Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Virus (Kies & Registery)?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 10.12.2013, 20:15   #1
Test20
 
Virus (Kies & Registery)? - Standard

Virus (Kies & Registery)?



Ich habe heute Malwarebytes durchlaufen lassen und das hat auch nach einiger zeit etwas gefunden, nun bin ich mir aber unsicher ob das wirklich alles so richtig ist (Denn Avast hat nichts entdeckt). Und wenn ja was sollte ich dann am besten tun? Langt es wenn man es einfach löscht oder sollte man Windows gleich neu installieren?

Malwarebytes Log
Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2013.04.04.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
... :: ...-PC [limitiert]

10.12.2013 01:44:06
MBAM-log-2013-12-10 (03-10-30).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 300872
Laufzeit: 37 Minute(n), 

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\SAMSUNG\KIES3\ERRORREPORT.EXE (Trojan.Agent) -> Daten: 1 -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\SAMSUNG\KIES3\KIESUPDATECLIENT.EXE (Trojan.Agent) -> Daten: 1 -> Keine Aktion durchgeführt.

Infizierte Dateiobjekte der Registrierung: 1
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore|DisableConfig (Windows.Tool.Disabled) -> Bösartig: (1) Gut: (0) -> Keine Aktion durchgeführt.

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\Program Files (x86)\Samsung\Kies3\ErrorReport.exe (Trojan.Agent) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\Samsung\Kies3\KiesUpdateClient.exe (Trojan.Agent) -> Keine Aktion durchgeführt.

(Ende)
         

HijackThis Log
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 01:26:21, on 10.12.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\...\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\...\Desktop\HijackThis.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\3932d670-f8f6-4152-b0eb-cd84eac34578.exe /check
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [icq] C:\Users\...\AppData\Roaming\ICQM\icq.exe -CU
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Dropbox.lnk = C:\Users\...\AppData\Roaming\Dropbox\bin\Dropbox.exe
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\...\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\...\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: appsmaker OptimalDisk Service (AMOptimalDiskService) - appsmaker - C:\Program Files (x86)\Common Files\OptimalSuite Common\AMDSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: appsmaker SpeedBooster 2.0 Service (SpeedBoosterSvc) - appsmaker - C:\Program Files (x86)\Common Files\OptimalSuite Common\BoostService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7366 bytes
         

Alt 10.12.2013, 21:34   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Virus (Kies & Registery)? - Standard

Virus (Kies & Registery)?



Hallo,

Zitat:
Datenbank Version: v2013.04.04.07
Du hast mit MBAM gescannt ohne vorher die Signaturen zu aktualisieren, so kommen natürlich nur Blödsinnsergebnisse raus! Die Signaturen bei dir sind von Stand Anfang April

Zitat:
... :: ...-PC [limitiert]
Limitiert? Scannen ohne Adminrechte ist fast noch sinnfreier, als mit einem Signaturstand von über acht Monaten zu scannen

Wiederhol mal den Scan mit Malwarebytes, aber bitte mit Adminrechten und vorher die Signaturen aktualisieren. Dann sehen wir weiter.
__________________

__________________

Alt 10.12.2013, 22:40   #3
Test20
 
Virus (Kies & Registery)? - Standard

Virus (Kies & Registery)?



Vielen Dank, habe nun wie beschrieben den Suchlauf mit aktualisierten Signaturen und als Administrator durchgeführt und es kam in der tat etwas anderes heraus:

Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.12.10.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
Admin :: ...-PC [Administrator]

10.12.2013 21:48:33
MBAM-log-2013-12-10 (22-35-22).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 357728
Laufzeit: 46 Minute(n), 34 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 1
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore|DisableConfig (Windows.Tool.Disabled) -> Bösartig: (1) Gut: (0) -> Keine Aktion durchgeführt.

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\Users\..\Downloads\DTLite4481-0347.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\..\Downloads\SetupImgBurn_2.5.8.0.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.

(Ende)
         
__________________

Alt 10.12.2013, 22:40   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Virus (Kies & Registery)? - Standard

Virus (Kies & Registery)?



Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 10.12.2013, 23:19   #5
Test20
 
Virus (Kies & Registery)? - Standard

Virus (Kies & Registery)?



OK zuerst der

FRST:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-12-2013
Ran by Admin (administrator) on ...-PC on 10-12-2013 23:05:59
Running from C:\Users\...\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(Samsung) C:\Program Files (x86)\Samsung Inkjet\AiO\Center\SPAiOHostService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc.) C:\Users\...\AppData\Roaming\Dropbox\bin\Dropbox.exe
(appsmaker) C:\Program Files (x86)\Common Files\OptimalSuite Common\AMDSrv.exe
() C:\Users\Admin\AppData\Local\Temp\nsdD26C.tmp\Setup33447.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Runonce: [MSPCLOCK] - rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}
HKLM\...\Runonce: [MSPQM] - rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}
HKLM\...\Runonce: [MSKSSRV] - rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}
HKLM\...\Runonce: [MSTEE.CxTransform] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [MSTEE.Splitter] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [BrowserChoice] - browserchoice.exe
HKLM\...\RunOnce: [NoIE4StubProcessing] - C:\Windows\system32\reg.exe DELETE "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" /v "NoIE4StubProcessing" /f [74752 2009-07-14] (Microsoft Corporation)
HKLM\...\Runonce: [WDM_DRMKAUD] - rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\Windows\inf\WDMAUDIO.inf,WDM_DRMKAUD.Interface.Install
HKLM\...\RunOnce: [*Restore] - C:\Windows\System32\rstrui.exe /runonce [296960 2010-11-20] (Microsoft Corporation)
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
Winlogon\Notify\igfxcui: C:\Windows\SysWOW64\explorer.exe (Microsoft Corporation)
HKLM\...\Policies\Explorer: [NoInstrumentation] 1
HKLM\...\Policies\Explorer: [NoRecentDocsNetHood] 1
HKLM\...\Policies\Explorer: [LockTaskbar] 1
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKCU\...\Run: [AppBooster] - C:\Program Files (x86)\appsmaker\AppBooster 2.0\appbooster.exe [5853040 2010-12-17] (appsmaker)
HKCU\...\Run: [Free Download Manager] - C:\Program Files (x86)\Free Download Manager\fdm.exe [6950400 2013-10-25] (FreeDownloadManager.ORG)
HKCU\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKCU\...\Policies\Explorer: [NoNetConnectDisconnect] 1
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-14] (AVAST Software)
HKLM-x32\...\Run: [20131121] - C:\Program Files\AVAST Software\Avast\setup\emupdate\3932d670-f8f6-4152-b0eb-cd84eac34578.exe [180184 2013-11-24] (AVAST Software)
HKLM-x32\...\Run: [Conime] - %windir%\system32\conime.exe
Startup: C:\Users\...\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
BootExecute: autocheck autochk * SmartDefragBootTime.exe

