Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: desk365 installiert

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 10.07.2013, 06:26   #1
Laschmunzel
 
desk365 installiert - Standard

desk365 installiert



Hallo!

Ich habe mir ein paar Programme herunter geladen und mit ihnen dann desk365 installiert. Ich hab nach der Installation den Rechner neu gestartet und dann sofort gemerkt das da ein Programm ist, dass ich eigentlich nicht wollte und gegoogelt. Ich hab natürlich entfernt - nun möcht ich sicher gehen, dass auch alles weg ist.

Folgende Dinge habe ich unternommen:

1) Deinstallation des Programms + Deinstallation eines weiteren, etwa zur gleichen Zeit installierten Programms, welches mir dann aufgefallen ist und für mich nicht zu geordnet werden konnte (wsys control).

2) Habe mir die Installationsdateien angesehen. Alle sind einem Programm zuzuordnen. Bei einem Programm (Windows Error Lockup Tool) war im InstallationsOrdner (entpackte Zip-Datei) eine Anwendung und eine Anwendungserweiterung dabei. Ich hab versucht die Datei (also die Anwendungsdatei im Installationordner) auszuführen - es ging aber nicht mehr, die Fehlermeldung "Programm kann nicht gestartet werden da die Startdatei xxx.dll (Name hab ich vergessen) nicht gefunden werden konnte" erschien. Punkt ist: Diese Datei war zu dem Zeitpunkt noch unversehrt im InstallationsOrdner - es war nämlich die Anwendungserweiterung von Windows Error Lockup Tool. Auch das Programm lies sich nicht mehr starten. Ich bin mir nicht sicher, aber ich habe keine Installationsdatei gefunden, welche sonst passen könnte und ich kann mich nicht an irgendwelche seltsamen Zusatzoptionen bei diversen Installationen erinnern die zusätzlich etwas installiert hätten.

3) Im Internetexplorer ein unbekanntes AdOne gelöscht.

4) In der gesamten Registry nach Einträgen von desk365 gesucht und diese gelöscht.

5) Mich geärgert das mein Norton Commander seelenruhig dabei zusieht wie ich potentiel gefährliche Software hinunterlade und diese auch ohne zu meckern installieren lässt und beschlossen zu posten.

Files von OTL und GMER hängen dran!

Danke für die Hilfe jetzt schon mal!

Alt 10.07.2013, 11:49   #2
schrauber
/// the machine
/// TB-Ausbilder
 

desk365 installiert - Standard

desk365 installiert



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 10.07.2013, 18:26   #3
Laschmunzel
 
desk365 installiert - Standard

desk365 installiert



Hallo Schrauber!

ich hab jetzt alles vorbereitet und bin dann gleich weg zum scannen - aber ich habe vergessen etwas sehr wichtiges zu erwähnen! Ich habe auch ein Linux System auf meinem Rechner! Suse 12.3 - ich hab es erst seit kurzem, deshalb ist mir das entfallen. Muss ich mir Sorgen machen, das das Tool Dateien von Linux löscht? Sie sind auf einer anderen Festplatte - aber auch intern!

Lg, Laschmunzel
__________________

Alt 10.07.2013, 20:34   #4
schrauber
/// the machine
/// TB-Ausbilder
 

desk365 installiert - Standard

desk365 installiert



Der scant nur und löscht nix
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 10.07.2013, 23:31   #5
Laschmunzel
 
desk365 installiert - Unglücklich

desk365 installiert



Also der Scann von USB war nicht durchzuführen. Habe sowohl Probleme mit dem Zugriff weil das Gerät angeblich nicht bereit ist (es steht aber im Bootmenü...), als auch mit der Berechtigung als User (bzw. AdministSo! Hallo!
rator). Habe Befehle probiert, BIOS angeschaut, ein neues Konto erstellt... - ich weis nicht, warum es nicht geht.

Ich habe den Scan also vom Desktop aus durchgeführt - damit wenigstens was gemacht ist - Gibt's vielleicht ein Programm, das ich Booten kann? Den das geht mit Sicherheit.

Files hängen dran - beide natürlich vom ersten und einzigen Scan!

liebe Grüße!


Alt 11.07.2013, 07:54   #6
schrauber
/// the machine
/// TB-Ausbilder
 

desk365 installiert - Standard

desk365 installiert



Unsere Tools sollen ja auch direkt vom Desktop laufen. Logs bitte immer in den Threads posten, ich kann mit dem angehängten nix anfangen.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
--> desk365 installiert

Alt 15.07.2013, 19:35   #7
Laschmunzel
 
desk365 installiert - Standard

desk365 installiert



FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-07-2013 01
Ran by *** (administrator) on 15-07-2013 20:30:23
Running from C:\Users\***\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
(Samsung) C:\Program Files (x86)\SEC\Natural Color Pro\NCProTray.exe
(Zhorn Software) C:\Program Files (x86)\Stickies\stickies.exe
() C:\Program Files (x86)\MultiScreen\MultiScreen.exe
(Corel) C:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe
(Moo0) C:\Program Files (x86)\Moo0\ConnectionWatcher 1.55\ConnectionWatcher.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosHdpProc.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
(Opera Software) C:\Program Files (x86)\Opera\15.0.1147.141\opera.exe
() C:\Program Files (x86)\Opera\15.0.1147.141\opera_crashreporter.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Opera Software) C:\Program Files (x86)\Opera\15.0.1147.141\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\15.0.1147.141\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\15.0.1147.141\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\15.0.1147.141\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\15.0.1147.141\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\15.0.1147.141\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\15.0.1147.141\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\15.0.1147.141\opera.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7833120 2009-05-23] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-05-23] (Realtek Semiconductor Corp.)
HKCU\...\Run: [ftweak_recyclebinex] - C:\Program Files (x86)\RecycleBinEx\recyclebinex.exe -autocleanupwithoption -close [2313728 2010-05-30] (FTweak Inc.)
HKCU\...\Run: [dualmonitor] - C:\Program Files (x86)\Dual Monitor\DualMonitor.exe [478720 2013-02-18] (Cristi)
HKCU\...\Run: [SandboxieControl] - "C:\Program Files\Sandboxie\SbieCtrl.exe" [759384 2013-07-08] (Sandboxie Holdings, LLC)
HKLM-x32\...\Run: [ITSecMng] - %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START [83336 2009-07-22] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [MultiScreen] - C:\Program Files (x86)\MultiScreen\MultiScreen.exe [114688 2008-02-22] ()
HKLM-x32\...\Run: [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Standby] - "C:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe" -START [105632 2010-03-19] (Corel)
HKU\Default\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\Kleines Flausch\...\Run: [ftweak_recyclebinex] - C:\Program Files (x86)\RecycleBinEx\recyclebinex.exe -autocleanupwithoption -close [2313728 2010-05-30] (FTweak Inc.)
HKU\Kleines Flausch\...\Run: [dualmonitor] - C:\Program Files (x86)\Dual Monitor\DualMonitor.exe [478720 2013-02-18] (Cristi)
HKU\Kleines Flausch\...\Run: [SandboxieControl] - "C:\Program Files\Sandboxie\SbieCtrl.exe" [759384 2013-07-08] (Sandboxie Holdings, LLC)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Bluetooth Manager.lnk
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\NCProTray.lnk
ShortcutTarget: NCProTray.lnk -> C:\Program Files (x86)\SEC\Natural Color Pro\NCProTray.exe (Samsung)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Stickies.lnk
ShortcutTarget: Stickies.lnk -> C:\Program Files (x86)\Stickies\stickies.exe (Zhorn Software)
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Moo0 Connection Watcher 1.55.lnk
ShortcutTarget: Moo0 Connection Watcher 1.55.lnk -> C:\Program Files (x86)\Moo0\ConnectionWatcher 1.55\ConnectionWatcher.exe (Moo0)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: PricePeep - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - C:\Program Files (x86)\PricePeep\pricepeep.dll (PricePeep)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 212.186.211.21 195.34.133.21

