Hallo,
danke für die schnelle Übernahme meines Threads. Hier die beiden Logs:
FRST:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-06-2013 02
Ran by Franz (administrator) on 21-06-2013 20:47:14
Running from C:\Users\Franz\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Realtek) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWlan.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(hxxp://code.google.com/p/wot-xvm/) C:\Games\World_of_Tanks\xvm-stat.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Game Inc.) C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(hxxp://code.google.com/p/wot-xvm/) C:\Games\World_of_Tanks\xvm-stat.exe
(Wargaming.net) C:\Games\World_of_Tanks\WorldOfTanks.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 [286704 2013-03-22] (Intel Corporation)
HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1475584 2010-11-21] (Microsoft Corporation)
HKCU\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [19603048 2013-06-03] (Skype Technologies S.A.)
HKCU\...\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4284976 2013-05-15] ()
HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [GamingKeyboard] "C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe" [1803264 2012-06-07] (Game Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [291648 2012-05-21] (Intel Corporation)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
Startup: C:\ProgramData\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\Users\Franz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
Startup: C:\Users\Franz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Franz\AppData\Roaming\Mozilla\Firefox\Profiles\ufim2oib.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.20 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: WOT - C:\Users\Franz\AppData\Roaming\Mozilla\Firefox\Profiles\ufim2oib.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: personas - C:\Users\Franz\AppData\Roaming\Mozilla\Firefox\Profiles\ufim2oib.default\Extensions\personas@christopher.beard.xpi
FF Extension: No Name - C:\Users\Franz\AppData\Roaming\Mozilla\Firefox\Profiles\ufim2oib.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [14848 2011-01-10] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-20] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182248 2013-03-14] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-20] (Intel Corporation)
R2 Realtek11nSU; C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [746392 2013-03-20] (Tunngle.net GmbH)
R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC)
==================== Drivers (Whitelisted) ====================
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [47512 2013-01-10] (Asmedia Technology)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1025808 2013-05-09] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378432 2013-05-09] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-05-09] ()
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2011-01-10] (Windows (R) Win 7 DDK provider)
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2011-01-10] (Windows (R) Win 7 DDK provider)
R3 GameKB; C:\Windows\System32\drivers\GameKB.sys [27648 2012-05-11] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-03-22] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-03-14] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-03-14] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-03-14] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-03-20] (Intel Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2013-06-21] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-06-21 20:47 - 2013-06-21 20:47 - 00000000 ____D C:\FRST
2013-06-21 20:43 - 2013-06-21 20:46 - 01930924 ____A (Farbar) C:\Users\Franz\Downloads\FRST64.exe
2013-06-21 20:41 - 2013-06-21 20:41 - 00094656 ____A (CACE Technologies) C:\Windows\System32\WPRO_41_2001woem.tmp
2013-06-20 15:51 - 2013-06-20 15:51 - 00000000 ____A C:\Users\Franz\agent.log
2013-06-20 15:36 - 2013-06-21 20:41 - 00034752 ____A C:\Windows\System32\Drivers\WPRO_41_2001.sys
2013-06-20 15:36 - 2013-06-20 16:00 - 00000000 ____D C:\Users\Franz\Desktop\Replays
2013-06-20 15:35 - 2013-06-21 20:41 - 00003286 ____A C:\Windows\PFRO.log
2013-06-20 15:35 - 2013-06-21 20:41 - 00000280 ____A C:\Windows\setupact.log
2013-06-20 15:35 - 2013-06-20 15:35 - 00000000 ____A C:\Windows\setuperr.log
2013-06-20 15:30 - 2013-06-20 15:38 - 00000000 ____D C:\Users\Franz\Downloads\Trojaner board
2013-06-20 15:30 - 2013-06-20 15:32 - 00000000 ____D C:\Users\Franz\Downloads\iPhone
2013-06-20 15:29 - 2013-06-20 15:30 - 00000000 ____D C:\Users\Franz\Downloads\World of Tanks
2013-06-20 15:25 - 2013-06-20 15:25 - 00000000 ____D C:\Users\Franz\Intel
2013-06-20 15:24 - 2013-06-20 15:24 - 00000000 ____A C:\Windows\SysWOW64\agent.log
2013-06-20 15:23 - 2013-03-20 15:45 - 00016344 ____A (Intel Corporation) C:\Windows\System32\Drivers\IntelMEFWVer.dll
2013-06-20 15:22 - 2013-06-20 15:36 - 00000000 ____D C:\ProgramData\Intel
2013-06-20 15:22 - 2013-06-20 15:22 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2013-06-20 15:22 - 2013-03-20 15:45 - 01795952 ____A (Microsoft Corporation) C:\Windows\System32\WdfCoInstaller01011.dll
2013-06-20 15:22 - 2013-03-20 15:45 - 00099288 ____A (Intel Corporation) C:\Windows\System32\Drivers\TeeDriverx64.sys
2013-06-20 15:19 - 2013-04-10 11:09 - 00849992 ____A (Realtek ) C:\Windows\System32\Drivers\Rt64win7.sys
2013-06-20 15:19 - 2013-04-10 11:09 - 00108104 ____A (Realtek Semiconductor Corporation) C:\Windows\System32\RTNUninst64.dll
2013-06-20 15:19 - 2013-04-10 11:09 - 00073800 ____A (Realtek Semiconductor Corporation) C:\Windows\System32\RtNicProp64.dll
2013-06-20 15:18 - 2013-06-20 15:18 - 00018960 ____A (Logitech, Inc.) C:\Windows\System32\Drivers\LNonPnP.sys
2013-06-20 15:18 - 2013-06-20 15:18 - 00000000 ____D C:\Users\Public\Documents\Logishrd
2013-06-20 15:18 - 2013-06-20 15:18 - 00000000 ____D C:\Users\Franz\AppData\Roaming\Leadertech
