| |
| |||||||
Log-Analyse und Auswertung: Ständiger befall von viren oder malewareWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
02.10.2013, 12:45
| #1 |
 |  Ständiger befall von viren oder maleware Hallo, seit etwa 4 Wochen habe ich stetige Probleme durch o.g. Thema. Ich kam auf diese seite wegen des gleichen problem eines mitleidenen. ich las viel und lud viel herunter, um eigenständig abhilfe zu schaffen. kurz zur historie: *ständiger viren oder und malwarebefall *windows repair schaffte anfangs abhilfe, allerdings wurde es dann wieder schlimmer mit viren etc, sodass ich windows repair mehrfach in abständen laufen lies und die reparaturzeit sich deutlich verlängerte. also etwa scheint da im argen zu sein. *tastatur und touchpadausfälle (werden immer mehr) *unerwartes herunterfahren von windows (bisher 2x) *lüfter läuft sehr sehr oft auf hochtouren, die ram auslastung liegt knapp unter 3gb und es sind keine programme geöffnet (es stehen mir 8gb ram zur verfügung) *ausfall easy display manager über alle Fn funktionen (ich löschte easy display manager, da ich keinen aktuellen treiber finden konnte und lud mir ein neues programm herunter. leider waren da viele schädliche links o.ä. drin und funktioniert hat es auch nicht) *wenn ich meinen mauszeiger bewege, springt sehr oft die bildscrolleiste hin und her, also der angezeigte inhalt liest sich nicht mehr bei x ab, sondern verrutscht auf y (3-4cm nach oben oder unten) oder/und es werden einfach teile der ansicht markiert (blau eingefärbt) *viele programme zur abhilfe heruntergeladen -malewarebytes (leider fehlen mir vom anfang der probleme die logfiles, über 800 infizierungen) -spybot -advanced system opt -ccleaner -spywareblaster -adwcleaner -Regclean pro -Roguekiller Meine rechnerinformationen: samsung r540 windows 7 64bit 8gb ram core i3 cpu m350 2,27 ghz ich hoffe sehr, dass mir jemand schnell helfen kann, da ich kurz davor bin, das laptop an die wand zu schmeißen. habe sicherlich, meist unwissend, alles selbst verursacht, erbitte dennoch um unterstützung von experten. Ich hoffe hier keine anwenderfehler gemacht zu haben. wenn doch, dann bitte mitteilen, damit ich es ändern kann. vielen dank und gruß sven |
|
02.10.2013, 13:23
| #2 |
| /// the machine /// TB-Ausbilder    | Ständiger befall von viren oder maleware Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
02.10.2013, 14:57
| #3 |
| | Ständiger befall von viren oder maleware hallo schrauber,
__________________danke danke für die zügige antwort. da du nicht geschrieben hast, dass ich zukünftig die files anderweitig posten soll, hatte ich vor das eben zu machen. habe die vorgehensweise verstanden, jedoch sind alle code zu lang. ich probiere es einzeln: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 10:06 on 02/10/2013 (sven)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-09-2013 02
Ran by sven at 2013-10-02 10:09:35
Running from C:\Users\sven\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
64 Bit HP CIO Components Installer (Version: 13.2.1)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.175)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Reader XI (11.0.04) - Deutsch (x32 Version: 11.0.04)
Advanced System Optimizer (x32 Version: 3.5.1000.15564)
Alcor Micro USB Card Reader Driver (x32 Version: 3.1.45.72435)
ALPS Touch Pad Driver (Version: 8.201.1711.120)
Atheros Client Installation Program (x32 Version: 1.0.2.1119)
ATI Catalyst Install Manager (Version: 3.0.774.0)
Bluetooth Stack for Windows by Toshiba (Version: v7.00.05(D))
Broadcom 802.11 Network Adapter (Version: 5.60.48.44)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Core Implementation (x32 Version: 2010.0504.2152.37420)
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0504.2152.37420)
Catalyst Control Center Graphics Full New (x32 Version: 2010.0504.2152.37420)
Catalyst Control Center Graphics Light (x32 Version: 2010.0504.2152.37420)
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0504.2152.37420)
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0504.2152.37420)
Catalyst Control Center InstallProxy (x32 Version: 2010.0504.2152.37420)
Catalyst Control Center Localization All (x32 Version: 2010.0504.2152.37420)
CCC Help Chinese Standard (x32 Version: 2010.0504.2151.37420)
CCC Help Chinese Traditional (x32 Version: 2010.0504.2151.37420)
CCC Help Czech (x32 Version: 2010.0504.2151.37420)
CCC Help Danish (x32 Version: 2010.0504.2151.37420)
CCC Help Dutch (x32 Version: 2010.0504.2151.37420)
CCC Help English (x32 Version: 2010.0504.2151.37420)
CCC Help Finnish (x32 Version: 2010.0504.2151.37420)
CCC Help French (x32 Version: 2010.0504.2151.37420)
CCC Help German (x32 Version: 2010.0504.2151.37420)
CCC Help Greek (x32 Version: 2010.0504.2151.37420)
CCC Help Hungarian (x32 Version: 2010.0504.2151.37420)
CCC Help Italian (x32 Version: 2010.0504.2151.37420)
CCC Help Japanese (x32 Version: 2010.0504.2151.37420)
CCC Help Korean (x32 Version: 2010.0504.2151.37420)
CCC Help Norwegian (x32 Version: 2010.0504.2151.37420)
CCC Help Polish (x32 Version: 2010.0504.2151.37420)
CCC Help Portuguese (x32 Version: 2010.0504.2151.37420)
CCC Help Russian (x32 Version: 2010.0504.2151.37420)
CCC Help Spanish (x32 Version: 2010.0504.2151.37420)
CCC Help Swedish (x32 Version: 2010.0504.2151.37420)
CCC Help Thai (x32 Version: 2010.0504.2151.37420)
CCC Help Turkish (x32 Version: 2010.0504.2151.37420)
ccc-core-static (x32 Version: 2010.0504.2152.37420)
ccc-utility64 (Version: 2010.0504.2152.37420)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition
DriverDoc (x32 Version: 1.52.1086.14425)
Easy Content Share (x32 Version: 1.0.0.13)
Easy Network Manager (x32 Version: 4.3.1)
EasyBatteryManager (x32 Version: 4.0.0.4)
EasyFileShare (x32 Version: 1.0.3)
ETDWare PS/2-x64 7.0.7.0_WHQL (Version: 7.0.7.0)
Google Chrome (x32 Version: 29.0.1547.76)
Intel(R) Rapid Storage Technology (x32 Version: 9.6.3.1001)
Intel(R) Turbo Boost Technology Driver (x32 Version: 01.02.00.1002)
Java 7 Update 40 (x32 Version: 7.0.400)
Java Auto Updater (x32 Version: 2.1.9.8)
Junk Mail filter update (x32 Version: 14.0.8089.726)
Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190)
Lenovo_Wireless_Driver (x32 Version: 10.0.0.251)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Marvell Miniport Driver (x32 Version: 11.22.3.3)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1)
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1)
MSVC80_x64_v2 (Version: 1.0.3.0)
MSVC80_x86_v2 (x32 Version: 1.0.3.0)
MSVC90_x64 (Version: 1.0.1.2)
MSVC90_x86 (x32 Version: 1.0.1.2)
MSVCRT (x32 Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
Nokia Connectivity Cable Driver (x32 Version: 7.1.172.0)
Nokia Suite (x32 Version: 3.8.30.0)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017)
PC Connectivity Solution (x32 Version: 12.0.109.0)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.7026)
REALTEK Wireless LAN Software (x32 Version: 0133.09.1202)
Samsung Recovery Solution 4 (x32 Version: 4.0.0.6)
Samsung Support Center (x32 Version: 1.0.2)
Samsung Update Plus (x32 Version: 2.0)
Spybot - Search & Destroy (x32 Version: 2.1.19)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.110)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.110)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 10.0.4300.9)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition
Update for Microsoft Access 2013 (KB2752093) 64-Bit Edition
Update for Microsoft Access 2013 (KB2760350) 64-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2817621) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553157) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589370) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760758) 64-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition
Update for Microsoft Office 2013 (KB2737954) 64-Bit Edition
Update for Microsoft Office 2013 (KB2752025) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760533) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760538) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition
Update for Microsoft Office 2013 (KB2767851) 64-Bit Edition
Update for Microsoft Office 2013 (KB2767860) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817311) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817493) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817624) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817630) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817632) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition
Update for Microsoft OneNote 2013 (KB2768011) 64-Bit Edition
Update for Microsoft OneNote 2013 (KB2817467) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition
Update for Microsoft Outlook 2013 (KB2825632) 64-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2726947) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2810006) 64-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition
Update for Microsoft SkyDrive Pro (KB2817622) 64-Bit Edition
Update for Microsoft Visio 2013 (KB2810008) 64-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition
Update for Microsoft Word 2013 (KB2767863) 64-Bit Edition
Update for Microsoft Word 2013 (KB2817308) 64-Bit Edition
Update for Microsoft Word 2013 (KB2817627) 64-Bit Edition
Windows Live Anmelde-Assistent (x32 Version: 5.000.818.5)
Windows Live Call (x32 Version: 14.0.8064.0206)
Windows Live Communications Platform (x32 Version: 14.0.8064.206)
Windows Live Essentials (x32 Version: 14.0.8089.0726)
Windows Live Essentials (x32 Version: 14.0.8089.726)
Windows Live Family Safety (Version: 14.0.8093.805)
Windows Live Fotogalerie (x32 Version: 14.0.8081.709)
Windows Live Mail (x32 Version: 14.0.8089.0726)
Windows Live Movie Maker (x32 Version: 14.0.8091.0730)
Windows Live Sync (x32 Version: 14.0.8089.726)
Windows Live Writer (x32 Version: 14.0.8089.0726)
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)
WinRAR 5.00 (64-Bit) (Version: 5.00.0)
WinSweeper 2.1 (x32)
Yahoo Community Smartbar (x32 Version: 1.6.1.960)
==================== Restore Points =========================
01-10-2013 07:44:08 RegClean Pro Di, Okt 01, 13 09:44
01-10-2013 08:36:17 Windows Update
01-10-2013 09:58:17 RegClean Pro Di, Okt 01, 13 11:58
01-10-2013 09:59:17 Windows Update
01-10-2013 18:45:19 Advanced System Optimizer
01-10-2013 22:15:54 Removed Easy Display Manager
02-10-2013 06:02:56 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2013-09-30 23:40 - 00447847 ___RC C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
Task: {0A68F25B-A6AC-43D2-A54E-D7FE643F748B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-20] (Adobe Systems Incorporated)
Task: {10F403CC-ADB0-4BC6-A056-D9F4B7433A5D} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {1A3BEC78-DA33-4A69-8F2F-E9403F937A67} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-11] (Google Inc.)
Task: {3145F3D6-7975-4A41-A2B7-938DA4E9B02D} - \KMS Activation No Task File
Task: {333500DC-31B9-45DB-8500-BDDCC643D1D9} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2013-09-09] (TuneUp Software)
Task: {44AD8C67-EA32-4C7A-84B9-C34EB1ABFDE0} - System32\Tasks\{22116563-108C-42c0-A7CE-60161B75E508} => C:\Users\sven\AppData\Local\Temp\Ezd.exe
Task: {47AAE8F8-7CC3-478F-9A9C-FA9A23A2E421} - \RegClean Pro_UPDATES No Task File
Task: {5423B513-2115-43F3-B630-A3471DA6CE45} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\Schutzprogramme für Laptop\RegClean Pro\RegCleanPro.exe [2013-05-27] (Systweak Inc)
Task: {59B0775A-02D9-42C8-A3C4-0E2A1A8AA219} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {828FE6EC-A65D-4B59-BC45-A40D80C36FEA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {8813E5D3-87AE-4768-B14F-387BD05ACF8D} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2010-05-06] (SAMSUNG Electronics)
Task: {8B76FA2E-4549-4CB9-BA76-CDA3D748B45E} - System32\Tasks\DriverDoc_UPDATES => C:\Program Files (x86)\DriverDoc\Solvusoftdd.exe [2012-10-05] (Solvusoft Corporation)
Task: {A9882739-F5BE-47CA-BFEC-D82F6D4BE14A} - System32\Tasks\{FE23F9A7-C338-4989-8411-369E7B52118C} => Firefox.exe
Task: {A9ED7B61-CFCF-4334-BCC2-0B463C9B47BD} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {AF12AED5-538C-47C6-B30B-B707939C0158} - System32\Tasks\DriverDoc => C:\Program Files (x86)\DriverDoc\Solvusoftdd.exe [2012-10-05] (Solvusoft Corporation)
Task: {B3038D87-CE94-422A-9FDC-9D893BB5CEE3} - System32\Tasks\advSRS4 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-19] (SEC)
Task: {B43304E7-5E04-40AB-B705-D07112433191} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-11] (Google Inc.)
Task: {BE40BEA1-26F2-4A2C-90C8-9E9773E3E855} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {C8769916-24F5-44DA-9565-13DFF90A526C} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2011-04-16] (Microsoft Corporation)
Task: {CD819A81-4C92-4F0E-9242-D3431D89ACF4} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2010-02-10] (Samsung Electronics Co., Ltd.)
Task: {CE984D77-4499-46E4-8D95-4D521EABB359} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2011-04-16] (Microsoft Corporation)
Task: {D2C0893F-714E-4D22-8B37-D0D1FB37BD8A} - System32\Tasks\ASO-AutoCheckUpdate7Days => C:\Program Files (x86)\Advanced System Optimizer 3\CheckUpdate.exe [2013-09-18] (Systweak Software, (www.systweak.com))
Task: {D55BC9ED-1155-471B-9E39-48AFB785E52F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {D774F9DD-6A0C-478D-A6E1-DF1734E28C67} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe
Task: {E1B059D5-3C0F-462A-8E0D-2A580C272C7C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe
Task: {ED51F30A-ADA4-4467-903D-A2D1629D90EE} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {EEA936E1-5087-497A-B0ED-6C2E5F7AA0DA} - \BrowserDefendert No Task File
Task: {EF5A47B0-F096-42EC-8A34-8F7EC799E46B} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2011 => C:\Program Files (x86)\TuneUp Utilities 2011\OneClick.exe
Task: {F6774785-44AA-43BD-B368-36326BB3E06B} - System32\Tasks\ASO-OneClickCare => C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe [2013-09-18] (Systweak Software, (www.systweak.com))
Task: {F7221A6F-C2FB-4A02-A655-E99FB494FD90} - System32\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A} => C:\Users\sven\AppData\Local\Temp\Eze.exe
Task: {F9CE13F9-8BA6-4A7A-9512-FC0F318C1BB5} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-03-29] (SAMSUNG Electronics co., LTD.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ASO-AutoCheckUpdate7Days.job => C:\Program Files (x86)\Advanced System Optimizer 3\CheckUpdate.exe
Task: C:\Windows\Tasks\ASO-OneClickCare.job => C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe
Task: C:\Windows\Tasks\DriverDoc.job => C:\Program Files (x86)\DriverDoc\Solvusoftdd.exe
Task: C:\Windows\Tasks\DriverDoc_UPDATES.job => C:\Program Files (x86)\DriverDoc\Solvusoftdd.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2011-03-17 00:07 - 2011-03-17 00:07 - 04297568 ____C () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-08-17 22:39 - 2013-01-19 19:41 - 01310136 ____C () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll
2013-09-30 23:30 - 2013-05-16 10:55 - 00113496 ____C () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-09-30 23:30 - 2013-05-16 10:55 - 00416600 ____C () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-09-30 23:30 - 2013-05-16 10:55 - 00161112 ____C () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-09-30 23:30 - 2012-08-23 10:38 - 00574840 ____C () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-09-30 23:30 - 2012-04-03 17:06 - 00565640 ____C () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-09-10 23:01 - 2013-07-15 19:29 - 00620718 ____C () C:\Program Files (x86)\Schutzprogramme für Laptop\WinPatrol\sqlite3.dll
2012-08-17 22:38 - 2012-08-17 22:38 - 00479160 ____C () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
2011-03-17 00:11 - 2011-03-17 00:11 - 04297568 ____C () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-09-18 20:38 - 2013-09-17 05:20 - 00709584 ____C () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\libglesv2.dll
2013-09-18 20:38 - 2013-09-17 05:20 - 00099792 ____C () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\libegl.dll
2013-09-18 20:38 - 2013-09-17 05:21 - 04053456 ____C () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll
2013-09-18 20:38 - 2013-09-17 05:21 - 00410576 ____C () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
2013-09-18 20:38 - 2013-09-17 05:20 - 01604560 ____C () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
AlternateDataStreams: C:\ProgramData\TEMP:DBC416F8
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/02/2013 09:42:10 AM) (Source: ESENT) (User: )
Description: taskhost (2780) WebCacheLocal: Fehler -1811 beim Öffnen von Protokolldatei C:\Users\sven\AppData\Local\Microsoft\Windows\WebCache\V0100004.log.
Error: (10/02/2013 00:36:15 AM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073418220
Error: (10/02/2013 00:19:02 AM) (Source: MsiInstaller) (User: audia3)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\GoogleUpdateHelper.msi
Error: (10/01/2013 07:24:02 AM) (Source: ESENT) (User: )
Description: taskhost (1936) WebCacheLocal: Fehler -1811 beim Öffnen von Protokolldatei C:\Users\sven\AppData\Local\Microsoft\Windows\WebCache\V0100002.log.
Error: (10/01/2013 03:00:22 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Spyware Terminator Driver Filter.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (10/01/2013 00:54:07 AM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073418220
Error: (09/30/2013 11:21:11 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: FEShlExt.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000c5a3de0
ID des fehlerhaften Prozesses: 0xb4c
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Error: (09/30/2013 06:40:13 PM) (Source: Office Software Protection Platform Service) (User: )
Description: Acquisition of End User License failed. hr=0xC004C032
Sku Id=8c5fa740-5dca-43f9-be1b-d0281bcf9779
Error: (09/30/2013 06:40:13 PM) (Source: Office Software Protection Platform Service) (User: )
Description: License acquisition failure details.
hr=0xC004C032
Error: (09/30/2013 06:40:03 PM) (Source: Office Software Protection Platform Service) (User: )
Description: Acquisition of End User License failed. hr=0xC004C032
Sku Id=8c5fa740-5dca-43f9-be1b-d0281bcf9779
System errors:
=============
Error: (10/02/2013 09:45:05 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
%%126
Error: (10/02/2013 09:43:16 AM) (Source: NetBT) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.21
registriert werden. Der Computer mit IP-Adresse 192.168.178.1 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (10/02/2013 09:41:37 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 02.10.2013 um 09:36:31 unerwartet heruntergefahren.
Error: (10/02/2013 09:41:19 AM) (Source: Application Popup) (User: )
Description: Fehler [DATABASE OPEN FAILED] beim Verarbeiten der Treiberdatenbank.
Error: (10/02/2013 09:41:19 AM) (Source: Application Popup) (User: )
Description: Fehler [DATABASE NOT LOADED] beim Verarbeiten der Treiberdatenbank.
Error: (10/02/2013 09:34:02 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 02.10.2013 um 09:33:15 unerwartet heruntergefahren.
Error: (10/02/2013 09:33:44 AM) (Source: Application Popup) (User: )
Description: Fehler [DATABASE OPEN FAILED] beim Verarbeiten der Treiberdatenbank.
Error: (10/02/2013 09:33:44 AM) (Source: Application Popup) (User: )
Description: Fehler [DATABASE NOT LOADED] beim Verarbeiten der Treiberdatenbank.
Error: (10/02/2013 08:03:26 AM) (Source: DCOM) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
Error: (10/01/2013 11:52:53 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
%%126
Microsoft Office Sessions:
=========================
Error: (10/02/2013 09:42:10 AM) (Source: ESENT)(User: )
Description: taskhost2780WebCacheLocal: C:\Users\sven\AppData\Local\Microsoft\Windows\WebCache\V0100004.log-1811
Error: (10/02/2013 00:36:15 AM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073418220
Error: (10/02/2013 00:19:02 AM) (Source: MsiInstaller)(User: audia3)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\GoogleUpdateHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (10/01/2013 07:24:02 AM) (Source: ESENT)(User: )
Description: taskhost1936WebCacheLocal: C:\Users\sven\AppData\Local\Microsoft\Windows\WebCache\V0100002.log-1811
Error: (10/01/2013 03:00:22 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Spyware Terminator Driver Filter.
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (10/01/2013 00:54:07 AM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073418220
Error: (09/30/2013 11:21:11 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.175674d672ee4FEShlExt.dll_unloaded0.0.0.000000000c0000005000000000c5a3de0b4c01cebe15a3ae2793C:\Windows\Explorer.EXEFEShlExt.dll3a7494bd-2a16-11e3-a4ed-002454bbfa5f
Error: (09/30/2013 06:40:13 PM) (Source: Office Software Protection Platform Service)(User: )
Description: hr=0xC004C0328c5fa740-5dca-43f9-be1b-d0281bcf9779
Error: (09/30/2013 06:40:13 PM) (Source: Office Software Protection Platform Service)(User: )
Description: hr=0xC004C03200010001(0x00000000, 18:40:12:296 - hxxp://go.microsoft.com/fwlink/?LinkID=120752)
00020001(0x00000000, 18:40:12:297)
00030001(0x00000000, 18:40:12:297 - hxxp://go.microsoft.com)
00030002(0x00000000, 18:40:12:297 - 1)
00020005(0x00000000, 18:40:12:297 - 0)
0002000C(0x00000000, 18:40:12:506 - 302)
0002000E(0x00000000, 18:40:12:506 - https://activation.sls.microsoft.com/sllicensing/SLLicense.asmx?configextension=o14)
00020001(0x00000000, 18:40:12:506)
00030001(0x00000000, 18:40:12:507 - https://activation.sls.microsoft.com)
00030002(0x00000000, 18:40:12:507 - 1)
00020005(0x00000000, 18:40:12:507 - 0)
0002000C(0x00000000, 18:40:13:270 - 500)
00010002(0x8004FC01, 18:40:13:271 - <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="hxxp://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="hxxp://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="hxxp://www.w3.org/2001/XMLSchema"><soap:Body><soap:Fault><faultcode>soap:Server</faultcode><faultstring>SoapException</faultstring><detail><HRESULT>0xC004C032</HRESULT><Messages><Message>153 (Activation) - [PA: New time based activation not available. ---> Time based activation is not available]</Message></Messages></detail></soap:Fault></soap:Body></soap:Envelope>)
00010003(0x8004FC01, 18:40:13:271)
Error: (09/30/2013 06:40:03 PM) (Source: Office Software Protection Platform Service)(User: )
Description: hr=0xC004C0328c5fa740-5dca-43f9-be1b-d0281bcf9779
CodeIntegrity Errors:
===================================
Date: 2013-10-02 10:02:12.054
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-02 10:02:12.052
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-02 10:02:12.049
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-02 09:53:46.690
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-02 09:53:46.687
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-02 09:53:46.670
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-27 20:33:26.814
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-09-27 20:33:26.741
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-09-27 17:54:07.946
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-27 17:54:07.946
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 36%
Total physical RAM: 7594.12 MB
Available physical RAM: 4834.48 MB
Total Pagefile: 31592.3 MB
Available Pagefile: 28317.66 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:112 GB) (Free:45.08 GB) NTFS
Drive d: () (Fixed) (Total:165.99 GB) (Free:106.62 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 4394EB81)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=112 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=166 GB) - (Type=OF Extended)
==================== End Of Log ============================
 gruß sven |
|
02.10.2013, 15:06
| #4 |
| | Ständiger befall von viren oder maleware FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2013 02
Ran by sven (administrator) on AUDIA3 on 02-10-2013 10:08:17
Running from C:\Users\sven\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(Systweak Software, (www.systweak.com)) C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Schutzprogramme für Laptop\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Schutzprogramme für Laptop\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Schutzprogramme für Laptop\Malwarebytes' Anti-Malware\mbamgui.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(BillP Studios) C:\Program Files (x86)\Schutzprogramme für Laptop\WinPatrol\WinPatrol.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apntex.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidFind.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Schutzprogramme für Laptop\Malwarebytes' Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\klwtblfs.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [WinPatrol] - C:\Program Files (x86)\Schutzprogramme für Laptop\WinPatrol\winpatrol.exe [441408 2013-09-05] (BillP Studios)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [AutoKMS] - C:\Windows\AutoKMS.exe [615936 2013-09-30] ()
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647064 2013-08-28] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [679768 2013-04-25] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356376 2013-01-19] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3830224 2013-05-16] (Safer-Networking Ltd.)
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: localhost:21320
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.iminent.com/?appId=FA94B1C1-4C32-4D91-9EC6-720227C4DE34
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=SAMSUNGXHM321HI_S26VJ9FZ759395&ts=1380665898
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=SAMSUNGXHM321HI_S26VJ9FZ759395&ts=1380665898
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=SAMSUNGXHM321HI_S26VJ9FZ759395&ts=1380665898
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=SAMSUNGXHM321HI_S26VJ9FZ759395&ts=1380665898
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=SAMSUNGXHM321HI_S26VJ9FZ759395&ts=1380665898
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=sc&from=cor&uid=SAMSUNGXHM321HI_S26VJ9FZ759395&ts=1380665898
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=SAMSUNGXHM321HI_S26VJ9FZ759395&ts=1380665898&type=default&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=SAMSUNGXHM321HI_S26VJ9FZ759395&ts=1380665898&type=default&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=SAMSUNGXHM321HI_S26VJ9FZ759395&ts=1380665898&type=default&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=SAMSUNGXHM321HI_S26VJ9FZ759395&ts=1380665898&type=default&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=SAMSUNGXHM321HI_S26VJ9FZ759395&ts=1380665898&type=default&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=SAMSUNGXHM321HI_S26VJ9FZ759395&ts=1380665898&type=default&q={searchTerms}
SearchScopes: HKCU - {6FC070F5-1E3D-461A-846B-2588CEC7EFB1} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3311268&CUI=UN32830781472606716&UM=2
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Chrome:
=======
CHR HomePage: hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=SAMSUNGXHM321HI_S26VJ9FZ759395&ts=1380665898
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.13_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\camnampocfohlcgbajligmemmabnljcm\1.2_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbhfdchmklhpcngcgjmpdbjakdggkkjp\3.2.2_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.5_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk\2.4_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Kaspersky URL Advisor) - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0
CHR Extension: (WOT Safe Search) - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddcihbboebboehpkkdfdkhbodacmmfkk\2_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm\0.14.2.2_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.7_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0
CHR Extension: (Safe Money) - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4292_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhgnmngkgolhffjjdaipkkjbmbnpefef\1.2.3_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [ibcgjcbeckcdemelifnledhihpaighfk] - C:\Users\sven\AppData\Local\CRE\ibcgjcbeckcdemelifnledhihpaighfk.crx
CHR HKLM-x32\...\Chrome\Extension: [ieadcoanfjloocmfafkebdnfefmohngj] - C:\Program Files (x86)\BonanzaDeals\BonanzaDeals.crx
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=sc&from=cor&uid=SAMSUNGXHM321HI_S26VJ9FZ759395&ts=1380665898
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 ASO3DiskOptimizer; C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe [264488 2013-09-18] (Systweak Software, (www.systweak.com))
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356376 2013-01-19] (Kaspersky Lab ZAO)
S4 CCALib8; C:\Program Files (x86)\Canon\CAL\CALMAIN.exe [96341 2005-09-30] (Canon Inc.)