==================== Services (Whitelisted) =================

R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2095752 2013-06-20] ()
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
S3 iPod Service; C:\Program Files (x86)\iPod\bin\iPodService.exe [641352 2013-05-31] (Apple Inc.)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [183896 2013-07-08] (Sandboxie Holdings, LLC)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2401632 2012-11-29] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-01] (Wondershare)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-05-20] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-05-20] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-07-05] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-07-05] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-07-05] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20130712.001\IDSvia64.sys [513184 2013-07-04] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20130712.001\IDSvia64.sys [513184 2013-07-04] (Symantec Corporation)
S3 MagicTune; C:\Windows\SysWow64\drivers\MTiCtwl.sys [13312 2006-08-28] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130715.003\ENG64.SYS [126040 2013-07-05] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130715.003\ENG64.SYS [126040 2013-07-05] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130715.003\EX64.SYS [2098776 2013-07-05] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130715.003\EX64.SYS [2098776 2013-07-05] (Symantec Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [199384 2013-07-08] (Sandboxie Holdings, LLC)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 SRTSP; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-15] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2013-07-15] ()
R0 SymDS; C:\Windows\System32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-20] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-05-07] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2012-07-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-07-19] (TuneUp Software)
S3 MagicTune; system32\drivers\MTiCtwl.sys [x]
S1 NCPro; \SystemRoot\system32\drivers\MTictwl.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-15 19:28 - 2013-07-15 20:02 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Nero
2013-07-15 19:28 - 2013-07-15 19:28 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Nero_AG
2013-07-15 19:28 - 2013-07-15 19:28 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Nero
2013-07-15 18:46 - 2013-07-15 18:46 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Logitech® Webcam-Software
2013-07-15 17:33 - 2013-07-15 17:33 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-07-15 17:33 - 2013-07-15 17:33 - 00000000 ____D C:\Program Files\Realtek
2013-07-15 17:32 - 2013-07-15 17:32 - 00001769 ____A C:\Windows\Language_trs.ini
2013-07-15 17:32 - 2009-05-23 02:04 - 01762080 ____A (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2013-07-15 17:32 - 2009-05-23 00:21 - 01277984 ____A (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2013-07-15 17:32 - 2009-05-23 00:21 - 00611360 ____A (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2013-07-15 17:32 - 2009-05-23 00:21 - 00332320 ____A (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2013-07-15 17:32 - 2009-05-23 00:21 - 00149536 ____A (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2013-07-15 17:32 - 2009-05-23 00:20 - 01603104 ____A (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2013-07-15 17:32 - 2009-05-23 00:20 - 01163296 ____A (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2013-07-15 17:32 - 2009-05-23 00:20 - 00417824 ____A (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2013-07-15 17:32 - 2009-05-23 00:20 - 00058400 ____A (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInst64.dll
2013-07-15 17:32 - 2009-04-16 17:23 - 00540672 ____A (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2013-07-15 17:32 - 2009-04-16 10:13 - 00166400 ____A (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2013-07-15 17:32 - 2009-03-31 14:02 - 00108032 ____A (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2013-07-15 17:32 - 2009-03-09 05:32 - 00304640 ____A (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2013-07-15 17:32 - 2009-03-09 05:30 - 00304640 ____A (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2013-07-15 17:32 - 2009-02-12 17:14 - 00176640 ____A (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\FMAPO64.dll
2013-07-15 17:32 - 2008-11-09 11:57 - 00311296 ____A (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2013-07-15 17:32 - 2008-04-30 08:48 - 00193536 ____A (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2013-07-15 17:32 - 2007-07-25 09:34 - 00150528 ____A (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2013-07-15 17:32 - 2007-05-17 11:26 - 00211376 ____A (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2013-07-15 17:32 - 2006-12-13 10:30 - 00513536 ____A (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2013-07-13 23:06 - 2013-07-13 23:06 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Apple
2013-07-11 02:41 - 2013-07-11 02:41 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\NVIDIA
2013-07-11 01:37 - 2013-07-11 01:37 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Adobe
2013-07-11 00:57 - 2013-07-15 12:47 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Windows Live
2013-07-11 00:57 - 2013-07-11 00:57 - 00082944 ____A C:\Users\Kleines Flausch\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-11 00:57 - 2013-07-11 00:57 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Windows Live Writer
2013-07-11 00:57 - 2013-07-11 00:57 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Windows Live Writer
2013-07-11 00:47 - 2013-07-11 00:47 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Opera Software
2013-07-11 00:47 - 2013-07-11 00:47 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Opera Software
2013-07-11 00:45 - 2013-07-15 20:25 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Skype
2013-07-11 00:45 - 2013-07-11 00:45 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Macromedia
2013-07-11 00:44 - 2013-07-11 00:44 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\TuneUp Software
2013-07-11 00:44 - 2013-07-11 00:44 - 00000000 ____D C:\Intel
2013-07-11 00:41 - 2013-07-15 20:25 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\stickies
2013-07-11 00:41 - 2013-07-11 00:41 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Apple Computer
2013-07-11 00:41 - 2013-07-11 00:41 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Toshiba
2013-07-11 00:39 - 2013-07-13 23:11 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\VirtualStore
2013-07-11 00:39 - 2013-07-11 01:37 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Adobe
2013-07-11 00:39 - 2013-07-11 00:39 - 00000020 ___SH C:\Users\Kleines Flausch\ntuser.ini
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Vorlagen
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Startmenü
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Netzwerkumgebung
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Lokale Einstellungen
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Eigene Dateien
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Druckumgebung
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Documents\Eigene Musik
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Documents\Eigene Bilder
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\AppData\Local\Verlauf
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\AppData\Local\Anwendungsdaten
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Anwendungsdaten
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 ____D C:\Users\Kleines Flausch
2013-07-11 00:39 - 2013-07-10 00:44 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Microsoft Help
2013-07-11 00:30 - 2013-07-11 00:30 - 00013338 ____A C:\Users\***\Desktop\FRSK.7z
2013-07-11 00:27 - 2013-07-11 00:27 - 00015501 ____A C:\Users\***\Desktop\Desktop.zip
2013-07-11 00:09 - 2013-07-11 00:09 - 00000000 ____D C:\FRST
2013-07-10 19:12 - 2013-07-10 19:12 - 00003852 ____A C:\Windows\System32\Tasks\FileHippo.com-Online-Aktualisierungsprogramm
2013-07-10 19:10 - 2013-07-10 19:10 - 00002770 ____A C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2013-07-10 18:53 - 2013-07-10 18:53 - 01776889 ____A (Farbar) C:\Users\***\Desktop\FRST64.exe
2013-07-10 08:09 - 2013-07-10 08:09 - 00003042 ____A C:\Windows\System32\Tasks\PandaUSBVaccine
2013-07-10 08:09 - 2013-07-10 08:09 - 00000000 ____D C:\ProgramData\Panda Security
2013-07-10 08:04 - 2013-07-10 08:04 - 00000000 ____D C:\Program Files\Cygnus Software
2013-07-10 07:51 - 2013-07-10 07:51 - 00000000 ___RD C:\Sandbox
2013-07-10 07:49 - 2013-07-15 20:27 - 00001928 ____A C:\Windows\Sandboxie.ini
2013-07-10 07:49 - 2013-07-10 07:49 - 00000914 ____A C:\Users\***\Desktop\Sandboxed Web Browser.lnk
2013-07-10 07:49 - 2013-07-10 07:49 - 00000000 ____D C:\Program Files\Sandboxie
2013-07-10 07:48 - 2013-07-10 07:48 - 00002003 ____A C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
2013-07-10 07:22 - 2013-07-11 00:29 - 00036747 ____A C:\Users\***\Desktop\Desktop.7z
2013-07-10 07:09 - 2013-07-10 20:18 - 00001363 ____A C:\Users\***\Desktop\Windows Error Lookup Tool.exe - Verknüpfung.lnk
2013-07-10 06:47 - 2013-07-10 06:47 - 00000000 ____D C:\Program Files\7-Zip
2013-07-10 05:46 - 2013-07-10 05:46 - 00377856 ____A C:\Users\***\Desktop\gmer_2.1.19163.exe
2013-07-10 05:42 - 2013-07-10 05:42 - 00000000 ____A C:\Users\***\defogger_reenable
2013-07-10 05:41 - 2013-07-10 05:41 - 00050477 ____A C:\Users\***\Desktop\Defogger.exe
2013-07-10 05:36 - 2013-07-10 05:36 - 00602112 ____A (OldTimer Tools) C:\Users\***\Desktop\OTL.exe
2013-07-10 04:21 - 2013-07-10 04:21 - 00000000 ____D C:\ProgramData\DualMonitor
2013-07-10 04:03 - 2013-07-10 04:03 - 00000000 ____D C:\Users\***\AppData\Roaming\Dual Monitor
2013-07-10 03:34 - 2013-07-10 03:34 - 00002109 ____A C:\Users\Public\Desktop\Nero Kwik Media.lnk
2013-07-10 03:19 - 2013-07-10 03:19 - 00000000 ____D C:\Users\***\Documents\Apowersoft Free Screen Recorder
2013-07-10 03:18 - 2013-06-01 20:07 - 00443568 ___AH (Bytescout) C:\Windows\SysWOW64\ApowersoftScreenCapturing.dll
2013-07-10 03:18 - 2013-06-01 20:07 - 00271536 ___AH (Bytescout) C:\Windows\SysWOW64\ApowersoftScreenCapturingFilter.dll
2013-07-10 03:18 - 2013-06-01 20:07 - 00181424 ___AH (Bytescout) C:\Windows\SysWOW64\ApowersoftVideoMixerFilter.dll
2013-07-10 03:18 - 2013-06-01 13:56 - 00031920 ____A (Wondershare) C:\Windows\system32\Drivers\Apowersoft_AudioDevice.sys
2013-07-10 03:17 - 2013-07-10 03:17 - 00000000 ____D C:\Users\***\AppData\Roaming\Apowersoft
2013-07-10 03:11 - 2013-07-10 03:11 - 00000000 ____D C:\Users\***\AppData\Local\Google
2013-07-10 03:10 - 2013-07-10 04:23 - 00000000 ____D C:\ProgramData\eSafe
2013-07-10 03:10 - 2013-07-10 03:10 - 00000000 ____D C:\Users\***\AppData\Roaming\SimilarSites
2013-07-10 03:07 - 2013-07-15 20:26 - 00000000 ____D C:\Users\***\AppData\Roaming\stickies
2013-07-10 03:07 - 2013-07-10 03:07 - 00000625 ____A C:\Windows\uninstallstickies.bat
2013-07-10 03:06 - 2013-07-15 20:27 - 00002868 ____A C:\Windows\System32\Tasks\SlimDrivers Startup
2013-07-10 03:06 - 2013-07-15 20:27 - 00000426 ____A C:\Windows\Tasks\SlimDrivers Startup.job
2013-07-10 03:06 - 2013-07-15 20:26 - 00016152 ____A C:\Windows\system32\Drivers\SWDUMon.sys
2013-07-10 03:06 - 2013-07-10 03:06 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2013-07-10 03:06 - 2013-07-10 03:06 - 00000000 ____D C:\Users\***\AppData\Local\SlimWare Utilities Inc
