Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Virus/Trojaner im Energiesparmodus aktiv?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 29.07.2013, 06:36   #1
cocakiller
 
Virus/Trojaner im Energiesparmodus aktiv? - Frage

Virus/Trojaner im Energiesparmodus aktiv?



Hallo

Heute morgen wurde ich von meinem Laptop geweckt.
Aber erstmal die Vorgeschichte:
Gestern habe ich beim Mails checken einen Anhang runtergeladen einer typischen Mahnung in einer zip Datei. In dieser befand sich eine weitere und in jener dann eine .com Datei.

Ich weiß das man sowas garnicht erst öffnen sollte etc. Aber ich war neugierig und wollte versuchen die Datei zu dekompilieren.
Zuerst hatte ich aber die Datei in einer sandbox gestartet was sich dann als Fehler herausgestellt hat da ich gelesen habe das Viren aus der sandbox ausbrechen können.
Dann habe ich die Datei durch diverse dekompilierer gejagt. In irgendeiner der Aktionen muss sich der Virus (fakeadobe irgendwas laut virustotal) dann wohl eingenistet haben.

Soweit so blöd, klar ist das meine eigene Schuld, werde mein System aber eh neu aufsetzen.

Heute morgen dann wurde ich um 06.10 uhr geweckt.
Als ich mich umgesehen habe ist mir nichts weiter aufgefallen, das Handy war aus (Akku raus), der Laptop zugeklappt (Energiesparmodus) und sonst kein Wecker im Umkreis.

Geweckt wurde ich durch wenige Sekunden eines Liedes das ich mir gestern auf Facebook angehört hatte wie sich dann herausgestellt hat als ich den Laptop gestartet und mein Kennwort zur Reaktivierung eingegeben habe.

Meine Frage ist nun ob Viren sich im ausgeschalteten (Energiesparmodus) auf dem PC umsehen können und sowas wie Musik oder geöffnete Programme starten und bedienen können?


Lg

Alt 29.07.2013, 07:05   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Virus/Trojaner im Energiesparmodus aktiv? - Standard

Virus/Trojaner im Energiesparmodus aktiv?



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 29.07.2013, 16:19   #3
cocakiller
 
Virus/Trojaner im Energiesparmodus aktiv? - Standard

Virus/Trojaner im Energiesparmodus aktiv?



Nunja, es war eigentlich nicht mein Anliegen, den Trojaner zu entfernen. Eigentlich wollte ich wissen, ob die geschilderte Situation möglich ist?

Aber trotzdem, hier der Scan aus dem abgesicherten Modus:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-07-2013
Ran by Sebastian (administrator) on 29-07-2013 17:16:12
Running from C:\Users\Sebastian\Downloads
Windows 7 Ultimate (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Safe Mode (with Networking)

==================== Processes (Whitelisted) =================

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SoundMAX] - C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe [3866624 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2174760 2010-06-03] (Synaptics Incorporated)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKCU\...\Run: [SandboxieControl] - C:\Program Files\Sandboxie\SbieCtrl.exe [759384 2013-07-08] (Sandboxie Holdings, LLC)
HKLM-x32\...\Run: [QlbCtrl.exe] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [287800 2010-02-25] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SoundMAXPnP] - C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKLM-x32\...\Run: [] -  [x]

==================== Internet (Whitelisted) ====================

ProxyServer: 118.99.64.50:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Simple Pass) - C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll ( HP)
CHR Extension: (Google Docs) - C:\Users\SEBAST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\SEBAST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\SEBAST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\SEBAST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Website Logon) - C:\Users\SEBAST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaaieiajnhcnimjgfmjpccjmmfkploci\6.0.100_0
CHR Extension: (Gmail) - C:\Users\SEBAST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [jaaieiajnhcnimjgfmjpccjmmfkploci] - C:\Program Files (x86)\HP SimplePass\tschrome.crx

==================== Services (Whitelisted) =================

S2 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [111616 2008-07-15] (Andrea Electronics Corporation)
S2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641320 2012-09-03] (HP)
S2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [183896 2013-07-08] (Sandboxie Holdings, LLC)
S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.)