2013-06-20 15:17 - 2013-06-20 15:27 - 00000000 ____D C:\ProgramData\Logitech
2013-06-20 15:17 - 2013-06-20 15:27 - 00000000 ____D C:\ProgramData\Logishrd
2013-06-20 15:16 - 2013-06-20 15:18 - 00000000 ____D C:\Users\Franz\AppData\Roaming\Logitech
2013-06-20 15:16 - 2013-06-20 15:16 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-06-20 15:16 - 2013-06-20 15:16 - 00000000 ____D C:\Users\Franz\AppData\Roaming\Logishrd
2013-06-20 15:16 - 2013-06-20 15:16 - 00000000 ____D C:\Program Files\Realtek
2013-06-20 15:16 - 2013-03-29 21:42 - 03379272 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RTKVHD64.sys
2013-06-20 15:16 - 2013-03-29 17:10 - 00449481 ____A C:\Windows\System32\Drivers\RTAIODAT.DAT
2013-06-20 15:16 - 2013-03-27 16:57 - 00135240 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RCoInstII64.dll
2013-06-20 15:16 - 2013-03-26 17:06 - 02797128 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtPgEx64.dll
2013-06-20 15:16 - 2013-03-26 17:04 - 02734624 ____A (Fortemedia Corporation) C:\Windows\System32\FMAPO64.dll
2013-06-20 15:16 - 2013-03-26 15:40 - 03693128 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkAPO64.dll
2013-06-20 15:16 - 2013-03-26 14:38 - 01659464 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RTSnMg64.cpl
2013-06-20 15:16 - 2013-03-25 17:32 - 03180264 ____A C:\Windows\System32\Drivers\rtvienna.dat
2013-06-20 15:16 - 2013-03-23 03:43 - 00208072 ____A (Andrea Electronics Corporation) C:\Windows\System32\AERTAC64.dll
2013-06-20 15:16 - 2013-03-20 13:16 - 02102040 ____A (Waves Audio Ltd.) C:\Windows\System32\WavesGUILib64.dll
2013-06-20 15:16 - 2013-03-20 13:16 - 00910104 ____A (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioAPOShell64.dll
2013-06-20 15:16 - 2013-03-12 18:16 - 00613448 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtDataProc64.dll
2013-06-20 15:16 - 2013-02-28 13:10 - 02032408 ____A (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioEQ64.dll
2013-06-20 15:16 - 2013-02-20 18:55 - 01284680 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RTCOM64.dll
2013-06-20 15:16 - 2013-02-19 18:52 - 00991816 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkApi64.dll
2013-06-20 15:16 - 2013-01-16 16:02 - 02079816 ____A (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2013-06-20 15:16 - 2013-01-11 16:27 - 00628504 ____A (Creative Technology Ltd.) C:\Windows\System32\MBTHX64.dll
2013-06-20 15:16 - 2013-01-11 16:27 - 00563992 ____A (Creative Technology Ltd.) C:\Windows\SysWOW64\MBTHX32.dll
2013-06-20 15:16 - 2012-06-20 17:26 - 00110592 ____A (Real Sound Lab SIA) C:\Windows\System32\CONEQMSAPOGUILibrary.dll
2013-06-20 15:16 - 2012-06-08 16:23 - 00083072 ____A (Creative Technology Ltd.) C:\Windows\System32\MBWrp64.dll
2013-06-20 15:16 - 2012-06-08 16:21 - 00897152 ____A (Creative Technology Ltd.) C:\Windows\System32\MBAPO64.dll
2013-06-20 15:16 - 2012-06-08 16:21 - 00753280 ____A (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO32.dll
2013-06-20 15:16 - 2012-03-08 11:47 - 00108640 ____A (Andrea Electronics Corporation) C:\Windows\System32\AERTAR64.dll
2013-06-20 15:16 - 2011-12-20 15:32 - 00331880 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtlCPAPI64.dll
2013-06-20 15:16 - 2011-11-22 16:28 - 00014952 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkCoLDR64.dll
2013-06-20 15:16 - 2010-11-08 07:31 - 00375128 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEP64A.dll
2013-06-20 15:16 - 2010-11-08 07:31 - 00310104 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RP3DHT64.dll
2013-06-20 15:16 - 2010-11-08 07:31 - 00310104 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RP3DAA64.dll
2013-06-20 15:16 - 2010-11-08 07:31 - 00204120 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEED64A.dll
2013-06-20 15:16 - 2010-11-08 07:31 - 00101208 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEL64A.dll
2013-06-20 15:16 - 2010-11-08 07:31 - 00078680 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEG64A.dll
2013-06-20 15:16 - 2010-11-03 18:30 - 00149608 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkCfg64.dll
2013-06-20 15:16 - 2010-09-27 09:34 - 00318808 ____A (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioAPO20.dll
2013-06-20 15:16 - 2009-11-24 09:55 - 00518896 ____A (SRS Labs, Inc.) C:\Windows\System32\SRSTSX64.dll
2013-06-20 15:16 - 2009-11-24 09:55 - 00211184 ____A (SRS Labs, Inc.) C:\Windows\System32\SRSTSH64.dll
2013-06-20 15:16 - 2009-11-24 09:55 - 00198896 ____A (SRS Labs, Inc.) C:\Windows\System32\SRSHP64.dll
2013-06-20 15:16 - 2009-11-24 09:55 - 00155888 ____A (SRS Labs, Inc.) C:\Windows\System32\SRSWOW64.dll
2013-06-20 15:16 - 2009-11-18 07:12 - 00032344 ____A (Creative Technology Ltd.) C:\Windows\System32\Drivers\MBfilt64.sys
2013-06-20 15:14 - 2013-06-20 15:25 - 00000000 ____D C:\Program Files\Intel
2013-06-20 15:11 - 2013-02-27 15:37 - 00053248 ____A (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2013-06-20 14:50 - 2013-06-20 15:27 - 00000000 ____D C:\ProgramData\DriverGenius
2013-06-20 14:48 - 2013-06-20 14:48 - 00001207 ____A C:\Users\Franz\Desktop\Driver Genius.lnk
2013-06-20 14:48 - 2013-06-20 14:48 - 00000000 ____D C:\Program Files (x86)\Driver-Soft
2013-06-19 18:47 - 2013-06-19 18:47 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-19 18:47 - 2013-06-19 18:47 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-19 18:47 - 2013-06-19 18:47 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-19 18:47 - 2013-06-19 18:47 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-19 15:25 - 2013-06-19 15:25 - 00001636 ____A C:\Users\Public\Desktop\World of Tanks (XVM).lnk
2013-06-19 14:28 - 2013-06-19 20:08 - 00000000 ____D C:\Users\Franz\AppData\Roaming\redsn0w
2013-06-19 13:25 - 2013-06-19 13:25 - 00007605 ____A C:\Users\Franz\AppData\Local\Resmon.ResmonCfg
2013-06-19 12:43 - 2013-06-19 12:43 - 00000000 ____D C:\Program Files\HitmanPro
2013-06-18 21:03 - 2013-06-19 12:51 - 00000000 ____D C:\ProgramData\HitmanPro