S4 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-06-13] (Freemake)
R2 MBAMScheduler; C:\Program Files (x86)\Schutzprogramme für Laptop\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Schutzprogramme für Laptop\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S4 Rezip; C:\Windows\SysWOW64\Rezip.exe [311296 2009-03-05] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
S4 Secunia PSI Agent; C:\Program Files (x86)\Schutzprogramme für Laptop\Secunia\PSI\psia.exe [1228504 2013-07-03] (Secunia)
S4 Secunia Update Agent; C:\Program Files (x86)\Schutzprogramme für Laptop\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2100024 2013-09-09] (TuneUp Software)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2013-09-30] (Microsoft Corporation)
S4 bonanzadealslive; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe /svc [x]
S4 bonanzadealslivem; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe /medsvc [x]
S2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [x]
==================== Drivers (Whitelisted) ====================
R1 HBtnKey; C:\Windows\System32\DRIVERS\wstbtndb.sys [9856 2007-09-14] (Lenovo)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [458584 2012-06-19] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [620128 2013-04-22] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [28504 2012-08-02] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29016 2013-01-20] (Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29528 2013-01-20] (Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-06-17] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-04-22] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2010-08-17] (Windows (R) 2003 DDK 3790 provider)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2010-08-17] (Windows (R) 2003 DDK 3790 provider)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [x]
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2011-04-16] (Microsoft Corporation)
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-04-22] (Kaspersky Lab ZAO)
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 Tosrfcom; No ImagePath
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-02 10:08 - 2013-10-02 10:08 - 00000000 ___DC C:\FRST
2013-10-02 10:06 - 2013-10-02 10:06 - 00000470 ____C C:\Users\sven\Desktop\defogger_disable.log
2013-10-02 10:06 - 2013-10-02 10:06 - 00000000 ____C C:\Users\sven\defogger_reenable
2013-10-02 10:03 - 2013-10-02 10:03 - 00050477 ____C C:\Users\sven\Desktop\Defogger.exe
2013-10-02 09:33 - 2013-10-02 09:36 - 00002640 ____C C:\Windows\PFRO.log
2013-10-02 09:30 - 2013-10-02 09:30 - 00111520 ____C C:\Users\sven\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-02 09:19 - 2013-10-02 09:27 - 00000000 ___DC C:\Users\sven\Desktop\Samsung
2013-10-02 00:43 - 2013-10-02 09:43 - 00000202 ____C C:\Windows\setupact.log
2013-10-02 00:43 - 2013-10-02 00:43 - 00000000 ____C C:\Windows\setuperr.log
2013-10-02 00:18 - 2013-10-02 00:32 - 00000000 ___DC C:\ProgramData\eSafe
2013-10-02 00:18 - 2013-10-02 00:18 - 00000000 ___DC C:\Users\sven\AppData\Local\BonanzaDealsLive
2013-10-02 00:18 - 2013-10-02 00:18 - 00000000 ___DC C:\ProgramData\BonanzaDealsLive
2013-10-01 23:43 - 2013-10-01 23:50 - 00442528 ____C C:\Windows\system32\FNTCACHE.DAT
2013-10-01 21:14 - 2013-10-02 10:03 - 00000000 ___DC C:\Program Files\Apoint2K
2013-10-01 21:14 - 2013-10-01 21:14 - 00000000 ___HC C:\Windows\system32\Drivers\Msft_Kernel_Apfiltr_01009.Wdf
2013-10-01 21:14 - 2013-10-01 21:14 - 00000000 ___DC C:\Program Files\ATI Technologies
2013-10-01 21:13 - 2013-04-23 10:32 - 00495408 ____C (Alps Electric Co., Ltd.) C:\Windows\system32\Drivers\Apfiltr.sys
2013-10-01 21:13 - 2013-02-28 21:29 - 00116056 ____C (Alps Electric Co., Ltd.) C:\Windows\system32\Vxdif.dll
2013-10-01 10:02 - 2013-10-01 20:44 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Systweak
2013-10-01 09:48 - 2013-10-01 09:51 - 00000000 ___DC C:\AdwCleaner
2013-10-01 09:47 - 2013-10-01 09:48 - 01045226 ____C C:\Users\sven\Downloads\adwcleaner.exe
2013-10-01 09:40 - 2013-10-01 23:52 - 00003162 ____C C:\Windows\System32\Tasks\RegClean Pro
2013-10-01 09:27 - 2013-10-01 09:27 - 00003288 ____N C:\bootsqm.dat
2013-10-01 09:14 - 2013-10-01 09:14 - 00000000 ___HC C:\ProgramData\DP45977C.lfl
2013-10-01 08:16 - 2013-10-01 08:16 - 00000000 ___DC C:\Users\sven\Documents\ProcAlyzer Dumps
2013-09-30 23:40 - 2013-09-29 00:30 - 00000855 ____C C:\Windows\system32\Drivers\etc\hosts.20130930-234012.backup
2013-09-30 23:30 - 2013-10-01 08:16 - 00000000 ___DC C:\ProgramData\Spybot - Search & Destroy
2013-09-30 23:30 - 2013-09-30 23:30 - 00001383 ____C C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-09-30 23:30 - 2013-09-30 23:30 - 00000000 ___DC C:\Windows\System32\Tasks\Safer-Networking
2013-09-30 23:30 - 2013-09-30 23:30 - 00000000 ___DC C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-09-30 23:30 - 2009-01-25 13:14 - 00017272 ____C (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2013-09-30 23:22 - 2013-09-30 23:22 - 00051496 ____C (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-09-30 23:21 - 2013-09-30 23:28 - 00000000 ___DC C:\Users\sven\AppData\Local\CrashDumps
2013-09-30 23:10 - 2013-09-30 23:10 - 00000000 ___DC C:\Windows\Repair
2013-09-30 23:02 - 2013-10-01 07:23 - 00000458 ____C C:\Windows\Tasks\ASO-AutoCheckUpdate7Days.job
2013-09-30 23:02 - 2013-10-01 07:23 - 00000428 ____C C:\Windows\Tasks\ASO-OneClickCare.job
2013-09-30 23:02 - 2013-09-30 23:09 - 00003326 ____C C:\Windows\System32\Tasks\ASO-AutoCheckUpdate7Days
2013-09-30 23:02 - 2013-09-30 23:02 - 00003298 ____C C:\Windows\System32\Tasks\ASO-OneClickCare
2013-09-30 23:01 - 2013-09-30 23:03 - 00000000 ___DC C:\Program Files (x86)\Advanced System Optimizer 3
2013-09-30 23:01 - 2013-09-30 23:01 - 00001522 ____C C:\Users\Public\Desktop\Intelligente PC-Wartung.lnk
2013-09-30 23:01 - 2013-09-30 23:01 - 00001470 ____C C:\Users\Public\Desktop\Advanced System Optimizer.lnk
2013-09-30 22:26 - 2013-09-30 22:37 - 00000000 ___DC C:\ProgramData\SecTaskMan
2013-09-30 20:50 - 2013-09-30 20:50 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Mozilla
2013-09-30 20:50 - 2013-09-30 20:50 - 00000000 ___DC C:\Users\sven\AppData\Local\CRE
2013-09-30 20:48 - 2013-09-30 20:50 - 00000000 ___DC C:\Users\sven\AppData\Roaming\DAEMON Tools Lite
2013-09-30 18:54 - 2013-09-30 18:55 - 00000000 ___DC C:\Users\sven\Downloads\MO10
2013-09-30 18:50 - 2013-09-30 18:50 - 00615936 ____C C:\Windows\AutoKMS.exe
2013-09-30 18:50 - 2013-09-30 18:50 - 00000161 ____C C:\Windows\AutoKMS.ini
2013-09-30 12:33 - 2013-10-01 10:41 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2013-09-30 12:33 - 2013-10-01 10:41 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2013-09-30 12:33 - 2013-10-01 10:41 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2013-09-30 12:33 - 2013-10-01 10:41 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2013-09-30 12:33 - 2013-10-01 10:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2013-09-30 12:33 - 2013-10-01 10:41 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2013-09-30 12:33 - 2013-10-01 10:41 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2013-09-30 12:33 - 2013-10-01 10:41 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2013-09-30 12:33 - 2013-10-01 10:41 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2013-09-30 12:33 - 2013-10-01 10:41 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2013-09-30 12:33 - 2013-10-01 10:41 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2013-09-30 12:33 - 2013-10-01 10:41 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2013-09-30 11:57 - 2013-09-30 11:57 - 00000000 ___DC C:\Program Files\Microsoft Synchronization Services
2013-09-30 11:56 - 2013-09-30 11:56 - 00000000 ___DC C:\Program Files\Microsoft Sync Framework
2013-09-30 11:56 - 2013-09-30 11:56 - 00000000 ___DC C:\Program Files\Microsoft SQL Server Compact Edition
2013-09-30 11:53 - 2013-09-30 11:53 - 00000000 ___DC C:\Program Files (x86)\Microsoft Visual Studio 8
2013-09-30 11:52 - 2013-09-30 11:53 - 01953880 ____C (Farbar) C:\Users\sven\Desktop\FRST64.exe
2013-09-30 11:52 - 2013-09-30 11:52 - 00000000 _RHDC C:\MSOCache
2013-09-30 11:52 - 2013-09-30 11:52 - 00000000 ___DC C:\Program Files (x86)\Microsoft Office
2013-09-30 11:46 - 2013-09-30 11:46 - 00000000 ___DC C:\Windows\SysWOW64\BestPractices
2013-09-30 11:46 - 2013-09-30 11:46 - 00000000 ___DC C:\Windows\system32\BestPractices
2013-09-30 11:46 - 2013-09-30 11:46 - 00000000 ___DC C:\inetpub
2013-09-30 00:16 - 2013-09-30 00:16 - 00000000 ___DC C:\Users\sven\AppData\Roaming\WinRAR
2013-09-30 00:16 - 2013-09-30 00:16 - 00000000 ___DC C:\Program Files\WinRAR
2013-09-29 07:52 - 2013-09-29 07:52 - 00000020 __SHC C:\Users\sven\ntuser.ini
2013-09-29 00:57 - 2013-10-02 00:18 - 00002497 ____C C:\Users\sven\Desktop\Google Chrome.lnk
2013-09-29 00:57 - 2013-09-29 00:57 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-09-29 00:31 - 2013-10-02 09:44 - 01511318 ____C C:\Windows\WindowsUpdate.log
2013-09-29 00:10 - 2013-09-29 00:10 - 00000000 ___DC C:\Program Files\Common Files\SpeechEngines
2013-09-28 21:04 - 2013-09-28 21:04 - 00000000 ___DC C:\ProgramData\Sun
2013-09-28 21:04 - 2013-09-28 21:03 - 00868264 ____C (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-09-28 21:04 - 2013-09-28 21:03 - 00790440 ____C (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-09-28 21:04 - 2013-09-28 21:03 - 00264616 ____C (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-28 21:04 - 2013-09-28 21:03 - 00175016 ____C (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-28 21:04 - 2013-09-28 21:03 - 00175016 ____C (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-28 21:04 - 2013-09-28 21:03 - 00096168 ____C (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-28 21:03 - 2013-09-28 21:03 - 00000000 ___DC C:\Program Files (x86)\Java
2013-09-28 19:31 - 2013-09-29 00:50 - 00000000 ___DC C:\Users\sven\AppData\Roaming\AllDup
2013-09-28 19:31 - 2013-09-28 19:31 - 00000000 ___DC C:\ProgramData\AllDup
2013-09-28 19:31 - 2010-10-13 06:42 - 02369456 ____C (Codejock Software) C:\Windows\SysWOW64\Codejock.CommandBars.v13.4.2.ocx
2013-09-28 19:31 - 2010-08-20 21:53 - 00086016 ____C (Michael Thummerer Software Design) C:\Windows\SysWOW64\mtSplitter.ocx
2013-09-28 19:31 - 2010-06-11 10:50 - 00089888 ____C (Michael Thummerer Software Design) C:\Windows\SysWOW64\mtFrame.ocx
2013-09-28 19:31 - 2010-06-01 14:45 - 01005088 ____C (Bennet-Tec Information Systems, Inc) C:\Windows\SysWOW64\TList8.ocx
2013-09-28 19:31 - 2010-03-25 10:33 - 00171752 ____C (Michael Thummerer Software Design) C:\Windows\SysWOW64\mtRTF2.ocx
2013-09-28 19:31 - 2009-10-13 00:02 - 00044736 ____C (Michael Thummerer Software Design) C:\Windows\SysWOW64\mtSubclass.dll
2013-09-28 19:31 - 2009-10-13 00:01 - 00077504 ____C (Michael Thummerer Software Design) C:\Windows\SysWOW64\mtScrollContainer.ocx
2013-09-28 19:31 - 2008-01-29 07:57 - 00450560 ____C (LogicNP Software (hxxp://www.ssware.com)) C:\Windows\SysWOW64\fldrvw90.ocx
2013-09-27 20:24 - 2013-09-27 20:46 - 00000000 ___DC C:\Windows\erdnt
2013-09-27 17:01 - 2013-09-27 17:01 - 00151464 ____C C:\Users\sven\Documents\pinfect.zip
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\VDLL.DLL
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\SysWOW64\runouce.exe
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\rundll16.exe
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\RUNDL132.EXE
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\logo1_.exe
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\logo_1.exe
2013-09-27 15:59 - 2013-09-27 16:54 - 00000000 _SHDC C:\Windows\SysWOW64\AI_RecycleBin
2013-09-27 15:59 - 2013-09-27 16:53 - 00000193 ____C C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2013-09-27 15:57 - 2013-09-27 16:54 - 00000000 ___DC C:\ProgramData\Soluto
2013-09-27 15:42 - 2013-09-27 16:02 - 00000054 ____C C:\Windows\Lic.xxx
2013-09-27 15:41 - 2013-09-27 15:41 - 00632064 ____C (Microsoft Corporation) C:\Windows\SysWOW64\msvcr80.dll
2013-09-27 15:41 - 2013-09-27 15:41 - 00554240 ____C (Microsoft Corporation) C:\Windows\SysWOW64\msvcp80.dll
2013-09-27 15:41 - 2013-09-27 15:41 - 00034048 ____C (MicroWorld Technologies Inc.) C:\Windows\SysWOW64\eEmpty.exe
2013-09-27 15:41 - 2013-09-27 15:41 - 00000000 ___DC C:\ProgramData\MicroWorld
2013-09-27 15:41 - 2005-09-22 23:22 - 00000522 ____C C:\Windows\SysWOW64\Microsoft.VC80.CRT.manifest
2013-09-24 13:25 - 2013-09-24 13:25 - 00000000 ___DC C:\Users\sven\Documents\Benutzerdefinierte Office-Vorlagen
2013-09-23 13:15 - 2013-09-23 13:15 - 00000000 ____C C:\Windows\HPMProp.INI
2013-09-23 11:58 - 2013-09-30 11:57 - 00000000 ___DC C:\Program Files\Common Files\DESIGNER
2013-09-23 11:54 - 2013-09-29 00:10 - 00000000 ___DC C:\Program Files\Common Files\SYSTEM
2013-09-23 11:32 - 2013-09-23 11:32 - 00000000 ___DC C:\Users\Admin\AppData\Local\Google
2013-09-23 08:13 - 2013-05-10 09:41 - 00518432 ____C (HP) C:\Windows\SysWOW64\hpcdmc32.dll
2013-09-23 08:13 - 2013-05-10 09:40 - 00237344 ____C (Hewlett-Packard Company) C:\Windows\system32\hpmlm135.dll
2013-09-23 08:13 - 2013-05-10 09:40 - 00216864 ____C (Hewlett-Packard) C:\Windows\system32\hpmml150.dll
2013-09-23 08:13 - 2013-05-10 09:40 - 00189728 ____C (Hewlett-Packard) C:\Windows\system32\hpmpm081.dll
2013-09-23 08:13 - 2013-05-10 09:40 - 00162080 ____C (Hewlett-Packard) C:\Windows\system32\hpmtp150.dll
2013-09-23 08:13 - 2013-05-10 09:40 - 00074016 ____C (Hewlett-Packard) C:\Windows\system32\hpmpw081.dll
2013-09-23 08:13 - 2013-05-10 09:39 - 00438560 ____C (Hewlett-Packard Corporation) C:\Windows\system32\hpcpn150.dll
2013-09-23 08:13 - 2013-05-10 09:39 - 00199968 ____C (Hewlett-Packard) C:\Windows\system32\hpmja150.dll
2013-09-23 08:13 - 2013-05-10 09:38 - 00140064 ____C (Hewlett-Packard) C:\Windows\system32\hpcjpm.dll
2013-09-23 08:13 - 2013-05-10 09:36 - 00436512 ____C C:\Windows\SysWOW64\hpcc3150.dll
2013-09-23 08:13 - 2011-02-11 15:23 - 00193592 ____C (Hewlett-Packard) C:\Windows\system32\hppdcompio.dll
2013-09-23 08:13 - 2011-02-11 15:23 - 00167480 ____C (Hewlett-Packard) C:\Windows\SysWOW64\hppccompio.dll
2013-09-23 08:13 - 2009-02-25 17:32 - 00060440 ____C (Hewlett-Packard) C:\Windows\system32\FxCompChannel_x64.dll
2013-09-23 07:43 - 2013-09-23 07:43 - 00000000 ___DC C:\Program Files (x86)\Toshiba
2013-09-23 00:04 - 2007-09-14 23:12 - 01459712 ____C C:\Windows\system32\wstbtnrb.dll
2013-09-23 00:04 - 2007-09-14 23:12 - 00009856 ____C (Lenovo) C:\Windows\system32\Drivers\wstbtndb.sys
2013-09-22 23:53 - 2013-09-22 23:53 - 00000000 ___DC C:\Windows\Dell
2013-09-22 23:53 - 2013-09-22 23:53 - 00000000 ___DC C:\Users\sven\AppData\Roaming\InstallShield
2013-09-22 23:53 - 2013-09-22 23:53 - 00000000 ___DC C:\Program Files (x86)\Lenovo
2013-09-22 22:54 - 2013-09-22 22:54 - 00000000 ___DC C:\Users\sven\AppData\Local\WinSweeper
2013-09-22 22:54 - 2013-09-22 22:54 - 00000000 ___DC C:\Program Files (x86)\WinSweeper
2013-09-22 22:18 - 2013-09-27 17:27 - 00000260 ____C C:\Windows\Tasks\DriverDoc.job
2013-09-22 22:18 - 2013-09-27 16:56 - 00002992 ____C C:\Windows\System32\Tasks\DriverDoc
2013-09-22 22:13 - 2013-09-27 17:27 - 00000276 ____C C:\Windows\Tasks\DriverDoc_UPDATES.job
2013-09-22 22:13 - 2013-09-27 16:56 - 00003014 ____C C:\Windows\System32\Tasks\DriverDoc_UPDATES
2013-09-22 22:13 - 2013-09-22 22:13 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Solvusoft
2013-09-22 22:13 - 2013-09-22 22:13 - 00000000 ___DC C:\Program Files (x86)\DriverDoc
2013-09-22 18:41 - 2013-09-22 18:41 - 00000000 ___DC C:\Users\sven\AppData\Roaming\ZoomBrowser EX
2013-09-22 18:38 - 2013-09-22 18:38 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Canon
2013-09-22 18:30 - 2013-09-22 18:30 - 00000000 ___DC C:\ProgramData\ZoomBrowser
2013-09-22 18:29 - 2013-09-22 18:43 - 00000000 ___DC C:\Program Files (x86)\Canon
2013-09-20 19:36 - 2013-09-20 19:36 - 00000635 ____C C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-09-20 13:35 - 2013-09-20 15:51 - 00004697 ____C C:\ProgramData\hpzinstall.log
2013-09-19 07:20 - 2013-09-19 18:12 - 98378485 ____C C:\Windows\SysWOW64\ῲꤓE
2013-09-18 08:46 - 2013-09-18 08:46 - 98106403 ____C C:\Windows\SysWOW64\职D
2013-09-16 15:08 - 2013-09-16 15:08 - 00021712 ____C (Phoenix Technologies) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
2013-09-16 15:08 - 2013-09-16 15:08 - 00000000 ___DC C:\Users\sven\AppData\Local\eSupport.com
2013-09-16 14:55 - 2013-09-16 14:55 - 00000000 ___DC C:\Program Files\CPUID
2013-09-16 13:35 - 2013-09-30 08:58 - 00003160 ____C C:\Windows\System32\Tasks\SidebarExecute
2013-09-16 13:32 - 2013-09-16 13:32 - 00000207 ____C C:\Windows\tweaking.com-regbackup-AUDIA3-Microsoft-Windows-7-Home-Premium-(64-Bit).dat
2013-09-16 13:31 - 2013-09-16 13:31 - 00000000 ___DC C:\RegBackup
2013-09-16 11:43 - 2013-09-16 11:43 - 00003134 ____C C:\Windows\System32\Tasks\{BA2F4B9B-111E-4ACD-B5C8-CEE0CE8306EA}
2013-09-14 19:15 - 2013-09-14 19:15 - 00000000 ___DC C:\Users\Default\AppData\Local\Microsoft Help
2013-09-14 19:15 - 2013-09-14 19:15 - 00000000 ___DC C:\Users\Default User\AppData\Local\Microsoft Help
2013-09-14 14:33 - 2013-09-14 14:33 - 00000000 ___DC C:\Program Files (x86)\Microsoft SQL Server
2013-09-14 14:31 - 2013-09-14 14:33 - 00000000 ___DC C:\Program Files\Microsoft SQL Server
2013-09-14 14:31 - 2013-09-14 14:31 - 00000000 ___DC C:\Windows\PCHEALTH
2013-09-14 14:28 - 2013-09-30 11:56 - 00000000 ___DC C:\Program Files\Microsoft Office
2013-09-14 14:28 - 2013-09-14 14:28 - 00000000 ___DC C:\Program Files\Microsoft Analysis Services
2013-09-14 14:28 - 2013-09-14 14:28 - 00000000 ___DC C:\Program Files (x86)\Microsoft Analysis Services
2013-09-14 14:16 - 2013-09-30 00:16 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-09-14 13:26 - 2013-09-29 23:16 - 00000000 ___DC C:\Program Files (x86)\MO 2013
2013-09-13 09:12 - 2013-09-13 09:12 - 00002770 ____C C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2013-09-12 22:07 - 2013-09-24 09:13 - 00000000 ___DC C:\Program Files (x86)\TuneUp Utilities 2014
2013-09-12 22:07 - 2013-09-12 22:07 - 00000000 ___DC C:\Users\sven\AppData\Roaming\TuneUp Software
2013-09-12 22:06 - 2013-09-12 22:11 - 00000000 _SHDC C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-09-12 21:19 - 2013-09-23 11:26 - 00000000 ___DC C:\Users\Admin\AppData\Roaming\TuneUp Software
2013-09-12 21:18 - 2013-09-12 21:18 - 00000000 ___DC C:\Users\Admin\AppData\Roaming\WinPatrol
2013-09-12 10:58 - 2013-09-12 10:58 - 00001370 ____C C:\Users\Public\Desktop\Wöchentlich - Malwarebytes Anti-Malware .lnk
2013-09-11 21:59 - 2013-10-02 10:04 - 00001106 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-11 21:59 - 2013-10-02 09:42 - 00001102 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-11 21:59 - 2013-09-29 17:04 - 00004112 ____C C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-09-11 21:59 - 2013-09-29 17:04 - 00003860 ____C C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-09-11 21:59 - 2013-09-11 22:01 - 00000000 ___DC C:\Program Files (x86)\Google
2013-09-11 08:44 - 2013-09-24 08:51 - 00000000 ___DC C:\Windows\pss
2013-09-11 08:19 - 2013-09-11 08:48 - 00001278 ____C C:\Users\Public\Desktop\Wöchentlich - CCleaner.lnk
2013-09-11 08:19 - 2013-09-11 08:19 - 00002770 ____C C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-10 23:50 - 2013-09-30 23:43 - 00000000 ___DC C:\Program Files (x86)\Schutzprogramme für Laptop
2013-09-10 23:17 - 2013-09-10 23:48 - 00001912 ____C C:\Windows\epplauncher.mif
2013-09-10 23:12 - 2013-08-05 04:25 - 00155584 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-10 23:01 - 2013-09-10 23:01 - 00000000 ___DC C:\Users\sven\AppData\Roaming\WinPatrol
2013-09-10 23:01 - 2013-09-10 23:01 - 00000000 ___DC C:\ProgramData\InstallMate
2013-09-10 22:15 - 2013-09-12 07:18 - 00000000 ___DC C:\Users\Public\Recorded TV
2013-09-10 22:00 - 2013-09-30 08:56 - 00000127 ____C C:\Windows\win.ini
2013-09-10 21:49 - 2013-09-10 21:50 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-10 21:49 - 2013-09-10 21:50 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-10 21:49 - 2013-09-10 21:50 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-10 21:49 - 2013-09-10 21:50 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-10 21:49 - 2013-09-10 21:50 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-10 21:49 - 2013-09-10 21:50 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-10 21:40 - 2013-09-10 21:44 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-10 21:40 - 2013-09-10 21:44 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-10 21:40 - 2013-09-10 21:44 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-10 21:40 - 2013-09-10 21:44 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-10 21:40 - 2013-09-10 21:44 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-10 21:40 - 2013-09-10 21:44 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-10 21:40 - 2013-09-10 21:43 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-10 21:40 - 2013-09-10 21:43 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-10 21:40 - 2013-09-10 21:43 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-10 21:40 - 2013-09-10 21:43 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-10 21:39 - 2013-09-10 21:44 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-10 21:39 - 2013-09-10 21:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-10 21:39 - 2013-09-10 21:44 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-10 21:39 - 2013-09-10 21:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-10 21:39 - 2013-09-10 21:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00006144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-10 21:24 - 2013-09-30 08:57 - 00181064 ____C (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-09-10 21:21 - 2013-09-29 00:48 - 00000000 ___DC C:\Program Files\7-Zip
2013-09-10 20:19 - 2013-09-12 22:10 - 00001340 ____C C:\Users\Public\Desktop\Wöchentlich - SpywareBlaster.lnk
2013-09-10 20:19 - 2013-09-10 20:19 - 00000000 ___DC C:\ProgramData\Licenses
2013-09-10 20:19 - 2011-11-04 05:13 - 01070352 ____C (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
2013-09-10 20:19 - 2009-03-24 12:52 - 00129872 ____C (Microsoft Corporation) C:\Windows\SysWOW64\MSSTDFMT.DLL
2013-09-10 19:55 - 2013-09-10 19:55 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Malwarebytes
2013-09-10 19:55 - 2013-09-10 19:55 - 00000000 ___DC C:\ProgramData\Malwarebytes
2013-09-10 19:55 - 2013-04-04 14:50 - 00025928 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-10 19:44 - 2013-09-10 19:44 - 00000000 ___DC C:\Users\sven\AppData\Local\Secunia PSI
2013-09-10 18:16 - 2013-09-10 18:16 - 00262144 _____ C:\Windows\system32\config\elam
2013-09-08 10:09 - 2013-09-08 10:09 - 00000078 ____C C:\Users\sven\Documents\Powers.log
==================== One Month Modified Files and Folders =======
2013-10-02 10:08 - 2013-10-02 10:08 - 00000000 ___DC C:\FRST
2013-10-02 10:06 - 2013-10-02 10:06 - 00000470 ____C C:\Users\sven\Desktop\defogger_disable.log
2013-10-02 10:06 - 2013-10-02 10:06 - 00000000 ____C C:\Users\sven\defogger_reenable
2013-10-02 10:06 - 2010-12-30 15:42 - 00000000 ___DC C:\Users\sven
2013-10-02 10:04 - 2013-09-11 21:59 - 00001106 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-02 10:03 - 2013-10-02 10:03 - 00050477 ____C C:\Users\sven\Desktop\Defogger.exe
2013-10-02 10:03 - 2013-10-01 21:14 - 00000000 ___DC C:\Program Files\Apoint2K
2013-10-02 09:47 - 2009-07-14 06:45 - 00013936 ____C C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-02 09:47 - 2009-07-14 06:45 - 00013936 ____C C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-02 09:44 - 2013-09-29 00:31 - 01511318 ____C C:\Windows\WindowsUpdate.log
2013-10-02 09:44 - 2011-02-07 14:00 - 00000000 ___DC C:\ProgramData\Kaspersky Lab
2013-10-02 09:43 - 2013-10-02 00:43 - 00000202 ____C C:\Windows\setupact.log
2013-10-02 09:42 - 2013-09-11 21:59 - 00001102 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-02 09:41 - 2009-07-14 07:08 - 00000006 ___HC C:\Windows\Tasks\SA.DAT
2013-10-02 09:36 - 2013-10-02 09:33 - 00002640 ____C C:\Windows\PFRO.log
2013-10-02 09:30 - 2013-10-02 09:30 - 00111520 ____C C:\Users\sven\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-02 09:27 - 2013-10-02 09:19 - 00000000 ___DC C:\Users\sven\Desktop\Samsung
2013-10-02 09:25 - 2010-06-01 19:30 - 00753864 ____C C:\Windows\system32\perfh007.dat
2013-10-02 09:25 - 2010-06-01 19:30 - 00168998 ____C C:\Windows\system32\perfc007.dat
2013-10-02 09:25 - 2009-07-14 07:13 - 01790480 ____C C:\Windows\system32\PerfStringBackup.INI
2013-10-02 08:39 - 2012-09-01 09:37 - 00000884 ____C C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-02 08:22 - 2011-01-07 20:26 - 00007605 ____C C:\Users\sven\AppData\Local\Resmon.ResmonCfg
2013-10-02 00:43 - 2013-10-02 00:43 - 00000000 ____C C:\Windows\setuperr.log
2013-10-02 00:32 - 2013-10-02 00:18 - 00000000 ___DC C:\ProgramData\eSafe
2013-10-02 00:18 - 2013-10-02 00:18 - 00000000 ___DC C:\Users\sven\AppData\Local\BonanzaDealsLive
2013-10-02 00:18 - 2013-10-02 00:18 - 00000000 ___DC C:\ProgramData\BonanzaDealsLive
2013-10-02 00:18 - 2013-09-29 00:57 - 00002497 ____C C:\Users\sven\Desktop\Google Chrome.lnk
2013-10-02 00:16 - 2010-06-01 03:06 - 00000000 ___DC C:\Program Files (x86)\Samsung
2013-10-02 00:16 - 2010-06-01 02:59 - 00000000 ___DC C:\Program Files (x86)\InstallShield Installation Information
2013-10-01 23:52 - 2013-10-01 09:40 - 00003162 ____C C:\Windows\System32\Tasks\RegClean Pro
2013-10-01 23:50 - 2013-10-01 23:43 - 00442528 ____C C:\Windows\system32\FNTCACHE.DAT
2013-10-01 21:14 - 2013-10-01 21:14 - 00000000 ___HC C:\Windows\system32\Drivers\Msft_Kernel_Apfiltr_01009.Wdf
2013-10-01 21:14 - 2013-10-01 21:14 - 00000000 ___DC C:\Program Files\ATI Technologies
2013-10-01 20:44 - 2013-10-01 10:02 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Systweak
2013-10-01 11:47 - 2009-07-14 05:20 - 00000000 ___DC C:\Windows\SysWOW64\inetsrv
2013-10-01 11:47 - 2009-07-14 05:20 - 00000000 ___DC C:\Windows\system32\inetsrv
2013-10-01 10:44 - 2010-12-30 21:50 - 00000000 ___DC C:\ProgramData\Microsoft Help
2013-10-01 10:41 - 2013-09-30 12:33 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2013-10-01 10:41 - 2013-09-30 12:33 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2013-10-01 10:41 - 2013-09-30 12:33 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2013-10-01 10:41 - 2013-09-30 12:33 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2013-10-01 10:41 - 2013-09-30 12:33 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2013-10-01 10:41 - 2013-09-30 12:33 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2013-10-01 10:41 - 2013-09-30 12:33 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2013-10-01 10:41 - 2013-09-30 12:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2013-10-01 10:41 - 2013-09-30 12:33 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2013-10-01 10:41 - 2013-09-30 12:33 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2013-10-01 10:41 - 2013-09-30 12:33 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2013-10-01 10:41 - 2013-09-30 12:33 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2013-10-01 09:51 - 2013-10-01 09:48 - 00000000 ___DC C:\AdwCleaner
2013-10-01 09:48 - 2013-10-01 09:47 - 01045226 ____C C:\Users\sven\Downloads\adwcleaner.exe
2013-10-01 09:27 - 2013-10-01 09:27 - 00003288 ____N C:\bootsqm.dat
2013-10-01 09:14 - 2013-10-01 09:14 - 00000000 ___HC C:\ProgramData\DP45977C.lfl
2013-10-01 09:13 - 2010-06-01 03:02 - 00000000 ___DC C:\Windows\SysWOW64\RTCOM
2013-10-01 09:13 - 2010-06-01 03:02 - 00000000 ___DC C:\Windows\system32\SRSLabs
2013-10-01 08:50 - 2010-12-30 21:48 - 01742138 ____C C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-01 08:16 - 2013-10-01 08:16 - 00000000 ___DC C:\Users\sven\Documents\ProcAlyzer Dumps
2013-10-01 08:16 - 2013-09-30 23:30 - 00000000 ___DC C:\ProgramData\Spybot - Search & Destroy
2013-10-01 07:23 - 2013-09-30 23:02 - 00000458 ____C C:\Windows\Tasks\ASO-AutoCheckUpdate7Days.job
2013-10-01 07:23 - 2013-09-30 23:02 - 00000428 ____C C:\Windows\Tasks\ASO-OneClickCare.job
2013-09-30 23:43 - 2013-09-10 23:50 - 00000000 ___DC C:\Program Files (x86)\Schutzprogramme für Laptop
2013-09-30 23:30 - 2013-09-30 23:30 - 00001383 ____C C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-09-30 23:30 - 2013-09-30 23:30 - 00000000 ___DC C:\Windows\System32\Tasks\Safer-Networking
2013-09-30 23:30 - 2013-09-30 23:30 - 00000000 ___DC C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-09-30 23:28 - 2013-09-30 23:21 - 00000000 ___DC C:\Users\sven\AppData\Local\CrashDumps
2013-09-30 23:22 - 2013-09-30 23:22 - 00051496 ____C (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-09-30 23:10 - 2013-09-30 23:10 - 00000000 ___DC C:\Windows\Repair
2013-09-30 23:09 - 2013-09-30 23:02 - 00003326 ____C C:\Windows\System32\Tasks\ASO-AutoCheckUpdate7Days
2013-09-30 23:03 - 2013-09-30 23:01 - 00000000 ___DC C:\Program Files (x86)\Advanced System Optimizer 3
2013-09-30 23:02 - 2013-09-30 23:02 - 00003298 ____C C:\Windows\System32\Tasks\ASO-OneClickCare
2013-09-30 23:01 - 2013-09-30 23:01 - 00001522 ____C C:\Users\Public\Desktop\Intelligente PC-Wartung.lnk
2013-09-30 23:01 - 2013-09-30 23:01 - 00001470 ____C C:\Users\Public\Desktop\Advanced System Optimizer.lnk
2013-09-30 22:37 - 2013-09-30 22:26 - 00000000 ___DC C:\ProgramData\SecTaskMan
2013-09-30 20:54 - 2011-01-02 23:19 - 00000000 _SHDC C:\Temporäre Internetdateien
2013-09-30 20:50 - 2013-09-30 20:50 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Mozilla
2013-09-30 20:50 - 2013-09-30 20:50 - 00000000 ___DC C:\Users\sven\AppData\Local\CRE
2013-09-30 20:50 - 2013-09-30 20:48 - 00000000 ___DC C:\Users\sven\AppData\Roaming\DAEMON Tools Lite
2013-09-30 18:55 - 2013-09-30 18:54 - 00000000 ___DC C:\Users\sven\Downloads\MO10
2013-09-30 18:50 - 2013-09-30 18:50 - 00615936 ____C C:\Windows\AutoKMS.exe
2013-09-30 18:50 - 2013-09-30 18:50 - 00000161 ____C C:\Windows\AutoKMS.ini
2013-09-30 16:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-30 11:57 - 2013-09-30 11:57 - 00000000 ___DC C:\Program Files\Microsoft Synchronization Services
2013-09-30 11:57 - 2013-09-23 11:58 - 00000000 ___DC C:\Program Files\Common Files\DESIGNER
2013-09-30 11:56 - 2013-09-30 11:56 - 00000000 ___DC C:\Program Files\Microsoft Sync Framework
2013-09-30 11:56 - 2013-09-30 11:56 - 00000000 ___DC C:\Program Files\Microsoft SQL Server Compact Edition
2013-09-30 11:56 - 2013-09-14 14:28 - 00000000 ___DC C:\Program Files\Microsoft Office
2013-09-30 11:56 - 2009-07-14 07:32 - 00000000 ___DC C:\Program Files (x86)\MSBuild
2013-09-30 11:56 - 2009-07-14 05:20 - 00000000 ___DC C:\Program Files\Common Files\Microsoft Shared
2013-09-30 11:53 - 2013-09-30 11:53 - 00000000 ___DC C:\Program Files (x86)\Microsoft Visual Studio 8
2013-09-30 11:53 - 2013-09-30 11:52 - 01953880 ____C (Farbar) C:\Users\sven\Desktop\FRST64.exe
2013-09-30 11:53 - 2010-06-01 19:15 - 00000000 ___DC C:\Windows\ShellNew
2013-09-30 11:52 - 2013-09-30 11:52 - 00000000 _RHDC C:\MSOCache
2013-09-30 11:52 - 2013-09-30 11:52 - 00000000 ___DC C:\Program Files (x86)\Microsoft Office
2013-09-30 11:46 - 2013-09-30 11:46 - 00000000 ___DC C:\Windows\SysWOW64\BestPractices
2013-09-30 11:46 - 2013-09-30 11:46 - 00000000 ___DC C:\Windows\system32\BestPractices
2013-09-30 11:46 - 2013-09-30 11:46 - 00000000 ___DC C:\inetpub
2013-09-30 08:58 - 2013-09-16 13:35 - 00003160 ____C C:\Windows\System32\Tasks\SidebarExecute
2013-09-30 08:57 - 2013-09-10 21:24 - 00181064 ____C (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-09-30 08:56 - 2013-09-10 22:00 - 00000127 ____C C:\Windows\win.ini
2013-09-30 08:12 - 2010-06-01 19:15 - 00000000 ___DC C:\Program Files\Windows Journal
2013-09-30 08:12 - 2009-07-14 07:32 - 00000000 ___DC C:\Program Files\Windows Sidebar
2013-09-30 08:12 - 2009-07-14 07:32 - 00000000 ___DC C:\Program Files\Windows Portable Devices
2013-09-30 00:16 - 2013-09-30 00:16 - 00000000 ___DC C:\Users\sven\AppData\Roaming\WinRAR
2013-09-30 00:16 - 2013-09-30 00:16 - 00000000 ___DC C:\Program Files\WinRAR
2013-09-30 00:16 - 2013-09-14 14:16 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-09-29 23:16 - 2013-09-14 13:26 - 00000000 ___DC C:\Program Files (x86)\MO 2013
2013-09-29 22:51 - 2009-07-14 05:20 - 00000000 ___DC C:\Windows\system32\NDF
2013-09-29 17:04 - 2013-09-11 21:59 - 00004112 ____C C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-09-29 17:04 - 2013-09-11 21:59 - 00003860 ____C C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-09-29 15:37 - 2011-04-10 16:16 - 00000000 ___DC C:\Users\Admin
2013-09-29 07:56 - 2009-07-14 06:54 - 00000749 ___RC C:\Windows\WindowsShell.Manifest
2013-09-29 07:56 - 2009-07-14 05:20 - 00000000 __RDC C:\Users\Public\Libraries
2013-09-29 07:52 - 2013-09-29 07:52 - 00000020 __SHC C:\Users\sven\ntuser.ini
2013-09-29 00:57 - 2013-09-29 00:57 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-09-29 00:50 - 2013-09-28 19:31 - 00000000 ___DC C:\Users\sven\AppData\Roaming\AllDup
2013-09-29 00:49 - 2011-02-06 17:26 - 00000000 ___DC C:\ProgramData\Kaspersky Lab ZAO
2013-09-29 00:48 - 2013-09-10 21:21 - 00000000 ___DC C:\Program Files\7-Zip
2013-09-29 00:47 - 2011-04-10 16:17 - 00000000 __RDC C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-29 00:47 - 2011-04-10 16:17 - 00000000 __RDC C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-29 00:47 - 2011-04-10 16:16 - 00000000 __RDC C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-09-29 00:47 - 2011-04-10 16:16 - 00000000 __RDC C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-09-29 00:47 - 2010-12-30 16:02 - 00000000 __RDC C:\Users\sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-29 00:47 - 2010-12-30 16:02 - 00000000 __RDC C:\Users\sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-29 00:47 - 2010-12-30 15:42 - 00000000 __RDC C:\Users\sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-09-29 00:47 - 2010-12-30 15:42 - 00000000 __RDC C:\Users\sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-09-29 00:46 - 2010-12-30 22:25 - 00000000 ___DC C:\Users\sven\Documents\Sven
2013-09-29 00:30 - 2013-09-30 23:40 - 00000855 ____C C:\Windows\system32\Drivers\etc\hosts.20130930-234012.backup
2013-09-29 00:10 - 2013-09-29 00:10 - 00000000 ___DC C:\Program Files\Common Files\SpeechEngines
2013-09-29 00:10 - 2013-09-23 11:54 - 00000000 ___DC C:\Program Files\Common Files\SYSTEM
2013-09-28 23:27 - 2009-07-14 05:20 - 00000000 ___DC C:\Windows\registration
2013-09-28 21:04 - 2013-09-28 21:04 - 00000000 ___DC C:\ProgramData\Sun
2013-09-28 21:03 - 2013-09-28 21:04 - 00868264 ____C (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-09-28 21:03 - 2013-09-28 21:04 - 00790440 ____C (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-09-28 21:03 - 2013-09-28 21:04 - 00264616 ____C (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-28 21:03 - 2013-09-28 21:04 - 00175016 ____C (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-28 21:03 - 2013-09-28 21:04 - 00175016 ____C (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-28 21:03 - 2013-09-28 21:04 - 00096168 ____C (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-28 21:03 - 2013-09-28 21:03 - 00000000 ___DC C:\Program Files (x86)\Java
2013-09-28 20:17 - 2011-01-25 13:30 - 00002772 ____C C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2011
2013-09-28 20:17 - 2010-06-01 03:06 - 00003160 _____ C:\Windows\System32\Tasks\SUPBackground
2013-09-28 19:31 - 2013-09-28 19:31 - 00000000 ___DC C:\ProgramData\AllDup
2013-09-28 10:00 - 2013-05-11 21:11 - 00000000 ___DC C:\Users\sven\Desktop\Neuer Ordner
2013-09-27 20:46 - 2013-09-27 20:24 - 00000000 ___DC C:\Windows\erdnt
2013-09-27 17:27 - 2013-09-22 22:18 - 00000260 ____C C:\Windows\Tasks\DriverDoc.job
2013-09-27 17:27 - 2013-09-22 22:13 - 00000276 ____C C:\Windows\Tasks\DriverDoc_UPDATES.job
2013-09-27 17:01 - 2013-09-27 17:01 - 00151464 ____C C:\Users\sven\Documents\pinfect.zip
2013-09-27 16:56 - 2013-09-22 22:18 - 00002992 ____C C:\Windows\System32\Tasks\DriverDoc
2013-09-27 16:56 - 2013-09-22 22:13 - 00003014 ____C C:\Windows\System32\Tasks\DriverDoc_UPDATES
2013-09-27 16:54 - 2013-09-27 15:59 - 00000000 _SHDC C:\Windows\SysWOW64\AI_RecycleBin
2013-09-27 16:54 - 2013-09-27 15:57 - 00000000 ___DC C:\ProgramData\Soluto
2013-09-27 16:53 - 2013-09-27 15:59 - 00000193 ____C C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\VDLL.DLL
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\SysWOW64\runouce.exe
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\rundll16.exe
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\RUNDL132.EXE
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\logo1_.exe
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\logo_1.exe
2013-09-27 16:02 - 2013-09-27 15:42 - 00000054 ____C C:\Windows\Lic.xxx
2013-09-27 15:41 - 2013-09-27 15:41 - 00632064 ____C (Microsoft Corporation) C:\Windows\SysWOW64\msvcr80.dll
2013-09-27 15:41 - 2013-09-27 15:41 - 00554240 ____C (Microsoft Corporation) C:\Windows\SysWOW64\msvcp80.dll