==================== Drivers (Whitelisted) ====================

S3 RICOH SmartCard Reader; C:\Windows\System32\DRIVERS\rismcx64.sys [59008 2009-07-20] (RICOH Company, Ltd.)
R3 rismcx64; C:\Windows\System32\DRIVERS\rismcx64.sys [59008 2009-07-20] (RICOH Company, Ltd.)
S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [199384 2013-07-08] (Sandboxie Holdings, LLC)
U4 eabfiltr; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-29 17:16 - 2013-07-29 17:16 - 00000000 ____D C:\FRST
2013-07-29 17:15 - 2013-07-29 17:16 - 01780547 _____ (Farbar) C:\Users\Sebastian\Downloads\FRST64.exe
2013-07-29 06:13 - 2013-07-29 06:13 - 00000000 ____D C:\74ddda2fd97d97c228b57e5a15
2013-07-28 23:35 - 2013-07-28 23:35 - 00398311 _____ C:\Users\Sebastian\Downloads\PEiD-0.95-20081103.zip
2013-07-28 23:33 - 2013-07-28 23:33 - 00000000 ____D C:\Program Files (x86)\VB Decompiler Pro
2013-07-28 23:31 - 2013-07-28 23:33 - 06430691 _____ C:\Users\Sebastian\Downloads\VB.Decompiler.Pro.v8.3.RETAIL.INCL_KEYGEN_PATCH-FFF.rar
2013-07-28 23:28 - 2013-07-28 23:28 - 00000240 _____ C:\Windows\w32dasm8.ini
2013-07-28 23:27 - 2013-07-28 23:27 - 01905979 _____ C:\Users\Sebastian\Downloads\Win32dasm.zip
2013-07-28 23:26 - 2013-07-28 23:26 - 00000000 ____D C:\Users\SEBAST~1\AppData\Local\Red Gate
2013-07-28 23:26 - 2013-07-28 23:26 - 00000000 ____D C:\Users\SEBAST~1\AppData\Local\IsolatedStorage
2013-07-28 23:25 - 2013-07-28 23:25 - 09773440 _____ (Red Gate Software Ltd.) C:\Users\Sebastian\Downloads\ReflectorInstaller.exe
2013-07-28 23:25 - 2013-07-28 23:25 - 00000000 ____D C:\Windows\Downloaded Installations
2013-07-28 23:25 - 2013-07-28 23:25 - 00000000 ____D C:\Program Files (x86)\Red Gate
2013-07-28 23:19 - 2013-07-28 23:21 - 00001466 _____ C:\Windows\Sandboxie.ini
2013-07-28 23:19 - 2013-07-28 23:19 - 00000914 _____ C:\Users\Sebastian\Desktop\Sandboxed Web Browser.lnk
2013-07-28 23:19 - 2013-07-28 23:19 - 00000000 ___RD C:\Sandbox
2013-07-28 23:19 - 2013-07-28 23:19 - 00000000 ____D C:\Program Files\Sandboxie
2013-07-28 23:18 - 2013-07-28 23:19 - 02590808 _____ (Sandboxie Holdings, LLC) C:\Users\Sebastian\Downloads\Sandboxie404Install.exe
2013-07-28 23:17 - 2013-07-28 23:17 - 00079767 _____ C:\Users\Sebastian\Downloads\Julian Sch-fer Mahnkosten 13.05.2013 389058615  software-download.mediamarkt.de.zip
2013-07-28 23:11 - 2013-07-28 23:11 - 00046803 _____ C:\Users\Sebastian\Downloads\message-rfc822-attachment (4)
2013-07-28 23:11 - 2013-07-28 23:11 - 00045607 _____ C:\Users\Sebastian\Downloads\message-rfc822-attachment (8)
2013-07-28 23:11 - 2013-07-28 23:11 - 00045533 _____ C:\Users\Sebastian\Downloads\message-rfc822-attachment (7)
2013-07-28 23:11 - 2013-07-28 23:11 - 00045259 _____ C:\Users\Sebastian\Downloads\message-rfc822-attachment (9)
2013-07-28 23:11 - 2013-07-28 23:11 - 00045135 _____ C:\Users\Sebastian\Downloads\message-rfc822-attachment (6)
2013-07-28 23:11 - 2013-07-28 23:11 - 00044385 _____ C:\Users\Sebastian\Downloads\message-rfc822-attachment (5)
2013-07-28 23:11 - 2013-07-28 23:11 - 00033318 _____ C:\Users\Sebastian\Downloads\message-rfc822-attachment
2013-07-28 23:11 - 2013-07-28 23:11 - 00023060 _____ C:\Users\Sebastian\Downloads\message-rfc822-attachment (3)
2013-07-28 23:11 - 2013-07-28 23:11 - 00022974 _____ C:\Users\Sebastian\Downloads\message-rfc822-attachment (2)
2013-07-28 23:11 - 2013-07-28 23:11 - 00021594 _____ C:\Users\Sebastian\Downloads\message-rfc822-attachment (1)
2013-07-28 22:23 - 2013-07-29 06:12 - 00000362 _____ C:\Users\Sebastian\Desktop\GELD.txt
2013-07-28 12:41 - 2013-07-28 12:42 - 00000000 ____D C:\Windows\system32\MRT
2013-07-27 11:30 - 2013-07-27 11:30 - 00000000 ____D C:\Users\Public\Documents\Hewlett-Packard
2013-07-27 09:48 - 2011-02-19 08:37 - 01135104 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-27 00:05 - 2013-07-27 10:23 - 00000000 ____D C:\ProgramData\TrueSuite
2013-07-26 23:52 - 2013-07-26 23:52 - 00853892 _____ C:\Users\Sebastian\Downloads\pwdbank.crx
2013-07-26 23:52 - 2013-07-26 23:52 - 00853892 _____ C:\Users\Sebastian\Downloads\pwdbank (1).crx
2013-07-26 23:50 - 2013-07-26 23:50 - 00000000 ____D C:\Users\SEBAST~1\AppData\Local\HP
2013-07-26 23:50 - 2013-07-26 23:50 - 00000000 ____D C:\Program Files (x86)\HP SimplePass
2013-07-26 23:49 - 2013-07-26 23:49 - 00000000 ____D C:\ProgramData\HP SimplePass 2011
2013-07-26 23:49 - 2013-07-26 23:49 - 00000000 ____D C:\Program Files\AuthenTec
2013-07-26 23:46 - 2013-07-26 23:49 - 69342139 _____ C:\Users\Sebastian\Downloads\HPLite32_build_6.0.100.252.zip
2013-07-26 23:44 - 2013-07-26 23:48 - 77937321 _____ C:\Users\Sebastian\Downloads\1.6.1_package.zip
2013-07-26 23:42 - 2013-07-26 23:42 - 01069944 _____ (Solid State Networks) C:\Users\Sebastian\Downloads\install_reader11_de_mssd_aaa_aih.exe
2013-07-26 23:41 - 2013-07-26 23:41 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\KeepSafe
2013-07-26 23:36 - 2013-07-26 23:49 - 00000000 ____D C:\Program Files\Common Files\AuthenTec
2013-07-26 23:36 - 2013-07-26 23:36 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ATSwpWDF_01009.Wdf
2013-07-26 23:36 - 2013-07-26 23:36 - 00000000 ____D C:\Windows\system32\upeksce
2013-07-26 23:36 - 2013-07-26 23:36 - 00000000 ____D C:\Users\SEBAST~1\AppData\Local\AuthenTec
2013-07-26 23:36 - 2013-07-26 23:36 - 00000000 ____D C:\ProgramData\Adobe
2013-07-26 23:36 - 2013-07-26 23:36 - 00000000 ____D C:\Program Files\Fingerprint Sensor
2013-07-26 23:36 - 2013-07-26 23:36 - 00000000 ____D C:\Program Files\AuthenTec TrueSuite
2013-07-26 23:35 - 2013-07-26 23:50 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-07-26 23:35 - 2013-07-26 23:35 - 00000000 ____D C:\Users\SEBAST~1\AppData\Local\Adobe
2013-07-26 23:34 - 2013-07-26 23:35 - 62509312 _____ (AuthenTec, Inc.                                                ) C:\Users\Sebastian\Downloads\premium64_5-2-2-62.exe
2013-07-26 23:31 - 2013-07-26 23:31 - 00653312 _____ C:\Users\Sebastian\Downloads\MicrosoftFixit50470.msi
2013-07-26 23:28 - 2013-07-26 23:28 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-07-26 23:28 - 2013-07-26 23:28 - 00000000 ____D C:\Program Files\WinRAR
2013-07-26 23:27 - 2013-07-26 23:49 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\WinRAR
2013-07-26 23:26 - 2013-07-26 23:26 - 01758823 _____ C:\Users\Sebastian\Downloads\winrar-x64-420d.exe
2013-07-26 23:25 - 2013-07-26 23:25 - 00001374 _____ C:\Users\Sebastian\Desktop\CCleaner.lnk
2013-07-26 23:25 - 2013-07-26 23:25 - 00000000 ____D C:\Program Files\CCleaner
2013-07-26 23:24 - 2013-07-26 23:24 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-07-26 23:24 - 2013-07-26 23:24 - 00000000 _____ C:\Windows\HPMProp.INI
2013-07-26 23:24 - 2013-05-10 09:41 - 00518432 _____ (HP) C:\Windows\SysWOW64\hpcdmc32.dll
2013-07-26 23:24 - 2013-05-10 09:40 - 00237344 _____ (Hewlett-Packard Company) C:\Windows\system32\hpmlm135.dll
2013-07-26 23:24 - 2013-05-10 09:40 - 00216864 _____ (Hewlett-Packard) C:\Windows\system32\hpmml150.dll
2013-07-26 23:24 - 2013-05-10 09:40 - 00189728 _____ (Hewlett-Packard) C:\Windows\system32\hpmpm081.dll
2013-07-26 23:24 - 2013-05-10 09:40 - 00162080 _____ (Hewlett-Packard) C:\Windows\system32\hpmtp150.dll
2013-07-26 23:24 - 2013-05-10 09:40 - 00074016 _____ (Hewlett-Packard) C:\Windows\system32\hpmpw081.dll
2013-07-26 23:24 - 2013-05-10 09:39 - 00438560 _____ (Hewlett-Packard Corporation) C:\Windows\system32\hpcpn150.dll
2013-07-26 23:24 - 2013-05-10 09:39 - 00199968 _____ (Hewlett-Packard) C:\Windows\system32\hpmja150.dll
2013-07-26 23:24 - 2013-05-10 09:38 - 00140064 _____ (Hewlett-Packard) C:\Windows\system32\hpcjpm.dll
2013-07-26 23:24 - 2013-05-10 09:36 - 00436512 _____ C:\Windows\SysWOW64\hpcc3150.dll
2013-07-26 23:24 - 2011-02-11 15:23 - 00193592 _____ (Hewlett-Packard) C:\Windows\system32\hppdcompio.dll
2013-07-26 23:24 - 2011-02-11 15:23 - 00167480 _____ (Hewlett-Packard) C:\Windows\SysWOW64\hppccompio.dll
2013-07-26 23:24 - 2009-02-25 17:32 - 00060440 _____ (Hewlett-Packard) C:\Windows\system32\FxCompChannel_x64.dll
2013-07-26 23:23 - 2013-07-26 23:23 - 00000000 ____D C:\HP Universal Print Driver
2013-07-26 23:23 - 2013-05-10 09:42 - 00559904 _____ (Hewlett Packard) C:\Windows\system32\hpmprein.dll
2013-07-26 23:23 - 2013-05-10 09:39 - 00082208 _____ (Hewlett-Packard) C:\Windows\system32\hpmco150.dll
2013-07-26 22:23 - 2013-07-26 22:23 - 00015222 _____ C:\Windows\system32\results.xml
2013-07-26 22:22 - 2013-07-26 22:22 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2013-07-26 22:21 - 2013-07-26 22:21 - 00000000 ____D C:\Program Files\Synaptics
2013-07-26 22:21 - 2013-07-26 22:21 - 00000000 ____D C:\Program Files (x86)\Intel
2013-07-26 22:20 - 2013-07-26 23:36 - 00012972 _____ C:\Windows\DPINST.LOG
2013-07-26 22:20 - 2013-07-26 22:20 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_HpqKbFiltr_01005.Wdf
2013-07-26 22:20 - 2013-07-26 22:20 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ATSwpWDF_01005.Wdf
2013-07-26 22:20 - 2009-07-24 10:49 - 00114688 _____ (RICOH) C:\Windows\SysWOW64\RicohMediadriverVer.dll
2013-07-26 22:20 - 2009-07-20 15:05 - 00059008 _____ (RICOH Company, Ltd.) C:\Windows\system32\Drivers\rismcx64.sys
2013-07-26 22:20 - 2009-06-25 17:04 - 00067584 _____ (REDC) C:\Windows\system32\Drivers\rimmpx64.sys
2013-07-26 22:19 - 2013-07-26 22:19 - 00007413 _____ C:\Windows\SMinstall.log
2013-07-26 22:19 - 2013-07-26 22:19 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\InstallShield
2013-07-26 22:19 - 2013-07-26 22:19 - 00000000 ____D C:\ProgramData\SonicFocus
2013-07-26 22:19 - 2013-07-26 22:19 - 00000000 ____D C:\Program Files (x86)\Analog Devices
2013-07-26 22:19 - 2009-05-18 13:27 - 00032768 _____ (Analog Devices) C:\Windows\SysWOW64\adidrm.dll
2013-07-26 22:19 - 2008-12-10 13:26 - 00060928 _____ (Sonic Focus, Inc.) C:\Windows\SysWOW64\SFFXComm.dll
2013-07-26 22:18 - 2013-07-26 22:21 - 00000000 ____D C:\Intel
2013-07-26 22:18 - 2010-05-14 03:47 - 00030080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys
2013-07-26 22:17 - 2009-12-04 09:26 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-07-26 22:17 - 2009-12-04 09:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-07-26 22:17 - 2009-11-14 05:58 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2013-07-26 22:16 - 2009-10-21 05:27 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-07-26 22:16 - 2009-10-01 09:42 - 00777216 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2013-07-26 22:16 - 2009-10-01 09:17 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2013-07-26 22:15 - 2013-07-26 22:15 - 00000000 __RSH C:\Windows\SysWOW64\Drivers\103C_HP_bNB_EliteBook 6930p_Y5336AN_0U_QCZC91362WD_EU_4A_I30DB_SHP_V87.22_68PCU F.0E_T081215_WU1-0_L407_M4026_J128_7Intel_867A_92.53_#130726_N808610F5;80864237_(J1291904)_XMOBILE_CN10_Z_2F.0E_G80862A42;80862A43.MRK
2013-07-26 22:15 - 2013-07-26 22:15 - 00000000 __RSH C:\Windows\system32\Drivers\103C_HP_bNB_EliteBook 6930p_Y5336AN_0U_QCZC91362WD_EU_4A_I30DB_SHP_V87.22_68PCU F.0E_T081215_WU1-0_L407_M4026_J128_7Intel_867A_92.53_#130726_N808610F5;80864237_(J1291904)_XMOBILE_CN10_Z_2F.0E_G80862A42;80862A43.MRK
2013-07-26 22:15 - 2009-09-01 08:34 - 00263256 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2013-07-26 22:14 - 2013-07-26 22:21 - 00000000 ____D C:\SWSetup
2013-07-26 22:13 - 2013-07-26 22:14 - 41598688 _____ (Hewlett Packard                                             ) C:\Users\Sebastian\Downloads\sp59783.exe
2013-07-26 22:13 - 2013-07-26 22:14 - 36857008 _____ (Hewlett-Packard Company                                     ) C:\Users\Sebastian\Downloads\sp49415.exe
2013-07-26 22:13 - 2013-07-26 22:14 - 27313864 _____ (Hewlett Packard                                             ) C:\Users\Sebastian\Downloads\sp49104.exe
2013-07-26 22:13 - 2013-07-26 22:13 - 07645416 _____ (Hewlett-Packard Company                                     ) C:\Users\Sebastian\Downloads\sp47729.exe
2013-07-26 22:13 - 2013-07-26 22:13 - 05613232 _____ (Hewlett-Packard Company                                     ) C:\Users\Sebastian\Downloads\sp45131.exe
2013-07-26 22:13 - 2013-07-26 22:13 - 04894616 _____ (Hewlett-Packard Company                                     ) C:\Users\Sebastian\Downloads\sp45112.exe
2013-07-26 22:12 - 2013-07-26 22:13 - 16056480 _____ (Hewlett Packard                                             ) C:\Users\Sebastian\Downloads\sp45115.exe
2013-07-26 22:11 - 2013-07-26 22:11 - 10861984 _____ (Hewlett-Packard Company                                     ) C:\Users\Sebastian\Downloads\sp49246.exe
2013-07-26 22:11 - 2013-07-26 22:11 - 01456144 _____ (Hewlett-Packard Company                                     ) C:\Users\Sebastian\Downloads\sp55508.exe
2013-07-26 22:11 - 2013-07-26 22:11 - 00320152 _____ (Hewlett-Packard                                             ) C:\Users\Sebastian\Downloads\sp50638.exe
2013-07-26 22:06 - 2013-07-26 22:06 - 310829519 _____ C:\Windows\MEMORY.DMP
2013-07-26 22:06 - 2013-07-26 22:06 - 01661232 _____ C:\Windows\Minidump\072613-12246-01.dmp
2013-07-26 22:06 - 2013-07-26 22:06 - 00000000 ____D C:\Windows\Minidump
2013-07-26 21:57 - 2010-09-14 08:45 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2013-07-26 21:57 - 2010-09-14 08:07 - 00276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2013-07-26 21:55 - 2013-06-24 00:57 - 78277128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-26 21:55 - 2009-09-10 08:28 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2013-07-26 21:55 - 2009-09-10 07:52 - 00257024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2013-07-26 21:54 - 2012-07-26 06:55 - 00785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-07-26 21:54 - 2012-07-26 06:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-07-26 21:54 - 2012-07-26 04:36 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2013-07-26 21:54 - 2012-06-02 16:35 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2013-07-26 21:50 - 2013-07-26 23:55 - 00001722 _____ C:\Windows\PFRO.log
2013-07-26 21:40 - 2013-07-26 20:44 - 00000000 ____D C:\Windows\Panther
2013-07-26 21:33 - 2013-07-29 06:12 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-26 21:33 - 2013-07-28 21:38 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-26 21:33 - 2013-07-26 21:33 - 00004112 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-26 21:33 - 2013-07-26 21:33 - 00003860 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-26 21:33 - 2013-07-26 21:33 - 00002255 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-26 21:33 - 2013-07-26 21:33 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Apps\2.0
2013-07-26 21:33 - 2013-07-26 21:33 - 00000000 ____D C:\Users\SEBAST~1\AppData\Local\Google
2013-07-26 21:33 - 2013-07-26 21:33 - 00000000 ____D C:\Users\SEBAST~1\AppData\Local\Deployment
2013-07-26 21:33 - 2013-07-26 21:33 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-26 21:32 - 2013-07-26 21:32 - 00003552 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask
2013-07-26 21:32 - 2013-07-26 21:32 - 00000000 _____ C:\Users\SEBAST~1\AppData\Local\QSwitch.txt
2013-07-26 21:32 - 2013-07-26 21:32 - 00000000 _____ C:\Users\SEBAST~1\AppData\Local\DSwitch.txt
2013-07-26 21:32 - 2013-07-26 21:32 - 00000000 _____ C:\Users\SEBAST~1\AppData\Local\AtStart.txt
2013-07-26 21:29 - 2013-07-26 21:29 - 00131072 _____ (PlanetSoft.org) C:\Users\Sebastian\Desktop\BootTimer.exe
2013-07-26 21:23 - 2010-02-23 10:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2013-07-26 21:23 - 2009-11-25 12:47 - 01942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2013-07-26 21:23 - 2009-11-25 12:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2013-07-26 21:23 - 2009-11-25 12:47 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2013-07-26 21:23 - 2009-11-25 12:47 - 00320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2013-07-26 21:23 - 2009-11-25 12:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
2013-07-26 21:23 - 2009-11-25 12:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
2013-07-26 21:23 - 2009-11-25 12:47 - 00109912 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2013-07-26 21:23 - 2009-11-25 12:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
2013-07-26 21:23 - 2009-11-25 12:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
2013-07-26 21:23 - 2009-11-25 12:47 - 00048960 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 17829376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 12333568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-07-26 21:21 - 2013-07-26 21:21 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-07-26 21:21 - 2013-07-26 21:21 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-26 21:21 - 2013-07-26 21:21 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-26 21:21 - 2013-07-26 21:21 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-26 21:21 - 2013-07-26 21:21 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-26 21:21 - 2013-07-26 21:21 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-07-26 21:21 - 2013-07-26 21:21 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-07-26 21:21 - 2013-07-26 21:21 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-26 21:21 - 2013-07-26 21:21 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-07-26 21:21 - 2013-07-26 21:21 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-07-26 21:21 - 2013-07-26 21:21 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-07-26 21:21 - 2013-07-26 21:21 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-07-26 21:21 - 2013-07-26 21:21 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-26 21:21 - 2013-07-26 21:21 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-07-26 21:21 - 2013-07-26 21:21 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-26 21:21 - 2013-07-26 21:21 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-26 21:21 - 2013-07-26 21:21 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-07-26 21:21 - 2013-07-26 21:21 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-07-26 21:21 - 2013-07-26 21:21 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-26 21:21 - 2013-07-26 21:21 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2013-07-26 21:21 - 2013-07-26 21:21 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-07-26 21:21 - 2013-07-26 21:21 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-07-26 21:21 - 2013-07-26 21:21 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-07-26 21:21 - 2013-07-26 21:21 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-07-26 21:21 - 2013-07-26 21:21 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-07-26 21:20 - 2013-07-26 21:22 - 00004747 _____ C:\Windows\IE9_main.log