2013-06-18 20:13 - 2013-06-18 20:17 - 00008192 ____A C:\Users\Franz\Documents\Kombilon Sporttag 2013 RHS Klasse 7d.xls
2013-06-18 19:45 - 2013-06-21 16:05 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-18 19:45 - 2013-06-18 19:45 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-18 19:45 - 2013-06-18 19:45 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-18 19:44 - 2013-06-18 19:44 - 00000000 ____D C:\Users\Franz\AppData\Local\Adobe
2013-06-18 16:27 - 2013-06-18 16:27 - 00000000 ____D C:\Users\Franz\AppData\Roaming\Malwarebytes
2013-06-18 16:26 - 2013-06-18 16:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-18 13:24 - 2013-06-18 13:30 - 00000000 ____D C:\Qoobox
2013-06-18 13:24 - 2013-06-18 13:29 - 00000000 ____D C:\Windows\erdnt
2013-06-18 13:24 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2013-06-18 13:24 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2013-06-18 13:24 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-06-18 13:24 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-06-18 13:24 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-06-18 13:24 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2013-06-18 13:24 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2013-06-18 13:24 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2013-06-18 13:19 - 2013-06-18 13:22 - 05081021 ___RA (Swearware) C:\Users\Franz\Desktop\ComboFix.exe
2013-06-17 20:55 - 2013-06-17 20:55 - 00000000 ___AH C:\Users\Franz\Documents\Default.rdp
2013-06-17 16:39 - 2013-06-17 16:39 - 00000000 ____A C:\Users\Franz\defogger_reenable
2013-06-17 15:45 - 2013-06-20 13:55 - 00000000 ____D C:\Users\Franz\AppData\Roaming\Feed The Beast
2013-06-17 15:45 - 2013-06-17 15:55 - 00000000 ____D C:\Users\Franz\AppData\Roaming\ftblauncher
2013-06-16 19:48 - 2013-06-16 19:48 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2013-06-16 19:48 - 2013-06-16 19:48 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2013-06-16 19:48 - 2013-06-16 19:48 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-06-16 19:47 - 2013-06-16 19:47 - 00000000 ____D C:\Program Files\ATI Technologies
2013-06-16 18:51 - 2013-04-14 14:04 - 148203997 ____A C:\Users\Franz\Desktop\Film Werbung Schnitt Franz Mädchen.mp4
2013-06-16 18:51 - 2013-04-05 16:23 - 01654038 ____A C:\Users\Franz\Desktop\Werbung_neu Franz Florian.odt
2013-06-16 18:51 - 2013-04-05 16:23 - 01637895 ____A C:\Users\Franz\Desktop\Werbung Franz Florian.odt
2013-06-15 12:47 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-15 12:47 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-15 12:47 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-15 12:47 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-15 12:47 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-15 12:47 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-15 12:47 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-15 12:47 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-15 12:47 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-15 12:47 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-15 12:47 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-15 12:47 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-13 07:48 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-13 07:48 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-13 07:48 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-13 07:48 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-13 07:48 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-13 07:48 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-13 07:48 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-13 07:48 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-13 07:48 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-13 07:48 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-13 07:48 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-13 07:48 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-13 07:48 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-13 07:48 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-13 07:48 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-13 07:48 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-13 07:48 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-13 07:48 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-13 07:48 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-12 16:25 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 16:25 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 16:25 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 16:25 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 16:25 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 16:25 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 16:25 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 16:25 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 16:25 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 16:25 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 16:25 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 16:25 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 16:25 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 16:25 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 16:25 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 16:25 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-12 16:25 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-12 16:25 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-12 16:25 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-09 18:50 - 2013-06-09 18:50 - 00001783 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-09 18:50 - 2013-06-09 18:50 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-09 18:50 - 2013-06-09 18:50 - 00000000 ____D C:\Program Files\iTunes
2013-06-09 18:50 - 2013-06-09 18:50 - 00000000 ____D C:\Program Files\iPod