2013-09-27 15:41 - 2013-09-27 15:41 - 00034048 ____C (MicroWorld Technologies Inc.) C:\Windows\SysWOW64\eEmpty.exe
2013-09-27 15:41 - 2013-09-27 15:41 - 00000000 ___DC C:\ProgramData\MicroWorld
2013-09-24 13:25 - 2013-09-24 13:25 - 00000000 ___DC C:\Users\sven\Documents\Benutzerdefinierte Office-Vorlagen
2013-09-24 09:13 - 2013-09-12 22:07 - 00000000 ___DC C:\Program Files (x86)\TuneUp Utilities 2014
2013-09-24 09:02 - 2011-03-05 19:52 - 00003784 ____C C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2013-09-24 08:51 - 2013-09-11 08:44 - 00000000 ___DC C:\Windows\pss
2013-09-24 08:44 - 2011-01-09 19:21 - 00000000 ___DC C:\Program Files (x86)\Downloadprogramme
2013-09-23 13:15 - 2013-09-23 13:15 - 00000000 ____C C:\Windows\HPMProp.INI
2013-09-23 11:32 - 2013-09-23 11:32 - 00000000 ___DC C:\Users\Admin\AppData\Local\Google
2013-09-23 11:26 - 2013-09-12 21:19 - 00000000 ___DC C:\Users\Admin\AppData\Roaming\TuneUp Software
2013-09-23 07:43 - 2013-09-23 07:43 - 00000000 ___DC C:\Program Files (x86)\Toshiba
2013-09-22 23:53 - 2013-09-22 23:53 - 00000000 ___DC C:\Windows\Dell
2013-09-22 23:53 - 2013-09-22 23:53 - 00000000 ___DC C:\Users\sven\AppData\Roaming\InstallShield
2013-09-22 23:53 - 2013-09-22 23:53 - 00000000 ___DC C:\Program Files (x86)\Lenovo
2013-09-22 22:54 - 2013-09-22 22:54 - 00000000 ___DC C:\Users\sven\AppData\Local\WinSweeper
2013-09-22 22:54 - 2013-09-22 22:54 - 00000000 ___DC C:\Program Files (x86)\WinSweeper
2013-09-22 22:13 - 2013-09-22 22:13 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Solvusoft
2013-09-22 22:13 - 2013-09-22 22:13 - 00000000 ___DC C:\Program Files (x86)\DriverDoc
2013-09-22 18:43 - 2013-09-22 18:29 - 00000000 ___DC C:\Program Files (x86)\Canon
2013-09-22 18:41 - 2013-09-22 18:41 - 00000000 ___DC C:\Users\sven\AppData\Roaming\ZoomBrowser EX
2013-09-22 18:41 - 2011-03-26 20:11 - 00005120 ____C C:\Users\sven\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-22 18:38 - 2013-09-22 18:38 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Canon
2013-09-22 18:30 - 2013-09-22 18:30 - 00000000 ___DC C:\ProgramData\ZoomBrowser
2013-09-20 19:36 - 2013-09-20 19:36 - 00000635 ____C C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-09-20 19:01 - 2012-09-29 00:11 - 00000000 ___DC C:\ProgramData\Nokia
2013-09-20 19:01 - 2012-09-29 00:08 - 00000000 ___DC C:\Program Files (x86)\Nokia
2013-09-20 18:52 - 2012-09-29 13:01 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Nokia Suite
2013-09-20 18:39 - 2012-09-01 09:37 - 00003822 ____C C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-20 18:39 - 2012-06-05 21:21 - 00692616 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-20 18:39 - 2012-06-05 21:21 - 00071048 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-20 15:51 - 2013-09-20 13:35 - 00004697 ____C C:\ProgramData\hpzinstall.log
2013-09-19 18:12 - 2013-09-19 07:20 - 98378485 ____C C:\Windows\SysWOW64\ῲꤓE
2013-09-18 08:46 - 2013-09-18 08:46 - 98106403 ____C C:\Windows\SysWOW64\职D
2013-09-16 15:08 - 2013-09-16 15:08 - 00021712 ____C (Phoenix Technologies) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
2013-09-16 15:08 - 2013-09-16 15:08 - 00000000 ___DC C:\Users\sven\AppData\Local\eSupport.com
2013-09-16 14:55 - 2013-09-16 14:55 - 00000000 ___DC C:\Program Files\CPUID
2013-09-16 13:32 - 2013-09-16 13:32 - 00000207 ____C C:\Windows\tweaking.com-regbackup-AUDIA3-Microsoft-Windows-7-Home-Premium-(64-Bit).dat
2013-09-16 13:31 - 2013-09-16 13:31 - 00000000 ___DC C:\RegBackup
2013-09-16 11:43 - 2013-09-16 11:43 - 00003134 ____C C:\Windows\System32\Tasks\{BA2F4B9B-111E-4ACD-B5C8-CEE0CE8306EA}
2013-09-16 08:00 - 2011-02-07 22:11 - 00000000 ___DC C:\Windows\Minidump
2013-09-14 19:15 - 2013-09-14 19:15 - 00000000 ___DC C:\Users\Default\AppData\Local\Microsoft Help
2013-09-14 19:15 - 2013-09-14 19:15 - 00000000 ___DC C:\Users\Default User\AppData\Local\Microsoft Help
2013-09-14 14:33 - 2013-09-14 14:33 - 00000000 ___DC C:\Program Files (x86)\Microsoft SQL Server
2013-09-14 14:33 - 2013-09-14 14:31 - 00000000 ___DC C:\Program Files\Microsoft SQL Server
2013-09-14 14:31 - 2013-09-14 14:31 - 00000000 ___DC C:\Windows\PCHEALTH
2013-09-14 14:28 - 2013-09-14 14:28 - 00000000 ___DC C:\Program Files\Microsoft Analysis Services
2013-09-14 14:28 - 2013-09-14 14:28 - 00000000 ___DC C:\Program Files (x86)\Microsoft Analysis Services
2013-09-13 09:12 - 2013-09-13 09:12 - 00002770 ____C C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2013-09-12 22:29 - 2009-08-02 04:27 - 00000000 ___DC C:\Windows\Panther
2013-09-12 22:11 - 2013-09-12 22:06 - 00000000 _SHDC C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-09-12 22:11 - 2011-01-23 15:30 - 00000000 _SHDC C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2013-09-12 22:10 - 2013-09-10 20:19 - 00001340 ____C C:\Users\Public\Desktop\Wöchentlich - SpywareBlaster.lnk
2013-09-12 22:09 - 2011-01-23 15:30 - 00000000 ___DC C:\ProgramData\TuneUp Software
2013-09-12 22:07 - 2013-09-12 22:07 - 00000000 ___DC C:\Users\sven\AppData\Roaming\TuneUp Software
2013-09-12 21:18 - 2013-09-12 21:18 - 00000000 ___DC C:\Users\Admin\AppData\Roaming\WinPatrol
2013-09-12 10:58 - 2013-09-12 10:58 - 00001370 ____C C:\Users\Public\Desktop\Wöchentlich - Malwarebytes Anti-Malware .lnk
2013-09-12 07:18 - 2013-09-10 22:15 - 00000000 ___DC C:\Users\Public\Recorded TV
2013-09-12 07:18 - 2009-07-14 07:08 - 00021798 ____C C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-11 22:01 - 2013-09-11 21:59 - 00000000 ___DC C:\Program Files (x86)\Google
2013-09-11 22:01 - 2010-12-30 16:19 - 00000000 ___DC C:\Users\sven\AppData\Local\Google
2013-09-11 17:28 - 2010-12-30 21:49 - 00000000 ___DC C:\Users\sven\AppData\Roaming\SoftGrid Client
2013-09-11 08:48 - 2013-09-11 08:19 - 00001278 ____C C:\Users\Public\Desktop\Wöchentlich - CCleaner.lnk
2013-09-11 08:19 - 2013-09-11 08:19 - 00002770 ____C C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-10 23:48 - 2013-09-10 23:17 - 00001912 ____C C:\Windows\epplauncher.mif
2013-09-10 23:01 - 2013-09-10 23:01 - 00000000 ___DC C:\Users\sven\AppData\Roaming\WinPatrol
2013-09-10 23:01 - 2013-09-10 23:01 - 00000000 ___DC C:\ProgramData\InstallMate
2013-09-10 21:50 - 2013-09-10 21:49 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-10 21:50 - 2013-09-10 21:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-10 21:50 - 2013-09-10 21:49 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-10 21:50 - 2013-09-10 21:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-10 21:50 - 2013-09-10 21:49 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-10 21:50 - 2013-09-10 21:49 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-10 21:44 - 2013-09-10 21:40 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-10 21:44 - 2013-09-10 21:40 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-10 21:44 - 2013-09-10 21:40 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-10 21:44 - 2013-09-10 21:40 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-10 21:44 - 2013-09-10 21:40 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-10 21:44 - 2013-09-10 21:40 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-10 21:44 - 2013-09-10 21:39 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-10 21:44 - 2013-09-10 21:39 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-10 21:44 - 2013-09-10 21:39 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-10 21:44 - 2013-09-10 21:39 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-10 21:44 - 2013-09-10 21:39 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00006144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-10 21:44 - 2013-07-21 18:12 - 00000000 ___DC C:\Windows\system32\MRT
2013-09-10 21:44 - 2011-01-02 21:58 - 79143768 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-10 21:43 - 2013-09-10 21:40 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-10 21:43 - 2013-09-10 21:40 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-10 21:43 - 2013-09-10 21:40 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-10 21:43 - 2013-09-10 21:40 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-10 20:19 - 2013-09-10 20:19 - 00000000 ___DC C:\ProgramData\Licenses
2013-09-10 19:55 - 2013-09-10 19:55 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Malwarebytes
2013-09-10 19:55 - 2013-09-10 19:55 - 00000000 ___DC C:\ProgramData\Malwarebytes
2013-09-10 19:48 - 2012-09-29 17:58 - 00000000 ___DC C:\Program Files (x86)\MSXML 4.0
2013-09-10 19:44 - 2013-09-10 19:44 - 00000000 ___DC C:\Users\sven\AppData\Local\Secunia PSI
2013-09-10 18:16 - 2013-09-10 18:16 - 00262144 _____ C:\Windows\system32\config\elam
2013-09-09 15:29 - 2011-01-23 15:31 - 00043320 ____C (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2013-09-09 15:29 - 2011-01-23 15:31 - 00040760 ____C (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2013-09-09 15:29 - 2011-01-23 15:31 - 00036152 ____C (TuneUp Software) C:\Windows\SysWOW64\uxtuneup.dll
2013-09-09 15:29 - 2011-01-23 15:31 - 00029496 ____C (TuneUp Software) C:\Windows\system32\authuitu.dll
2013-09-09 15:29 - 2011-01-23 15:31 - 00025400 ____C (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2013-09-08 10:09 - 2013-09-08 10:09 - 00000078 ____C C:\Users\sven\Documents\Powers.log
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-02 08:39
==================== End Of Log ============================
--- --- --- --- --- --- --- --- --- --- --- --- Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-10-02 12:07:34
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_HM321HI rev.2AJ10002 298,09GB
Running: c0kb3lbc.exe; Driver: C:\Users\sven\AppData\Local\Temp\uwldrpod.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Schutzprogramme für Laptop\Malwarebytes' Anti-Malware\mbamservice.exe[1480] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075141465 2 bytes [14, 75]
.text C:\Program Files (x86)\Schutzprogramme für Laptop\Malwarebytes' Anti-Malware\mbamservice.exe[1480] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000751414bb 2 bytes [14, 75]
.text ... * 2
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2068] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075141465 2 bytes [14, 75]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2068] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000751414bb 2 bytes [14, 75]
.text ... * 2
.text C:\Program Files (x86)\Schutzprogramme für Laptop\WinPatrol\WinPatrol.exe[1732] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075141465 2 bytes [14, 75]
.text C:\Program Files (x86)\Schutzprogramme für Laptop\WinPatrol\WinPatrol.exe[1732] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000751414bb 2 bytes [14, 75]
.text ... * 2
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[2312] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075141465 2 bytes [14, 75]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[2312] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000751414bb 2 bytes [14, 75]
.text ... * 2
---- Threads - GMER 2.1 ----
Thread C:\Windows\System32\svchost.exe [2904:2776] 000007fef8b69688
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
Code:
ATTFilter Malwarebytes Anti-Malware (PRO) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.09.30.09 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16686 sven :: AUDIA3 [Administrator] Schutz: Aktiviert 02.10.2013 09:47:11 mbam-log-2013-10-02 (09-47-11).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 341145 Laufzeit: 48 Minute(n), 47 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 6 HKCR\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} (PUP.Optional.Wajam) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\qvo6Software (PUP.Optional.qvo6.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo (PUP.Optional.Elex.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 1 HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Daten: 0Z1N1J -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateiobjekte der Registrierung: 3 HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL (Hijack.StartPage) -> Bösartig: (hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=SAMSUNGXHM321HI_S26VJ9FZ759395&ts=1380665898) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Bösartig: (hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=SAMSUNGXHM321HI_S26VJ9FZ759395&ts=1380665898) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL (Hijack.StartPage) -> Bösartig: (hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=SAMSUNGXHM321HI_S26VJ9FZ759395&ts=1380665898) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt. Infizierte Verzeichnisse: 3 C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1 (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateien: 14 C:\$RECYCLE.BIN\S-1-5-21-3457901039-3679683318-3372754741-1000\$RSS675L.exe (PUP.Optional.UpdateStar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\sven\AppData\Local\Temp\eIntaller\86EE0B754E504f44A2C643281BCC42C0\eGdpSvc.exe (PUP.Optional.DProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\sven\AppData\Local\Temp\eIntaller\86EE0B754E504f44A2C643281BCC42C0\eXQ.exe (PUP.Optional.Elex) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\sven\AppData\Local\Temp\is2036094744\1714241_stp\DeltaTB.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\sven\AppData\Local\Temp\is2036094744\1714358_stp\cor_ar_201392319852_qvo6.exe (PUP.Optional.Elex) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\sven\AppData\Local\Temp\is2036094744\1714367_stp\wajam_download.exe (PUP.Optional.Wajam) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\eng_rcp.dat (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\ExcludeList.rcp (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\German_rcp.dat (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_10-01-2013.log (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\results.rcp (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\TempHLList.rcp (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rmx (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rxb (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter Malwarebytes Anti-Malware (PRO) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.09.30.09 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16686 sven :: AUDIA3 [Administrator] Schutz: Aktiviert 02.10.2013 09:47:11 MBAM-log-2013-10-02 (11-44-04).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 341145 Laufzeit: 48 Minute(n), 47 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 6 HKCR\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} (PUP.Optional.Wajam.A) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} (PUP.Optional.Wajam) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Keine Aktion durchgeführt. HKCU\Software\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\qvo6Software (PUP.Optional.qvo6.A) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo (PUP.Optional.Elex.A) -> Keine Aktion durchgeführt. Infizierte Registrierungswerte: 1 HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Daten: 0Z1N1J -> Keine Aktion durchgeführt. Infizierte Dateiobjekte der Registrierung: 3 HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL (Hijack.StartPage) -> Bösartig: (hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=SAMSUNGXHM321HI_S26VJ9FZ759395&ts=1380665898) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Bösartig: (hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=SAMSUNGXHM321HI_S26VJ9FZ759395&ts=1380665898) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL (Hijack.StartPage) -> Bösartig: (hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=SAMSUNGXHM321HI_S26VJ9FZ759395&ts=1380665898) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt. Infizierte Verzeichnisse: 3 C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1 (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. Infizierte Dateien: 14 C:\$RECYCLE.BIN\S-1-5-21-3457901039-3679683318-3372754741-1000\$RSS675L.exe (PUP.Optional.UpdateStar.A) -> Keine Aktion durchgeführt. C:\Users\sven\AppData\Local\Temp\eIntaller\86EE0B754E504f44A2C643281BCC42C0\eGdpSvc.exe (PUP.Optional.DProtect.A) -> Keine Aktion durchgeführt. C:\Users\sven\AppData\Local\Temp\eIntaller\86EE0B754E504f44A2C643281BCC42C0\eXQ.exe (PUP.Optional.Elex) -> Keine Aktion durchgeführt. C:\Users\sven\AppData\Local\Temp\is2036094744\1714241_stp\DeltaTB.exe (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt. C:\Users\sven\AppData\Local\Temp\is2036094744\1714358_stp\cor_ar_201392319852_qvo6.exe (PUP.Optional.Elex) -> Keine Aktion durchgeführt. C:\Users\sven\AppData\Local\Temp\is2036094744\1714367_stp\wajam_download.exe (PUP.Optional.Wajam) -> Keine Aktion durchgeführt. C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\eng_rcp.dat (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\ExcludeList.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\German_rcp.dat (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_10-01-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\results.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\TempHLList.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. (Ende) [CODE]RogueKiller V8.7.0 _x64_ [Sep 30 2013] durch Tigzy mail: tigzyRK<at>gmail<dot>com mail : tigzyRK<at>gmail<dot>com Kommentare : hxxp://www.adlice.com/forum/ Webseite : hxxp://www.adlice.com/softwares/roguekiller/ Blog : hxxp://tigzyrk.blogspot.com/ Betriebssystem : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Gestartet in : Normaler Modus Benutzer : sven [Admin Rechte] Funktion : Scannen -- Datum : 10/02/2013 12:19:27 | ARK || FAK || MBR | ¤¤¤ Böswillige Prozesse : 1 ¤¤¤ [SUSP PATH][DLL] explorer.exe -- C:\ProgramData\AllDup\FEShlExt.dll [x] -> ABGELADEN ¤¤¤ Registry-Einträge : 2 ¤¤¤ [PROXY IE][PUM] HKCU\[...]\Internet Settings : ProxyServer (localhost:21320) -> GEFUNDEN [PROXY IE][PUM] HKCU\[...]\Internet Settings : ProxyEnable (1) -> GEFUNDEN ¤¤¤ Geplante Tasks : 0 ¤¤¤ ¤¤¤ Autostart-Einträge : 0 ¤¤¤ ¤¤¤ Web-Browsern : 0 ¤¤¤ ¤¤¤ Bestimmte Dateien / Ordner: ¤¤¤ ¤¤¤ Treiber : [NICHT GELADEN 0x0] ¤¤¤ ¤¤¤ Externe Hives: ¤¤¤ ¤¤¤ Infektion : ¤¤¤ ¤¤¤ Hosts-Datei: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com [...] ¤¤¤ MBR überprüfen: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standardlaufwerke) - SAMSUNG HM321HI ATA Device +++++ --- User --- [MBR] a9d237149bc844f44b63f635fe06476b [BSP] d2830fd171ddd0b154be88f68d35f4cb : KIWI Image system MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 20480 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 41945088 | Size: 100 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 42149888 | Size: 114688 Mo 3 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 277030912 | Size: 169975 Mo User = LL1 ... OK! User = LL2 ... OK! Abgeschlossen : << RKreport[0]_S_10022013_121927.txt >> |
|
02.10.2013, 15:07
| #5 |
| | Ständiger befall von viren oder malewareCode:
ATTFilter C:\ProgramData\Systweak\ASO3\Disk Optimizer\DefragReport\footer_left.jpg->C:\AdwCleaner\Quarantine\C\ProgramData\Systweak\ASO3\Disk Optimizer\DefragReport\footer_left.jpg.vir
C:\ProgramData\Systweak\ASO3\Disk Optimizer\DefragReport\footer_middle.jpg->C:\AdwCleaner\Quarantine\C\ProgramData\Systweak\ASO3\Disk Optimizer\DefragReport\footer_middle.jpg.vir
C:\ProgramData\Systweak\ASO3\Disk Optimizer\DefragReport\footer_right.jpg->C:\AdwCleaner\Quarantine\C\ProgramData\Systweak\ASO3\Disk Optimizer\DefragReport\footer_right.jpg.vir
C:\ProgramData\Systweak\ASO3\Disk Optimizer\DefragReport\left_border.jpg->C:\AdwCleaner\Quarantine\C\ProgramData\Systweak\ASO3\Disk Optimizer\DefragReport\left_border.jpg.vir
C:\ProgramData\Systweak\ASO3\Disk Optimizer\DefragReport\line3px_Blue.jpg->C:\AdwCleaner\Quarantine\C\ProgramData\Systweak\ASO3\Disk Optimizer\DefragReport\line3px_Blue.jpg.vir
C:\ProgramData\Systweak\ASO3\Disk Optimizer\DefragReport\Report_header_leftText.jpg->C:\AdwCleaner\Quarantine\C\ProgramData\Systweak\ASO3\Disk Optimizer\DefragReport\Report_header_leftText.jpg.vir
C:\ProgramData\Systweak\ASO3\Disk Optimizer\DefragReport\Report_header_left_image.jpg->C:\AdwCleaner\Quarantine\C\ProgramData\Systweak\ASO3\Disk Optimizer\DefragReport\Report_header_left_image.jpg.vir
C:\ProgramData\Systweak\ASO3\Disk Optimizer\DefragReport\Report_header_top_middle.jpg->C:\AdwCleaner\Quarantine\C\ProgramData\Systweak\ASO3\Disk Optimizer\DefragReport\Report_header_top_middle.jpg.vir
C:\ProgramData\Systweak\ASO3\Disk Optimizer\DefragReport\Report_header_top_right.jpg->C:\AdwCleaner\Quarantine\C\ProgramData\Systweak\ASO3\Disk Optimizer\DefragReport\Report_header_top_right.jpg.vir
C:\ProgramData\Systweak\ASO3\Disk Optimizer\DefragReport\right_border.jpg->C:\AdwCleaner\Quarantine\C\ProgramData\Systweak\ASO3\Disk Optimizer\DefragReport\right_border.jpg.vir
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\RegClean Pro entfernen.lnk->C:\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\RegClean Pro entfernen.lnk.vir
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\RegClean Pro.lnk->C:\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\RegClean Pro.lnk.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268.1000082.currentList.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268.1000082.currentList.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268.1000082.localStations.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268.1000082.localStations.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268.1000082.nowPlaying.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268.1000082.nowPlaying.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268.1000082.publisherStations.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268.1000082.publisherStations.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268.130203769566261461.search.selectedEngineId.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268.130203769566261461.search.selectedEngineId.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268.130203769566261461.search.settings.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268.130203769566261461.search.settings.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268.130203769566261461.search.user-enlargeBoxSettings.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268.130203769566261461.search.user-enlargeBoxSettings.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268.appOptions.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268.appOptions.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268.installUsage.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268.installUsage.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268.installUsageEarly.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268.installUsageEarly.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268.NotificationSettings.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268.NotificationSettings.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268.NOTIFICATION_ID.notifications-repository.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268.NOTIFICATION_ID.notifications-repository.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268.NOTIFICATION_ID.notifications-servicemap.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268.NOTIFICATION_ID.notifications-servicemap.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268.NOTIFICATION_ID.notifications-service_1796040.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268.NOTIFICATION_ID.notifications-service_1796040.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268.pg_conf_global.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268.pg_conf_global.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268.searchProtectorData.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268.searchProtectorData.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_10.20.1.8.serviceLayer_services_appsMetadata.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_10.20.1.8.serviceLayer_services_appsMetadata.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_10.20.1.8.serviceLayer_services_appTrackingFirstTime.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_10.20.1.8.serviceLayer_services_appTrackingFirstTime.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_10.20.1.8.serviceLayer_services_Configuration.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_10.20.1.8.serviceLayer_services_Configuration.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_10.20.1.8.serviceLayer_services_gottenAppsContextMenu.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_10.20.1.8.serviceLayer_services_gottenAppsContextMenu.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_10.20.1.8.serviceLayer_services_login.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_10.20.1.8.serviceLayer_services_login.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_10.20.1.8.serviceLayer_services_otherAppsContextMenu.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_10.20.1.8.serviceLayer_services_otherAppsContextMenu.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_10.20.1.8.serviceLayer_services_searchAPI.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_10.20.1.8.serviceLayer_services_searchAPI.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_10.20.1.8.serviceLayer_services_serviceMap.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_10.20.1.8.serviceLayer_services_serviceMap.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_10.20.1.8.serviceLayer_services_toolbarContextMenu.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_10.20.1.8.serviceLayer_services_toolbarContextMenu.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_10.20.1.8.serviceLayer_services_toolbarSettings.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_10.20.1.8.serviceLayer_services_toolbarSettings.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_10.20.1.8.serviceLayer_services_translation.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_10.20.1.8.serviceLayer_services_translation.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_RAW.serviceLayer_services_appsMetadata.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_RAW.serviceLayer_services_appsMetadata.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_RAW.serviceLayer_services_appTrackingFirstTime.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_RAW.serviceLayer_services_appTrackingFirstTime.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_RAW.serviceLayer_services_Configuration.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_RAW.serviceLayer_services_Configuration.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_RAW.serviceLayer_services_gottenAppsContextMenu.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_RAW.serviceLayer_services_gottenAppsContextMenu.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_RAW.serviceLayer_services_login.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_RAW.serviceLayer_services_login.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_RAW.serviceLayer_services_otherAppsContextMenu.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_RAW.serviceLayer_services_otherAppsContextMenu.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_RAW.serviceLayer_services_searchAPI.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_RAW.serviceLayer_services_searchAPI.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_RAW.serviceLayer_services_serviceMap.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_RAW.serviceLayer_services_serviceMap.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_RAW.serviceLayer_services_toolbarContextMenu.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_RAW.serviceLayer_services_toolbarContextMenu.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_RAW.serviceLayer_services_toolbarSettings.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_RAW.serviceLayer_services_toolbarSettings.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_RAW.serviceLayer_services_translation.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\CT3311268_RAW.serviceLayer_services_translation.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\serviceLayer_userApps_added.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\serviceLayer_userApps_added.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\ToolbarFullUserID.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\ToolbarFullUserID.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\ToolbarUserId.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\ToolbarUserId.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\toolbar_initializing_logger.txt.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\toolbar_initializing_logger.txt.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\uninstallData.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\uninstallData.txt.vir
C:\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\uninstallUrl.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\LocalLow\Conduit\ChromeExtData\ibcgjcbeckcdemelifnledhihpaighfk\Repository\uninstallUrl.txt.vir
C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\ExcludeList.rcp->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\ExcludeList.rcp.vir
C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\German_rcp.dat->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\German_rcp.dat.vir
C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_10-01-2013.log->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_10-01-2013.log.vir
C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\results.rcp->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\results.rcp.vir
C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\TempHLList.rcp->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\TempHLList.rcp.vir
C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rmx->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rmx.vir
C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rxb->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rxb.vir
C:\Users\sven\AppData\Roaming\Systweak\ASO3\keystatus.ini->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\ASO3\keystatus.ini.vir
C:\Users\sven\AppData\Roaming\Systweak\ASO3\status.lic->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\ASO3\status.lic.vir
C:\Users\sven\AppData\Roaming\Systweak\ASO3\System Files Backup and Restore\LastBkpDateTime.txt->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\ASO3\System Files Backup and Restore\LastBkpDateTime.txt.vir
C:\Users\sven\AppData\Roaming\Systweak\ASO3\PC Fixer\PC Fixer.log->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\ASO3\PC Fixer\PC Fixer.log.vir
C:\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Backup.dat->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Backup.dat.vir
C:\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download.dat->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download.dat.vir
C:\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\exc.xml->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\exc.xml.vir
C:\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\log_09-30-2013.log->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\log_09-30-2013.log.vir
C:\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\log_10-01-2013.log->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\log_10-01-2013.log.vir
C:\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\acpipnp0303.rar->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\acpipnp0303.rar.vir
C:\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\acpipnp0f13.exe->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\acpipnp0f13.exe.vir
C:\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\hdaudiofunc_01&ven_1002&dev_aa01&subsys_00aa0100&rev_1001.zip->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\hdaudiofunc_01&ven_1002&dev_aa01&subsys_00aa0100&rev_1001.zip.vir
C:\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\hdaudiofunc_01&ven_10ec&dev_0269&subsys_144dc07f.zip->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\hdaudiofunc_01&ven_10ec&dev_0269&subsys_144dc07f.zip.vir
C:\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\nmwcdvid_0421&pid_02e3&if_javacomm.zip->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\nmwcdvid_0421&pid_02e3&if_javacomm.zip.vir
C:\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\pciven_11ab&dev_4354.zip->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\pciven_11ab&dev_4354.zip.vir
C:\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\pciven_168c&dev_002b&subsys_7167144f.zip->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\pciven_168c&dev_002b&subsys_7167144f.zip.vir
C:\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\pciven_8086&dev_0044.exe->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\pciven_8086&dev_0044.exe.vir
C:\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\pciven_8086&dev_2448.exe->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\pciven_8086&dev_2448.exe.vir
C:\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\pciven_8086&dev_3b30.exe->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\pciven_8086&dev_3b30.exe.vir
C:\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\pciven_8086&dev_3b42.zip->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\pciven_8086&dev_3b42.zip.vir
C:\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\usbprinthpphotosmart_c4100_s3698.exe->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\usbprinthpphotosmart_c4100_s3698.exe.vir
C:\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\usbvid_03f0&pid_5711&mi_00.exe->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\usbvid_03f0&pid_5711&mi_00.exe.vir
C:\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\usbvid_03f0&pid_5711&mi_02.exe->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\usbvid_03f0&pid_5711&mi_02.exe.vir
C:\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\usbvid_045e&pid_00ce.rar->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\usbvid_045e&pid_00ce.rar.vir
C:\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\usbvid_058f&pid_6335.zip->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\usbvid_058f&pid_6335.zip.vir
C:\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\usbvid_0fce&pid_d039.rar->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\usbvid_0fce&pid_d039.rar.vir
C:\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\usbvid_1131&pid_1001.exe->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Download\usbvid_1131&pid_1001.exe.vir
C:\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Backup\DriverUpdaterBackup-Dienstag,01-Okt-2013_H08-M07-S36.zip->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Backup\DriverUpdaterBackup-Dienstag,01-Okt-2013_H08-M07-S36.zip.vir
C:\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Backup\DriverUpdaterBackup-Dienstag,01-Okt-2013_H09-M13-S01.zip->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\ASO3\Driver Updater\Backup\DriverUpdaterBackup-Dienstag,01-Okt-2013_H09-M13-S01.zip.vir
C:\Users\sven\AppData\Roaming\Systweak\ASO3\Checking for Updates\AppUpdates\LatestVersion.htm->C:\AdwCleaner\Quarantine\C\Users\sven\AppData\Roaming\Systweak\ASO3\Checking for Updates\AppUpdates\LatestVersion.htm.vir
C:\END->C:\AdwCleaner\Quarantine\C\END.vir
C:\Users\Public\Desktop\RegClean Pro.lnk->C:\AdwCleaner\Quarantine\C\Users\Public\Desktop\RegClean Pro.lnk.vir
C:\Windows\System32\roboot64.exe->C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir
C:\Windows\Tasks\RegClean Pro_UPDATES.job->C:\AdwCleaner\Quarantine\C\Windows\Tasks\RegClean Pro_UPDATES.job.vir
C:\Windows\System32\Tasks\RegClean Pro_UPDATES->C:\AdwCleaner\Quarantine\C\Windows\System32\Tasks\RegClean Pro_UPDATES.vir
|
|
03.10.2013, 07:24
| #6 | |
| /// the machine /// TB-Ausbilder | Ständiger befall von viren oder malewareCombofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ --> Ständiger befall von viren oder maleware |
|
03.10.2013, 10:07
| #7 |
| | Ständiger befall von viren oder maleware moin schrauber, kurze statement: *"qv06" hatte ich mir mit dem vermeintlichen neuen easy display manager eingefangen. wenn google chrom gestartet wird, ist qv06 meine startseite. überall wo ich verbindungen finden konnte, hatte ich die entfernt. aber trotzdem bleibt qv06 zäh *wieder mehrfache rechnerabstürze bzw auch einfrierungen *der neustart dauerte etwa 15 min *tastatur und mousepad fallen immer öfter aus. kann mich teilweise nur noch mit der virtuellen tastatur von kasperky behelfen es wäre nett von dir, wenn du mir zum abschluss einige ratschläge bzgl programme erteilen könntest. z.b. ob kasperky sinnvoll ist etc. oder kaspersky unterstützung von anderen programmen benötigt oder oder oder. so, hier die logfile von combofix. soll combofix wieder gelöscht werden? Code:
ATTFilter ComboFix 13-10-01.03 - sven 03.10.2013 10:38:05.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.7594.5404 [GMT 2:00]
ausgeführt von:: c:\users\sven\Desktop\ComboFix.exe
SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-09-03 bis 2013-10-03 ))))))))))))))))))))))))))))))
.