2013-07-26 21:12 - 2012-12-16 18:52 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-07-26 21:12 - 2012-12-16 16:40 - 00367616 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-07-26 21:12 - 2012-12-16 16:25 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-07-26 21:12 - 2012-12-16 16:25 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-07-26 21:12 - 2009-10-19 16:46 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-07-26 21:12 - 2009-10-19 16:10 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-07-26 21:11 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2013-07-26 21:11 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2013-07-26 21:11 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2013-07-26 21:11 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2013-07-26 21:11 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2013-07-26 21:11 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2013-07-26 21:11 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2013-07-26 21:11 - 2012-06-02 16:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2013-07-26 21:10 - 2013-07-26 22:20 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-26 21:10 - 2013-07-26 22:20 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\hpqLog
2013-07-26 21:10 - 2013-07-26 22:15 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2013-07-26 21:10 - 2013-07-26 21:10 - 00000000 ____D C:\Windows\QLB
2013-07-26 21:10 - 2013-07-26 21:10 - 00000000 ____D C:\Users\Default\AppData\Roaming\hpqLog
2013-07-26 21:10 - 2013-07-26 21:10 - 00000000 ____D C:\Users\Default User\AppData\Roaming\hpqLog
2013-07-26 21:10 - 2010-02-25 17:51 - 01863680 _____ (Hewlett-Packard Company) C:\Windows\SysWOW64\BttnCmn.dll
2013-07-26 21:10 - 2010-02-25 15:20 - 01885488 _____ (Hewlett-Packard Company) C:\Windows\SysWOW64\BttnCmns.dll
2013-07-26 21:10 - 2009-04-29 07:48 - 00018432 _____ (Hewlett-Packard Development Company, L.P.) C:\Windows\system32\Drivers\HpqKbFiltr.sys
2013-07-26 21:10 - 2009-04-20 08:40 - 00011264 _____ (Hewlett-Packard Development Company, L.P.) C:\Windows\system32\Drivers\CPQBttn64.sys
2013-07-26 21:10 - 2006-11-02 06:04 - 01919968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wdfcoinstaller01005.dll
2013-07-26 21:07 - 2012-03-01 08:54 - 00022896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2013-07-26 21:07 - 2012-03-01 08:40 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-07-26 21:07 - 2012-03-01 08:35 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2013-07-26 21:07 - 2012-03-01 07:45 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-07-26 21:07 - 2012-03-01 07:40 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2013-07-26 21:05 - 2012-08-11 02:53 - 00714752 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2013-07-26 21:05 - 2012-08-11 01:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2013-07-26 21:05 - 2011-12-16 10:42 - 00634368 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2013-07-26 21:05 - 2011-12-16 09:59 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2013-07-26 21:05 - 2010-03-04 06:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2013-07-26 21:04 - 2013-04-12 16:36 - 01653096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2013-07-26 21:04 - 2013-03-19 08:19 - 05497688 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-07-26 21:04 - 2013-03-19 07:54 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-07-26 21:04 - 2013-03-19 07:06 - 03958120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-07-26 21:04 - 2013-03-19 07:06 - 03902312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-07-26 21:04 - 2013-03-19 06:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-07-26 21:04 - 2013-03-19 05:19 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-07-26 21:04 - 2012-12-07 07:41 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2013-07-26 21:04 - 2012-12-07 07:35 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2013-07-26 21:04 - 2012-12-07 07:04 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2013-07-26 21:04 - 2012-12-07 06:57 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2013-07-26 21:04 - 2012-12-07 05:45 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2013-07-26 21:04 - 2012-12-07 05:45 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2013-07-26 21:04 - 2012-12-07 05:45 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2013-07-26 21:04 - 2012-12-07 05:45 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2013-07-26 21:04 - 2012-12-07 05:45 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2013-07-26 21:04 - 2012-12-07 05:45 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2013-07-26 21:04 - 2012-12-07 05:45 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2013-07-26 21:04 - 2012-12-07 05:45 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2013-07-26 21:04 - 2012-12-07 05:45 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2013-07-26 21:04 - 2012-12-07 05:45 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2013-07-26 21:04 - 2012-12-07 05:45 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2013-07-26 21:04 - 2012-12-07 05:45 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2013-07-26 21:04 - 2012-12-07 05:45 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2013-07-26 21:04 - 2012-12-07 05:45 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2013-07-26 21:04 - 2012-12-07 05:21 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2013-07-26 21:04 - 2012-12-07 05:21 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2013-07-26 21:04 - 2012-12-07 05:21 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2013-07-26 21:04 - 2012-12-07 05:21 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2013-07-26 21:04 - 2012-12-07 05:21 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2013-07-26 21:04 - 2012-12-07 05:21 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2013-07-26 21:04 - 2012-12-07 05:21 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2013-07-26 21:04 - 2012-12-07 05:21 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2013-07-26 21:04 - 2012-12-07 05:21 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2013-07-26 21:04 - 2012-12-07 05:21 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2013-07-26 21:04 - 2012-12-07 05:21 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2013-07-26 21:04 - 2012-12-07 05:21 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2013-07-26 21:04 - 2012-12-07 05:21 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2013-07-26 21:04 - 2012-12-07 05:21 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2013-07-26 21:04 - 2012-11-22 12:32 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2013-07-26 21:04 - 2012-11-22 11:33 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2013-07-26 21:04 - 2012-11-20 07:55 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-07-26 21:04 - 2012-11-20 07:10 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-07-26 21:04 - 2012-11-02 07:30 - 02001408 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2013-07-26 21:04 - 2012-11-02 07:30 - 01880064 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2013-07-26 21:04 - 2012-11-02 06:50 - 01388544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2013-07-26 21:04 - 2012-11-02 06:50 - 01236992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2013-07-26 21:04 - 2012-08-02 19:55 - 00574464 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-26 21:04 - 2012-08-02 19:05 - 00490496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-07-26 21:04 - 2012-07-05 00:04 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2013-07-26 21:04 - 2012-07-05 00:01 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2013-07-26 21:04 - 2012-07-05 00:01 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2013-07-26 21:04 - 2012-07-04 23:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2013-07-26 21:04 - 2012-07-04 23:23 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2013-07-26 21:04 - 2012-06-09 07:30 - 14165504 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-07-26 21:04 - 2012-06-09 06:46 - 12868608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-07-26 21:04 - 2012-06-02 07:38 - 00152432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-07-26 21:04 - 2012-06-02 07:38 - 00095088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-07-26 21:04 - 2012-06-02 07:37 - 00459216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-07-26 21:04 - 2012-06-02 07:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-07-26 21:04 - 2012-06-02 06:48 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-07-26 21:04 - 2012-06-02 06:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-07-26 21:04 - 2012-06-02 06:42 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-07-26 21:04 - 2012-04-28 05:50 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2013-07-26 21:04 - 2012-04-26 07:34 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2013-07-26 21:04 - 2012-04-26 07:34 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2013-07-26 21:04 - 2012-04-26 07:28 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2013-07-26 21:04 - 2012-04-07 14:18 - 03213824 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2013-07-26 21:04 - 2012-04-07 13:34 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2013-07-26 21:04 - 2012-03-17 09:55 - 00075632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2013-07-26 21:04 - 2011-11-17 09:14 - 01739160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-07-26 21:04 - 2011-11-17 09:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-07-26 21:04 - 2011-11-17 09:11 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-07-26 21:04 - 2011-11-17 09:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-07-26 21:04 - 2011-11-17 09:08 - 01446912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-07-26 21:04 - 2011-11-17 09:05 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-07-26 21:04 - 2011-11-17 07:41 - 01292592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-07-26 21:04 - 2011-10-15 08:25 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2013-07-26 21:04 - 2011-10-15 07:48 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2013-07-26 21:04 - 2011-08-17 07:32 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2013-07-26 21:04 - 2011-08-17 07:27 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2013-07-26 21:04 - 2011-08-17 07:27 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2013-07-26 21:04 - 2011-08-17 07:27 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2013-07-26 21:04 - 2011-08-17 07:27 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2013-07-26 21:04 - 2011-08-17 06:26 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2013-07-26 21:04 - 2011-08-17 06:22 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2013-07-26 21:04 - 2011-08-17 06:22 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2013-07-26 21:04 - 2011-08-17 06:22 - 00072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2013-07-26 21:04 - 2011-08-17 06:22 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2013-07-26 21:04 - 2011-07-09 04:44 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2013-07-26 21:04 - 2011-06-15 11:58 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2013-07-26 21:04 - 2011-06-15 11:58 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2013-07-26 21:04 - 2011-06-15 11:58 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2013-07-26 21:04 - 2011-06-15 11:58 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2013-07-26 21:04 - 2011-06-15 11:04 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2013-07-26 21:04 - 2011-06-15 11:04 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2013-07-26 21:04 - 2011-06-15 11:04 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2013-07-26 21:04 - 2011-06-15 11:04 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2013-07-26 21:04 - 2011-06-15 11:04 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2013-07-26 21:04 - 2011-05-04 04:51 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2013-07-26 21:04 - 2011-05-04 04:51 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2013-07-26 21:04 - 2011-04-09 08:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2013-07-26 21:04 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2013-07-26 21:04 - 2011-03-12 14:03 - 00662528 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-07-26 21:04 - 2011-03-12 13:31 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-07-26 21:04 - 2011-03-11 08:19 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2013-07-26 21:04 - 2011-03-11 08:19 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2013-07-26 21:04 - 2011-03-11 07:40 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2013-07-26 21:04 - 2011-03-11 07:40 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2013-07-26 21:04 - 2011-03-03 08:17 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2013-07-26 21:04 - 2011-03-03 08:17 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2013-07-26 21:04 - 2011-03-03 08:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2013-07-26 21:04 - 2011-03-03 07:29 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2013-07-26 21:04 - 2011-03-03 07:27 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2013-07-26 21:04 - 2011-02-26 08:23 - 02870272 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-07-26 21:04 - 2011-02-26 07:33 - 02614784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-07-26 21:04 - 2011-02-24 08:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-07-26 21:04 - 2011-02-24 07:32 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-07-26 21:04 - 2011-02-12 08:14 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2013-07-26 21:04 - 2011-01-26 08:53 - 00982912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-07-26 21:04 - 2011-01-26 08:53 - 00265088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2013-07-26 21:04 - 2011-01-26 08:31 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-07-26 21:04 - 2010-12-21 08:16 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2013-07-26 21:04 - 2010-12-21 08:16 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-07-26 21:04 - 2010-12-21 08:16 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2013-07-26 21:04 - 2010-12-21 08:16 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2013-07-26 21:04 - 2010-12-21 08:15 - 00264192 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll
2013-07-26 21:04 - 2010-12-21 08:15 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2013-07-26 21:04 - 2010-12-21 08:10 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-07-26 21:04 - 2010-12-21 07:38 - 00350720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2013-07-26 21:04 - 2010-12-21 07:38 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-07-26 21:04 - 2010-12-21 07:38 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnp.dll
2013-07-26 21:04 - 2010-12-21 07:38 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2013-07-26 21:04 - 2010-12-21 07:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2013-07-26 21:04 - 2010-12-21 07:34 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-07-26 21:04 - 2010-11-02 07:18 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2013-07-26 21:04 - 2010-11-02 06:41 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2013-07-26 21:04 - 2010-08-31 06:32 - 00954752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40.dll
2013-07-26 21:04 - 2010-08-31 06:32 - 00954288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40u.dll
2013-07-26 21:04 - 2010-08-21 08:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-07-26 21:04 - 2010-08-21 07:33 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-07-26 21:04 - 2010-08-04 09:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\msdri.dll
2013-07-26 21:04 - 2010-06-29 07:39 - 02085376 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2013-07-26 21:04 - 2010-06-29 07:02 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2013-07-26 21:04 - 2010-06-26 07:31 - 01863680 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2013-07-26 21:04 - 2010-06-26 07:14 - 01495040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2013-07-26 21:04 - 2010-06-19 08:53 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
2013-07-26 21:04 - 2010-06-19 08:23 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtutils.dll
2013-07-26 21:04 - 2010-05-23 12:15 - 01619456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-26 21:04 - 2010-05-23 12:11 - 03181568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2013-07-26 21:04 - 2010-05-23 12:11 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2013-07-26 21:04 - 2010-05-23 10:37 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-26 21:04 - 2010-05-23 10:35 - 04068864 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2013-07-26 21:04 - 2010-05-23 10:35 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2013-07-26 21:04 - 2010-05-23 10:35 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2013-07-26 21:04 - 2010-05-05 09:37 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2013-07-26 21:04 - 2010-05-05 08:46 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2013-07-26 21:04 - 2010-01-19 11:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2013-07-26 21:04 - 2010-01-19 11:05 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2013-07-26 21:04 - 2010-01-19 11:05 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2013-07-26 21:04 - 2010-01-19 11:05 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2013-07-26 21:04 - 2010-01-19 11:00 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2013-07-26 21:04 - 2010-01-19 11:00 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2013-07-26 21:04 - 2010-01-19 11:00 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2013-07-26 21:04 - 2010-01-19 11:00 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2013-07-26 21:04 - 2010-01-19 01:29 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2013-07-26 21:04 - 2010-01-19 01:29 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2013-07-26 21:04 - 2010-01-19 01:29 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2013-07-26 21:04 - 2010-01-19 01:29 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2013-07-26 21:04 - 2010-01-19 01:28 - 00324608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2013-07-26 21:04 - 2010-01-19 01:28 - 00320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2013-07-26 21:04 - 2010-01-19 01:28 - 00280064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2013-07-26 21:04 - 2010-01-19 01:28 - 00277504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2013-07-26 21:03 - 2013-03-01 05:32 - 03150848 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-26 21:03 - 2013-02-12 17:42 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-07-26 21:03 - 2013-02-12 17:37 - 03138048 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-07-26 21:03 - 2013-02-12 17:31 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-07-26 21:03 - 2013-02-12 17:13 - 02691072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-07-26 21:03 - 2013-02-12 17:07 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-07-26 21:03 - 2013-02-12 16:02 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2013-07-26 21:03 - 2013-02-12 15:59 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-07-26 21:03 - 2013-01-04 07:41 - 01893224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-26 21:03 - 2013-01-04 07:40 - 00287576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2013-07-26 21:03 - 2013-01-04 07:37 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-07-26 21:03 - 2013-01-04 07:37 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-07-26 21:03 - 2013-01-04 07:37 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-07-26 21:03 - 2013-01-04 07:36 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-07-26 21:03 - 2013-01-04 07:33 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-07-26 21:03 - 2013-01-04 07:30 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-07-26 21:03 - 2013-01-04 07:30 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-07-26 21:03 - 2013-01-04 07:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 07:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 07:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 07:27 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 07:27 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 07:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 07:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 07:26 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 07:26 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 07:26 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 06:51 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-07-26 21:03 - 2013-01-04 06:51 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-07-26 21:03 - 2013-01-04 06:51 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-07-26 21:03 - 2013-01-04 06:43 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 06:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 05:19 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-07-26 21:03 - 2013-01-04 04:48 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-07-26 21:03 - 2013-01-04 04:48 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-07-26 21:03 - 2013-01-04 04:48 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-07-26 21:03 - 2013-01-04 04:48 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-07-26 21:03 - 2013-01-04 04:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 04:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 04:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-07-26 21:03 - 2013-01-04 04:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-07-26 21:03 - 2012-11-30 01:21 - 00420032 _____ C:\Windows\SysWOW64\locale.nls