2013-06-09 18:50 - 2013-06-09 18:50 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-09 18:47 - 2013-06-11 16:55 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-06-09 18:47 - 2013-06-11 16:55 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-06-09 18:46 - 2012-08-23 16:13 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\rdpudd.dll
2013-06-09 18:46 - 2012-08-23 16:10 - 00019456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpvideominiport.sys
2013-06-09 18:46 - 2012-08-23 16:08 - 00030208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbGD.sys
2013-06-09 18:46 - 2012-08-23 16:07 - 00057856 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbFlt.sys
2013-06-09 18:46 - 2012-08-23 15:47 - 00046592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-06-09 18:46 - 2012-08-23 15:46 - 00016896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-06-09 18:46 - 2012-08-23 15:41 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2013-06-09 18:46 - 2012-08-23 15:40 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2013-06-09 18:46 - 2012-08-23 15:24 - 00015360 ____A (Microsoft Corporation) C:\Windows\System32\RdpGroupPolicyExtension.dll
2013-06-09 18:46 - 2012-08-23 15:20 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\MsRdpWebAccess.dll
2013-06-09 18:46 - 2012-08-23 15:18 - 00037376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-06-09 18:46 - 2012-08-23 15:17 - 00018432 ____A (Microsoft Corporation) C:\Windows\System32\wksprtPS.dll
2013-06-09 18:46 - 2012-08-23 15:06 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbGDCoInstaller.dll
2013-06-09 18:46 - 2012-08-23 14:52 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2013-06-09 18:46 - 2012-08-23 13:20 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\TSWbPrxy.exe
2013-06-09 18:46 - 2012-08-23 13:15 - 00269312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-06-09 18:46 - 2012-08-23 13:14 - 00384000 ____A (Microsoft Corporation) C:\Windows\System32\wksprt.exe
2013-06-09 18:46 - 2012-08-23 13:12 - 00192000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2013-06-09 18:46 - 2012-08-23 12:54 - 00322560 ____A (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2013-06-09 18:46 - 2012-08-23 12:51 - 00228864 ____A (Microsoft Corporation) C:\Windows\System32\rdpendp_winip.dll
2013-06-09 18:46 - 2012-08-23 12:39 - 01048064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-06-09 18:46 - 2012-08-23 12:22 - 01123840 ____A (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2013-06-09 18:46 - 2012-08-23 11:51 - 03174912 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2013-06-09 18:46 - 2012-08-23 10:19 - 04916224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-06-09 18:46 - 2012-08-23 10:13 - 05773824 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2013-06-09 18:45 - 2012-08-24 20:13 - 00154480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2013-06-09 18:45 - 2012-08-24 20:09 - 00458712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2013-06-09 18:45 - 2012-08-24 20:05 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2013-06-09 18:45 - 2012-08-24 20:03 - 01448448 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2013-06-09 18:45 - 2012-08-24 18:57 - 00247808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-06-09 18:45 - 2012-08-24 18:57 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-06-09 18:45 - 2012-08-24 18:53 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-06-09 18:44 - 2012-05-04 13:00 - 00366592 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2013-06-09 18:44 - 2012-05-04 11:59 - 00514560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2013-06-08 17:54 - 2013-06-08 17:55 - 00000000 ____D C:\Users\Franz\Documents\3DMark 11
2013-06-08 17:54 - 2013-06-08 17:54 - 00000000 ____D C:\Users\Franz\AppData\Local\Futuremark
2013-06-08 15:06 - 2013-06-08 15:06 - 00000997 ____A C:\Users\Franz\Desktop\eclipse.exe - Verknüpfung.lnk
2013-06-08 15:05 - 2013-06-08 15:06 - 00000000 ____D C:\Program Files\Eclipse
2013-06-02 14:51 - 2013-06-08 17:29 - 00000000 ____D C:\Users\Franz\Desktop\Jakob
2013-05-31 20:13 - 2013-06-18 17:17 - 00000000 ____D C:\Users\Franz\AppData\Roaming\TS3Client
2013-05-28 19:23 - 2013-05-28 19:23 - 00001922 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-05-27 20:36 - 2013-05-27 20:36 - 00000037 ___SH C:\Users\Franz\AppData\Local\70149b02515b3bb20dd492.47983420
2013-05-27 20:36 - 2013-05-27 20:36 - 00000000 ____D C:\Users\Franz\AppData\Local\MetaGeek,_LLC
2013-05-27 20:36 - 2013-05-27 20:36 - 00000000 ____D C:\Users\Franz\AppData\Local\IsolatedStorage
2013-05-27 17:57 - 2013-05-27 17:58 - 00000000 ____D C:\Users\Franz\AppData\Roaming\Ultimate
2013-05-27 17:53 - 2013-05-27 17:53 - 00510899 ____A () C:\Users\Franz\Desktop\FTB_Launcher.exe
2013-05-26 16:25 - 2013-06-08 15:12 - 00000000 ____D C:\Users\Franz\Desktop\Javaprogramme
2013-05-23 19:42 - 2013-06-12 20:43 - 00003584 ____A C:\Users\Franz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-05-23 19:33 - 2013-05-23 19:33 - 00000824 ____A C:\Users\Franz\Documents\hosts.txt
2013-05-23 15:43 - 2013-05-23 15:43 - 00000688 ____A C:\Users\Franz\Desktop\ANNO 2070 DEMO - Verknüpfung.lnk
2013-05-22 20:55 - 2013-05-26 16:23 - 00000000 ____D C:\Program Files\Java
2013-05-22 20:55 - 2013-05-22 20:55 - 01092512 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2013-05-22 20:55 - 2013-05-22 20:55 - 00971680 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2013-05-22 20:55 - 2013-05-22 20:55 - 00311200 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-05-22 20:55 - 2013-05-22 20:55 - 00188832 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-05-22 20:55 - 2013-05-22 20:55 - 00188320 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-05-22 20:55 - 2013-05-22 20:55 - 00108448 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
2013-05-22 20:43 - 2013-05-22 20:43 - 00000000 ____D C:\Users\Franz\Documents\ANNO 2070 Demo
