Trojan ZeroAccess!inf4

Chrisy · 02.05.2013, 16:49

Guten Tag zusammen,

ich habe den Verdacht auf eine Infizierung mit dem
Trojaner ZeroAccess!inf4 /services.exe

Ich würde mich freuen, wenn Sie mir helfen könnten
bei der Behandlung bzw. Entfernung des Problems.

Vielen Dank im Voraus,

Chris

aharonov · 02.05.2013, 16:49

Hi Chris,

dann schauen wir mal rein:

Schritt 1

Downloade dir bitte defogger (von jpshortstuff) auf deinen Desktop.

Starte das Tool mit Doppelklick.
Klicke nun auf den Disable Button.
Bestätige diese Sicherheitsabfrage mit Ja.
Wenn der Scan beendet wurde (Finished), klicke auf OK.
Falls Defogger zu einem Neustart auffordert, bestätige dies mit OK.
Defogger erstellt auf dem Desktop eine Logdatei mit dem Namen defogger_disable.txt.
Nur falls Probleme aufgetreten sind, poste deren Inhalt mit deiner nächsten Antwort.

Klicke den Re-enable Button nicht ohne Anweisung!

Schritt 2

Bitte lade dir

GMER herunter: (Dateiname zufällig)

Schließe alle anderen Programme, deaktiviere deinen Virenscanner und trenne den Rechner vom Internet bevor du GMER startest.
Sollte sich nach dem Start ein Fenster mit folgender Warnung öffnen:
WARNING !!!
GMER has found system modification, which might have been caused by ROOTKIT activity.
Do you want to fully scan your system ?

Unbedingt auf "No" klicken.
Entferne rechts den Haken bei: IAT/EAT und Show All
Setze den Haken bei Quickscan und entferne ihn bei allen anderen Laufwerken.
Starte den Scan mit "Scan".
Mache nichts am Computer während der Scan läuft.
Wenn der Scan fertig ist klicke auf Save und speichere die Logfile unter Gmer.txt auf deinem Desktop. Mit "Ok" wird GMER beendet.

Antiviren-Programm und sonstige Scanner wieder einschalten, bevor Du ins Netz gehst!

Tauchen Probleme auf?

Probiere alternativ den abgesicherten Modus.
Erhältst du einen Bluescreen, dann entferne den Haken vor Devices.

Schritt 3

Lade dir bitte OTL (von Oldtimer) herunter und speichere es auf deinen Desktop.

Doppelklick auf die OTL.exe.
Unter Extra Registry, wähle bitte Use SafeList.
Setze den Haken bei Scan all Users.
Klicke nun auf Run Scan.
Wenn der Scan beendet ist, werden 2 Logfiles (OTL.txt und Extras.txt) erstellt.
Poste den Inhalt dieser Logfiles hier in den Thread.

Bitte poste in deiner nächsten Antwort:

Log von Gmer
Logs von OTL

Chrisy · 02.05.2013, 17:20

Danke für die schnelle Antwort!

Die Prozedur hat funktioniert und die Logfiles sind im Anhang.

aharonov · 02.05.2013, 17:57

Kannst du diese Logfiles bitte nicht anhängen (das erschwert mir das Auswerten massiv), sondern deren Inhalt direkt innerhalb von Codetags einfügen: [code]Inhalt Logfile[/code].
Wenn sie zu gross sind, dann (und nur dann) in ein zip-Archiv (nicht *.7z) packen und anhängen.
Danke.