2013-07-10 03:05 - 2013-07-10 03:05 - 00000987 ____A C:\Users\***\Desktop\RecycleBinEx.lnk
2013-07-10 03:03 - 2013-07-10 03:03 - 00003310 ____A C:\Windows\System32\Tasks\RunAsStdUser Task
2013-07-10 03:03 - 2013-07-10 03:03 - 00001257 ____A C:\Users\***\Desktop\Moo0 Connection Watcher 1.55.lnk
2013-07-10 03:03 - 2013-07-10 03:03 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Moo0
2013-07-10 02:58 - 2013-07-10 02:58 - 00000796 ____A C:\Users\***\Desktop\Listary.lnk
2013-07-10 02:58 - 2013-07-10 02:58 - 00000000 ____D C:\Users\***\AppData\Roaming\Listary
2013-07-10 02:58 - 2013-07-10 02:58 - 00000000 ____D C:\Program Files\Listary
2013-07-10 02:55 - 2013-07-10 02:55 - 00001969 ____A C:\Users\Public\Desktop\LauschAngriff.lnk
2013-07-10 02:55 - 2013-07-10 02:55 - 00000020 ____A C:\Windows\LauschAngriff.ini
2013-07-10 02:54 - 2013-07-10 02:54 - 00000000 ___RD C:\Users\***\Documents\Notes
2013-07-10 02:54 - 2013-07-10 02:54 - 00000000 ____D C:\Users\***\AppData\Local\Tools&More
2013-07-10 02:53 - 2013-07-10 02:53 - 00001942 ____A C:\Users\Public\Desktop\Joe.lnk
2013-07-10 02:53 - 2013-07-10 02:53 - 00000000 ____D C:\Windows\Downloaded Installations
2013-07-10 02:51 - 2013-07-10 02:51 - 00037897 ____A C:\Windows\Hardcopy.log
2013-07-10 02:51 - 2013-07-10 02:51 - 00003172 ____A C:\Windows\System32\Tasks\hcdll2_ex_Win32
2013-07-10 02:51 - 2013-07-10 02:51 - 00003168 ____A C:\Windows\System32\Tasks\hcdll2_ex_x64
2013-07-10 02:51 - 2013-07-10 02:51 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hardcopy - Bildschirmausdruck
2013-07-10 02:51 - 2012-07-12 07:18 - 01707520 ____A (www.sw4you.de Siegfried Weckmann) C:\Windows\SwSetupu.exe
2013-07-10 02:12 - 2013-07-10 04:02 - 00000081 ____A C:\Windows\spwdrhgsa.INI
2013-07-10 02:00 - 2013-07-10 02:00 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-07-10 01:51 - 2012-08-29 14:06 - 00016696 ____A (Nero AG) C:\Windows\system32\Drivers\NBVolUp.sys
2013-07-10 01:50 - 2012-08-29 13:59 - 00073016 ____A (Nero AG) C:\Windows\system32\Drivers\NBVol.sys
2013-07-10 01:48 - 2013-07-10 01:48 - 00000000 ____D C:\Users\***\AppData\Local\Nero_AG
2013-07-10 01:26 - 2013-07-10 01:26 - 00000000 ____D C:\Users\***\AppData\Roaming\Nero
2013-07-10 01:10 - 2013-07-10 01:11 - 00000000 ____D C:\Windows\system32\MRT
2013-07-10 00:57 - 2013-07-10 00:57 - 00056072 ____A (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2013-07-10 00:57 - 2013-07-10 00:57 - 00047368 ____A (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll
2013-07-10 00:57 - 2013-07-10 00:57 - 00000000 ____D C:\Users\***\AppData\Local\Comodo
2013-07-10 00:56 - 2013-07-10 00:56 - 01700352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2013-07-10 00:56 - 2013-07-10 00:56 - 01060864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2013-07-10 00:56 - 2013-07-10 00:56 - 00348160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2013-07-10 00:48 - 2013-06-12 01:43 - 14329856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-10 00:48 - 2013-06-12 01:43 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-10 00:48 - 2013-06-12 01:43 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-10 00:48 - 2013-06-12 01:43 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-10 00:48 - 2013-06-12 01:43 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-10 00:48 - 2013-06-12 01:43 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-10 00:48 - 2013-06-12 01:43 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-10 00:48 - 2013-06-12 01:42 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-10 00:48 - 2013-06-12 01:42 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-10 00:48 - 2013-06-12 01:42 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-10 00:48 - 2013-06-12 01:42 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-10 00:48 - 2013-06-12 01:42 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-10 00:48 - 2013-06-12 01:42 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-10 00:48 - 2013-06-12 01:26 - 02241024 ____A (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-10 00:48 - 2013-06-12 01:26 - 01365504 ____A (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-10 00:48 - 2013-06-12 01:26 - 00051712 ____A (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-10 00:48 - 2013-06-12 01:25 - 19238912 ____A (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-10 00:48 - 2013-06-12 01:25 - 15404032 ____A (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-10 00:48 - 2013-06-12 01:25 - 03958784 ____A (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-10 00:48 - 2013-06-12 01:25 - 02648576 ____A (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-10 00:48 - 2013-06-12 01:25 - 00855552 ____A (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-10 00:48 - 2013-06-12 01:25 - 00603136 ____A (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-10 00:48 - 2013-06-12 01:25 - 00526336 ____A (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-10 00:48 - 2013-06-12 01:25 - 00136704 ____A (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-10 00:48 - 2013-06-12 01:25 - 00067072 ____A (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-10 00:48 - 2013-06-12 01:25 - 00053248 ____A (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-10 00:48 - 2013-06-12 01:25 - 00039936 ____A (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-10 00:48 - 2013-06-12 00:51 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-10 00:48 - 2013-06-12 00:50 - 00089600 ____A (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-10 00:48 - 2013-06-07 05:22 - 02706432 ____A (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-10 00:48 - 2013-06-07 04:37 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-10 00:44 - 2013-07-10 00:44 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-07-10 00:44 - 2013-07-10 00:44 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-07-10 00:42 - 2013-06-05 05:34 - 03153920 ____A (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-10 00:42 - 2013-06-04 08:00 - 00624128 ____A (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-10 00:42 - 2013-06-04 06:53 - 00509440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 00:42 - 2013-05-06 08:03 - 01887744 ____A (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 00:42 - 2013-05-06 06:56 - 01620480 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-10 00:41 - 2013-04-10 01:34 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 00:41 - 2013-04-03 00:51 - 01643520 ____A (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-07 15:17 - 2013-07-07 15:17 - 00000017 ____A C:\Users\***\AppData\Local\resmon.resmoncfg
2013-07-07 14:51 - 2009-06-04 18:54 - 00408600 ____A (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys
2013-07-06 02:41 - 2012-11-29 17:06 - 00037216 ____A (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2013-07-06 02:41 - 2012-11-29 17:06 - 00029536 ____A (TuneUp Software) C:\Windows\SysWOW64\uxtuneup.dll
2013-07-06 02:40 - 2012-11-29 17:06 - 00034656 ____A (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2013-07-06 02:40 - 2012-11-29 17:06 - 00025952 ____A (TuneUp Software) C:\Windows\system32\authuitu.dll
2013-07-06 02:40 - 2012-11-29 17:06 - 00021344 ____A (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2013-07-06 02:39 - 2013-07-10 07:45 - 00000000 ____D C:\Users\***\AppData\Roaming\TuneUp Software
2013-07-06 02:36 - 2013-07-06 02:39 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-07-06 02:09 - 2013-07-10 03:34 - 00000000 ____D C:\ProgramData\Nero
2013-07-06 01:42 - 2010-05-26 11:41 - 01998168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2013-07-06 01:42 - 2010-05-26 11:41 - 01868128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2013-07-06 01:42 - 2010-05-26 11:41 - 00470880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2013-07-06 01:42 - 2009-09-04 17:29 - 01974616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2013-07-06 01:42 - 2009-09-04 17:29 - 01892184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2013-07-06 01:41 - 2008-10-15 06:22 - 04379984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2013-07-06 01:41 - 2007-07-19 18:14 - 03727720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2013-07-06 01:41 - 2007-05-16 16:45 - 03497832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2013-07-06 01:41 - 2006-03-31 12:40 - 02388176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2013-07-05 23:34 - 2013-07-05 23:34 - 00000000 ____D C:\Program Files\iTunes
2013-07-05 23:34 - 2012-08-21 13:01 - 00033240 ____A (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2013-07-05 23:30 - 2013-07-05 23:32 - 00000000 ____D C:\Windows\system32\appmgmt
2013-07-05 23:16 - 2013-07-10 02:36 - 00000000 ____D C:\ProgramData\Adobe
2013-07-05 23:16 - 2004-12-19 06:32 - 00038229 ____N (Generic) C:\Windows\SysWOW64\Drivers\StMp3Rec.sys
2013-07-05 23:13 - 2013-07-05 23:37 - 00000000 ____D C:\Users\***\AppData\Roaming\Apple Computer
2013-07-05 23:13 - 2013-07-05 23:13 - 00000000 ____D C:\Users\***\AppData\Local\Apple Computer
2013-07-05 23:12 - 2013-07-10 02:00 - 00000000 ____D C:\ProgramData\Apple Computer
2013-07-05 23:12 - 2013-07-05 23:12 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-07-05 23:12 - 2013-07-05 23:12 - 00000000 ____D C:\Users\***\AppData\Local\Apple
2013-07-05 23:12 - 2013-07-05 23:12 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-07-05 23:11 - 2013-07-05 23:12 - 00000000 ____D C:\ProgramData\Apple
2013-07-05 23:11 - 2013-07-05 23:11 - 00000000 ____D C:\Program Files\Bonjour
2013-07-05 23:10 - 2013-07-10 01:02 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-05 23:06 - 2013-07-05 23:06 - 00003062 ____A C:\Windows\System32\Tasks\{BD19309D-E1CE-4D04-A172-796E35440276}
2013-07-05 22:52 - 2013-07-05 22:52 - 00000000 ____D C:\Users\***\AppData\Roaming\Windows Live Writer
2013-07-05 22:52 - 2013-07-05 22:52 - 00000000 ____D C:\Users\***\AppData\Local\Windows Live Writer
2013-07-05 22:51 - 2013-07-05 22:51 - 00000000 ____D C:\Windows\de
2013-07-05 22:47 - 2013-07-05 22:47 - 00000000 ____D C:\Program Files\Windows Live
2013-07-05 22:42 - 2010-06-02 04:55 - 00527192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2013-07-05 22:42 - 2010-06-02 04:55 - 00518488 ____A (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2013-07-05 22:42 - 2010-06-02 04:55 - 00077656 ____A (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2013-07-05 22:42 - 2010-06-02 04:55 - 00074072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2013-07-05 22:42 - 2010-05-26 11:41 - 02526056 ____A (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2013-07-05 22:42 - 2010-05-26 11:41 - 02106216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2013-07-05 22:42 - 2010-05-26 11:41 - 00276832 ____A (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2013-07-05 22:42 - 2010-05-26 11:41 - 00248672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2013-07-05 22:41 - 2009-09-04 17:29 - 00523088 ____A (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2013-07-05 22:41 - 2009-09-04 17:29 - 00453456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2013-07-05 22:39 - 2006-11-29 13:06 - 04398360 ____A (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2013-07-05 22:39 - 2006-11-29 13:06 - 03426072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2013-07-05 22:37 - 2013-07-10 18:48 - 00000000 ____D C:\Users\***\AppData\Local\Windows Live
2013-06-21 05:16 - 2013-06-21 05:16 - 00566048 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe

==================== One Month Modified Files and Folders =======

2013-07-15 20:27 - 2013-07-10 07:49 - 00001928 ____A C:\Windows\Sandboxie.ini
2013-07-15 20:27 - 2013-07-10 03:06 - 00002868 ____A C:\Windows\System32\Tasks\SlimDrivers Startup
2013-07-15 20:27 - 2013-07-10 03:06 - 00000426 ____A C:\Windows\Tasks\SlimDrivers Startup.job
2013-07-15 20:26 - 2013-07-10 03:07 - 00000000 ____D C:\Users\***\AppData\Roaming\stickies
2013-07-15 20:26 - 2013-07-10 03:06 - 00016152 ____A C:\Windows\system32\Drivers\SWDUMon.sys
2013-07-15 20:26 - 2013-05-07 07:21 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-15 20:26 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-15 20:26 - 2009-07-14 06:51 - 00030207 ____A C:\Windows\setupact.log
2013-07-15 20:25 - 2013-07-11 00:45 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Skype
2013-07-15 20:25 - 2013-07-11 00:41 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\stickies
2013-07-15 20:25 - 2013-05-07 07:15 - 01733508 ____A C:\Windows\WindowsUpdate.log
2013-07-15 20:23 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-07-15 20:02 - 2013-07-15 19:28 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Nero
2013-07-15 19:28 - 2013-07-15 19:28 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Nero_AG
2013-07-15 19:28 - 2013-07-15 19:28 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Nero
2013-07-15 18:46 - 2013-07-15 18:46 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Logitech® Webcam-Software
2013-07-15 17:33 - 2013-07-15 17:33 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-07-15 17:33 - 2013-07-15 17:33 - 00000000 ____D C:\Program Files\Realtek
2013-07-15 17:32 - 2013-07-15 17:32 - 00001769 ____A C:\Windows\Language_trs.ini
2013-07-15 12:47 - 2013-07-11 00:57 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Windows Live
2013-07-15 01:15 - 2009-07-14 06:45 - 00015120 ___AH C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-15 01:15 - 2009-07-14 06:45 - 00015120 ___AH C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-14 00:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-07-13 23:11 - 2013-07-11 00:39 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\VirtualStore
2013-07-13 23:06 - 2013-07-13 23:06 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Apple
2013-07-11 02:41 - 2013-07-11 02:41 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\NVIDIA
2013-07-11 02:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-11 01:37 - 2013-07-11 01:37 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Adobe
2013-07-11 01:37 - 2013-07-11 00:39 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Adobe
2013-07-11 00:57 - 2013-07-11 00:57 - 00082944 ____A C:\Users\Kleines Flausch\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-11 00:57 - 2013-07-11 00:57 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Windows Live Writer
2013-07-11 00:57 - 2013-07-11 00:57 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Windows Live Writer
2013-07-11 00:47 - 2013-07-11 00:47 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Opera Software
2013-07-11 00:47 - 2013-07-11 00:47 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Opera Software
2013-07-11 00:45 - 2013-07-11 00:45 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Macromedia
2013-07-11 00:44 - 2013-07-11 00:44 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\TuneUp Software
2013-07-11 00:44 - 2013-07-11 00:44 - 00000000 ____D C:\Intel
2013-07-11 00:41 - 2013-07-11 00:41 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Apple Computer
2013-07-11 00:41 - 2013-07-11 00:41 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Toshiba
2013-07-11 00:39 - 2013-07-11 00:39 - 00000020 ___SH C:\Users\Kleines Flausch\ntuser.ini
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Vorlagen
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Startmenü
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Netzwerkumgebung
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Lokale Einstellungen
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Eigene Dateien
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Druckumgebung
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Documents\Eigene Musik
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Documents\Eigene Bilder
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\AppData\Local\Verlauf
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\AppData\Local\Anwendungsdaten
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Anwendungsdaten
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 ____D C:\Users\Kleines Flausch
2013-07-11 00:30 - 2013-07-11 00:30 - 00013338 ____A C:\Users\***\Desktop\FRSK.7z
2013-07-11 00:29 - 2013-07-10 07:22 - 00036747 ____A C:\Users\***\Desktop\Desktop.7z
2013-07-11 00:27 - 2013-07-11 00:27 - 00015501 ____A C:\Users\***\Desktop\Desktop.zip
2013-07-11 00:09 - 2013-07-11 00:09 - 00000000 ____D C:\FRST
2013-07-11 00:04 - 2009-07-14 19:58 - 00696620 ____A C:\Windows\system32\perfh007.dat
2013-07-11 00:04 - 2009-07-14 19:58 - 00147916 ____A C:\Windows\system32\perfc007.dat
2013-07-11 00:04 - 2009-07-14 07:13 - 01612484 ____A C:\Windows\system32\PerfStringBackup.INI
2013-07-10 23:11 - 2013-05-07 21:57 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-07-10 20:18 - 2013-07-10 07:09 - 00001363 ____A C:\Users\***\Desktop\Windows Error Lookup Tool.exe - Verknüpfung.lnk
2013-07-10 20:16 - 2013-05-07 18:09 - 00020452 ____A C:\Windows\PFRO.log
2013-07-10 19:48 - 2013-05-07 07:22 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-10 19:48 - 2013-05-07 07:22 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-10 19:48 - 2013-05-07 07:21 - 00000000 ____D C:\Users\***\AppData\Local\Adobe
2013-07-10 19:29 - 2013-05-07 09:18 - 00000000 ____D C:\Users\***\AppData\Roaming\Skype
2013-07-10 19:12 - 2013-07-10 19:12 - 00003852 ____A C:\Windows\System32\Tasks\FileHippo.com-Online-Aktualisierungsprogramm
2013-07-10 19:10 - 2013-07-10 19:10 - 00002770 ____A C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2013-07-10 18:53 - 2013-07-10 18:53 - 01776889 ____A (Farbar) C:\Users\***\Desktop\FRST64.exe
2013-07-10 18:48 - 2013-07-05 22:37 - 00000000 ____D C:\Users\***\AppData\Local\Windows Live
2013-07-10 08:09 - 2013-07-10 08:09 - 00003042 ____A C:\Windows\System32\Tasks\PandaUSBVaccine
2013-07-10 08:09 - 2013-07-10 08:09 - 00000000 ____D C:\ProgramData\Panda Security
2013-07-10 08:04 - 2013-07-10 08:04 - 00000000 ____D C:\Program Files\Cygnus Software
2013-07-10 07:51 - 2013-07-10 07:51 - 00000000 ___RD C:\Sandbox
2013-07-10 07:49 - 2013-07-10 07:49 - 00000914 ____A C:\Users\***\Desktop\Sandboxed Web Browser.lnk
2013-07-10 07:49 - 2013-07-10 07:49 - 00000000 ____D C:\Program Files\Sandboxie
2013-07-10 07:48 - 2013-07-10 07:48 - 00002003 ____A C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
2013-07-10 07:45 - 2013-07-06 02:39 - 00000000 ____D C:\Users\***\AppData\Roaming\TuneUp Software
2013-07-10 06:47 - 2013-07-10 06:47 - 00000000 ____D C:\Program Files\7-Zip
2013-07-10 05:46 - 2013-07-10 05:46 - 00377856 ____A C:\Users\***\Desktop\gmer_2.1.19163.exe
2013-07-10 05:42 - 2013-07-10 05:42 - 00000000 ____A C:\Users\***\defogger_reenable
2013-07-10 05:42 - 2013-05-07 07:15 - 00000000 ____D C:\Users\***
2013-07-10 05:41 - 2013-07-10 05:41 - 00050477 ____A C:\Users\***\Desktop\Defogger.exe
2013-07-10 05:36 - 2013-07-10 05:36 - 00602112 ____A (OldTimer Tools) C:\Users\***\Desktop\OTL.exe
2013-07-10 05:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Registration
2013-07-10 05:11 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2013-07-10 05:01 - 2013-06-07 05:38 - 00000193 ____A C:\Windows\spwdrgaa.INI
2013-07-10 04:23 - 2013-07-10 03:10 - 00000000 ____D C:\ProgramData\eSafe
2013-07-10 04:21 - 2013-07-10 04:21 - 00000000 ____D C:\ProgramData\DualMonitor
2013-07-10 04:03 - 2013-07-10 04:03 - 00000000 ____D C:\Users\***\AppData\Roaming\Dual Monitor
2013-07-10 04:02 - 2013-07-10 02:12 - 00000081 ____A C:\Windows\spwdrhgsa.INI
2013-07-10 03:34 - 2013-07-10 03:34 - 00002109 ____A C:\Users\Public\Desktop\Nero Kwik Media.lnk
2013-07-10 03:34 - 2013-07-06 02:09 - 00000000 ____D C:\ProgramData\Nero
2013-07-10 03:27 - 2009-07-14 06:45 - 00335528 ____A C:\Windows\system32\FNTCACHE.DAT
2013-07-10 03:19 - 2013-07-10 03:19 - 00000000 ____D C:\Users\***\Documents\Apowersoft Free Screen Recorder
2013-07-10 03:17 - 2013-07-10 03:17 - 00000000 ____D C:\Users\***\AppData\Roaming\Apowersoft
2013-07-10 03:11 - 2013-07-10 03:11 - 00000000 ____D C:\Users\***\AppData\Local\Google
2013-07-10 03:11 - 2013-05-07 07:25 - 00082944 ____A C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-10 03:10 - 2013-07-10 03:10 - 00000000 ____D C:\Users\***\AppData\Roaming\SimilarSites
2013-07-10 03:07 - 2013-07-10 03:07 - 00000625 ____A C:\Windows\uninstallstickies.bat
2013-07-10 03:06 - 2013-07-10 03:06 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2013-07-10 03:06 - 2013-07-10 03:06 - 00000000 ____D C:\Users\***\AppData\Local\SlimWare Utilities Inc
2013-07-10 03:05 - 2013-07-10 03:05 - 00000987 ____A C:\Users\***\Desktop\RecycleBinEx.lnk
2013-07-10 03:03 - 2013-07-10 03:03 - 00003310 ____A C:\Windows\System32\Tasks\RunAsStdUser Task
2013-07-10 03:03 - 2013-07-10 03:03 - 00001257 ____A C:\Users\***\Desktop\Moo0 Connection Watcher 1.55.lnk
2013-07-10 03:03 - 2013-07-10 03:03 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Moo0
2013-07-10 03:03 - 2013-05-07 07:16 - 00000000 ___RD C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-10 02:58 - 2013-07-10 02:58 - 00000796 ____A C:\Users\***\Desktop\Listary.lnk
2013-07-10 02:58 - 2013-07-10 02:58 - 00000000 ____D C:\Users\***\AppData\Roaming\Listary
2013-07-10 02:58 - 2013-07-10 02:58 - 00000000 ____D C:\Program Files\Listary
2013-07-10 02:55 - 2013-07-10 02:55 - 00001969 ____A C:\Users\Public\Desktop\LauschAngriff.lnk
2013-07-10 02:55 - 2013-07-10 02:55 - 00000020 ____A C:\Windows\LauschAngriff.ini
2013-07-10 02:54 - 2013-07-10 02:54 - 00000000 ___RD C:\Users\***\Documents\Notes
2013-07-10 02:54 - 2013-07-10 02:54 - 00000000 ____D C:\Users\***\AppData\Local\Tools&More
2013-07-10 02:53 - 2013-07-10 02:53 - 00001942 ____A C:\Users\Public\Desktop\Joe.lnk
2013-07-10 02:53 - 2013-07-10 02:53 - 00000000 ____D C:\Windows\Downloaded Installations
2013-07-10 02:51 - 2013-07-10 02:51 - 00037897 ____A C:\Windows\Hardcopy.log
2013-07-10 02:51 - 2013-07-10 02:51 - 00003172 ____A C:\Windows\System32\Tasks\hcdll2_ex_Win32
2013-07-10 02:51 - 2013-07-10 02:51 - 00003168 ____A C:\Windows\System32\Tasks\hcdll2_ex_x64
2013-07-10 02:51 - 2013-07-10 02:51 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hardcopy - Bildschirmausdruck
2013-07-10 02:36 - 2013-07-05 23:16 - 00000000 ____D C:\ProgramData\Adobe
2013-07-10 02:35 - 2013-05-07 07:22 - 00000000 ____D C:\Users\***\AppData\Roaming\Adobe
2013-07-10 02:00 - 2013-07-10 02:00 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-07-10 02:00 - 2013-07-05 23:12 - 00000000 ____D C:\ProgramData\Apple Computer
2013-07-10 01:48 - 2013-07-10 01:48 - 00000000 ____D C:\Users\***\AppData\Local\Nero_AG
2013-07-10 01:29 - 2013-05-07 21:43 - 00000000 ____D C:\Users\***\AppData\Local\CrashDumps
2013-07-10 01:26 - 2013-07-10 01:26 - 00000000 ____D C:\Users\***\AppData\Roaming\Nero
2013-07-10 01:11 - 2013-07-10 01:10 - 00000000 ____D C:\Windows\system32\MRT
2013-07-10 01:02 - 2013-07-05 23:10 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-10 01:01 - 2009-07-14 20:18 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-10 01:01 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-10 00:57 - 2013-07-10 00:57 - 00056072 ____A (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2013-07-10 00:57 - 2013-07-10 00:57 - 00047368 ____A (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll
2013-07-10 00:57 - 2013-07-10 00:57 - 00000000 ____D C:\Users\***\AppData\Local\Comodo
2013-07-10 00:56 - 2013-07-10 00:56 - 01700352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2013-07-10 00:56 - 2013-07-10 00:56 - 01060864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2013-07-10 00:56 - 2013-07-10 00:56 - 00348160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2013-07-10 00:44 - 2013-07-11 00:39 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Microsoft Help
2013-07-10 00:44 - 2013-07-10 00:44 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-07-10 00:44 - 2013-07-10 00:44 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-07-10 00:44 - 2013-05-07 22:21 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-07 15:17 - 2013-07-07 15:17 - 00000017 ____A C:\Users\***\AppData\Local\resmon.resmoncfg
2013-07-06 02:39 - 2013-07-06 02:36 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-07-06 02:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Cursors
2013-07-06 01:40 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-07-05 23:37 - 2013-07-05 23:13 - 00000000 ____D C:\Users\***\AppData\Roaming\Apple Computer
2013-07-05 23:36 - 2013-05-07 07:16 - 00000000 ____D C:\Users\***\AppData\Local\VirtualStore
2013-07-05 23:34 - 2013-07-05 23:34 - 00000000 ____D C:\Program Files\iTunes
2013-07-05 23:32 - 2013-07-05 23:30 - 00000000 ____D C:\Windows\system32\appmgmt
2013-07-05 23:13 - 2013-07-05 23:13 - 00000000 ____D C:\Users\***\AppData\Local\Apple Computer
2013-07-05 23:12 - 2013-07-05 23:12 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-07-05 23:12 - 2013-07-05 23:12 - 00000000 ____D C:\Users\***\AppData\Local\Apple
2013-07-05 23:12 - 2013-07-05 23:12 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-07-05 23:12 - 2013-07-05 23:11 - 00000000 ____D C:\ProgramData\Apple
2013-07-05 23:11 - 2013-07-05 23:11 - 00000000 ____D C:\Program Files\Bonjour
2013-07-05 23:06 - 2013-07-05 23:06 - 00003062 ____A C:\Windows\System32\Tasks\{BD19309D-E1CE-4D04-A172-796E35440276}
2013-07-05 22:52 - 2013-07-05 22:52 - 00000000 ____D C:\Users\***\AppData\Roaming\Windows Live Writer
2013-07-05 22:52 - 2013-07-05 22:52 - 00000000 ____D C:\Users\***\AppData\Local\Windows Live Writer
2013-07-05 22:51 - 2013-07-05 22:51 - 00000000 ____D C:\Windows\de
2013-07-05 22:47 - 2013-07-05 22:47 - 00000000 ____D C:\Program Files\Windows Live
2013-06-24 00:57 - 2013-05-07 14:00 - 78277128 ____A (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-06-21 14:06 - 2013-05-07 21:18 - 27781920 ____A (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 25256224 ____A (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 21102368 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 17560352 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 15144928 ____A (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 13411896 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 11235104 ____A (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-06-21 14:06 - 2013-05-07 21:18 - 09239344 ____A (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 07687592 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 07641832 ____A (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 06324360 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 02953504 ____A (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 02777888 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 02363680 ____A (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 02002720 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 01832224 ____A (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 01511712 ____A (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 00925648 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 00572704 ____A (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 00570656 ____A (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 00467232 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 00465184 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 00266448 ____A (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 00218592 ____A (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 00214448 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 00181488 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-06-21 14:06 - 2013-05-07 07:20 - 00061216 ____A (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-06-21 14:06 - 2013-05-07 07:20 - 00053024 ____A (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-06-21 14:06 - 2013-02-26 00:32 - 15920536 ____A (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-06-21 14:06 - 2013-02-26 00:32 - 12427240 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-06-21 14:06 - 2013-02-26 00:32 - 02936208 ____A (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-06-21 14:06 - 2013-02-26 00:32 - 02597856 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-06-21 14:06 - 2013-02-26 00:32 - 01059560 ____A (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-06-21 14:06 - 2013-02-26 00:32 - 00021578 ____A C:\Windows\system32\nvinfo.pb
2013-06-21 12:23 - 2013-05-07 07:20 - 06496544 ____A (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-06-21 12:23 - 2013-05-07 07:20 - 03514656 ____A (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-06-21 12:23 - 2013-05-07 07:20 - 02555680 ____A (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-06-21 12:23 - 2013-05-07 07:20 - 00884512 ____A (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-06-21 12:23 - 2013-05-07 07:20 - 00237856 ____A (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-06-21 12:23 - 2013-05-07 07:20 - 00063776 ____A (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-06-21 05:16 - 2013-06-21 05:16 - 00566048 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-06-20 06:17 - 2013-05-07 07:20 - 03253909 ____A C:\Windows\system32\nvcoproc.bin