2013-05-22 20:06 - 2013-05-22 20:06 - 00000000 ____D C:\Users\Franz\AppData\Roaming\Ubisoft
2013-05-22 20:06 - 2008-10-15 06:22 - 05631312 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_40.dll
2013-05-22 20:06 - 2008-10-15 06:22 - 04379984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2013-05-22 20:06 - 2008-10-15 06:22 - 02605920 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_40.dll
2013-05-22 20:06 - 2008-10-15 06:22 - 02036576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2013-05-22 20:06 - 2008-10-15 06:22 - 00519000 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_40.dll
2013-05-22 20:06 - 2008-10-15 06:22 - 00452440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2013-05-22 20:04 - 2013-05-22 20:04 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-05-22 17:22 - 2013-05-22 17:22 - 00263186 ____A C:\Users\Franz\Desktop\minecraft.exe
2013-05-22 14:28 - 2013-06-19 20:35 - 00000080 ____A C:\Windows\System32\Drivers\etc\hosts.umbrella
2013-05-22 14:28 - 2013-06-19 20:26 - 00000284 ____A C:\Users\Franz\umbrella0.log
2013-05-22 14:28 - 2013-05-22 14:29 - 00000000 ____D C:\Users\Franz\.shsh
2013-05-22 13:58 - 2013-05-22 13:58 - 00000000 ____D C:\Users\Franz\AppData\Roaming\LolClient
2013-05-22 11:39 - 2013-05-22 13:18 - 00000000 ____D C:\Users\Franz\Documents\World of Tanks Mod
==================== One Month Modified Files and Folders =======
2013-06-21 20:47 - 2013-06-21 20:47 - 00000000 ____D C:\FRST
2013-06-21 20:47 - 2013-05-15 20:29 - 00000000 ____D C:\Users\Franz\AppData\Local\PMB Files
2013-06-21 20:46 - 2013-06-21 20:43 - 01930924 ____A (Farbar) C:\Users\Franz\Downloads\FRST64.exe
2013-06-21 20:42 - 2013-05-11 17:15 - 00000000 ____D C:\Users\Franz\AppData\Roaming\Skype
2013-06-21 20:41 - 2013-06-21 20:41 - 00094656 ____A (CACE Technologies) C:\Windows\System32\WPRO_41_2001woem.tmp
2013-06-21 20:41 - 2013-06-20 15:36 - 00034752 ____A C:\Windows\System32\Drivers\WPRO_41_2001.sys
2013-06-21 20:41 - 2013-06-20 15:35 - 00003286 ____A C:\Windows\PFRO.log
2013-06-21 20:41 - 2013-06-20 15:35 - 00000280 ____A C:\Windows\setupact.log
2013-06-21 20:41 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-21 16:51 - 2013-05-11 15:14 - 01317375 ____A C:\Windows\WindowsUpdate.log
2013-06-21 16:10 - 2009-07-14 06:45 - 00021664 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-21 16:10 - 2009-07-14 06:45 - 00021664 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-21 16:05 - 2013-06-18 19:45 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-21 14:39 - 2013-05-11 19:56 - 00000000 ____D C:\Users\Franz\AppData\Roaming\.minecraft
2013-06-20 16:00 - 2013-06-20 15:36 - 00000000 ____D C:\Users\Franz\Desktop\Replays
2013-06-20 15:51 - 2013-06-20 15:51 - 00000000 ____A C:\Users\Franz\agent.log
2013-06-20 15:51 - 2013-05-11 15:14 - 00000000 ____D C:\users\Franz
2013-06-20 15:38 - 2013-06-20 15:30 - 00000000 ____D C:\Users\Franz\Downloads\Trojaner board
2013-06-20 15:36 - 2013-06-20 15:22 - 00000000 ____D C:\ProgramData\Intel
2013-06-20 15:35 - 2013-06-20 15:35 - 00000000 ____A C:\Windows\setuperr.log
2013-06-20 15:35 - 2013-05-17 19:57 - 00000000 ____D C:\Program Files (x86)\Intel
2013-06-20 15:33 - 2013-05-17 20:11 - 00000000 ____D C:\Users\Franz\AppData\Local\CrashDumps
2013-06-20 15:32 - 2013-06-20 15:30 - 00000000 ____D C:\Users\Franz\Downloads\iPhone
2013-06-20 15:30 - 2013-06-20 15:29 - 00000000 ____D C:\Users\Franz\Downloads\World of Tanks
2013-06-20 15:27 - 2013-06-20 15:17 - 00000000 ____D C:\ProgramData\Logitech
2013-06-20 15:27 - 2013-06-20 15:17 - 00000000 ____D C:\ProgramData\Logishrd
2013-06-20 15:27 - 2013-06-20 14:50 - 00000000 ____D C:\ProgramData\DriverGenius
2013-06-20 15:25 - 2013-06-20 15:25 - 00000000 ____D C:\Users\Franz\Intel
2013-06-20 15:25 - 2013-06-20 15:14 - 00000000 ____D C:\Program Files\Intel
2013-06-20 15:24 - 2013-06-20 15:24 - 00000000 ____A C:\Windows\SysWOW64\agent.log
2013-06-20 15:22 - 2013-06-20 15:22 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2013-06-20 15:18 - 2013-06-20 15:18 - 00018960 ____A (Logitech, Inc.) C:\Windows\System32\Drivers\LNonPnP.sys
2013-06-20 15:18 - 2013-06-20 15:18 - 00000000 ____D C:\Users\Public\Documents\Logishrd
2013-06-20 15:18 - 2013-06-20 15:18 - 00000000 ____D C:\Users\Franz\AppData\Roaming\Leadertech
2013-06-20 15:18 - 2013-06-20 15:16 - 00000000 ____D C:\Users\Franz\AppData\Roaming\Logitech
2013-06-20 15:18 - 2013-05-11 15:20 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-06-20 15:18 - 2013-05-11 15:20 - 00000000 ____D C:\Program Files (x86)\REALTEK
2013-06-20 15:16 - 2013-06-20 15:16 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-06-20 15:16 - 2013-06-20 15:16 - 00000000 ____D C:\Users\Franz\AppData\Roaming\Logishrd
2013-06-20 15:16 - 2013-06-20 15:16 - 00000000 ____D C:\Program Files\Realtek
2013-06-20 14:48 - 2013-06-20 14:48 - 00001207 ____A C:\Users\Franz\Desktop\Driver Genius.lnk
2013-06-20 14:48 - 2013-06-20 14:48 - 00000000 ____D C:\Program Files (x86)\Driver-Soft
2013-06-20 13:55 - 2013-06-17 15:45 - 00000000 ____D C:\Users\Franz\AppData\Roaming\Feed The Beast
2013-06-20 08:02 - 2009-07-14 06:45 - 00299040 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-19 20:35 - 2013-05-22 14:28 - 00000080 ____A C:\Windows\System32\Drivers\etc\hosts.umbrella
2013-06-19 20:26 - 2013-05-22 14:28 - 00000284 ____A C:\Users\Franz\umbrella0.log
2013-06-19 20:08 - 2013-06-19 14:28 - 00000000 ____D C:\Users\Franz\AppData\Roaming\redsn0w
2013-06-19 19:18 - 2013-05-11 15:30 - 00065616 ____A C:\Users\Franz\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-19 18:47 - 2013-06-19 18:47 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-19 18:47 - 2013-06-19 18:47 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-19 18:47 - 2013-06-19 18:47 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-19 18:47 - 2013-06-19 18:47 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-19 18:47 - 2013-05-11 17:03 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-19 18:47 - 2013-05-11 17:03 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-19 18:47 - 2013-05-11 17:02 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-19 15:25 - 2013-06-19 15:25 - 00001636 ____A C:\Users\Public\Desktop\World of Tanks (XVM).lnk