Chrisy · 02.05.2013, 18:16

OTL Log: OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 02.05.2013 19:07:54 - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Chris\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 6,64 Gb Available Physical Memory | 83,21% Memory free
15,96 Gb Paging File | 14,70 Gb Available in Paging File | 92,08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1383,86 Gb Total Space | 1315,66 Gb Free Space | 95,07% Space Free | Partition Type: NTFS
Drive D: | 65,37 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: CHRIS-PC | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.05.02 16:46:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.exe
PRC - [2013.03.15 07:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - File not found [Disabled | Stopped] -- C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe -- (NIApplicationWebServer64)
SRV - [2013.05.02 16:44:09 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.03.15 07:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.12.19 07:41:52 | 000,194,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.03.01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.01.06 17:20:00 | 000,676,864 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTL8192su.sys -- (RTL8192su)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3752477004-49576077-881651181-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.02 16:44:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.05.02 17:43:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.02 16:44:09 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2013.04.30 14:21:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Extensions
[2013.05.01 15:31:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\c3fv2ryo.default\extensions
[2013.05.01 11:44:24 | 000,000,000 | ---D | M] (Maximum AdBlock) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\c3fv2ryo.default\extensions\ozymandias@securityheroes.com
[2013.05.01 11:46:56 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\firefox\profiles\c3fv2ryo.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.04.28 21:37:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.05.02 16:44:09 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.05.02 16:44:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.05.02 16:44:08 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.05.02 16:44:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.05.02 16:44:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.05.02 16:44:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.05.02 16:44:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3752477004-49576077-881651181-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3752477004-49576077-881651181-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BAEE5E03-3ADD-4831-A369-9DB07B39009B}: DhcpNameServer = 192.168.178.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.01.18 12:54:28 | 000,000,000 | ---D | M] - D:\AutoPlay -- [ CDFS ]
O32 - AutoRun File - [2010.01.08 19:37:38 | 000,000,042 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{fd5ea30c-b031-11e2-b1c9-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{fd5ea30c-b031-11e2-b1c9-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup.exe -- [2007.11.07 14:20:42 | 004,911,104 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.05.02 17:43:56 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Thunderbird
[2013.05.02 17:43:56 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Thunderbird
[2013.05.02 17:43:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013.05.02 17:01:45 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.05.02 16:53:01 | 002,566,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2013.05.02 16:53:00 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2013.05.02 16:53:00 | 000,187,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2013.05.02 16:53:00 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2013.05.02 16:53:00 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2013.05.02 16:52:59 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2013.05.02 16:52:59 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2013.05.02 16:46:45 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.exe
[2013.05.01 17:06:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2013.05.01 13:23:11 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2013.05.01 13:23:11 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2013.05.01 13:15:49 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2013.05.01 13:15:49 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2013.05.01 13:15:49 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2013.05.01 13:15:49 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2013.05.01 13:15:49 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2013.05.01 13:15:49 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2013.05.01 13:15:49 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2013.05.01 13:15:49 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2013.05.01 13:14:51 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2013.05.01 13:12:53 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.05.01 13:12:53 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.05.01 13:12:53 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.05.01 13:12:53 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.05.01 13:12:53 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.05.01 13:12:53 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.05.01 13:12:53 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.05.01 13:12:53 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.05.01 13:12:53 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.05.01 13:12:53 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.05.01 13:12:53 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.05.01 13:12:53 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.05.01 13:12:53 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.05.01 13:12:53 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.05.01 13:12:53 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.05.01 13:12:53 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2013.05.01 13:12:53 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.05.01 13:12:53 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.05.01 13:12:53 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.05.01 13:12:53 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2013.05.01 13:12:53 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.05.01 13:12:53 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.05.01 13:12:53 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.05.01 13:12:53 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.05.01 13:12:53 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.05.01 13:12:53 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2013.05.01 13:12:53 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2013.05.01 13:12:53 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.05.01 13:12:53 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.05.01 13:12:53 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2013.05.01 13:12:53 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.05.01 13:12:53 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.05.01 13:12:53 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.05.01 13:12:53 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.05.01 13:12:53 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.05.01 13:12:53 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.05.01 13:12:53 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2013.05.01 13:12:53 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.05.01 13:12:53 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.05.01 13:12:53 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2013.05.01 13:12:53 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.05.01 13:12:53 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.05.01 13:12:53 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.05.01 13:12:53 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2013.05.01 13:12:53 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.05.01 13:12:53 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.05.01 13:12:53 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.05.01 13:12:53 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.05.01 13:12:53 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.05.01 13:12:53 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.05.01 13:12:53 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.05.01 13:12:53 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.05.01 13:12:53 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.05.01 13:12:53 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.05.01 13:12:53 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.05.01 13:12:53 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.05.01 13:12:53 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2013.05.01 13:12:53 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.05.01 13:12:53 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.05.01 13:12:53 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.05.01 13:12:53 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.05.01 13:12:53 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.05.01 13:12:53 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.05.01 13:12:53 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.05.01 13:12:53 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.05.01 13:12:53 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.05.01 13:12:53 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.05.01 13:12:53 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.05.01 13:12:53 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.05.01 13:12:53 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.05.01 13:12:53 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.05.01 13:12:53 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013.05.01 13:05:12 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2013.05.01 13:05:12 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2013.05.01 13:05:12 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2013.05.01 13:05:12 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2013.05.01 13:05:12 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2013.05.01 13:05:12 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2013.05.01 13:04:16 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2013.05.01 13:04:16 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2013.05.01 13:04:16 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2013.05.01 13:04:16 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2013.05.01 13:00:32 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2013.05.01 13:00:32 | 000,022,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2013.05.01 11:45:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013.05.01 11:45:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013.05.01 11:44:24 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\SecurityHeroes
[2013.05.01 11:22:03 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2013.05.01 11:22:01 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013.05.01 11:22:01 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013.05.01 11:21:59 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2013.05.01 11:21:59 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2013.05.01 11:21:59 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2013.05.01 11:21:59 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2013.05.01 11:21:59 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2013.05.01 11:21:59 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2013.05.01 11:21:59 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2013.05.01 11:21:59 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2013.05.01 11:21:59 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2013.05.01 11:21:53 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013.05.01 11:21:53 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.05.01 11:21:53 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013.05.01 11:21:53 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013.05.01 11:21:53 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013.05.01 11:21:40 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\Referat Physik
[2013.05.01 11:21:31 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2013.05.01 11:21:30 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2013.05.01 11:21:27 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013.05.01 11:21:27 | 002,691,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013.05.01 11:21:26 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013.05.01 11:21:26 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013.05.01 11:21:26 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013.05.01 11:21:26 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013.05.01 11:21:25 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2013.05.01 11:21:24 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2013.05.01 11:21:05 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2013.05.01 11:21:05 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2013.05.01 11:21:05 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2013.05.01 11:21:05 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2013.05.01 11:21:04 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2013.05.01 11:21:04 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2013.05.01 11:21:02 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2013.05.01 11:21:02 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2013.05.01 11:20:50 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2013.05.01 11:20:50 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2013.05.01 11:20:49 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2013.05.01 11:20:49 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2013.05.01 11:20:43 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2013.05.01 11:20:40 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2013.05.01 11:20:38 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll
[2013.05.01 11:20:38 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2013.05.01 11:20:38 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2013.05.01 11:20:38 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2013.05.01 11:20:38 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2013.05.01 11:20:38 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2013.05.01 11:20:38 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe
[2013.05.01 11:20:38 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe
[2013.05.01 11:20:34 | 002,326,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2013.05.01 11:20:34 | 002,228,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2013.05.01 11:20:34 | 001,553,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2013.05.01 11:20:34 | 001,401,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2013.05.01 11:20:34 | 000,779,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2013.05.01 11:20:34 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2013.05.01 11:20:34 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2013.05.01 11:20:34 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2013.05.01 11:20:34 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2013.05.01 11:20:34 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2013.05.01 11:20:34 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2013.05.01 11:20:34 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2013.05.01 11:20:34 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2013.05.01 11:20:30 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2013.05.01 11:20:24 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2013.05.01 11:20:24 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2013.05.01 11:20:20 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2013.05.01 11:20:20 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2013.05.01 11:20:16 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2013.05.01 11:20:15 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2013.05.01 11:20:15 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2013.05.01 11:20:15 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2013.05.01 11:20:15 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2013.05.01 11:20:15 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2013.05.01 11:20:15 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2013.05.01 11:20:15 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2013.05.01 11:20:15 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2013.05.01 11:20:15 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2013.05.01 11:20:15 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2013.05.01 11:20:15 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2013.05.01 11:20:15 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2013.05.01 11:20:15 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2013.05.01 11:20:15 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2013.05.01 11:20:14 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2013.05.01 11:19:49 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2013.05.01 11:19:46 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2013.05.01 11:19:45 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2013.05.01 11:19:45 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013.05.01 11:19:45 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013.05.01 11:19:33 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2013.05.01 11:19:32 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll
[2013.05.01 11:19:32 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll
[2013.05.01 11:19:31 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2013.05.01 11:19:31 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2013.05.01 11:19:31 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2013.05.01 11:19:31 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2013.05.01 11:19:31 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2013.05.01 11:19:28 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013.05.01 11:19:28 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013.05.01 11:19:26 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2013.05.01 11:19:24 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2013.05.01 11:19:24 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2013.05.01 11:19:24 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2013.05.01 11:19:23 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2013.05.01 11:19:12 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013.05.01 11:19:11 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2013.05.01 11:19:10 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013.05.01 11:19:06 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2013.05.01 11:19:06 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2013.05.01 11:19:06 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2013.05.01 11:19:03 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013.05.01 11:19:03 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2013.05.01 11:19:03 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2013.05.01 11:19:03 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2013.05.01 11:18:55 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2013.05.01 11:18:55 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2013.05.01 11:18:55 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013.05.01 11:18:54 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll
[2013.05.01 11:18:54 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013.05.01 11:18:54 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2013.05.01 11:18:54 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013.05.01 11:18:54 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2013.05.01 11:18:54 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2013.05.01 11:18:54 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2013.05.01 11:18:54 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2013.05.01 11:18:54 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2013.05.01 11:18:53 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2013.05.01 11:18:41 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2013.05.01 11:18:41 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2013.05.01 11:18:39 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2013.05.01 11:18:39 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2013.05.01 11:18:39 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2013.05.01 11:18:02 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2013.05.01 11:18:02 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2013.05.01 11:18:01 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013.05.01 11:18:00 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2013.05.01 11:18:00 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2013.05.01 11:18:00 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2013.05.01 11:18:00 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2013.05.01 11:17:58 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013.05.01 11:17:57 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013.05.01 11:17:56 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013.05.01 11:17:56 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013.05.01 11:17:56 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013.05.01 11:17:56 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013.05.01 11:17:56 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.05.01 11:17:56 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.05.01 11:17:56 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013.05.01 11:17:56 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.05.01 11:17:56 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013.05.01 11:17:56 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.05.01 11:17:56 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013.05.01 11:17:56 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013.05.01 11:17:56 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013.05.01 11:17:56 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013.05.01 11:17:56 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.05.01 11:17:56 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013.05.01 11:17:56 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013.05.01 11:17:56 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013.05.01 11:17:56 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013.05.01 11:17:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.05.01 11:17:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.05.01 11:17:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013.05.01 11:17:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013.05.01 11:17:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013.05.01 11:17:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013.05.01 11:17:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013.05.01 11:17:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013.05.01 11:17:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013.05.01 11:17:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013.05.01 11:17:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.05.01 11:17:43 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013.05.01 11:17:42 | 000,287,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013.05.01 11:17:37 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013.05.01 11:17:37 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013.05.01 11:17:37 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013.05.01 11:17:37 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013.05.01 11:17:37 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013.05.01 11:17:37 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013.05.01 11:17:36 | 002,745,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013.05.01 11:17:36 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013.05.01 11:17:36 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013.05.01 11:17:36 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013.05.01 11:17:36 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013.05.01 11:17:36 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013.05.01 11:17:36 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013.05.01 11:17:36 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013.05.01 11:17:36 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013.05.01 11:17:36 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013.05.01 11:17:36 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013.05.01 11:17:36 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013.05.01 11:17:36 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013.05.01 11:17:36 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013.05.01 11:17:36 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013.05.01 11:17:36 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013.05.01 11:17:36 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013.05.01 11:17:36 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013.05.01 11:17:36 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013.05.01 11:17:36 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013.05.01 11:17:36 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013.05.01 11:17:36 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013.05.01 11:17:36 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013.05.01 11:17:36 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013.05.01 11:17:36 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013.05.01 11:17:36 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013.05.01 11:17:22 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2013.05.01 11:17:22 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2013.05.01 11:17:22 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2013.05.01 11:17:22 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2013.05.01 11:17:22 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2013.05.01 11:17:21 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2013.05.01 11:17:21 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mpeg2Data.ax
[2013.05.01 11:17:21 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSDvbNP.ax
[2013.05.01 11:17:21 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax
[2013.05.01 11:17:21 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax
[2013.05.01 11:16:56 | 003,213,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2013.05.01 11:16:24 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2013.05.01 11:16:24 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2013.05.01 11:16:22 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2013.05.01 11:16:22 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2013.05.01 11:16:22 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2013.05.01 11:16:22 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2013.05.01 11:16:22 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2013.05.01 11:16:22 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2013.05.01 11:16:22 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2013.05.01 11:16:21 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2013.05.01 11:16:21 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2013.05.01 11:15:41 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2013.05.01 11:15:34 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2013.05.01 11:15:34 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2013.05.01 11:15:30 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2013.05.01 11:15:30 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013.05.01 11:15:28 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2013.05.01 11:15:28 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2013.05.01 11:15:28 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2013.05.01 11:15:25 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2013.05.01 11:15:25 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2013.05.01 11:15:24 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2013.05.01 11:15:24 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2013.05.01 11:15:20 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2013.05.01 11:15:20 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2013.05.01 11:15:19 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2013.05.01 11:15:18 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2013.05.01 11:15:16 | 000,634,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2013.05.01 11:15:15 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2013.05.01 11:15:11 | 000,956,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2013.05.01 11:15:09 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2013.05.01 11:15:09 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2013.05.01 11:15:08 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2013.05.01 11:15:08 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2013.05.01 11:14:58 | 005,497,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.05.01 11:14:57 | 003,958,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.05.01 11:14:57 | 003,902,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.05.01 11:14:57 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013.05.01 11:14:57 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013.05.01 11:14:57 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013.05.01 11:14:43 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2013.05.01 11:14:43 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2013.05.01 11:14:42 | 001,739,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013.05.01 11:14:41 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2013.05.01 11:14:40 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2013.05.01 11:00:20 | 001,462,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013.05.01 11:00:20 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013.05.01 10:59:43 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2013.05.01 10:59:43 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2013.05.01 10:59:43 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2013.05.01 10:59:42 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2013.05.01 10:59:41 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2013.05.01 10:59:41 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2013.05.01 10:59:14 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Macromedia
[2013.05.01 10:59:14 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Macromedia
[2013.05.01 10:59:13 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Adobe
[2013.05.01 10:59:05 | 000,691,592 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.05.01 10:59:05 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.05.01 10:59:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2013.05.01 10:59:04 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2013.04.30 14:48:46 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2013.04.30 14:48:46 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2013.04.30 14:48:46 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2013.04.30 14:48:33 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2013.04.30 14:48:33 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2013.04.30 14:48:33 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2013.04.30 14:47:51 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2013.04.30 14:47:51 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2013.04.30 14:46:23 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\National Instruments
[2013.04.30 14:40:45 | 000,000,000 | ---D | C] -- C:\ProgramData\National Instruments
[2013.04.30 14:21:43 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Mozilla
[2013.04.30 14:21:43 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Mozilla
[2013.04.30 14:19:15 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Diagnostics
[2013.04.29 20:21:35 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\vlc
[2013.04.29 20:06:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013.04.29 19:02:07 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\d3dx9_28.dll
[2013.04.29 18:59:17 | 000,095,576 | ---- | C] (Microsoft Corporation) -- C:\DSETUP.dll
[2013.04.29 18:58:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013.04.29 18:58:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2013.04.29 18:28:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aerosoft
[2013.04.29 18:11:16 | 000,000,000 | R--D | C] -- C:\Users\Chris\Documents\Dropbox
[2013.04.29 18:05:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013.04.29 18:05:04 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2013.04.29 18:04:43 | 006,398,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2013.04.29 18:04:43 | 003,477,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2013.04.29 18:04:43 | 002,555,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2013.04.29 18:04:43 | 000,237,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2013.04.29 18:04:43 | 000,063,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2013.04.29 18:04:33 | 000,061,216 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013.04.29 18:04:33 | 000,053,024 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013.04.29 18:04:28 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2013.04.29 18:04:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2013.04.29 18:04:07 | 001,510,328 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll
[2013.04.29 18:04:07 | 000,194,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2013.04.29 18:04:07 | 000,031,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2013.04.29 18:04:06 | 026,956,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013.04.29 18:04:06 | 025,256,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013.04.29 18:04:06 | 020,542,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013.04.29 18:04:06 | 017,990,800 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013.04.29 18:04:06 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013.04.29 18:04:06 | 015,508,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2013.04.29 18:04:06 | 015,042,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2013.04.29 18:04:06 | 013,088,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013.04.29 18:04:06 | 009,414,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013.04.29 18:04:06 | 007,959,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013.04.29 18:04:06 | 007,573,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013.04.29 18:04:06 | 006,271,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013.04.29 18:04:06 | 002,913,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013.04.29 18:04:06 | 002,864,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2013.04.29 18:04:06 | 002,728,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013.04.29 18:04:06 | 002,539,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2013.04.29 18:04:06 | 002,355,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013.04.29 18:04:06 | 001,995,552 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013.04.29 18:04:06 | 001,807,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6431422.dll
[2013.04.29 18:04:06 | 001,510,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6431422.dll
[2013.04.29 18:04:06 | 001,118,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2013.04.29 18:04:06 | 000,968,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2013.04.29 18:04:06 | 000,250,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2013.04.29 18:04:06 | 000,205,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2013.04.29 18:03:30 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013.04.29 18:02:17 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2013.04.29 18:02:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Belkin
[2013.04.29 18:01:36 | 000,000,000 | ---D | C] -- C:\Windows\{113016FE-E013-4FAF-85FB-8649DEED76B2}
[2013.04.29 18:00:04 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\OpenOffice.org
[2013.04.28 21:46:27 | 000,000,000 | --SD | C] -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4
[2013.04.28 21:46:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3
[2013.04.28 21:43:11 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\OpenOffice.org 3.4 (de) Installation Files
[2013.04.28 21:41:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013.04.28 21:41:03 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013.04.28 21:40:35 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2013.04.28 21:37:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.04.28 21:32:11 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2013.04.28 21:19:27 | 000,000,000 | ---D | C] -- C:\Windows.old
[2013.04.28 21:14:54 | 000,000,000 | R--D | C] -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013.04.28 21:14:54 | 000,000,000 | R--D | C] -- C:\Users\Chris\Searches
[2013.04.28 21:14:54 | 000,000,000 | R--D | C] -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013.04.28 21:14:45 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Identities
[2013.04.28 21:14:43 | 000,000,000 | R--D | C] -- C:\Users\Chris\Contacts
[2013.04.28 21:14:41 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\VirtualStore
[2013.04.28 21:14:22 | 000,000,000 | --SD | C] -- C:\Users\Chris\AppData\Roaming\Microsoft
[2013.04.28 21:14:22 | 000,000,000 | R--D | C] -- C:\Users\Chris\Videos
[2013.04.28 21:14:22 | 000,000,000 | R--D | C] -- C:\Users\Chris\Saved Games
[2013.04.28 21:14:22 | 000,000,000 | R--D | C] -- C:\Users\Chris\Pictures
[2013.04.28 21:14:22 | 000,000,000 | R--D | C] -- C:\Users\Chris\Music
[2013.04.28 21:14:22 | 000,000,000 | R--D | C] -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013.04.28 21:14:22 | 000,000,000 | R--D | C] -- C:\Users\Chris\Links
[2013.04.28 21:14:22 | 000,000,000 | R--D | C] -- C:\Users\Chris\Favorites
[2013.04.28 21:14:22 | 000,000,000 | R--D | C] -- C:\Users\Chris\Downloads
[2013.04.28 21:14:22 | 000,000,000 | R--D | C] -- C:\Users\Chris\Documents
[2013.04.28 21:14:22 | 000,000,000 | R--D | C] -- C:\Users\Chris\Desktop
[2013.04.28 21:14:22 | 000,000,000 | R--D | C] -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013.04.28 21:14:22 | 000,000,000 | -HSD | C] -- C:\Users\Chris\Vorlagen
[2013.04.28 21:14:22 | 000,000,000 | -HSD | C] -- C:\Users\Chris\AppData\Local\Verlauf
[2013.04.28 21:14:22 | 000,000,000 | -HSD | C] -- C:\Users\Chris\AppData\Local\Temporary Internet Files
[2013.04.28 21:14:22 | 000,000,000 | -HSD | C] -- C:\Users\Chris\Startmenü
[2013.04.28 21:14:22 | 000,000,000 | -HSD | C] -- C:\Users\Chris\SendTo
[2013.04.28 21:14:22 | 000,000,000 | -HSD | C] -- C:\Users\Chris\Recent
[2013.04.28 21:14:22 | 000,000,000 | -HSD | C] -- C:\Users\Chris\Netzwerkumgebung
[2013.04.28 21:14:22 | 000,000,000 | -HSD | C] -- C:\Users\Chris\Lokale Einstellungen
[2013.04.28 21:14:22 | 000,000,000 | -HSD | C] -- C:\Users\Chris\Documents\Eigene Videos
[2013.04.28 21:14:22 | 000,000,000 | -HSD | C] -- C:\Users\Chris\Documents\Eigene Musik
[2013.04.28 21:14:22 | 000,000,000 | -HSD | C] -- C:\Users\Chris\Eigene Dateien
[2013.04.28 21:14:22 | 000,000,000 | -HSD | C] -- C:\Users\Chris\Documents\Eigene Bilder
[2013.04.28 21:14:22 | 000,000,000 | -HSD | C] -- C:\Users\Chris\Druckumgebung
[2013.04.28 21:14:22 | 000,000,000 | -HSD | C] -- C:\Users\Chris\Cookies
[2013.04.28 21:14:22 | 000,000,000 | -HSD | C] -- C:\Users\Chris\AppData\Local\Anwendungsdaten
[2013.04.28 21:14:22 | 000,000,000 | -HSD | C] -- C:\Users\Chris\Anwendungsdaten
[2013.04.28 21:14:22 | 000,000,000 | -H-D | C] -- C:\Users\Chris\AppData
[2013.04.28 21:14:22 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Temp
[2013.04.28 21:14:22 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Microsoft
[2013.04.28 21:14:22 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Media Center Programs
[2013.04.28 21:14:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2013.04.28 21:14:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2013.04.28 21:14:13 | 000,000,000 | -HSD | C] -- C:\Recovery
[2013.04.28 21:14:13 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2013.04.28 21:14:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2013.04.28 21:14:13 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2013.04.28 21:14:13 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2013.04.28 21:14:13 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2013.04.28 21:14:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2013.04.28 21:14:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2013.04.28 20:36:03 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013.04.28 20:33:49 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2013.04.27 14:18:18 | 000,000,000 | ---D | C] -- C:\m-r-software
 