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-14 00:28

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Hallo!

Ich hoffe das passt jetzt so. Ich hab ein bissl Probleme mit meiner Tastatur einstellung. Nicht alles funkt so wie ich mir das vorstelle. Ausserdem - sorry das es so lange gedaeurt hat - ich hatte über das WE eine Magen Darm Grippe.

Alt 15.07.2013, 19:37   #8
schrauber
/// the machine
/// TB-Ausbilder
 

desk365 installiert - Standard

desk365 installiert



Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.07.2013, 20:36   #9
Laschmunzel
 
desk365 installiert - Standard

desk365 installiert



Hallo!

Combofix hängt nun seit 10 minuten in einem Shell Fenster und schreibt folgendes:

"Bitte warten.
ComboFix wird vorbereitet, um ausgeführt zu werden.

Versuche, einen neuen systemwiederherstellungspunkt zu erstellen"

Viren-Scanner sowie alle anderen pürogramme, die zu deaktivieren sind, sind deaktiviert. Aber es geht nichts weiter.

Lg, Laschmunzel

So!

Nach einem Neustart hat Combofix gearbeitet und auch was entfernt - price peep - Logfile:

Code:
ATTFilter
ComboFix 13-07-15.01 - *** 15.07.2013  21:15:26.1.2 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.43.1031.18.8191.6834 [GMT 2:00]
ausgeführt von:: C:\Users\***\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))


C:\Program Files (x86)\PricePeep
C:\Program Files (x86)\PricePeep\installer.ico
C:\Program Files (x86)\PricePeep\prICepeep.dll
C:\Program Files (x86)\PricePeep\uninstall.exe
C:\Program Files (x86)\PricePeep\unutil.exe


(((((((((((((((((((((((   Dateien erstellt von 2013-06-15 bis 2013-07-15  ))))))))))))))))))))))))))))))