==================== Internet (Whitelisted) ====================

BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

==================== Services (Whitelisted) =================

R2 AMOptimalDiskService; C:\Program Files (x86)\Common Files\OptimalSuite Common\AMDSrv.exe [5216624 2010-12-17] (appsmaker)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-14] (AVAST Software)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [121616 2013-11-05] (McAfee, Inc.)
R2 Samsung AiO Network Discovery Service; C:\Program Files (x86)\Samsung Inkjet\AiO\Center\SPAiOHostService.exe [395128 2011-11-30] (Samsung)
S3 SpeedBoosterSvc; C:\Program Files (x86)\Common Files\OptimalSuite Common\BoostService.exe [2318192 2010-12-17] (appsmaker)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-11-14] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-11-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-18] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-11-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-11-06] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-11-14] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-10-18] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-11-24] (Disc Soft Ltd)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2013-05-22] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-10 23:05 - 2013-12-10 23:06 - 00008975 _____ C:\Users\...\Desktop\FRST.txt
2013-12-10 23:05 - 2013-12-10 23:05 - 00000000 ____D C:\FRST
2013-12-10 23:04 - 2013-12-10 23:04 - 01928110 _____ (Farbar) C:\Users\...\Desktop\FRST64.exe
2013-12-10 22:43 - 2013-12-10 22:43 - 00003426 _____ C:\Windows\System32\Tasks\BackUp_Maker-...
2013-12-10 22:43 - 2013-12-10 22:43 - 00002164 _____ C:\Users\Public\Desktop\BackUp Maker.lnk
2013-12-10 22:43 - 2013-12-10 22:43 - 00000000 ____D C:\Users\...\AppData\Roaming\ASCOMP Software
2013-12-10 22:43 - 2013-12-10 22:43 - 00000000 ____D C:\Program Files (x86)\ASCOMP Software
2013-12-10 22:42 - 2013-12-10 22:42 - 06831312 _____ (ASCOMP Software GmbH                                        ) C:\Users\...\Downloads\bkmaker.exe
2013-12-10 21:13 - 2013-12-10 21:13 - 00000037 _____ C:\Users\...\AppData\Roaming\mbam.context.scan
2013-12-10 21:07 - 2013-12-10 21:07 - 00001607 _____ C:\Users\...\Desktop\...-PC - Verknüpfung.lnk
2013-12-10 20:38 - 2013-12-10 20:38 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Malwarebytes
2013-12-10 19:47 - 2013-10-04 03:24 - 01930240 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll.xpize
2013-12-10 19:47 - 2012-08-23 11:22 - 01203712 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe.xpize
2013-12-10 19:47 - 2011-02-25 07:19 - 02541568 _____ (Microsoft Corporation) C:\Windows\explorer.exe.xpize
2013-12-10 19:47 - 2010-11-20 14:44 - 01040384 _____ (Microsoft Corporation) C:\Windows\system32\Narrator.exe.xpize
2013-12-10 19:47 - 2010-11-20 14:27 - 00251904 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll.xpize
2013-12-10 19:47 - 2010-11-20 14:25 - 00580608 _____ (Microsoft Corporation) C:\Windows\system32\taskmgr.exe.xpize
2013-12-10 19:47 - 2010-11-20 14:25 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe.xpize
2013-12-10 19:47 - 2010-11-20 14:25 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\recdisc.exe.xpize
2013-12-10 19:47 - 2010-11-20 14:25 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe.xpize
2013-12-10 19:47 - 2010-11-20 14:24 - 01063936 _____ (Microsoft Corporation) C:\Windows\system32\mblctr.exe.xpize
2013-12-10 19:47 - 2010-11-20 14:24 - 00436224 _____ (Microsoft Corporation) C:\Windows\system32\dfrgui.exe.xpize
2013-12-10 19:47 - 2010-11-20 14:24 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe.xpize
2013-12-10 19:47 - 2010-11-20 14:24 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\eudcedit.exe.xpize
2013-12-10 19:47 - 2010-11-20 14:24 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\msconfig.exe.xpize
2013-12-10 19:47 - 2010-11-20 14:24 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\MdSched.exe.xpize
2013-12-10 19:47 - 2010-11-20 14:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\mobsync.exe.xpize
2013-12-10 19:47 - 2010-11-20 14:16 - 12510720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.dll.xpize
2013-12-10 19:47 - 2009-07-14 02:39 - 06659584 _____ (Microsoft Corporation) C:\Windows\system32\mspaint.exe.xpize
2013-12-10 19:47 - 2009-07-14 02:39 - 04808704 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe.xpize
2013-12-10 19:47 - 2009-07-14 02:39 - 00638976 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe.xpize
2013-12-10 19:47 - 2009-07-14 02:39 - 00637952 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe.xpize
2013-12-10 19:47 - 2009-07-14 02:39 - 00516608 _____ (Microsoft Corporation) C:\Windows\system32\DisplaySwitch.exe.xpize
2013-12-10 19:47 - 2009-07-14 02:39 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe.xpize
2013-12-10 19:47 - 2009-07-14 02:39 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\StikyNot.exe.xpize
2013-12-10 19:47 - 2009-07-14 02:39 - 00394752 _____ (Microsoft Corporation) C:\Windows\system32\SnippingTool.exe.xpize
2013-12-10 19:47 - 2009-07-14 02:39 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\SoundRecorder.exe.xpize
2013-12-10 19:47 - 2009-07-14 02:39 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe.xpize
2013-12-10 19:47 - 2009-07-14 02:39 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\colorcpl.exe.xpize
2013-12-10 19:47 - 2009-07-14 02:39 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\control.exe.xpize
2013-12-10 19:47 - 2009-07-14 02:38 - 00908288 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe.xpize
2013-12-10 19:47 - 2009-07-14 02:38 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe.xpize
2013-12-10 19:47 - 2009-07-14 02:38 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\cleanmgr.exe.xpize
2013-12-10 19:47 - 2009-07-14 02:28 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\imagesp1.dll.xpize
2013-12-10 19:46 - 2013-12-10 19:49 - 00000000 ____D C:\Program Files (x86)\Ubuntu Skin Pack
2013-12-10 19:46 - 2013-12-10 19:46 - 02755072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll.tmp
2013-12-10 19:46 - 2013-12-10 19:46 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll.tmp
2013-12-10 19:46 - 2010-11-20 14:27 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll.backup
2013-12-10 19:46 - 2010-11-20 14:27 - 01489408 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll.xpize
2013-12-10 19:46 - 2010-11-20 14:27 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll.xpize
2013-12-10 19:46 - 2010-11-20 14:26 - 01918976 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll.xpize
2013-12-10 19:46 - 2010-11-20 14:25 - 00749568 _____ (Microsoft Corporation) C:\Windows\system32\batmeter.dll.xpize
2013-12-10 19:46 - 2010-11-20 14:25 - 00669184 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll.xpize
2013-12-10 19:46 - 2010-11-20 13:21 - 02755072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll.backup
2013-12-10 19:46 - 2009-07-14 02:41 - 00368128 _____ (Microsoft Corporation) C:\Windows\system32\pnpui.dll.xpize
2013-12-10 19:46 - 2009-07-14 02:41 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll.backup
2013-12-10 19:46 - 2009-07-14 02:41 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\themeservice.dll.backup
2013-12-10 19:46 - 2009-07-14 02:28 - 16120832 _____ (Microsoft Corporation) C:\Windows\system32\imageres.dll.xpize
2013-12-10 19:46 - 2009-07-14 02:11 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll.backup
2013-12-10 19:44 - 2013-12-10 18:27 - 31946198 _____ C:\Users\...\Desktop\Ubuntu_Skin_Pack_9.0-X64.exe
2013-12-10 18:43 - 2013-12-10 20:34 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2013-12-10 17:25 - 2013-12-10 22:43 - 00000000 ____D C:\Users\...\AppData\Roaming\Free Download Manager
2013-12-10 17:25 - 2013-12-10 17:25 - 00001083 _____ C:\Users\Admin\Desktop\Free Download Manager.lnk
2013-12-10 17:25 - 2013-12-10 17:25 - 00000000 ____D C:\Program Files (x86)\Free Download Manager
2013-12-10 17:09 - 2013-12-10 17:10 - 07752897 _____ (FreeDownloadManager.ORG                                     ) C:\Users\...\Downloads\fdminst.exe
2013-12-10 16:40 - 2013-12-10 16:40 - 00000247 _____ C:\Users\Admin\AppData\Local\LaunchHomeCenter.log
2013-12-10 16:38 - 2013-12-10 16:38 - 00002245 _____ C:\Users\Public\Desktop\Samsung Print Manager.lnk
2013-12-10 16:38 - 2013-12-10 16:38 - 00000000 ____D C:\Users\...\AppData\Local\Samsung
2013-12-10 16:38 - 2013-12-10 16:38 - 00000000 ____D C:\Users\Admin\AppData\Local\Samsung_Electronics_Co.,_
2013-12-10 16:37 - 2013-12-10 16:37 - 00000000 ____D C:\Windows\SysWOW64\samsung inkjet
2013-12-10 16:36 - 2013-12-10 16:36 - 00000000 ____D C:\Program Files (x86)\Samsung Inkjet
2013-12-10 16:34 - 2013-12-10 19:38 - 00000000 ____D C:\ProgramData\Samsung Inkjet
2013-12-10 01:41 - 2013-12-10 01:41 - 00000000 ____D C:\Users\...\AppData\Roaming\Malwarebytes
2013-12-10 01:36 - 2013-12-10 01:36 - 00001131 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-10 01:36 - 2013-12-10 01:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-10 01:36 - 2013-12-10 01:36 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-10 01:36 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-10 01:35 - 2013-12-10 01:36 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\...\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-10 01:02 - 2013-12-10 01:02 - 00003166 _____ C:\Windows\System32\Tasks\SmartDefrag_Startup
2013-12-10 00:51 - 2013-12-10 00:51 - 00388608 _____ (Trend Micro Inc.) C:\Users\...\Desktop\HijackThis.exe
2013-12-10 00:36 - 2013-12-10 21:06 - 00061416 _____ C:\Users\...\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-10 00:25 - 2013-12-10 00:25 - 00005428 _____ C:\Users\Admin\Desktop\startup.txt
2013-12-10 00:07 - 2013-12-10 00:07 - 00000000 ____D C:\Users\...\Documents\defrag
2013-12-09 22:39 - 2013-12-10 01:02 - 00003500 _____ C:\Windows\System32\Tasks\SmartDefrag_Schedule
2013-12-09 22:35 - 2013-12-09 22:35 - 00003164 _____ C:\Windows\System32\Tasks\SmartDefragUpdate
2013-12-09 22:35 - 2013-12-09 22:35 - 00001182 _____ C:\Users\Public\Desktop\Smart Defrag 2.lnk
2013-12-09 22:35 - 2013-12-09 22:35 - 00000000 ____D C:\Users\Admin\AppData\Roaming\IObit
2013-12-09 22:35 - 2013-12-09 22:35 - 00000000 ____D C:\ProgramData\IObit
2013-12-09 22:35 - 2013-12-09 22:35 - 00000000 ____D C:\Program Files (x86)\IObit
2013-12-09 22:35 - 2013-05-22 18:49 - 00032600 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2013-12-09 22:35 - 2013-05-22 18:49 - 00017720 _____ C:\Windows\system32\Drivers\SmartDefragDriver.sys
2013-12-09 22:31 - 2013-12-09 22:32 - 05852272 _____ (IObit                                                       ) C:\Users\...\Downloads\defragsetup.exe
2013-12-09 22:01 - 2013-12-09 22:01 - 00000000 ____D C:\Users\Admin\Documents\Razer
2013-12-09 21:54 - 2013-12-09 22:19 - 00000000 ____D C:\Users\Admin\AppData\Local\Razer
2013-12-09 21:40 - 2013-12-09 22:19 - 00000000 ____D C:\ProgramData\Razer
2013-12-09 21:40 - 2013-12-09 21:40 - 00000000 ____D C:\Program Files (x86)\Razer
2013-12-09 21:38 - 2013-12-09 21:38 - 00001209 _____ C:\Users\Public\Desktop\appsmaker AppBooster 2.0.lnk
2013-12-09 21:38 - 2013-12-09 21:38 - 00000000 ____D C:\Users\Admin\AppData\Roaming\AppBooster
2013-12-09 21:38 - 2013-12-09 21:38 - 00000000 ____D C:\Program Files (x86)\appsmaker
2013-12-09 21:14 - 2013-12-09 21:20 - 01592784 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-12-09 21:06 - 2013-12-09 21:07 - 09490912 _____ (appsmaker                                                   ) C:\Users\...\Downloads\AppBooster20_Basic_Setup.exe
2013-12-09 21:03 - 2013-12-09 21:05 - 39721880 _____ (Razer Inc.                                                  ) C:\Users\...\Downloads\RazerGameBoosterSetup_4.0.68.0.exe
2013-12-09 16:00 - 2013-12-09 16:00 - 00000000 ____D C:\Program Files (x86)\Intel