2013-07-26 21:03 - 2012-11-30 01:19 - 00420032 _____ C:\Windows\system32\locale.nls
2013-07-26 21:03 - 2012-11-09 07:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-07-26 21:03 - 2012-11-09 06:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-07-26 21:03 - 2012-09-26 00:39 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2013-07-26 21:03 - 2012-09-25 23:55 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2013-07-26 21:03 - 2012-03-03 08:29 - 01837568 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-26 21:03 - 2012-03-03 08:29 - 01541120 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-26 21:03 - 2012-03-03 08:29 - 00902656 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-26 21:03 - 2012-03-03 08:29 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-26 21:03 - 2012-03-03 08:29 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-26 21:03 - 2012-03-03 07:40 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-07-26 21:03 - 2012-03-03 07:40 - 01074176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-26 21:03 - 2012-03-03 07:40 - 00739840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-07-26 21:03 - 2012-03-03 07:40 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-07-26 21:03 - 2012-03-03 07:40 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-07-26 21:03 - 2012-01-04 11:58 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2013-07-26 21:03 - 2012-01-04 11:03 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2013-07-26 21:03 - 2011-11-17 09:12 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2013-07-26 21:03 - 2011-11-17 07:39 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2013-07-26 21:03 - 2011-10-26 07:22 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2013-07-26 21:03 - 2011-10-26 07:22 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2013-07-26 21:03 - 2011-10-26 06:28 - 01328640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2013-07-26 21:03 - 2011-10-26 06:28 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2013-07-26 21:03 - 2011-08-27 07:40 - 00861184 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2013-07-26 21:03 - 2011-08-27 07:40 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2013-07-26 21:03 - 2011-08-27 06:43 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2013-07-26 21:03 - 2011-08-27 06:43 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2013-07-26 21:03 - 2011-05-04 07:30 - 02326016 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2013-07-26 21:03 - 2011-05-04 07:28 - 02228224 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2013-07-26 21:03 - 2011-05-04 07:28 - 00779264 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2013-07-26 21:03 - 2011-05-04 07:28 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2013-07-26 21:03 - 2011-05-04 07:28 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2013-07-26 21:03 - 2011-05-04 07:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2013-07-26 21:03 - 2011-05-04 07:24 - 00593408 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2013-07-26 21:03 - 2011-05-04 07:24 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2013-07-26 21:03 - 2011-05-04 07:24 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2013-07-26 21:03 - 2011-05-04 06:53 - 01553920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2013-07-26 21:03 - 2011-05-04 06:52 - 01401856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2013-07-26 21:03 - 2011-05-04 06:52 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2013-07-26 21:03 - 2011-05-04 06:52 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2013-07-26 21:03 - 2011-05-04 06:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2013-07-26 21:03 - 2011-05-04 06:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2013-07-26 21:03 - 2011-05-04 06:52 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2013-07-26 21:03 - 2011-05-04 06:52 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2013-07-26 21:03 - 2011-05-04 06:52 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2013-07-26 21:03 - 2011-04-29 05:13 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2013-07-26 21:03 - 2011-04-29 05:12 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2013-07-26 21:03 - 2011-04-29 05:12 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2013-07-26 21:03 - 2010-12-23 08:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2013-07-26 21:03 - 2010-12-23 08:07 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2013-07-26 21:03 - 2010-12-23 08:02 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2013-07-26 21:03 - 2010-12-23 07:28 - 00850432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2013-07-26 21:03 - 2010-12-23 07:28 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2013-07-26 21:03 - 2010-12-23 07:24 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2013-07-26 21:03 - 2010-11-02 07:18 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2013-07-26 21:03 - 2010-11-02 07:17 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2013-07-26 21:03 - 2010-11-02 07:17 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2013-07-26 21:03 - 2010-11-02 07:16 - 01114624 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2013-07-26 21:03 - 2010-11-02 07:10 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2013-07-26 21:03 - 2010-11-02 07:10 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2013-07-26 21:03 - 2010-11-02 06:40 - 00496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2013-07-26 21:03 - 2010-11-02 06:40 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2013-07-26 21:03 - 2010-11-02 06:34 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2013-07-26 21:03 - 2010-11-02 06:34 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2013-07-26 21:03 - 2010-10-16 07:17 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2013-07-26 21:03 - 2010-10-16 06:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll
2013-07-26 21:03 - 2010-09-01 07:21 - 14627840 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-07-26 21:03 - 2010-09-01 07:12 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-07-26 21:03 - 2010-09-01 06:29 - 11406848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-07-26 21:03 - 2010-09-01 06:23 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-07-26 21:03 - 2009-12-19 11:50 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
2013-07-26 21:03 - 2009-12-19 11:47 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll
2013-07-26 21:03 - 2009-12-19 11:47 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll
2013-07-26 21:03 - 2009-12-19 11:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll
2013-07-26 21:03 - 2009-12-19 11:46 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll
2013-07-26 21:03 - 2009-12-19 11:02 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\avifil32.dll
2013-07-26 21:03 - 2009-12-19 11:02 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mciavi32.dll
2013-07-26 21:03 - 2009-12-19 11:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iyuv_32.dll
2013-07-26 21:03 - 2009-12-19 11:02 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvidc32.dll
2013-07-26 21:03 - 2009-12-19 11:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msyuv.dll
2013-07-26 21:03 - 2009-12-19 11:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrle32.dll
2013-07-26 21:03 - 2009-12-19 11:02 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsbyuv.dll
2013-07-26 21:03 - 2009-10-28 08:24 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2013-07-26 21:03 - 2009-09-03 09:36 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2013-07-26 21:03 - 2009-09-03 09:04 - 01320960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2013-07-26 21:02 - 2013-07-26 21:33 - 00058016 _____ C:\Users\SEBAST~1\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-26 21:02 - 2013-01-24 07:41 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2013-07-26 21:02 - 2012-11-09 07:34 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-07-26 21:02 - 2012-11-09 06:49 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-07-26 21:02 - 2012-11-02 07:27 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2013-07-26 21:02 - 2012-11-02 06:48 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2013-07-26 21:02 - 2012-09-06 19:38 - 00295792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2013-07-26 21:02 - 2012-08-24 20:05 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-07-26 21:02 - 2012-08-24 19:10 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-07-26 21:02 - 2012-06-02 07:25 - 01462784 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-07-26 21:02 - 2012-06-02 07:25 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-07-26 21:02 - 2012-06-02 07:25 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-07-26 21:02 - 2012-06-02 06:45 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-07-26 21:02 - 2012-06-02 06:45 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-07-26 21:02 - 2012-06-02 06:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-07-26 21:02 - 2012-05-14 07:20 - 00956416 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2013-07-26 21:02 - 2012-05-05 10:30 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2013-07-26 21:02 - 2012-05-05 09:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2013-07-26 21:02 - 2012-05-02 07:32 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2013-07-26 21:02 - 2012-02-11 08:29 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2013-07-26 21:02 - 2012-02-11 08:29 - 00067584 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2013-07-26 21:02 - 2012-01-03 08:24 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2013-07-26 21:02 - 2012-01-03 07:44 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2013-07-26 21:02 - 2011-12-28 05:59 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-07-26 21:02 - 2011-06-16 07:31 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2013-07-26 21:02 - 2011-06-16 06:35 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2013-07-26 21:02 - 2011-05-24 13:21 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2013-07-26 21:02 - 2011-05-24 12:34 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2013-07-26 21:02 - 2011-05-24 12:34 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2013-07-26 21:02 - 2011-05-24 12:34 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2013-07-26 21:02 - 2011-05-24 12:32 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2013-07-26 21:02 - 2011-05-03 07:21 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2013-07-26 21:02 - 2011-05-03 06:50 - 00740864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2013-07-26 21:02 - 2011-04-27 04:57 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2013-07-26 21:02 - 2011-04-22 22:18 - 00027008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2013-07-26 21:02 - 2011-02-23 07:15 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2013-07-26 21:02 - 2011-02-18 08:33 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2013-07-26 21:02 - 2011-02-18 07:33 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2013-07-26 21:02 - 2011-02-05 14:41 - 00640896 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2013-07-26 21:02 - 2011-02-05 14:41 - 00556928 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2013-07-26 21:02 - 2011-02-05 14:41 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2013-07-26 21:02 - 2011-02-05 14:41 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2013-07-26 21:02 - 2011-02-05 14:41 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2013-07-26 21:02 - 2011-02-05 14:39 - 00603976 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2013-07-26 21:02 - 2011-02-05 14:39 - 00518160 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2013-07-26 21:02 - 2010-12-18 08:08 - 01097216 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-07-26 21:02 - 2010-12-18 07:26 - 01034240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-07-26 21:02 - 2010-10-16 07:23 - 00112000 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2013-07-26 21:02 - 2010-08-26 07:27 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2013-07-26 21:02 - 2010-08-26 06:39 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2013-07-26 21:02 - 2010-08-21 08:38 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2013-07-26 21:02 - 2010-08-21 07:36 - 00738816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2013-07-26 21:02 - 2010-07-29 08:30 - 00082944 _____ (Radius Inc.) C:\Windows\SysWOW64\iccvid.dll
2013-07-26 21:02 - 2010-03-05 09:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2013-07-26 21:02 - 2010-03-05 09:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2013-07-26 21:02 - 2009-08-29 09:50 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\msasn1.dll
2013-07-26 21:02 - 2009-08-29 08:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msasn1.dll
2013-07-26 20:59 - 2010-08-27 08:14 - 00236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2013-07-26 20:59 - 2010-08-27 07:46 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2013-07-26 20:55 - 2011-11-19 17:07 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2013-07-26 20:55 - 2011-11-19 16:06 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2013-07-26 20:49 - 2012-02-15 08:27 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2013-07-26 20:49 - 2012-02-15 07:44 - 00826368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2013-07-26 20:49 - 2012-02-15 06:46 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2013-07-26 20:49 - 2010-01-09 09:19 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2013-07-26 20:49 - 2010-01-09 08:52 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cabview.dll
2013-07-26 20:47 - 2013-07-26 20:53 - 00000000 ____D C:\Users\SEBAST~1\AppData\Local\Microsoft Games
2013-07-26 20:44 - 2013-07-29 06:12 - 01616034 _____ C:\Windows\WindowsUpdate.log
2013-07-26 20:44 - 2013-07-26 21:32 - 00001439 _____ C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-07-26 20:44 - 2013-07-26 21:32 - 00001405 _____ C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-07-26 20:44 - 2013-07-26 21:32 - 00000000 ___RD C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-26 20:44 - 2013-07-26 21:32 - 00000000 ___RD C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-07-26 20:44 - 2013-07-26 20:44 - 00000020 ___SH C:\Users\Sebastian\ntuser.ini
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Sebastian\Vorlagen
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Sebastian\Startmenü
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Sebastian\Netzwerkumgebung
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Sebastian\Lokale Einstellungen
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Sebastian\Eigene Dateien
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Sebastian\Druckumgebung
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Sebastian\Documents\Eigene Musik
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Sebastian\Documents\Eigene Bilder
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Sebastian\Anwendungsdaten
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\SEBAST~1\AppData\Local\Verlauf
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\SEBAST~1\AppData\Local\Anwendungsdaten
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Programme
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\ProgramData\Favoriten
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 __SHD C:\Recovery
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 ____D C:\Users\Sebastian
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 ____D C:\Users\SEBAST~1\AppData\Local\VirtualStore
2013-07-26 20:44 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-07-26 20:44 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-07-26 20:44 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-07-26 20:44 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-07-26 20:44 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-07-26 20:44 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-07-26 20:44 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-07-26 20:44 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-07-26 20:44 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-07-26 20:44 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-07-26 20:44 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-07-26 20:41 - 2013-07-26 20:41 - 00001313 _____ C:\Windows\TSSysprep.log

