08:21 - 00033018 _____ () C:\Windows\setupact.log
2014-01-21 20:30 - 2014-01-21 20:30 - 00062888 _____ () C:\Users\maiko_000\Desktop\Unbenannt 1.odt
2014-01-20 21:07 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-01-20 21:04 - 2014-01-20 21:01 - 00000000 ____D () C:\Users\maiko_000\Documents\Fax
2014-01-20 20:25 - 2013-07-25 11:03 - 00000000 ____D () C:\ProgramData\Norton
2014-01-20 20:24 - 2014-01-10 09:27 - 00000000 ____D () C:\Users\maiko_000\AppData\Local\clear.fi
2014-01-19 21:51 - 2014-01-19 21:51 - 00000771 _____ () C:\Users\maiko_000\Downloads\confirmation.de.ics
2014-01-19 00:21 - 2014-01-19 00:21 - 00191563 _____ () C:\Users\maiko_000\Desktop\Oschmann, Maik - Einkommensteuererklärung 2013.s14
2014-01-19 00:21 - 2014-01-19 00:21 - 00000000 ____D () C:\Users\maiko_000\Documents\Steuer-Sparbuch
2014-01-18 23:45 - 2014-01-18 18:55 - 00000000 ____D () C:\Users\maiko_000\.gimp-2.8
2014-01-18 22:52 - 2014-01-13 21:29 - 00000000 ____D () C:\Users\maiko_000\AppData\Local\Buhl
2014-01-18 18:55 - 2014-01-18 18:55 - 00000000 ____D () C:\Users\maiko_000\AppData\Local\gegl-0.2
2014-01-18 18:55 - 2014-01-08 02:44 - 00000000 ____D () C:\Users\maiko_000
2014-01-18 17:05 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\WinStore
2014-01-17 20:35 - 2014-01-17 20:35 - 43340104 _____ (Polar Electro Oy ) C:\Users\maiko_000\Downloads\websync_2.8.1(3).exe
2014-01-17 19:30 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\rescache
2014-01-15 21:34 - 2014-01-15 21:32 - 00000000 ____D () C:\Program Files\GIMP 2
2014-01-15 21:31 - 2014-01-15 21:30 - 90396104 _____ (The GIMP Team ) C:\Users\maiko_000\Downloads\gimp-2.8.10-setup.exe
2014-01-15 21:29 - 2014-01-09 17:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 21:28 - 2014-01-09 17:02 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-14 20:22 - 2014-01-14 20:18 - 00000000 ____D () C:\Users\maiko_000\Desktop\ebay - pc
2014-01-14 19:11 - 2014-01-14 19:11 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-01-13 21:29 - 2014-01-13 21:29 - 00000080 _____ () C:\Windows\wiso.ini
2014-01-13 21:29 - 2014-01-13 21:29 - 00000000 ____D () C:\Users\user\AppData\Local\Buhl
2014-01-13 21:29 - 2014-01-13 21:26 - 00000000 ____D () C:\ProgramData\Buhl Data Service GmbH
2014-01-13 21:28 - 2014-01-13 21:28 - 00002099 _____ () C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2014.lnk
2014-01-13 21:27 - 2014-01-13 21:27 - 00000000 ____D () C:\Program Files (x86)\WISO
2014-01-13 21:27 - 2013-04-18 05:42 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-01-12 19:17 - 2014-01-12 13:12 - 00000000 ____D () C:\Program Files (x86)\Polar
2014-01-12 19:15 - 2014-01-12 19:14 - 43340104 _____ (Polar Electro Oy ) C:\Users\maiko_000\Downloads\websync_2.8.1(2).exe
2014-01-12 19:15 - 2014-01-12 19:14 - 11642681 _____ (Polar Electro Oy ) C:\Users\maiko_000\Downloads\daemon_win32_2.2.2_distribution.exe
2014-01-12 14:17 - 2014-01-12 14:16 - 00307760 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-12 14:09 - 2014-01-12 14:09 - 00000000 ____D () C:\Users\maiko_000\Polar WebSync
2014-01-12 13:44 - 2014-01-12 13:44 - 03571656 _____ (Piriform Ltd) C:\Users\maiko_000\Downloads\ccsetup409_slim.exe
2014-01-12 13:37 - 2014-01-12 13:37 - 00000000 ____D () C:\Users\user\Polar WebSync