2013-06-19 13:25 - 2013-06-19 13:25 - 00007605 ____A C:\Users\Franz\AppData\Local\Resmon.ResmonCfg
2013-06-19 13:06 - 2013-05-11 17:15 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-06-19 13:06 - 2013-05-11 17:15 - 00000000 ____D C:\ProgramData\Skype
2013-06-19 12:51 - 2013-06-18 21:03 - 00000000 ____D C:\ProgramData\HitmanPro
2013-06-19 12:43 - 2013-06-19 12:43 - 00000000 ____D C:\Program Files\HitmanPro
2013-06-18 20:17 - 2013-06-18 20:13 - 00008192 ____A C:\Users\Franz\Documents\Kombilon Sporttag 2013 RHS Klasse 7d.xls
2013-06-18 19:45 - 2013-06-18 19:45 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-18 19:45 - 2013-06-18 19:45 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-18 19:45 - 2013-06-18 19:44 - 00000000 ____D C:\Users\Franz\AppData\Local\Adobe
2013-06-18 19:45 - 2013-05-11 15:45 - 00000000 ____D C:\Users\Franz\AppData\Roaming\CheckPoint
2013-06-18 18:37 - 2011-04-12 09:43 - 00654966 ____A C:\Windows\System32\perfh007.dat
2013-06-18 18:37 - 2011-04-12 09:43 - 00130336 ____A C:\Windows\System32\perfc007.dat
2013-06-18 18:37 - 2009-07-14 07:13 - 01522408 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-18 17:17 - 2013-05-31 20:13 - 00000000 ____D C:\Users\Franz\AppData\Roaming\TS3Client
2013-06-18 17:16 - 2013-05-11 16:04 - 00000000 ____D C:\Windows\Panther
2013-06-18 17:14 - 2013-05-11 17:03 - 00000822 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-06-18 17:14 - 2013-05-11 17:03 - 00000000 ____D C:\Program Files\CCleaner
2013-06-18 16:27 - 2013-06-18 16:27 - 00000000 ____D C:\Users\Franz\AppData\Roaming\Malwarebytes
2013-06-18 16:26 - 2013-06-18 16:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-18 13:30 - 2013-06-18 13:24 - 00000000 ____D C:\Qoobox
2013-06-18 13:29 - 2013-06-18 13:24 - 00000000 ____D C:\Windows\erdnt
2013-06-18 13:29 - 2009-07-14 04:34 - 00000215 ____A C:\Windows\system.ini
2013-06-18 13:22 - 2013-06-18 13:19 - 05081021 ___RA (Swearware) C:\Users\Franz\Desktop\ComboFix.exe
2013-06-17 20:55 - 2013-06-17 20:55 - 00000000 ___AH C:\Users\Franz\Documents\Default.rdp
2013-06-17 16:39 - 2013-06-17 16:39 - 00000000 ____A C:\Users\Franz\defogger_reenable
2013-06-17 15:55 - 2013-06-17 15:45 - 00000000 ____D C:\Users\Franz\AppData\Roaming\ftblauncher
2013-06-16 19:48 - 2013-06-16 19:48 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2013-06-16 19:48 - 2013-06-16 19:48 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2013-06-16 19:48 - 2013-06-16 19:48 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-06-16 19:48 - 2013-05-11 15:28 - 00000000 ____D C:\ProgramData\AMD
2013-06-16 19:47 - 2013-06-16 19:47 - 00000000 ____D C:\Program Files\ATI Technologies
2013-06-16 19:21 - 2013-05-11 15:14 - 00000000 ____D C:\Users\Franz\AppData\Local\VirtualStore
2013-06-15 17:05 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-13 07:48 - 2013-05-11 18:35 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-12 20:45 - 2013-05-11 17:23 - 00000000 ____D C:\Users\Franz\AppData\Roaming\Tunngle
2013-06-12 20:43 - 2013-05-23 19:42 - 00003584 ____A C:\Users\Franz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-12 20:40 - 2013-05-11 17:23 - 00000000 ____D C:\ProgramData\Tunngle
2013-06-11 16:55 - 2013-06-09 18:47 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-06-11 16:55 - 2013-06-09 18:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-06-09 19:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-06-09 18:50 - 2013-06-09 18:50 - 00001783 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-09 18:50 - 2013-06-09 18:50 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-09 18:50 - 2013-06-09 18:50 - 00000000 ____D C:\Program Files\iTunes
2013-06-09 18:50 - 2013-06-09 18:50 - 00000000 ____D C:\Program Files\iPod
2013-06-09 18:50 - 2013-06-09 18:50 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-08 17:55 - 2013-06-08 17:54 - 00000000 ____D C:\Users\Franz\Documents\3DMark 11
2013-06-08 17:54 - 2013-06-08 17:54 - 00000000 ____D C:\Users\Franz\AppData\Local\Futuremark
2013-06-08 17:29 - 2013-06-02 14:51 - 00000000 ____D C:\Users\Franz\Desktop\Jakob
2013-06-08 16:08 - 2013-06-15 12:47 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-15 12:47 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-15 12:47 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-15 12:47 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-15 12:47 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 15:12 - 2013-05-26 16:25 - 00000000 ____D C:\Users\Franz\Desktop\Javaprogramme
2013-06-08 15:06 - 2013-06-08 15:06 - 00000997 ____A C:\Users\Franz\Desktop\eclipse.exe - Verknüpfung.lnk
2013-06-08 15:06 - 2013-06-08 15:05 - 00000000 ____D C:\Program Files\Eclipse
2013-06-08 14:28 - 2013-06-15 12:47 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-15 12:47 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-15 12:47 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-15 12:47 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-15 12:47 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-15 12:47 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:13 - 2013-06-15 12:47 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-02 16:11 - 2013-05-12 10:05 - 00000000 ____D C:\Users\Franz\Desktop\Bukkit Server
2013-05-30 18:53 - 2013-05-11 15:41 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-05-30 18:53 - 2013-05-11 15:41 - 00000000 ____D C:\Games
2013-05-28 19:25 - 2013-05-11 16:32 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2013-05-28 19:23 - 2013-05-28 19:23 - 00001922 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-05-28 17:26 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-05-27 20:36 - 2013-05-27 20:36 - 00000037 ___SH C:\Users\Franz\AppData\Local\70149b02515b3bb20dd492.47983420