.
2013-10-03 08:46 . 2013-10-03 08:46 -------- dc----w- c:\users\Default\AppData\Local\temp
2013-10-03 08:46 . 2013-10-03 08:46 -------- dc----w- c:\users\Admin\AppData\Local\temp
2013-10-02 20:31 . 2013-10-02 20:34 -------- dc----w- c:\windows\system32\catroot2
2013-10-02 16:23 . 2013-10-02 16:23 -------- dc----w- c:\users\DefaultAppPool
2013-10-02 11:35 . 2013-10-02 11:35 -------- dc----w- c:\program files (x86)\7-Zip
2013-10-02 10:19 . 2013-10-02 10:19 57856 -c--a-w- c:\windows\system32\drivers\TsUsbFlt.sys.bak
2013-10-02 10:18 . 2013-10-02 10:18 61440 -c--a-w- c:\windows\system32\drivers\appid.sys.bak
2013-10-02 08:08 . 2013-10-02 08:08 -------- dc----w- C:\FRST
2013-10-02 06:20 . 2013-10-02 06:20 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8F803338-FEFC-420D-B59C-C38143DC9008}\offreg.dll
2013-10-01 22:18 . 2013-10-01 22:18 -------- dc----w- c:\users\sven\AppData\Local\BonanzaDealsLive
2013-10-01 22:18 . 2013-10-01 22:18 -------- dc----w- c:\programdata\BonanzaDealsLive
2013-10-01 22:18 . 2013-10-01 22:32 -------- dc----w- c:\programdata\eSafe
2013-10-01 19:14 . 2013-10-01 19:14 -------- dc----w- c:\program files\ATI Technologies
2013-10-01 19:14 . 2013-10-02 08:03 -------- dc----w- c:\program files\Apoint2K
2013-10-01 19:13 . 2013-02-28 19:29 116056 -c--a-w- c:\windows\system32\Vxdif.dll
2013-10-01 19:13 . 2013-04-23 08:32 495408 -c--a-w- c:\windows\system32\drivers\Apfiltr.sys
2013-10-01 08:02 . 2013-10-03 08:19 -------- dc----w- c:\users\sven\AppData\Roaming\Systweak
2013-10-01 07:48 . 2013-09-15 22:50 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8F803338-FEFC-420D-B59C-C38143DC9008}\mpengine.dll
2013-10-01 07:48 . 2013-10-01 07:51 -------- dc----w- C:\AdwCleaner
2013-09-30 21:30 . 2013-10-01 06:16 -------- dc----w- c:\programdata\Spybot - Search & Destroy
2013-09-30 21:30 . 2009-01-25 11:14 17272 -c--a-w- c:\windows\system32\sdnclean64.exe
2013-09-30 21:30 . 2013-09-30 21:30 -------- dc----w- c:\program files (x86)\Spybot - Search & Destroy 2
2013-09-30 21:22 . 2013-09-30 21:22 51496 -c--a-w- c:\windows\system32\drivers\stflt.sys
2013-09-30 21:21 . 2013-10-02 10:18 -------- dc----w- c:\users\sven\AppData\Local\CrashDumps
2013-09-30 21:10 . 2013-09-30 21:10 -------- dc----w- c:\windows\Repair
2013-09-30 21:01 . 2013-09-30 21:03 -------- dc----w- c:\program files (x86)\Advanced System Optimizer 3
2013-09-30 20:26 . 2013-09-30 20:37 -------- dc----w- c:\programdata\SecTaskMan
2013-09-30 18:50 . 2013-09-30 18:50 -------- dc----w- c:\users\sven\AppData\Local\CRE
2013-09-30 18:48 . 2013-09-30 18:50 -------- dc----w- c:\users\sven\AppData\Roaming\DAEMON Tools Lite
2013-09-30 16:50 . 2013-09-30 16:50 615936 -c--a-w- c:\windows\AutoKMS.exe
2013-09-30 10:33 . 2013-10-01 08:41 8192 ----a-w- c:\windows\SysWow64\iisrstap.dll
2013-09-30 10:33 . 2013-10-01 08:41 60928 ----a-w- c:\windows\system32\ahadmin.dll
2013-09-30 10:33 . 2013-10-01 08:41 55296 ----a-w- c:\windows\system32\admwprox.dll
2013-09-30 10:33 . 2013-10-01 08:41 50688 ----a-w- c:\windows\SysWow64\admwprox.dll
2013-09-30 10:33 . 2013-10-01 08:41 26624 ----a-w- c:\windows\SysWow64\ahadmin.dll
2013-09-30 10:33 . 2013-10-01 08:41 192000 ----a-w- c:\windows\system32\iisRtl.dll
2013-09-30 10:33 . 2013-10-01 08:41 16896 ----a-w- c:\windows\system32\iisreset.exe
2013-09-30 10:33 . 2013-10-01 08:41 154624 ----a-w- c:\windows\SysWow64\iisRtl.dll
2013-09-30 10:33 . 2013-10-01 08:41 15360 ----a-w- c:\windows\SysWow64\iisreset.exe
2013-09-30 10:33 . 2013-10-01 08:41 14848 ----a-w- c:\windows\system32\wamregps.dll
2013-09-30 10:33 . 2013-10-01 08:41 11264 ----a-w- c:\windows\system32\iisrstap.dll
2013-09-30 10:33 . 2013-10-01 08:41 10752 ----a-w- c:\windows\SysWow64\wamregps.dll
2013-09-30 09:57 . 2013-09-30 09:57 -------- dc----w- c:\program files\Microsoft Synchronization Services
2013-09-28 19:04 . 2013-09-28 19:04 -------- dc----w- c:\program files (x86)\Common Files\Java
2013-09-28 19:04 . 2013-09-28 19:03 868264 -c--a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-09-28 19:04 . 2013-09-28 19:03 790440 -c--a-w- c:\windows\SysWow64\deployJava1.dll
2013-09-28 19:04 . 2013-09-28 19:03 96168 -c--a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-09-28 19:03 . 2013-09-28 19:03 -------- dc----w- c:\program files (x86)\Java
2013-09-28 17:31 . 2013-09-28 22:50 -------- dc----w- c:\users\sven\AppData\Roaming\AllDup
2013-09-28 17:31 . 2013-09-28 17:31 -------- dc----w- c:\programdata\AllDup
2013-09-28 17:31 . 2010-10-13 04:42 2369456 -c--a-w- c:\windows\SysWow64\Codejock.CommandBars.v13.4.2.ocx
2013-09-28 17:31 . 2010-08-20 19:53 86016 -c--a-w- c:\windows\SysWow64\mtSplitter.ocx
2013-09-28 17:31 . 2010-06-11 08:50 89888 -c--a-w- c:\windows\SysWow64\mtFrame.ocx
2013-09-28 17:31 . 2010-06-01 12:45 1005088 -c--a-w- c:\windows\SysWow64\TList8.ocx
2013-09-28 17:31 . 2010-03-25 08:33 171752 -c--a-w- c:\windows\SysWow64\mtRTF2.ocx
2013-09-28 17:31 . 2009-10-12 22:02 44736 -c--a-w- c:\windows\SysWow64\mtSubclass.dll
2013-09-28 17:31 . 2009-10-12 22:01 77504 -c--a-w- c:\windows\SysWow64\mtScrollContainer.ocx
2013-09-28 17:31 . 2008-01-29 05:57 450560 -c--a-w- c:\windows\SysWow64\fldrvw90.ocx
2013-09-27 15:35 . 2013-09-27 15:35 -------- dc----w- c:\users\sven\AppData\Local\Programs
2013-09-27 14:02 . 2013-09-27 14:02 -------- dc--a-w- c:\windows\VDLL.DLL
2013-09-27 14:02 . 2013-09-27 14:02 -------- dc--a-w- c:\windows\SysWow64\runouce.exe
2013-09-27 14:02 . 2013-09-27 14:02 -------- dc--a-w- c:\windows\rundll16.exe
2013-09-27 14:02 . 2013-09-27 14:02 -------- dc--a-w- c:\windows\RUNDL132.EXE
2013-09-27 14:02 . 2013-09-27 14:02 -------- dc--a-w- c:\windows\logo1_.exe
2013-09-27 14:02 . 2013-09-27 14:02 -------- dc--a-w- c:\windows\logo_1.exe
2013-09-27 13:59 . 2013-09-27 14:54 -------- dcsh--w- c:\windows\SysWow64\AI_RecycleBin
2013-09-27 13:57 . 2013-09-27 14:54 -------- dc----w- c:\programdata\Soluto
2013-09-27 13:41 . 2013-09-27 13:41 632064 -c--a-w- c:\windows\SysWow64\msvcr80.dll
2013-09-27 13:41 . 2013-09-27 13:41 554240 -c--a-w- c:\windows\SysWow64\msvcp80.dll
2013-09-27 13:41 . 2013-09-27 13:41 34048 -c--a-w- c:\windows\SysWow64\eEmpty.exe
2013-09-27 13:41 . 2013-09-27 13:41 -------- dc----w- c:\programdata\MicroWorld
2013-09-23 11:15 . 2013-05-10 07:39 592672 -c--a-w- c:\windows\system32\Spool\prtprocs\x64\hpcpp150.dll
2013-09-23 09:58 . 2013-09-30 09:57 -------- dc----w- c:\program files\Common Files\DESIGNER
2013-09-23 09:54 . 2013-09-28 22:10 -------- dc----w- c:\program files\Common Files\SYSTEM
2013-09-23 09:32 . 2013-09-23 09:32 -------- dc----w- c:\users\Admin\AppData\Local\Google
2013-09-23 05:43 . 2013-09-23 05:43 -------- dc----w- c:\program files (x86)\Toshiba
2013-09-22 22:04 . 2007-09-14 21:12 9856 -c--a-w- c:\windows\system32\drivers\wstbtndb.sys
2013-09-22 22:04 . 2007-09-14 21:12 1459712 -c--a-w- c:\windows\system32\wstbtnrb.dll
2013-09-22 21:53 . 2013-09-22 21:53 -------- dc----w- c:\program files (x86)\Lenovo
2013-09-22 21:53 . 2013-09-22 21:53 -------- dc----w- c:\users\sven\AppData\Roaming\InstallShield
2013-09-22 21:53 . 2013-09-22 21:53 -------- dc----w- c:\windows\Dell
2013-09-22 21:48 . 2013-10-01 19:17 -------- dc----w- C:\temp
2013-09-22 20:54 . 2013-09-22 20:54 -------- dc----w- c:\users\sven\AppData\Local\WinSweeper
2013-09-22 20:54 . 2013-09-22 20:54 -------- dc----w- c:\program files (x86)\WinSweeper
2013-09-22 20:13 . 2013-09-22 20:13 -------- dc----w- c:\users\sven\AppData\Roaming\Solvusoft
2013-09-22 20:13 . 2013-09-22 20:13 -------- dc----w- c:\program files (x86)\DriverDoc
2013-09-22 16:41 . 2013-09-22 16:41 -------- dc----w- c:\users\sven\AppData\Roaming\ZoomBrowser EX
2013-09-22 16:38 . 2013-09-22 16:38 -------- dc----w- c:\users\sven\AppData\Roaming\Canon
2013-09-22 16:30 . 2013-09-22 16:30 -------- dc----w- c:\programdata\ZoomBrowser
2013-09-22 16:29 . 2013-09-22 16:43 -------- dc----w- c:\program files (x86)\Canon
2013-09-20 14:12 . 2009-07-14 01:41 230400 -c--a-w- c:\windows\system32\Spool\prtprocs\x64\hpzppw71.dll
2013-09-16 13:08 . 2013-09-16 13:08 21712 -c--a-w- c:\windows\SysWow64\drivers\DrvAgent64.SYS
2013-09-16 13:08 . 2013-09-16 13:08 -------- dc----w- c:\users\sven\AppData\Local\eSupport.com
2013-09-16 12:55 . 2013-09-16 12:55 -------- dc----w- c:\program files\CPUID
2013-09-16 11:31 . 2013-09-16 11:31 -------- dc----w- C:\RegBackup
2013-09-14 17:15 . 2013-09-14 17:15 -------- dc----w- c:\users\Default\AppData\Local\Microsoft Help
2013-09-14 12:33 . 2013-09-14 12:33 -------- dc----w- c:\program files (x86)\Microsoft SQL Server
2013-09-14 12:33 . 2013-09-14 12:33 -------- dc----w- c:\program files\Microsoft.NET
2013-09-14 12:32 . 2013-09-14 12:32 -------- dc----w- c:\programdata\regid.1991-06.com.microsoft
2013-09-14 12:31 . 2013-09-14 12:33 -------- dc----w- c:\program files\Microsoft SQL Server
2013-09-14 12:31 . 2013-09-14 12:31 -------- dc----w- c:\windows\PCHEALTH
2013-09-14 12:28 . 2013-09-14 12:28 -------- dc----w- c:\program files\Microsoft Analysis Services
2013-09-14 12:28 . 2013-09-14 12:28 -------- dc----w- c:\program files (x86)\Microsoft Analysis Services
2013-09-14 12:28 . 2013-09-30 09:56 -------- dc----w- c:\program files\Microsoft Office
2013-09-14 11:26 . 2013-09-29 21:16 -------- dc----w- c:\program files (x86)\MO 2013
2013-09-12 20:07 . 2013-09-12 20:07 -------- dc----w- c:\users\sven\AppData\Roaming\TuneUp Software
2013-09-12 20:07 . 2013-09-24 07:13 -------- dc----w- c:\program files (x86)\TuneUp Utilities 2014
2013-09-12 20:06 . 2013-09-12 20:11 -------- dcsh--w- c:\programdata\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-09-12 19:19 . 2013-09-23 09:26 -------- dc----w- c:\users\Admin\AppData\Roaming\TuneUp Software
2013-09-12 19:18 . 2013-09-12 19:18 -------- dc----w- c:\users\Admin\AppData\Roaming\WinPatrol
2013-09-11 19:59 . 2013-09-11 20:01 -------- dc----w- c:\program files (x86)\Google
2013-09-11 17:20 . 2013-09-30 09:17 -------- dc----w- c:\program files (x86)\Microsoft.NET
2013-09-10 21:50 . 2013-10-02 20:37 -------- dc----w- c:\program files (x86)\Schutzprogramme für Laptop
2013-09-10 21:12 . 2013-08-05 02:25 155584 -c--a-w- c:\windows\system32\drivers\ataport.sys
2013-09-10 21:01 . 2013-09-10 21:01 -------- dc----w- c:\users\sven\AppData\Roaming\WinPatrol
2013-09-10 21:01 . 2013-09-10 21:01 -------- dc----w- c:\programdata\InstallMate
2013-09-10 20:15 . 2013-09-12 05:18 -------- dc----w- c:\users\Public\Recorded TV
2013-09-10 20:00 . 2013-09-10 20:00 -------- dc----w- c:\program files\Uninstall Information
2013-09-10 19:58 . 2013-09-28 22:28 -------- dc----w- c:\windows\SysWow64\wbem\Performance
2013-09-10 19:40 . 2013-09-10 19:43 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-09-10 19:40 . 2013-09-10 19:43 197120 ----a-w- c:\windows\system32\shdocvw.dll
2013-09-10 19:40 . 2013-09-10 19:44 3968960 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-09-10 19:40 . 2013-09-10 19:44 5550528 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-09-10 19:40 . 2013-09-10 19:44 424448 ----a-w- c:\windows\system32\KernelBase.dll
2013-09-10 19:40 . 2013-09-10 19:44 3913664 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-20 16:39 . 2012-06-05 19:21 71048 -c--a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-20 16:39 . 2012-06-05 19:21 692616 -c--a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-10 19:44 . 2011-01-02 19:58 79143768 -c--a-w- c:\windows\system32\MRT.exe
2013-09-09 13:29 . 2011-01-23 13:31 40760 -c--a-w- c:\windows\system32\TURegOpt.exe
2013-09-09 13:29 . 2011-01-23 13:31 43320 -c--a-w- c:\windows\system32\uxtuneup.dll
2013-09-09 13:29 . 2011-01-23 13:31 36152 -c--a-w- c:\windows\SysWow64\uxtuneup.dll
2013-09-09 13:29 . 2011-01-23 13:31 29496 -c--a-w- c:\windows\system32\authuitu.dll
2013-09-09 13:29 . 2011-01-23 13:31 25400 -c--a-w- c:\windows\SysWow64\authuitu.dll
2013-08-28 03:23 . 2013-08-28 03:23 2103040 -c--a-w- c:\windows\system32\WavesGUILib64.dll
2013-08-28 03:23 . 2013-08-28 03:23 947248 -c--a-w- c:\windows\system32\SFSS_APO.dll
2013-08-28 03:23 . 2013-08-28 03:23 81248 -c--a-w- c:\windows\system32\SFCOM64.dll
2013-08-28 03:23 . 2013-08-28 03:23 78688 -c--a-w- c:\windows\system32\SFAPO64.dll
2013-08-28 03:23 . 2013-08-28 03:23 74064 -c--a-w- c:\windows\SysWow64\SFCOM.dll
2013-08-28 03:23 . 2013-08-28 03:23 221024 -c--a-w- c:\windows\system32\SFNHK64.dll
2013-08-28 03:23 . 2013-08-28 03:23 1662024 -c--a-w- c:\windows\system32\RTSnMg64.cpl
2013-08-28 03:23 . 2013-08-28 03:23 2809048 -c--a-w- c:\windows\system32\RtPgEx64.dll
2013-08-28 03:23 . 2013-08-28 03:23 3606232 -c--a-w- c:\windows\system32\drivers\RTKVHD64.sys
2013-08-28 03:23 . 2013-08-28 03:23 331880 -c--a-w- c:\windows\system32\RtlCPAPI64.dll
2013-08-28 03:23 . 2013-08-28 03:23 149608 -c--a-w- c:\windows\system32\RtkCfg64.dll
2013-08-28 03:23 . 2013-08-28 03:23 14952 -c--a-w- c:\windows\system32\RtkCoLDR64.dll
2013-08-28 03:23 . 2013-08-28 03:23 78680 -c--a-w- c:\windows\system32\RTEEG64A.dll
2013-08-28 03:23 . 2013-08-28 03:23 617176 -c--a-w- c:\windows\system32\RtDataProc64.dll
2013-08-28 03:23 . 2013-08-28 03:23 375128 -c--a-w- c:\windows\system32\RTEEP64A.dll
2013-08-28 03:23 . 2013-08-28 03:23 310104 -c--a-w- c:\windows\system32\RP3DHT64.dll
2013-08-28 03:23 . 2013-08-28 03:23 2585816 -c--a-w- c:\windows\system32\RtkAPO64.dll
2013-08-28 03:23 . 2013-08-28 03:23 204120 -c--a-w- c:\windows\system32\RTEED64A.dll
2013-08-28 03:23 . 2013-08-28 03:23 1284680 -c--a-w- c:\windows\system32\RTCOM64.dll
2013-08-28 03:23 . 2013-08-28 03:23 101208 -c--a-w- c:\windows\system32\RTEEL64A.dll
2013-08-28 03:23 . 2013-08-28 03:23 1005784 -c--a-w- c:\windows\system32\RtkApi64.dll
2013-08-28 03:23 . 2013-08-28 03:23 310104 -c--a-w- c:\windows\system32\RP3DAA64.dll
2013-08-28 03:23 . 2013-08-28 03:23 31870464 -c--a-w- c:\windows\system32\RCoRes64.dat
2013-08-28 03:23 . 2013-08-28 03:23 147672 -c--a-w- c:\windows\system32\RCoInstII64.dll
2013-08-28 03:23 . 2013-08-28 03:23 75024 -c--a-w- c:\windows\system32\R4EEG64A.dll
2013-08-28 03:23 . 2013-08-28 03:23 7164176 -c--a-w- c:\windows\system32\R4EEP64A.dll
2013-08-28 03:23 . 2013-08-28 03:23 434960 -c--a-w- c:\windows\system32\R4EED64A.dll
2013-08-28 03:23 . 2013-08-28 03:23 141584 -c--a-w- c:\windows\system32\R4EEL64A.dll
2013-08-28 03:23 . 2013-08-28 03:23 124176 -c--a-w- c:\windows\system32\R4EEA64A.dll
2013-08-28 03:23 . 2013-08-28 03:23 662784 -c--a-w- c:\windows\system32\MaxxVolumeSDAPO.dll
2013-08-28 03:23 . 2013-08-28 03:23 14048512 -c--a-w- c:\windows\system32\MaxxAudioRealtek64.dll
2013-08-28 03:23 . 2013-08-28 03:23 922880 -c--a-w- c:\windows\system32\MaxxAudioAPOShell64.dll
2013-08-28 03:23 . 2013-08-28 03:23 663296 -c--a-w- c:\windows\system32\MaxxAudioAPO30.dll
2013-08-28 03:23 . 2013-08-28 03:23 318808 -c--a-w- c:\windows\system32\MaxxAudioAPO20.dll
2013-08-28 03:23 . 2013-08-28 03:23 2032896 -c--a-w- c:\windows\system32\MaxxAudioEQ64.dll
2013-08-28 03:23 . 2013-08-28 03:23 603984 -c--a-w- c:\windows\system32\KAAPORT64.dll
2013-08-28 03:23 . 2013-08-28 03:23 2743328 -c--a-w- c:\windows\system32\FMAPO64.dll
2013-08-28 03:23 . 2013-08-28 03:23 712296 -c--a-w- c:\windows\system32\DTSSymmetryDLL64.dll
2013-08-28 03:23 . 2013-08-28 03:23 693352 -c--a-w- c:\windows\system32\DTSVoiceClarityDLL64.dll
2013-08-28 03:23 . 2013-08-28 03:23 491112 -c--a-w- c:\windows\system32\DTSNeoPCDLL64.dll
2013-08-28 03:23 . 2013-08-28 03:23 432744 -c--a-w- c:\windows\system32\DTSLimiterDLL64.dll
2013-08-28 03:23 . 2013-08-28 03:23 428648 -c--a-w- c:\windows\system32\DTSGainCompensatorDLL64.dll
2013-08-28 03:23 . 2013-08-28 03:23 242792 -c--a-w- c:\windows\system32\DTSLFXAPO64.dll
2013-08-28 03:23 . 2013-08-28 03:23 242792 -c--a-w- c:\windows\system32\DTSGFXAPO64.dll
2013-08-28 03:23 . 2013-08-28 03:23 241768 -c--a-w- c:\windows\system32\DTSGFXAPONS64.dll
2013-08-28 03:23 . 2013-08-28 03:23 1756264 -c--a-w- c:\windows\system32\DTSS2SpeakerDLL64.dll
2013-08-28 03:23 . 2013-08-28 03:23 1568360 -c--a-w- c:\windows\system32\DTSS2HeadphoneDLL64.dll
2013-08-28 03:23 . 2013-08-28 03:23 728680 -c--a-w- c:\windows\system32\DTSBassEnhancementDLL64.dll
2013-08-28 03:23 . 2013-08-28 03:23 6219096 -c--a-w- c:\windows\system32\DDPP64A.dll
2013-08-28 03:23 . 2013-08-28 03:23 312152 -c--a-w- c:\windows\system32\DDPO64A.dll
2013-08-28 03:23 . 2013-08-28 03:23 1908568 -c--a-w- c:\windows\system32\DDPD64A.dll
2013-08-28 03:23 . 2013-08-28 03:23 1486952 -c--a-w- c:\windows\system32\DTSBoostDLL64.dll
2013-08-28 03:23 . 2013-08-28 03:23 261464 -c--a-w- c:\windows\system32\DDPA64.dll
2013-08-28 03:23 . 2013-08-28 03:23 113576 -c--a-w- c:\windows\system32\CONEQMSAPOGUILibrary.dll
2013-08-28 03:23 . 2013-08-28 03:23 208072 -c--a-w- c:\windows\system32\AERTAC64.dll
2013-08-28 03:23 . 2013-08-28 03:23 108640 -c--a-w- c:\windows\system32\AERTAR64.dll
2013-08-16 15:21 . 2013-08-16 15:04 224256 ----a-w- c:\windows\system32\wintrust.dll
2013-08-16 15:21 . 2013-08-16 15:04 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-08-16 15:21 . 2013-08-16 15:04 175104 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-08-16 15:21 . 2013-08-16 15:04 1472512 ----a-w- c:\windows\system32\crypt32.dll
2013-08-16 15:21 . 2013-08-16 15:04 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-08-16 15:21 . 2013-08-16 15:04 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-08-16 15:21 . 2013-08-16 15:04 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-08-16 15:21 . 2013-08-16 15:04 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-08-16 15:19 . 2013-08-16 15:04 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-08-16 15:19 . 2013-08-16 15:04 2048 ----a-w- c:\windows\system32\tzres.dll
2013-08-16 15:14 . 2013-08-16 15:04 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-16 15:14 . 2013-08-16 15:04 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-08-16 15:14 . 2013-08-16 15:03 1217024 ----a-w- c:\windows\system32\rpcrt4.dll
2013-08-16 15:14 . 2013-08-16 15:03 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-08-16 15:10 . 2013-08-16 15:03 39936 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2013-08-16 15:10 . 2013-08-16 15:03 1910208 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-08-07 02:22 . 2011-01-07 16:33 278800 -c----w- c:\windows\system32\MpSigStub.exe
2013-08-05 09:50 . 2010-06-01 00:58 53248 -c--a-w- c:\windows\SysWow64\CSVer.dll
2013-07-20 20:21 . 2013-07-20 20:09 624128 ----a-w- c:\windows\system32\qedit.dll
2013-07-20 20:21 . 2013-07-20 20:09 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2013-07-20 20:10 . 2013-07-20 20:08 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-07-20 20:10 . 2013-07-20 20:08 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" [2013-01-19 356376]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R4 bonanzadealslive;BonanzaDealsLive-Dienst (bonanzadealslive);c:\program files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe;c:\program files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [x]
R4 bonanzadealslivem;BonanzaDealsLive-Dienst (bonanzadealslivem);c:\program files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe;c:\program files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [x]
R4 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [x]
R4 Rezip;Rezip;c:\windows\SysWOW64\Rezip.exe;c:\windows\SysWOW64\Rezip.exe [x]
R4 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Schutzprogramme für Laptop\Secunia\PSI\psia.exe;c:\program files (x86)\Schutzprogramme für Laptop\Secunia\PSI\psia.exe [x]
R4 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Schutzprogramme für Laptop\Secunia\PSI\sua.exe;c:\program files (x86)\Schutzprogramme für Laptop\Secunia\PSI\sua.exe [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys;c:\windows\SYSNATIVE\Drivers\SABI.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 ASO3DiskOptimizer;ASO3DiskOptimizer;c:\program files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe;c:\program files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Schutzprogramme für Laptop\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Schutzprogramme für Laptop\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Schutzprogramme für Laptop\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Schutzprogramme für Laptop\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-18 18:34 1177552 -c--a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-10-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-05 16:39]
.
2013-10-01 c:\windows\Tasks\ASO-AutoCheckUpdate7Days.job
- c:\program files (x86)\Advanced System Optimizer 3\CheckUpdate.exe [2013-09-30 10:10]
.
2013-10-01 c:\windows\Tasks\ASO-OneClickCare.job
- c:\program files (x86)\Advanced System Optimizer 3\ASO3.exe [2013-09-30 10:10]
.
2013-09-27 c:\windows\Tasks\DriverDoc.job
- c:\program files (x86)\DriverDoc\Solvusoftdd.exe [2013-09-22 17:06]
.
2013-09-27 c:\windows\Tasks\DriverDoc_UPDATES.job
- c:\program files (x86)\DriverDoc\Solvusoftdd.exe [2013-09-22 17:06]
.
2013-10-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-09-11 19:59]
.
2013-10-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-09-11 19:59]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-07-13 02:37 2328776 -c--a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-07-13 02:37 2328776 -c--a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-07-13 02:37 2328776 -c--a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinPatrol"="c:\program files (x86)\Schutzprogramme für Laptop\WinPatrol\winpatrol.exe" [2013-09-05 441408]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uSearch Page = hxxp://www.google.com
uStart Page = hxxp://gmx.de/
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SYSTEM32\blank.htm
mDefault_Page_URL = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Hinzufügen zu Anti-Banner - c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Notify-SDWinLogon - SDWinLogon.dll
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2487367 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2656351 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2736428 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2742595 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2604121 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656351 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2729449 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2736428 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2737019 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2742595 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2789642 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2804576 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2835393 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2840628v2 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
Zeit der Fertigstellung: 2013-10-03 10:57:10
ComboFix-quarantined-files.txt 2013-10-03 08:57
.
Vor Suchlauf: 15 Verzeichnis(se), 44.779.855.872 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 44.616.069.120 Bytes frei
.