==================== One Month Modified Files and Folders =======

2013-07-29 17:16 - 2013-07-29 17:15 - 01780547 _____ (Farbar) C:\Users\Sebastian\Downloads\FRST64.exe
2013-07-29 06:18 - 2013-07-26 20:44 - 01616034 _____ C:\Windows\WindowsUpdate.log
2013-07-29 06:13 - 2013-07-29 06:13 - 00000000 ____D C:\74ddda2fd97d97c228b57e5a15
2013-07-29 06:13 - 2009-07-14 19:58 - 00654166 _____ C:\Windows\system32\perfh007.dat
2013-07-29 06:13 - 2009-07-14 19:58 - 00130006 _____ C:\Windows\system32\perfc007.dat
2013-07-29 06:13 - 2009-07-14 07:13 - 01519874 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-29 06:12 - 2013-07-28 22:23 - 00000362 _____ C:\Users\Sebastian\Desktop\GELD.txt
2013-07-29 06:12 - 2013-07-26 21:33 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-28 23:35 - 2013-07-28 23:35 - 00398311 _____ C:\Users\Sebastian\Downloads\PEiD-0.95-20081103.zip
2013-07-28 23:33 - 2013-07-28 23:33 - 00000000 ____D C:\Program Files (x86)\VB Decompiler Pro
2013-07-28 23:33 - 2013-07-28 23:31 - 06430691 _____ C:\Users\Sebastian\Downloads\VB.Decompiler.Pro.v8.3.RETAIL.INCL_KEYGEN_PATCH-FFF.rar
2013-07-28 23:28 - 2013-07-28 23:28 - 00000240 _____ C:\Windows\w32dasm8.ini
2013-07-28 23:27 - 2013-07-28 23:27 - 01905979 _____ C:\Users\Sebastian\Downloads\Win32dasm.zip
2013-07-28 23:26 - 2013-07-28 23:26 - 00000000 ____D C:\Users\SEBAST~1\AppData\Local\Red Gate
2013-07-28 23:26 - 2013-07-28 23:26 - 00000000 ____D C:\Users\SEBAST~1\AppData\Local\IsolatedStorage
2013-07-28 23:25 - 2013-07-28 23:25 - 09773440 _____ (Red Gate Software Ltd.) C:\Users\Sebastian\Downloads\ReflectorInstaller.exe
2013-07-28 23:25 - 2013-07-28 23:25 - 00000000 ____D C:\Windows\Downloaded Installations
2013-07-28 23:25 - 2013-07-28 23:25 - 00000000 ____D C:\Program Files (x86)\Red Gate
2013-07-28 23:21 - 2013-07-28 23:19 - 00001466 _____ C:\Windows\Sandboxie.ini
2013-07-28 23:19 - 2013-07-28 23:19 - 00000914 _____ C:\Users\Sebastian\Desktop\Sandboxed Web Browser.lnk
2013-07-28 23:19 - 2013-07-28 23:19 - 00000000 ___RD C:\Sandbox
2013-07-28 23:19 - 2013-07-28 23:19 - 00000000 ____D C:\Program Files\Sandboxie
2013-07-28 23:19 - 2013-07-28 23:18 - 02590808 _____ (Sandboxie Holdings, LLC) C:\Users\Sebastian\Downloads\Sandboxie404Install.exe
2013-07-28 23:17 - 2013-07-28 23:17 - 00079767 _____ C:\Users\Sebastian\Downloads\Julian Sch-fer Mahnkosten 13.05.2013 389058615  software-download.mediamarkt.de.zip
2013-07-28 23:11 - 2013-07-28 23:11 - 00046803 _____ C:\Users\Sebastian\Downloads\message-rfc822-attachment (4)
2013-07-28 23:11 - 2013-07-28 23:11 - 00045607 _____ C:\Users\Sebastian\Downloads\message-rfc822-attachment (8)
2013-07-28 23:11 - 2013-07-28 23:11 - 00045533 _____ C:\Users\Sebastian\Downloads\message-rfc822-attachment (7)
2013-07-28 23:11 - 2013-07-28 23:11 - 00045259 _____ C:\Users\Sebastian\Downloads\message-rfc822-attachment (9)
2013-07-28 23:11 - 2013-07-28 23:11 - 00045135 _____ C:\Users\Sebastian\Downloads\message-rfc822-attachment (6)
2013-07-28 23:11 - 2013-07-28 23:11 - 00044385 _____ C:\Users\Sebastian\Downloads\message-rfc822-attachment (5)
2013-07-28 23:11 - 2013-07-28 23:11 - 00033318 _____ C:\Users\Sebastian\Downloads\message-rfc822-attachment
2013-07-28 23:11 - 2013-07-28 23:11 - 00023060 _____ C:\Users\Sebastian\Downloads\message-rfc822-attachment (3)
2013-07-28 23:11 - 2013-07-28 23:11 - 00022974 _____ C:\Users\Sebastian\Downloads\message-rfc822-attachment (2)
2013-07-28 23:11 - 2013-07-28 23:11 - 00021594 _____ C:\Users\Sebastian\Downloads\message-rfc822-attachment (1)
2013-07-28 21:38 - 2013-07-26 21:33 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-28 17:19 - 2009-07-14 06:45 - 00017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-28 17:19 - 2009-07-14 06:45 - 00017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-28 17:12 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-28 17:12 - 2009-07-14 06:51 - 00022560 _____ C:\Windows\setupact.log
2013-07-28 12:42 - 2013-07-28 12:41 - 00000000 ____D C:\Windows\system32\MRT
2013-07-27 15:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-07-27 11:30 - 2013-07-27 11:30 - 00000000 ____D C:\Users\Public\Documents\Hewlett-Packard
2013-07-27 10:23 - 2013-07-27 00:05 - 00000000 ____D C:\ProgramData\TrueSuite
2013-07-26 23:55 - 2013-07-26 21:50 - 00001722 _____ C:\Windows\PFRO.log
2013-07-26 23:52 - 2013-07-26 23:52 - 00853892 _____ C:\Users\Sebastian\Downloads\pwdbank.crx
2013-07-26 23:52 - 2013-07-26 23:52 - 00853892 _____ C:\Users\Sebastian\Downloads\pwdbank (1).crx
2013-07-26 23:51 - 2013-07-26 23:35 - 00000000 ____D C:\Users\SEBAST~1\AppData\Local\Adobe
2013-07-26 23:50 - 2013-07-26 23:50 - 00000000 ____D C:\Users\SEBAST~1\AppData\Local\HP
2013-07-26 23:50 - 2013-07-26 23:50 - 00000000 ____D C:\Program Files (x86)\HP SimplePass
2013-07-26 23:50 - 2013-07-26 23:35 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-07-26 23:49 - 2013-07-26 23:49 - 00000000 ____D C:\ProgramData\HP SimplePass 2011
2013-07-26 23:49 - 2013-07-26 23:49 - 00000000 ____D C:\Program Files\AuthenTec
2013-07-26 23:49 - 2013-07-26 23:46 - 69342139 _____ C:\Users\Sebastian\Downloads\HPLite32_build_6.0.100.252.zip
2013-07-26 23:49 - 2013-07-26 23:36 - 00000000 ____D C:\Program Files\Common Files\AuthenTec
2013-07-26 23:49 - 2013-07-26 23:27 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\WinRAR
2013-07-26 23:48 - 2013-07-26 23:44 - 77937321 _____ C:\Users\Sebastian\Downloads\1.6.1_package.zip
2013-07-26 23:42 - 2013-07-26 23:42 - 01069944 _____ (Solid State Networks) C:\Users\Sebastian\Downloads\install_reader11_de_mssd_aaa_aih.exe
2013-07-26 23:41 - 2013-07-26 23:41 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\KeepSafe
2013-07-26 23:36 - 2013-07-26 23:36 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ATSwpWDF_01009.Wdf
2013-07-26 23:36 - 2013-07-26 23:36 - 00000000 ____D C:\Windows\system32\upeksce
2013-07-26 23:36 - 2013-07-26 23:36 - 00000000 ____D C:\Users\SEBAST~1\AppData\Local\AuthenTec
2013-07-26 23:36 - 2013-07-26 23:36 - 00000000 ____D C:\ProgramData\Adobe
2013-07-26 23:36 - 2013-07-26 23:36 - 00000000 ____D C:\Program Files\Fingerprint Sensor
2013-07-26 23:36 - 2013-07-26 23:36 - 00000000 ____D C:\Program Files\AuthenTec TrueSuite
2013-07-26 23:36 - 2013-07-26 22:20 - 00012972 _____ C:\Windows\DPINST.LOG
2013-07-26 23:36 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2013-07-26 23:36 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\WinBioDatabase
2013-07-26 23:35 - 2013-07-26 23:34 - 62509312 _____ (AuthenTec, Inc.                                                ) C:\Users\Sebastian\Downloads\premium64_5-2-2-62.exe
2013-07-26 23:31 - 2013-07-26 23:31 - 00653312 _____ C:\Users\Sebastian\Downloads\MicrosoftFixit50470.msi
2013-07-26 23:28 - 2013-07-26 23:28 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-07-26 23:28 - 2013-07-26 23:28 - 00000000 ____D C:\Program Files\WinRAR
2013-07-26 23:26 - 2013-07-26 23:26 - 01758823 _____ C:\Users\Sebastian\Downloads\winrar-x64-420d.exe
2013-07-26 23:25 - 2013-07-26 23:25 - 00001374 _____ C:\Users\Sebastian\Desktop\CCleaner.lnk
2013-07-26 23:25 - 2013-07-26 23:25 - 00000000 ____D C:\Program Files\CCleaner
2013-07-26 23:24 - 2013-07-26 23:24 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-07-26 23:24 - 2013-07-26 23:24 - 00000000 _____ C:\Windows\HPMProp.INI
2013-07-26 23:23 - 2013-07-26 23:23 - 00000000 ____D C:\HP Universal Print Driver
2013-07-26 22:23 - 2013-07-26 22:23 - 00015222 _____ C:\Windows\system32\results.xml
2013-07-26 22:22 - 2013-07-26 22:22 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2013-07-26 22:21 - 2013-07-26 22:21 - 00000000 ____D C:\Program Files\Synaptics
2013-07-26 22:21 - 2013-07-26 22:21 - 00000000 ____D C:\Program Files (x86)\Intel
2013-07-26 22:21 - 2013-07-26 22:18 - 00000000 ____D C:\Intel
2013-07-26 22:21 - 2013-07-26 22:14 - 00000000 ____D C:\SWSetup
2013-07-26 22:20 - 2013-07-26 22:20 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_HpqKbFiltr_01005.Wdf
2013-07-26 22:20 - 2013-07-26 22:20 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ATSwpWDF_01005.Wdf
2013-07-26 22:20 - 2013-07-26 21:10 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-26 22:20 - 2013-07-26 21:10 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\hpqLog
2013-07-26 22:19 - 2013-07-26 22:19 - 00007413 _____ C:\Windows\SMinstall.log
2013-07-26 22:19 - 2013-07-26 22:19 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\InstallShield
2013-07-26 22:19 - 2013-07-26 22:19 - 00000000 ____D C:\ProgramData\SonicFocus
2013-07-26 22:19 - 2013-07-26 22:19 - 00000000 ____D C:\Program Files (x86)\Analog Devices
2013-07-26 22:15 - 2013-07-26 22:15 - 00000000 __RSH C:\Windows\SysWOW64\Drivers\103C_HP_bNB_EliteBook 6930p_Y5336AN_0U_QCZC91362WD_EU_4A_I30DB_SHP_V87.22_68PCU F.0E_T081215_WU1-0_L407_M4026_J128_7Intel_867A_92.53_#130726_N808610F5;80864237_(J1291904)_XMOBILE_CN10_Z_2F.0E_G80862A42;80862A43.MRK
2013-07-26 22:15 - 2013-07-26 22:15 - 00000000 __RSH C:\Windows\system32\Drivers\103C_HP_bNB_EliteBook 6930p_Y5336AN_0U_QCZC91362WD_EU_4A_I30DB_SHP_V87.22_68PCU F.0E_T081215_WU1-0_L407_M4026_J128_7Intel_867A_92.53_#130726_N808610F5;80864237_(J1291904)_XMOBILE_CN10_Z_2F.0E_G80862A42;80862A43.MRK
2013-07-26 22:15 - 2013-07-26 21:10 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2013-07-26 22:14 - 2013-07-26 22:13 - 41598688 _____ (Hewlett Packard                                             ) C:\Users\Sebastian\Downloads\sp59783.exe
2013-07-26 22:14 - 2013-07-26 22:13 - 36857008 _____ (Hewlett-Packard Company                                     ) C:\Users\Sebastian\Downloads\sp49415.exe
2013-07-26 22:14 - 2013-07-26 22:13 - 27313864 _____ (Hewlett Packard                                             ) C:\Users\Sebastian\Downloads\sp49104.exe
2013-07-26 22:13 - 2013-07-26 22:13 - 07645416 _____ (Hewlett-Packard Company                                     ) C:\Users\Sebastian\Downloads\sp47729.exe
2013-07-26 22:13 - 2013-07-26 22:13 - 05613232 _____ (Hewlett-Packard Company                                     ) C:\Users\Sebastian\Downloads\sp45131.exe
2013-07-26 22:13 - 2013-07-26 22:13 - 04894616 _____ (Hewlett-Packard Company                                     ) C:\Users\Sebastian\Downloads\sp45112.exe
2013-07-26 22:13 - 2013-07-26 22:12 - 16056480 _____ (Hewlett Packard                                             ) C:\Users\Sebastian\Downloads\sp45115.exe
2013-07-26 22:11 - 2013-07-26 22:11 - 10861984 _____ (Hewlett-Packard Company                                     ) C:\Users\Sebastian\Downloads\sp49246.exe
2013-07-26 22:11 - 2013-07-26 22:11 - 01456144 _____ (Hewlett-Packard Company                                     ) C:\Users\Sebastian\Downloads\sp55508.exe
2013-07-26 22:11 - 2013-07-26 22:11 - 00320152 _____ (Hewlett-Packard                                             ) C:\Users\Sebastian\Downloads\sp50638.exe
2013-07-26 22:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports
2013-07-26 22:06 - 2013-07-26 22:06 - 310829519 _____ C:\Windows\MEMORY.DMP
2013-07-26 22:06 - 2013-07-26 22:06 - 01661232 _____ C:\Windows\Minidump\072613-12246-01.dmp
2013-07-26 22:06 - 2013-07-26 22:06 - 00000000 ____D C:\Windows\Minidump
2013-07-26 21:59 - 2009-07-14 06:45 - 00275856 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-26 21:59 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System
2013-07-26 21:39 - 2009-07-14 07:38 - 00025600 ___SH C:\Windows\system32\config\BCD-Template.LOG
2013-07-26 21:39 - 2009-07-14 07:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2013-07-26 21:39 - 2009-07-14 06:45 - 00000000 ____D C:\Windows\Setup
2013-07-26 21:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\oobe
2013-07-26 21:33 - 2013-07-26 21:33 - 00004112 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-26 21:33 - 2013-07-26 21:33 - 00003860 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-26 21:33 - 2013-07-26 21:33 - 00002255 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-26 21:33 - 2013-07-26 21:33 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Apps\2.0
2013-07-26 21:33 - 2013-07-26 21:33 - 00000000 ____D C:\Users\SEBAST~1\AppData\Local\Google
2013-07-26 21:33 - 2013-07-26 21:33 - 00000000 ____D C:\Users\SEBAST~1\AppData\Local\Deployment
2013-07-26 21:33 - 2013-07-26 21:33 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-26 21:33 - 2013-07-26 21:02 - 00058016 _____ C:\Users\SEBAST~1\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-26 21:32 - 2013-07-26 21:32 - 00003552 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask
2013-07-26 21:32 - 2013-07-26 21:32 - 00000000 _____ C:\Users\SEBAST~1\AppData\Local\QSwitch.txt
2013-07-26 21:32 - 2013-07-26 21:32 - 00000000 _____ C:\Users\SEBAST~1\AppData\Local\DSwitch.txt
2013-07-26 21:32 - 2013-07-26 21:32 - 00000000 _____ C:\Users\SEBAST~1\AppData\Local\AtStart.txt
2013-07-26 21:32 - 2013-07-26 20:44 - 00001439 _____ C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-07-26 21:32 - 2013-07-26 20:44 - 00001405 _____ C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-07-26 21:32 - 2013-07-26 20:44 - 00000000 ___RD C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-26 21:32 - 2013-07-26 20:44 - 00000000 ___RD C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-07-26 21:31 - 2009-07-14 20:18 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-26 21:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-07-26 21:29 - 2013-07-26 21:29 - 00131072 _____ (PlanetSoft.org) C:\Users\Sebastian\Desktop\BootTimer.exe
2013-07-26 21:22 - 2013-07-26 21:20 - 00004747 _____ C:\Windows\IE9_main.log
2013-07-26 21:21 - 2013-07-26 21:21 - 17829376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 12333568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-07-26 21:21 - 2013-07-26 21:21 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-07-26 21:21 - 2013-07-26 21:21 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-26 21:21 - 2013-07-26 21:21 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-26 21:21 - 2013-07-26 21:21 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-26 21:21 - 2013-07-26 21:21 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-26 21:21 - 2013-07-26 21:21 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-07-26 21:21 - 2013-07-26 21:21 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-07-26 21:21 - 2013-07-26 21:21 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-26 21:21 - 2013-07-26 21:21 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-07-26 21:21 - 2013-07-26 21:21 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-07-26 21:21 - 2013-07-26 21:21 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-07-26 21:21 - 2013-07-26 21:21 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-07-26 21:21 - 2013-07-26 21:21 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-26 21:21 - 2013-07-26 21:21 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-07-26 21:21 - 2013-07-26 21:21 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-26 21:21 - 2013-07-26 21:21 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-26 21:21 - 2013-07-26 21:21 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-07-26 21:21 - 2013-07-26 21:21 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-07-26 21:21 - 2013-07-26 21:21 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-26 21:21 - 2013-07-26 21:21 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2013-07-26 21:21 - 2013-07-26 21:21 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-07-26 21:21 - 2013-07-26 21:21 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-07-26 21:21 - 2013-07-26 21:21 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-07-26 21:21 - 2013-07-26 21:21 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-07-26 21:21 - 2013-07-26 21:21 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-07-26 21:21 - 2013-07-26 21:21 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-07-26 21:10 - 2013-07-26 21:10 - 00000000 ____D C:\Windows\QLB
2013-07-26 21:10 - 2013-07-26 21:10 - 00000000 ____D C:\Users\Default\AppData\Roaming\hpqLog
2013-07-26 21:10 - 2013-07-26 21:10 - 00000000 ____D C:\Users\Default User\AppData\Roaming\hpqLog
2013-07-26 20:53 - 2013-07-26 20:47 - 00000000 ____D C:\Users\SEBAST~1\AppData\Local\Microsoft Games
2013-07-26 20:44 - 2013-07-26 21:40 - 00000000 ____D C:\Windows\Panther
2013-07-26 20:44 - 2013-07-26 20:44 - 00000020 ___SH C:\Users\Sebastian\ntuser.ini
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Sebastian\Vorlagen
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Sebastian\Startmenü
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Sebastian\Netzwerkumgebung
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Sebastian\Lokale Einstellungen
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Sebastian\Eigene Dateien
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Sebastian\Druckumgebung
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Sebastian\Documents\Eigene Musik
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Sebastian\Documents\Eigene Bilder
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Sebastian\Anwendungsdaten
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\SEBAST~1\AppData\Local\Verlauf
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\SEBAST~1\AppData\Local\Anwendungsdaten
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Programme
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\ProgramData\Favoriten
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 __SHD C:\Recovery
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 ____D C:\Users\Sebastian
2013-07-26 20:44 - 2013-07-26 20:44 - 00000000 ____D C:\Users\SEBAST~1\AppData\Local\VirtualStore
2013-07-26 20:44 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\restore
2013-07-26 20:44 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-07-26 20:44 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Windows NT
2013-07-26 20:41 - 2013-07-26 20:41 - 00001313 _____ C:\Windows\TSSysprep.log
2013-07-26 20:41 - 2009-07-14 06:46 - 00001774 _____ C:\Windows\DtcInstall.log
2013-07-26 20:41 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2013-07-26 20:40 - 2009-07-14 20:18 - 00000000 ____D C:\Windows\CSC

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-27 15:21

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 29.07.2013, 16:20   #4
cocakiller
 
Virus/Trojaner im Energiesparmodus aktiv? - Standard

Virus/Trojaner im Energiesparmodus aktiv?