2013-12-09 15:58 - 2012-11-17 01:56 - 00511032 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2013-12-09 15:58 - 2012-11-17 01:56 - 00418360 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2013-12-09 15:58 - 2012-11-17 01:56 - 00387640 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2013-12-09 15:58 - 2012-11-17 01:56 - 00224824 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2013-12-09 15:58 - 2012-11-17 01:56 - 00163384 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2013-12-09 15:58 - 2012-11-15 01:57 - 15546880 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2013-12-09 15:58 - 2012-11-15 01:57 - 11405824 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2013-12-09 15:58 - 2012-11-15 01:57 - 10629408 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2013-12-09 15:58 - 2012-11-15 01:57 - 06549504 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2013-12-09 15:58 - 2012-11-15 01:57 - 04896768 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
2013-12-09 15:58 - 2012-11-15 01:57 - 04722176 _____ (Intel Corporation) C:\Windows\system32\igd10umd64.dll
2013-12-09 15:58 - 2012-11-15 01:57 - 04338688 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2013-12-09 15:58 - 2012-11-15 01:57 - 00830464 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2013-12-09 15:58 - 2012-11-15 01:57 - 00571904 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdx32.dll
2013-12-09 15:58 - 2012-11-15 01:57 - 00380416 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2013-12-09 15:58 - 2012-11-15 01:57 - 00272384 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2013-12-09 15:58 - 2012-11-15 01:57 - 00244224 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2013-12-09 15:58 - 2012-11-15 01:57 - 00228864 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2013-12-09 15:58 - 2012-11-15 01:57 - 00208896 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2013-12-09 15:58 - 2012-11-15 01:57 - 00206336 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2013-12-09 15:58 - 2012-11-15 01:57 - 00188416 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2013-12-09 15:58 - 2012-11-15 01:57 - 00147456 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2013-12-09 15:58 - 2012-11-15 01:57 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2013-12-09 15:58 - 2012-11-15 01:57 - 00119808 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2013-12-09 15:58 - 2012-11-15 01:57 - 00108544 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2013-12-09 15:58 - 2012-11-15 01:57 - 00061952 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2013-12-09 15:58 - 2012-11-15 01:57 - 00027648 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2013-12-09 15:58 - 2012-11-15 01:57 - 00023552 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2013-12-09 15:58 - 2012-11-15 01:57 - 00004096 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2013-12-09 15:57 - 2012-11-17 01:56 - 03158584 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2013-12-09 15:57 - 2012-11-17 01:56 - 00154680 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2013-12-09 15:57 - 2012-11-15 01:57 - 01991936 _____ C:\Windows\system32\iglhxa64.cpa
2013-12-09 15:57 - 2012-11-15 01:57 - 00982240 _____ C:\Windows\SysWOW64\igkrng500.bin
2013-12-09 15:57 - 2012-11-15 01:57 - 00982240 _____ C:\Windows\system32\igkrng500.bin
2013-12-09 15:57 - 2012-11-15 01:57 - 00439308 _____ C:\Windows\SysWOW64\igcompkrng500.bin
2013-12-09 15:57 - 2012-11-15 01:57 - 00439308 _____ C:\Windows\system32\igcompkrng500.bin
2013-12-09 15:57 - 2012-11-15 01:57 - 00189552 _____ C:\Windows\system32\Gfxres.th-TH.resources
2013-12-09 15:57 - 2012-11-15 01:57 - 00178407 _____ C:\Windows\system32\Gfxres.el-GR.resources
2013-12-09 15:57 - 2012-11-15 01:57 - 00165395 _____ C:\Windows\system32\Gfxres.ru-RU.resources
2013-12-09 15:57 - 2012-11-15 01:57 - 00139909 _____ C:\Windows\system32\Gfxres.ar-SA.resources
2013-12-09 15:57 - 2012-11-15 01:57 - 00136401 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2013-12-09 15:57 - 2012-11-15 01:57 - 00133746 _____ C:\Windows\system32\Gfxres.he-IL.resources
2013-12-09 15:57 - 2012-11-15 01:57 - 00125558 _____ C:\Windows\system32\Gfxres.it-IT.resources
2013-12-09 15:57 - 2012-11-15 01:57 - 00123230 _____ C:\Windows\system32\Gfxres.ko-KR.resources
2013-12-09 15:57 - 2012-11-15 01:57 - 00122927 _____ C:\Windows\system32\Gfxres.es-ES.resources
2013-12-09 15:57 - 2012-11-15 01:57 - 00122709 _____ C:\Windows\system32\Gfxres.de-DE.resources
2013-12-09 15:57 - 2012-11-15 01:57 - 00122368 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2013-12-09 15:57 - 2012-11-15 01:57 - 00121173 _____ C:\Windows\system32\Gfxres.tr-TR.resources
2013-12-09 15:57 - 2012-11-15 01:57 - 00120800 _____ C:\Windows\system32\Gfxres.fr-FR.resources
2013-12-09 15:57 - 2012-11-15 01:57 - 00120366 _____ C:\Windows\system32\Gfxres.pt-BR.resources
2013-12-09 15:57 - 2012-11-15 01:57 - 00119616 _____ C:\Windows\system32\Gfxres.hu-HU.resources
2013-12-09 15:57 - 2012-11-15 01:57 - 00119586 _____ C:\Windows\system32\Gfxres.nl-NL.resources
2013-12-09 15:57 - 2012-11-15 01:57 - 00119360 _____ C:\Windows\system32\Gfxres.sv-SE.resources
2013-12-09 15:57 - 2012-11-15 01:57 - 00119067 _____ C:\Windows\system32\Gfxres.pt-PT.resources
2013-12-09 15:57 - 2012-11-15 01:57 - 00118745 _____ C:\Windows\system32\Gfxres.cs-CZ.resources
2013-12-09 15:57 - 2012-11-15 01:57 - 00118697 _____ C:\Windows\system32\Gfxres.fi-FI.resources
2013-12-09 15:57 - 2012-11-15 01:57 - 00118409 _____ C:\Windows\system32\Gfxres.pl-PL.resources
2013-12-09 15:57 - 2012-11-15 01:57 - 00118058 _____ C:\Windows\system32\Gfxres.sk-SK.resources
2013-12-09 15:57 - 2012-11-15 01:57 - 00114852 _____ C:\Windows\system32\Gfxres.nb-NO.resources
2013-12-09 15:57 - 2012-11-15 01:57 - 00114372 _____ C:\Windows\system32\Gfxres.sl-SI.resources
2013-12-09 15:57 - 2012-11-15 01:57 - 00114261 _____ C:\Windows\system32\Gfxres.da-DK.resources
2013-12-09 15:57 - 2012-11-15 01:57 - 00110211 _____ C:\Windows\system32\Gfxres.en-US.resources
2013-12-09 15:57 - 2012-11-15 01:57 - 00104044 _____ C:\Windows\system32\Gfxres.zh-TW.resources
2013-12-09 15:57 - 2012-11-15 01:57 - 00102883 _____ C:\Windows\system32\Gfxres.zh-CN.resources
2013-12-09 15:57 - 2012-11-15 01:57 - 00092356 _____ C:\Windows\SysWOW64\igfcg500m.bin
2013-12-09 15:57 - 2012-11-15 01:57 - 00092356 _____ C:\Windows\system32\igfcg500m.bin
2013-12-09 15:57 - 2012-11-15 01:57 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2013-12-09 15:57 - 2012-11-15 01:57 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2013-12-09 15:57 - 2012-11-15 01:57 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2013-12-09 15:57 - 2012-11-15 01:57 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2013-12-09 15:57 - 2012-11-15 01:57 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2013-12-09 15:57 - 2012-11-15 01:57 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2013-12-09 15:57 - 2012-11-15 01:57 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2013-12-09 15:57 - 2012-11-15 01:57 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2013-12-09 15:57 - 2012-11-15 01:57 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2013-12-09 15:57 - 2012-11-15 01:57 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2013-12-09 15:57 - 2012-11-15 01:57 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2013-12-09 15:57 - 2012-11-15 01:57 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2013-12-09 15:57 - 2012-11-15 01:57 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2013-12-09 15:57 - 2012-11-15 01:57 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2013-12-09 15:57 - 2012-11-15 01:57 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2013-12-09 15:57 - 2012-11-15 01:57 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2013-12-09 15:57 - 2012-11-15 01:57 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2013-12-09 15:57 - 2012-11-15 01:57 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2013-12-09 15:57 - 2012-11-15 01:57 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2013-12-09 15:57 - 2012-11-15 01:57 - 00087040 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2013-12-09 15:57 - 2012-11-15 01:57 - 00087040 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2013-12-09 15:57 - 2012-11-15 01:57 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2013-12-09 15:57 - 2012-11-15 01:57 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2013-12-09 15:57 - 2012-11-15 01:57 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2013-12-09 15:57 - 2012-11-15 01:57 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2013-12-09 15:57 - 2012-11-15 01:57 - 00083968 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2013-12-09 15:57 - 2012-11-15 01:57 - 00083968 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2013-12-09 15:57 - 2012-11-15 01:57 - 00060254 _____ C:\Windows\system32\iglhxg64.vp
2013-12-09 15:57 - 2012-11-15 01:57 - 00060226 _____ C:\Windows\system32\iglhxc64.vp
2013-12-09 15:57 - 2012-11-15 01:57 - 00060015 _____ C:\Windows\system32\iglhxo64.vp
2013-12-09 15:57 - 2012-11-15 01:57 - 00005448 _____ C:\Windows\system32\iglhxs64.vp
2013-12-09 15:57 - 2012-11-15 01:57 - 00001090 _____ C:\Windows\system32\iglhxa64.vp
2013-12-09 00:12 - 2013-12-09 00:12 - 00000000 ____D C:\Users\...\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-12-05 07:42 - 2013-12-10 19:38 - 00000672 _____ C:\Windows\setupact.log
2013-12-05 07:42 - 2013-12-10 06:21 - 00103230 _____ C:\Windows\PFRO.log
2013-12-05 07:42 - 2013-12-05 07:42 - 00275856 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-05 07:42 - 2013-12-05 07:42 - 00000000 _____ C:\Windows\setuperr.log
2013-12-04 23:26 - 2013-12-04 23:26 - 00001284 _____ C:\Users\...\Desktop\Sacred.lnk
2013-12-04 23:26 - 2013-12-04 23:26 - 00001284 _____ C:\Users\Admin\Desktop\Sacred.lnk
2013-12-04 23:18 - 2013-12-04 23:18 - 00000000 ____D C:\Program Files (x86)\Ascaron Entertainment
2013-12-04 22:56 - 2013-12-04 22:57 - 00001116 _____ C:\Users\Public\Desktop\Warcraft III - The Frozen Throne.lnk
2013-12-04 22:41 - 2013-12-04 22:57 - 00000000 ____D C:\Program Files (x86)\Warcraft III
2013-12-04 22:41 - 2013-12-04 22:45 - 00001071 _____ C:\Users\Public\Desktop\Warcraft III.lnk
2013-12-04 22:34 - 2013-12-04 22:34 - 00007598 _____ C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
2013-12-04 22:31 - 2013-12-04 22:31 - 00000146 _____ C:\Users\...\Desktop\Windows Defender.lnk
2013-12-04 22:11 - 2013-12-04 22:11 - 00000000 ____D C:\Users\...\Desktop\GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}
2013-12-04 21:42 - 2013-12-10 19:48 - 00061416 _____ C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-04 21:41 - 2013-12-04 23:59 - 00000000 ____D C:\Program Files (x86)\TweakMe!
2013-12-04 21:41 - 2013-12-04 21:41 - 00001016 _____ C:\Users\Public\Desktop\TweakMe!.lnk
2013-12-04 21:40 - 2013-12-04 21:40 - 01406064 _____ (pXc-coding.com                                              ) C:\Users\...\Downloads\Tweak-Me_-1.3.0.0-Setup.exe
2013-12-04 21:09 - 2013-12-04 21:09 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-12-04 21:09 - 2013-12-04 21:09 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-04 21:09 - 2013-12-04 21:09 - 00000000 ____D C:\Program Files\CCleaner
2013-12-04 21:07 - 2013-12-04 21:08 - 04618136 _____ (Piriform Ltd) C:\Users\...\Downloads\ccsetup408.exe
2013-12-04 19:25 - 2013-12-04 19:25 - 00000000 ____D C:\Program Files (x86)\Tools&More
2013-12-04 19:24 - 2013-12-04 19:24 - 00000000 ____D C:\Windows\Downloaded Installations
2013-12-04 19:23 - 2013-12-04 19:24 - 02644177 _____ C:\Users\...\Downloads\autostartmanager602-setup.exe
2013-12-04 18:16 - 2013-12-04 18:16 - 00000000 ____D C:\Users\...\AppData\Roaming\CrystalIdea Software
2013-12-04 18:15 - 2013-12-04 18:16 - 00000000 ____D C:\Users\...\Downloads\Firefox Addons
2013-12-04 18:01 - 2013-12-04 18:01 - 00000000 ____D C:\Windows\pss
2013-12-02 20:17 - 2013-12-02 20:17 - 00000000 ____D C:\Users\...\Downloads\ICQ Datein
2013-12-02 20:00 - 2013-12-02 20:02 - 00000000 ____D C:\Users\...\AppData\Roaming\ICQ-Profile
2013-12-02 20:00 - 2013-12-02 20:00 - 00001764 _____ C:\Users\...\Desktop\ICQ.lnk
2013-12-02 20:00 - 2013-12-02 20:00 - 00001622 _____ C:\Users\...\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2013-12-02 20:00 - 2013-12-02 20:00 - 00000000 ____D C:\Users\...\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2013-12-02 20:00 - 2013-12-02 20:00 - 00000000 ____D C:\Users\...\AppData\Roaming\ICQM