2014-01-12 13:35 - 2014-01-12 13:35 - 43340104 _____ (Polar Electro Oy ) C:\Users\maiko_000\Downloads\websync_2.8.1(1).exe
2014-01-12 13:21 - 2014-01-08 02:44 - 00000000 ___RD () C:\Users\maiko_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-01-12 13:16 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-01-12 13:16 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-01-12 13:16 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-01-12 13:16 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-01-12 13:15 - 2012-07-26 09:12 - 00000000 ___RD () C:\Windows\ToastData
2014-01-12 13:15 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2014-01-12 13:15 - 2012-07-26 06:38 - 00000000 ____D () C:\Windows\system32\oobe
2014-01-12 13:11 - 2014-01-12 13:10 - 43340104 _____ (Polar Electro Oy ) C:\Users\maiko_000\Downloads\websync_2.8.1.exe
2014-01-12 11:17 - 2014-01-12 11:17 - 00000000 ____D () C:\Users\maiko_000\AppData\Roaming\OpenOffice
2014-01-12 10:42 - 2014-01-12 10:42 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-01-12 10:41 - 2014-01-12 10:41 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-01-12 10:38 - 2014-01-12 10:38 - 00000000 ____D () C:\Users\user\Desktop\OpenOffice 4.0.1 (de) Installation Files
2014-01-12 10:37 - 2014-01-12 10:36 - 163606685 _____ () C:\Users\maiko_000\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-01-12 10:33 - 2013-04-18 05:36 - 00000000 ____D () C:\ProgramData\McAfee
2014-01-11 23:57 - 2014-01-11 23:57 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-01-11 23:57 - 2014-01-11 23:57 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-01-11 23:56 - 2014-01-11 23:55 - 24097311 _____ () C:\Users\maiko_000\Downloads\vlc-2.1.2-win32.exe
2014-01-11 23:03 - 2014-01-11 23:03 - 00001861 _____ () C:\Users\user\Desktop\UseNeXT by Tangysoft.lnk
2014-01-11 23:03 - 2014-01-11 23:03 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-01-11 23:00 - 2014-01-11 22:59 - 05343592 _____ (Tangysoft Ltd. ) C:\Users\maiko_000\Downloads\UseNeXTSetup_5.62.exe
2014-01-11 22:08 - 2014-01-11 21:55 - 00000000 ___RD () C:\Windows\BrowserChoice
2014-01-11 22:08 - 2014-01-08 02:44 - 00000000 ____D () C:\Users\maiko_000\AppData\Local\Packages
2014-01-11 22:08 - 2013-04-18 03:58 - 00000000 ____D () C:\ProgramData\PRICache
2014-01-11 22:05 - 2013-04-18 05:36 - 00000000 ____D () C:\Program Files\mcafee
2014-01-11 22:01 - 2012-07-26 06:37 - 00000000 ____D () C:\Windows\servicing
2014-01-11 21:56 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-01-11 21:56 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-01-11 21:55 - 2012-07-26 08:52 - 00000000 ____D () C:\Program Files\Windows Journal
2014-01-11 21:51 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-01-11 21:51 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-01-11 21:51 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-01-11 21:51 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-01-11 21:51 - 2012-07-26 06:38 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-01-11 21:50 - 2012-07-26 06:38 - 00000000 ____D () C:\Windows\system32\Dism
2014-01-10 09:27 - 2014-01-10 09:27 - 00000000 ____D () C:\Users\maiko_000\Documents\clear.fi
2014-01-10 09:27 - 2014-01-10 09:27 - 00000000 ____D () C:\Users\maiko_000\AppData\Local\MusicPlayer