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-07-2013
Ran by Sebastian at 2013-07-29 17:16:45
Running from C:\Users\Sebastian\Downloads
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Installed Programs =======================

   
.NET Reflector Desktop (x32 Version: 8.2.0.42)
64 Bit HP CIO Components Installer (Version: 13.2.1)
AuthenTec Fingerprint Driver (Version: 1.6.1.0342)
AuthenTec TrueAPI 64-bit (Version: 1.6.0.86)
Google Chrome (x32 Version: 28.0.1500.72)
Google Update Helper (x32 Version: 1.3.21.153)
HP ESU for Microsoft Windows 7 (x32 Version: 1.1.5.1)
HP Quick Launch Buttons (x32 Version: 6.50.17.1)
HP SimplePass (x32 Version: 6.0.100.252)
Intel(R) Graphics Media Accelerator Driver (x32 Version: 8.15.10.2869)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
QLBCASL (x32 Version: 6.40.17.2)
RICOH Media Driver (x32 Version: 2.10.00.04)
rosoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Sandboxie 4.04 (64-bit) (Version: 4.04)
SoundMAX (x32 Version: 6.10.2.7255)
Synaptics Pointing Device Driver (Version: 15.0.24.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
VB Decompiler Pro (x32)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)

==================== Restore Points  =========================

26-07-2013 18:44:20 Windows Update
26-07-2013 18:49:10 Windows Update
26-07-2013 19:05:22 Windows Update
26-07-2013 19:54:17 Windows Update
26-07-2013 20:15:01 Installed HP ESU for Microsoft Windows 7
26-07-2013 20:19:18 Installiert SoundMAX
26-07-2013 20:19:55 Installiert RICOH Media Driver ver.2.10.00.04
26-07-2013 20:20:39 Installiert HP Quick Launch Buttons
26-07-2013 21:31:22 Installed Microsoft Fix it 50470
26-07-2013 21:35:57 Installed AuthenTec TrueSuite.
26-07-2013 21:49:25 Installed AuthenTec Fingerprint Driver
26-07-2013 21:50:10 Installed HP SimplePass.
28-07-2013 10:41:37 Windows Update
29-07-2013 04:12:54 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {07995B70-04A3-401E-9858-6456ED3BEB24} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {1C8E76D2-6BD7-40F5-9333-3C6C3F985448} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-26] (Google Inc.)
Task: {306970C2-12C1-4006-846C-447EC8AB1788} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-26] (Google Inc.)
Task: {851F09D4-B1F8-4B67-8DFB-6A36A16DABA7} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/27/2013 09:28:44 AM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x81000101).

Error: (07/26/2013 09:30:02 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7600.16385, Zeitstempel: 0x4a5bc69e
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x69685421
ID des fehlerhaften Prozesses: 0xd1c
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3

Error: (07/26/2013 09:29:57 PM) (Source: Application Hang) (User: )
Description: Programm iexplore.exe, Version 8.0.7600.16385 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 30c

Startzeit: 01ce8a365ff3837b

Endzeit: 15

Anwendungspfad: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Berichts-ID: bda79b68-f629-11e2-b471-00247e3ca76b


System errors:
=============
Error: (07/29/2013 05:13:34 PM) (Source: DCOM) (User: )
Description: 1084TrueService{46872813-9091-4DE1-96B2-FB9313BF2070}

Error: (07/29/2013 05:13:23 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (07/29/2013 05:13:22 PM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (07/29/2013 05:13:21 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (07/29/2013 05:13:17 PM) (Source: DCOM) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (07/29/2013 05:13:08 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
discache
spldr
Wanarpv6

Error: (07/29/2013 05:13:07 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎29.‎07.‎2013 um 06:13:17 unerwartet heruntergefahren.

Error: (07/29/2013 06:11:59 AM) (Source: pcmcia) (User: )
Description: Der PCMCIA-Controller hat einen Fehler bei Inbetriebnahme des eingeschobenen Geräts festgestellt.

Error: (07/28/2013 02:16:27 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (07/28/2013 00:41:37 PM) (Source: pcmcia) (User: )
Description: Der PCMCIA-Controller hat einen Fehler bei Inbetriebnahme des eingeschobenen Geräts festgestellt.


Microsoft Office Sessions:
=========================
Error: (07/27/2013 09:28:44 AM) (Source: System Restore)(User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x81000101

Error: (07/26/2013 09:30:02 PM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.7600.163854a5bc69eunknown0.0.0.000000000c000000569685421d1c01ce8a36849a1c6fC:\Program Files (x86)\Internet Explorer\iexplore.exeunknownc3aca056-f629-11e2-b471-00247e3ca76b

Error: (07/26/2013 09:29:57 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.7600.1638530c01ce8a365ff3837b15C:\Program Files (x86)\Internet Explorer\iexplore.exebda79b68-f629-11e2-b471-00247e3ca76b


==================== Memory info =========================== 

Percentage of memory in use: 20%
Total physical RAM: 4025.27 MB
Available physical RAM: 3219.72 MB
Total Pagefile: 8048.67 MB
Available Pagefile: 7255.52 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:88.81 GB) NTFS (Disk=0 Partition=2)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 5D140B64)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 29.07.2013, 19:38   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Virus/Trojaner im Energiesparmodus aktiv? - Standard

Virus/Trojaner im Energiesparmodus aktiv?



Hi,

wenn der Rechner aus ist ist er aus. Ist eigentlich nicht möglich. Also sollen wir bereinigen oder nicht?

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 29.07.2013, 22:24   #6
cocakiller
 
Virus/Trojaner im Energiesparmodus aktiv? - Standard

Virus/Trojaner im Energiesparmodus aktiv?



Hi

Er war ja nur im Energiesparmodus, also zugeklappt.
Wie kann es sonst gekommen sein, dass plötzlich 5 Sekunden des Liedes abgespielt werden, welches ich mir am abend zuvor angehört habe, bevor ich den Laptop zugeklappt habe und schlafen gegangen bin?
Na gut, wenn es schon die Möglichkeit gibt ihn zu bereinigen werde ich es versuchen ?

Alt 30.07.2013, 07:22   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Virus/Trojaner im Energiesparmodus aktiv? - Standard

Virus/Trojaner im Energiesparmodus aktiv?



Im Energiesparmodus könnte es möglich sein, aber immer noch leicht unvorstellbar
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 30.07.2013, 17:52   #8
cocakiller
 
Virus/Trojaner im Energiesparmodus aktiv? - Standard

Virus/Trojaner im Energiesparmodus aktiv?



Hier das File (vom Downloads Ordner gestartet)

Code:
ATTFilter
ComboFix 13-07-30.03 - Sebastian 30.07.2013  18:45:53.1.2 - x64
Microsoft Windows 7 Ultimate   6.1.7600.0.1252.49.1031.18.4025.2760 [GMT 2:00]
ausgeführt von:: c:\users\Sebastian\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\w32dasm8.ini
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-06-28 bis 2013-07-30  ))))))))))))))))))))))))))))))
.
.
2013-07-30 16:49 . 2013-07-30 16:49	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-07-30 04:52 . 2013-07-30 04:52	--------	d-----w-	c:\windows\system32\EventProviders
2013-07-29 16:33 . 2013-07-29 16:33	--------	d-----w-	c:\programdata\Xilisoft
2013-07-29 16:33 . 2013-07-29 16:33	--------	d-----w-	c:\program files (x86)\Xilisoft
2013-07-29 15:33 . 2013-07-29 15:46	--------	d-----w-	c:\program files (x86)\JDownloader
2013-07-29 15:16 . 2013-07-29 15:16	--------	d-----w-	C:\FRST
2013-07-29 04:13 . 2013-07-29 04:13	--------	d-----w-	C:\74ddda2fd97d97c228b57e5a15
2013-07-28 21:33 . 2013-07-28 21:33	--------	d-----w-	c:\program files (x86)\VB Decompiler Pro
2013-07-28 21:25 . 2013-07-28 21:25	--------	d-----w-	c:\program files (x86)\Red Gate
2013-07-28 21:25 . 2013-07-28 21:25	--------	d-----w-	c:\windows\Downloaded Installations
2013-07-28 21:19 . 2013-07-28 21:19	--------	d-----r-	C:\Sandbox
2013-07-28 21:19 . 2013-07-28 21:19	--------	d-----w-	c:\program files\Sandboxie
2013-07-28 10:41 . 2013-07-28 10:42	--------	d-----w-	c:\windows\system32\MRT
2013-07-27 07:48 . 2011-02-19 06:37	1135104	----a-w-	c:\windows\system32\FntCache.dll
2013-07-27 07:29 . 2013-07-27 07:29	--------	d-----w-	c:\program files (x86)\Microsoft.NET
2013-07-26 22:05 . 2013-07-27 08:23	--------	d-----w-	c:\programdata\TrueSuite
2013-07-26 21:50 . 2013-07-26 21:50	--------	d-----w-	c:\program files (x86)\HP SimplePass
2013-07-26 21:49 . 2013-07-26 21:49	--------	d-----w-	c:\programdata\HP SimplePass 2011
2013-07-26 21:49 . 2013-07-26 21:49	--------	d-----w-	c:\program files\AuthenTec
2013-07-26 21:36 . 2013-07-26 21:36	--------	d-----w-	c:\windows\system32\upeksce
2013-07-26 21:36 . 2013-07-26 21:36	--------	d-----w-	c:\program files\Fingerprint Sensor
2013-07-26 21:36 . 2013-07-26 21:50	--------	d-----w-	c:\program files (x86)\Common Files\AuthenTec
2013-07-26 21:36 . 2013-07-26 21:49	--------	d-----w-	c:\program files\Common Files\AuthenTec
2013-07-26 21:36 . 2013-07-26 21:36	--------	d-----w-	c:\program files\AuthenTec TrueSuite
2013-07-26 21:35 . 2013-07-26 21:50	--------	d-----w-	c:\programdata\Downloaded Installations
2013-07-26 21:28 . 2013-07-29 16:28	--------	d-----w-	c:\program files\WinRAR
2013-07-26 21:25 . 2013-07-26 21:25	--------	d-----w-	c:\program files\CCleaner
2013-07-26 21:23 . 2013-05-10 07:42	559904	----a-w-	c:\windows\system32\hpmprein.dll
2013-07-26 21:23 . 2013-05-10 07:39	82208	----a-w-	c:\windows\system32\hpmco150.dll
2013-07-26 21:23 . 2013-07-26 21:23	--------	d-----w-	C:\HP Universal Print Driver
2013-07-26 20:21 . 2013-07-26 20:21	--------	d-----w-	c:\program files\Synaptics