2013-12-02 19:58 - 2013-12-02 20:00 - 35932488 _____ (ICQ) C:\Users\...\Downloads\icq_rfrset.exe
2013-12-02 19:34 - 2013-12-02 19:35 - 00001147 _____ C:\Users\Public\Desktop\Diablo II - Lord of Destruction.lnk
2013-12-02 18:45 - 2013-12-02 19:35 - 00000000 ____D C:\Program Files (x86)\Diablo II
2013-12-01 20:36 - 2013-12-01 20:36 - 00002038 _____ C:\Users\...\Desktop\Java Mission Control.lnk
2013-12-01 18:51 - 2013-12-01 19:49 - 00000000 ____D C:\Program Files (x86)\Diablo III
2013-12-01 18:51 - 2013-12-01 19:34 - 00001162 _____ C:\Users\Public\Desktop\Diablo III.lnk
2013-12-01 18:51 - 2013-12-01 19:34 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2013-12-01 18:49 - 2013-12-01 18:49 - 00000000 ____D C:\ProgramData\Battle.net
2013-11-30 07:25 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2013-11-30 07:25 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2013-11-30 07:25 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2013-11-30 07:25 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2013-11-30 07:25 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2013-11-30 07:25 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2013-11-29 19:42 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-29 19:36 - 2013-11-29 19:36 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-29 19:36 - 2013-11-29 19:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-29 19:36 - 2013-11-29 19:36 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-29 19:36 - 2013-11-29 19:36 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-29 19:36 - 2013-11-29 19:36 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-29 19:36 - 2013-11-29 19:36 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-29 19:36 - 2013-11-29 19:36 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-29 19:36 - 2013-11-29 19:36 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-29 19:36 - 2013-11-29 19:36 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-29 19:36 - 2013-11-29 19:36 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-29 19:36 - 2013-11-29 19:36 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-29 19:36 - 2013-11-29 19:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-29 19:36 - 2013-11-29 19:36 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-29 19:36 - 2013-11-29 19:36 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-29 19:36 - 2013-11-29 19:36 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-29 19:36 - 2013-11-29 19:36 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-29 19:36 - 2013-11-29 19:36 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-29 19:36 - 2013-11-29 19:36 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-29 19:36 - 2013-11-29 19:36 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-29 19:36 - 2013-11-29 19:36 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-29 19:36 - 2013-11-29 19:36 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-29 19:36 - 2013-11-29 19:36 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-29 19:36 - 2013-11-29 19:36 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-29 19:36 - 2013-11-29 19:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-29 19:36 - 2013-11-29 19:36 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-29 19:36 - 2013-11-29 19:36 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-29 19:36 - 2013-11-29 19:36 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-29 19:36 - 2013-11-29 19:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-29 19:27 - 2013-11-29 19:27 - 00000219 _____ C:\Users\...\Desktop\Dota 2.url
2013-11-29 19:27 - 2013-11-29 19:27 - 00000000 ____D C:\Users\...\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-11-29 19:05 - 2013-12-10 19:42 - 00000000 ____D C:\Users\...\AppData\Roaming\Skype
2013-11-29 19:05 - 2013-11-30 14:19 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2013-11-29 19:05 - 2013-11-29 19:05 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-29 19:04 - 2013-11-30 14:19 - 00000000 ____D C:\ProgramData\Skype
2013-11-29 19:02 - 2013-11-29 19:02 - 01551008 _____ (Skype Technologies S.A.) C:\Users\...\Downloads\SkypeSetup.exe
2013-11-29 18:58 - 2013-12-10 19:42 - 00000000 ____D C:\Program Files (x86)\Steam
2013-11-29 18:58 - 2013-11-29 18:58 - 00000917 _____ C:\Users\Public\Desktop\Steam.lnk
2013-11-29 18:57 - 2013-11-29 18:28 - 08531968 _____ C:\Users\...\Downloads\SteamInstall_German.msi
2013-11-24 17:46 - 2013-11-24 19:04 - 00000000 ____D C:\Users\...\AppData\Roaming\vlc
2013-11-24 17:46 - 2013-11-24 17:46 - 00000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-11-24 17:46 - 2013-11-24 17:46 - 00000000 ____D C:\Program Files\VideoLAN
2013-11-24 17:44 - 2013-11-24 17:45 - 23679700 _____ C:\Users\...\Downloads\vlc-2.1.1-win64.exe
2013-11-24 14:38 - 2013-12-10 00:17 - 00000000 ____D C:\Users\...\AppData\Roaming\DAEMON Tools Lite
2013-11-24 14:37 - 2013-11-24 14:37 - 00001954 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2013-11-24 14:36 - 2013-11-24 14:36 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2013-11-24 14:36 - 2013-11-24 14:36 - 00000000 ____D C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
2013-11-24 14:36 - 2013-11-24 14:36 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2013-11-24 14:35 - 2013-11-24 14:38 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2013-11-18 17:51 - 2013-11-18 17:51 - 00000000 ____D C:\Users\...\Downloads\Odin_3.07
2013-11-18 17:50 - 2013-11-18 17:50 - 00995769 _____ C:\Users\...\Downloads\Odin_3.07.zip
2013-11-17 19:39 - 2013-11-17 19:39 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_UsbDr_01_09_00.Wdf
2013-11-17 14:37 - 2013-11-17 14:37 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2013-11-17 14:25 - 2013-11-17 14:25 - 00000000 ____D C:\Program Files\SAMSUNG
2013-11-17 14:25 - 2013-08-21 05:31 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2013-11-17 14:25 - 2013-08-21 05:31 - 00708168 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2013-11-17 14:25 - 2013-08-21 05:31 - 00204568 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2013-11-17 14:25 - 2013-08-21 05:31 - 00103576 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2013-11-17 13:05 - 2013-11-17 13:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-17 13:03 - 2013-12-10 23:04 - 00000000 ___RD C:\Users\...\Dropbox
2013-11-17 13:03 - 2013-11-17 13:03 - 00001001 _____ C:\Users\...\Desktop\Dropbox.lnk
2013-11-17 13:00 - 2013-11-17 13:00 - 00000000 ____D C:\Users\...\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-11-17 13:00 - 2013-11-17 13:00 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Dropbox
2013-11-17 12:59 - 2013-12-10 23:04 - 00000000 ____D C:\Users\...\AppData\Roaming\Dropbox
2013-11-17 12:58 - 2013-11-17 12:59 - 35334016 _____ (Dropbox, Inc.) C:\Users\...\Downloads\Dropbox_2.4.7.exe
2013-11-17 12:38 - 2013-11-29 19:25 - 00000000 ____D C:\Users\...\AppData\Local\Thunderbird
2013-11-17 12:38 - 2013-11-17 12:38 - 00000000 ____D C:\Users\...\AppData\Roaming\Thunderbird
2013-11-17 12:37 - 2013-11-29 19:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-11-17 12:37 - 2013-11-17 12:37 - 00002090 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2013-11-17 12:36 - 2013-11-17 12:36 - 21981512 _____ (Mozilla) C:\Users\...\Downloads\Thunderbird_Setup_24.1.0.exe
2013-11-16 14:12 - 2013-11-16 14:12 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2013-11-16 14:09 - 2013-11-17 14:25 - 00000000 ____D C:\ProgramData\Samsung
2013-11-16 14:07 - 2013-11-16 14:07 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2013-11-16 14:06 - 2013-11-17 13:59 - 00000000 ____D C:\Users\...\Documents\samsung
2013-11-16 14:06 - 2013-11-16 14:07 - 00000000 ____D C:\Users\...\AppData\Roaming\Samsung
2013-11-16 13:59 - 2013-11-16 13:59 - 00000000 ____D C:\Windows\system32\usb_driver
2013-11-16 13:55 - 2013-11-16 13:55 - 00001997 _____ C:\Users\...\Desktop\Samsung Kies 3.lnk
2013-11-16 13:54 - 2013-11-16 13:54 - 00000000 ____D C:\Users\Admin\AppData\Local\Downloaded Installations
2013-11-16 13:54 - 2013-11-16 13:54 - 00000000 ____D C:\Program Files (x86)\Samsung
2013-11-16 13:54 - 2013-11-16 13:54 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2013-11-16 13:52 - 2013-11-16 13:53 - 37141984 _____ (Samsung Electronics Co., Ltd.                                ) C:\Users\...\Downloads\Kies3Setup.exe
2013-11-16 13:44 - 2013-11-16 13:44 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2013-11-16 13:44 - 2013-11-16 13:44 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2013-11-16 13:40 - 2013-11-16 13:40 - 00000000 ____D C:\Users\...\.jmc
2013-11-16 13:40 - 2013-11-16 13:40 - 00000000 ____D C:\Users\...\.eclipse
2013-11-16 13:33 - 2013-11-16 13:36 - 131396000 _____ (Oracle Corporation) C:\Users\...\Downloads\jdk-7u45-windows-x64.exe
2013-11-16 13:23 - 2013-11-16 13:23 - 00000000 ____D C:\Program Files\platform-tools
2013-11-16 12:59 - 2013-12-10 23:05 - 00000000 ___RD C:\Users\...\Desktop\Verschiedenes
2013-11-16 12:59 - 2013-11-16 13:00 - 00000000 ____D C:\Users\...\Downloads\adt-bundle-windows-x86_64-20131030
2013-11-16 12:52 - 2013-11-16 12:52 - 00000000 ____D C:\Android
2013-11-16 12:37 - 2013-11-16 13:46 - 00000000 ____D C:\Users\...\.android
2013-11-16 12:36 - 2013-11-16 12:36 - 00000000 ____D C:\Users\...\workspace
2013-11-16 12:32 - 2013-11-16 13:36 - 00000000 ____D C:\Program Files\Java
2013-11-16 12:32 - 2013-11-16 12:32 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-11-16 12:32 - 2013-11-16 12:32 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-11-16 12:32 - 2013-11-16 12:32 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-11-16 12:32 - 2013-11-16 12:32 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-11-16 12:32 - 2013-11-16 12:32 - 00000000 ____D C:\ProgramData\Oracle
2013-11-16 12:30 - 2013-11-16 12:31 - 30694824 _____ (Oracle Corporation) C:\Users\...\Downloads\jre-7u45-windows-x64.exe
2013-11-14 19:56 - 2013-11-14 20:09 - 503735416 _____ C:\Users\...\Downloads\adt-bundle-windows-x86_64-20131030.zip
2013-11-14 19:24 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 19:24 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-14 19:24 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-14 19:24 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-14 19:23 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 19:23 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 19:23 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 19:23 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-14 19:23 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-14 19:23 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-14 19:23 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-14 19:23 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-14 19:23 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-14 19:23 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-14 19:23 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 19:23 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-14 19:23 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-14 19:23 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-14 19:23 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-14 19:23 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-14 19:23 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-14 19:23 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-14 19:23 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-14 19:23 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-14 19:23 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-14 19:23 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-14 19:23 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-14 19:23 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-14 19:23 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-14 19:23 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-14 19:22 - 2013-11-14 19:23 - 00000000 ____D C:\Users\...\Documents\schule
2013-11-14 19:17 - 2013-11-16 20:15 - 00000000 ____D C:\Users\...\Downloads\Vom Handy
2013-11-14 19:16 - 2013-11-14 19:16 - 00000000 ____D C:\Users\...\Documents\Buzz backup