- - End Of File - - C2CE990E670DD6F3890A2A57EC3B6C4E
2E5DEBB2116B3417023E0D6562D7ED07
|
|
04.10.2013, 01:37
| #8 |
| /// the machine /// TB-Ausbilder | Ständiger befall von viren oder maleware Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.10.2013, 08:54
| #9 |
| | Ständiger befall von viren oder maleware moin schrauber, kurz zu heute: *mousepad und tastatur komplett ausgefallen, auch virtuelle tastatur. ging nur noch über zweiten rechner und usb stick *nach einer weile sprang der lüfter wie verrückt an, der rechner arbeitete und die tastatur ging wieder kurzfristig so, es jetzt zu den logs. Code:
ATTFilter Malwarebytes Anti-Malware (PRO) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.09.30.09 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16686 sven :: AUDIA3 [Administrator] Schutz: Deaktiviert 04.10.2013 08:52:20 mbam-log-2013-10-04 (08-52-20).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 245985 Laufzeit: 3 Minute(n), 11 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 1 HKCU\Software\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 2 C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1 (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateien: 5 C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\ExcludeList.rcp (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\German_rcp.dat (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_10-03-2013.log (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\results.rcp (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\TempHLList.rcp (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter # AdwCleaner v3.006 - Bericht erstellt am 04/10/2013 um 09:12:38
# Updated 01/10/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : sven - AUDIA3
# Gestartet von : C:\Users\sven\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : bonanzadealslive
[#] Dienst Gelöscht : bonanzadealslivem
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\BonanzaDealsLive
Ordner Gelöscht : C:\ProgramData\eSafe
Ordner Gelöscht : C:\Users\sven\AppData\Local\BonanzaDealsLive
Ordner Gelöscht : C:\Users\sven\AppData\Roaming\Systweak
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\Users\sven\Desktop\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\sven\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\sven\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\sven\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKLM\Software\systweak
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16686
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Google Chrome v29.0.1547.76
[ Datei : C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht : homepage
*************************
AdwCleaner[R10].txt - [8570 octets] - [01/10/2013 09:48:11]
AdwCleaner[R11].txt - [3847 octets] - [04/10/2013 09:11:35]
AdwCleaner[S6].txt - [8351 octets] - [01/10/2013 09:51:10]
AdwCleaner[S7].txt - [2565 octets] - [04/10/2013 09:12:38]
########## EOF - C:\AdwCleaner\AdwCleaner[S7].txt - [2625 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.3 (09.27.2013:1)
OS: Windows 7 Home Premium x64
Ran by sven on 04.10.2013 at 9:22:40,74
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3457901039-3679683318-3372754741-1000\Software\SweetIM
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6FC070F5-1E3D-461A-846B-2588CEC7EFB1}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\sven\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\sven\appdata\local\cre"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.10.2013 at 9:28:41,77
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by sven (administrator) on AUDIA3 on 04-10-2013 09:32:40
Running from C:\Users\sven\Desktop\LOGFILE\FRST64
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Systweak Software, (www.systweak.com)) C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Schutzprogramme für Laptop\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Schutzprogramme für Laptop\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Schutzprogramme für Laptop\Malwarebytes' Anti-Malware\mbamgui.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(BillP Studios) C:\Program Files (x86)\Schutzprogramme für Laptop\WinPatrol\WinPatrol.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\klwtblfs.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [WinPatrol] - C:\Program Files (x86)\Schutzprogramme für Laptop\WinPatrol\winpatrol.exe [441408 2013-09-05] (BillP Studios)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356376 2013-01-19] (Kaspersky Lab ZAO)
==================== Internet (Whitelisted) ====================
ProxyServer: localhost:21320
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://gmx.de/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://gmx.net/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll ()
CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U40) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Nokia Suite Enabler Plugin) - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.400.43) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.13_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\camnampocfohlcgbajligmemmabnljcm\1.2_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbhfdchmklhpcngcgjmpdbjakdggkkjp\3.2.2_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.5_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk\2.4_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Kaspersky URL Advisor) - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0
CHR Extension: (WOT Safe Search) - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddcihbboebboehpkkdfdkhbodacmmfkk\2_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm\0.14.2.2_0
CHR Extension: (TrashMail.net: Create disposable address) - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihbdpohplcdnhllhliaeapefmmpcdjo\1.0.10_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.7_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0
CHR Extension: (Safe Money) - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0
CHR Extension: (Stop & Hide \u2192 Instant Escape from Angry Boss) - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilokdhmdlnaoiaagjjljbegopnmopgnm\1.0.0.17_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4292_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhgnmngkgolhffjjdaipkkjbmbnpefef\1.2.3_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [ibcgjcbeckcdemelifnledhihpaighfk] - C:\Users\sven\AppData\Local\CRE\ibcgjcbeckcdemelifnledhihpaighfk.crx
CHR HKLM-x32\...\Chrome\Extension: [ieadcoanfjloocmfafkebdnfefmohngj] - C:\Program Files (x86)\BonanzaDeals\BonanzaDeals.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 ASO3DiskOptimizer; C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe [264488 2013-09-18] (Systweak Software, (www.systweak.com))
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356376 2013-01-19] (Kaspersky Lab ZAO)
S4 CCALib8; C:\Program Files (x86)\Canon\CAL\CALMAIN.exe [96341 2005-09-30] (Canon Inc.)
S4 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-06-13] (Freemake)
R2 MBAMScheduler; C:\Program Files (x86)\Schutzprogramme für Laptop\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Schutzprogramme für Laptop\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S4 Rezip; C:\Windows\SysWOW64\Rezip.exe [311296 2009-03-05] ()
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
S4 Secunia PSI Agent; C:\Program Files (x86)\Schutzprogramme für Laptop\Secunia\PSI\psia.exe [1228504 2013-07-03] (Secunia)
S4 Secunia Update Agent; C:\Program Files (x86)\Schutzprogramme für Laptop\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2100024 2013-09-09] (TuneUp Software)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2013-09-30] (Microsoft Corporation)
S2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [x]
==================== Drivers (Whitelisted) ====================
R1 HBtnKey; C:\Windows\System32\DRIVERS\wstbtndb.sys [9856 2007-09-14] (Lenovo)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [458584 2012-06-19] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [620128 2013-04-22] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [28504 2012-08-02] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29016 2013-01-20] (Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29528 2013-01-20] (Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-06-17] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-04-22] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2010-08-17] (Windows (R) 2003 DDK 3790 provider)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2010-08-17] (Windows (R) 2003 DDK 3790 provider)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [x]
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2011-04-16] (Microsoft Corporation)
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-04-22] (Kaspersky Lab ZAO)
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 Tosrfcom; No ImagePath
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-04 09:22 - 2013-10-04 09:22 - 00000000 ___DC C:\Windows\ERUNT
2013-10-04 09:14 - 2013-10-04 09:14 - 00000056 ____C C:\Windows\setupact.log
2013-10-04 09:14 - 2013-10-04 09:14 - 00000000 ____C C:\Windows\setuperr.log
2013-10-04 09:13 - 2013-10-04 09:13 - 00000546 ____C C:\Windows\PFRO.log
2013-10-03 10:36 - 2011-06-26 08:45 - 00256000 ____C C:\Windows\PEV.exe
2013-10-03 10:36 - 2010-11-07 19:20 - 00208896 ____C C:\Windows\MBR.exe
2013-10-03 10:36 - 2009-04-20 06:56 - 00060416 ____C (NirSoft) C:\Windows\NIRCMD.exe
2013-10-03 10:36 - 2000-08-31 02:00 - 00518144 ____C (SteelWerX) C:\Windows\SWREG.exe
2013-10-03 10:36 - 2000-08-31 02:00 - 00406528 ____C (SteelWerX) C:\Windows\SWSC.exe
2013-10-03 10:36 - 2000-08-31 02:00 - 00098816 ____C C:\Windows\sed.exe
2013-10-03 10:36 - 2000-08-31 02:00 - 00080412 ____C C:\Windows\grep.exe
2013-10-03 10:36 - 2000-08-31 02:00 - 00068096 ____C C:\Windows\zip.exe
2013-10-03 10:33 - 2013-10-03 10:57 - 00000000 ___DC C:\Qoobox
2013-10-02 21:18 - 2013-10-02 21:18 - 00006576 ____N C:\bootsqm.dat
2013-10-02 18:23 - 2013-10-02 18:23 - 00000020 __SHC C:\Users\DefaultAppPool\ntuser.ini
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\Vorlagen
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\Startmenü
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\Netzwerkumgebung
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\Lokale Einstellungen
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\Druckumgebung
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\Anwendungsdaten
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 ___DC C:\Users\DefaultAppPool
2013-10-02 18:23 - 2013-09-14 19:15 - 00000000 ___DC C:\Users\DefaultAppPool\AppData\Local\Microsoft Help
2013-10-02 18:23 - 2009-07-14 06:54 - 00000000 __RDC C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-02 18:23 - 2009-07-14 06:49 - 00000000 __RDC C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-02 15:25 - 2013-10-04 09:29 - 00000000 ___DC C:\Users\sven\Desktop\LOGFILE
2013-10-02 13:35 - 2013-10-02 13:35 - 00000000 ___DC C:\Program Files (x86)\7-Zip
2013-10-02 12:19 - 2013-10-02 12:19 - 00057856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys.bak
2013-10-02 12:18 - 2013-10-02 12:18 - 00061440 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys.bak
2013-10-02 10:08 - 2013-10-02 10:08 - 00000000 ___DC C:\FRST
2013-10-02 10:06 - 2013-10-02 10:06 - 00000000 ____C C:\Users\sven\defogger_reenable
2013-10-02 09:30 - 2013-10-02 13:05 - 00111520 ____C C:\Users\sven\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-02 09:19 - 2013-10-02 09:27 - 00000000 ___DC C:\Users\sven\Desktop\Samsung
2013-10-01 23:43 - 2013-10-03 09:55 - 00442528 ____C C:\Windows\system32\FNTCACHE.DAT
2013-10-01 21:20 - 2013-10-02 21:14 - 03265072 ____C C:\Users\sven\AppData\Local\IconCache.db.bak
2013-10-01 21:14 - 2013-10-02 10:03 - 00000000 ___DC C:\Program Files\Apoint2K
2013-10-01 21:14 - 2013-10-01 21:14 - 00000000 ___DC C:\Program Files\ATI Technologies
2013-10-01 21:14 - 2013-10-01 21:14 - 00000000 ____C C:\Windows\system32\Drivers\Msft_Kernel_Apfiltr_01009.Wdf
2013-10-01 21:13 - 2013-04-23 10:32 - 00495408 ____C (Alps Electric Co., Ltd.) C:\Windows\system32\Drivers\Apfiltr.sys
2013-10-01 21:13 - 2013-02-28 21:29 - 00116056 ____C (Alps Electric Co., Ltd.) C:\Windows\system32\Vxdif.dll
2013-10-01 09:48 - 2013-10-04 09:12 - 00000000 ___DC C:\AdwCleaner
2013-10-01 09:47 - 2013-10-01 09:48 - 01045226 ____C C:\Users\sven\Desktop\adwcleaner.exe
2013-10-01 09:40 - 2013-10-04 09:17 - 00003162 ____C C:\Windows\System32\Tasks\RegClean Pro
2013-10-01 09:14 - 2013-10-01 09:14 - 00000000 ____C C:\ProgramData\DP45977C.lfl
2013-10-01 08:16 - 2013-10-01 08:16 - 00000000 ___DC C:\Users\sven\Documents\ProcAlyzer Dumps
2013-09-30 23:40 - 2013-09-29 00:30 - 00000855 ____C C:\Windows\system32\Drivers\etc\hosts.20130930-234012.backup
2013-09-30 23:30 - 2013-10-01 08:16 - 00000000 ___DC C:\ProgramData\Spybot - Search & Destroy
2013-09-30 23:30 - 2013-09-30 23:30 - 00001383 ____C C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-09-30 23:30 - 2013-09-30 23:30 - 00000000 ___DC C:\Windows\System32\Tasks\Safer-Networking
2013-09-30 23:30 - 2013-09-30 23:30 - 00000000 ___DC C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-09-30 23:30 - 2009-01-25 13:14 - 00017272 ____C (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2013-09-30 23:22 - 2013-09-30 23:22 - 00051496 ____C (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-09-30 23:21 - 2013-10-03 11:19 - 00000000 ___DC C:\Users\sven\AppData\Local\CrashDumps
2013-09-30 23:10 - 2013-09-30 23:10 - 00000000 ___DC C:\Windows\Repair
2013-09-30 23:01 - 2013-09-30 23:03 - 00000000 ___DC C:\Program Files (x86)\Advanced System Optimizer 3
2013-09-30 23:01 - 2013-09-30 23:01 - 00001522 ____C C:\Users\Public\Desktop\Intelligente PC-Wartung.lnk
2013-09-30 23:01 - 2013-09-30 23:01 - 00001470 ____C C:\Users\Public\Desktop\Advanced System Optimizer.lnk
2013-09-30 22:26 - 2013-09-30 22:37 - 00000000 ___DC C:\ProgramData\SecTaskMan
2013-09-30 20:50 - 2013-09-30 20:50 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Mozilla
2013-09-30 20:48 - 2013-09-30 20:50 - 00000000 ___DC C:\Users\sven\AppData\Roaming\DAEMON Tools Lite
2013-09-30 18:54 - 2013-09-30 18:55 - 00000000 ___DC C:\Users\sven\Downloads\MO10
2013-09-30 18:50 - 2013-09-30 18:50 - 00615936 ____C C:\Windows\AutoKMS.exe
2013-09-30 18:50 - 2013-09-30 18:50 - 00000161 ____C C:\Windows\AutoKMS.ini
2013-09-30 12:33 - 2013-10-01 10:41 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2013-09-30 12:33 - 2013-10-01 10:41 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2013-09-30 12:33 - 2013-10-01 10:41 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2013-09-30 12:33 - 2013-10-01 10:41 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2013-09-30 12:33 - 2013-10-01 10:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2013-09-30 12:33 - 2013-10-01 10:41 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2013-09-30 12:33 - 2013-10-01 10:41 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2013-09-30 12:33 - 2013-10-01 10:41 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2013-09-30 12:33 - 2013-10-01 10:41 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2013-09-30 12:33 - 2013-10-01 10:41 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2013-09-30 12:33 - 2013-10-01 10:41 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2013-09-30 12:33 - 2013-10-01 10:41 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2013-09-30 11:57 - 2013-09-30 11:57 - 00000000 ___DC C:\Program Files\Microsoft Synchronization Services
2013-09-30 11:56 - 2013-09-30 11:56 - 00000000 ___DC C:\Program Files\Microsoft Sync Framework
2013-09-30 11:56 - 2013-09-30 11:56 - 00000000 ___DC C:\Program Files\Microsoft SQL Server Compact Edition
2013-09-30 11:53 - 2013-09-30 11:53 - 00000000 ___DC C:\Program Files (x86)\Microsoft Visual Studio 8
2013-09-30 11:52 - 2013-09-30 11:52 - 00000000 __RDC C:\MSOCache
2013-09-30 11:52 - 2013-09-30 11:52 - 00000000 ___DC C:\Program Files (x86)\Microsoft Office
2013-09-30 11:46 - 2013-09-30 11:46 - 00000000 ___DC C:\Windows\SysWOW64\BestPractices
2013-09-30 11:46 - 2013-09-30 11:46 - 00000000 ___DC C:\Windows\system32\BestPractices
2013-09-30 11:46 - 2013-09-30 11:46 - 00000000 ___DC C:\inetpub
2013-09-30 00:16 - 2013-09-30 00:16 - 00000000 ___DC C:\Users\sven\AppData\Roaming\WinRAR
2013-09-30 00:16 - 2013-09-30 00:16 - 00000000 ___DC C:\Program Files\WinRAR
2013-09-29 07:52 - 2013-09-29 07:52 - 00000020 __SHC C:\Users\sven\ntuser.ini
2013-09-29 00:57 - 2013-10-04 09:20 - 00001436 ____C C:\Users\sven\Desktop\Google Chrome.lnk
2013-09-29 00:57 - 2013-10-04 09:12 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-09-29 00:31 - 2013-10-04 09:19 - 02095904 ____C C:\Windows\WindowsUpdate.log
2013-09-29 00:10 - 2013-09-29 00:10 - 00000000 ___DC C:\Program Files\Common Files\SpeechEngines
2013-09-28 21:04 - 2013-09-28 21:04 - 00000000 ___DC C:\ProgramData\Sun
2013-09-28 21:04 - 2013-09-28 21:03 - 00868264 ____C (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-09-28 21:04 - 2013-09-28 21:03 - 00790440 ____C (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-09-28 21:04 - 2013-09-28 21:03 - 00264616 ____C (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-28 21:04 - 2013-09-28 21:03 - 00175016 ____C (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-28 21:04 - 2013-09-28 21:03 - 00175016 ____C (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-28 21:04 - 2013-09-28 21:03 - 00096168 ____C (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-28 21:03 - 2013-09-28 21:03 - 00000000 ___DC C:\Program Files (x86)\Java
2013-09-28 19:31 - 2013-09-29 00:50 - 00000000 ___DC C:\Users\sven\AppData\Roaming\AllDup
2013-09-28 19:31 - 2013-09-28 19:31 - 00000000 ___DC C:\ProgramData\AllDup
2013-09-28 19:31 - 2010-10-13 06:42 - 02369456 ____C (Codejock Software) C:\Windows\SysWOW64\Codejock.CommandBars.v13.4.2.ocx
2013-09-28 19:31 - 2010-08-20 21:53 - 00086016 ____C (Michael Thummerer Software Design) C:\Windows\SysWOW64\mtSplitter.ocx
2013-09-28 19:31 - 2010-06-11 10:50 - 00089888 ____C (Michael Thummerer Software Design) C:\Windows\SysWOW64\mtFrame.ocx
2013-09-28 19:31 - 2010-06-01 14:45 - 01005088 ____C (Bennet-Tec Information Systems, Inc) C:\Windows\SysWOW64\TList8.ocx
2013-09-28 19:31 - 2010-03-25 10:33 - 00171752 ____C (Michael Thummerer Software Design) C:\Windows\SysWOW64\mtRTF2.ocx
2013-09-28 19:31 - 2009-10-13 00:02 - 00044736 ____C (Michael Thummerer Software Design) C:\Windows\SysWOW64\mtSubclass.dll
2013-09-28 19:31 - 2009-10-13 00:01 - 00077504 ____C (Michael Thummerer Software Design) C:\Windows\SysWOW64\mtScrollContainer.ocx
2013-09-28 19:31 - 2008-01-29 07:57 - 00450560 ____C (LogicNP Software (hxxp://www.ssware.com)) C:\Windows\SysWOW64\fldrvw90.ocx
2013-09-27 20:24 - 2013-09-27 20:46 - 00000000 ___DC C:\Windows\erdnt
2013-09-27 17:01 - 2013-09-27 17:01 - 00151464 ____C C:\Users\sven\Documents\pinfect.zip
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\VDLL.DLL
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\SysWOW64\runouce.exe
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\rundll16.exe
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\RUNDL132.EXE
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\logo1_.exe
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\logo_1.exe
2013-09-27 15:59 - 2013-09-27 16:53 - 00000193 ____C C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2013-09-27 15:57 - 2013-09-27 16:54 - 00000000 ___DC C:\ProgramData\Soluto
2013-09-27 15:42 - 2013-09-27 16:02 - 00000054 ____C C:\Windows\Lic.xxx
2013-09-27 15:41 - 2013-09-27 15:41 - 00632064 ____C (Microsoft Corporation) C:\Windows\SysWOW64\msvcr80.dll
2013-09-27 15:41 - 2013-09-27 15:41 - 00554240 ____C (Microsoft Corporation) C:\Windows\SysWOW64\msvcp80.dll
2013-09-27 15:41 - 2013-09-27 15:41 - 00034048 ____C (MicroWorld Technologies Inc.) C:\Windows\SysWOW64\eEmpty.exe
2013-09-27 15:41 - 2013-09-27 15:41 - 00000000 ___DC C:\ProgramData\MicroWorld
2013-09-27 15:41 - 2005-09-22 23:22 - 00000522 ____C C:\Windows\SysWOW64\Microsoft.VC80.CRT.manifest
2013-09-24 13:25 - 2013-09-24 13:25 - 00000000 ___DC C:\Users\sven\Documents\Benutzerdefinierte Office-Vorlagen
2013-09-23 13:15 - 2013-09-23 13:15 - 00000000 ____C C:\Windows\HPMProp.INI
2013-09-23 11:58 - 2013-09-30 11:57 - 00000000 ___DC C:\Program Files\Common Files\DESIGNER
2013-09-23 11:54 - 2013-09-29 00:10 - 00000000 ___DC C:\Program Files\Common Files\SYSTEM
2013-09-23 11:32 - 2013-09-23 11:32 - 00000000 ___DC C:\Users\Admin\AppData\Local\Google
2013-09-23 08:13 - 2013-05-10 09:41 - 00518432 ____C (HP) C:\Windows\SysWOW64\hpcdmc32.dll
2013-09-23 08:13 - 2013-05-10 09:40 - 00237344 ____C (Hewlett-Packard Company) C:\Windows\system32\hpmlm135.dll
2013-09-23 08:13 - 2013-05-10 09:40 - 00216864 ____C (Hewlett-Packard) C:\Windows\system32\hpmml150.dll
2013-09-23 08:13 - 2013-05-10 09:40 - 00189728 ____C (Hewlett-Packard) C:\Windows\system32\hpmpm081.dll
2013-09-23 08:13 - 2013-05-10 09:40 - 00162080 ____C (Hewlett-Packard) C:\Windows\system32\hpmtp150.dll
2013-09-23 08:13 - 2013-05-10 09:40 - 00074016 ____C (Hewlett-Packard) C:\Windows\system32\hpmpw081.dll
2013-09-23 08:13 - 2013-05-10 09:39 - 00438560 ____C (Hewlett-Packard Corporation) C:\Windows\system32\hpcpn150.dll
2013-09-23 08:13 - 2013-05-10 09:39 - 00199968 ____C (Hewlett-Packard) C:\Windows\system32\hpmja150.dll
2013-09-23 08:13 - 2013-05-10 09:38 - 00140064 ____C (Hewlett-Packard) C:\Windows\system32\hpcjpm.dll
2013-09-23 08:13 - 2013-05-10 09:36 - 00436512 ____C C:\Windows\SysWOW64\hpcc3150.dll
2013-09-23 08:13 - 2011-02-11 15:23 - 00193592 ____C (Hewlett-Packard) C:\Windows\system32\hppdcompio.dll
2013-09-23 08:13 - 2011-02-11 15:23 - 00167480 ____C (Hewlett-Packard) C:\Windows\SysWOW64\hppccompio.dll
2013-09-23 08:13 - 2009-02-25 17:32 - 00060440 ____C (Hewlett-Packard) C:\Windows\system32\FxCompChannel_x64.dll
2013-09-23 07:43 - 2013-09-23 07:43 - 00000000 ___DC C:\Program Files (x86)\Toshiba
2013-09-23 00:04 - 2007-09-14 23:12 - 01459712 ____C C:\Windows\system32\wstbtnrb.dll
2013-09-23 00:04 - 2007-09-14 23:12 - 00009856 ____C (Lenovo) C:\Windows\system32\Drivers\wstbtndb.sys
2013-09-22 23:53 - 2013-09-22 23:53 - 00000000 ___DC C:\Windows\Dell
2013-09-22 23:53 - 2013-09-22 23:53 - 00000000 ___DC C:\Users\sven\AppData\Roaming\InstallShield
2013-09-22 23:53 - 2013-09-22 23:53 - 00000000 ___DC C:\Program Files (x86)\Lenovo
2013-09-22 22:54 - 2013-09-22 22:54 - 00000000 ___DC C:\Users\sven\AppData\Local\WinSweeper
2013-09-22 22:54 - 2013-09-22 22:54 - 00000000 ___DC C:\Program Files (x86)\WinSweeper
2013-09-22 22:18 - 2013-09-27 17:27 - 00000260 ____C C:\Windows\Tasks\DriverDoc.job
2013-09-22 22:18 - 2013-09-27 16:56 - 00002992 ____C C:\Windows\System32\Tasks\DriverDoc
2013-09-22 22:13 - 2013-09-27 17:27 - 00000276 ____C C:\Windows\Tasks\DriverDoc_UPDATES.job
2013-09-22 22:13 - 2013-09-27 16:56 - 00003014 ____C C:\Windows\System32\Tasks\DriverDoc_UPDATES
2013-09-22 22:13 - 2013-09-22 22:13 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Solvusoft
2013-09-22 22:13 - 2013-09-22 22:13 - 00000000 ___DC C:\Program Files (x86)\DriverDoc
2013-09-22 18:41 - 2013-09-22 18:41 - 00000000 ___DC C:\Users\sven\AppData\Roaming\ZoomBrowser EX
2013-09-22 18:38 - 2013-09-22 18:38 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Canon
2013-09-22 18:30 - 2013-09-22 18:30 - 00000000 ___DC C:\ProgramData\ZoomBrowser
2013-09-22 18:29 - 2013-09-22 18:43 - 00000000 ___DC C:\Program Files (x86)\Canon
2013-09-20 19:36 - 2013-09-20 19:36 - 00000635 ____C C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-09-20 13:35 - 2013-09-20 15:51 - 00004697 ____C C:\ProgramData\hpzinstall.log
2013-09-19 07:20 - 2013-09-19 18:12 - 98378485 ____C C:\Windows\SysWOW64\ῲꤓE
2013-09-18 08:46 - 2013-09-18 08:46 - 98106403 ____C C:\Windows\SysWOW64\职D
2013-09-16 15:08 - 2013-09-16 15:08 - 00021712 ____C (Phoenix Technologies) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
2013-09-16 15:08 - 2013-09-16 15:08 - 00000000 ___DC C:\Users\sven\AppData\Local\eSupport.com
2013-09-16 14:55 - 2013-09-16 14:55 - 00000000 ___DC C:\Program Files\CPUID
2013-09-16 13:35 - 2013-10-02 22:32 - 00003160 ____C C:\Windows\System32\Tasks\SidebarExecute
2013-09-16 13:32 - 2013-09-16 13:32 - 00000207 ____C C:\Windows\tweaking.com-regbackup-AUDIA3-Microsoft-Windows-7-Home-Premium-(64-Bit).dat
2013-09-16 13:31 - 2013-09-16 13:31 - 00000000 ___DC C:\RegBackup
2013-09-16 11:43 - 2013-09-16 11:43 - 00003134 ____C C:\Windows\System32\Tasks\{BA2F4B9B-111E-4ACD-B5C8-CEE0CE8306EA}
2013-09-14 19:15 - 2013-09-14 19:15 - 00000000 ___DC C:\Users\Default\AppData\Local\Microsoft Help
2013-09-14 19:15 - 2013-09-14 19:15 - 00000000 ___DC C:\Users\Default User\AppData\Local\Microsoft Help
2013-09-14 14:33 - 2013-09-14 14:33 - 00000000 ___DC C:\Program Files (x86)\Microsoft SQL Server
2013-09-14 14:31 - 2013-09-14 14:33 - 00000000 ___DC C:\Program Files\Microsoft SQL Server
2013-09-14 14:31 - 2013-09-14 14:31 - 00000000 ___DC C:\Windows\PCHEALTH
2013-09-14 14:28 - 2013-09-30 11:56 - 00000000 ___DC C:\Program Files\Microsoft Office
2013-09-14 14:28 - 2013-09-14 14:28 - 00000000 ___DC C:\Program Files\Microsoft Analysis Services
2013-09-14 14:28 - 2013-09-14 14:28 - 00000000 ___DC C:\Program Files (x86)\Microsoft Analysis Services
2013-09-14 14:16 - 2013-09-30 00:16 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-09-14 13:26 - 2013-09-29 23:16 - 00000000 ___DC C:\Program Files (x86)\MO 2013
2013-09-13 09:12 - 2013-09-13 09:12 - 00002770 ____C C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2013-09-12 22:07 - 2013-09-24 09:13 - 00000000 ___DC C:\Program Files (x86)\TuneUp Utilities 2014
2013-09-12 22:07 - 2013-09-12 22:07 - 00000000 ___DC C:\Users\sven\AppData\Roaming\TuneUp Software
2013-09-12 22:06 - 2013-09-12 22:11 - 00000000 _SHDC C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-09-12 21:19 - 2013-09-23 11:26 - 00000000 ___DC C:\Users\Admin\AppData\Roaming\TuneUp Software
2013-09-12 21:18 - 2013-09-12 21:18 - 00000000 ___DC C:\Users\Admin\AppData\Roaming\WinPatrol
2013-09-12 10:58 - 2013-09-12 10:58 - 00001370 ____C C:\Users\Public\Desktop\Wöchentlich - Malwarebytes Anti-Malware .lnk
2013-09-11 21:59 - 2013-10-04 09:14 - 00001102 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-11 21:59 - 2013-10-04 09:04 - 00001106 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-11 21:59 - 2013-10-03 08:23 - 00004112 ____C C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-09-11 21:59 - 2013-10-03 08:23 - 00003860 ____C C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-09-11 21:59 - 2013-09-11 22:01 - 00000000 ___DC C:\Program Files (x86)\Google
2013-09-11 08:44 - 2013-09-24 08:51 - 00000000 ___DC C:\Windows\pss
2013-09-11 08:19 - 2013-09-11 08:48 - 00001278 ____C C:\Users\Public\Desktop\Wöchentlich - CCleaner.lnk
2013-09-11 08:19 - 2013-09-11 08:19 - 00002770 ____C C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-10 23:50 - 2013-10-02 22:37 - 00000000 ___DC C:\Program Files (x86)\Schutzprogramme für Laptop
2013-09-10 23:17 - 2013-09-10 23:48 - 00001912 ____C C:\Windows\epplauncher.mif
2013-09-10 23:12 - 2013-08-05 04:25 - 00155584 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-10 23:01 - 2013-09-10 23:01 - 00000000 ___DC C:\Users\sven\AppData\Roaming\WinPatrol
2013-09-10 23:01 - 2013-09-10 23:01 - 00000000 ___DC C:\ProgramData\InstallMate
2013-09-10 22:15 - 2013-09-12 07:18 - 00000000 ___DC C:\Users\Public\Recorded TV
2013-09-10 22:00 - 2013-10-02 22:28 - 00000127 ____C C:\Windows\win.ini
2013-09-10 21:49 - 2013-09-10 21:50 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-10 21:49 - 2013-09-10 21:50 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-10 21:49 - 2013-09-10 21:50 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-10 21:49 - 2013-09-10 21:50 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-10 21:49 - 2013-09-10 21:50 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-10 21:49 - 2013-09-10 21:50 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-10 21:40 - 2013-09-10 21:44 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-10 21:40 - 2013-09-10 21:44 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-10 21:40 - 2013-09-10 21:44 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-10 21:40 - 2013-09-10 21:44 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-10 21:40 - 2013-09-10 21:44 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-10 21:40 - 2013-09-10 21:44 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-10 21:40 - 2013-09-10 21:43 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-10 21:40 - 2013-09-10 21:43 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-10 21:40 - 2013-09-10 21:43 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-10 21:40 - 2013-09-10 21:43 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-10 21:39 - 2013-09-10 21:44 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-10 21:39 - 2013-09-10 21:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-10 21:39 - 2013-09-10 21:44 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-10 21:39 - 2013-09-10 21:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-10 21:39 - 2013-09-10 21:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00006144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-10 21:24 - 2013-10-02 22:30 - 00181064 ____C (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-09-10 21:21 - 2013-09-29 00:48 - 00000000 ___DC C:\Program Files\7-Zip
2013-09-10 20:19 - 2013-09-12 22:10 - 00001340 ____C C:\Users\Public\Desktop\Wöchentlich - SpywareBlaster.lnk
2013-09-10 20:19 - 2013-09-10 20:19 - 00000000 ___DC C:\ProgramData\Licenses
2013-09-10 20:19 - 2011-11-04 05:13 - 01070352 ____C (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
2013-09-10 20:19 - 2009-03-24 12:52 - 00129872 ____C (Microsoft Corporation) C:\Windows\SysWOW64\MSSTDFMT.DLL
2013-09-10 19:55 - 2013-09-10 19:55 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Malwarebytes
2013-09-10 19:55 - 2013-09-10 19:55 - 00000000 ___DC C:\ProgramData\Malwarebytes
2013-09-10 19:55 - 2013-04-04 14:50 - 00025928 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-10 19:44 - 2013-09-10 19:44 - 00000000 ___DC C:\Users\sven\AppData\Local\Secunia PSI
2013-09-10 18:16 - 2013-09-10 18:16 - 00262144 _____ C:\Windows\system32\config\elam
2013-09-08 10:09 - 2013-09-08 10:09 - 00000078 ____C C:\Users\sven\Documents\Powers.log