2013-05-27 20:36 - 2013-05-27 20:36 - 00000000 ____D C:\Users\Franz\AppData\Local\MetaGeek,_LLC
2013-05-27 20:36 - 2013-05-27 20:36 - 00000000 ____D C:\Users\Franz\AppData\Local\IsolatedStorage
2013-05-27 17:58 - 2013-05-27 17:57 - 00000000 ____D C:\Users\Franz\AppData\Roaming\Ultimate
2013-05-27 17:53 - 2013-05-27 17:53 - 00510899 ____A () C:\Users\Franz\Desktop\FTB_Launcher.exe
2013-05-26 16:23 - 2013-05-22 20:55 - 00000000 ____D C:\Program Files\Java
2013-05-25 18:15 - 2013-05-12 10:29 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-05-23 19:33 - 2013-05-23 19:33 - 00000824 ____A C:\Users\Franz\Documents\hosts.txt
2013-05-23 15:43 - 2013-05-23 15:43 - 00000688 ____A C:\Users\Franz\Desktop\ANNO 2070 DEMO - Verknüpfung.lnk
2013-05-22 20:55 - 2013-05-22 20:55 - 01092512 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2013-05-22 20:55 - 2013-05-22 20:55 - 00971680 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2013-05-22 20:55 - 2013-05-22 20:55 - 00311200 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-05-22 20:55 - 2013-05-22 20:55 - 00188832 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-05-22 20:55 - 2013-05-22 20:55 - 00188320 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-05-22 20:55 - 2013-05-22 20:55 - 00108448 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
2013-05-22 20:43 - 2013-05-22 20:43 - 00000000 ____D C:\Users\Franz\Documents\ANNO 2070 Demo
2013-05-22 20:06 - 2013-05-22 20:06 - 00000000 ____D C:\Users\Franz\AppData\Roaming\Ubisoft
2013-05-22 20:04 - 2013-05-22 20:04 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-05-22 17:22 - 2013-05-22 17:22 - 00263186 ____A C:\Users\Franz\Desktop\minecraft.exe
2013-05-22 17:05 - 2013-05-12 11:21 - 00000000 ____D C:\Users\Franz\Documents\Camtasia Studio
2013-05-22 14:29 - 2013-05-22 14:28 - 00000000 ____D C:\Users\Franz\.shsh
2013-05-22 14:24 - 2013-05-15 20:29 - 00000000 ____D C:\ProgramData\PMB Files
2013-05-22 13:58 - 2013-05-22 13:58 - 00000000 ____D C:\Users\Franz\AppData\Roaming\LolClient
2013-05-22 13:18 - 2013-05-22 11:39 - 00000000 ____D C:\Users\Franz\Documents\World of Tanks Mod
2013-05-22 11:17 - 2013-05-11 16:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-06-15 12:25
==================== End Of Log ============================ --- --- ---
--- --- ---
Addition: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-06-2013 02
Ran by Franz at 2013-06-21 20:47:31 Run:
Running from C:\Users\Franz\Downloads
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328)
AMD Catalyst Install Manager (Version: 8.0.911.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.80328.2204)
ANNO 2070 DEMO (Version: 1.0.0.0)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Asmedia ASM106x SATA Host Controller Driver (Version: 1.3.4.001)
avast! Free Antivirus (Version: 8.0.1489.0)
Blender (Version: 2.67)
Bonjour (Version: 3.0.0.10)
Camtasia Studio 8 (Version: 8.0.4.1060)
Catalyst Control Center InstallProxy (Version: 2013.0328.2218.38225)
CCleaner (Version: 4.02)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
D3DX10 (Version: 15.4.2368.0902)
diclovit's mod pack 1.4.97b (Version: 1.4.97b)
Dokan Library 0.6.0
Driver Genius (Version: 12.0)
eReg (Version: 1.20.138.34)
Fotogalerie (Version: 16.4.3508.0205)
Fraps (remove only)
GIMP 2.8.4 (Version: 2.8.4)
Intel(R) Manageability Engine Firmware Recovery Agent (Version: 1.0.0.36943)
Intel(R) Management Engine Components (Version: 9.5.0.1428)
Intel(R) Rapid Storage Technology (Version: 12.5.0.1066)
Intel(R) Smart Connect Technology 4.1 x64 (Version: 4.1.40.2143)
Intel(R) USB 3.0 eXtensible Host Controller Driver (Version: 1.0.5.235)
Intel® Trusted Connect Service Client (Version: 1.27.798.1)
iTunes (Version: 11.0.4.4)
Java 7 Update 21 (64-bit) (Version: 7.0.210)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Java SE Development Kit 7 Update 21 (64-bit) (Version: 1.7.0.210)
Junk Mail filter update (Version: 16.4.3508.0205)
League of Legends (Version: 1.3)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Movie Maker (Version: 16.4.3508.0205)
Mozilla Firefox 21.0 (x86 de) (Version: 21.0)
Mozilla Maintenance Service (Version: 21.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
Need For Speed™ World (Version: 1.0.0.1509)
OpenOffice.org 3.4.1 (Version: 3.41.9593)
Pando Media Booster (Version: 2.6.0.9)
Photo Common (Version: 16.4.3508.0205)
Photo Gallery (Version: 16.4.3508.0205)
QuickTime (Version: 7.74.80.86)
Realtek Ethernet Controller Driver (Version: 7.72.410.2013)
Realtek High Definition Audio Driver (Version: 6.0.1.6873)
REALTEK Wireless LAN Driver and Utility (Version: 1.00.0187)
Scratch (Version: 1.4.0.0)
SHARKOON Skiller (Version: 1.00.0000)
Skype™ 6.5 (Version: 6.5.158)
TeamSpeak 3 Client (Version: 3.0.10)
Theme Resource Changer X64 v1.0
Tunngle beta
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
UxStyle Core Beta (Version: 0.2.1.1)
Windows Live Communications Platform (Version: 16.4.3508.0205)
Windows Live Essentials (Version: 16.4.3508.0205)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3508.0205)
Windows Live Mail (Version: 16.4.3508.0205)
Windows Live MIME IFilter (Version: 16.4.3508.0205)
Windows Live Photo Common (Version: 16.4.3508.0205)
Windows Live PIMT Platform (Version: 16.4.3508.0205)
Windows Live SOXE (Version: 16.4.3508.0205)
Windows Live SOXE Definitions (Version: 16.4.3508.0205)
Windows Live UX Platform (Version: 16.4.3508.0205)
Windows Live UX Platform Language Pack (Version: 16.4.3508.0205)
Windows Live Writer (Version: 16.4.3508.0205)
Windows Live Writer Resources (Version: 16.4.3508.0205)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
World of Tanks - Common Test
==================== Restore Points =========================
19-06-2013 16:47:03 Installed Java 7 Update 25
20-06-2013 06:32:29 Installiert REALTEK 11n USB Wireless LAN Software