2013-07-15 19:23:16 . 2013-07-15 19:23:16	--------	d-----w-	C:\Users\UpdatusUser\AppData\Local\temp
2013-07-15 19:23:16 . 2013-07-15 19:23:16	--------	d-----w-	C:\Users\Default\AppData\Local\temp
2013-07-15 15:33:01 . 2013-07-15 15:33:01	--------	d-----w-	C:\Windows\SysWow64\RTCOM
2013-07-15 15:33:01 . 2013-07-15 15:33:01	--------	d-----w-	C:\Program Files\Realtek
2013-07-10 22:44:30 . 2013-07-10 22:44:30	--------	d-----w-	C:\Intel
2013-07-10 22:39:34 . 2013-07-10 22:39:45	--------	d-----w-	C:\Users\Kleines Flausch
2013-07-10 22:09:06 . 2013-07-10 22:09:06	--------	d-----w-	C:\FRST
2013-07-10 21:25:40 . 2013-07-10 21:25:40	--------	d-----w-	C:\Users\***\AppData\Local\ElevatedDiagnostics
2013-07-10 06:09:30 . 2013-07-10 06:09:30	--------	d-----w-	C:\ProgramData\Panda Security
2013-07-10 06:09:21 . 2013-07-10 06:09:21	--------	d-----w-	C:\Program Files (x86)\Panda USB Vaccine
2013-07-10 06:04:17 . 2013-07-10 06:04:17	--------	d-----w-	C:\Program Files\Cygnus Software
2013-07-10 05:51:17 . 2013-07-10 05:51:17	--------	d-----r-	C:\Sandbox
2013-07-10 05:49:31 . 2013-07-10 05:49:31	--------	d-----w-	C:\Program Files\Sandboxie
2013-07-10 05:48:37 . 2013-07-10 05:48:37	--------	d-----w-	C:\Program Files (x86)\FileHippo.com
2013-07-10 04:47:35 . 2013-07-10 04:47:35	--------	d-----w-	C:\Program Files\7-Zip
2013-07-10 02:21:52 . 2013-07-10 02:21:52	--------	d-----w-	C:\ProgramData\DualMonitor
2013-07-10 02:03:01 . 2013-07-10 02:03:01	--------	d-----w-	C:\Users\***\AppData\Roaming\Dual Monitor
2013-07-10 02:02:55 . 2013-07-10 02:02:55	--------	d-----w-	C:\Program Files (x86)\Dual Monitor
2013-07-10 01:18:00 . 2013-06-01 18:07:46	443568	---ha-w-	C:\Windows\SysWow64\ApowersoftScreenCapturing.dll
2013-07-10 01:18:00 . 2013-06-01 18:07:46	271536	---ha-w-	C:\Windows\SysWow64\ApowersoftScreenCapturingFilter.dll
2013-07-10 01:18:00 . 2013-06-01 18:07:46	181424	---ha-w-	C:\Windows\SysWow64\ApowersoftVideoMixerFilter.dll
2013-07-10 01:18:00 . 2013-06-01 11:56:58	31920	----a-w-	C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys
2013-07-10 01:17:59 . 2013-07-10 01:17:59	--------	d-----w-	C:\Users\***\AppData\Roaming\Apowersoft
2013-07-10 01:17:59 . 2013-07-10 01:17:59	--------	d-----w-	C:\Program Files (x86)\Apowersoft
2013-07-10 01:11:10 . 2013-07-10 01:11:10	--------	d-----w-	C:\Program Files (x86)\SimilarSites
2013-07-10 01:11:06 . 2013-07-10 01:11:06	--------	d-----w-	C:\Users\***\AppData\Local\Google
2013-07-10 01:10:55 . 2013-07-10 01:10:55	--------	d-----w-	C:\Users\***\AppData\Roaming\SimilarSites
2013-07-10 01:10:24 . 2013-07-10 02:23:20	--------	d-----w-	C:\ProgramData\eSafe
2013-07-10 01:07:25 . 2013-07-15 19:09:52	--------	d-----w-	C:\Users\***\AppData\Roaming\stickies
2013-07-10 01:07:25 . 2013-07-10 01:07:25	625	----a-w-	C:\Windows\uninstallstickies.bat
2013-07-10 01:07:23 . 2013-07-10 01:07:23	--------	d-----w-	C:\Program Files (x86)\Stickies
2013-07-10 01:06:39 . 2013-07-10 01:06:39	--------	d-----w-	C:\Users\***\AppData\Local\SlimWare Utilities Inc
2013-07-10 01:06:20 . 2013-07-10 01:06:20	--------	d-----w-	C:\Program Files (x86)\SlimDrivers
2013-07-10 01:05:01 . 2013-07-10 01:05:02	--------	d-----w-	C:\Program Files (x86)\RecycleBinEx
2013-07-10 01:03:30 . 2013-07-10 01:03:30	--------	d-----w-	C:\Program Files (x86)\Moo0
2013-07-10 00:58:14 . 2013-07-10 00:58:14	--------	d-----w-	C:\Users\***\AppData\Roaming\Listary
2013-07-10 00:58:08 . 2013-07-10 00:58:14	--------	d-----w-	C:\Program Files\Listary
2013-07-10 00:55:46 . 2013-07-10 00:55:50	--------	d-----w-	C:\Program Files (x86)\LauschAngriff
2013-07-10 00:54:39 . 2013-07-10 00:54:39	--------	d-----w-	C:\Users\***\AppData\Local\Tools&More
2013-07-10 00:53:31 . 2013-07-10 00:53:31	--------	d-----w-	C:\Program Files (x86)\Tools&More
2013-07-10 00:53:01 . 2013-07-10 00:53:01	--------	d-----w-	C:\Windows\Downloaded Installations
2013-07-10 00:51:39 . 2013-07-10 00:51:55	--------	d-----w-	C:\Program Files (x86)\Hardcopy
2013-07-10 00:51:18 . 2012-07-12 05:18:56	1707520	----a-w-	C:\Windows\SwSetupu.exe
2013-07-10 00:33:49 . 2013-07-10 00:34:06	--------	d-----w-	C:\Program Files (x86)\Common Files\Adobe
2013-07-10 00:11:28 . 2013-07-10 00:12:20	--------	d-----w-	C:\Program Files (x86)\Stellar Phoenix Windows Data Recovery neu
2013-07-10 00:09:43 . 2013-07-10 00:09:43	--------	d-----w-	C:\Users\***\AppData\Local\Programs
2013-07-10 00:04:15 . 2013-07-10 00:04:15	--------	d-----w-	C:\Program Files (x86)\Elaborate Bytes
2013-07-10 00:00:48 . 2013-07-10 00:00:48	--------	d-----w-	C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-07-09 23:51:05 . 2012-08-29 12:06:40	16696	----a-w-	C:\Windows\system32\drivers\NBVolUp.sys
2013-07-09 23:50:53 . 2012-08-29 11:59:12	73016	----a-w-	C:\Windows\system32\drivers\NBVol.sys
2013-07-09 23:48:00 . 2013-07-09 23:48:00	--------	d-----w-	C:\Users\***\AppData\Local\Nero_AG
2013-07-09 23:26:07 . 2013-07-09 23:26:07	--------	d-----w-	C:\Users\***\AppData\Roaming\Nero
2013-07-09 23:10:29 . 2013-07-09 23:11:48	--------	d-----w-	C:\Windows\system32\MRT
2013-07-09 22:57:28 . 2013-07-09 22:57:28	--------	d-----w-	C:\Users\***\AppData\Local\Comodo
2013-07-09 22:57:22 . 2013-07-09 22:57:22	56072	----a-w-	C:\Windows\system32\certsentry.dll
2013-07-09 22:57:22 . 2013-07-09 22:57:22	47368	----a-w-	C:\Windows\SysWow64\certsentry.dll
2013-07-09 22:57:18 . 2013-07-09 22:57:18	--------	d-----w-	C:\Program Files (x86)\Comodo
2013-07-09 22:56:40 . 2013-07-09 22:56:40	348160	----a-w-	C:\Windows\SysWow64\msvcr71.dll
2013-07-09 22:56:40 . 2013-07-09 22:56:40	1700352	----a-w-	C:\Windows\SysWow64\gdiplus.dll
2013-07-09 22:56:40 . 2013-07-09 22:56:40	1060864	----a-w-	C:\Windows\SysWow64\mfc71.dll
2013-07-09 22:44:54 . 2013-07-09 22:44:54	--------	d-----w-	C:\Users\Default\AppData\Local\Microsoft Help
2013-07-09 22:41:45 . 2013-04-09 23:34:01	1247744	----a-w-	C:\Windows\SysWow64\DWrite.dll
2013-07-09 22:41:45 . 2013-04-02 22:51:57	1643520	----a-w-	C:\Windows\system32\DWrite.dll
2013-07-07 12:51:25 . 2013-07-07 12:51:33	--------	d-----w-	C:\Program Files (x86)\Intel
2013-07-07 12:51:25 . 2009-06-04 16:54:36	408600	----a-w-	C:\Windows\system32\drivers\iaStor.sys
2013-07-06 00:41:01 . 2012-11-29 15:06:44	37216	----a-w-	C:\Windows\system32\uxtuneup.dll
2013-07-06 00:41:01 . 2012-11-29 15:06:44	29536	----a-w-	C:\Windows\SysWow64\uxtuneup.dll
2013-07-06 00:40:02 . 2012-11-29 15:06:48	34656	----a-w-	C:\Windows\system32\TURegOpt.exe
2013-07-06 00:40:02 . 2012-11-29 15:06:44	25952	----a-w-	C:\Windows\system32\authuitu.dll
2013-07-06 00:40:01 . 2012-11-29 15:06:44	21344	----a-w-	C:\Windows\SysWow64\authuitu.dll
2013-07-06 00:39:46 . 2013-07-10 05:45:23	--------	d-----w-	C:\Users\***\AppData\Roaming\TuneUp Software
2013-07-06 00:38:55 . 2013-07-06 00:40:58	--------	d-----w-	C:\Program Files (x86)\TuneUp Utilities 2013
2013-07-06 00:36:47 . 2013-07-06 00:39:46	--------	d-----w-	C:\ProgramData\TuneUp Software
2013-07-06 00:36:32 . 2013-07-06 00:36:32	--------	d--h--w-	C:\ProgramData\Common Files
2013-07-06 00:09:41 . 2013-07-10 01:34:10	--------	d-----w-	C:\ProgramData\Nero
2013-07-06 00:09:41 . 2013-07-10 01:34:10	--------	d-----w-	C:\Program Files (x86)\Common Files\Nero
2013-07-05 23:51:04 . 2013-07-09 23:52:45	--------	d-----w-	C:\Program Files (x86)\Nero
2013-07-05 23:42:41 . 2010-05-26 09:41:02	470880	----a-w-	C:\Windows\SysWow64\d3dx10_43.dll
2013-07-05 23:42:41 . 2010-05-26 09:41:02	1998168	----a-w-	C:\Windows\SysWow64\D3DX9_43.dll
2013-07-05 23:42:41 . 2010-05-26 09:41:02	1868128	----a-w-	C:\Windows\SysWow64\d3dcsx_43.dll
2013-07-05 23:42:25 . 2009-09-04 15:29:32	1974616	----a-w-	C:\Windows\SysWow64\D3DCompiler_42.dll
2013-07-05 23:42:09 . 2009-09-04 15:29:30	1892184	----a-w-	C:\Windows\SysWow64\D3DX9_42.dll
2013-07-05 23:41:55 . 2008-10-15 04:22:52	4379984	----a-w-	C:\Windows\SysWow64\D3DX9_40.dll
2013-07-05 23:41:41 . 2007-07-19 16:14:42	3727720	----a-w-	C:\Windows\SysWow64\d3dx9_35.dll
2013-07-05 23:41:26 . 2007-05-16 14:45:16	3497832	----a-w-	C:\Windows\SysWow64\d3dx9_34.dll
2013-07-05 21:34:14 . 2012-08-21 11:01:20	33240	----a-w-	C:\Windows\system32\drivers\GEARAspiWDM.sys
2013-07-05 21:13:16 . 2013-07-05 21:37:46	--------	d-----w-	C:\Users\***\AppData\Roaming\Apple Computer
2013-07-05 21:13:16 . 2013-07-05 21:13:16	--------	d-----w-	C:\Users\***\AppData\Local\Apple Computer
2013-07-05 21:13:04 . 2013-07-09 23:51:16	--------	dc----w-	C:\Windows\system32\DRVSTORE
2013-07-05 21:12:42 . 2013-07-10 00:00:48	--------	d-----w-	C:\ProgramData\Apple Computer
2013-07-05 21:12:20 . 2013-07-05 21:12:20	--------	d-----w-	C:\Users\***\AppData\Local\Apple
2013-07-05 21:12:19 . 2013-07-05 21:12:19	--------	d-----w-	C:\Program Files (x86)\Apple Software Update
2013-07-05 21:12:06 . 2013-07-05 21:12:06	--------	d-----w-	C:\Program Files\Common Files\Apple
2013-07-05 21:11:55 . 2013-07-05 21:11:55	--------	d-----w-	C:\Program Files\Bonjour
2013-07-05 21:11:55 . 2013-07-05 21:11:55	--------	d-----w-	C:\Program Files (x86)\Bonjour
2013-07-05 21:11:45 . 2013-07-05 21:34:02	--------	d-----w-	C:\Program Files (x86)\Common Files\Apple
2013-07-05 21:11:45 . 2013-07-05 21:12:14	--------	d-----w-	C:\ProgramData\Apple
2013-07-05 21:10:59 . 2013-07-05 21:10:59	--------	d-----w-	C:\Program Files (x86)\Microsoft
2013-07-05 21:10:09 . 2013-07-09 23:02:26	--------	d-----w-	C:\Program Files\Microsoft Silverlight
2013-07-05 21:10:09 . 2013-07-09 23:02:25	--------	d-----w-	C:\Program Files (x86)\Microsoft Silverlight
2013-07-05 20:52:18 . 2013-07-05 20:52:26	--------	d-----w-	C:\Users\***\AppData\Local\Windows Live Writer
2013-07-05 20:52:18 . 2013-07-05 20:52:18	--------	d-----w-	C:\Users\***\AppData\Roaming\Windows Live Writer
2013-07-05 20:51:32 . 2013-07-05 20:51:32	--------	d-----w-	C:\Windows\de
2013-07-05 20:50:26 . 2013-07-05 20:50:26	--------	d-----w-	C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-07-05 20:49:14 . 2013-07-05 20:49:14	--------	d-----w-	C:\Program Files (x86)\Common Files\Symantec Shared
2013-07-05 20:47:52 . 2013-07-05 20:47:52	--------	d-----w-	C:\Program Files\Windows Live
2013-07-05 20:46:14 . 2013-07-05 20:50:15	--------	d-----w-	C:\Program Files (x86)\Windows Live
2013-07-05 20:42:44 . 2010-06-02 02:55:30	77656	----a-w-	C:\Windows\system32\XAPOFX1_5.dll
2013-07-05 20:42:44 . 2010-06-02 02:55:30	74072	----a-w-	C:\Windows\SysWow64\XAPOFX1_5.dll
2013-07-05 20:42:44 . 2010-06-02 02:55:30	527192	----a-w-	C:\Windows\SysWow64\XAudio2_7.dll
2013-07-05 20:42:44 . 2010-06-02 02:55:30	518488	----a-w-	C:\Windows\system32\XAudio2_7.dll
2013-07-05 20:42:43 . 2010-05-26 09:41:02	2526056	----a-w-	C:\Windows\system32\D3DCompiler_43.dll
2013-07-05 20:42:43 . 2010-05-26 09:41:02	2106216	----a-w-	C:\Windows\SysWow64\D3DCompiler_43.dll
2013-07-05 20:42:42 . 2010-05-26 09:41:02	276832	----a-w-	C:\Windows\system32\d3dx11_43.dll
2013-07-05 20:42:42 . 2010-05-26 09:41:02	248672	----a-w-	C:\Windows\SysWow64\d3dx11_43.dll
2013-07-05 20:41:08 . 2009-09-04 15:29:34	453456	----a-w-	C:\Windows\SysWow64\d3dx10_42.dll
2013-07-05 20:41:08 . 2009-09-04 15:29:24	523088	----a-w-	C:\Windows\system32\d3dx10_42.dll
2013-07-05 20:39:23 . 2006-11-29 11:06:18	4398360	----a-w-	C:\Windows\system32\d3dx9_32.dll
2013-07-05 20:39:23 . 2006-11-29 11:06:18	3426072	----a-w-	C:\Windows\SysWow64\d3dx9_32.dll
2013-07-05 20:37:44 . 2013-07-15 18:50:01	--------	d-----w-	C:\Users\***\AppData\Local\Windows Live
2013-07-05 20:37:24 . 2013-07-05 20:37:24	--------	d-----w-	C:\Program Files (x86)\Common Files\Windows Live
2013-06-21 03:16:02 . 2013-06-21 03:16:02	566048	----a-w-	C:\Windows\SysWow64\nvStreaming.exe
.