==================== One Month Modified Files and Folders =======
2013-10-04 09:29 - 2013-10-02 15:25 - 00000000 ___DC C:\Users\sven\Desktop\LOGFILE
2013-10-04 09:22 - 2013-10-04 09:22 - 00000000 ___DC C:\Windows\ERUNT
2013-10-04 09:20 - 2013-09-29 00:57 - 00001436 ____C C:\Users\sven\Desktop\Google Chrome.lnk
2013-10-04 09:19 - 2013-09-29 00:31 - 02095904 ____C C:\Windows\WindowsUpdate.log
2013-10-04 09:19 - 2010-06-01 19:30 - 00753864 ____C C:\Windows\system32\perfh007.dat
2013-10-04 09:19 - 2010-06-01 19:30 - 00168998 ____C C:\Windows\system32\perfc007.dat
2013-10-04 09:19 - 2009-07-14 07:13 - 01790480 ____C C:\Windows\system32\PerfStringBackup.INI
2013-10-04 09:19 - 2009-07-14 06:45 - 00013936 ____C C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-04 09:19 - 2009-07-14 06:45 - 00013936 ____C C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-04 09:17 - 2013-10-01 09:40 - 00003162 ____C C:\Windows\System32\Tasks\RegClean Pro
2013-10-04 09:16 - 2011-02-07 14:00 - 00000000 ___DC C:\ProgramData\Kaspersky Lab
2013-10-04 09:14 - 2013-10-04 09:14 - 00000056 ____C C:\Windows\setupact.log
2013-10-04 09:14 - 2013-10-04 09:14 - 00000000 ____C C:\Windows\setuperr.log
2013-10-04 09:14 - 2013-09-11 21:59 - 00001102 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-04 09:14 - 2009-07-14 07:08 - 00000006 ___HC C:\Windows\Tasks\SA.DAT
2013-10-04 09:13 - 2013-10-04 09:13 - 00000546 ____C C:\Windows\PFRO.log
2013-10-04 09:12 - 2013-10-01 09:48 - 00000000 ___DC C:\AdwCleaner
2013-10-04 09:12 - 2013-09-29 00:57 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-10-04 09:04 - 2013-09-11 21:59 - 00001106 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-04 08:44 - 2012-09-01 09:37 - 00000884 ____C C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-03 11:19 - 2013-09-30 23:21 - 00000000 ___DC C:\Users\sven\AppData\Local\CrashDumps
2013-10-03 11:19 - 2011-02-07 22:11 - 00000000 ___DC C:\Windows\Minidump
2013-10-03 10:57 - 2013-10-03 10:33 - 00000000 ___DC C:\Qoobox
2013-10-03 10:02 - 2011-01-23 15:30 - 00000000 ___DC C:\ProgramData\TuneUp Software
2013-10-03 09:55 - 2013-10-01 23:43 - 00442528 ____C C:\Windows\system32\FNTCACHE.DAT
2013-10-03 08:23 - 2013-09-11 21:59 - 00004112 ____C C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-03 08:23 - 2013-09-11 21:59 - 00003860 ____C C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-02 22:37 - 2013-09-10 23:50 - 00000000 ___DC C:\Program Files (x86)\Schutzprogramme für Laptop
2013-10-02 22:32 - 2013-09-16 13:35 - 00003160 ____C C:\Windows\System32\Tasks\SidebarExecute
2013-10-02 22:30 - 2013-09-10 21:24 - 00181064 ____C (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-10-02 22:28 - 2013-09-10 22:00 - 00000127 ____C C:\Windows\win.ini
2013-10-02 21:18 - 2013-10-02 21:18 - 00006576 ____N C:\bootsqm.dat
2013-10-02 21:14 - 2013-10-01 21:20 - 03265072 ____C C:\Users\sven\AppData\Local\IconCache.db.bak
2013-10-02 18:23 - 2013-10-02 18:23 - 00000020 __SHC C:\Users\DefaultAppPool\ntuser.ini
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\Vorlagen
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\Startmenü
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\Netzwerkumgebung
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\Lokale Einstellungen
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\Druckumgebung
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\Anwendungsdaten
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 ___DC C:\Users\DefaultAppPool
2013-10-02 13:35 - 2013-10-02 13:35 - 00000000 ___DC C:\Program Files (x86)\7-Zip
2013-10-02 13:05 - 2013-10-02 09:30 - 00111520 ____C C:\Users\sven\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-02 12:19 - 2013-10-02 12:19 - 00057856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys.bak
2013-10-02 12:18 - 2013-10-02 12:18 - 00061440 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys.bak
2013-10-02 10:08 - 2013-10-02 10:08 - 00000000 ___DC C:\FRST
2013-10-02 10:06 - 2013-10-02 10:06 - 00000000 ____C C:\Users\sven\defogger_reenable
2013-10-02 10:06 - 2010-12-30 15:42 - 00000000 ___DC C:\Users\sven
2013-10-02 10:03 - 2013-10-01 21:14 - 00000000 ___DC C:\Program Files\Apoint2K
2013-10-02 09:27 - 2013-10-02 09:19 - 00000000 ___DC C:\Users\sven\Desktop\Samsung
2013-10-02 08:22 - 2011-01-07 20:26 - 00007605 ____C C:\Users\sven\AppData\Local\Resmon.ResmonCfg
2013-10-02 00:16 - 2010-06-01 03:06 - 00000000 ___DC C:\Program Files (x86)\Samsung
2013-10-02 00:16 - 2010-06-01 02:59 - 00000000 ___DC C:\Program Files (x86)\InstallShield Installation Information
2013-10-01 21:14 - 2013-10-01 21:14 - 00000000 ___DC C:\Program Files\ATI Technologies
2013-10-01 21:14 - 2013-10-01 21:14 - 00000000 ____C C:\Windows\system32\Drivers\Msft_Kernel_Apfiltr_01009.Wdf
2013-10-01 11:47 - 2009-07-14 05:20 - 00000000 ___DC C:\Windows\SysWOW64\inetsrv
2013-10-01 11:47 - 2009-07-14 05:20 - 00000000 ___DC C:\Windows\system32\inetsrv
2013-10-01 10:44 - 2010-12-30 21:50 - 00000000 ___DC C:\ProgramData\Microsoft Help
2013-10-01 10:41 - 2013-09-30 12:33 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2013-10-01 10:41 - 2013-09-30 12:33 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2013-10-01 10:41 - 2013-09-30 12:33 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2013-10-01 10:41 - 2013-09-30 12:33 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2013-10-01 10:41 - 2013-09-30 12:33 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2013-10-01 10:41 - 2013-09-30 12:33 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2013-10-01 10:41 - 2013-09-30 12:33 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2013-10-01 10:41 - 2013-09-30 12:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2013-10-01 10:41 - 2013-09-30 12:33 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2013-10-01 10:41 - 2013-09-30 12:33 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2013-10-01 10:41 - 2013-09-30 12:33 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2013-10-01 10:41 - 2013-09-30 12:33 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2013-10-01 09:48 - 2013-10-01 09:47 - 01045226 ____C C:\Users\sven\Desktop\adwcleaner.exe
2013-10-01 09:14 - 2013-10-01 09:14 - 00000000 ____C C:\ProgramData\DP45977C.lfl
2013-10-01 09:13 - 2010-06-01 03:02 - 00000000 ___DC C:\Windows\SysWOW64\RTCOM
2013-10-01 09:13 - 2010-06-01 03:02 - 00000000 ___DC C:\Windows\system32\SRSLabs
2013-10-01 08:50 - 2010-12-30 21:48 - 01742138 ____C C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-01 08:16 - 2013-10-01 08:16 - 00000000 ___DC C:\Users\sven\Documents\ProcAlyzer Dumps
2013-10-01 08:16 - 2013-09-30 23:30 - 00000000 ___DC C:\ProgramData\Spybot - Search & Destroy
2013-09-30 23:30 - 2013-09-30 23:30 - 00001383 ____C C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-09-30 23:30 - 2013-09-30 23:30 - 00000000 ___DC C:\Windows\System32\Tasks\Safer-Networking
2013-09-30 23:30 - 2013-09-30 23:30 - 00000000 ___DC C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-09-30 23:22 - 2013-09-30 23:22 - 00051496 ____C (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-09-30 23:10 - 2013-09-30 23:10 - 00000000 ___DC C:\Windows\Repair
2013-09-30 23:03 - 2013-09-30 23:01 - 00000000 ___DC C:\Program Files (x86)\Advanced System Optimizer 3
2013-09-30 23:01 - 2013-09-30 23:01 - 00001522 ____C C:\Users\Public\Desktop\Intelligente PC-Wartung.lnk
2013-09-30 23:01 - 2013-09-30 23:01 - 00001470 ____C C:\Users\Public\Desktop\Advanced System Optimizer.lnk
2013-09-30 22:37 - 2013-09-30 22:26 - 00000000 ___DC C:\ProgramData\SecTaskMan
2013-09-30 20:54 - 2011-01-02 23:19 - 00000000 _SHDC C:\Temporäre Internetdateien
2013-09-30 20:50 - 2013-09-30 20:50 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Mozilla
2013-09-30 20:50 - 2013-09-30 20:48 - 00000000 ___DC C:\Users\sven\AppData\Roaming\DAEMON Tools Lite
2013-09-30 18:55 - 2013-09-30 18:54 - 00000000 ___DC C:\Users\sven\Downloads\MO10
2013-09-30 18:50 - 2013-09-30 18:50 - 00615936 ____C C:\Windows\AutoKMS.exe
2013-09-30 18:50 - 2013-09-30 18:50 - 00000161 ____C C:\Windows\AutoKMS.ini
2013-09-30 16:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-30 11:57 - 2013-09-30 11:57 - 00000000 ___DC C:\Program Files\Microsoft Synchronization Services
2013-09-30 11:57 - 2013-09-23 11:58 - 00000000 ___DC C:\Program Files\Common Files\DESIGNER
2013-09-30 11:56 - 2013-09-30 11:56 - 00000000 ___DC C:\Program Files\Microsoft Sync Framework
2013-09-30 11:56 - 2013-09-30 11:56 - 00000000 ___DC C:\Program Files\Microsoft SQL Server Compact Edition
2013-09-30 11:56 - 2013-09-14 14:28 - 00000000 ___DC C:\Program Files\Microsoft Office
2013-09-30 11:56 - 2009-07-14 07:32 - 00000000 ___DC C:\Program Files (x86)\MSBuild
2013-09-30 11:56 - 2009-07-14 05:20 - 00000000 ___DC C:\Program Files\Common Files\Microsoft Shared
2013-09-30 11:53 - 2013-09-30 11:53 - 00000000 ___DC C:\Program Files (x86)\Microsoft Visual Studio 8
2013-09-30 11:53 - 2010-06-01 19:15 - 00000000 ___DC C:\Windows\ShellNew
2013-09-30 11:52 - 2013-09-30 11:52 - 00000000 __RDC C:\MSOCache
2013-09-30 11:52 - 2013-09-30 11:52 - 00000000 ___DC C:\Program Files (x86)\Microsoft Office
2013-09-30 11:46 - 2013-09-30 11:46 - 00000000 ___DC C:\Windows\SysWOW64\BestPractices
2013-09-30 11:46 - 2013-09-30 11:46 - 00000000 ___DC C:\Windows\system32\BestPractices
2013-09-30 11:46 - 2013-09-30 11:46 - 00000000 ___DC C:\inetpub
2013-09-30 08:12 - 2010-06-01 19:15 - 00000000 ___DC C:\Program Files\Windows Journal
2013-09-30 08:12 - 2009-07-14 07:32 - 00000000 ___DC C:\Program Files\Windows Sidebar
2013-09-30 08:12 - 2009-07-14 07:32 - 00000000 ___DC C:\Program Files\Windows Portable Devices
2013-09-30 00:16 - 2013-09-30 00:16 - 00000000 ___DC C:\Users\sven\AppData\Roaming\WinRAR
2013-09-30 00:16 - 2013-09-30 00:16 - 00000000 ___DC C:\Program Files\WinRAR
2013-09-30 00:16 - 2013-09-14 14:16 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-09-29 23:16 - 2013-09-14 13:26 - 00000000 ___DC C:\Program Files (x86)\MO 2013
2013-09-29 22:51 - 2009-07-14 05:20 - 00000000 ___DC C:\Windows\system32\NDF
2013-09-29 15:37 - 2011-04-10 16:16 - 00000000 ___DC C:\Users\Admin
2013-09-29 07:56 - 2009-07-14 06:54 - 00000749 ___RC C:\Windows\WindowsShell.Manifest
2013-09-29 07:56 - 2009-07-14 05:20 - 00000000 __RDC C:\Users\Public\Libraries
2013-09-29 07:52 - 2013-09-29 07:52 - 00000020 __SHC C:\Users\sven\ntuser.ini
2013-09-29 00:50 - 2013-09-28 19:31 - 00000000 ___DC C:\Users\sven\AppData\Roaming\AllDup
2013-09-29 00:49 - 2011-02-06 17:26 - 00000000 ___DC C:\ProgramData\Kaspersky Lab ZAO
2013-09-29 00:48 - 2013-09-10 21:21 - 00000000 ___DC C:\Program Files\7-Zip
2013-09-29 00:47 - 2011-04-10 16:17 - 00000000 __RDC C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-29 00:47 - 2011-04-10 16:17 - 00000000 __RDC C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-29 00:47 - 2011-04-10 16:16 - 00000000 __RDC C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-09-29 00:47 - 2011-04-10 16:16 - 00000000 __RDC C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-09-29 00:47 - 2010-12-30 16:02 - 00000000 __RDC C:\Users\sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-29 00:47 - 2010-12-30 16:02 - 00000000 __RDC C:\Users\sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-29 00:47 - 2010-12-30 15:42 - 00000000 __RDC C:\Users\sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-09-29 00:47 - 2010-12-30 15:42 - 00000000 __RDC C:\Users\sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-09-29 00:46 - 2010-12-30 22:25 - 00000000 ___DC C:\Users\sven\Documents\Sven
2013-09-29 00:30 - 2013-09-30 23:40 - 00000855 ____C C:\Windows\system32\Drivers\etc\hosts.20130930-234012.backup
2013-09-29 00:10 - 2013-09-29 00:10 - 00000000 ___DC C:\Program Files\Common Files\SpeechEngines
2013-09-29 00:10 - 2013-09-23 11:54 - 00000000 ___DC C:\Program Files\Common Files\SYSTEM
2013-09-28 23:27 - 2009-07-14 05:20 - 00000000 ___DC C:\Windows\registration
2013-09-28 21:04 - 2013-09-28 21:04 - 00000000 ___DC C:\ProgramData\Sun
2013-09-28 21:03 - 2013-09-28 21:04 - 00868264 ____C (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-09-28 21:03 - 2013-09-28 21:04 - 00790440 ____C (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-09-28 21:03 - 2013-09-28 21:04 - 00264616 ____C (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-28 21:03 - 2013-09-28 21:04 - 00175016 ____C (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-28 21:03 - 2013-09-28 21:04 - 00175016 ____C (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-28 21:03 - 2013-09-28 21:04 - 00096168 ____C (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-28 21:03 - 2013-09-28 21:03 - 00000000 ___DC C:\Program Files (x86)\Java
2013-09-28 20:17 - 2011-01-25 13:30 - 00002772 ____C C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2011
2013-09-28 20:17 - 2010-06-01 03:06 - 00003160 _____ C:\Windows\System32\Tasks\SUPBackground
2013-09-28 19:31 - 2013-09-28 19:31 - 00000000 ___DC C:\ProgramData\AllDup
2013-09-28 10:00 - 2013-05-11 21:11 - 00000000 ___DC C:\Users\sven\Desktop\Neuer Ordner
2013-09-27 20:46 - 2013-09-27 20:24 - 00000000 ___DC C:\Windows\erdnt
2013-09-27 17:27 - 2013-09-22 22:18 - 00000260 ____C C:\Windows\Tasks\DriverDoc.job
2013-09-27 17:27 - 2013-09-22 22:13 - 00000276 ____C C:\Windows\Tasks\DriverDoc_UPDATES.job
2013-09-27 17:01 - 2013-09-27 17:01 - 00151464 ____C C:\Users\sven\Documents\pinfect.zip
2013-09-27 16:56 - 2013-09-22 22:18 - 00002992 ____C C:\Windows\System32\Tasks\DriverDoc
2013-09-27 16:56 - 2013-09-22 22:13 - 00003014 ____C C:\Windows\System32\Tasks\DriverDoc_UPDATES
2013-09-27 16:54 - 2013-09-27 15:57 - 00000000 ___DC C:\ProgramData\Soluto
2013-09-27 16:53 - 2013-09-27 15:59 - 00000193 ____C C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\VDLL.DLL
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\SysWOW64\runouce.exe
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\rundll16.exe
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\RUNDL132.EXE
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\logo1_.exe
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\logo_1.exe
2013-09-27 16:02 - 2013-09-27 15:42 - 00000054 ____C C:\Windows\Lic.xxx
2013-09-27 15:41 - 2013-09-27 15:41 - 00632064 ____C (Microsoft Corporation) C:\Windows\SysWOW64\msvcr80.dll
2013-09-27 15:41 - 2013-09-27 15:41 - 00554240 ____C (Microsoft Corporation) C:\Windows\SysWOW64\msvcp80.dll
2013-09-27 15:41 - 2013-09-27 15:41 - 00034048 ____C (MicroWorld Technologies Inc.) C:\Windows\SysWOW64\eEmpty.exe
2013-09-27 15:41 - 2013-09-27 15:41 - 00000000 ___DC C:\ProgramData\MicroWorld
2013-09-24 13:25 - 2013-09-24 13:25 - 00000000 ___DC C:\Users\sven\Documents\Benutzerdefinierte Office-Vorlagen
2013-09-24 09:13 - 2013-09-12 22:07 - 00000000 ___DC C:\Program Files (x86)\TuneUp Utilities 2014
2013-09-24 09:02 - 2011-03-05 19:52 - 00003784 ____C C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2013-09-24 08:51 - 2013-09-11 08:44 - 00000000 ___DC C:\Windows\pss
2013-09-24 08:44 - 2011-01-09 19:21 - 00000000 ___DC C:\Program Files (x86)\Downloadprogramme
2013-09-23 13:15 - 2013-09-23 13:15 - 00000000 ____C C:\Windows\HPMProp.INI
2013-09-23 11:32 - 2013-09-23 11:32 - 00000000 ___DC C:\Users\Admin\AppData\Local\Google
2013-09-23 11:26 - 2013-09-12 21:19 - 00000000 ___DC C:\Users\Admin\AppData\Roaming\TuneUp Software
2013-09-23 07:43 - 2013-09-23 07:43 - 00000000 ___DC C:\Program Files (x86)\Toshiba
2013-09-22 23:53 - 2013-09-22 23:53 - 00000000 ___DC C:\Windows\Dell
2013-09-22 23:53 - 2013-09-22 23:53 - 00000000 ___DC C:\Users\sven\AppData\Roaming\InstallShield
2013-09-22 23:53 - 2013-09-22 23:53 - 00000000 ___DC C:\Program Files (x86)\Lenovo
2013-09-22 22:54 - 2013-09-22 22:54 - 00000000 ___DC C:\Users\sven\AppData\Local\WinSweeper
2013-09-22 22:54 - 2013-09-22 22:54 - 00000000 ___DC C:\Program Files (x86)\WinSweeper
2013-09-22 22:13 - 2013-09-22 22:13 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Solvusoft
2013-09-22 22:13 - 2013-09-22 22:13 - 00000000 ___DC C:\Program Files (x86)\DriverDoc
2013-09-22 18:43 - 2013-09-22 18:29 - 00000000 ___DC C:\Program Files (x86)\Canon
2013-09-22 18:41 - 2013-09-22 18:41 - 00000000 ___DC C:\Users\sven\AppData\Roaming\ZoomBrowser EX
2013-09-22 18:41 - 2011-03-26 20:11 - 00005120 ____C C:\Users\sven\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-22 18:38 - 2013-09-22 18:38 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Canon
2013-09-22 18:30 - 2013-09-22 18:30 - 00000000 ___DC C:\ProgramData\ZoomBrowser
2013-09-20 19:36 - 2013-09-20 19:36 - 00000635 ____C C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-09-20 19:01 - 2012-09-29 00:11 - 00000000 ___DC C:\ProgramData\Nokia
2013-09-20 19:01 - 2012-09-29 00:08 - 00000000 ___DC C:\Program Files (x86)\Nokia
2013-09-20 18:52 - 2012-09-29 13:01 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Nokia Suite
2013-09-20 18:39 - 2012-09-01 09:37 - 00003822 ____C C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-20 18:39 - 2012-06-05 21:21 - 00692616 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-20 18:39 - 2012-06-05 21:21 - 00071048 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-20 15:51 - 2013-09-20 13:35 - 00004697 ____C C:\ProgramData\hpzinstall.log
2013-09-19 18:12 - 2013-09-19 07:20 - 98378485 ____C C:\Windows\SysWOW64\ῲꤓE
2013-09-18 08:46 - 2013-09-18 08:46 - 98106403 ____C C:\Windows\SysWOW64\职D
2013-09-16 15:08 - 2013-09-16 15:08 - 00021712 ____C (Phoenix Technologies) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
2013-09-16 15:08 - 2013-09-16 15:08 - 00000000 ___DC C:\Users\sven\AppData\Local\eSupport.com
2013-09-16 14:55 - 2013-09-16 14:55 - 00000000 ___DC C:\Program Files\CPUID
2013-09-16 13:32 - 2013-09-16 13:32 - 00000207 ____C C:\Windows\tweaking.com-regbackup-AUDIA3-Microsoft-Windows-7-Home-Premium-(64-Bit).dat
2013-09-16 13:31 - 2013-09-16 13:31 - 00000000 ___DC C:\RegBackup
2013-09-16 11:43 - 2013-09-16 11:43 - 00003134 ____C C:\Windows\System32\Tasks\{BA2F4B9B-111E-4ACD-B5C8-CEE0CE8306EA}
2013-09-14 19:15 - 2013-10-02 18:23 - 00000000 ___DC C:\Users\DefaultAppPool\AppData\Local\Microsoft Help
2013-09-14 19:15 - 2013-09-14 19:15 - 00000000 ___DC C:\Users\Default\AppData\Local\Microsoft Help
2013-09-14 19:15 - 2013-09-14 19:15 - 00000000 ___DC C:\Users\Default User\AppData\Local\Microsoft Help
2013-09-14 14:33 - 2013-09-14 14:33 - 00000000 ___DC C:\Program Files (x86)\Microsoft SQL Server
2013-09-14 14:33 - 2013-09-14 14:31 - 00000000 ___DC C:\Program Files\Microsoft SQL Server
2013-09-14 14:31 - 2013-09-14 14:31 - 00000000 ___DC C:\Windows\PCHEALTH
2013-09-14 14:28 - 2013-09-14 14:28 - 00000000 ___DC C:\Program Files\Microsoft Analysis Services
2013-09-14 14:28 - 2013-09-14 14:28 - 00000000 ___DC C:\Program Files (x86)\Microsoft Analysis Services
2013-09-13 09:12 - 2013-09-13 09:12 - 00002770 ____C C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2013-09-12 22:29 - 2009-08-02 04:27 - 00000000 ___DC C:\Windows\Panther
2013-09-12 22:11 - 2013-09-12 22:06 - 00000000 _SHDC C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-09-12 22:11 - 2011-01-23 15:30 - 00000000 _SHDC C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2013-09-12 22:10 - 2013-09-10 20:19 - 00001340 ____C C:\Users\Public\Desktop\Wöchentlich - SpywareBlaster.lnk
2013-09-12 22:07 - 2013-09-12 22:07 - 00000000 ___DC C:\Users\sven\AppData\Roaming\TuneUp Software
2013-09-12 21:18 - 2013-09-12 21:18 - 00000000 ___DC C:\Users\Admin\AppData\Roaming\WinPatrol
2013-09-12 10:58 - 2013-09-12 10:58 - 00001370 ____C C:\Users\Public\Desktop\Wöchentlich - Malwarebytes Anti-Malware .lnk
2013-09-12 07:18 - 2013-09-10 22:15 - 00000000 ___DC C:\Users\Public\Recorded TV
2013-09-12 07:18 - 2009-07-14 07:08 - 00023562 ____C C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-11 22:01 - 2013-09-11 21:59 - 00000000 ___DC C:\Program Files (x86)\Google
2013-09-11 22:01 - 2010-12-30 16:19 - 00000000 ___DC C:\Users\sven\AppData\Local\Google
2013-09-11 17:28 - 2010-12-30 21:49 - 00000000 ___DC C:\Users\sven\AppData\Roaming\SoftGrid Client
2013-09-11 08:48 - 2013-09-11 08:19 - 00001278 ____C C:\Users\Public\Desktop\Wöchentlich - CCleaner.lnk
2013-09-11 08:19 - 2013-09-11 08:19 - 00002770 ____C C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-10 23:48 - 2013-09-10 23:17 - 00001912 ____C C:\Windows\epplauncher.mif
2013-09-10 23:01 - 2013-09-10 23:01 - 00000000 ___DC C:\Users\sven\AppData\Roaming\WinPatrol
2013-09-10 23:01 - 2013-09-10 23:01 - 00000000 ___DC C:\ProgramData\InstallMate
2013-09-10 21:50 - 2013-09-10 21:49 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-10 21:50 - 2013-09-10 21:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-10 21:50 - 2013-09-10 21:49 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-10 21:50 - 2013-09-10 21:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-10 21:50 - 2013-09-10 21:49 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-10 21:50 - 2013-09-10 21:49 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-10 21:44 - 2013-09-10 21:40 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-10 21:44 - 2013-09-10 21:40 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-10 21:44 - 2013-09-10 21:40 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-10 21:44 - 2013-09-10 21:40 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-10 21:44 - 2013-09-10 21:40 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-10 21:44 - 2013-09-10 21:40 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-10 21:44 - 2013-09-10 21:39 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-10 21:44 - 2013-09-10 21:39 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-10 21:44 - 2013-09-10 21:39 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-10 21:44 - 2013-09-10 21:39 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-10 21:44 - 2013-09-10 21:39 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00006144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-10 21:44 - 2013-07-21 18:12 - 00000000 ___DC C:\Windows\system32\MRT
2013-09-10 21:44 - 2011-01-02 21:58 - 79143768 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-10 21:43 - 2013-09-10 21:40 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-10 21:43 - 2013-09-10 21:40 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-10 21:43 - 2013-09-10 21:40 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-10 21:43 - 2013-09-10 21:40 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-10 20:19 - 2013-09-10 20:19 - 00000000 ___DC C:\ProgramData\Licenses
2013-09-10 19:55 - 2013-09-10 19:55 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Malwarebytes
2013-09-10 19:55 - 2013-09-10 19:55 - 00000000 ___DC C:\ProgramData\Malwarebytes
2013-09-10 19:48 - 2012-09-29 17:58 - 00000000 ___DC C:\Program Files (x86)\MSXML 4.0
2013-09-10 19:44 - 2013-09-10 19:44 - 00000000 ___DC C:\Users\sven\AppData\Local\Secunia PSI
2013-09-10 18:16 - 2013-09-10 18:16 - 00262144 _____ C:\Windows\system32\config\elam
2013-09-09 15:29 - 2011-01-23 15:31 - 00043320 ____C (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2013-09-09 15:29 - 2011-01-23 15:31 - 00040760 ____C (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2013-09-09 15:29 - 2011-01-23 15:31 - 00036152 ____C (TuneUp Software) C:\Windows\SysWOW64\uxtuneup.dll
2013-09-09 15:29 - 2011-01-23 15:31 - 00029496 ____C (TuneUp Software) C:\Windows\system32\authuitu.dll
2013-09-09 15:29 - 2011-01-23 15:31 - 00025400 ____C (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2013-09-08 10:09 - 2013-09-08 10:09 - 00000078 ____C C:\Users\sven\Documents\Powers.log
Some content of TEMP:
====================
C:\Users\sven\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-02 11:15
==================== End Of Log ============================
--- --- --- --- --- --- Besten Dank bis hierher und gruß sven hallo schrauber, was mir noch eingefallen ist. die ganz geschichte fing eigentlich vor vielen monaten an, wenn ich das mal so revue passieren lasse. ich bekam mehrfach email post von: * inkassobüros wg angeblich bestellter ware die nicht bezahlt wurde * pishingmails angeblich von paypal, amazon und dhl das meine kontodaten geändert werden müssen oder man versucht hat darauf zuzugreifen bla bla blub... * fedex versanddateien, die ich versehentlich öffnete * anfragen von ebay kleinanzeigen interessenten, wo ich einige sachen anbot, die mir entgegen den abkommen anderen summen anboten, sollte vorab bezahlen. es meldete sich die landesbank berlin aus china in einem sehr schlechten deutsch. als ich stutzig wurde, verschob ich alle mails in einem separaten ordner den ich entsprechend benannte. am nächsten tag waren alle spuren verwischt, heißt gelöscht. ich nahm die gesendeten mails und verschob sie wieder in den ordner. auch diese wurde gelöscht.... 2 tage später melde sich wieder eine person zu meinen angebotenen sachen. das selbe schlechte deutsch und exakt die gleichen fragen... mehr fällt mir nicht ein. vllt bringt es dir was... danke und gruß sven |
|
04.10.2013, 14:51
| #10 |
| /// the machine /// TB-Ausbilder | Ständiger befall von viren oder maleware Downloade dir bitte Windows Repair (All In One) von hier.
ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.10.2013, 19:42
| #11 |
| | Ständiger befall von viren oder maleware hallo schrauber, folgendes vorab. windows repair: *trotz haken setzen für restart, erfolgte nur ein herunterfahren *konnte kein advanced modus anwählen, konnte überhaupt nix anwählen antimaleware: * hatte aus dem bauchgefühl heraus nochmals nach den ganzen sachen die ich machen sollte einen scan ausgeführt. es tauchen immer die selben sachen auf. poste ich auch am ende easy display manager: * kannst du mir vllt sagen, wo ich für meine mühle einen bekomme? bei samsung fand ich nichts und anderweitig bin ich geheilt von div nebeneffekten Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=e218c90ba8021641a4cf914bd226a3c4
# engine=15359
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-10-04 05:50:22
# local_time=2013-10-04 07:50:22 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1286 16777213 100 99 6913 35675344 0 0
# compatibility_mode=5893 16776573 100 94 39197 132538872 0 0
# scanned=135324
# found=0
# cleaned=0
# scan_time=6285
Code:
ATTFilter Results of screen317's Security Check version 0.99.73 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Spybot - Search & Destroy Malwarebytes Anti-Malware Version 1.75.0.1300 TuneUp Utilities 2014 TuneUp Utilities Language Pack (de-DE) TuneUp Utilities 2014 (de-DE) TuneUp Utilities 2014 Java 7 Update 40 Java version out of Date! Adobe Flash Player 11.8.800.168 Adobe Reader XI Google Chrome 29.0.1547.66 Google Chrome 29.0.1547.76 ````````Process Check: objlist.exe by Laurent```````` WinPatrol winpatrol.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Spybot Teatimer.exe is disabled! Schutzprogramme für Laptop Malwarebytes' Anti-Malware mbamscheduler.exe Kaspersky Lab Kaspersky Internet Security 2013 avp.exe Kaspersky Lab Kaspersky Internet Security 2013 klwtblfs.exe Schutzprogramme für Laptop WinPatrol WinPatrol.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by sven (administrator) on AUDIA3 on 04-10-2013 20:20:35
Running from C:\Users\sven\Desktop\LOGFILE\FRST64
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Systweak Software, (www.systweak.com)) C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Schutzprogramme für Laptop\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Schutzprogramme für Laptop\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Schutzprogramme für Laptop\Malwarebytes' Anti-Malware\mbamgui.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(BillP Studios) C:\Program Files (x86)\Schutzprogramme für Laptop\WinPatrol\WinPatrol.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\klwtblfs.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [WinPatrol] - C:\Program Files (x86)\Schutzprogramme für Laptop\WinPatrol\winpatrol.exe [441408 2013-09-05] (BillP Studios)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356376 2013-01-19] (Kaspersky Lab ZAO)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://gmx.de/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://gmx.net/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll ()
CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U40) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Nokia Suite Enabler Plugin) - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.400.43) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.13_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\camnampocfohlcgbajligmemmabnljcm\1.2_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbhfdchmklhpcngcgjmpdbjakdggkkjp\3.2.2_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.5_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk\2.4_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Kaspersky URL Advisor) - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0
CHR Extension: (WOT Safe Search) - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddcihbboebboehpkkdfdkhbodacmmfkk\2_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm\0.14.2.2_0
CHR Extension: (TrashMail.net: Create disposable address) - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihbdpohplcdnhllhliaeapefmmpcdjo\1.0.10_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.7_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0
CHR Extension: (Safe Money) - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0
CHR Extension: (Stop & Hide \u2192 Instant Escape from Angry Boss) - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilokdhmdlnaoiaagjjljbegopnmopgnm\1.0.0.17_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4292_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhgnmngkgolhffjjdaipkkjbmbnpefef\1.2.3_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR Extension: () - C:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [ibcgjcbeckcdemelifnledhihpaighfk] - C:\Users\sven\AppData\Local\CRE\ibcgjcbeckcdemelifnledhihpaighfk.crx
CHR HKLM-x32\...\Chrome\Extension: [ieadcoanfjloocmfafkebdnfefmohngj] - C:\Program Files (x86)\BonanzaDeals\BonanzaDeals.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 ASO3DiskOptimizer; C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe [264488 2013-09-18] (Systweak Software, (www.systweak.com))
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356376 2013-01-19] (Kaspersky Lab ZAO)
S4 CCALib8; C:\Program Files (x86)\Canon\CAL\CALMAIN.exe [96341 2005-09-30] (Canon Inc.)