========== Files - Modified Within 30 Days ==========
 
[2013.05.02 19:06:11 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.05.02 19:06:11 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.05.02 19:06:11 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.05.02 19:06:11 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.05.02 19:06:11 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.05.02 19:02:03 | 000,013,584 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.02 19:02:03 | 000,013,584 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.02 18:59:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.02 18:59:06 | 2133,676,031 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.02 18:20:16 | 000,015,692 | ---- | M] () -- C:\Users\Chris\Desktop\OTL.7z
[2013.05.02 18:01:57 | 000,377,856 | ---- | M] () -- C:\Users\Chris\Desktop\gmer_2.1.19163.exe
[2013.05.02 18:01:11 | 000,000,000 | ---- | M] () -- C:\Users\Chris\defogger_reenable
[2013.05.02 17:43:54 | 000,002,084 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2013.05.02 16:58:21 | 000,050,477 | ---- | M] () -- C:\Users\Chris\Desktop\Defogger.exe
[2013.05.02 16:46:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.exe
[2013.05.01 15:26:23 | 000,294,112 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.05.01 13:12:53 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.05.01 13:12:53 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.05.01 13:12:53 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.05.01 13:12:53 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.05.01 13:12:53 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.05.01 13:12:53 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.05.01 13:12:53 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.05.01 13:12:53 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.05.01 13:12:53 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.05.01 13:12:53 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.05.01 13:12:53 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.05.01 13:12:53 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.05.01 13:12:53 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.05.01 13:12:53 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.05.01 13:12:53 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.05.01 13:12:53 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2013.05.01 13:12:53 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.05.01 13:12:53 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.05.01 13:12:53 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.05.01 13:12:53 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2013.05.01 13:12:53 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.05.01 13:12:53 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.05.01 13:12:53 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.05.01 13:12:53 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.05.01 13:12:53 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.05.01 13:12:53 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2013.05.01 13:12:53 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2013.05.01 13:12:53 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.05.01 13:12:53 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.05.01 13:12:53 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2013.05.01 13:12:53 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.05.01 13:12:53 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.05.01 13:12:53 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.05.01 13:12:53 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.05.01 13:12:53 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.05.01 13:12:53 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.05.01 13:12:53 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2013.05.01 13:12:53 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.05.01 13:12:53 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.05.01 13:12:53 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2013.05.01 13:12:53 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.05.01 13:12:53 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.05.01 13:12:53 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.05.01 13:12:53 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2013.05.01 13:12:53 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.05.01 13:12:53 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.05.01 13:12:53 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.05.01 13:12:53 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.05.01 13:12:53 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.05.01 13:12:53 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.05.01 13:12:53 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.05.01 13:12:53 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.05.01 13:12:53 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.05.01 13:12:53 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.05.01 13:12:53 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.05.01 13:12:53 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.05.01 13:12:53 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2013.05.01 13:12:53 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.05.01 13:12:53 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.05.01 13:12:53 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013.05.01 13:12:53 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.05.01 13:12:53 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.05.01 13:12:53 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.05.01 13:12:53 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.05.01 13:12:53 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.05.01 13:12:53 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.05.01 13:12:53 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.05.01 13:12:53 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.05.01 13:12:53 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.05.01 13:12:53 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.05.01 13:12:53 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.05.01 13:12:53 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.05.01 13:12:53 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.05.01 13:12:53 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013.05.01 10:59:05 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.05.01 10:59:05 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.04.29 18:58:39 | 000,001,064 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.04.29 18:28:19 | 000,000,950 | ---- | M] () -- C:\Users\Public\Desktop\Aerosoft Launcher.lnk
[2013.04.28 21:46:28 | 000,001,240 | ---- | M] () -- C:\Users\Chris\Desktop\OpenOffice.org 3.4.lnk
[2013.04.28 21:39:27 | 000,002,562 | ---- | M] () -- C:\Windows\diagwrn.xml
[2013.04.28 21:39:27 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2013.04.28 21:37:23 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.04.28 20:37:24 | 000,056,735 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013.04.28 20:37:24 | 000,056,735 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2013.04.28 20:35:32 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013.04.27 13:43:18 | 000,176,436 | ---- | M] () -- C:\Users\Chris\Documents\datasheet bd235.pdf
[2013.04.23 22:40:50 | 675,545,088 | ---- | M] () -- C:\NBRT.iso
[2013.04.22 18:22:49 | 000,000,000 | ---- | M] () -- C:\end
[2013.04.21 12:15:25 | 000,023,576 | ---- | M] () -- C:\Users\Chris\Documents\Wasserballregeln.odt
[2013.04.17 18:52:00 | 000,095,922 | ---- | M] () -- C:\Users\Chris\Documents\datasheet bd912.pdf
[2013.04.17 17:53:37 | 000,030,270 | ---- | M] () -- C:\Users\Chris\Documents\Ausarbeitung Transistor.odt
[2013.04.17 17:41:24 | 000,014,520 | ---- | M] () -- C:\Users\Chris\Documents\ee_bauteile_transistor.jpg
[2013.04.15 16:45:44 | 000,023,785 | ---- | M] () -- C:\Users\Chris\Documents\Dioden PN-Übergang.odt
[2013.04.15 16:38:25 | 000,010,068 | ---- | M] () -- C:\Users\Chris\Documents\Dioden Deckblatt.odt
[2013.04.14 18:16:59 | 000,011,286 | ---- | M] () -- C:\Users\Chris\Documents\Dioden Datenblätter.odt
[2013.04.09 18:11:36 | 000,015,362 | ---- | M] () -- C:\Users\Chris\Documents\Dioden Bauformen.odt
[2013.04.09 18:04:44 | 000,011,862 | ---- | M] () -- C:\Users\Chris\Documents\Dioden Schaltzeichen.odt
[2013.04.05 17:08:19 | 000,436,801 | ---- | M] () -- C:\Users\Chris\Documents\datasheet bd241.pdf
 