2013-07-26 20:21 . 2013-07-26 20:21	--------	d-----w-	c:\program files (x86)\Intel
2013-07-26 20:20 . 2009-07-24 08:49	114688	----a-w-	c:\windows\SysWow64\RicohMediadriverVer.dll
2013-07-26 20:20 . 2009-07-20 13:05	59008	----a-w-	c:\windows\system32\drivers\rismcx64.sys
2013-07-26 20:20 . 2009-06-25 15:04	67584	----a-w-	c:\windows\system32\drivers\rimmpx64.sys
2013-07-26 20:19 . 2009-05-18 11:27	32768	----a-w-	c:\windows\SysWow64\adidrm.dll
2013-07-26 20:19 . 2008-12-10 11:26	60928	----a-w-	c:\windows\SysWow64\SFFXComm.dll
2013-07-26 20:19 . 2013-07-26 20:19	--------	d-----w-	c:\programdata\SonicFocus
2013-07-26 20:19 . 2013-07-26 20:19	--------	d-----w-	c:\program files (x86)\Analog Devices
2013-07-26 20:18 . 2013-07-26 20:21	--------	d-----w-	C:\Intel
2013-07-26 20:18 . 2010-05-14 01:47	30080	----a-w-	c:\windows\system32\drivers\msahci.sys
2013-07-26 20:17 . 2009-11-14 03:58	327680	----a-w-	c:\windows\system32\drivers\udfs.sys
2013-07-26 20:16 . 2009-10-21 03:27	76288	----a-w-	c:\windows\system32\drivers\hidclass.sys
2013-07-26 20:16 . 2009-10-01 07:42	777216	----a-w-	c:\windows\system32\autochk.exe
2013-07-26 20:16 . 2009-10-01 07:17	668160	----a-w-	c:\windows\SysWow64\autochk.exe
2013-07-26 20:15 . 2009-09-01 06:34	263256	----a-w-	c:\windows\system32\hal.dll
2013-07-26 20:14 . 2013-07-26 20:21	--------	d-----w-	C:\SWSetup
2013-07-26 19:57 . 2010-09-14 06:45	367104	----a-w-	c:\windows\system32\wcncsvc.dll
2013-07-26 19:57 . 2010-09-14 06:07	276992	----a-w-	c:\windows\SysWow64\wcncsvc.dll
2013-07-26 19:55 . 2009-09-10 06:28	311808	----a-w-	c:\windows\system32\msv1_0.dll
2013-07-26 19:55 . 2009-09-10 05:52	257024	----a-w-	c:\windows\SysWow64\msv1_0.dll
2013-07-26 19:54 . 2012-07-26 07:46	2560	----a-w-	c:\windows\system32\drivers\de-DE\wdf01000.sys.mui
2013-07-26 19:54 . 2012-07-26 04:55	785512	----a-w-	c:\windows\system32\drivers\Wdf01000.sys
2013-07-26 19:54 . 2012-07-26 04:55	54376	----a-w-	c:\windows\system32\drivers\WdfLdr.sys
2013-07-26 19:54 . 2012-07-26 02:36	9728	----a-w-	c:\windows\system32\Wdfres.dll
2013-07-26 19:40 . 2013-07-26 18:44	--------	d-----w-	c:\windows\Panther
2013-07-26 19:33 . 2013-07-26 19:33	--------	d-----w-	c:\program files (x86)\Google
2013-07-26 19:31 . 2013-07-26 19:31	--------	d-----w-	c:\windows\SysWow64\wbem\en-US
2013-07-26 19:31 . 2013-07-26 19:31	--------	d-----w-	c:\windows\system32\wbem\en-US
2013-07-26 19:23 . 2009-11-25 10:47	99176	----a-w-	c:\windows\SysWow64\PresentationHostProxy.dll
2013-07-26 19:23 . 2009-11-25 10:47	49472	----a-w-	c:\windows\SysWow64\netfxperf.dll
2013-07-26 19:23 . 2009-11-25 10:47	48960	----a-w-	c:\windows\system32\netfxperf.dll
2013-07-26 19:23 . 2009-11-25 10:47	297808	----a-w-	c:\windows\SysWow64\mscoree.dll
2013-07-26 19:23 . 2009-11-25 10:47	295264	----a-w-	c:\windows\SysWow64\PresentationHost.exe
2013-07-26 19:23 . 2009-11-25 10:47	1130824	----a-w-	c:\windows\SysWow64\dfshim.dll
2013-07-26 19:23 . 2009-11-25 10:47	109912	----a-w-	c:\windows\system32\PresentationHostProxy.dll
2013-07-26 19:23 . 2009-11-25 10:47	444752	----a-w-	c:\windows\system32\mscoree.dll
2013-07-26 19:23 . 2009-11-25 10:47	320352	----a-w-	c:\windows\system32\PresentationHost.exe
2013-07-26 19:23 . 2009-11-25 10:47	1942856	----a-w-	c:\windows\system32\dfshim.dll
2013-07-26 19:23 . 2010-02-23 08:16	294912	----a-w-	c:\windows\system32\browserchoice.exe
2013-07-26 19:12 . 2012-12-16 16:52	46080	----a-w-	c:\windows\system32\atmlib.dll
2013-07-26 19:12 . 2012-12-16 14:40	367616	----a-w-	c:\windows\system32\atmfd.dll
2013-07-26 19:12 . 2012-12-16 14:25	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
2013-07-26 19:12 . 2012-12-16 14:25	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2013-07-26 19:12 . 2009-10-19 14:46	100864	----a-w-	c:\windows\system32\fontsub.dll
2013-07-26 19:12 . 2009-10-19 14:10	70656	----a-w-	c:\windows\SysWow64\fontsub.dll
2013-07-26 19:11 . 2013-07-15 01:34	9460976	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{4A5D0644-3877-49BA-BCCA-8C3022902953}\mpengine.dll
2013-07-26 19:11 . 2012-07-26 03:08	229888	----a-w-	c:\windows\system32\WUDFHost.exe
2013-07-26 19:11 . 2012-07-26 03:08	84992	----a-w-	c:\windows\system32\WUDFSvc.dll
2013-07-26 19:11 . 2012-07-26 03:08	744448	----a-w-	c:\windows\system32\WUDFx.dll
2013-07-26 19:11 . 2012-07-26 03:08	45056	----a-w-	c:\windows\system32\WUDFCoinstaller.dll
2013-07-26 19:11 . 2012-07-26 03:08	194048	----a-w-	c:\windows\system32\WUDFPlatform.dll
2013-07-26 19:11 . 2012-07-26 02:26	87040	----a-w-	c:\windows\system32\drivers\WUDFPf.sys
2013-07-26 19:11 . 2012-07-26 02:26	198656	----a-w-	c:\windows\system32\drivers\WUDFRd.sys
2013-07-26 19:10 . 2013-07-30 05:06	--------	d-sh--w-	c:\windows\Installer
2013-07-26 19:10 . 2013-07-26 19:10	--------	d-----w-	c:\users\Default\AppData\Roaming\hpqLog
2013-07-26 19:10 . 2009-04-29 05:48	18432	----a-w-	c:\windows\system32\drivers\HpqKbFiltr.sys
2013-07-26 19:10 . 2009-04-20 06:40	11264	----a-w-	c:\windows\system32\drivers\CPQBttn64.sys
2013-07-26 19:10 . 2006-11-02 04:04	1919968	----a-w-	c:\windows\system32\drivers\wdfcoinstaller01005.dll
2013-07-26 19:10 . 2013-07-26 20:20	--------	d--h--w-	c:\program files (x86)\InstallShield Installation Information
2013-07-26 19:10 . 2013-07-26 20:15	--------	d-----w-	c:\program files (x86)\Hewlett-Packard
2013-07-26 19:10 . 2010-02-25 15:51	1863680	----a-w-	c:\windows\SysWow64\BttnCmn.dll
2013-07-26 19:10 . 2010-02-25 13:20	1885488	----a-w-	c:\windows\SysWow64\BttnCmns.dll
2013-07-26 19:10 . 2013-07-26 19:10	--------	d-----w-	c:\windows\QLB
2013-07-26 19:07 . 2012-03-01 06:54	22896	----a-w-	c:\windows\system32\drivers\fs_rec.sys
2013-07-26 19:07 . 2012-03-01 06:40	80896	----a-w-	c:\windows\system32\imagehlp.dll
2013-07-26 19:07 . 2012-03-01 06:35	5120	----a-w-	c:\windows\system32\wmi.dll
2013-07-26 19:07 . 2012-03-01 05:45	158720	----a-w-	c:\windows\SysWow64\imagehlp.dll
2013-07-26 19:07 . 2012-03-01 05:40	5120	----a-w-	c:\windows\SysWow64\wmi.dll
2013-07-26 19:05 . 2010-03-04 04:32	243712	----a-w-	c:\windows\system32\drivers\ks.sys
2013-07-26 19:05 . 2011-12-16 08:42	634368	----a-w-	c:\windows\system32\msvcrt.dll
2013-07-26 19:05 . 2011-12-16 07:59	690688	----a-w-	c:\windows\SysWow64\msvcrt.dll
2013-07-26 19:05 . 2012-08-11 00:53	714752	----a-w-	c:\windows\system32\kerberos.dll
2013-07-26 19:05 . 2012-08-10 23:54	541184	----a-w-	c:\windows\SysWow64\kerberos.dll
2013-07-26 19:03 . 2012-09-25 22:39	95744	----a-w-	c:\windows\system32\synceng.dll
2013-07-26 19:02 . 2012-11-09 05:34	751104	----a-w-	c:\windows\system32\win32spl.dll
2013-07-26 18:59 . 2010-08-27 06:14	236032	----a-w-	c:\windows\system32\srvsvc.dll
2013-07-26 18:59 . 2010-08-27 05:46	9728	----a-w-	c:\windows\SysWow64\sscore.dll
2013-07-26 18:55 . 2011-11-19 15:07	77312	----a-w-	c:\windows\system32\packager.dll
2013-07-26 18:55 . 2011-11-19 14:06	67072	----a-w-	c:\windows\SysWow64\packager.dll
2013-07-26 18:49 . 2012-02-15 06:27	1031680	----a-w-	c:\windows\system32\rdpcore.dll
2013-07-26 18:49 . 2012-02-15 05:44	826368	----a-w-	c:\windows\SysWow64\rdpcore.dll
2013-07-26 18:49 . 2012-02-15 04:46	23552	----a-w-	c:\windows\system32\drivers\tdtcp.sys
2013-07-26 18:49 . 2010-01-09 07:19	139264	----a-w-	c:\windows\system32\cabview.dll
2013-07-26 18:49 . 2010-01-09 06:52	132608	----a-w-	c:\windows\SysWow64\cabview.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-19 07:44 . 2013-01-19 07:44	2174976	----a-w-	c:\program files (x86)\Common Files\atimpenc.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2013-07-08 759384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2010-02-25 287800]
"SoundMAXPnP"="c:\program files (x86)\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series - Adaptertreiber für Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 RICOH SmartCard Reader;RICOH SmartCard Reader;c:\windows\system32\DRIVERS\rismcx64.sys;c:\windows\SYSNATIVE\DRIVERS\rismcx64.sys [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass\TrueSuiteService.exe;c:\program files (x86)\HP SimplePass\TrueSuiteService.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S3 ATSwpWDF;AuthenTec TruePrint WBF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys;c:\windows\SYSNATIVE\Drivers\ATSwpWDF.sys [x]
S3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x]
S3 e1yexpress;Intel(R) Gigabit-Netzwerkverbindungstreiber;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]
S3 rismcx64;RICOH Smart Card Reader;c:\windows\system32\DRIVERS\rismcx64.sys;c:\windows\SYSNATIVE\DRIVERS\rismcx64.sys [x]
S3 TrueService;TrueAPI Service component;c:\program files\Common Files\AuthenTec\TrueService.exe;c:\program files\Common Files\AuthenTec\TrueService.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-26 19:33	1173456	----a-w-	c:\program files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-26 19:33]
.
2013-07-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-26 19:33]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-11-08 163384]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-11-08 387640]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-11-08 418360]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = 118.99.64.50:8080
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-07-30  18:51:09
ComboFix-quarantined-files.txt  2013-07-30 16:51
.
Vor Suchlauf: 12 Verzeichnis(se), 89.722.978.304 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 89.900.781.568 Bytes frei
.
- - End Of File - - C2AE3295A9C78FE2FBBC918C8653C478
A36C5E4F47E84449FF07ED3517B43A31
         