==================== One Month Modified Files and Folders =======

2013-12-10 23:06 - 2013-12-10 23:05 - 00008975 _____ C:\Users\...\Desktop\FRST.txt
2013-12-10 23:05 - 2013-12-10 23:05 - 00000000 ____D C:\FRST
2013-12-10 23:05 - 2013-11-16 12:59 - 00000000 ___RD C:\Users\...\Desktop\Verschiedenes
2013-12-10 23:04 - 2013-12-10 23:04 - 01928110 _____ (Farbar) C:\Users\...\Desktop\FRST64
2013-12-10 23:04 - 2013-11-17 13:03 - 00000000 ___RD C:\Users\...\Dropbox
2013-12-10 23:04 - 2013-11-17 12:59 - 00000000 ____D C:\Users\...\AppData\Roaming\Dropbox
2013-12-10 22:53 - 2013-10-18 18:50 - 01807444 _____ C:\Windows\WindowsUpdate.log
2013-12-10 22:43 - 2013-12-10 22:43 - 00003426 _____ C:\Windows\System32\Tasks\BackUp_Maker-...
2013-12-10 22:43 - 2013-12-10 22:43 - 00002164 _____ C:\Users\Public\Desktop\BackUp Maker.lnk
2013-12-10 22:43 - 2013-12-10 22:43 - 00000000 ____D C:\Users\...\AppData\Roaming\ASCOMP Software
2013-12-10 22:43 - 2013-12-10 22:43 - 00000000 ____D C:\Program Files (x86)\ASCOMP Software
2013-12-10 22:43 - 2013-12-10 17:25 - 00000000 ____D C:\Users\...\AppData\Roaming\Free Download Manager
2013-12-10 22:42 - 2013-12-10 22:42 - 06831312 _____ (ASCOMP Software GmbH                                        ) C:\Users\...\Downloads\bkmaker.exe
2013-12-10 21:13 - 2013-12-10 21:13 - 00000037 _____ C:\Users\...\AppData\Roaming\mbam.context.scan
2013-12-10 21:07 - 2013-12-10 21:07 - 00001607 _____ C:\Users\...\Desktop\05ER-PC - Verknüpfung.lnk
2013-12-10 21:06 - 2013-12-10 00:36 - 00061416 _____ C:\Users\...\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-10 20:38 - 2013-12-10 20:38 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Malwarebytes
2013-12-10 20:34 - 2013-12-10 18:43 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2013-12-10 19:49 - 2013-12-10 19:46 - 00000000 ____D C:\Program Files (x86)\Ubuntu Skin Pack
2013-12-10 19:49 - 2013-10-27 17:57 - 00000000 ____D C:\Program Files (x86)\Skin Pack
2013-12-10 19:48 - 2013-12-04 21:42 - 00061416 _____ C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-10 19:47 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2013-12-10 19:47 - 2009-07-14 04:20 - 00000000 __RSD C:\Windows\Media
2013-12-10 19:47 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\migwiz
2013-12-10 19:47 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Cursors
2013-12-10 19:46 - 2013-12-10 19:46 - 02755072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll.tmp
2013-12-10 19:46 - 2013-12-10 19:46 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll.tmp
2013-12-10 19:46 - 2013-10-18 22:35 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2013-12-10 19:46 - 2009-07-14 05:45 - 00015104 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-10 19:46 - 2009-07-14 05:45 - 00015104 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-10 19:46 - 2009-07-14 00:55 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-12-10 19:46 - 2009-07-14 00:54 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\themeservice.dll
2013-12-10 19:42 - 2013-11-29 19:05 - 00000000 ____D C:\Users\...\AppData\Roaming\Skype
2013-12-10 19:42 - 2013-11-29 18:58 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-10 19:39 - 2013-11-02 17:48 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-12-10 19:38 - 2013-12-10 16:34 - 00000000 ____D C:\ProgramData\Samsung Inkjet
2013-12-10 19:38 - 2013-12-05 07:42 - 00000672 _____ C:\Windows\setupact.log
2013-12-10 19:38 - 2013-10-27 22:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-10 19:38 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-10 18:27 - 2013-12-10 19:44 - 31946198 _____ C:\Users\...\Desktop\Ubuntu_Skin_Pack_9.0-X64.exe
2013-12-10 17:26 - 2013-10-27 22:17 - 00003824 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-10 17:25 - 2013-12-10 17:25 - 00001083 _____ C:\Users\Admin\Desktop\Free Download Manager.lnk
2013-12-10 17:25 - 2013-12-10 17:25 - 00000000 ____D C:\Program Files (x86)\Free Download Manager
2013-12-10 17:10 - 2013-12-10 17:09 - 07752897 _____ (FreeDownloadManager.ORG                                     ) C:\Users\...\Downloads\fdminst.exe
2013-12-10 16:40 - 2013-12-10 16:40 - 00000247 _____ C:\Users\Admin\AppData\Local\LaunchHomeCenter.log
2013-12-10 16:38 - 2013-12-10 16:38 - 00002245 _____ C:\Users\Public\Desktop\Samsung Print Manager.lnk
2013-12-10 16:38 - 2013-12-10 16:38 - 00000000 ____D C:\Users\...\AppData\Local\Samsung
2013-12-10 16:38 - 2013-12-10 16:38 - 00000000 ____D C:\Users\Admin\AppData\Local\Samsung_Electronics_Co.,_
2013-12-10 16:37 - 2013-12-10 16:37 - 00000000 ____D C:\Windows\SysWOW64\samsung inkjet
2013-12-10 16:36 - 2013-12-10 16:36 - 00000000 ____D C:\Program Files (x86)\Samsung Inkjet
2013-12-10 06:21 - 2013-12-05 07:42 - 00103230 _____ C:\Windows\PFRO.log
2013-12-10 01:41 - 2013-12-10 01:41 - 00000000 ____D C:\Users\...\AppData\Roaming\Malwarebytes
2013-12-10 01:36 - 2013-12-10 01:36 - 00001131 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-10 01:36 - 2013-12-10 01:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-10 01:36 - 2013-12-10 01:36 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-10 01:36 - 2013-12-10 01:35 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\...\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-10 01:02 - 2013-12-10 01:02 - 00003166 _____ C:\Windows\System32\Tasks\SmartDefrag_Startup
2013-12-10 01:02 - 2013-12-09 22:39 - 00003500 _____ C:\Windows\System32\Tasks\SmartDefrag_Schedule
2013-12-10 00:51 - 2013-12-10 00:51 - 00388608 _____ (Trend Micro Inc.) C:\Users\...\Desktop\HijackThis.exe
2013-12-10 00:25 - 2013-12-10 00:25 - 00005428 _____ C:\Users\Admin\Desktop\startup.txt
2013-12-10 00:17 - 2013-11-24 14:38 - 00000000 ____D C:\Users\...\AppData\Roaming\DAEMON Tools Lite
2013-12-10 00:07 - 2013-12-10 00:07 - 00000000 ____D C:\Users\...\Documents\defrag
2013-12-09 22:35 - 2013-12-09 22:35 - 00003164 _____ C:\Windows\System32\Tasks\SmartDefragUpdate
2013-12-09 22:35 - 2013-12-09 22:35 - 00001182 _____ C:\Users\Public\Desktop\Smart Defrag 2.lnk
2013-12-09 22:35 - 2013-12-09 22:35 - 00000000 ____D C:\Users\Admin\AppData\Roaming\IObit
2013-12-09 22:35 - 2013-12-09 22:35 - 00000000 ____D C:\ProgramData\IObit
2013-12-09 22:35 - 2013-12-09 22:35 - 00000000 ____D C:\Program Files (x86)\IObit
2013-12-09 22:32 - 2013-12-09 22:31 - 05852272 _____ (IObit                                                       ) C:\Users\...\Downloads\defragsetup.exe
2013-12-09 22:19 - 2013-12-09 21:54 - 00000000 ____D C:\Users\Admin\AppData\Local\Razer
2013-12-09 22:19 - 2013-12-09 21:40 - 00000000 ____D C:\ProgramData\Razer
2013-12-09 22:01 - 2013-12-09 22:01 - 00000000 ____D C:\Users\Admin\Documents\Razer
2013-12-09 21:40 - 2013-12-09 21:40 - 00000000 ____D C:\Program Files (x86)\Razer
2013-12-09 21:38 - 2013-12-09 21:38 - 00001209 _____ C:\Users\Public\Desktop\appsmaker AppBooster 2.0.lnk
2013-12-09 21:38 - 2013-12-09 21:38 - 00000000 ____D C:\Users\Admin\AppData\Roaming\AppBooster
2013-12-09 21:38 - 2013-12-09 21:38 - 00000000 ____D C:\Program Files (x86)\appsmaker
2013-12-09 21:20 - 2013-12-09 21:14 - 01592784 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-12-09 21:20 - 2009-07-14 18:58 - 00698926 _____ C:\Windows\system32\perfh007.dat
2013-12-09 21:20 - 2009-07-14 18:58 - 00149034 _____ C:\Windows\system32\perfc007.dat
2013-12-09 21:19 - 2009-07-14 06:13 - 01592784 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-09 21:07 - 2013-12-09 21:06 - 09490912 _____ (appsmaker                                                   ) C:\Users\...\Downloads\AppBooster20_Basic_Setup.exe
2013-12-09 21:05 - 2013-12-09 21:03 - 39721880 _____ (Razer Inc.                                                  ) C:\Users\...\Downloads\RazerGameBoosterSetup_4.0.68.0.exe
2013-12-09 16:06 - 2013-10-18 18:58 - 00000000 ____D C:\Users\Admin
2013-12-09 16:00 - 2013-12-09 16:00 - 00000000 ____D C:\Program Files (x86)\Intel
2013-12-09 15:59 - 2013-10-18 20:30 - 00000000 ____D C:\Intel
2013-12-09 00:12 - 2013-12-09 00:12 - 00000000 ____D C:\Users\...\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-12-05 07:42 - 2013-12-05 07:42 - 00275856 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-05 07:42 - 2013-12-05 07:42 - 00000000 _____ C:\Windows\setuperr.log
2013-12-05 00:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\oobe
2013-12-04 23:59 - 2013-12-04 21:41 - 00000000 ____D C:\Program Files (x86)\TweakMe!
2013-12-04 23:27 - 2013-10-18 18:55 - 00000000 ____D C:\Users\...\AppData\Local\VirtualStore
2013-12-04 23:26 - 2013-12-04 23:26 - 00001284 _____ C:\Users\...\Desktop\Sacred.lnk
2013-12-04 23:26 - 2013-12-04 23:26 - 00001284 _____ C:\Users\Admin\Desktop\Sacred.lnk
2013-12-04 23:18 - 2013-12-04 23:18 - 00000000 ____D C:\Program Files (x86)\Ascaron Entertainment
2013-12-04 22:57 - 2013-12-04 22:56 - 00001116 _____ C:\Users\Public\Desktop\Warcraft III - The Frozen Throne.lnk
2013-12-04 22:57 - 2013-12-04 22:41 - 00000000 ____D C:\Program Files (x86)\Warcraft III
2013-12-04 22:45 - 2013-12-04 22:41 - 00001071 _____ C:\Users\Public\Desktop\Warcraft III.lnk
2013-12-04 22:34 - 2013-12-04 22:34 - 00007598 _____ C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
2013-12-04 22:31 - 2013-12-04 22:31 - 00000146 _____ C:\Users\...\Desktop\Windows Defender.lnk
2013-12-04 22:11 - 2013-12-04 22:11 - 00000000 ____D C:\Users\...\Desktop\GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}
2013-12-04 21:41 - 2013-12-04 21:41 - 00001016 _____ C:\Users\Public\Desktop\TweakMe!.lnk
2013-12-04 21:40 - 2013-12-04 21:40 - 01406064 _____ (pXc-coding.com                                              ) C:\Users\...\Downloads\Tweak-Me_-1.3.0.0-Setup.exe
2013-12-04 21:12 - 2013-10-18 19:46 - 00000000 ____D C:\Windows\Panther
2013-12-04 21:09 - 2013-12-04 21:09 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-12-04 21:09 - 2013-12-04 21:09 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-04 21:09 - 2013-12-04 21:09 - 00000000 ____D C:\Program Files\CCleaner
2013-12-04 21:08 - 2013-12-04 21:07 - 04618136 _____ (Piriform Ltd) C:\Users\...\Downloads\ccsetup408.exe
2013-12-04 19:25 - 2013-12-04 19:25 - 00000000 ____D C:\Program Files (x86)\Tools&More
2013-12-04 19:24 - 2013-12-04 19:24 - 00000000 ____D C:\Windows\Downloaded Installations
2013-12-04 19:24 - 2013-12-04 19:23 - 02644177 _____ C:\Users\...\Downloads\autostartmanager602-setup.exe
2013-12-04 19:14 - 2013-10-18 18:56 - 00000000 ___RD C:\Users\...\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-04 18:16 - 2013-12-04 18:16 - 00000000 ____D C:\Users\...\AppData\Roaming\CrystalIdea Software
2013-12-04 18:16 - 2013-12-04 18:15 - 00000000 ____D C:\Users\...\Downloads\Firefox Addons
2013-12-04 18:01 - 2013-12-04 18:01 - 00000000 ____D C:\Windows\pss