========== Files Created - No Company Name ==========
 
[2013.05.02 18:20:15 | 000,015,692 | ---- | C] () -- C:\Users\Chris\Desktop\OTL.7z
[2013.05.02 18:01:54 | 000,377,856 | ---- | C] () -- C:\Users\Chris\Desktop\gmer_2.1.19163.exe
[2013.05.02 18:01:11 | 000,000,000 | ---- | C] () -- C:\Users\Chris\defogger_reenable
[2013.05.02 17:43:54 | 000,002,084 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2013.05.02 16:58:21 | 000,050,477 | ---- | C] () -- C:\Users\Chris\Desktop\Defogger.exe
[2013.05.01 13:23:12 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013.05.01 13:12:53 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.05.01 13:12:53 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013.05.01 13:04:16 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013.04.29 18:59:17 | 004,162,630 | ---- | C] () -- C:\Apr2006_MDX1_x86_Archive.cab
[2013.04.29 18:59:17 | 003,319,740 | ---- | C] () -- C:\Aug2009_d3dcsx_42_x86.cab
[2013.04.29 18:59:17 | 003,112,111 | ---- | C] () -- C:\Aug2009_d3dcsx_42_x64.cab
[2013.04.29 18:59:17 | 001,973,702 | ---- | C] () -- C:\Mar2009_d3dx9_41_x64.cab
[2013.04.29 18:59:17 | 001,906,878 | ---- | C] () -- C:\Nov2008_d3dx9_40_x64.cab
[2013.04.29 18:59:17 | 001,802,058 | ---- | C] () -- C:\Nov2007_d3dx9_36_x64.cab
[2013.04.29 18:59:17 | 001,800,160 | ---- | C] () -- C:\AUG2007_d3dx9_35_x64.cab
[2013.04.29 18:59:17 | 001,794,084 | ---- | C] () -- C:\Aug2008_d3dx9_39_x64.cab
[2013.04.29 18:59:17 | 001,792,608 | ---- | C] () -- C:\JUN2008_d3dx9_38_x64.cab
[2013.04.29 18:59:17 | 001,769,862 | ---- | C] () -- C:\Mar2008_d3dx9_37_x64.cab
[2013.04.29 18:59:17 | 001,709,360 | ---- | C] () -- C:\Nov2007_d3dx9_36_x86.cab
[2013.04.29 18:59:17 | 001,708,152 | ---- | C] () -- C:\AUG2007_d3dx9_35_x86.cab
[2013.04.29 18:59:17 | 001,612,446 | ---- | C] () -- C:\Mar2009_d3dx9_41_x86.cab
[2013.04.29 18:59:17 | 001,607,774 | ---- | C] () -- C:\JUN2007_d3dx9_34_x64.cab
[2013.04.29 18:59:17 | 001,607,358 | ---- | C] () -- C:\APR2007_d3dx9_33_x64.cab
[2013.04.29 18:59:17 | 001,607,286 | ---- | C] () -- C:\JUN2007_d3dx9_34_x86.cab
[2013.04.29 18:59:17 | 001,606,039 | ---- | C] () -- C:\APR2007_d3dx9_33_x86.cab
[2013.04.29 18:59:17 | 001,574,376 | ---- | C] () -- C:\DEC2006_d3dx9_32_x86.cab
[2013.04.29 18:59:17 | 001,571,154 | ---- | C] () -- C:\DEC2006_d3dx9_32_x64.cab
[2013.04.29 18:59:17 | 001,566,040 | ---- | C] () -- C:\dsetup32.dll
[2013.04.29 18:59:17 | 001,550,796 | ---- | C] () -- C:\Nov2008_d3dx9_40_x86.cab
[2013.04.29 18:59:17 | 001,464,672 | ---- | C] () -- C:\Aug2008_d3dx9_39_x86.cab
[2013.04.29 18:59:17 | 001,463,878 | ---- | C] () -- C:\JUN2008_d3dx9_38_x86.cab
[2013.04.29 18:59:17 | 001,443,282 | ---- | C] () -- C:\Mar2008_d3dx9_37_x86.cab
[2013.04.29 18:59:17 | 001,412,902 | ---- | C] () -- C:\OCT2006_d3dx9_31_x64.cab
[2013.04.29 18:59:17 | 001,397,830 | ---- | C] () -- C:\Apr2006_d3dx9_30_x64.cab
[2013.04.29 18:59:17 | 001,362,796 | ---- | C] () -- C:\Feb2006_d3dx9_29_x64.cab
[2013.04.29 18:59:17 | 001,357,976 | ---- | C] () -- C:\Dec2005_d3dx9_28_x64.cab
[2013.04.29 18:59:17 | 001,350,542 | ---- | C] () -- C:\Aug2005_d3dx9_27_x64.cab
[2013.04.29 18:59:17 | 001,347,354 | ---- | C] () -- C:\Apr2005_d3dx9_25_x64.cab
[2013.04.29 18:59:17 | 001,336,002 | ---- | C] () -- C:\Jun2005_d3dx9_26_x64.cab
[2013.04.29 18:59:17 | 001,247,499 | ---- | C] () -- C:\Feb2005_d3dx9_24_x64.cab
[2013.04.29 18:59:17 | 001,127,217 | ---- | C] () -- C:\OCT2006_d3dx9_31_x86.cab
[2013.04.29 18:59:17 | 001,115,221 | ---- | C] () -- C:\Apr2006_d3dx9_30_x86.cab
[2013.04.29 18:59:17 | 001,084,720 | ---- | C] () -- C:\Feb2006_d3dx9_29_x86.cab
[2013.04.29 18:59:17 | 001,079,456 | ---- | C] () -- C:\Dec2005_d3dx9_28_x86.cab
[2013.04.29 18:59:17 | 001,078,962 | ---- | C] () -- C:\Apr2005_d3dx9_25_x86.cab
[2013.04.29 18:59:17 | 001,077,644 | ---- | C] () -- C:\Aug2005_d3dx9_27_x86.cab
[2013.04.29 18:59:17 | 001,067,160 | ---- | C] () -- C:\Mar2009_d3dx10_41_x64.cab
[2013.04.29 18:59:17 | 001,064,925 | ---- | C] () -- C:\Jun2005_d3dx9_26_x86.cab
[2013.04.29 18:59:17 | 001,040,745 | ---- | C] () -- C:\Mar2009_d3dx10_41_x86.cab
[2013.04.29 18:59:17 | 001,013,225 | ---- | C] () -- C:\Feb2005_d3dx9_24_x86.cab
[2013.04.29 18:59:17 | 000,994,154 | ---- | C] () -- C:\Nov2008_d3dx10_40_x64.cab
[2013.04.29 18:59:17 | 000,965,421 | ---- | C] () -- C:\Nov2008_d3dx10_40_x86.cab
[2013.04.29 18:59:17 | 000,944,460 | ---- | C] () -- C:\Jun2010_D3DCompiler_43_x64.cab
[2013.04.29 18:59:17 | 000,937,246 | ---- | C] () -- C:\Jun2010_d3dx9_43_x64.cab
[2013.04.29 18:59:17 | 000,931,471 | ---- | C] () -- C:\Jun2010_D3DCompiler_43_x86.cab
[2013.04.29 18:59:17 | 000,930,116 | ---- | C] () -- C:\Aug2009_d3dx9_42_x64.cab
[2013.04.29 18:59:17 | 000,919,044 | ---- | C] () -- C:\Aug2009_D3DCompiler_42_x64.cab
[2013.04.29 18:59:17 | 000,916,430 | ---- | C] () -- C:\Apr2006_MDX1_x86.cab
[2013.04.29 18:59:17 | 000,900,598 | ---- | C] () -- C:\Aug2009_D3DCompiler_42_x86.cab
[2013.04.29 18:59:17 | 000,867,828 | ---- | C] () -- C:\JUN2008_d3dx10_38_x64.cab
[2013.04.29 18:59:17 | 000,867,612 | ---- | C] () -- C:\Aug2008_d3dx10_39_x64.cab
[2013.04.29 18:59:17 | 000,864,600 | ---- | C] () -- C:\Nov2007_d3dx10_36_x64.cab
[2013.04.29 18:59:17 | 000,852,286 | ---- | C] () -- C:\AUG2007_d3dx10_35_x64.cab
[2013.04.29 18:59:17 | 000,849,919 | ---- | C] () -- C:\JUN2008_d3dx10_38_x86.cab
[2013.04.29 18:59:17 | 000,849,167 | ---- | C] () -- C:\Aug2008_d3dx10_39_x86.cab
[2013.04.29 18:59:17 | 000,844,884 | ---- | C] () -- C:\Mar2008_d3dx10_37_x64.cab
[2013.04.29 18:59:17 | 000,818,260 | ---- | C] () -- C:\Mar2008_d3dx10_37_x86.cab
[2013.04.29 18:59:17 | 000,803,884 | ---- | C] () -- C:\Nov2007_d3dx10_36_x86.cab
[2013.04.29 18:59:17 | 000,796,867 | ---- | C] () -- C:\AUG2007_d3dx10_35_x86.cab
[2013.04.29 18:59:17 | 000,768,036 | ---- | C] () -- C:\Jun2010_d3dx9_43_x86.cab
[2013.04.29 18:59:17 | 000,762,188 | ---- | C] () -- C:\Jun2010_d3dcsx_43_x86.cab
[2013.04.29 18:59:17 | 000,752,783 | ---- | C] () -- C:\Jun2010_d3dcsx_43_x64.cab
[2013.04.29 18:59:17 | 000,728,456 | ---- | C] () -- C:\Aug2009_d3dx9_42_x86.cab
[2013.04.29 18:59:17 | 000,699,044 | ---- | C] () -- C:\JUN2007_d3dx10_34_x64.cab
[2013.04.29 18:59:17 | 000,698,612 | ---- | C] () -- C:\APR2007_d3dx10_33_x64.cab
[2013.04.29 18:59:17 | 000,698,472 | ---- | C] () -- C:\JUN2007_d3dx10_34_x86.cab
[2013.04.29 18:59:17 | 000,695,865 | ---- | C] () -- C:\APR2007_d3dx10_33_x86.cab
[2013.04.29 18:59:17 | 000,517,976 | ---- | C] () -- C:\DXSETUP.exe
[2013.04.29 18:59:17 | 000,278,060 | ---- | C] () -- C:\Jun2010_XAudio_x86.cab
[2013.04.29 18:59:17 | 000,277,338 | ---- | C] () -- C:\Jun2010_XAudio_x64.cab
[2013.04.29 18:59:17 | 000,277,191 | ---- | C] () -- C:\Feb2010_XAudio_x86.cab
[2013.04.29 18:59:17 | 000,276,960 | ---- | C] () -- C:\Feb2010_XAudio_x64.cab
[2013.04.29 18:59:17 | 000,275,044 | ---- | C] () -- C:\Mar2009_XAudio_x64.cab
[2013.04.29 18:59:17 | 000,273,960 | ---- | C] () -- C:\Nov2008_XAudio_x64.cab
[2013.04.29 18:59:17 | 000,273,264 | ---- | C] () -- C:\Aug2009_XAudio_x64.cab
[2013.04.29 18:59:17 | 000,273,018 | ---- | C] () -- C:\Mar2009_XAudio_x86.cab
[2013.04.29 18:59:17 | 000,272,642 | ---- | C] () -- C:\Aug2009_XAudio_x86.cab
[2013.04.29 18:59:17 | 000,272,611 | ---- | C] () -- C:\Nov2008_XAudio_x86.cab
[2013.04.29 18:59:17 | 000,271,412 | ---- | C] () -- C:\Aug2008_XAudio_x64.cab
[2013.04.29 18:59:17 | 000,271,038 | ---- | C] () -- C:\Aug2008_XAudio_x86.cab
[2013.04.29 18:59:17 | 000,269,628 | ---- | C] () -- C:\JUN2008_XAudio_x64.cab
[2013.04.29 18:59:17 | 000,269,024 | ---- | C] () -- C:\JUN2008_XAudio_x86.cab
[2013.04.29 18:59:17 | 000,251,194 | ---- | C] () -- C:\Mar2008_XAudio_x64.cab
[2013.04.29 18:59:17 | 000,235,955 | ---- | C] () -- C:\Jun2010_d3dx10_43_x64.cab
[2013.04.29 18:59:17 | 000,232,635 | ---- | C] () -- C:\Aug2009_d3dx10_42_x64.cab
[2013.04.29 18:59:17 | 000,226,250 | ---- | C] () -- C:\Mar2008_XAudio_x86.cab
[2013.04.29 18:59:17 | 000,212,807 | ---- | C] () -- C:\DEC2006_d3dx10_00_x64.cab
[2013.04.29 18:59:17 | 000,198,096 | ---- | C] () -- C:\AUG2007_XACT_x64.cab
[2013.04.29 18:59:17 | 000,197,283 | ---- | C] () -- C:\Jun2010_d3dx10_43_x86.cab
[2013.04.29 18:59:17 | 000,197,122 | ---- | C] () -- C:\JUN2007_XACT_x64.cab
[2013.04.29 18:59:17 | 000,196,762 | ---- | C] () -- C:\NOV2007_XACT_x64.cab
[2013.04.29 18:59:17 | 000,195,766 | ---- | C] () -- C:\APR2007_XACT_x64.cab
[2013.04.29 18:59:17 | 000,194,675 | ---- | C] () -- C:\FEB2007_XACT_x64.cab
[2013.04.29 18:59:17 | 000,192,475 | ---- | C] () -- C:\DEC2006_XACT_x64.cab
[2013.04.29 18:59:17 | 000,192,131 | ---- | C] () -- C:\Aug2009_d3dx10_42_x86.cab
[2013.04.29 18:59:17 | 000,191,720 | ---- | C] () -- C:\DEC2006_d3dx10_00_x86.cab
[2013.04.29 18:59:17 | 000,182,903 | ---- | C] () -- C:\AUG2006_XACT_x64.cab
[2013.04.29 18:59:17 | 000,182,361 | ---- | C] () -- C:\OCT2006_XACT_x64.cab
[2013.04.29 18:59:17 | 000,180,785 | ---- | C] () -- C:\JUN2006_XACT_x64.cab
[2013.04.29 18:59:17 | 000,179,133 | ---- | C] () -- C:\Apr2006_XACT_x64.cab
[2013.04.29 18:59:17 | 000,178,359 | ---- | C] () -- C:\Feb2006_XACT_x64.cab
[2013.04.29 18:59:17 | 000,153,012 | ---- | C] () -- C:\AUG2007_XACT_x86.cab
[2013.04.29 18:59:17 | 000,152,909 | ---- | C] () -- C:\JUN2007_XACT_x86.cab
[2013.04.29 18:59:17 | 000,151,225 | ---- | C] () -- C:\APR2007_XACT_x86.cab
[2013.04.29 18:59:17 | 000,148,264 | ---- | C] () -- C:\NOV2007_XACT_x86.cab
[2013.04.29 18:59:17 | 000,147,983 | ---- | C] () -- C:\FEB2007_XACT_x86.cab
[2013.04.29 18:59:17 | 000,145,599 | ---- | C] () -- C:\DEC2006_XACT_x86.cab
[2013.04.29 18:59:17 | 000,138,205 | ---- | C] () -- C:\Jun2010_d3dx11_43_x64.cab
[2013.04.29 18:59:17 | 000,138,017 | ---- | C] () -- C:\OCT2006_XACT_x86.cab
[2013.04.29 18:59:17 | 000,137,235 | ---- | C] () -- C:\AUG2006_XACT_x86.cab