S4 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-06-13] (Freemake)
R2 MBAMScheduler; C:\Program Files (x86)\Schutzprogramme für Laptop\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Schutzprogramme für Laptop\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S4 Rezip; C:\Windows\SysWOW64\Rezip.exe [311296 2009-03-05] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
S4 Secunia PSI Agent; C:\Program Files (x86)\Schutzprogramme für Laptop\Secunia\PSI\psia.exe [1228504 2013-07-03] (Secunia)
S4 Secunia Update Agent; C:\Program Files (x86)\Schutzprogramme für Laptop\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2100024 2013-09-09] (TuneUp Software)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2013-09-30] (Microsoft Corporation)
S2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [x]
==================== Drivers (Whitelisted) ====================
R1 HBtnKey; C:\Windows\System32\DRIVERS\wstbtndb.sys [9856 2007-09-14] (Lenovo)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [458584 2012-06-19] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [620128 2013-04-22] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [28504 2012-08-02] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29016 2013-01-20] (Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29528 2013-01-20] (Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-06-17] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-04-22] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2010-08-17] (Windows (R) 2003 DDK 3790 provider)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2010-08-17] (Windows (R) 2003 DDK 3790 provider)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [x]
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2011-04-16] (Microsoft Corporation)
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-04-22] (Kaspersky Lab ZAO)
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 Tosrfcom; No ImagePath
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-04 18:03 - 2013-10-04 18:03 - 00000000 ___DC C:\Program Files (x86)\ESET
2013-10-04 18:02 - 2013-10-04 18:03 - 02347384 ____C (ESET) C:\Users\sven\Downloads\esetsmartinstaller_enu.exe
2013-10-04 17:12 - 2013-10-04 20:19 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Systweak
2013-10-04 17:04 - 2013-10-04 17:06 - 03264218 ____C C:\Users\sven\Downloads\tweaking.com_windows_repair_aio.zip
2013-10-04 09:22 - 2013-10-04 09:22 - 00000000 ___DC C:\Windows\ERUNT
2013-10-04 09:14 - 2013-10-04 17:54 - 00000224 ____C C:\Windows\setupact.log
2013-10-04 09:14 - 2013-10-04 09:14 - 00000000 ____C C:\Windows\setuperr.log
2013-10-04 09:13 - 2013-10-04 17:54 - 00000898 ____C C:\Windows\PFRO.log
2013-10-03 10:36 - 2011-06-26 08:45 - 00256000 ____C C:\Windows\PEV.exe
2013-10-03 10:36 - 2010-11-07 19:20 - 00208896 ____C C:\Windows\MBR.exe
2013-10-03 10:36 - 2009-04-20 06:56 - 00060416 ____C (NirSoft) C:\Windows\NIRCMD.exe
2013-10-03 10:36 - 2000-08-31 02:00 - 00518144 ____C (SteelWerX) C:\Windows\SWREG.exe
2013-10-03 10:36 - 2000-08-31 02:00 - 00406528 ____C (SteelWerX) C:\Windows\SWSC.exe
2013-10-03 10:36 - 2000-08-31 02:00 - 00098816 ____C C:\Windows\sed.exe
2013-10-03 10:36 - 2000-08-31 02:00 - 00080412 ____C C:\Windows\grep.exe
2013-10-03 10:36 - 2000-08-31 02:00 - 00068096 ____C C:\Windows\zip.exe
2013-10-03 10:33 - 2013-10-03 10:57 - 00000000 ___DC C:\Qoobox
2013-10-02 21:18 - 2013-10-02 21:18 - 00009864 ____N C:\bootsqm.dat
2013-10-02 18:23 - 2013-10-02 18:23 - 00000020 __SHC C:\Users\DefaultAppPool\ntuser.ini
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\Vorlagen
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\Startmenü
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\Netzwerkumgebung
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\Lokale Einstellungen
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\Druckumgebung
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\Anwendungsdaten
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 ___DC C:\Users\DefaultAppPool
2013-10-02 18:23 - 2013-09-14 19:15 - 00000000 ___DC C:\Users\DefaultAppPool\AppData\Local\Microsoft Help
2013-10-02 18:23 - 2009-07-14 06:54 - 00000000 __RDC C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-02 18:23 - 2009-07-14 06:49 - 00000000 __RDC C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-02 15:25 - 2013-10-04 18:14 - 00000000 ___DC C:\Users\sven\Desktop\LOGFILE
2013-10-02 13:35 - 2013-10-02 13:35 - 00000000 ___DC C:\Program Files (x86)\7-Zip
2013-10-02 12:19 - 2013-10-02 12:19 - 00057856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys.bak
2013-10-02 12:18 - 2013-10-02 12:18 - 00061440 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys.bak
2013-10-02 10:08 - 2013-10-02 10:08 - 00000000 ___DC C:\FRST
2013-10-02 10:06 - 2013-10-02 10:06 - 00000000 ____C C:\Users\sven\defogger_reenable
2013-10-02 09:30 - 2013-10-02 13:05 - 00111520 ____C C:\Users\sven\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-02 09:19 - 2013-10-02 09:27 - 00000000 ___DC C:\Users\sven\Desktop\Samsung
2013-10-01 23:43 - 2013-10-04 17:54 - 00442528 ____C C:\Windows\system32\FNTCACHE.DAT
2013-10-01 21:20 - 2013-10-02 21:14 - 03265072 ____C C:\Users\sven\AppData\Local\IconCache.db.bak
2013-10-01 21:14 - 2013-10-02 10:03 - 00000000 ___DC C:\Program Files\Apoint2K
2013-10-01 21:14 - 2013-10-01 21:14 - 00000000 ___DC C:\Program Files\ATI Technologies
2013-10-01 21:14 - 2013-10-01 21:14 - 00000000 ____C C:\Windows\system32\Drivers\Msft_Kernel_Apfiltr_01009.Wdf
2013-10-01 21:13 - 2013-04-23 10:32 - 00495408 ____C (Alps Electric Co., Ltd.) C:\Windows\system32\Drivers\Apfiltr.sys
2013-10-01 21:13 - 2013-02-28 21:29 - 00116056 ____C (Alps Electric Co., Ltd.) C:\Windows\system32\Vxdif.dll
2013-10-01 09:48 - 2013-10-04 09:12 - 00000000 ___DC C:\AdwCleaner
2013-10-01 09:14 - 2013-10-01 09:14 - 00000000 ____C C:\ProgramData\DP45977C.lfl
2013-10-01 08:16 - 2013-10-01 08:16 - 00000000 ___DC C:\Users\sven\Documents\ProcAlyzer Dumps
2013-09-30 23:40 - 2013-09-29 00:30 - 00000855 ____C C:\Windows\system32\Drivers\etc\hosts.20130930-234012.backup
2013-09-30 23:30 - 2013-10-01 08:16 - 00000000 ___DC C:\ProgramData\Spybot - Search & Destroy
2013-09-30 23:30 - 2013-09-30 23:30 - 00001383 ____C C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-09-30 23:30 - 2013-09-30 23:30 - 00000000 ___DC C:\Windows\System32\Tasks\Safer-Networking
2013-09-30 23:30 - 2013-09-30 23:30 - 00000000 ___DC C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-09-30 23:30 - 2009-01-25 13:14 - 00017272 ____C (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2013-09-30 23:22 - 2013-09-30 23:22 - 00051496 ____C (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-09-30 23:21 - 2013-10-03 11:19 - 00000000 ___DC C:\Users\sven\AppData\Local\CrashDumps
2013-09-30 23:10 - 2013-09-30 23:10 - 00000000 ___DC C:\Windows\Repair
2013-09-30 23:01 - 2013-09-30 23:03 - 00000000 ___DC C:\Program Files (x86)\Advanced System Optimizer 3
2013-09-30 23:01 - 2013-09-30 23:01 - 00001522 ____C C:\Users\Public\Desktop\Intelligente PC-Wartung.lnk
2013-09-30 23:01 - 2013-09-30 23:01 - 00001470 ____C C:\Users\Public\Desktop\Advanced System Optimizer.lnk
2013-09-30 22:26 - 2013-09-30 22:37 - 00000000 ___DC C:\ProgramData\SecTaskMan
2013-09-30 20:50 - 2013-09-30 20:50 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Mozilla
2013-09-30 20:48 - 2013-09-30 20:50 - 00000000 ___DC C:\Users\sven\AppData\Roaming\DAEMON Tools Lite
2013-09-30 18:54 - 2013-09-30 18:55 - 00000000 ___DC C:\Users\sven\Downloads\MO10
2013-09-30 18:50 - 2013-09-30 18:50 - 00615936 ____C C:\Windows\AutoKMS.exe
2013-09-30 18:50 - 2013-09-30 18:50 - 00000161 ____C C:\Windows\AutoKMS.ini
2013-09-30 12:33 - 2013-10-01 10:41 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2013-09-30 12:33 - 2013-10-01 10:41 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2013-09-30 12:33 - 2013-10-01 10:41 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2013-09-30 12:33 - 2013-10-01 10:41 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2013-09-30 12:33 - 2013-10-01 10:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2013-09-30 12:33 - 2013-10-01 10:41 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2013-09-30 12:33 - 2013-10-01 10:41 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2013-09-30 12:33 - 2013-10-01 10:41 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2013-09-30 12:33 - 2013-10-01 10:41 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2013-09-30 12:33 - 2013-10-01 10:41 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2013-09-30 12:33 - 2013-10-01 10:41 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2013-09-30 12:33 - 2013-10-01 10:41 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2013-09-30 11:57 - 2013-09-30 11:57 - 00000000 ___DC C:\Program Files\Microsoft Synchronization Services
2013-09-30 11:56 - 2013-09-30 11:56 - 00000000 ___DC C:\Program Files\Microsoft Sync Framework
2013-09-30 11:56 - 2013-09-30 11:56 - 00000000 ___DC C:\Program Files\Microsoft SQL Server Compact Edition
2013-09-30 11:53 - 2013-09-30 11:53 - 00000000 ___DC C:\Program Files (x86)\Microsoft Visual Studio 8
2013-09-30 11:52 - 2013-09-30 11:52 - 00000000 __RDC C:\MSOCache
2013-09-30 11:52 - 2013-09-30 11:52 - 00000000 ___DC C:\Program Files (x86)\Microsoft Office
2013-09-30 11:46 - 2013-09-30 11:46 - 00000000 ___DC C:\Windows\SysWOW64\BestPractices
2013-09-30 11:46 - 2013-09-30 11:46 - 00000000 ___DC C:\Windows\system32\BestPractices
2013-09-30 11:46 - 2013-09-30 11:46 - 00000000 ___DC C:\inetpub
2013-09-30 00:16 - 2013-09-30 00:16 - 00000000 ___DC C:\Users\sven\AppData\Roaming\WinRAR
2013-09-30 00:16 - 2013-09-30 00:16 - 00000000 ___DC C:\Program Files\WinRAR
2013-09-29 07:52 - 2013-09-29 07:52 - 00000020 __SHC C:\Users\sven\ntuser.ini
2013-09-29 00:57 - 2013-10-04 09:20 - 00001436 ____C C:\Users\sven\Desktop\Google Chrome.lnk
2013-09-29 00:57 - 2013-10-04 09:12 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-09-29 00:31 - 2013-10-04 19:08 - 01122499 ____C C:\Windows\WindowsUpdate.log
2013-09-29 00:10 - 2013-09-29 00:10 - 00000000 ___DC C:\Program Files\Common Files\SpeechEngines
2013-09-28 21:04 - 2013-09-28 21:04 - 00000000 ___DC C:\ProgramData\Sun
2013-09-28 21:04 - 2013-09-28 21:03 - 00868264 ____C (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-09-28 21:04 - 2013-09-28 21:03 - 00790440 ____C (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-09-28 21:04 - 2013-09-28 21:03 - 00264616 ____C (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-28 21:04 - 2013-09-28 21:03 - 00175016 ____C (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-28 21:04 - 2013-09-28 21:03 - 00175016 ____C (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-28 21:04 - 2013-09-28 21:03 - 00096168 ____C (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-28 21:03 - 2013-09-28 21:03 - 00000000 ___DC C:\Program Files (x86)\Java
2013-09-28 19:31 - 2013-09-29 00:50 - 00000000 ___DC C:\Users\sven\AppData\Roaming\AllDup
2013-09-28 19:31 - 2013-09-28 19:31 - 00000000 ___DC C:\ProgramData\AllDup
2013-09-28 19:31 - 2010-10-13 06:42 - 02369456 ____C (Codejock Software) C:\Windows\SysWOW64\Codejock.CommandBars.v13.4.2.ocx
2013-09-28 19:31 - 2010-08-20 21:53 - 00086016 ____C (Michael Thummerer Software Design) C:\Windows\SysWOW64\mtSplitter.ocx
2013-09-28 19:31 - 2010-06-11 10:50 - 00089888 ____C (Michael Thummerer Software Design) C:\Windows\SysWOW64\mtFrame.ocx
2013-09-28 19:31 - 2010-06-01 14:45 - 01005088 ____C (Bennet-Tec Information Systems, Inc) C:\Windows\SysWOW64\TList8.ocx
2013-09-28 19:31 - 2010-03-25 10:33 - 00171752 ____C (Michael Thummerer Software Design) C:\Windows\SysWOW64\mtRTF2.ocx
2013-09-28 19:31 - 2009-10-13 00:02 - 00044736 ____C (Michael Thummerer Software Design) C:\Windows\SysWOW64\mtSubclass.dll
2013-09-28 19:31 - 2009-10-13 00:01 - 00077504 ____C (Michael Thummerer Software Design) C:\Windows\SysWOW64\mtScrollContainer.ocx
2013-09-28 19:31 - 2008-01-29 07:57 - 00450560 ____C (LogicNP Software (hxxp://www.ssware.com)) C:\Windows\SysWOW64\fldrvw90.ocx
2013-09-27 20:24 - 2013-09-27 20:46 - 00000000 ___DC C:\Windows\erdnt
2013-09-27 17:01 - 2013-09-27 17:01 - 00151464 ____C C:\Users\sven\Documents\pinfect.zip
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\VDLL.DLL
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\SysWOW64\runouce.exe
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\rundll16.exe
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\RUNDL132.EXE
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\logo1_.exe
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\logo_1.exe
2013-09-27 15:59 - 2013-09-27 16:53 - 00000193 ____C C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2013-09-27 15:57 - 2013-09-27 16:54 - 00000000 ___DC C:\ProgramData\Soluto
2013-09-27 15:42 - 2013-09-27 16:02 - 00000054 ____C C:\Windows\Lic.xxx
2013-09-27 15:41 - 2013-09-27 15:41 - 00632064 ____C (Microsoft Corporation) C:\Windows\SysWOW64\msvcr80.dll
2013-09-27 15:41 - 2013-09-27 15:41 - 00554240 ____C (Microsoft Corporation) C:\Windows\SysWOW64\msvcp80.dll
2013-09-27 15:41 - 2013-09-27 15:41 - 00034048 ____C (MicroWorld Technologies Inc.) C:\Windows\SysWOW64\eEmpty.exe
2013-09-27 15:41 - 2013-09-27 15:41 - 00000000 ___DC C:\ProgramData\MicroWorld
2013-09-27 15:41 - 2005-09-22 23:22 - 00000522 ____C C:\Windows\SysWOW64\Microsoft.VC80.CRT.manifest
2013-09-24 13:25 - 2013-09-24 13:25 - 00000000 ___DC C:\Users\sven\Documents\Benutzerdefinierte Office-Vorlagen
2013-09-23 13:15 - 2013-09-23 13:15 - 00000000 ____C C:\Windows\HPMProp.INI
2013-09-23 11:58 - 2013-09-30 11:57 - 00000000 ___DC C:\Program Files\Common Files\DESIGNER
2013-09-23 11:54 - 2013-09-29 00:10 - 00000000 ___DC C:\Program Files\Common Files\SYSTEM
2013-09-23 11:32 - 2013-09-23 11:32 - 00000000 ___DC C:\Users\Admin\AppData\Local\Google
2013-09-23 08:13 - 2013-05-10 09:41 - 00518432 ____C (HP) C:\Windows\SysWOW64\hpcdmc32.dll
2013-09-23 08:13 - 2013-05-10 09:40 - 00237344 ____C (Hewlett-Packard Company) C:\Windows\system32\hpmlm135.dll
2013-09-23 08:13 - 2013-05-10 09:40 - 00216864 ____C (Hewlett-Packard) C:\Windows\system32\hpmml150.dll
2013-09-23 08:13 - 2013-05-10 09:40 - 00189728 ____C (Hewlett-Packard) C:\Windows\system32\hpmpm081.dll
2013-09-23 08:13 - 2013-05-10 09:40 - 00162080 ____C (Hewlett-Packard) C:\Windows\system32\hpmtp150.dll
2013-09-23 08:13 - 2013-05-10 09:40 - 00074016 ____C (Hewlett-Packard) C:\Windows\system32\hpmpw081.dll
2013-09-23 08:13 - 2013-05-10 09:39 - 00438560 ____C (Hewlett-Packard Corporation) C:\Windows\system32\hpcpn150.dll
2013-09-23 08:13 - 2013-05-10 09:39 - 00199968 ____C (Hewlett-Packard) C:\Windows\system32\hpmja150.dll
2013-09-23 08:13 - 2013-05-10 09:38 - 00140064 ____C (Hewlett-Packard) C:\Windows\system32\hpcjpm.dll
2013-09-23 08:13 - 2013-05-10 09:36 - 00436512 ____C C:\Windows\SysWOW64\hpcc3150.dll
2013-09-23 08:13 - 2011-02-11 15:23 - 00193592 ____C (Hewlett-Packard) C:\Windows\system32\hppdcompio.dll
2013-09-23 08:13 - 2011-02-11 15:23 - 00167480 ____C (Hewlett-Packard) C:\Windows\SysWOW64\hppccompio.dll
2013-09-23 08:13 - 2009-02-25 17:32 - 00060440 ____C (Hewlett-Packard) C:\Windows\system32\FxCompChannel_x64.dll
2013-09-23 07:43 - 2013-09-23 07:43 - 00000000 ___DC C:\Program Files (x86)\Toshiba
2013-09-23 00:04 - 2007-09-14 23:12 - 01459712 ____C C:\Windows\system32\wstbtnrb.dll
2013-09-23 00:04 - 2007-09-14 23:12 - 00009856 ____C (Lenovo) C:\Windows\system32\Drivers\wstbtndb.sys
2013-09-22 23:53 - 2013-09-22 23:53 - 00000000 ___DC C:\Windows\Dell
2013-09-22 23:53 - 2013-09-22 23:53 - 00000000 ___DC C:\Users\sven\AppData\Roaming\InstallShield
2013-09-22 23:53 - 2013-09-22 23:53 - 00000000 ___DC C:\Program Files (x86)\Lenovo
2013-09-22 22:54 - 2013-09-22 22:54 - 00000000 ___DC C:\Users\sven\AppData\Local\WinSweeper
2013-09-22 22:54 - 2013-09-22 22:54 - 00000000 ___DC C:\Program Files (x86)\WinSweeper
2013-09-22 22:18 - 2013-09-27 17:27 - 00000260 ____C C:\Windows\Tasks\DriverDoc.job
2013-09-22 22:18 - 2013-09-27 16:56 - 00002992 ____C C:\Windows\System32\Tasks\DriverDoc
2013-09-22 22:13 - 2013-09-27 17:27 - 00000276 ____C C:\Windows\Tasks\DriverDoc_UPDATES.job
2013-09-22 22:13 - 2013-09-27 16:56 - 00003014 ____C C:\Windows\System32\Tasks\DriverDoc_UPDATES
2013-09-22 22:13 - 2013-09-22 22:13 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Solvusoft
2013-09-22 22:13 - 2013-09-22 22:13 - 00000000 ___DC C:\Program Files (x86)\DriverDoc
2013-09-22 18:41 - 2013-09-22 18:41 - 00000000 ___DC C:\Users\sven\AppData\Roaming\ZoomBrowser EX
2013-09-22 18:38 - 2013-09-22 18:38 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Canon
2013-09-22 18:30 - 2013-09-22 18:30 - 00000000 ___DC C:\ProgramData\ZoomBrowser
2013-09-22 18:29 - 2013-09-22 18:43 - 00000000 ___DC C:\Program Files (x86)\Canon
2013-09-20 19:36 - 2013-09-20 19:36 - 00000635 ____C C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-09-20 13:35 - 2013-09-20 15:51 - 00004697 ____C C:\ProgramData\hpzinstall.log
2013-09-19 07:20 - 2013-09-19 18:12 - 98378485 ____C C:\Windows\SysWOW64\ῲꤓE
2013-09-18 08:46 - 2013-09-18 08:46 - 98106403 ____C C:\Windows\SysWOW64\职D
2013-09-16 15:08 - 2013-09-16 15:08 - 00021712 ____C (Phoenix Technologies) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
2013-09-16 15:08 - 2013-09-16 15:08 - 00000000 ___DC C:\Users\sven\AppData\Local\eSupport.com
2013-09-16 14:55 - 2013-09-16 14:55 - 00000000 ___DC C:\Program Files\CPUID
2013-09-16 13:35 - 2013-10-02 22:32 - 00003160 ____C C:\Windows\System32\Tasks\SidebarExecute
2013-09-16 13:32 - 2013-09-16 13:32 - 00000207 ____C C:\Windows\tweaking.com-regbackup-AUDIA3-Microsoft-Windows-7-Home-Premium-(64-Bit).dat
2013-09-16 13:31 - 2013-09-16 13:31 - 00000000 ___DC C:\RegBackup
2013-09-16 11:43 - 2013-09-16 11:43 - 00003134 ____C C:\Windows\System32\Tasks\{BA2F4B9B-111E-4ACD-B5C8-CEE0CE8306EA}
2013-09-14 19:15 - 2013-09-14 19:15 - 00000000 ___DC C:\Users\Default\AppData\Local\Microsoft Help
2013-09-14 19:15 - 2013-09-14 19:15 - 00000000 ___DC C:\Users\Default User\AppData\Local\Microsoft Help
2013-09-14 14:33 - 2013-09-14 14:33 - 00000000 ___DC C:\Program Files (x86)\Microsoft SQL Server
2013-09-14 14:31 - 2013-09-14 14:33 - 00000000 ___DC C:\Program Files\Microsoft SQL Server
2013-09-14 14:31 - 2013-09-14 14:31 - 00000000 ___DC C:\Windows\PCHEALTH
2013-09-14 14:28 - 2013-09-30 11:56 - 00000000 ___DC C:\Program Files\Microsoft Office
2013-09-14 14:28 - 2013-09-14 14:28 - 00000000 ___DC C:\Program Files\Microsoft Analysis Services
2013-09-14 14:28 - 2013-09-14 14:28 - 00000000 ___DC C:\Program Files (x86)\Microsoft Analysis Services
2013-09-14 14:16 - 2013-09-30 00:16 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-09-14 13:26 - 2013-09-29 23:16 - 00000000 ___DC C:\Program Files (x86)\MO 2013
2013-09-13 09:12 - 2013-09-13 09:12 - 00002770 ____C C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2013-09-12 22:07 - 2013-09-24 09:13 - 00000000 ___DC C:\Program Files (x86)\TuneUp Utilities 2014
2013-09-12 22:07 - 2013-09-12 22:07 - 00000000 ___DC C:\Users\sven\AppData\Roaming\TuneUp Software
2013-09-12 22:06 - 2013-09-12 22:11 - 00000000 _SHDC C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-09-12 21:19 - 2013-09-23 11:26 - 00000000 ___DC C:\Users\Admin\AppData\Roaming\TuneUp Software
2013-09-12 21:18 - 2013-09-12 21:18 - 00000000 ___DC C:\Users\Admin\AppData\Roaming\WinPatrol
2013-09-12 10:58 - 2013-09-12 10:58 - 00001370 ____C C:\Users\Public\Desktop\Wöchentlich - Malwarebytes Anti-Malware .lnk
2013-09-11 21:59 - 2013-10-04 20:04 - 00001106 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-11 21:59 - 2013-10-04 17:55 - 00001102 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-11 21:59 - 2013-10-03 08:23 - 00004112 ____C C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-09-11 21:59 - 2013-10-03 08:23 - 00003860 ____C C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-09-11 21:59 - 2013-09-11 22:01 - 00000000 ___DC C:\Program Files (x86)\Google
2013-09-11 08:44 - 2013-09-24 08:51 - 00000000 ___DC C:\Windows\pss
2013-09-11 08:19 - 2013-09-11 08:48 - 00001278 ____C C:\Users\Public\Desktop\Wöchentlich - CCleaner.lnk
2013-09-11 08:19 - 2013-09-11 08:19 - 00002770 ____C C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-10 23:50 - 2013-10-02 22:37 - 00000000 ___DC C:\Program Files (x86)\Schutzprogramme für Laptop
2013-09-10 23:17 - 2013-09-10 23:48 - 00001912 ____C C:\Windows\epplauncher.mif
2013-09-10 23:12 - 2013-08-05 04:25 - 00155584 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-10 23:01 - 2013-09-10 23:01 - 00000000 ___DC C:\Users\sven\AppData\Roaming\WinPatrol
2013-09-10 23:01 - 2013-09-10 23:01 - 00000000 ___DC C:\ProgramData\InstallMate
2013-09-10 22:15 - 2013-09-12 07:18 - 00000000 ___DC C:\Users\Public\Recorded TV
2013-09-10 22:00 - 2013-10-04 17:50 - 00000127 ____C C:\Windows\win.ini
2013-09-10 21:49 - 2013-09-10 21:50 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-10 21:49 - 2013-09-10 21:50 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-10 21:49 - 2013-09-10 21:50 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-10 21:49 - 2013-09-10 21:50 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-10 21:49 - 2013-09-10 21:50 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-10 21:49 - 2013-09-10 21:50 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-10 21:49 - 2013-09-10 21:50 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-10 21:40 - 2013-09-10 21:44 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-10 21:40 - 2013-09-10 21:44 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-10 21:40 - 2013-09-10 21:44 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-10 21:40 - 2013-09-10 21:44 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-10 21:40 - 2013-09-10 21:44 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-10 21:40 - 2013-09-10 21:44 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-10 21:40 - 2013-09-10 21:43 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-10 21:40 - 2013-09-10 21:43 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-10 21:40 - 2013-09-10 21:43 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-10 21:40 - 2013-09-10 21:43 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-10 21:39 - 2013-09-10 21:44 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-10 21:39 - 2013-09-10 21:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-10 21:39 - 2013-09-10 21:44 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-10 21:39 - 2013-09-10 21:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-10 21:39 - 2013-09-10 21:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00006144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-10 21:39 - 2013-09-10 21:44 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-10 21:24 - 2013-10-04 17:52 - 00181064 ____C (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-09-10 21:21 - 2013-09-29 00:48 - 00000000 ___DC C:\Program Files\7-Zip
2013-09-10 20:19 - 2013-09-12 22:10 - 00001340 ____C C:\Users\Public\Desktop\Wöchentlich - SpywareBlaster.lnk
2013-09-10 20:19 - 2013-09-10 20:19 - 00000000 ___DC C:\ProgramData\Licenses
2013-09-10 20:19 - 2011-11-04 05:13 - 01070352 ____C (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
2013-09-10 20:19 - 2009-03-24 12:52 - 00129872 ____C (Microsoft Corporation) C:\Windows\SysWOW64\MSSTDFMT.DLL
2013-09-10 19:55 - 2013-09-10 19:55 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Malwarebytes
2013-09-10 19:55 - 2013-09-10 19:55 - 00000000 ___DC C:\ProgramData\Malwarebytes
2013-09-10 19:55 - 2013-04-04 14:50 - 00025928 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-10 19:44 - 2013-09-10 19:44 - 00000000 ___DC C:\Users\sven\AppData\Local\Secunia PSI
2013-09-10 18:16 - 2013-09-10 18:16 - 00262144 _____ C:\Windows\system32\config\elam
2013-09-08 10:09 - 2013-09-08 10:09 - 00000078 ____C C:\Users\sven\Documents\Powers.log
==================== One Month Modified Files and Folders =======
2013-10-04 20:19 - 2013-10-04 17:12 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Systweak
2013-10-04 20:04 - 2013-09-11 21:59 - 00001106 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-04 19:39 - 2012-09-01 09:37 - 00000884 ____C C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-04 19:29 - 2011-02-07 14:00 - 00000000 ___DC C:\ProgramData\Kaspersky Lab
2013-10-04 19:08 - 2013-09-29 00:31 - 01122499 ____C C:\Windows\WindowsUpdate.log
2013-10-04 18:14 - 2013-10-02 15:25 - 00000000 ___DC C:\Users\sven\Desktop\LOGFILE
2013-10-04 18:03 - 2013-10-04 18:03 - 00000000 ___DC C:\Program Files (x86)\ESET
2013-10-04 18:03 - 2013-10-04 18:02 - 02347384 ____C (ESET) C:\Users\sven\Downloads\esetsmartinstaller_enu.exe
2013-10-04 18:03 - 2009-07-14 06:45 - 00013936 ____C C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-04 18:03 - 2009-07-14 06:45 - 00013936 ____C C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-04 18:00 - 2010-06-01 19:30 - 00753864 ____C C:\Windows\system32\perfh007.dat
2013-10-04 18:00 - 2010-06-01 19:30 - 00168998 ____C C:\Windows\system32\perfc007.dat
2013-10-04 18:00 - 2009-07-14 07:13 - 01790480 ____C C:\Windows\system32\PerfStringBackup.INI
2013-10-04 17:55 - 2013-09-11 21:59 - 00001102 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-04 17:55 - 2009-07-14 07:08 - 00000006 ___HC C:\Windows\Tasks\SA.DAT
2013-10-04 17:54 - 2013-10-04 09:14 - 00000224 ____C C:\Windows\setupact.log
2013-10-04 17:54 - 2013-10-04 09:13 - 00000898 ____C C:\Windows\PFRO.log
2013-10-04 17:54 - 2013-10-01 23:43 - 00442528 ____C C:\Windows\system32\FNTCACHE.DAT
2013-10-04 17:52 - 2013-09-10 21:24 - 00181064 ____C (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-10-04 17:50 - 2013-09-10 22:00 - 00000127 ____C C:\Windows\win.ini
2013-10-04 17:06 - 2013-10-04 17:04 - 03264218 ____C C:\Users\sven\Downloads\tweaking.com_windows_repair_aio.zip
2013-10-04 09:22 - 2013-10-04 09:22 - 00000000 ___DC C:\Windows\ERUNT
2013-10-04 09:20 - 2013-09-29 00:57 - 00001436 ____C C:\Users\sven\Desktop\Google Chrome.lnk
2013-10-04 09:14 - 2013-10-04 09:14 - 00000000 ____C C:\Windows\setuperr.log
2013-10-04 09:12 - 2013-10-01 09:48 - 00000000 ___DC C:\AdwCleaner
2013-10-04 09:12 - 2013-09-29 00:57 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-10-03 11:19 - 2013-09-30 23:21 - 00000000 ___DC C:\Users\sven\AppData\Local\CrashDumps
2013-10-03 11:19 - 2011-02-07 22:11 - 00000000 ___DC C:\Windows\Minidump
2013-10-03 10:57 - 2013-10-03 10:33 - 00000000 ___DC C:\Qoobox
2013-10-03 10:02 - 2011-01-23 15:30 - 00000000 ___DC C:\ProgramData\TuneUp Software
2013-10-03 08:23 - 2013-09-11 21:59 - 00004112 ____C C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-03 08:23 - 2013-09-11 21:59 - 00003860 ____C C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-02 22:37 - 2013-09-10 23:50 - 00000000 ___DC C:\Program Files (x86)\Schutzprogramme für Laptop
2013-10-02 22:32 - 2013-09-16 13:35 - 00003160 ____C C:\Windows\System32\Tasks\SidebarExecute
2013-10-02 21:18 - 2013-10-02 21:18 - 00009864 ____N C:\bootsqm.dat
2013-10-02 21:14 - 2013-10-01 21:20 - 03265072 ____C C:\Users\sven\AppData\Local\IconCache.db.bak
2013-10-02 18:23 - 2013-10-02 18:23 - 00000020 __SHC C:\Users\DefaultAppPool\ntuser.ini
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\Vorlagen
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\Startmenü
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\Netzwerkumgebung
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\Lokale Einstellungen
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\Druckumgebung
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 SHDCL C:\Users\DefaultAppPool\Anwendungsdaten
2013-10-02 18:23 - 2013-10-02 18:23 - 00000000 ___DC C:\Users\DefaultAppPool
2013-10-02 13:35 - 2013-10-02 13:35 - 00000000 ___DC C:\Program Files (x86)\7-Zip
2013-10-02 13:05 - 2013-10-02 09:30 - 00111520 ____C C:\Users\sven\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-02 12:19 - 2013-10-02 12:19 - 00057856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys.bak
2013-10-02 12:18 - 2013-10-02 12:18 - 00061440 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys.bak
2013-10-02 10:08 - 2013-10-02 10:08 - 00000000 ___DC C:\FRST
2013-10-02 10:06 - 2013-10-02 10:06 - 00000000 ____C C:\Users\sven\defogger_reenable
2013-10-02 10:06 - 2010-12-30 15:42 - 00000000 ___DC C:\Users\sven
2013-10-02 10:03 - 2013-10-01 21:14 - 00000000 ___DC C:\Program Files\Apoint2K
2013-10-02 09:27 - 2013-10-02 09:19 - 00000000 ___DC C:\Users\sven\Desktop\Samsung
2013-10-02 08:22 - 2011-01-07 20:26 - 00007605 ____C C:\Users\sven\AppData\Local\Resmon.ResmonCfg
2013-10-02 00:16 - 2010-06-01 03:06 - 00000000 ___DC C:\Program Files (x86)\Samsung
2013-10-02 00:16 - 2010-06-01 02:59 - 00000000 ___DC C:\Program Files (x86)\InstallShield Installation Information
2013-10-01 21:14 - 2013-10-01 21:14 - 00000000 ___DC C:\Program Files\ATI Technologies
2013-10-01 21:14 - 2013-10-01 21:14 - 00000000 ____C C:\Windows\system32\Drivers\Msft_Kernel_Apfiltr_01009.Wdf
2013-10-01 11:47 - 2009-07-14 05:20 - 00000000 ___DC C:\Windows\SysWOW64\inetsrv
2013-10-01 11:47 - 2009-07-14 05:20 - 00000000 ___DC C:\Windows\system32\inetsrv
2013-10-01 10:44 - 2010-12-30 21:50 - 00000000 ___DC C:\ProgramData\Microsoft Help