Some content of TEMP:
====================
C:\Users\maiko_000\AppData\Local\Temp\player.exe
C:\Users\user\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-02-2014
Ran by maiko_000 at 2014-02-09 12:43:10
Running from C:\Users\maiko_000\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Emsisoft Anti-Malware (Enabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

 clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
 clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
Acer Device Fast-lane (Version: 1.00.3011 - Acer Incorporated)
Acer Instant Update Service (Version: 1.00.3015 - Acer Incorporated)
Acer Power Management (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (Version: 6.00.3016 - Acer Incorporated)
AcerCloud Docs (x32 Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (x32 Version: 2.02.2021 - Acer Incorporated)
Acronis True Image 2014 (x32 Version: 17.0.6614 - Acronis) Hidden
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
clear.fi Media (x32 Version: 2.02.2012 - Acer Incorporated)
clear.fi Photo (x32 Version: 2.02.2016 - Acer Incorporated)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3729_45993 - CyberLink Corp.)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3729_45993 - CyberLink Corp.) Hidden
DATA BECKER BewerbungsGenie 7 (x32 Version: 6.0.10.49 - DATA BECKER GmbH & Co. KG)
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Dolby Home Theater v4 (x32 Version: 7.2.8000.17 - Dolby Laboratories Inc)
eBay Worldwide (x32 Version: 2.4.0105 - OEM)
Emsisoft Anti-Malware (x32 Version: 8.1 - Emsisoft GmbH)
ETDWare PS/2-X64 11.6.17.002_WHQL (Version: 11.6.17.002 - ELAN Microelectronic Corp.)
GIMP 2.8.10 (Version: 2.8.10 - The GIMP Team)
Google Chrome Frame (x32 Version: 65.169.102 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Identity Card (x32 Version: 2.00.3006 - Acer Incorporated)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2867 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Launch Manager (x32 Version: 7.0.10 - Acer Inc.)
Live Updater (x32 Version: 2.00.3010 - Acer Incorporated)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
McAfee Internet Security Suite (x32 Version: 12.8.908 - McAfee, Inc.)
Microsoft Office (x32 Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Nero BackItUp (x32 Version: 12.5.5000 - Nero AG) Hidden
Nero BackItUp 12 Essentials OEM.a01 (x32 Version: 12.5.00500 - Nero AG)
Nero BackItUp Help (CHM) (x32 Version: 12.0.10000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15600 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.20200 - Nero AG) Hidden
Nero Launcher (x32 Version: 12.2.7000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 12.0.3001 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Norton Online Backup (x32 Version: 2.2.3.51r2 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden
Office Addin (x32 Version: 2.02.2008 - Acer)
Office Addin 2003 (x32 Version: 2.02.2008 - Acer)
OpenOffice 4.0.1 (x32 Version: 4.01.9714 - Apache Software Foundation)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Daemon (x32 Version: 2.2.20000 - Polar Electro Oy)
Polar WebSync (x32 Version: 2.8.10006 - Polar Electro Oy)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
ProtectDisc Driver, Version 11 (x32 Version: 11.0.0.14 - ProtectDisc Software GmbH)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 2.1.0.7 - Qualcomm Atheros Communications Inc.)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (x32 Version: 11.41 - Qualcomm Atheros)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6833 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (x32 Version: 6.2.8400.28124 - Realtek Semiconductor Corp.)
SD-Reisekosten 2014 Testversion für 5 Reisenden  (x32 Version:  - )
Shared C Run-time for x64 (Version: 10.0.0 - McAfee)
Spotify (x32 Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
UseNeXT by Tangysoft (x32 Version:  - Tangysoft Ltd.)
Visual Studio 2005 Tools for Office Second Edition Runtime (x32 Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (x32 Version: 1 - Microsoft Corporation)
VLC media player 2.1.2 (x32 Version: 2.1.2 - VideoLAN)
WildTangent Games (x32 Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
WinRAR 5.01 (32-bit) (x32 Version: 5.01.0 - win.rar GmbH)
WISO Steuer-Sparbuch 2014 (x32 Version: 21.01.8499 - Buhl Data Service GmbH)

==================== Restore Points  =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

2012-07-26 06:26 - 2014-01-26 09:48 - 00000861 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activation.acronis.com 

==================== Scheduled Tasks (whitelisted) =============

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ?