[2013.04.29 18:59:17 | 000,136,301 | ---- | C] () -- C:\Aug2009_d3dx11_42_x64.cab
[2013.04.29 18:59:17 | 000,133,671 | ---- | C] () -- C:\JUN2006_XACT_x86.cab
[2013.04.29 18:59:17 | 000,133,103 | ---- | C] () -- C:\Apr2006_XACT_x86.cab
[2013.04.29 18:59:17 | 000,132,409 | ---- | C] () -- C:\Feb2006_XACT_x86.cab
[2013.04.29 18:59:17 | 000,124,596 | ---- | C] () -- C:\Jun2010_XACT_x64.cab
[2013.04.29 18:59:17 | 000,122,446 | ---- | C] () -- C:\Feb2010_XACT_x64.cab
[2013.04.29 18:59:17 | 000,122,408 | ---- | C] () -- C:\Aug2009_XACT_x64.cab
[2013.04.29 18:59:17 | 000,122,336 | ---- | C] () -- C:\Mar2008_XACT_x64.cab
[2013.04.29 18:59:17 | 000,121,794 | ---- | C] () -- C:\Nov2008_XACT_x64.cab
[2013.04.29 18:59:17 | 000,121,772 | ---- | C] () -- C:\Aug2008_XACT_x64.cab
[2013.04.29 18:59:17 | 000,121,506 | ---- | C] () -- C:\Mar2009_XACT_x64.cab
[2013.04.29 18:59:17 | 000,121,054 | ---- | C] () -- C:\JUN2008_XACT_x64.cab
[2013.04.29 18:59:17 | 000,109,445 | ---- | C] () -- C:\Jun2010_d3dx11_43_x86.cab
[2013.04.29 18:59:17 | 000,105,044 | ---- | C] () -- C:\Aug2009_d3dx11_42_x86.cab
[2013.04.29 18:59:17 | 000,097,152 | ---- | C] () -- C:\dxupdate.cab
[2013.04.29 18:59:17 | 000,096,817 | ---- | C] () -- C:\APR2007_xinput_x64.cab
[2013.04.29 18:59:17 | 000,093,734 | ---- | C] () -- C:\Mar2008_XACT_x86.cab
[2013.04.29 18:59:17 | 000,093,686 | ---- | C] () -- C:\Jun2010_XACT_x86.cab
[2013.04.29 18:59:17 | 000,093,180 | ---- | C] () -- C:\Feb2010_XACT_x86.cab
[2013.04.29 18:59:17 | 000,093,128 | ---- | C] () -- C:\JUN2008_XACT_x86.cab
[2013.04.29 18:59:17 | 000,093,106 | ---- | C] () -- C:\Aug2009_XACT_x86.cab
[2013.04.29 18:59:17 | 000,092,996 | ---- | C] () -- C:\Aug2008_XACT_x86.cab
[2013.04.29 18:59:17 | 000,092,740 | ---- | C] () -- C:\Mar2009_XACT_x86.cab
[2013.04.29 18:59:17 | 000,092,684 | ---- | C] () -- C:\Nov2008_XACT_x86.cab
[2013.04.29 18:59:17 | 000,087,142 | ---- | C] () -- C:\AUG2006_xinput_x64.cab
[2013.04.29 18:59:17 | 000,087,101 | ---- | C] () -- C:\Apr2006_xinput_x64.cab
[2013.04.29 18:59:17 | 000,086,037 | ---- | C] () -- C:\Oct2005_xinput_x64.cab
[2013.04.29 18:59:17 | 000,055,154 | ---- | C] () -- C:\JUN2008_X3DAudio_x64.cab
[2013.04.29 18:59:17 | 000,055,058 | ---- | C] () -- C:\Mar2008_X3DAudio_x64.cab
[2013.04.29 18:59:17 | 000,054,678 | ---- | C] () -- C:\Feb2010_X3DAudio_x64.cab
[2013.04.29 18:59:17 | 000,054,600 | ---- | C] () -- C:\Mar2009_X3DAudio_x64.cab
[2013.04.29 18:59:17 | 000,054,522 | ---- | C] () -- C:\Nov2008_X3DAudio_x64.cab
[2013.04.29 18:59:17 | 000,053,302 | ---- | C] () -- C:\APR2007_xinput_x86.cab
[2013.04.29 18:59:17 | 000,046,144 | ---- | C] () -- C:\NOV2007_X3DAudio_x64.cab
[2013.04.29 18:59:17 | 000,046,058 | ---- | C] () -- C:\AUG2006_xinput_x86.cab
[2013.04.29 18:59:17 | 000,046,010 | ---- | C] () -- C:\Apr2006_xinput_x86.cab
[2013.04.29 18:59:17 | 000,045,359 | ---- | C] () -- C:\Oct2005_xinput_x86.cab
[2013.04.29 18:59:17 | 000,044,624 | ---- | C] () -- C:\dxdllreg_x86.cab
[2013.04.29 18:59:17 | 000,021,905 | ---- | C] () -- C:\JUN2008_X3DAudio_x86.cab
[2013.04.29 18:59:17 | 000,021,867 | ---- | C] () -- C:\Mar2008_X3DAudio_x86.cab
[2013.04.29 18:59:17 | 000,021,851 | ---- | C] () -- C:\Nov2008_X3DAudio_x86.cab
[2013.04.29 18:59:17 | 000,021,298 | ---- | C] () -- C:\Mar2009_X3DAudio_x86.cab
[2013.04.29 18:59:17 | 000,020,713 | ---- | C] () -- C:\Feb2010_X3DAudio_x86.cab
[2013.04.29 18:59:17 | 000,018,496 | ---- | C] () -- C:\NOV2007_X3DAudio_x86.cab
[2013.04.29 18:58:39 | 000,001,064 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.04.29 18:28:19 | 000,000,950 | ---- | C] () -- C:\Users\Public\Desktop\Aerosoft Launcher.lnk
[2013.04.29 18:10:04 | 001,324,819 | ---- | C] () -- C:\Users\Chris\Documents\1291815309_railroad_walpapers_49.jpg
[2013.04.29 18:10:04 | 001,316,083 | ---- | C] () -- C:\Users\Chris\Documents\279407.jpg
[2013.04.29 18:10:04 | 001,183,593 | ---- | C] () -- C:\Users\Chris\Documents\EiKat.jpeg
[2013.04.29 18:10:04 | 001,175,193 | ---- | C] () -- C:\Users\Chris\Documents\1288895425_railroad_walpapers_45.jpg
[2013.04.29 18:10:04 | 001,151,667 | ---- | C] () -- C:\Users\Chris\Documents\Scan0020.jpg
[2013.04.29 18:10:04 | 000,890,718 | ---- | C] () -- C:\Users\Chris\Documents\Scan0019.jpg
[2013.04.29 18:10:04 | 000,882,445 | ---- | C] () -- C:\Users\Chris\Documents\Scan0018.jpg
[2013.04.29 18:10:04 | 000,675,386 | ---- | C] () -- C:\Users\Chris\Documents\331982-5622x3514.jpg
[2013.04.29 18:10:04 | 000,576,549 | ---- | C] () -- C:\Users\Chris\Documents\Scan0008.jpg
[2013.04.29 18:10:04 | 000,527,953 | ---- | C] () -- C:\Users\Chris\Documents\Passive_Vierpole.jpg
[2013.04.29 18:10:04 | 000,523,139 | ---- | C] () -- C:\Users\Chris\Documents\Scan0015.jpg
[2013.04.29 18:10:04 | 000,516,171 | ---- | C] () -- C:\Users\Chris\Documents\Scan0006.jpg
[2013.04.29 18:10:04 | 000,493,492 | ---- | C] () -- C:\Users\Chris\Documents\Scan0011.jpg
[2013.04.29 18:10:04 | 000,469,372 | ---- | C] () -- C:\Users\Chris\Documents\Scan0007.jpg
[2013.04.29 18:10:04 | 000,404,988 | ---- | C] () -- C:\Users\Chris\Documents\Scan0009.jpg
[2013.04.29 18:10:04 | 000,395,754 | ---- | C] () -- C:\Users\Chris\Documents\Scan0012.jpg
[2013.04.29 18:10:04 | 000,351,752 | ---- | C] () -- C:\Users\Chris\Documents\Scan0014.jpg
[2013.04.29 18:10:04 | 000,347,826 | ---- | C] () -- C:\Users\Chris\Documents\Scan0005.jpg
[2013.04.29 18:10:04 | 000,347,358 | ---- | C] () -- C:\Users\Chris\Documents\Scan0010.jpg
[2013.04.29 18:10:04 | 000,341,265 | ---- | C] () -- C:\Users\Chris\Documents\Scan0013.jpg
[2013.04.29 18:10:04 | 000,321,207 | ---- | C] () -- C:\Users\Chris\Documents\Scan0002.jpg
[2013.04.29 18:10:04 | 000,303,547 | ---- | C] () -- C:\Users\Chris\Documents\Scan0001.jpg
[2013.04.29 18:10:04 | 000,292,704 | ---- | C] () -- C:\Users\Chris\Documents\Product-66585-1.org.jpg
[2013.04.29 18:10:04 | 000,275,008 | ---- | C] () -- C:\Users\Chris\Documents\Scan0016.jpg
[2013.04.29 18:10:04 | 000,274,973 | ---- | C] () -- C:\Users\Chris\Documents\Scan0017.jpg
[2013.04.29 18:10:04 | 000,272,071 | ---- | C] () -- C:\Users\Chris\Documents\aldous-huxley_jmE2V_800.jpg
[2013.04.29 18:10:04 | 000,187,478 | ---- | C] () -- C:\Users\Chris\Documents\Kirche_Weyhers11_08.jpg
[2013.04.29 18:10:04 | 000,087,813 | ---- | C] () -- C:\Users\Chris\Documents\Scan0004.jpg
[2013.04.29 18:10:04 | 000,071,568 | ---- | C] () -- C:\Users\Chris\Documents\Scan00192.jpg
[2013.04.29 18:10:04 | 000,071,090 | ---- | C] () -- C:\Users\Chris\Documents\Scan00191.jpg
[2013.04.29 18:10:04 | 000,059,208 | ---- | C] () -- C:\Users\Chris\Documents\image001.jpg
[2013.04.29 18:10:04 | 000,041,062 | ---- | C] () -- C:\Users\Chris\Documents\fadenstrahlrohr.jpg
[2013.04.29 18:10:04 | 000,015,548 | ---- | C] () -- C:\Users\Chris\Documents\Scan0003.jpg
[2013.04.29 18:10:04 | 000,015,226 | ---- | C] () -- C:\Users\Chris\Documents\bast825.jpg
[2013.04.29 18:10:04 | 000,014,711 | ---- | C] () -- C:\Users\Chris\Documents\8351-TDA8351-dc-coupled-vertical-deflection-circuit-picture.jpg
[2013.04.29 18:10:04 | 000,014,520 | ---- | C] () -- C:\Users\Chris\Documents\ee_bauteile_transistor.jpg
[2013.04.29 18:09:01 | 005,731,423 | ---- | C] () -- C:\Users\Chris\Documents\IMSLP82912-SIBLEY1802.8156.e8b0-39087012454973.pdf
[2013.04.29 18:09:01 | 004,728,035 | ---- | C] () -- C:\Users\Chris\Documents\Jahreswirtschaftsbericht 2012.pdf
[2013.04.29 18:09:01 | 004,009,191 | ---- | C] () -- C:\Users\Chris\Documents\RT100.pdf
[2013.04.29 18:09:01 | 003,974,705 | ---- | C] () -- C:\Users\Chris\Documents\messtechnik 1.pdf
[2013.04.29 18:09:01 | 002,464,619 | ---- | C] () -- C:\Users\Chris\Documents\OfficialBasketballRules2012.pdf
[2013.04.29 18:09:01 | 000,987,584 | ---- | C] () -- C:\Users\Chris\Documents\LEIST_EL.pdf
[2013.04.29 18:09:01 | 000,798,104 | ---- | C] () -- C:\Users\Chris\Documents\thebestof_free.pdf
[2013.04.29 18:09:01 | 000,618,649 | ---- | C] () -- C:\Users\Chris\Documents\wechselstrom.pdf
[2013.04.29 18:09:01 | 000,597,754 | ---- | C] () -- C:\Users\Chris\Documents\Grundlagen Oszilloskop.pdf
[2013.04.29 18:09:01 | 000,582,339 | ---- | C] () -- C:\Users\Chris\Documents\GrundddatenJugend_Medien_2012.pdf
[2013.04.29 18:09:01 | 000,434,695 | ---- | C] () -- C:\Users\Chris\Documents\prinz_friedrich_von_homburg_-_interpretation.pdf
[2013.04.29 18:09:01 | 000,387,584 | ---- | C] () -- C:\Users\Chris\Documents\lab2_roehre.pdf
[2013.04.29 18:09:01 | 000,250,483 | ---- | C] () -- C:\Users\Chris\Documents\ggg_eq6b_sc.pdf
[2013.04.29 18:09:01 | 000,230,648 | ---- | C] () -- C:\Users\Chris\Documents\PrinzFriedrichVonHomburg.pdf
[2013.04.29 18:09:01 | 000,216,227 | ---- | C] () -- C:\Users\Chris\Documents\ggg_eq6b_bom.pdf
[2013.04.29 18:09:01 | 000,178,899 | ---- | C] () -- C:\Users\Chris\Documents\el84-jj2003.pdf
[2013.04.29 18:09:01 | 000,157,942 | ---- | C] () -- C:\Users\Chris\Documents\Transistorliste.pdf
[2013.04.29 18:09:01 | 000,098,858 | ---- | C] () -- C:\Users\Chris\Documents\PIIS1472648310621542.pdf
[2013.04.29 18:09:01 | 000,081,939 | R--- | C] () -- C:\Users\Chris\Documents\Versuche Messtechnik.pdf
[2013.04.29 18:09:01 | 000,050,533 | ---- | C] () -- C:\Users\Chris\Documents\mussorgsky-modest-petrovich-pictures-exhibition-promenade-391.pdf
[2013.04.29 18:09:00 | 001,074,356 | ---- | C] () -- C:\Users\Chris\Documents\datasheet pcl 85.pdf
[2013.04.29 18:09:00 | 001,039,671 | ---- | C] () -- C:\Users\Chris\Documents\datasheet fqpf 10n60c.pdf
[2013.04.29 18:09:00 | 000,866,726 | ---- | C] () -- C:\Users\Chris\Documents\datasheet fqpf 9n50c.pdf
[2013.04.29 18:09:00 | 000,616,876 | ---- | C] () -- C:\Users\Chris\Documents\datasheet lm3915.pdf
[2013.04.29 18:09:00 | 000,613,023 | ---- | C] () -- C:\Users\Chris\Documents\aktien Planspielböse 2.pdf
[2013.04.29 18:09:00 | 000,537,846 | ---- | C] () -- C:\Users\Chris\Documents\EL84.pdf