Hier danach vom Desktop (zuerst nicht gelesen das es vom Desktop gestartet werden sollte

Combofix Logfile:
Code:
ATTFilter
ComboFix 13-07-30.03 - Sebastian 30.07.2013  18:56:41.2.2 - x64
Microsoft Windows 7 Ultimate   6.1.7600.0.1252.49.1031.18.4025.1783 [GMT 2:00]
ausgeführt von:: c:\users\Sebastian\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-06-28 bis 2013-07-30  ))))))))))))))))))))))))))))))
.
.
2013-07-30 17:00 . 2013-07-30 17:00	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-07-30 16:52 . 2013-07-15 01:34	9460976	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{44FF17B3-93FC-482F-BA51-DB722814AEFD}\mpengine.dll
2013-07-30 16:52 . 2013-05-02 00:06	278800	------w-	c:\windows\system32\MpSigStub.exe
2013-07-30 04:52 . 2013-07-30 04:52	--------	d-----w-	c:\windows\system32\EventProviders
2013-07-29 16:33 . 2013-07-29 16:33	--------	d-----w-	c:\programdata\Xilisoft
2013-07-29 16:33 . 2013-07-29 16:33	--------	d-----w-	c:\program files (x86)\Xilisoft
2013-07-29 15:33 . 2013-07-29 15:46	--------	d-----w-	c:\program files (x86)\JDownloader
2013-07-29 15:16 . 2013-07-29 15:16	--------	d-----w-	C:\FRST
2013-07-29 04:13 . 2013-07-29 04:13	--------	d-----w-	C:\74ddda2fd97d97c228b57e5a15
2013-07-28 21:33 . 2013-07-28 21:33	--------	d-----w-	c:\program files (x86)\VB Decompiler Pro
2013-07-28 21:25 . 2013-07-28 21:25	--------	d-----w-	c:\program files (x86)\Red Gate
2013-07-28 21:25 . 2013-07-28 21:25	--------	d-----w-	c:\windows\Downloaded Installations
2013-07-28 21:19 . 2013-07-28 21:19	--------	d-----r-	C:\Sandbox
2013-07-28 21:19 . 2013-07-28 21:19	--------	d-----w-	c:\program files\Sandboxie
2013-07-28 10:41 . 2013-07-28 10:42	--------	d-----w-	c:\windows\system32\MRT
2013-07-27 07:48 . 2011-02-19 06:37	1135104	----a-w-	c:\windows\system32\FntCache.dll
2013-07-27 07:29 . 2013-07-27 07:29	--------	d-----w-	c:\program files (x86)\Microsoft.NET
2013-07-26 22:05 . 2013-07-27 08:23	--------	d-----w-	c:\programdata\TrueSuite
2013-07-26 21:50 . 2013-07-26 21:50	--------	d-----w-	c:\program files (x86)\HP SimplePass
2013-07-26 21:49 . 2013-07-26 21:49	--------	d-----w-	c:\programdata\HP SimplePass 2011
2013-07-26 21:49 . 2013-07-26 21:49	--------	d-----w-	c:\program files\AuthenTec
2013-07-26 21:36 . 2013-07-26 21:36	--------	d-----w-	c:\windows\system32\upeksce
2013-07-26 21:36 . 2013-07-26 21:36	--------	d-----w-	c:\program files\Fingerprint Sensor
2013-07-26 21:36 . 2013-07-26 21:50	--------	d-----w-	c:\program files (x86)\Common Files\AuthenTec
2013-07-26 21:36 . 2013-07-26 21:49	--------	d-----w-	c:\program files\Common Files\AuthenTec
2013-07-26 21:36 . 2013-07-26 21:36	--------	d-----w-	c:\program files\AuthenTec TrueSuite
2013-07-26 21:35 . 2013-07-26 21:50	--------	d-----w-	c:\programdata\Downloaded Installations
2013-07-26 21:28 . 2013-07-29 16:28	--------	d-----w-	c:\program files\WinRAR
2013-07-26 21:25 . 2013-07-26 21:25	--------	d-----w-	c:\program files\CCleaner
2013-07-26 21:23 . 2013-05-10 07:42	559904	----a-w-	c:\windows\system32\hpmprein.dll
2013-07-26 21:23 . 2013-05-10 07:39	82208	----a-w-	c:\windows\system32\hpmco150.dll
2013-07-26 21:23 . 2013-07-26 21:23	--------	d-----w-	C:\HP Universal Print Driver
2013-07-26 20:21 . 2013-07-26 20:21	--------	d-----w-	c:\program files\Synaptics
2013-07-26 20:21 . 2013-07-26 20:21	--------	d-----w-	c:\program files (x86)\Intel
2013-07-26 20:20 . 2009-07-24 08:49	114688	----a-w-	c:\windows\SysWow64\RicohMediadriverVer.dll
2013-07-26 20:20 . 2009-07-20 13:05	59008	----a-w-	c:\windows\system32\drivers\rismcx64.sys
2013-07-26 20:20 . 2009-06-25 15:04	67584	----a-w-	c:\windows\system32\drivers\rimmpx64.sys
2013-07-26 20:19 . 2009-05-18 11:27	32768	----a-w-	c:\windows\SysWow64\adidrm.dll
2013-07-26 20:19 . 2008-12-10 11:26	60928	----a-w-	c:\windows\SysWow64\SFFXComm.dll
2013-07-26 20:19 . 2013-07-26 20:19	--------	d-----w-	c:\programdata\SonicFocus
2013-07-26 20:19 . 2013-07-26 20:19	--------	d-----w-	c:\program files (x86)\Analog Devices
2013-07-26 20:18 . 2013-07-26 20:21	--------	d-----w-	C:\Intel
2013-07-26 20:18 . 2010-05-14 01:47	30080	----a-w-	c:\windows\system32\drivers\msahci.sys
2013-07-26 20:17 . 2009-11-14 03:58	327680	----a-w-	c:\windows\system32\drivers\udfs.sys
2013-07-26 20:16 . 2009-10-21 03:27	76288	----a-w-	c:\windows\system32\drivers\hidclass.sys
2013-07-26 20:16 . 2009-10-01 07:42	777216	----a-w-	c:\windows\system32\autochk.exe
2013-07-26 20:16 . 2009-10-01 07:17	668160	----a-w-	c:\windows\SysWow64\autochk.exe
2013-07-26 20:15 . 2009-09-01 06:34	263256	----a-w-	c:\windows\system32\hal.dll
2013-07-26 20:14 . 2013-07-26 20:21	--------	d-----w-	C:\SWSetup
2013-07-26 19:57 . 2010-09-14 06:45	367104	----a-w-	c:\windows\system32\wcncsvc.dll
2013-07-26 19:57 . 2010-09-14 06:07	276992	----a-w-	c:\windows\SysWow64\wcncsvc.dll
2013-07-26 19:55 . 2009-09-10 06:28	311808	----a-w-	c:\windows\system32\msv1_0.dll
2013-07-26 19:55 . 2009-09-10 05:52	257024	----a-w-	c:\windows\SysWow64\msv1_0.dll
2013-07-26 19:54 . 2012-07-26 07:46	2560	----a-w-	c:\windows\system32\drivers\de-DE\wdf01000.sys.mui
2013-07-26 19:54 . 2012-07-26 04:55	785512	----a-w-	c:\windows\system32\drivers\Wdf01000.sys
2013-07-26 19:54 . 2012-07-26 04:55	54376	----a-w-	c:\windows\system32\drivers\WdfLdr.sys
2013-07-26 19:54 . 2012-07-26 02:36	9728	----a-w-	c:\windows\system32\Wdfres.dll
2013-07-26 19:40 . 2013-07-26 18:44	--------	d-----w-	c:\windows\Panther
2013-07-26 19:33 . 2013-07-26 19:33	--------	d-----w-	c:\program files (x86)\Google
2013-07-26 19:31 . 2013-07-26 19:31	--------	d-----w-	c:\windows\SysWow64\wbem\en-US
2013-07-26 19:31 . 2013-07-26 19:31	--------	d-----w-	c:\windows\system32\wbem\en-US
2013-07-26 19:23 . 2009-11-25 10:47	99176	----a-w-	c:\windows\SysWow64\PresentationHostProxy.dll
2013-07-26 19:23 . 2009-11-25 10:47	49472	----a-w-	c:\windows\SysWow64\netfxperf.dll
2013-07-26 19:23 . 2009-11-25 10:47	48960	----a-w-	c:\windows\system32\netfxperf.dll
2013-07-26 19:23 . 2009-11-25 10:47	297808	----a-w-	c:\windows\SysWow64\mscoree.dll
2013-07-26 19:23 . 2009-11-25 10:47	295264	----a-w-	c:\windows\SysWow64\PresentationHost.exe
2013-07-26 19:23 . 2009-11-25 10:47	1130824	----a-w-	c:\windows\SysWow64\dfshim.dll
2013-07-26 19:23 . 2009-11-25 10:47	109912	----a-w-	c:\windows\system32\PresentationHostProxy.dll
2013-07-26 19:23 . 2009-11-25 10:47	444752	----a-w-	c:\windows\system32\mscoree.dll
2013-07-26 19:23 . 2009-11-25 10:47	320352	----a-w-	c:\windows\system32\PresentationHost.exe
2013-07-26 19:23 . 2009-11-25 10:47	1942856	----a-w-	c:\windows\system32\dfshim.dll
2013-07-26 19:23 . 2010-02-23 08:16	294912	----a-w-	c:\windows\system32\browserchoice.exe
2013-07-26 19:12 . 2012-12-16 16:52	46080	----a-w-	c:\windows\system32\atmlib.dll
2013-07-26 19:12 . 2012-12-16 14:40	367616	----a-w-	c:\windows\system32\atmfd.dll
2013-07-26 19:12 . 2012-12-16 14:25	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
2013-07-26 19:12 . 2012-12-16 14:25	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2013-07-26 19:12 . 2009-10-19 14:46	100864	----a-w-	c:\windows\system32\fontsub.dll
2013-07-26 19:12 . 2009-10-19 14:10	70656	----a-w-	c:\windows\SysWow64\fontsub.dll
2013-07-26 19:11 . 2012-07-26 03:08	229888	----a-w-	c:\windows\system32\WUDFHost.exe
2013-07-26 19:11 . 2012-07-26 03:08	84992	----a-w-	c:\windows\system32\WUDFSvc.dll
2013-07-26 19:11 . 2012-07-26 03:08	744448	----a-w-	c:\windows\system32\WUDFx.dll
2013-07-26 19:11 . 2012-07-26 03:08	45056	----a-w-	c:\windows\system32\WUDFCoinstaller.dll
2013-07-26 19:11 . 2012-07-26 03:08	194048	----a-w-	c:\windows\system32\WUDFPlatform.dll
2013-07-26 19:11 . 2012-07-26 02:26	87040	----a-w-	c:\windows\system32\drivers\WUDFPf.sys
2013-07-26 19:11 . 2012-07-26 02:26	198656	----a-w-	c:\windows\system32\drivers\WUDFRd.sys
2013-07-26 19:10 . 2013-07-30 05:06	--------	d-sh--w-	c:\windows\Installer
2013-07-26 19:10 . 2013-07-26 19:10	--------	d-----w-	c:\users\Default\AppData\Roaming\hpqLog
2013-07-26 19:10 . 2009-04-29 05:48	18432	----a-w-	c:\windows\system32\drivers\HpqKbFiltr.sys
2013-07-26 19:10 . 2009-04-20 06:40	11264	----a-w-	c:\windows\system32\drivers\CPQBttn64.sys
2013-07-26 19:10 . 2006-11-02 04:04	1919968	----a-w-	c:\windows\system32\drivers\wdfcoinstaller01005.dll
2013-07-26 19:10 . 2013-07-26 20:20	--------	d--h--w-	c:\program files (x86)\InstallShield Installation Information
2013-07-26 19:10 . 2013-07-26 20:15	--------	d-----w-	c:\program files (x86)\Hewlett-Packard
2013-07-26 19:10 . 2010-02-25 15:51	1863680	----a-w-	c:\windows\SysWow64\BttnCmn.dll
2013-07-26 19:10 . 2010-02-25 13:20	1885488	----a-w-	c:\windows\SysWow64\BttnCmns.dll
2013-07-26 19:10 . 2013-07-26 19:10	--------	d-----w-	c:\windows\QLB
2013-07-26 19:07 . 2012-03-01 06:54	22896	----a-w-	c:\windows\system32\drivers\fs_rec.sys
2013-07-26 19:07 . 2012-03-01 06:40	80896	----a-w-	c:\windows\system32\imagehlp.dll
2013-07-26 19:07 . 2012-03-01 06:35	5120	----a-w-	c:\windows\system32\wmi.dll
2013-07-26 19:07 . 2012-03-01 05:45	158720	----a-w-	c:\windows\SysWow64\imagehlp.dll
2013-07-26 19:07 . 2012-03-01 05:40	5120	----a-w-	c:\windows\SysWow64\wmi.dll
2013-07-26 19:05 . 2010-03-04 04:32	243712	----a-w-	c:\windows\system32\drivers\ks.sys
2013-07-26 19:05 . 2011-12-16 08:42	634368	----a-w-	c:\windows\system32\msvcrt.dll
2013-07-26 19:05 . 2011-12-16 07:59	690688	----a-w-	c:\windows\SysWow64\msvcrt.dll
2013-07-26 19:05 . 2012-08-11 00:53	714752	----a-w-	c:\windows\system32\kerberos.dll
2013-07-26 19:05 . 2012-08-10 23:54	541184	----a-w-	c:\windows\SysWow64\kerberos.dll
2013-07-26 19:03 . 2012-09-25 22:39	95744	----a-w-	c:\windows\system32\synceng.dll
2013-07-26 19:02 . 2012-11-09 05:34	751104	----a-w-	c:\windows\system32\win32spl.dll
2013-07-26 18:59 . 2010-08-27 06:14	236032	----a-w-	c:\windows\system32\srvsvc.dll
2013-07-26 18:59 . 2010-08-27 05:46	9728	----a-w-	c:\windows\SysWow64\sscore.dll
2013-07-26 18:55 . 2011-11-19 15:07	77312	----a-w-	c:\windows\system32\packager.dll
2013-07-26 18:55 . 2011-11-19 14:06	67072	----a-w-	c:\windows\SysWow64\packager.dll
2013-07-26 18:49 . 2012-02-15 06:27	1031680	----a-w-	c:\windows\system32\rdpcore.dll
2013-07-26 18:49 . 2012-02-15 05:44	826368	----a-w-	c:\windows\SysWow64\rdpcore.dll
2013-07-26 18:49 . 2012-02-15 04:46	23552	----a-w-	c:\windows\system32\drivers\tdtcp.sys
2013-07-26 18:49 . 2010-01-09 07:19	139264	----a-w-	c:\windows\system32\cabview.dll
2013-07-26 18:49 . 2010-01-09 06:52	132608	----a-w-	c:\windows\SysWow64\cabview.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-19 07:44 . 2013-01-19 07:44	2174976	----a-w-	c:\program files (x86)\Common Files\atimpenc.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2013-07-08 759384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2010-02-25 287800]
"SoundMAXPnP"="c:\program files (x86)\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series - Adaptertreiber für Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 RICOH SmartCard Reader;RICOH SmartCard Reader;c:\windows\system32\DRIVERS\rismcx64.sys;c:\windows\SYSNATIVE\DRIVERS\rismcx64.sys [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass\TrueSuiteService.exe;c:\program files (x86)\HP SimplePass\TrueSuiteService.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S3 ATSwpWDF;AuthenTec TruePrint WBF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys;c:\windows\SYSNATIVE\Drivers\ATSwpWDF.sys [x]
S3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x]
S3 e1yexpress;Intel(R) Gigabit-Netzwerkverbindungstreiber;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]
S3 rismcx64;RICOH Smart Card Reader;c:\windows\system32\DRIVERS\rismcx64.sys;c:\windows\SYSNATIVE\DRIVERS\rismcx64.sys [x]
S3 TrueService;TrueAPI Service component;c:\program files\Common Files\AuthenTec\TrueService.exe;c:\program files\Common Files\AuthenTec\TrueService.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-26 19:33	1173456	----a-w-	c:\program files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-26 19:33]
.
2013-07-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-26 19:33]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-11-08 163384]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-11-08 387640]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-11-08 418360]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = 118.99.64.50:8080
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-07-30  19:02:15
ComboFix-quarantined-files.txt  2013-07-30 17:02
ComboFix2.txt  2013-07-30 16:51
.
Vor Suchlauf: 14 Verzeichnis(se), 87.635.419.136 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 89.519.640.576 Bytes frei
.
- - End Of File - - F0DD71D8E136B63AE9F8BA996C0D9BE2
         
--- --- ---
A36C5E4F47E84449FF07ED3517B43A31

Geändert von cocakiller (30.07.2013 um 18:05 Uhr)

Alt 31.07.2013, 08:12   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Virus/Trojaner im Energiesparmodus aktiv? - Standard

Virus/Trojaner im Energiesparmodus aktiv?



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 31.07.2013, 22:00   #10
cocakiller
 
Virus/Trojaner im Energiesparmodus aktiv? - Standard

Virus/Trojaner im Energiesparmodus aktiv?



Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.07.31.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Sebastian :: SEBASTIAN-PC [Administrator]

Schutz: Aktiviert

31.07.2013 22:42:10
mbam-log-2013-07-31 (22-42-10).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 212870
Laufzeit: 1 Minute(n), 17 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\Users\Sebastian\Downloads\Julian Sch-fer Mahnkosten 13.05.2013 389058615  software-download.mediamarkt.de.zip (Trojan.Fakenero.ED) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Sebastian\Downloads\VB.Decompiler.Pro.v8.3.RETAIL.INCL_KEYGEN_PATCH-FFF.rar (Malware.Packer) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         
JRT:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.9 (07.30.2013:1)
OS: Windows 7 Ultimate x64
Ran by Sebastian on 31.07.2013 at 22:48:24,36
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31.07.2013 at 22:53:28,09
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

ADW:
Code:
ATTFilter
# AdwCleaner v2.306 - Datei am 31/07/2013 um 22:45:15 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzer : Sebastian - SEBASTIAN-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Sebastian\Downloads\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16496

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Google Chrome v28.0.1500.95

Datei : C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [729 octets] - [31/07/2013 22:45:15]

########## EOF - C:\AdwCleaner[S1].txt - [788 octets] ##########
         
Anhang FRST

Alt 01.08.2013, 09:22   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Virus/Trojaner im Energiesparmodus aktiv? - Standard

Virus/Trojaner im Energiesparmodus aktiv?




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Virus/Trojaner im Energiesparmodus aktiv?
.com, aktiv, anhang, blöd, checken, diverse, fehler, frage, gestartet, handy, kennwort, laptop, mails, morgen, musik, nichts, programme, schuld, sekunden, starten, system, viren, virus, virustotal, zugeklappt, öffnen




Ähnliche Themen: Virus/Trojaner im Energiesparmodus aktiv?


  1. Windows8: Virus trotz Neuinstallation des OS noch immer aktiv
    Log-Analyse und Auswertung - 16.08.2015 (3)
  2. dhl trojaner- Vista - gewerblich - war schon aktiv
    Log-Analyse und Auswertung - 23.03.2015 (9)
  3. GVU-Virus noch aktiv?
    Plagegeister aller Art und deren Bekämpfung - 06.07.2013 (11)
  4. Rechner fährt aus Ruhezustand und Energiesparmodus gleich wieder hoch!
    Alles rund um Windows - 14.05.2013 (3)
  5. PC friert ein und wird aus dem Energiesparmodus wach
    Plagegeister aller Art und deren Bekämpfung - 01.12.2012 (0)
  6. GUV Trojaner noch aktiv?
    Plagegeister aller Art und deren Bekämpfung - 29.08.2012 (21)
  7. Gema Virus: Nach der Entschlüsselung noch aktiv?
    Plagegeister aller Art und deren Bekämpfung - 08.06.2012 (1)
  8. Facebook-Trojaner aktiv?
    Log-Analyse und Auswertung - 25.10.2011 (10)
  9. Nach Energiesparmodus kein Sound
    Alles rund um Windows - 16.08.2011 (9)
  10. Windows Vista Energiesparmodus Problem
    Alles rund um Windows - 16.08.2011 (15)
  11. Trojaner immer noch aktiv?
    Log-Analyse und Auswertung - 26.03.2010 (1)
  12. Windows 7 Energiesparmodus
    Alles rund um Windows - 16.02.2010 (0)
  13. Trojaner oder Virus nur aktiv wenn Internetverbindung besteht ?
    Plagegeister aller Art und deren Bekämpfung - 26.01.2010 (1)
  14. Bluescreen nach Energiesparmodus
    Alles rund um Windows - 02.01.2010 (7)
  15. MSN Virus nach Formatierung noch aktiv
    Plagegeister aller Art und deren Bekämpfung - 17.05.2009 (3)
  16. Vista geht nicht mehr in den Energiesparmodus
    Log-Analyse und Auswertung - 10.10.2007 (2)
  17. Trojaner noch aktiv???
    Log-Analyse und Auswertung - 05.05.2007 (28)

Zum Thema Virus/Trojaner im Energiesparmodus aktiv? - Hallo Heute morgen wurde ich von meinem Laptop geweckt. Aber erstmal die Vorgeschichte: Gestern habe ich beim Mails checken einen Anhang runtergeladen einer typischen Mahnung in einer zip Datei. In - Virus/Trojaner im Energiesparmodus aktiv?...
Archiv
Du betrachtest: Virus/Trojaner im Energiesparmodus aktiv? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.