2013-12-02 20:17 - 2013-12-02 20:17 - 00000000 ____D C:\Users\...\Downloads\ICQ Datein
2013-12-02 20:02 - 2013-12-02 20:00 - 00000000 ____D C:\Users\...\AppData\Roaming\ICQ-Profile
2013-12-02 20:00 - 2013-12-02 20:00 - 00001764 _____ C:\Users\...\Desktop\ICQ.lnk
2013-12-02 20:00 - 2013-12-02 20:00 - 00001622 _____ C:\Users\...\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2013-12-02 20:00 - 2013-12-02 20:00 - 00000000 ____D C:\Users\...\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2013-12-02 20:00 - 2013-12-02 20:00 - 00000000 ____D C:\Users\...\AppData\Roaming\ICQM
2013-12-02 20:00 - 2013-12-02 19:58 - 35932488 _____ (ICQ) C:\Users\...\Downloads\icq_rfrset.exe
2013-12-02 19:35 - 2013-12-02 19:34 - 00001147 _____ C:\Users\Public\Desktop\Diablo II - Lord of Destruction.lnk
2013-12-02 19:35 - 2013-12-02 18:45 - 00000000 ____D C:\Program Files (x86)\Diablo II
2013-12-01 20:36 - 2013-12-01 20:36 - 00002038 _____ C:\Users\...\Desktop\Java Mission Control.lnk
2013-12-01 19:49 - 2013-12-01 18:51 - 00000000 ____D C:\Program Files (x86)\Diablo III
2013-12-01 19:34 - 2013-12-01 18:51 - 00001162 _____ C:\Users\Public\Desktop\Diablo III.lnk
2013-12-01 19:34 - 2013-12-01 18:51 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2013-12-01 18:49 - 2013-12-01 18:49 - 00000000 ____D C:\ProgramData\Battle.net
2013-11-30 14:49 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-30 14:19 - 2013-11-29 19:05 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2013-11-30 14:19 - 2013-11-29 19:04 - 00000000 ____D C:\ProgramData\Skype
2013-11-30 14:16 - 2013-10-27 19:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-30 08:48 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-29 19:36 - 2013-11-29 19:36 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-29 19:36 - 2013-11-29 19:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-29 19:36 - 2013-11-29 19:36 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-29 19:36 - 2013-11-29 19:36 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-29 19:36 - 2013-11-29 19:36 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-29 19:36 - 2013-11-29 19:36 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-29 19:36 - 2013-11-29 19:36 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-29 19:36 - 2013-11-29 19:36 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-29 19:36 - 2013-11-29 19:36 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-29 19:36 - 2013-11-29 19:36 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-29 19:36 - 2013-11-29 19:36 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-29 19:36 - 2013-11-29 19:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-29 19:36 - 2013-11-29 19:36 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-29 19:36 - 2013-11-29 19:36 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-29 19:36 - 2013-11-29 19:36 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-29 19:36 - 2013-11-29 19:36 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-29 19:36 - 2013-11-29 19:36 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-29 19:36 - 2013-11-29 19:36 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-29 19:36 - 2013-11-29 19:36 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-29 19:36 - 2013-11-29 19:36 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-29 19:36 - 2013-11-29 19:36 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-29 19:36 - 2013-11-29 19:36 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-29 19:36 - 2013-11-29 19:36 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-29 19:36 - 2013-11-29 19:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-29 19:36 - 2013-11-29 19:36 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-29 19:36 - 2013-11-29 19:36 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-29 19:36 - 2013-11-29 19:36 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-29 19:36 - 2013-11-29 19:36 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-29 19:36 - 2013-11-29 19:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-29 19:33 - 2013-11-17 12:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-11-29 19:27 - 2013-11-29 19:27 - 00000219 _____ C:\Users\...\Desktop\Dota 2.url
2013-11-29 19:27 - 2013-11-29 19:27 - 00000000 ____D C:\Users\...\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-11-29 19:25 - 2013-11-17 12:38 - 00000000 ____D C:\Users\...\AppData\Local\Thunderbird
2013-11-29 19:05 - 2013-11-29 19:05 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-29 19:02 - 2013-11-29 19:02 - 01551008 _____ (Skype Technologies S.A.) C:\Users\...\Downloads\SkypeSetup.exe
2013-11-29 18:58 - 2013-11-29 18:58 - 00000917 _____ C:\Users\Public\Desktop\Steam.lnk
2013-11-29 18:58 - 2013-10-18 18:55 - 00000000 ____D C:\Users\...
2013-11-29 18:28 - 2013-11-29 18:57 - 08531968 _____ C:\Users\...\Downloads\SteamInstall_German.msi
2013-11-24 19:04 - 2013-11-24 17:46 - 00000000 ____D C:\Users\...\AppData\Roaming\vlc
2013-11-24 17:46 - 2013-11-24 17:46 - 00000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-11-24 17:46 - 2013-11-24 17:46 - 00000000 ____D C:\Program Files\VideoLAN
2013-11-24 17:45 - 2013-11-24 17:44 - 23679700 _____ C:\Users\...\Downloads\vlc-2.1.1-win64.exe
2013-11-24 14:38 - 2013-11-24 14:35 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2013-11-24 14:37 - 2013-11-24 14:37 - 00001954 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2013-11-24 14:36 - 2013-11-24 14:36 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2013-11-24 14:36 - 2013-11-24 14:36 - 00000000 ____D C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
2013-11-24 14:36 - 2013-11-24 14:36 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2013-11-18 17:51 - 2013-11-18 17:51 - 00000000 ____D C:\Users\...\Downloads\Odin_3.07
2013-11-18 17:50 - 2013-11-18 17:50 - 00995769 _____ C:\Users\...\Downloads\Odin_3.07.zip
2013-11-17 19:39 - 2013-11-17 19:39 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_UsbDr_01_09_00.Wdf
2013-11-17 14:37 - 2013-11-17 14:37 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2013-11-17 14:25 - 2013-11-17 14:25 - 00000000 ____D C:\Program Files\SAMSUNG
2013-11-17 14:25 - 2013-11-16 14:09 - 00000000 ____D C:\ProgramData\Samsung
2013-11-17 13:59 - 2013-11-16 14:06 - 00000000 ____D C:\Users\...\Documents\samsung
2013-11-17 13:05 - 2013-11-17 13:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-17 13:03 - 2013-11-17 13:03 - 00001001 _____ C:\Users\...\Desktop\Dropbox.lnk
2013-11-17 13:00 - 2013-11-17 13:00 - 00000000 ____D C:\Users\...\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-11-17 13:00 - 2013-11-17 13:00 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Dropbox
2013-11-17 12:59 - 2013-11-17 12:58 - 35334016 _____ (Dropbox, Inc.) C:\Users\...\Downloads\Dropbox_2.4.7.exe
2013-11-17 12:38 - 2013-11-17 12:38 - 00000000 ____D C:\Users\...\AppData\Roaming\Thunderbird
2013-11-17 12:37 - 2013-11-17 12:37 - 00002090 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2013-11-17 12:36 - 2013-11-17 12:36 - 21981512 _____ (Mozilla) C:\Users\...\Downloads\Thunderbird_Setup_24.1.0.exe
2013-11-16 20:15 - 2013-11-14 19:17 - 00000000 ____D C:\Users\...\Downloads\Vom Handy
2013-11-16 14:12 - 2013-11-16 14:12 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2013-11-16 14:07 - 2013-11-16 14:07 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2013-11-16 14:07 - 2013-11-16 14:06 - 00000000 ____D C:\Users\...\AppData\Roaming\Samsung
2013-11-16 13:59 - 2013-11-16 13:59 - 00000000 ____D C:\Windows\system32\usb_driver
2013-11-16 13:55 - 2013-11-16 13:55 - 00001997 _____ C:\Users\...\Desktop\Samsung Kies 3.lnk
2013-11-16 13:54 - 2013-11-16 13:54 - 00000000 ____D C:\Users\Admin\AppData\Local\Downloaded Installations
2013-11-16 13:54 - 2013-11-16 13:54 - 00000000 ____D C:\Program Files (x86)\Samsung
2013-11-16 13:54 - 2013-11-16 13:54 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2013-11-16 13:53 - 2013-11-16 13:52 - 37141984 _____ (Samsung Electronics Co., Ltd.                                ) C:\Users\...\Downloads\Kies3Setup.exe
2013-11-16 13:46 - 2013-11-16 12:37 - 00000000 ____D C:\Users\...\.android
2013-11-16 13:44 - 2013-11-16 13:44 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2013-11-16 13:44 - 2013-11-16 13:44 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2013-11-16 13:40 - 2013-11-16 13:40 - 00000000 ____D C:\Users\...\.jmc
2013-11-16 13:40 - 2013-11-16 13:40 - 00000000 ____D C:\Users\...\.eclipse
2013-11-16 13:36 - 2013-11-16 13:33 - 131396000 _____ (Oracle Corporation) C:\Users\...\Downloads\jdk-7u45-windows-x64.exe
2013-11-16 13:36 - 2013-11-16 12:32 - 00000000 ____D C:\Program Files\Java
2013-11-16 13:23 - 2013-11-16 13:23 - 00000000 ____D C:\Program Files\platform-tools
2013-11-16 13:00 - 2013-11-16 12:59 - 00000000 ____D C:\Users\...\Downloads\adt-bundle-windows-x86_64-20131030
2013-11-16 12:52 - 2013-11-16 12:52 - 00000000 ____D C:\Android
2013-11-16 12:36 - 2013-11-16 12:36 - 00000000 ____D C:\Users\...\workspace
2013-11-16 12:32 - 2013-11-16 12:32 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-11-16 12:32 - 2013-11-16 12:32 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-11-16 12:32 - 2013-11-16 12:32 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-11-16 12:32 - 2013-11-16 12:32 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-11-16 12:32 - 2013-11-16 12:32 - 00000000 ____D C:\ProgramData\Oracle
2013-11-16 12:31 - 2013-11-16 12:30 - 30694824 _____ (Oracle Corporation) C:\Users\...\Downloads\jre-7u45-windows-x64.exe
2013-11-16 10:18 - 2013-10-27 22:56 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-11-15 05:42 - 2013-10-18 20:34 - 00000000 ____D C:\Windows\system32\MRT
2013-11-15 05:41 - 2013-10-18 20:34 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-14 20:09 - 2013-11-14 19:56 - 503735416 _____ C:\Users\...\Downloads\adt-bundle-windows-x86_64-20131030.zip
2013-11-14 19:23 - 2013-11-14 19:22 - 00000000 ____D C:\Users\...\Documents\schule
2013-11-14 19:23 - 2013-10-18 19:10 - 00001966 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-11-14 19:23 - 2013-10-18 19:09 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-11-14 19:23 - 2013-10-18 19:09 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-11-14 19:23 - 2013-10-18 19:09 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-11-14 19:23 - 2013-10-18 19:09 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-11-14 19:23 - 2013-10-18 19:09 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-11-14 19:23 - 2013-10-18 19:09 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-11-14 19:16 - 2013-11-14 19:16 - 00000000 ____D C:\Users\...\Documents\Buzz backup
2013-11-11 05:50 - 2013-10-18 19:03 - 00267936 _____ (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-10 03:00