[2013.04.29 18:09:00 | 000,536,949 | ---- | C] () -- C:\Users\Chris\Documents\datasheet el84.pdf
[2013.04.29 18:09:00 | 000,505,581 | ---- | C] () -- C:\Users\Chris\Documents\datasheet ua741.pdf
[2013.04.29 18:09:00 | 000,436,801 | ---- | C] () -- C:\Users\Chris\Documents\datasheet bd241.pdf
[2013.04.29 18:09:00 | 000,292,094 | ---- | C] () -- C:\Users\Chris\Documents\datasheet hcf4069ube.pdf
[2013.04.29 18:09:00 | 000,273,617 | ---- | C] () -- C:\Users\Chris\Documents\datasheet bc107b.pdf
[2013.04.29 18:09:00 | 000,269,533 | ---- | C] () -- C:\Users\Chris\Documents\datasheet l78s24cv.pdf
[2013.04.29 18:09:00 | 000,256,791 | ---- | C] () -- C:\Users\Chris\Documents\datasheet zpd 33.pdf
[2013.04.29 18:09:00 | 000,249,819 | ---- | C] () -- C:\Users\Chris\Documents\datasheet 1n4576a.pdf
[2013.04.29 18:09:00 | 000,241,999 | ---- | C] () -- C:\Users\Chris\Documents\datasheet mc7806ct.pdf
[2013.04.29 18:09:00 | 000,226,269 | ---- | C] () -- C:\Users\Chris\Documents\datasheet gbu405.pdf
[2013.04.29 18:09:00 | 000,214,558 | ---- | C] () -- C:\Users\Chris\Documents\175080-da-01-en-Spannungsregler_MC7806CT.pdf
[2013.04.29 18:09:00 | 000,189,436 | ---- | C] () -- C:\Users\Chris\Documents\datasheet 27c256.pdf
[2013.04.29 18:09:00 | 000,183,022 | ---- | C] () -- C:\Users\Chris\Documents\datasheet top222y.pdf
[2013.04.29 18:09:00 | 000,176,436 | ---- | C] () -- C:\Users\Chris\Documents\datasheet bd235.pdf
[2013.04.29 18:09:00 | 000,173,391 | ---- | C] () -- C:\Users\Chris\Documents\datasheet mbr20100ct.pdf
[2013.04.29 18:09:00 | 000,168,491 | ---- | C] () -- C:\Users\Chris\Documents\datasheet 6j1.pdf
[2013.04.29 18:09:00 | 000,166,973 | ---- | C] () -- C:\Users\Chris\Documents\117323-as-02-de-Temperaturgesteuerte_Luefterregelung.pdf
[2013.04.29 18:09:00 | 000,157,063 | ---- | C] () -- C:\Users\Chris\Documents\datasheet rf310t.pdf
[2013.04.29 18:09:00 | 000,146,205 | ---- | C] () -- C:\Users\Chris\Documents\datasheet pc86.pdf
[2013.04.29 18:09:00 | 000,136,523 | ---- | C] () -- C:\Users\Chris\Documents\datasheet 2sc2625.pdf
[2013.04.29 18:09:00 | 000,132,015 | ---- | C] () -- C:\Users\Chris\Documents\datasheet j13009.pdf
[2013.04.29 18:09:00 | 000,130,835 | ---- | C] () -- C:\Users\Chris\Documents\datasheet b20h100g.pdf
[2013.04.29 18:09:00 | 000,130,435 | ---- | C] () -- C:\Users\Chris\Documents\datasheet mbr20100ct A.pdf
[2013.04.29 18:09:00 | 000,116,779 | ---- | C] () -- C:\Users\Chris\Documents\datasheet 1n3879.pdf
[2013.04.29 18:09:00 | 000,114,402 | ---- | C] () -- C:\Users\Chris\Documents\datasheet zx27.pdf
[2013.04.29 18:09:00 | 000,113,109 | ---- | C] () -- C:\Users\Chris\Documents\datasheet lf351.pdf
[2013.04.29 18:09:00 | 000,106,990 | ---- | C] () -- C:\Users\Chris\Documents\datasheet tip3055.pdf
[2013.04.29 18:09:00 | 000,105,371 | ---- | C] () -- C:\Users\Chris\Documents\datasheet hef4017bp.pdf
[2013.04.29 18:09:00 | 000,095,922 | ---- | C] () -- C:\Users\Chris\Documents\datasheet bd912.pdf
[2013.04.29 18:09:00 | 000,092,087 | ---- | C] () -- C:\Users\Chris\Documents\datasheet 2n3055.pdf
[2013.04.29 18:09:00 | 000,087,881 | ---- | C] () -- C:\Users\Chris\Documents\datasheet buz 11.pdf
[2013.04.29 18:09:00 | 000,087,025 | ---- | C] () -- C:\Users\Chris\Documents\datasheet tda8351.pdf
[2013.04.29 18:09:00 | 000,070,240 | ---- | C] () -- C:\Users\Chris\Documents\datasheet mj3000.pdf
[2013.04.29 18:09:00 | 000,064,117 | ---- | C] () -- C:\Users\Chris\Documents\datasheet byc8-600.pdf
[2013.04.29 18:09:00 | 000,059,913 | ---- | C] () -- C:\Users\Chris\Documents\datasheet bux 85.pdf
[2013.04.29 18:09:00 | 000,059,346 | ---- | C] () -- C:\Users\Chris\Documents\datasheet 2n2219.pdf
[2013.04.29 18:09:00 | 000,052,311 | ---- | C] () -- C:\Users\Chris\Documents\datasheet irfz44n.pdf
[2013.04.29 18:09:00 | 000,051,473 | ---- | C] () -- C:\Users\Chris\Documents\datasheet tip33c.pdf
[2013.04.29 18:09:00 | 000,050,358 | ---- | C] () -- C:\Users\Chris\Documents\datasheet bc638.pdf
[2013.04.29 18:09:00 | 000,050,201 | ---- | C] () -- C:\Users\Chris\Documents\datasheet bc637.pdf
[2013.04.29 18:09:00 | 000,029,553 | ---- | C] () -- C:\Users\Chris\Documents\datasheet ef95.pdf
[2013.04.29 18:09:00 | 000,022,814 | ---- | C] () -- C:\Users\Chris\Documents\datasheet bzx85 c20.pdf
[2013.04.29 18:08:59 | 006,420,134 | ---- | C] () -- C:\Users\Chris\Documents\Präsentation Musik.odp
[2013.04.29 18:08:59 | 006,089,399 | ---- | C] () -- C:\Users\Chris\Documents\untitled_0.odp
[2013.04.29 18:08:59 | 003,546,554 | ---- | C] () -- C:\Users\Chris\Documents\X-A-V- Präsi.odp
[2013.04.29 18:08:59 | 003,468,138 | ---- | C] () -- C:\Users\Chris\Documents\08_2012.pdf
[2013.04.29 18:08:59 | 001,333,146 | ---- | C] () -- C:\Users\Chris\Documents\164A series-v21.pdf
[2013.04.29 18:08:59 | 001,318,506 | ---- | C] () -- C:\Users\Chris\Documents\161A series-v21.pdf
[2013.04.29 18:08:59 | 001,185,286 | ---- | C] () -- C:\Users\Chris\Documents\EiKat.odt
[2013.04.29 18:08:59 | 000,874,026 | ---- | C] () -- C:\Users\Chris\Documents\Wertetabelle C. Schmeler.odt
[2013.04.29 18:08:59 | 000,338,398 | R--- | C] () -- C:\Users\Chris\Documents\01-Messfehler B.pdf
[2013.04.29 18:08:59 | 000,207,319 | ---- | C] () -- C:\Users\Chris\Documents\CD-Deckblatt.odt
[2013.04.29 18:08:59 | 000,097,417 | ---- | C] () -- C:\Users\Chris\Documents\Dreheisenmesswerk.odt
[2013.04.29 18:08:59 | 000,094,550 | ---- | C] () -- C:\Users\Chris\Documents\Drehspulmesswerk.odt
[2013.04.29 18:08:59 | 000,064,973 | ---- | C] () -- C:\Users\Chris\Documents\Gleichrichter Christoph Schmeler.odt
[2013.04.29 18:08:59 | 000,031,528 | ---- | C] () -- C:\Users\Chris\Documents\4 Way Light Spinner.pdf
[2013.04.29 18:08:59 | 000,030,270 | ---- | C] () -- C:\Users\Chris\Documents\Ausarbeitung Transistor.odt
[2013.04.29 18:08:59 | 000,026,867 | ---- | C] () -- C:\Users\Chris\Documents\Spielregeln Basketball.odt
[2013.04.29 18:08:59 | 000,026,860 | ---- | C] () -- C:\Users\Chris\Documents\Charackterisierung PrinzVonHomburg.odt
[2013.04.29 18:08:59 | 000,026,851 | ---- | C] () -- C:\Users\Chris\Documents\Diode Funktion etc.odt
[2013.04.29 18:08:59 | 000,025,532 | ---- | C] () -- C:\Users\Chris\Documents\Liste USA.ods
[2013.04.29 18:08:59 | 000,025,402 | ---- | C] () -- C:\Users\Chris\Documents\Tom Character.odt
[2013.04.29 18:08:59 | 000,025,135 | ---- | C] () -- C:\Users\Chris\Documents\X-A-V.odt
[2013.04.29 18:08:59 | 000,025,048 | ---- | C] () -- C:\Users\Chris\Documents\Handout.odt
[2013.04.29 18:08:59 | 000,023,785 | ---- | C] () -- C:\Users\Chris\Documents\Dioden PN-Übergang.odt
[2013.04.29 18:08:59 | 000,023,615 | ---- | C] () -- C:\Users\Chris\Documents\Z-Diode Funktion etc.odt
[2013.04.29 18:08:59 | 000,023,576 | ---- | C] () -- C:\Users\Chris\Documents\Wasserballregeln.odt
[2013.04.29 18:08:59 | 000,020,099 | ---- | C] () -- C:\Users\Chris\Documents\Erklärung EEG.odt
[2013.04.29 18:08:59 | 000,017,040 | ---- | C] () -- C:\Users\Chris\Documents\Ortskurven Schmeler.odt
[2013.04.29 18:08:59 | 000,016,236 | ---- | C] () -- C:\Users\Chris\Documents\Politische Strukturen.odt
[2013.04.29 18:08:59 | 000,016,222 | ---- | C] () -- C:\Users\Chris\Documents\Quotes.odt
[2013.04.29 18:08:59 | 000,015,362 | ---- | C] () -- C:\Users\Chris\Documents\Dioden Bauformen.odt
[2013.04.29 18:08:59 | 000,015,009 | ---- | C] () -- C:\Users\Chris\Documents\Primat Pol und Öko.odt
[2013.04.29 18:08:59 | 000,014,732 | ---- | C] () -- C:\Users\Chris\Documents\Hand-out.odt
[2013.04.29 18:08:59 | 000,014,192 | ---- | C] () -- C:\Users\Chris\Documents\The typical Russian.odt
[2013.04.29 18:08:59 | 000,014,190 | ---- | C] () -- C:\Users\Chris\Documents\10 words for Tom.odt
[2013.04.29 18:08:59 | 000,013,754 | ---- | C] () -- C:\Users\Chris\Documents\Elektrische Ladung.odt
[2013.04.29 18:08:59 | 000,012,726 | ---- | C] () -- C:\Users\Chris\Documents\Stundenplan 12BG2.ods
[2013.04.29 18:08:59 | 000,012,399 | ---- | C] () -- C:\Users\Chris\Documents\Spielregeln Basketball Grundregeln.odt
[2013.04.29 18:08:59 | 000,011,862 | ---- | C] () -- C:\Users\Chris\Documents\Dioden Schaltzeichen.odt
[2013.04.29 18:08:59 | 000,011,713 | ---- | C] () -- C:\Users\Chris\Documents\Geschi Erklärung Verkürzen.odt
[2013.04.29 18:08:59 | 000,011,299 | ---- | C] () -- C:\Users\Chris\Documents\Basics Tom.odt
[2013.04.29 18:08:59 | 000,011,286 | ---- | C] () -- C:\Users\Chris\Documents\Dioden Datenblätter.odt
[2013.04.29 18:08:59 | 000,010,068 | ---- | C] () -- C:\Users\Chris\Documents\Dioden Deckblatt.odt
[2013.04.29 18:08:59 | 000,010,006 | ---- | C] () -- C:\Users\Chris\Documents\Deckblatt Basketball.odt
[2013.04.29 18:08:59 | 000,001,659 | ---- | C] () -- C:\Users\Chris\Documents\Neue Datenbank.odb
[2013.04.29 18:04:43 | 003,065,455 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2013.04.29 18:04:06 | 000,017,738 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2013.04.28 21:46:28 | 000,001,240 | ---- | C] () -- C:\Users\Chris\Desktop\OpenOffice.org 3.4.lnk
[2013.04.28 21:39:19 | 000,002,562 | ---- | C] () -- C:\Windows\diagwrn.xml
[2013.04.28 21:39:19 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2013.04.28 21:37:23 | 000,001,148 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.04.28 21:37:23 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.04.28 21:14:59 | 000,001,403 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2013.04.28 21:14:56 | 000,001,437 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013.04.28 20:37:10 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2013.04.28 20:37:07 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2013.04.28 20:35:32 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013.04.23 22:40:40 | 675,545,088 | ---- | C] () -- C:\NBRT.iso
[2013.04.22 18:22:41 | 000,000,000 | ---- | C] () -- C:\end
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 161 bytes -> C:\Users\Chris\Documents\Passive_Vierpole.jpg:com.dropbox.attributes