==================== Loaded Modules (whitelisted) =============

2013-10-01 10:32 - 2013-10-01 10:32 - 02818216 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2014-01-08 04:14 - 2014-01-08 04:14 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-01-28 13:45 - 2013-01-28 13:45 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-01-28 13:42 - 2013-01-28 13:42 - 00084992 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-01-28 13:47 - 2013-01-28 13:47 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2013-04-18 04:39 - 2012-10-23 04:37 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-02-26 16:59 - 2013-02-26 16:59 - 06227512 _____ () C:\Program Files (x86)\Polar\WebSync\WebSync.exe
2013-02-08 22:24 - 2013-02-08 22:24 - 00044616 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2013-02-08 22:24 - 2013-02-08 22:24 - 00025672 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== Faulty Device Manager Devices =============

Name: Bluetooth USB Module
Description: Bluetooth USB Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/09/2014 00:41:51 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (02/09/2014 00:29:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: ACER)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2147467263. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/09/2014 00:29:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: ACER)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2147467263. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/09/2014 00:29:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: ACER)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2147467263. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/09/2014 00:29:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: ACER)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2147467263. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/09/2014 00:29:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: ACER)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2147467263. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/08/2014 03:30:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: ACER)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2147467263. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/08/2014 03:30:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: ACER)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2147467263. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/08/2014 03:30:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: ACER)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2147467263. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/08/2014 03:30:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: ACER)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2147467263. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


System errors:
=============
Error: (02/07/2014 08:47:26 PM) (Source: DCOM) (User: ACER)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (02/06/2014 07:14:09 PM) (Source: Ntfs) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "Acer" wurde eine Beschädigung erkannt.

In einer Indexstruktur des Dateisystems wurde eine Beschädigung gefunden. Die Dateireferenznummer ist 0x9000000000009. Der Name der Datei ist "<Dateiname kann nicht bestimmt werden>". Das Attribut des beschädigten Indexes ist ":$SDH:$INDEX_ALLOCATION".

Error: (02/06/2014 06:33:05 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee Inc. mfeapfk" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1243

Error: (02/06/2014 05:54:18 PM) (Source: DCOM) (User: ACER)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (02/06/2014 05:54:18 PM) (Source: DCOM) (User: ACER)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (02/06/2014 05:54:18 PM) (Source: DCOM) (User: ACER)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (02/06/2014 05:54:18 PM) (Source: DCOM) (User: ACER)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (02/06/2014 05:54:18 PM) (Source: DCOM) (User: ACER)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (02/06/2014 05:54:18 PM) (Source: DCOM) (User: ACER)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (02/06/2014 05:54:17 PM) (Source: DCOM) (User: ACER)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}


Microsoft Office Sessions:
=========================
Error: (02/09/2014 00:41:51 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\maiko_000\Downloads\SoftonicDownloader_fuer_sd-reisekosten.exe

Error: (02/09/2014 00:29:50 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: ACER)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147467263

Error: (02/09/2014 00:29:50 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: ACER)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147467263

Error: (02/09/2014 00:29:50 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: ACER)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147467263

Error: (02/09/2014 00:29:50 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: ACER)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147467263

Error: (02/09/2014 00:29:50 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: ACER)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147467263

Error: (02/08/2014 03:30:49 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: ACER)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147467263

Error: (02/08/2014 03:30:49 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: ACER)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147467263

Error: (02/08/2014 03:30:49 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: ACER)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147467263

Error: (02/08/2014 03:30:49 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: ACER)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147467263


CodeIntegrity Errors:
===================================
  Date: 2014-02-06 19:26:32.818
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks32.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2014-02-06 19:26:21.942
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2014-02-06 19:26:21.052
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2014-02-06 19:26:20.177
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2014-02-06 19:26:15.817
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.


==================== Memory info =========================== 

Percentage of memory in use: 24%
Total physical RAM: 8010.27 MB
Available physical RAM: 6037.15 MB
Total Pagefile: 10314.27 MB
Available Pagefile: 7668.34 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:913.7 GB) (Free:500.5 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================
         

Alt 10.02.2014, 09:13   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8 GVU Trojaner - Standard

Windows 8 GVU Trojaner



Unsere Tools brauchen immer Adminrechte.


Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 10.02.2014, 19:43   #12
elcardinal1
 
Windows 8 GVU Trojaner - Standard

Windows 8 GVU Trojaner



---------------------------
NSIS Error
---------------------------
Installer integrity check has failed. Common causes include
incomplete download and damaged media. Contact the
installer's author to obtain a new copy.

More information at:
hxxp://nsis.sf.net/NSIS_Error
---------------------------
OK
---------------------------

Bekomme das nicht installiert. Habe es schon mehrfach versucht.
Bis auf zwei mal verschwindet die Datei direkt nach dem Download und ich finde sie in keinem Ordner wieder.