2013-10-01 10:41 - 2013-09-30 12:33 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2013-10-01 10:41 - 2013-09-30 12:33 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2013-10-01 10:41 - 2013-09-30 12:33 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2013-10-01 10:41 - 2013-09-30 12:33 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2013-10-01 10:41 - 2013-09-30 12:33 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2013-10-01 10:41 - 2013-09-30 12:33 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2013-10-01 10:41 - 2013-09-30 12:33 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2013-10-01 10:41 - 2013-09-30 12:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2013-10-01 10:41 - 2013-09-30 12:33 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2013-10-01 10:41 - 2013-09-30 12:33 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2013-10-01 10:41 - 2013-09-30 12:33 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2013-10-01 10:41 - 2013-09-30 12:33 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2013-10-01 09:14 - 2013-10-01 09:14 - 00000000 ____C C:\ProgramData\DP45977C.lfl
2013-10-01 09:13 - 2010-06-01 03:02 - 00000000 ___DC C:\Windows\SysWOW64\RTCOM
2013-10-01 09:13 - 2010-06-01 03:02 - 00000000 ___DC C:\Windows\system32\SRSLabs
2013-10-01 08:50 - 2010-12-30 21:48 - 01742138 ____C C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-01 08:16 - 2013-10-01 08:16 - 00000000 ___DC C:\Users\sven\Documents\ProcAlyzer Dumps
2013-10-01 08:16 - 2013-09-30 23:30 - 00000000 ___DC C:\ProgramData\Spybot - Search & Destroy
2013-09-30 23:30 - 2013-09-30 23:30 - 00001383 ____C C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-09-30 23:30 - 2013-09-30 23:30 - 00000000 ___DC C:\Windows\System32\Tasks\Safer-Networking
2013-09-30 23:30 - 2013-09-30 23:30 - 00000000 ___DC C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-09-30 23:22 - 2013-09-30 23:22 - 00051496 ____C (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-09-30 23:10 - 2013-09-30 23:10 - 00000000 ___DC C:\Windows\Repair
2013-09-30 23:03 - 2013-09-30 23:01 - 00000000 ___DC C:\Program Files (x86)\Advanced System Optimizer 3
2013-09-30 23:01 - 2013-09-30 23:01 - 00001522 ____C C:\Users\Public\Desktop\Intelligente PC-Wartung.lnk
2013-09-30 23:01 - 2013-09-30 23:01 - 00001470 ____C C:\Users\Public\Desktop\Advanced System Optimizer.lnk
2013-09-30 22:37 - 2013-09-30 22:26 - 00000000 ___DC C:\ProgramData\SecTaskMan
2013-09-30 20:54 - 2011-01-02 23:19 - 00000000 _SHDC C:\Temporäre Internetdateien
2013-09-30 20:50 - 2013-09-30 20:50 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Mozilla
2013-09-30 20:50 - 2013-09-30 20:48 - 00000000 ___DC C:\Users\sven\AppData\Roaming\DAEMON Tools Lite
2013-09-30 18:55 - 2013-09-30 18:54 - 00000000 ___DC C:\Users\sven\Downloads\MO10
2013-09-30 18:50 - 2013-09-30 18:50 - 00615936 ____C C:\Windows\AutoKMS.exe
2013-09-30 18:50 - 2013-09-30 18:50 - 00000161 ____C C:\Windows\AutoKMS.ini
2013-09-30 16:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-30 11:57 - 2013-09-30 11:57 - 00000000 ___DC C:\Program Files\Microsoft Synchronization Services
2013-09-30 11:57 - 2013-09-23 11:58 - 00000000 ___DC C:\Program Files\Common Files\DESIGNER
2013-09-30 11:56 - 2013-09-30 11:56 - 00000000 ___DC C:\Program Files\Microsoft Sync Framework
2013-09-30 11:56 - 2013-09-30 11:56 - 00000000 ___DC C:\Program Files\Microsoft SQL Server Compact Edition
2013-09-30 11:56 - 2013-09-14 14:28 - 00000000 ___DC C:\Program Files\Microsoft Office
2013-09-30 11:56 - 2009-07-14 07:32 - 00000000 ___DC C:\Program Files (x86)\MSBuild
2013-09-30 11:56 - 2009-07-14 05:20 - 00000000 ___DC C:\Program Files\Common Files\Microsoft Shared
2013-09-30 11:53 - 2013-09-30 11:53 - 00000000 ___DC C:\Program Files (x86)\Microsoft Visual Studio 8
2013-09-30 11:53 - 2010-06-01 19:15 - 00000000 ___DC C:\Windows\ShellNew
2013-09-30 11:52 - 2013-09-30 11:52 - 00000000 __RDC C:\MSOCache
2013-09-30 11:52 - 2013-09-30 11:52 - 00000000 ___DC C:\Program Files (x86)\Microsoft Office
2013-09-30 11:46 - 2013-09-30 11:46 - 00000000 ___DC C:\Windows\SysWOW64\BestPractices
2013-09-30 11:46 - 2013-09-30 11:46 - 00000000 ___DC C:\Windows\system32\BestPractices
2013-09-30 11:46 - 2013-09-30 11:46 - 00000000 ___DC C:\inetpub
2013-09-30 08:12 - 2010-06-01 19:15 - 00000000 ___DC C:\Program Files\Windows Journal
2013-09-30 08:12 - 2009-07-14 07:32 - 00000000 ___DC C:\Program Files\Windows Sidebar
2013-09-30 08:12 - 2009-07-14 07:32 - 00000000 ___DC C:\Program Files\Windows Portable Devices
2013-09-30 00:16 - 2013-09-30 00:16 - 00000000 ___DC C:\Users\sven\AppData\Roaming\WinRAR
2013-09-30 00:16 - 2013-09-30 00:16 - 00000000 ___DC C:\Program Files\WinRAR
2013-09-30 00:16 - 2013-09-14 14:16 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-09-29 23:16 - 2013-09-14 13:26 - 00000000 ___DC C:\Program Files (x86)\MO 2013
2013-09-29 22:51 - 2009-07-14 05:20 - 00000000 ___DC C:\Windows\system32\NDF
2013-09-29 15:37 - 2011-04-10 16:16 - 00000000 ___DC C:\Users\Admin
2013-09-29 07:56 - 2009-07-14 06:54 - 00000749 ___RC C:\Windows\WindowsShell.Manifest
2013-09-29 07:56 - 2009-07-14 05:20 - 00000000 __RDC C:\Users\Public\Libraries
2013-09-29 07:52 - 2013-09-29 07:52 - 00000020 __SHC C:\Users\sven\ntuser.ini
2013-09-29 00:50 - 2013-09-28 19:31 - 00000000 ___DC C:\Users\sven\AppData\Roaming\AllDup
2013-09-29 00:49 - 2011-02-06 17:26 - 00000000 ___DC C:\ProgramData\Kaspersky Lab ZAO
2013-09-29 00:48 - 2013-09-10 21:21 - 00000000 ___DC C:\Program Files\7-Zip
2013-09-29 00:47 - 2011-04-10 16:17 - 00000000 __RDC C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-29 00:47 - 2011-04-10 16:17 - 00000000 __RDC C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-29 00:47 - 2011-04-10 16:16 - 00000000 __RDC C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-09-29 00:47 - 2011-04-10 16:16 - 00000000 __RDC C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-09-29 00:47 - 2010-12-30 16:02 - 00000000 __RDC C:\Users\sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-29 00:47 - 2010-12-30 16:02 - 00000000 __RDC C:\Users\sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-29 00:47 - 2010-12-30 15:42 - 00000000 __RDC C:\Users\sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-09-29 00:47 - 2010-12-30 15:42 - 00000000 __RDC C:\Users\sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-09-29 00:46 - 2010-12-30 22:25 - 00000000 ___DC C:\Users\sven\Documents\Sven
2013-09-29 00:30 - 2013-09-30 23:40 - 00000855 ____C C:\Windows\system32\Drivers\etc\hosts.20130930-234012.backup
2013-09-29 00:10 - 2013-09-29 00:10 - 00000000 ___DC C:\Program Files\Common Files\SpeechEngines
2013-09-29 00:10 - 2013-09-23 11:54 - 00000000 ___DC C:\Program Files\Common Files\SYSTEM
2013-09-28 23:27 - 2009-07-14 05:20 - 00000000 ___DC C:\Windows\registration
2013-09-28 21:04 - 2013-09-28 21:04 - 00000000 ___DC C:\ProgramData\Sun
2013-09-28 21:03 - 2013-09-28 21:04 - 00868264 ____C (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-09-28 21:03 - 2013-09-28 21:04 - 00790440 ____C (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-09-28 21:03 - 2013-09-28 21:04 - 00264616 ____C (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-28 21:03 - 2013-09-28 21:04 - 00175016 ____C (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-28 21:03 - 2013-09-28 21:04 - 00175016 ____C (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-28 21:03 - 2013-09-28 21:04 - 00096168 ____C (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-28 21:03 - 2013-09-28 21:03 - 00000000 ___DC C:\Program Files (x86)\Java
2013-09-28 20:17 - 2011-01-25 13:30 - 00002772 ____C C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2011
2013-09-28 20:17 - 2010-06-01 03:06 - 00003160 _____ C:\Windows\System32\Tasks\SUPBackground
2013-09-28 19:31 - 2013-09-28 19:31 - 00000000 ___DC C:\ProgramData\AllDup
2013-09-28 10:00 - 2013-05-11 21:11 - 00000000 ___DC C:\Users\sven\Desktop\Neuer Ordner
2013-09-27 20:46 - 2013-09-27 20:24 - 00000000 ___DC C:\Windows\erdnt
2013-09-27 17:27 - 2013-09-22 22:18 - 00000260 ____C C:\Windows\Tasks\DriverDoc.job
2013-09-27 17:27 - 2013-09-22 22:13 - 00000276 ____C C:\Windows\Tasks\DriverDoc_UPDATES.job
2013-09-27 17:01 - 2013-09-27 17:01 - 00151464 ____C C:\Users\sven\Documents\pinfect.zip
2013-09-27 16:56 - 2013-09-22 22:18 - 00002992 ____C C:\Windows\System32\Tasks\DriverDoc
2013-09-27 16:56 - 2013-09-22 22:13 - 00003014 ____C C:\Windows\System32\Tasks\DriverDoc_UPDATES
2013-09-27 16:54 - 2013-09-27 15:57 - 00000000 ___DC C:\ProgramData\Soluto
2013-09-27 16:53 - 2013-09-27 15:59 - 00000193 ____C C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\VDLL.DLL
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\SysWOW64\runouce.exe
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\rundll16.exe
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\RUNDL132.EXE
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\logo1_.exe
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\logo_1.exe
2013-09-27 16:02 - 2013-09-27 15:42 - 00000054 ____C C:\Windows\Lic.xxx
2013-09-27 15:41 - 2013-09-27 15:41 - 00632064 ____C (Microsoft Corporation) C:\Windows\SysWOW64\msvcr80.dll
2013-09-27 15:41 - 2013-09-27 15:41 - 00554240 ____C (Microsoft Corporation) C:\Windows\SysWOW64\msvcp80.dll
2013-09-27 15:41 - 2013-09-27 15:41 - 00034048 ____C (MicroWorld Technologies Inc.) C:\Windows\SysWOW64\eEmpty.exe
2013-09-27 15:41 - 2013-09-27 15:41 - 00000000 ___DC C:\ProgramData\MicroWorld
2013-09-24 13:25 - 2013-09-24 13:25 - 00000000 ___DC C:\Users\sven\Documents\Benutzerdefinierte Office-Vorlagen
2013-09-24 09:13 - 2013-09-12 22:07 - 00000000 ___DC C:\Program Files (x86)\TuneUp Utilities 2014
2013-09-24 09:02 - 2011-03-05 19:52 - 00003784 ____C C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2013-09-24 08:51 - 2013-09-11 08:44 - 00000000 ___DC C:\Windows\pss
2013-09-24 08:44 - 2011-01-09 19:21 - 00000000 ___DC C:\Program Files (x86)\Downloadprogramme
2013-09-23 13:15 - 2013-09-23 13:15 - 00000000 ____C C:\Windows\HPMProp.INI
2013-09-23 11:32 - 2013-09-23 11:32 - 00000000 ___DC C:\Users\Admin\AppData\Local\Google
2013-09-23 11:26 - 2013-09-12 21:19 - 00000000 ___DC C:\Users\Admin\AppData\Roaming\TuneUp Software
2013-09-23 07:43 - 2013-09-23 07:43 - 00000000 ___DC C:\Program Files (x86)\Toshiba
2013-09-22 23:53 - 2013-09-22 23:53 - 00000000 ___DC C:\Windows\Dell
2013-09-22 23:53 - 2013-09-22 23:53 - 00000000 ___DC C:\Users\sven\AppData\Roaming\InstallShield
2013-09-22 23:53 - 2013-09-22 23:53 - 00000000 ___DC C:\Program Files (x86)\Lenovo
2013-09-22 22:54 - 2013-09-22 22:54 - 00000000 ___DC C:\Users\sven\AppData\Local\WinSweeper
2013-09-22 22:54 - 2013-09-22 22:54 - 00000000 ___DC C:\Program Files (x86)\WinSweeper
2013-09-22 22:13 - 2013-09-22 22:13 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Solvusoft
2013-09-22 22:13 - 2013-09-22 22:13 - 00000000 ___DC C:\Program Files (x86)\DriverDoc
2013-09-22 18:43 - 2013-09-22 18:29 - 00000000 ___DC C:\Program Files (x86)\Canon
2013-09-22 18:41 - 2013-09-22 18:41 - 00000000 ___DC C:\Users\sven\AppData\Roaming\ZoomBrowser EX
2013-09-22 18:41 - 2011-03-26 20:11 - 00005120 ____C C:\Users\sven\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-22 18:38 - 2013-09-22 18:38 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Canon
2013-09-22 18:30 - 2013-09-22 18:30 - 00000000 ___DC C:\ProgramData\ZoomBrowser
2013-09-20 19:36 - 2013-09-20 19:36 - 00000635 ____C C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-09-20 19:01 - 2012-09-29 00:11 - 00000000 ___DC C:\ProgramData\Nokia
2013-09-20 19:01 - 2012-09-29 00:08 - 00000000 ___DC C:\Program Files (x86)\Nokia
2013-09-20 18:52 - 2012-09-29 13:01 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Nokia Suite
2013-09-20 18:39 - 2012-09-01 09:37 - 00003822 ____C C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-20 18:39 - 2012-06-05 21:21 - 00692616 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-20 18:39 - 2012-06-05 21:21 - 00071048 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-20 15:51 - 2013-09-20 13:35 - 00004697 ____C C:\ProgramData\hpzinstall.log
2013-09-19 18:12 - 2013-09-19 07:20 - 98378485 ____C C:\Windows\SysWOW64\ῲꤓE
2013-09-18 08:46 - 2013-09-18 08:46 - 98106403 ____C C:\Windows\SysWOW64\职D
2013-09-16 15:08 - 2013-09-16 15:08 - 00021712 ____C (Phoenix Technologies) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
2013-09-16 15:08 - 2013-09-16 15:08 - 00000000 ___DC C:\Users\sven\AppData\Local\eSupport.com
2013-09-16 14:55 - 2013-09-16 14:55 - 00000000 ___DC C:\Program Files\CPUID
2013-09-16 13:32 - 2013-09-16 13:32 - 00000207 ____C C:\Windows\tweaking.com-regbackup-AUDIA3-Microsoft-Windows-7-Home-Premium-(64-Bit).dat
2013-09-16 13:31 - 2013-09-16 13:31 - 00000000 ___DC C:\RegBackup
2013-09-16 11:43 - 2013-09-16 11:43 - 00003134 ____C C:\Windows\System32\Tasks\{BA2F4B9B-111E-4ACD-B5C8-CEE0CE8306EA}
2013-09-14 19:15 - 2013-10-02 18:23 - 00000000 ___DC C:\Users\DefaultAppPool\AppData\Local\Microsoft Help
2013-09-14 19:15 - 2013-09-14 19:15 - 00000000 ___DC C:\Users\Default\AppData\Local\Microsoft Help
2013-09-14 19:15 - 2013-09-14 19:15 - 00000000 ___DC C:\Users\Default User\AppData\Local\Microsoft Help
2013-09-14 14:33 - 2013-09-14 14:33 - 00000000 ___DC C:\Program Files (x86)\Microsoft SQL Server
2013-09-14 14:33 - 2013-09-14 14:31 - 00000000 ___DC C:\Program Files\Microsoft SQL Server
2013-09-14 14:31 - 2013-09-14 14:31 - 00000000 ___DC C:\Windows\PCHEALTH
2013-09-14 14:28 - 2013-09-14 14:28 - 00000000 ___DC C:\Program Files\Microsoft Analysis Services
2013-09-14 14:28 - 2013-09-14 14:28 - 00000000 ___DC C:\Program Files (x86)\Microsoft Analysis Services
2013-09-13 09:12 - 2013-09-13 09:12 - 00002770 ____C C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2013-09-12 22:29 - 2009-08-02 04:27 - 00000000 ___DC C:\Windows\Panther
2013-09-12 22:11 - 2013-09-12 22:06 - 00000000 _SHDC C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-09-12 22:11 - 2011-01-23 15:30 - 00000000 _SHDC C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2013-09-12 22:10 - 2013-09-10 20:19 - 00001340 ____C C:\Users\Public\Desktop\Wöchentlich - SpywareBlaster.lnk
2013-09-12 22:07 - 2013-09-12 22:07 - 00000000 ___DC C:\Users\sven\AppData\Roaming\TuneUp Software
2013-09-12 21:18 - 2013-09-12 21:18 - 00000000 ___DC C:\Users\Admin\AppData\Roaming\WinPatrol
2013-09-12 10:58 - 2013-09-12 10:58 - 00001370 ____C C:\Users\Public\Desktop\Wöchentlich - Malwarebytes Anti-Malware .lnk
2013-09-12 07:18 - 2013-09-10 22:15 - 00000000 ___DC C:\Users\Public\Recorded TV
2013-09-12 07:18 - 2009-07-14 07:08 - 00024318 ____C C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-11 22:01 - 2013-09-11 21:59 - 00000000 ___DC C:\Program Files (x86)\Google
2013-09-11 22:01 - 2010-12-30 16:19 - 00000000 ___DC C:\Users\sven\AppData\Local\Google
2013-09-11 17:28 - 2010-12-30 21:49 - 00000000 ___DC C:\Users\sven\AppData\Roaming\SoftGrid Client
2013-09-11 08:48 - 2013-09-11 08:19 - 00001278 ____C C:\Users\Public\Desktop\Wöchentlich - CCleaner.lnk
2013-09-11 08:19 - 2013-09-11 08:19 - 00002770 ____C C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-10 23:48 - 2013-09-10 23:17 - 00001912 ____C C:\Windows\epplauncher.mif
2013-09-10 23:01 - 2013-09-10 23:01 - 00000000 ___DC C:\Users\sven\AppData\Roaming\WinPatrol
2013-09-10 23:01 - 2013-09-10 23:01 - 00000000 ___DC C:\ProgramData\InstallMate
2013-09-10 21:50 - 2013-09-10 21:49 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-10 21:50 - 2013-09-10 21:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-10 21:50 - 2013-09-10 21:49 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-10 21:50 - 2013-09-10 21:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-10 21:50 - 2013-09-10 21:49 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-10 21:50 - 2013-09-10 21:49 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-10 21:50 - 2013-09-10 21:49 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-10 21:44 - 2013-09-10 21:40 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-10 21:44 - 2013-09-10 21:40 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-10 21:44 - 2013-09-10 21:40 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-10 21:44 - 2013-09-10 21:40 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-10 21:44 - 2013-09-10 21:40 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-10 21:44 - 2013-09-10 21:40 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-10 21:44 - 2013-09-10 21:39 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-10 21:44 - 2013-09-10 21:39 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-10 21:44 - 2013-09-10 21:39 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-10 21:44 - 2013-09-10 21:39 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-10 21:44 - 2013-09-10 21:39 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00006144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-10 21:44 - 2013-09-10 21:39 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-10 21:44 - 2013-07-21 18:12 - 00000000 ___DC C:\Windows\system32\MRT
2013-09-10 21:44 - 2011-01-02 21:58 - 79143768 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-10 21:43 - 2013-09-10 21:40 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-10 21:43 - 2013-09-10 21:40 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-10 21:43 - 2013-09-10 21:40 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-10 21:43 - 2013-09-10 21:40 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-10 20:19 - 2013-09-10 20:19 - 00000000 ___DC C:\ProgramData\Licenses
2013-09-10 19:55 - 2013-09-10 19:55 - 00000000 ___DC C:\Users\sven\AppData\Roaming\Malwarebytes
2013-09-10 19:55 - 2013-09-10 19:55 - 00000000 ___DC C:\ProgramData\Malwarebytes
2013-09-10 19:48 - 2012-09-29 17:58 - 00000000 ___DC C:\Program Files (x86)\MSXML 4.0
2013-09-10 19:44 - 2013-09-10 19:44 - 00000000 ___DC C:\Users\sven\AppData\Local\Secunia PSI
2013-09-10 18:16 - 2013-09-10 18:16 - 00262144 _____ C:\Windows\system32\config\elam
2013-09-09 15:29 - 2011-01-23 15:31 - 00043320 ____C (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2013-09-09 15:29 - 2011-01-23 15:31 - 00040760 ____C (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2013-09-09 15:29 - 2011-01-23 15:31 - 00036152 ____C (TuneUp Software) C:\Windows\SysWOW64\uxtuneup.dll
2013-09-09 15:29 - 2011-01-23 15:31 - 00029496 ____C (TuneUp Software) C:\Windows\system32\authuitu.dll
2013-09-09 15:29 - 2011-01-23 15:31 - 00025400 ____C (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2013-09-08 10:09 - 2013-09-08 10:09 - 00000078 ____C C:\Users\sven\Documents\Powers.log
Some content of TEMP:
====================
C:\Users\sven\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-02 11:15
==================== End Of Log ============================
--- --- --- --- --- --- [CODE] Malwarebytes Anti-Malware (PRO) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.10.04.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16686 sven :: AUDIA3 [Administrator] Schutz: Aktiviert 04.10.2013 20:13:32 mbam-log-2013-10-04 (20-13-32).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 247085 Laufzeit: 3 Minute(n), 29 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 1 HKCU\Software\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 2 C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1 (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateien: 6 C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\eng_rcp.dat (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\ExcludeList.rcp (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\German_rcp.dat (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_10-04-2013.log (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\results.rcp (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\sven\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\TempHLList.rcp (PUP.Optional.RegCleanerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) [/CODE Vielen dank und gruß sven kurzes feedback nach dem soeben getätigten neustart: *bei herunterfahren wurde der bildschirm schwarz und ein mittelgroßes blaues fenster öffnete sich mit ein haufen infos. kurz erlesen konnte ich nur "damage windows system" *mousepad und tastatur fallen immer noch aus *positiv: qv06 in chrome in verschwunden *positiv: das hochfahren geschah verhältnismäßig zügig  gruß sven |
|
05.10.2013, 10:21
| #12 | |
| /// the machine /// TB-Ausbilder | Ständiger befall von viren oder maleware Findet MBAM jetzt nach Löschen immer noch was? Zitat:
 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter 2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\VDLL.DLL
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\SysWOW64\runouce.exe
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\rundll16.exe
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\RUNDL132.EXE
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\logo1_.exe
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\logo_1.exe
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Kam der Absturz nochmal oder war der jetzt einmalig?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
05.10.2013, 11:42
| #13 |
| | Ständiger befall von viren oder maleware moin mein lieber, immer schön von dir zu hören und das du dich ausgiebig meiner themen annimmst. find ich super!!! zum absturz: * kam bis jetzt nicht mehr vor * was bedeutet das "windows damage"? kannst du was mit anfangen, was ich dir gestern schrieb? antimaleware: * habe sämtliche scanns durchgeführt * erst quick, dann ausgiebig und letztlich noch den flash-scanner * keine auffälligkeiten was muss gelöscht werden bzw. was ist empfehlenswert? * laufwerk "D" formatieren und neue sicherung anlegen? * hilfprogramme löschen? wenn ja, welche? notepad fixfile: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-10-2013
Ran by sven at 2013-10-05 11:56:50 Run:1
Running from C:\Users\sven\Desktop\LOGFILE\FRST64
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\VDLL.DLL
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\SysWOW64\runouce.exe
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\rundll16.exe
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\RUNDL132.EXE
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\logo1_.exe
2013-09-27 16:02 - 2013-09-27 16:02 - 00000000 ___DC C:\Windows\logo_1.exe
*****************
C:\Windows\VDLL.DLL => Moved successfully.
C:\Windows\SysWOW64\runouce.exe => Moved successfully.
C:\Windows\rundll16.exe => Moved successfully.
C:\Windows\RUNDL132.EXE => Moved successfully.
C:\Windows\logo1_.exe => Moved successfully.
C:\Windows\logo_1.exe => Moved successfully.
==== End of Fixlog ====
zusätzlich eine spybotfile: Code:
ATTFilter Search results from Spybot - Search & Destroy
10/5/2013 12:28:58 PM
Scan took 00:35:12.
26 items found.
Delta.Toolbar: [SBI $44F06F05] User settings (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-3457901039-3679683318-3372754741-1000\Software\Microsoft\Internet Explorer\Protect Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975}
Delta.Toolbar: [SBI $04AEAE14] User settings (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-3457901039-3679683318-3372754741-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectNewTabPageShow
Delta.Toolbar: [SBI $0760E887] User settings (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-3457901039-3679683318-3372754741-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectShowTabsWelcome
Canon ZoomBrowser EX: [SBI $B1CB5277] Last opened folder (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-3457901039-3679683318-3372754741-1000\Software\Canon\ZoomBrowser Ex\Settings\LastSelectedKey
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3457901039-3679683318-3372754741-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
MS Media Player: [SBI $735D57D7] Recent open directory (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3457901039-3679683318-3372754741-1000\Software\Microsoft\MediaPlayer\Player\Settings\OpenDir
MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3457901039-3679683318-3372754741-1000\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3457901039-3679683318-3372754741-1000\Software\Microsoft\DirectInput\MostRecentApplication\Name
MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3457901039-3679683318-3372754741-1000\Software\Microsoft\DirectInput\MostRecentApplication\Id
Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3457901039-3679683318-3372754741-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
Windows.OpenWith: [SBI $A1C94E79] Open with list - .BMP extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3457901039-3679683318-3372754741-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList
Windows.OpenWith: [SBI $9E8D5C8A] Open with list - .CDA extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3457901039-3679683318-3372754741-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDA\OpenWithList
Windows.OpenWith: [SBI $ECC28BDF] Open with list - .CSV extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3457901039-3679683318-3372754741-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList
Windows Explorer: [SBI $7308A845] Run history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3457901039-3679683318-3372754741-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3457901039-3679683318-3372754741-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3457901039-3679683318-3372754741-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Windows Explorer: [SBI $85C2C910] Last Copy/MoveTo folder (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-3457901039-3679683318-3372754741-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\CopyMoveTo\LastFolder
Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3457901039-3679683318-3372754741-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3457901039-3679683318-3372754741-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-3457901039-3679683318-3372754741-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
--- Spybot - Search & Destroy version: 2.1.18.131 DLL (build: 20130516) ---
2013-05-16 blindman.exe (2.1.18.151)
2013-05-16 explorer.exe (2.1.18.177)
2013-05-16 SDBootCD.exe (2.1.18.109)
2013-05-16 SDCleaner.exe (2.1.18.110)
2013-05-16 SDDelFile.exe (2.1.18.94)
2013-06-18 SDDisableProxy.exe
2013-05-16 SDFiles.exe (2.1.18.135)
2013-03-20 SDFileScanHelper.exe (2.1.16.1)
2013-05-16 SDFSSvc.exe (2.1.18.208)
2013-05-16 SDHookHelper.exe (2.1.18.2)
2013-05-16 SDHookInst32.exe (2.1.18.2)
2013-05-16 SDHookInst64.exe (2.1.18.2)
2013-05-16 SDImmunize.exe (2.1.18.130)
2013-05-16 SDLogReport.exe (2.1.18.107)
2013-05-16 SDOnAccess.exe (2.1.18.4)
2013-05-16 SDPESetup.exe (2.1.18.3)
2013-05-16 SDPEStart.exe (2.1.18.86)
2013-05-16 SDPhoneScan.exe (2.1.18.28)
2013-05-16 SDPRE.exe (2.1.18.22)
2013-05-16 SDPrepPos.exe (2.1.18.10)
2013-05-16 SDQuarantine.exe (2.1.18.103)
2013-05-16 SDRootAlyzer.exe (2.1.18.116)
2013-05-16 SDSBIEdit.exe (2.1.18.39)
2013-05-16 SDScan.exe (2.1.18.177)
2013-05-16 SDScript.exe (2.1.18.53)
2013-05-16 SDSettings.exe (2.1.18.136)
2013-05-16 SDShell.exe (2.1.18.2)
2013-05-16 SDShred.exe (2.1.18.107)
2013-05-16 SDSysRepair.exe (2.1.18.101)
2013-05-16 SDTools.exe (2.1.18.150)
2013-05-16 SDTray.exe (2.1.18.127)
2013-05-16 SDUpdate.exe (2.1.18.91)
2013-05-16 SDUpdSvc.exe (2.1.18.76)
2013-05-16 SDWelcome.exe (2.1.18.129)
2013-05-15 SDWSCSvc.exe (2.1.18.2)
2013-06-19 spybotsd2-translation-frx.exe
2013-09-30 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
2013-05-16 SDAV.dll
2013-05-16 SDECon32.dll (2.1.18.113)
2013-05-16 SDECon64.dll (2.1.18.113)
2013-04-05 SDEvents.dll (2.1.16.2)
2013-05-16 SDFileScanLibrary.dll (2.1.18.12)
2013-05-16 SDHook32.dll (2.1.18.2)
2013-05-16 SDHook64.dll (2.1.18.2)
2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
2013-05-16 SDLicense.dll (2.1.18.0)
2013-05-16 SDLists.dll (2.1.18.4)
2013-05-16 SDResources.dll (2.1.18.7)
2013-05-16 SDScanLibrary.dll (2.1.18.131)
2013-05-16 SDTasks.dll (2.1.18.15)
2013-05-16 SDWinLogon.dll (2.1.18.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2013-05-16 Tools.dll (2.1.18.36)
2012-12-18 Includes\Adware.sbi (*)
2013-10-01 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2012-11-14 Includes\Dialer.sbi (*)
2012-11-14 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2012-11-14 Includes\Hijackers.sbi (*)
2012-11-14 Includes\HijackersC.sbi (*)
2013-09-10 Includes\iPhone.sbi (*)
2013-06-25 Includes\Keyloggers.sbi (*)
2012-12-18 Includes\KeyloggersC.sbi (*)
2013-05-29 Includes\Malware.sbi (*)
2013-10-01 Includes\MalwareC.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2013-10-02 Includes\PUPSC.sbi (*)
2012-11-14 Includes\Security.sbi (*)
2012-11-14 Includes\SecurityC.sbi (*)
2013-05-22 Includes\Spyware.sbi (*)
2013-08-06 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2013-01-16 Includes\Trojans.sbi (*)
2013-05-13 Includes\TrojansC-02.sbi (*)
2013-10-01 Includes\TrojansC-03.sbi (*)
2013-09-24 Includes\TrojansC-04.sbi (*)
2013-05-08 Includes\TrojansC-05.sbi (*)
2013-08-06 Includes\TrojansC.sbi (*)
|
|
05.10.2013, 19:17
| #14 | ||
| /// the machine /// TB-Ausbilder | Ständiger befall von viren oder malewareZitat:
Zitat:
Tools löschen wir wenn wir komplett fertig sind
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
05.10.2013, 20:40
| #15 |
| | Ständiger befall von viren oder maleware hi,  wat laufwerk d ist? naja, d ist d, genauso wie c gleich c ist. unter d liegt meine datensicherung mit systemabbild. ich nehme aber an, dass die auch verseucht sind. somit würde eine formatierung sinn machen, oder net? gruß sven |
|
Linear-Darstellung