< End of report >

--- --- ---

Chrisy · 02.05.2013, 18:19

Extras Log: OTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 02.05.2013 19:07:54 - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Chris\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 6,64 Gb Available Physical Memory | 83,21% Memory free
15,96 Gb Paging File | 14,70 Gb Available in Paging File | 92,08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1383,86 Gb Total Space | 1315,66 Gb Free Space | 95,07% Space Free | Partition Type: NTFS
Drive D: | 65,37 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: CHRIS-PC | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3752477004-49576077-881651181-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10F44BF7-E12C-4C8A-9BCE-DEC209B26E96}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{14CB329E-EF05-4C2D-B1CC-58F62B1A3DD4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{17A2E9D8-92D1-4C39-A1D2-4A7A96631FB7}" = rport=138 | protocol=17 | dir=out | app=system | 
"{1CDDDA66-B92F-4685-A77C-DD423E0A20AB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{277F2E19-9E17-4E44-88FE-31E4E58602D5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{3184C35C-EAEB-4E94-8B70-D14049D6F552}" = rport=139 | protocol=6 | dir=out | app=system | 
"{36D81AEB-5EEE-4C3B-A2B1-FAEBB4613D8D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{47E020D1-5D54-4F3C-AE46-11A925E4ED6E}" = rport=137 | protocol=17 | dir=out | app=system | 
"{4CF7119B-79E8-4EC9-95B1-67C247DC6D39}" = lport=137 | protocol=17 | dir=in | app=system | 
"{5B696F9A-43D3-4564-89AA-DC81DCE968A4}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{7876D4E4-431C-4290-B1BF-2C0027B5E503}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{796298AC-7E13-4D7F-9A2E-4245D76345B0}" = rport=445 | protocol=6 | dir=out | app=system | 
"{7E0C6C27-4119-45EA-B0DD-98409141C849}" = lport=139 | protocol=6 | dir=in | app=system | 
"{AC1A65A3-8761-42DF-A642-AD73300BD2D3}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{ACDAD3EE-1FC9-478E-98E5-8EFCCAE0995E}" = lport=138 | protocol=17 | dir=in | app=system | 
"{ADAEB947-E542-43A5-A7D5-0A996E7FBA77}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{C648F834-7959-4F8E-BF87-1101BEBAC20F}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{CDBB4500-5475-4174-A329-C9BD598B7F7C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{D3B7995B-7257-4693-8654-F425D38BBF23}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{D4697374-F482-4197-9609-0F56A58EEFF8}" = lport=445 | protocol=6 | dir=in | app=system | 
"{EF47D8F5-FF88-4B46-B6C3-0373B7C0D70D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{032959F0-D738-4A91-845A-42D42B1C4A77}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{08BA363E-2749-4E34-A88F-D2B02A126116}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{164B900C-1AE8-4B17-B5DA-792AF48E29DC}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{17180D6A-9FF8-483B-8543-A72AD609ABB5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{20285969-F187-4ED3-829F-AC1EB7809D6B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{27266D2F-A73A-428D-A128-9A4E0F762B7B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{31D253BA-D197-49BD-B160-DB234870054D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{343E2204-B505-414E-A055-D8FADFE601C3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{573BEFF4-5D64-4BCE-B72B-7E71B481F418}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{5B8F5F7D-87D6-487B-B29F-4B462025F7C2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{5CBD0416-3065-4C49-B44B-FD7936814492}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{5EF2A2B0-4D8E-43B7-B7D5-FE7B793351F0}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{650CC774-D75A-4D9D-930B-B78DE1CAB17A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{7E474C81-FD79-4E0A-9DFB-3E60FC6E3C71}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{97EB31F2-738C-4669-A52E-4A915EA7A046}" = protocol=6 | dir=out | app=system | 
"{A5302888-CB4C-43D6-AFAA-826D66074AC5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{AD548B96-6311-4B62-9F57-889814062AE4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{BF03A8DF-A30A-4A24-A962-D3C8FE8FDCB0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{DD3F45CE-7797-4C3D-B57F-8F6BB2F69B4D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.23.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08B73C99-D071-488F-8861-5DDA897C510D}" = Belkin Connect Wireless USB Adapter
"{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}" = OpenOffice.org 3.4
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"InstallShield_{08B73C99-D071-488F-8861-5DDA897C510D}" = Belkin Connect Wireless USB Adapter
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"Mozilla Thunderbird 17.0.5 (x86 de)" = Mozilla Thunderbird 17.0.5 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"VLC media player" = VLC media player 2.0.2
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 01.05.2013 09:24:58 | Computer Name = Chris-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: nidmsrv.exe, Version: 5.3.0.49153,
 Zeitstempel: 0x4df76bf8  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x74d96a64  ID des fehlerhaften
 Prozesses: 0x650  Startzeit der fehlerhaften Anwendung: 0x01ce466efaa95a1f  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: 84bdfb0e-b262-11e2-aae7-ff22238b300c
 