20-06-2013 13:11:23 Vor der Installation neuer Treiber - 20.06.2013 15:11:21
20-06-2013 13:18:48 Installiert Realtek Ethernet Controller Driver
20-06-2013 13:25:24 IIF_MSI
==================== Hosts content: ==========================
74.208.10.249 gs.apple.com
#
127.0.0.1 localhost
#127.0.0.1 gs.apple.com
==================== Scheduled Tasks (whitelisted) =============
Task: {297EBA42-9B07-4581-A4F7-1C779A150C77} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {379887CE-C021-4CE8-8000-7424FCF1B99D} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => C:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {4A546EFC-4542-402B-B93A-76CC0781C741} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {7C12D053-236F-4D21-A940-FE40A0EEFA1D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {820B5241-9180-48BB-87F9-EC67D53827BA} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {845B5EBB-B9E5-439E-B679-8ACBBD2F0167} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd)
Task: {9562CB44-2DC5-4C3F-9DA2-47B903EF4E27} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {9A70DDE6-591A-4392-9A35-37797F75147C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-18] (Adobe Systems Incorporated)
Task: {9F0244A2-706D-4DB0-B1B4-F6293E72313F} - System32\Tasks\{2730BA17-B9EF-4A64-939B-57B83988A00E} => C:\Users\Franz\Desktop\Minecraft.exe [2013-05-22] ()
Task: {FA6FAA82-A884-4602-9711-B90A5DD04525} - System32\Tasks\{EE5870DA-A2F3-490C-A4C1-AA063F3DC24E} => C:\Users\Franz\Desktop\Minecraft.exe [2013-05-22] ()
==================== Faulty Device Manager Devices =============
Name: avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/21/2013 08:42:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/21/2013 02:33:04 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/21/2013 00:07:54 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/20/2013 07:46:41 PM) (Source: ISCTAgent) (User: )
Description: ISCT - RegRestoreDefaults OEM defaults do not exist, use Intel defaults.
Error: (06/20/2013 07:40:04 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/20/2013 03:37:25 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/20/2013 03:36:22 PM) (Source: Windows Search Service) (User: )
Description: Der Index kann nicht initialisiert werden.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (06/20/2013 03:36:22 PM) (Source: Windows Search Service) (User: )
Description: Die Anwendung kann nicht initialisiert werden.
Kontext: Windows Anwendung
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (06/20/2013 03:36:22 PM) (Source: Windows Search Service) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (06/20/2013 03:36:22 PM) (Source: Windows Search Service) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490)
System errors:
=============
Error: (06/20/2013 03:36:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/20/2013 03:36:48 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.
Error: (06/20/2013 03:36:45 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/20/2013 03:36:45 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.
Error: (06/20/2013 03:36:42 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/20/2013 03:36:42 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.
Error: (06/20/2013 03:36:30 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/20/2013 03:36:30 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.
Error: (06/20/2013 03:36:27 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/20/2013 03:36:27 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.
Microsoft Office Sessions:
=========================
Error: (06/21/2013 08:42:58 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/21/2013 02:33:04 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/21/2013 00:07:54 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/20/2013 07:46:41 PM) (Source: ISCTAgent)(User: )
Description: ISCT - RegRestoreDefaults OEM defaults do not exist, use Intel defaults.
Error: (06/20/2013 07:40:04 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/20/2013 03:37:25 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/20/2013 03:36:22 PM) (Source: Windows Search Service)(User: )
Description:
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (06/20/2013 03:36:22 PM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (06/20/2013 03:36:22 PM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (06/20/2013 03:36:22 PM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer
CodeIntegrity Errors:
===================================
Date: 2013-06-18 18:55:49.504
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-18 16:24:38.880
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-18 13:30:47.626
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-18 13:28:41.890
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-06-18 13:28:41.859
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-06-18 13:22:43.668
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-17 20:55:51.943
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-17 18:55:16.978
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-17 18:40:02.561
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-17 18:14:10.841
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 30%
Total physical RAM: 8135.76 MB
Available physical RAM: 5617.36 MB
Total Pagefile: 16269.7 MB
Available Pagefile: 13532.93 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:852.54 GB) (Free:654.79 GB) NTFS (Disk=0 Partition=2)
Drive d: (Volume) (Fixed) (Total:78.87 GB) (Free:78.68 GB) NTFS (Disk=0 Partition=3)
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 740A6474)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=853 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=79 GB) - (Type=07 NTFS)
==================== End Of Log ============================ Driver Genius habe ich Deinstalliert. Ich habe das Programm nur mal gebraucht um zu sehen welche Treiber aktuell/nicht aktuell sind. |