((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

2013-07-10 17:48:08 . 2013-05-07 05:22:02	71048	----a-w-	C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-10 17:48:08 . 2013-05-07 05:22:02	692104	----a-w-	C:\Windows\SysWow64\FlashPlayerApp.exe
2013-07-05 20:46:40 . 2012-07-17 12:37:10	22240	----a-w-	C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-06-23 22:57:12 . 2013-05-07 12:00:10	78277128	----a-w-	C:\Windows\system32\MRT.exe
2013-06-21 12:06:36 . 2013-05-07 19:18:55	925648	----a-w-	C:\Windows\SysWow64\nvumdshim.dll
2013-06-21 12:06:36 . 2013-05-07 19:18:55	9239344	----a-w-	C:\Windows\system32\nvcuda.dll
2013-06-21 12:06:36 . 2013-05-07 19:18:55	7687592	----a-w-	C:\Windows\SysWow64\nvcuda.dll
2013-06-21 12:06:36 . 2013-05-07 19:18:55	7641832	----a-w-	C:\Windows\system32\nvopencl.dll
2013-06-21 12:06:36 . 2013-05-07 19:18:55	6324360	----a-w-	C:\Windows\SysWow64\nvopencl.dll
2013-06-21 12:06:36 . 2013-05-07 19:18:55	572704	----a-w-	C:\Windows\system32\NvFBC64.dll
2013-06-21 12:06:36 . 2013-05-07 19:18:55	570656	----a-w-	C:\Windows\system32\NvIFR64.dll
2013-06-21 12:06:36 . 2013-05-07 19:18:55	467232	----a-w-	C:\Windows\SysWow64\NvIFR.dll
2013-06-21 12:06:36 . 2013-05-07 19:18:55	465184	----a-w-	C:\Windows\SysWow64\NvFBC.dll
2013-06-21 12:06:36 . 2013-05-07 19:18:55	2953504	----a-w-	C:\Windows\system32\nvcuvid.dll
2013-06-21 12:06:36 . 2013-05-07 19:18:55	27781920	----a-w-	C:\Windows\system32\nvoglv64.dll
2013-06-21 12:06:36 . 2013-05-07 19:18:55	2777888	----a-w-	C:\Windows\SysWow64\nvcuvid.dll
2013-06-21 12:06:36 . 2013-05-07 19:18:55	266448	----a-w-	C:\Windows\system32\nvinitx.dll
2013-06-21 12:06:36 . 2013-05-07 19:18:55	25256224	----a-w-	C:\Windows\system32\nvcompiler.dll
2013-06-21 12:06:36 . 2013-05-07 19:18:55	2363680	----a-w-	C:\Windows\system32\nvcuvenc.dll
2013-06-21 12:06:36 . 2013-05-07 19:18:55	218592	----a-w-	C:\Windows\system32\nvoglshim64.dll
2013-06-21 12:06:36 . 2013-05-07 19:18:55	214448	----a-w-	C:\Windows\SysWow64\nvinit.dll
2013-06-21 12:06:36 . 2013-05-07 19:18:55	21102368	----a-w-	C:\Windows\SysWow64\nvoglv32.dll
2013-06-21 12:06:36 . 2013-05-07 19:18:55	2002720	----a-w-	C:\Windows\SysWow64\nvcuvenc.dll
2013-06-21 12:06:36 . 2013-05-07 19:18:55	1832224	----a-w-	C:\Windows\system32\nvdispco6432049.dll
2013-06-21 12:06:36 . 2013-05-07 19:18:55	181488	----a-w-	C:\Windows\SysWow64\nvoglshim32.dll
2013-06-21 12:06:36 . 2013-05-07 19:18:55	17560352	----a-w-	C:\Windows\SysWow64\nvcompiler.dll
2013-06-21 12:06:36 . 2013-05-07 19:18:55	15144928	----a-w-	C:\Windows\system32\nvd3dumx.dll
2013-06-21 12:06:36 . 2013-05-07 19:18:55	1511712	----a-w-	C:\Windows\system32\nvdispgenco6432049.dll
2013-06-21 12:06:36 . 2013-05-07 19:18:55	13411896	----a-w-	C:\Windows\SysWow64\nvwgf2um.dll
2013-06-21 12:06:36 . 2013-05-07 19:18:55	11235104	----a-w-	C:\Windows\system32\drivers\nvlddmkm.sys
2013-06-21 12:06:36 . 2013-05-07 05:20:36	61216	----a-w-	C:\Windows\system32\OpenCL.dll
2013-06-21 12:06:36 . 2013-05-07 05:20:36	53024	----a-w-	C:\Windows\SysWow64\OpenCL.dll
2013-06-21 12:06:36 . 2013-02-25 22:32:44	2597856	----a-w-	C:\Windows\SysWow64\nvapi.dll
2013-06-21 12:06:36 . 2013-02-25 22:32:42	12427240	----a-w-	C:\Windows\SysWow64\nvd3dum.dll
2013-06-21 12:06:36 . 2013-02-25 22:32:40	2936208	----a-w-	C:\Windows\system32\nvapi64.dll
2013-06-21 12:06:36 . 2013-02-25 22:32:38	1059560	----a-w-	C:\Windows\system32\nvumdshimx.dll
2013-06-21 12:06:36 . 2013-02-25 22:32:26	15920536	----a-w-	C:\Windows\system32\nvwgf2umx.dll
2013-06-21 10:23:16 . 2013-05-07 05:20:51	6496544	----a-w-	C:\Windows\system32\nvcpl.dll
2013-06-21 10:23:16 . 2013-05-07 05:20:51	3514656	----a-w-	C:\Windows\system32\nvsvc64.dll
2013-06-21 10:23:11 . 2013-05-07 05:20:51	884512	----a-w-	C:\Windows\system32\nvvsvc.exe
2013-06-21 10:23:10 . 2013-05-07 05:20:51	63776	----a-w-	C:\Windows\system32\nvshext.dll
2013-06-21 10:23:10 . 2013-05-07 05:20:51	2555680	----a-w-	C:\Windows\system32\nvsvcr.dll
2013-06-21 10:23:10 . 2013-05-07 05:20:51	237856	----a-w-	C:\Windows\system32\nvmctray.dll
2013-06-20 04:17:49 . 2013-05-07 05:20:51	3253909	----a-w-	C:\Windows\system32\nvcoproc.bin
2013-06-17 00:10:22 . 2013-05-07 07:31:24	9552976	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{66ACADFC-4D2D-48DD-A72B-EAB6DDA838BA}\mpengine.dll
2013-05-22 21:25:28 . 2013-05-07 18:57:02	1139800	----a-w-	C:\Windows\system32\drivers\NISx64\1404000.028\symefa64.sys
2013-05-20 21:02:00 . 2013-05-07 18:57:02	493656	----a-w-	C:\Windows\system32\drivers\NISx64\1404000.028\symds64.sys
2013-05-19 10:54:27 . 2013-05-19 10:54:27	97176	----a-w-	C:\Windows\SysWow64\ElbyCDIO.dll
2013-05-15 21:02:14 . 2013-05-07 18:57:02	796760	----a-w-	C:\Windows\system32\drivers\NISx64\1404000.028\srtsp64.sys
2013-05-13 05:51:01 . 2013-05-07 16:20:29	184320	----a-w-	C:\Windows\system32\cryptsvc.dll
2013-05-13 05:51:00 . 2013-05-07 16:20:29	1464320	----a-w-	C:\Windows\system32\crypt32.dll
2013-05-13 05:51:00 . 2013-05-07 16:20:29	139776	----a-w-	C:\Windows\system32\cryptnet.dll
2013-05-13 05:50:40 . 2013-05-07 16:20:29	52224	----a-w-	C:\Windows\system32\certenc.dll
2013-05-13 04:45:55 . 2013-05-07 16:20:29	140288	----a-w-	C:\Windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:55 . 2013-05-07 16:20:29	1160192	----a-w-	C:\Windows\SysWow64\crypt32.dll
2013-05-13 04:45:55 . 2013-05-07 16:20:29	103936	----a-w-	C:\Windows\SysWow64\cryptnet.dll
2013-05-13 03:43:55 . 2013-05-07 16:20:29	1192448	----a-w-	C:\Windows\system32\certutil.exe
2013-05-13 03:08:10 . 2013-05-07 16:20:29	903168	----a-w-	C:\Windows\SysWow64\certutil.exe
2013-05-13 03:08:06 . 2013-05-07 16:20:29	43008	----a-w-	C:\Windows\SysWow64\certenc.dll
2013-05-10 05:49:27 . 2013-05-07 16:20:07	30720	----a-w-	C:\Windows\system32\cryptdlg.dll
2013-05-10 03:20:54 . 2013-05-07 16:20:07	24576	----a-w-	C:\Windows\SysWow64\cryptdlg.dll
2013-05-08 06:39:01 . 2013-05-07 16:19:47	1910632	----a-w-	C:\Windows\system32\drivers\tcpip.sys
2013-05-07 20:15:29 . 2013-05-07 20:15:29	53248	----a-r-	C:\Users\***\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2013-05-07 20:15:29 . 2013-05-07 20:15:29	53248	----a-r-	C:\Users\***\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2013-05-07 18:59:37 . 2013-05-07 18:59:37	97280	----a-w-	C:\Windows\system32\mshtmled.dll
2013-05-07 18:59:37 . 2013-05-07 18:59:37	92160	----a-w-	C:\Windows\system32\SetIEInstalledDate.exe
2013-05-07 18:59:37 . 2013-05-07 18:59:37	905728	----a-w-	C:\Windows\system32\mshtmlmedia.dll
2013-05-07 18:59:37 . 2013-05-07 18:59:37	81408	----a-w-	C:\Windows\system32\icardie.dll
2013-05-07 18:59:37 . 2013-05-07 18:59:37	77312	----a-w-	C:\Windows\system32\tdc.ocx
2013-05-07 18:59:37 . 2013-05-07 18:59:37	762368	----a-w-	C:\Windows\system32\ieapfltr.dll
2013-05-07 18:59:37 . 2013-05-07 18:59:37	73728	----a-w-	C:\Windows\SysWow64\SetIEInstalledDate.exe
2013-05-07 18:59:37 . 2013-05-07 18:59:37	719360	----a-w-	C:\Windows\SysWow64\mshtmlmedia.dll
2013-05-07 18:59:37 . 2013-05-07 18:59:37	62976	----a-w-	C:\Windows\system32\pngfilt.dll
2013-05-07 18:59:37 . 2013-05-07 18:59:37	61952	----a-w-	C:\Windows\SysWow64\tdc.ocx
2013-05-07 18:59:37 . 2013-05-07 18:59:37	599552	----a-w-	C:\Windows\system32\vbscript.dll
2013-05-07 18:59:37 . 2013-05-07 18:59:37	523264	----a-w-	C:\Windows\SysWow64\vbscript.dll
2013-05-07 18:59:37 . 2013-05-07 18:59:37	52224	----a-w-	C:\Windows\system32\msfeedsbs.dll
2013-05-07 18:59:37 . 2013-05-07 18:59:37	51200	----a-w-	C:\Windows\system32\imgutil.dll
2013-05-07 18:59:37 . 2013-05-07 18:59:37	48640	----a-w-	C:\Windows\SysWow64\mshtmler.dll
2013-05-07 18:59:37 . 2013-05-07 18:59:37	48640	----a-w-	C:\Windows\system32\mshtmler.dll
2013-05-07 18:59:37 . 2013-05-07 18:59:37	452096	----a-w-	C:\Windows\system32\dxtmsft.dll
2013-05-07 18:59:37 . 2013-05-07 18:59:37	441856	----a-w-	C:\Windows\system32\html.iec
2013-05-07 18:59:37 . 2013-05-07 18:59:37	38400	----a-w-	C:\Windows\SysWow64\imgutil.dll
2013-05-07 18:59:37 . 2013-05-07 18:59:37	361984	----a-w-	C:\Windows\SysWow64\html.iec
2013-05-07 18:59:37 . 2013-05-07 18:59:37	281600	----a-w-	C:\Windows\system32\dxtrans.dll
2013-05-07 18:59:37 . 2013-05-07 18:59:37	27648	----a-w-	C:\Windows\system32\licmgr10.dll
2013-05-07 18:59:37 . 2013-05-07 18:59:37	270848	----a-w-	C:\Windows\system32\iedkcs32.dll
2013-05-07 18:59:37 . 2013-05-07 18:59:37	247296	----a-w-	C:\Windows\system32\webcheck.dll
2013-05-07 18:59:37 . 2013-05-07 18:59:37	235008	----a-w-	C:\Windows\system32\url.dll
2013-05-07 18:59:37 . 2013-05-07 18:59:37	23040	----a-w-	C:\Windows\SysWow64\licmgr10.dll
2013-05-07 18:59:37 . 2013-05-07 18:59:37	226304	----a-w-	C:\Windows\system32\elshyph.dll
2013-05-07 18:59:37 . 2013-05-07 18:59:37	216064	----a-w-	C:\Windows\system32\msls31.dll
2013-05-07 18:59:37 . 2013-05-07 18:59:37	197120	----a-w-	C:\Windows\system32\msrating.dll
2013-05-07 18:59:37 . 2013-05-07 18:59:37	185344	----a-w-	C:\Windows\SysWow64\elshyph.dll
2013-05-07 18:59:37 . 2013-05-07 18:59:37	173568	----a-w-	C:\Windows\system32\ieUnatt.exe
2013-05-07 18:59:37 . 2013-05-07 18:59:37	167424	----a-w-	C:\Windows\system32\iexpress.exe
2013-05-07 18:59:37 . 2013-05-07 18:59:37	158720	----a-w-	C:\Windows\SysWow64\msls31.dll
2013-05-07 18:59:37 . 2013-05-07 18:59:37	1509376	----a-w-	C:\Windows\system32\inetcpl.cpl
2013-05-07 18:59:37 . 2013-05-07 18:59:37	150528	----a-w-	C:\Windows\SysWow64\iexpress.exe
2013-05-07 18:59:37 . 2013-05-07 18:59:37	149504	----a-w-	C:\Windows\system32\occache.dll