Geändert von elcardinal1 (10.02.2014 um 20:29 Uhr)

Alt 11.02.2014, 17:32   #13
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8 GVU Trojaner - Standard

Windows 8 GVU Trojaner



Mit was lädst du die Datei`?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 11.02.2014, 19:24   #14
elcardinal1
 
Windows 8 GVU Trojaner - Standard

Windows 8 GVU Trojaner



Wie mit was lade ich die? Ich habe den Download über den Link gestartet, ganz normal mit dem Browser(Firefox).

Alt 12.02.2014, 18:02   #15
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8 GVU Trojaner - Standard

Windows 8 GVU Trojaner



Mach es mal bitte mit dem Internet Explorer.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Windows 8 GVU Trojaner
anleitung, dankbar, entferne, entfernen, gvu trojaner, laptop, leitung, neue, neuen, troja, trojane, trojaner, versuch, versucht, windows, windows 8, youtube



Ähnliche Themen: Windows 8 GVU Trojaner


  1. Windows 7 SP 1 mit Trojaner infiziert - Windows Update Fehlercode 8007002
    Log-Analyse und Auswertung - 11.09.2015 (60)
  2. Windows 7: Trojaner - Windows Updates, Firewall defekt
    Log-Analyse und Auswertung - 20.03.2015 (24)
  3. Windows 7: Nach BKA Trojaner Fehlermeldung beim Starten, Windows Sicherheitscenter kann nicht gestartet werden
    Log-Analyse und Auswertung - 18.11.2014 (9)
  4. Windows-Verschlüsselungs-Trojaner unter Windows 7 auf einem MAC
    Log-Analyse und Auswertung - 14.06.2012 (3)
  5. windows verschlüsselungs Flirtfever-Trojaner, Windows XP
    Log-Analyse und Auswertung - 13.06.2012 (1)
  6. Nach BKA Trojaner, Windows Firewall deaktiviert sich (Windows XP)
    Plagegeister aller Art und deren Bekämpfung - 10.06.2012 (1)
  7. Willkomen bei Windows Update, Sie haben sich mit einen Windows-Verschlüsselungs Trojaner infiziert.
    Log-Analyse und Auswertung - 06.06.2012 (1)
  8. UKash Windows Secure Trojaner mit Windows XP eingefangen
    Plagegeister aller Art und deren Bekämpfung - 05.06.2012 (1)
  9. Windows Notfall Sicherheits Update Center - Windows XP Trojaner
    Log-Analyse und Auswertung - 21.05.2012 (2)
  10. Windows-Verschlüsselungs-Trojaner unter Windows XP
    Log-Analyse und Auswertung - 16.05.2012 (9)
  11. Windows 7 (64bit) Virus/Trojaner (evtl. Windows Verschlüsselungs Trojaner)
    Plagegeister aller Art und deren Bekämpfung - 07.05.2012 (19)
  12. Windows-Verschlüsselungs Trojaner Windows 7 Starter
    Plagegeister aller Art und deren Bekämpfung - 06.05.2012 (10)
  13. Infiziert mit Windows-Verschlüsselungs Trojaner -Mail mit Telefonrechnung - windows vista
    Plagegeister aller Art und deren Bekämpfung - 06.05.2012 (12)
  14. "Willkommen bei Windows Update Sie haben sich mit einen Windows-Verschlüsselungs Trojaner infiziert.
    Log-Analyse und Auswertung - 27.04.2012 (3)
  15. 'Windows Security Center' Trojaner - Windows-Benutzer gesperrt !
    Log-Analyse und Auswertung - 16.03.2012 (5)
  16. Windows Vista Home Premium 32-Bit Trojaner Windows gesperrt 50€ zahlen.
    Log-Analyse und Auswertung - 23.01.2012 (1)
  17. Trojaner Fake.AV c:\Users\Sexgott\AppData\Roaming\microsoft\Windows\start menu\Programs\windows reco
    Mülltonne - 28.04.2011 (1)

Zum Thema Windows 8 GVU Trojaner - Habe mir auf meinem neuen Laptop den GVU Trojaner eingefangen. Habe eine youtube Anleitung zum Entfernen versucht, aber irgendwie bekomme ich das nicht hin. Wäre sehr dankbar wenn mir jemand - Windows 8 GVU Trojaner...
Archiv
Du betrachtest: Windows 8 GVU Trojaner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.