==================== End Of Log ============================
         
--- --- ---


und der

Addition:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-12-2013
Ran by Admin at 2013-12-10 23:06:50
Running from C:\Users\...\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
aioscnnr (x32 Version: 1.0.0.0)
appsmaker AppBooster 2.0 (x32)
Autostart-Manager (x32 Version: 6.02.0000)
avast! Free Antivirus (x32 Version: 9.0.2008)
BackUp Maker (x32 Version: 6.5.0.5)
CCleaner (Version: 4.08)
center (x32 Version: 6.2.5.0)
DAEMON Tools Lite (x32 Version: 4.48.1.0347)
Diablo II (x32)
Diablo III (x32)
Dota 2 (x32)
essentials (x32 Version: 1.0.0.0)
Free Download Manager 3.9.3 (x32)
ImgBurn (x32 Version: 2.5.8.0)
Intel(R) Graphics Media Accelerator Driver (x32 Version: 3.1.1.64)
Java 7 Update 45 (64-bit) (Version: 7.0.450)
Java SE Development Kit 7 Update 45 (64-bit) (Version: 1.7.0.450)
LinuxLive USB Creator (x32 Version: 2.8)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
McAfee SiteAdvisor (x32 Version: 3.6.160)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 24.1.1)
Mozilla Thunderbird 24.1.1 (x86 de) (x32 Version: 24.1.1)
PCSX2 - Playstation 2 Emulator (x32)
PreReq (x32 Version: 6.2.3.0)
Rainmeter (x32 Version: 3.0.1 r2151)
Roadkil's Unstoppable Copier Version 5.2 (x32)
Sacred Underworld (x32)
Samsung AIO Printer (Version: 1.0.0.0)
Samsung All-in-One Software (x32 Version: 1.0.10.30)
Samsung Kies3 (x32 Version: 3.1.13103.22)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.29.0)
Skype™ 6.11 (x32 Version: 6.11.102)
Smart Defrag 2 (x32 Version: 2.9)
Steam (x32 Version: 1.0.0.0)
TrueCrypt (x32 Version: 7.1a)
TweakMe! (x32 Version: 1.3.0.0)
Ubuntu Skin Pack 9.0-X64 (x32 Version: 9.0-X64)
VLC media player 2.1.1 (Version: 2.1.1)
Warcraft III (x32)