Error - 01.05.2013 09:24:59 | Computer Name = Chris-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: SystemWebServer.exe, Version: 1.2.0.49152,
 Zeitstempel: 0x4ddff0ff  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x74d96a64  ID des fehlerhaften
 Prozesses: 0x670  Startzeit der fehlerhaften Anwendung: 0x01ce466efac84c03  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: 84ffc6d6-b262-11e2-aae7-ff22238b300c
 
Error - 01.05.2013 09:24:59 | Computer Name = Chris-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: lkcitdl.exe, Version: 4.5.2.0, Zeitstempel:
 0x430de2dd  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x74d96a64  ID des fehlerhaften Prozesses:
 0x6c4  Startzeit der fehlerhaften Anwendung: 0x01ce466efad1d184  Pfad der fehlerhaften
 Anwendung: C:\Windows\SysWOW64\lkcitdl.exe  Pfad des fehlerhaften Moduls: unknown
Berichtskennung:
 8547301e-b262-11e2-aae7-ff22238b300c
 
Error - 01.05.2013 09:24:59 | Computer Name = Chris-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ApplicationWebServer.exe, Version:
 1.2.0.49152, Zeitstempel: 0x4ddff0de  Name des fehlerhaften Moduls: unknown, Version:
 0.0.0.0, Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x74d96a64
ID
 des fehlerhaften Prozesses: 0x814  Startzeit der fehlerhaften Anwendung: 0x01ce466f000ef22a
Pfad
 der fehlerhaften Anwendung: C:\Program Files (x86)\National Instruments\Shared\NI
 WebServer\ApplicationWebServer.exe  Pfad des fehlerhaften Moduls: unknown  Berichtskennung:
 855efde1-b262-11e2-aae7-ff22238b300c
 
Error - 01.05.2013 09:24:59 | Computer Name = Chris-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: nimdnsResponder.exe, Version: 107.6.6.49153,
 Zeitstempel: 0x4de6ac3a  Name des fehlerhaften Moduls: fastprox.dll_unloaded, Version:
 0.0.0.0, Zeitstempel: 0x4a5bd9de  Ausnahmecode: 0xc0000005  Fehleroffset: 0x74d96a64
ID
 des fehlerhaften Prozesses: 0x830  Startzeit der fehlerhaften Anwendung: 0x01ce466f0013860b
Pfad
 der fehlerhaften Anwendung: C:\Program Files (x86)\National Instruments\Shared\mDNS
 Responder\nimdnsResponder.exe  Pfad des fehlerhaften Moduls: fastprox.dll  Berichtskennung:
 857208e3-b262-11e2-aae7-ff22238b300c
 
Error - 02.05.2013 11:13:05 | Computer Name = Chris-PC | Source = LabVIEW | ID = 3299
Description = LabVIEW information:  Error: 404 "Not Found" for "deletetree", file
 "": No handler for URL: deletetree       .
 
Error - 02.05.2013 12:06:04 | Computer Name = Chris-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: gmer_2.1.19163.exe, Version: 2.1.19163.0,
 Zeitstempel: 0x515d31f0  Name des fehlerhaften Moduls: gmer_2.1.19163.exe, Version:
 2.1.19163.0, Zeitstempel: 0x515d31f0  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0000218a
ID
 des fehlerhaften Prozesses: 0x580  Startzeit der fehlerhaften Anwendung: 0x01ce474ea90ff2b3
Pfad
 der fehlerhaften Anwendung: C:\Users\Chris\Desktop\gmer_2.1.19163.exe  Pfad des fehlerhaften
 Moduls: C:\Users\Chris\Desktop\gmer_2.1.19163.exe  Berichtskennung: 302bc76d-b342-11e2-8b76-f2ea915d6cf3
 
Error - 02.05.2013 12:39:35 | Computer Name = Chris-PC | Source = System Restore | ID = 8193
Description = 
 
Error - 02.05.2013 12:49:38 | Computer Name = Chris-PC | Source = VSS | ID = 12289
Description = 
 
Error - 02.05.2013 12:51:47 | Computer Name = Chris-PC | Source = System Restore | ID = 8193
Description = 
 
[ System Events ]
Error - 01.05.2013 09:24:59 | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "National Instruments Domain Service" wurde unerwartet beendet.
 Dies ist bereits 1 Mal passiert.
 
Error - 01.05.2013 09:24:59 | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "NI System Web Server" wurde unerwartet beendet. Dies ist bereits
 1 Mal passiert.
 
Error - 01.05.2013 09:24:59 | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Lookout Citadel Server" wurde unerwartet beendet. Dies ist
 bereits 1 Mal passiert.
 
Error - 01.05.2013 09:24:59 | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "NI Application Web Server" wurde unerwartet beendet. Dies 
ist bereits 1 Mal passiert.
 
Error - 01.05.2013 09:25:00 | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "National Instruments mDNS Responder Service" wurde unerwartet
 beendet. Dies ist bereits 1 Mal passiert.
 
Error - 01.05.2013 09:27:45 | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler 
beendet:   %%16405
 
Error - 01.05.2013 09:30:28 | Computer Name = Chris-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80242016 fehlgeschlagen: Update für die Kompatibilitätsansichtsliste für
 Internet Explorer*8 für Windows 7 für x64-basierte Systeme (KB2598845)
 
Error - 01.05.2013 13:51:12 | Computer Name = Chris-PC | Source = bowser | ID = 8003
Description = 
 
Error - 02.05.2013 12:49:38 | Computer Name = Chris-PC | Source = volsnap | ID = 393283
Description = Die Schattenkopie des erstellten Volumes "C:" konnte nicht installiert
 werden.
 
Error - 02.05.2013 12:58:03 | Computer Name = Chris-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?02.?05.?2013 um 18:55:20 unerwartet heruntergefahren.
 
 
< End of report >

--- --- ---

GMER Logfile:
[CODE]GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-05-02 19:07:35
Windows 6.1.7600 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST31500341AS rev.CC4G 1397,27GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Chris\AppData\Local\Temp\fgloqpod.sys

---- User code sections - GMER 2.1 ----

.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[3320] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074fd1465 2 bytes [FD, 74]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[3320] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074fd14bb 2 bytes [FD, 74]
.text ... * 2

---- Registry - GMER 2.1 ----
GMER Log:

Code:

ATTFilter

Reg    HKLM\SYSTEM\CurrentControlSet\services\WmiApRpl\Performance@Last Counter                                                                 6920
Reg    HKLM\SYSTEM\CurrentControlSet\services\WmiApRpl\Performance@Last Help                                                                    6921
Reg    HKLM\SYSTEM\CurrentControlSet\services\WmiApRpl\Performance@First Counter                                                                6754
Reg    HKLM\SYSTEM\CurrentControlSet\services\WmiApRpl\Performance@First Help                                                                   6755
Reg    HKLM\SYSTEM\CurrentControlSet\services\WmiApRpl\Performance@Object List                                                                  6754 6760 6770 6780 6800 6844 6854 6892 6898 6914

---- EOF - GMER 2.1 ----

--- --- ---

aharonov · 02.05.2013, 18:25

Hi,

du hättest diese Scans nicht zu wiederholen brauchen, sondern nur die bestehenden Logs nochmals in Codetags einzufügen..

Aber so ist auch gut.

Zitat:

ich habe den Verdacht auf eine Infizierung mit dem
Trojaner ZeroAccess!inf4 /services.exe

Kannst du mir noch sagen, woher dieser Verdacht kommt?
Gibt es Logfiles mit entsprechenden Funden? Wenn ja, dann möchte ich diese ebenfalls noch sehen.

Chrisy · 02.05.2013, 18:37

Danke für die schnelle Hilfe! :-)
Ich habe bevor ich dieses Forum betreten habe, das System schon einmal neu aufgesetzt.
Davor teilte mir Norton mit, dass eine Infektion mit dem genannten Trojaner bestünde und
"Manuelles Eingreifen" nötig sei.
Aber wenn sich das jetzt dank Ihrer Hilfe erledigt hat, bin ich natürlich erleichtert!
Edit: Außerdem habe ich diverse Tools von Norton angewendet (FixZeroAccess, Norton Power Erase, Norton Bootable Recovery Tool).

aharonov · 02.05.2013, 19:09

Hi,

Zitat:

Ich habe bevor ich dieses Forum betreten habe, das System schon einmal neu aufgesetzt.

Also wenn du sauber formatiert und neu aufgesetzt hast, dann sollte jetzt nichts mehr davon da sein...

Chrisy · 02.05.2013, 19:14

Ok das ist gut zu wissen. :-)
Ich danke Ihnen trotzdem für Ihre Hilfe und wünsche schon heute ein schönes Wochenende!

aharonov · 02.05.2013, 19:15

Wünsche ebenfall ein (baldiges) schönes Wochenende.

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Ich bekomme somit keine Benachrichtigung mehr über neue Antworten.
Solltest du das Thema erneut brauchen, schicke mir bitte eine PM und wir machen hier weiter.

Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.

02.05.2013, 17:57	#4
aharonov /// TB-Ausbilder	Trojan ZeroAccess!inf4 Kannst du diese Logfiles bitte nicht anhängen (das erschwert mir das Auswerten massiv), sondern deren Inhalt direkt innerhalb von Codetags einfügen: [code]Inhalt Logfile[/code]. Wenn sie zu gross sind, dann (und nur dann) in ein zip-Archiv (nicht *.7z) packen und anhängen. Danke. __________________ cheers, Leo

Trojan ZeroAccess!inf4

Plagegeister aller Art und deren Bekämpfung: Trojan ZeroAccess!inf4