==================== Restore Points  =========================

10-12-2013 00:06:07 Tweak Me! - Backup

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {088482FA-65B8-4E17-9ABF-1DCD48E8D373} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 => Rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
Task: {09F06BFE-A3C8-40E3-846A-6E6F4000C238} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 => Rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
Task: {4A5638DD-E4D4-43DD-A8B6-7F0C1A78A9F1} - System32\Tasks\SmartDefrag_Schedule => C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe [2013-09-13] (IObit)
Task: {7311C616-49F5-46B7-AD92-525D182AF4E6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {8496D832-582B-449C-8B2A-909FD0773207} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector => Rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => Rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
Task: {99C2CA04-EAEF-43F0-A2F5-9A1ED40560CB} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-11-14] (AVAST Software)
Task: {A73EC77C-4EEA-484E-AC64-68CAC89FBCB0} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe [2013-09-13] (IObit)
Task: {A7C73732-9F11-4281-8D19-764D4EC9D94D} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe aepdu.dll,AePduRunUpdate
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {C50BA1D2-174D-4F0B-A025-2C7ACE155F5C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-27] (Adobe Systems Incorporated)
Task: {D65E45A4-04C7-44AA-BBF2-0E0E5EE41521} - System32\Tasks\BackUp_Maker-...=> C:\Program Files (x86)\ASCOMP Software\BackUp Maker\bkmaker.exe [2013-06-12] (ASCOMP Software GmbH)
Task: {D7B6E81D-3CF4-432C-84D2-24213F4316E6} - System32\Tasks\Microsoft\Windows\Autochk\Proxy => Rundll32.exe /d acproxy.dll,PerformAutochkOperations
Task: {DDAD9380-A9CF-4F65-A77B-0E598B21250F} - System32\Tasks\SmartDefragUpdate => C:\Program Files (x86)\IObit\Smart Defrag 2\AutoUpdate.exe [2013-05-22] (IObit)
Task: {E22A8667-F75B-4BA9-BA46-067ED4429DE8} - System32\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange => Rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-12-10 16:30 - 2013-12-10 13:08 - 02152448 _____ () C:\Program Files\AVAST Software\Avast\defs\13121000\algo.dll
2013-10-18 19:09 - 2013-10-18 19:09 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\...\AppData\Roaming\Dropbox\bin\libcef.dll
2013-11-17 13:05 - 2013-11-17 13:05 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-12-10 17:25 - 2013-10-25 21:58 - 00283648 _____ () C:\Program Files (x86)\Free Download Manager\Firefox\Extension\components\vmsfdmff22.dll
2013-12-10 17:25 - 2013-10-04 14:15 - 00106496 _____ () C:\Program Files (x86)\Free Download Manager\fdmumsp.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/10/2013 01:06:07 AM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {a49b46e9-d4e8-48d0-b5f3-15447f0c547a}

Error: (12/09/2013 09:15:38 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070003

Error: (12/08/2013 07:17:49 PM) (Source: PerfNet) (User: )
Description: 

Error: (12/07/2013 07:59:01 PM) (Source: PerfNet) (User: )
Description: 

Error: (12/05/2013 07:16:42 PM) (Source: PerfNet) (User: )
Description: 

Error: (12/04/2013 11:27:09 PM) (Source: Application Hang) (User: )
Description: Programm Autorun.exe, Version 1.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: af4

Startzeit: 01cef13ea0114639

Endzeit: 4

Anwendungspfad: D:\Autorun.exe

Berichts-ID: 966a7260-5d32-11e3-8495-705ab63a4dca

Error: (12/04/2013 06:17:22 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 25.0.1.5064, Zeitstempel: 0x5282f204
Name des fehlerhaften Moduls: xul.dll, Version: 25.0.1.5064, Zeitstempel: 0x5282f10e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00118f87
ID des fehlerhaften Prozesses: 0xf48
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3

Error: (12/02/2013 11:40:05 PM) (Source: Audiorecorder) (User: )
Description: Unknown Error, 0x80004003

Error: (12/02/2013 11:40:05 PM) (Source: Audiorecorder) (User: )
Description: Unknown Error, 0x80004003

Error: (12/02/2013 11:40:05 PM) (Source: Audiorecorder) (User: )
Description: Unknown Error, 0x80004003


System errors:
=============
Error: (12/10/2013 07:38:05 PM) (Source: volmgr) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.

Error: (12/10/2013 02:55:59 PM) (Source: volmgr) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.

Error: (12/10/2013 06:20:33 AM) (Source: volmgr) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.

Error: (12/10/2013 03:14:06 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst FontCache3.0.0.0 erreicht.

Error: (12/09/2013 11:51:12 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (12/09/2013 10:19:48 PM) (Source: Service Control Manager) (User: )
Description: Dienst "RzKLService" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.

Error: (12/09/2013 10:01:24 PM) (Source: Service Control Manager) (User: )
Description: Dienst "RzKLService" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.

Error: (12/09/2013 09:53:56 PM) (Source: Service Control Manager) (User: )
Description: Dienst "RzKLService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/09/2013 09:53:34 PM) (Source: Service Control Manager) (User: )
Description: Dienst "appsmaker OptimalDisk Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/04/2013 10:48:41 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.


Microsoft Office Sessions:
=========================
Error: (12/10/2013 01:06:07 AM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {a49b46e9-d4e8-48d0-b5f3-15447f0c547a}

Error: (12/09/2013 09:15:38 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070003 
mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089

Error: (12/08/2013 07:17:49 PM) (Source: PerfNet)(User: )
Description: 

Error: (12/07/2013 07:59:01 PM) (Source: PerfNet)(User: )
Description: 

Error: (12/05/2013 07:16:42 PM) (Source: PerfNet)(User: )
Description: 

Error: (12/04/2013 11:27:09 PM) (Source: Application Hang)(User: )
Description: Autorun.exe1.0.0.0af401cef13ea01146394D:\Autorun.exe966a7260-5d32-11e3-8495-705ab63a4dca

Error: (12/04/2013 06:17:22 PM) (Source: Application Error)(User: )
Description: firefox.exe25.0.1.50645282f204xul.dll25.0.1.50645282f10ec000000500118f87f4801cef11220617c84C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dllef569107-5d07-11e3-8495-705ab63a4dca

Error: (12/02/2013 11:40:05 PM) (Source: Audiorecorder)(User: )
Description: Unknown Error, 0x80004003

Error: (12/02/2013 11:40:05 PM) (Source: Audiorecorder)(User: )
Description: Unknown Error, 0x80004003

Error: (12/02/2013 11:40:05 PM) (Source: Audiorecorder)(User: )
Description: Unknown Error, 0x80004003


==================== Memory info =========================== 

Percentage of memory in use: 40%
Total physical RAM: 4025.98 MB
Available physical RAM: 2412.52 MB
Total Pagefile: 8050.13 MB
Available Pagefile: 6444.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:386.33 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 0002F26C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         


Alt 11.12.2013, 00:51   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Virus (Kies & Registery)? - Standard

Virus (Kies & Registery)?



Seeehr unauffällig. Ein letzter Check


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
--> Virus (Kies & Registery)?

Alt 11.12.2013, 13:20   #7
Test20
 
Virus (Kies & Registery)? - Standard

Virus (Kies & Registery)?



Ok hier ist das log

Eest log:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=c31bac03b8d9f94aa97b59d1746a4669
# engine=16223
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-12-11 01:43:51
# local_time=2013-12-11 02:43:51 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 57 74 2272641 4606473 0 0
# compatibility_mode=5893 16776573 100 94 125470 138356081 0 0
# scanned=34813
# found=0
# cleaned=0
# scan_time=4467
ESETSmartInstaller@High as downloader log:
Can not read file from internet.ESETSmartInstaller@High as downloader log:
Can not read file from internet.Can not read file from internet.ESETSmartInstaller@High as downloader log:
Can not read file from internet.Can not read file from internet.ESETSmartInstaller@High as downloader log:
Can not read file from internet.# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=c31bac03b8d9f94aa97b59d1746a4669
# engine=16223
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-12-11 02:14:26
# local_time=2013-12-11 03:14:26 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 57 74 2278076 4608308 0 0
# compatibility_mode=5893 16776573 100 94 130905 138357916 0 0
# scanned=757
# found=0
# cleaned=0
# scan_time=11
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=c31bac03b8d9f94aa97b59d1746a4669
# engine=16223
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-12-11 04:22:08
# local_time=2013-12-11 05:22:08 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 57 74 2282138 4615970 0 0
# compatibility_mode=5893 16776573 100 94 134967 138365578 0 0
# scanned=138813
# found=0
# cleaned=0
# scan_time=7382
         

Alt 11.12.2013, 15:28   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Virus (Kies & Registery)? - Standard

Virus (Kies & Registery)?



Siehste, auch keine Funde mehr
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 11.12.2013, 15:48   #9
Test20
 
Virus (Kies & Registery)? - Standard

Virus (Kies & Registery)?



Zitat:
Zitat von cosinus Beitrag anzeigen
Siehste, auch keine Funde mehr
Gut also kann ich davon ausgehen das die 2 Sachen die Malwarebytes gefunden hat ein Fehlarm waren und ich meinen Windows weiter normal nutzen kann?

Alt 11.12.2013, 15:51   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Virus (Kies & Registery)? - Standard

Virus (Kies & Registery)?



Ja und sonst nur Adware ins Setups
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 11.12.2013, 16:20   #11
Test20
 
Virus (Kies & Registery)? - Standard

Virus (Kies & Registery)?



Zitat:
Zitat von cosinus Beitrag anzeigen
Ja und sonst nur Adware ins Setups
Gut vielen dank dann kann der thread ja geschlossen werden

Antwort

Themen zu Virus (Kies & Registery)?
adobe, adobe flash player, antivirus, avast, bho, dateien, desktop, email, explorer, firefox, flash player, hkus\s-1-5-18, icq, logfile, lsass.exe, malwarebytes, microsoft, mozilla, msn deutschland, neu, security, siteadvisor, software, trojan.agent, virus, windows, wmp




Zum Thema Virus (Kies & Registery)? - Ich habe heute Malwarebytes durchlaufen lassen und das hat auch nach einiger zeit etwas gefunden, nun bin ich mir aber unsicher ob das wirklich alles so richtig ist (Denn Avast - Virus (Kies & Registery)?...
Archiv
Du betrachtest: Virus (Kies & Registery)? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.