((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))


*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ftweak_recyclebinex"="C:\Program Files (x86)\RecycleBinEx\recyclebinex.exe" [2010-05-29 23:28:10 2313728]
"dualmonitor"="C:\Program Files (x86)\Dual Monitor\DualMonitor.exe" [2013-02-18 06:23:42 478720]
"SandboxieControl"="C:\Program Files\Sandboxie\SbieCtrl.exe" [2013-07-08 11:29:02 759384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ITSecMng"="C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2009-07-22 11:40:40 83336]
"MultiScreen"="C:\Program Files (x86)\MultiScreen\MultiScreen.exe" [2008-02-22 00:54:02 114688]
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 19:43:52 59720]
"Standby"="C:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe" [2010-03-19 11:23:46 105632]

C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Moo0 Connection Watcher 1.55.lnk - C:\Program Files (x86)\Moo0\ConnectionWatcher 1.55\ConnectionWatcher.exe -startup [2013-7-10 2027520]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2009-7-31 2680160]
NCProTray.lnk - C:\Program Files (x86)\SEC\Natural Color Pro\NCProTray.exe [2013-5-7 49220]
Stickies.lnk - C:\Program Files (x86)\Stickies\stickies.exe [2013-7-10 1134592]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe;C:\Program Files (x86)\Skype\Updater\Updater.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys;C:\Windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;C:\Windows\system32\drivers\synth3dvsc.sys;C:\Windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys;C:\Windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;C:\Windows\system32\drivers\tsusbhub.sys;C:\Windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;C:\Windows\system32\drivers\rdvgkmd.sys;C:\Windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;C:\Windows\system32\Wat\WatAdminSvc.exe;C:\Windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 NBVol;Nero Backup Volume Filter Driver;C:\Windows\system32\DRIVERS\NBVol.sys;C:\Windows\SYSNATIVE\DRIVERS\NBVol.sys [x]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;C:\Windows\system32\DRIVERS\NBVolUp.sys;C:\Windows\SYSNATIVE\DRIVERS\NBVolUp.sys [x]
S0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS;C:\Windows\SYSNATIVE\drivers\NISx64\1404000.028\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS;C:\Windows\SYSNATIVE\drivers\NISx64\1404000.028\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20130702.001\BHDrvx64.sys;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [x]
S1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys;C:\Windows\SYSNATIVE\drivers\NISx64\1404000.028\ccSetx64.sys [x]
S1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20130712.001\IDSvia64.sys;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20130712.001\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS;C:\Windows\SYSNATIVE\drivers\NISx64\1404000.028\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\drivers\NISx64\1404000.028\SYMNETS.SYS;C:\Windows\SYSNATIVE\drivers\NISx64\1404000.028\SYMNETS.SYS [x]
S2 DragonUpdater;COMODO Dragon Update Service;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [x]
S2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe;C:\Program Files (x86)\Nero\Update\NASvc.exe [x]
S2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe;C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [x]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys;C:\Windows\SYSNATIVE\drivers\Apowersoft_AudioDevice.sys [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);C:\Windows\system32\DRIVERS\dc3d.sys;C:\Windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys;C:\Windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech QuickCam Pro 9000(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys;C:\Windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [x]


--- Andere Dienste/Treiber im Speicher ---

*NewlyCreated* - WS2IFSL

Inhalt des "geplante Tasks" Ordners

2013-07-15 C:\Windows\Tasks\SlimDrivers Startup.job
- C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2013-06-21 08:21:16 . 2013-06-21 08:21:16]


--------- X64 Entries -----------


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-05-22 22:20:30 7833120]
"Skytel"="C:\Program Files\Realtek\Audio\HDA\Skytel.exe" [2009-05-22 22:21:16 1833504]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp

------- Zusätzlicher Suchlauf -------

uLocal Page = C:\Windows\system32\blank.htm
uStart Page = hxxp://www.google.at/
mLocal Page = C:\Windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 212.186.211.21 195.34.133.21

- - - - Entfernte verwaiste Registrierungseinträge - - - -

BHO-{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - C:\Program Files (x86)\PricePeep\pricepeep.dll
Wow6432Node-HKU-Default-RunOnce-SPReview - C:\Windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-PricePeep - C:\Program Files (x86)\PricePeep\uninstall.exe
         
Neustart wurde übrigens nicht verlangt - ich mach jetzt aber mal einen.

Alt 15.07.2013, 20:39   #10
schrauber
/// the machine
/// TB-Ausbilder
 

desk365 installiert - Standard

desk365 installiert



Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.07.2013, 21:03   #11
Laschmunzel
 
desk365 installiert - Standard

desk365 installiert



Hallo!

Habe alles durchgeführt. Hier die files:

AdwCleaner:

Code:
ATTFilter
# AdwCleaner v2.305 - Datei am 15/07/2013 um 21:45:39 erstellt
# Aktualisiert am 11/07/2013 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzer : *** - ***
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\***\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\Program Files (x86)\SimilarSites
Ordner Gelöscht : C:\ProgramData\eSafe
Ordner Gelöscht : C:\Users\***\AppData\Roaming\SimilarSites

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PricePeep
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\PricePeep.DLL
Schlüssel Gelöscht : HKLM\Software\Desksvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Opera v [Version kann nicht ermittelt werden]

Datei : C:\Users\***\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [1925 octets] - [15/07/2013 21:45:39]

########## EOF - C:\AdwCleaner[S1].txt - [1985 octets] ##########
         
JRT:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.0.9 (07.12.2013:2)
OS: Windows 7 Ultimate x64
Ran by *** on 15.07.2013 at 21:53:53,48
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.07.2013 at 21:57:58,59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-07-2013 01
Ran by *** (administrator) on 15-07-2013 21:59:21
Running from C:\Users\***\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Cristi) C:\Program Files (x86)\Dual Monitor\DualMonitor.exe
(Corel) C:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7833120 2009-05-23] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-05-23] (Realtek Semiconductor Corp.)
HKCU\...\Run: [ftweak_recyclebinex] - C:\Program Files (x86)\RecycleBinEx\recyclebinex.exe -autocleanupwithoption -close [2313728 2010-05-30] (FTweak Inc.)
HKCU\...\Run: [dualmonitor] - C:\Program Files (x86)\Dual Monitor\DualMonitor.exe [478720 2013-02-18] (Cristi)
HKCU\...\Run: [SandboxieControl] - "C:\Program Files\Sandboxie\SbieCtrl.exe" [759384 2013-07-08] (Sandboxie Holdings, LLC)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
HKLM-x32\...\Run: [ITSecMng] - %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START [83336 2009-07-22] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [MultiScreen] - C:\Program Files (x86)\MultiScreen\MultiScreen.exe [114688 2008-02-22] ()
HKLM-x32\...\Run: [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Standby] - "C:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe" -START [105632 2010-03-19] (Corel)
HKU\Default\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\Kleines Flausch\...\Run: [ftweak_recyclebinex] - C:\Program Files (x86)\RecycleBinEx\recyclebinex.exe -autocleanupwithoption -close [2313728 2010-05-30] (FTweak Inc.)
HKU\Kleines Flausch\...\Run: [dualmonitor] - C:\Program Files (x86)\Dual Monitor\DualMonitor.exe [478720 2013-02-18] (Cristi)
HKU\Kleines Flausch\...\Run: [SandboxieControl] - "C:\Program Files\Sandboxie\SbieCtrl.exe" [759384 2013-07-08] (Sandboxie Holdings, LLC)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Bluetooth Manager.lnk
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\NCProTray.lnk
ShortcutTarget: NCProTray.lnk -> C:\Program Files (x86)\SEC\Natural Color Pro\NCProTray.exe (Samsung)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Stickies.lnk
ShortcutTarget: Stickies.lnk -> C:\Program Files (x86)\Stickies\stickies.exe (Zhorn Software)
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Moo0 Connection Watcher 1.55.lnk
ShortcutTarget: Moo0 Connection Watcher 1.55.lnk -> C:\Program Files (x86)\Moo0\ConnectionWatcher 1.55\ConnectionWatcher.exe (Moo0)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 212.186.211.21 195.34.133.21

==================== Services (Whitelisted) =================

R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2095752 2013-06-20] ()
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
S3 iPod Service; C:\Program Files (x86)\iPod\bin\iPodService.exe [641352 2013-05-31] (Apple Inc.)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [183896 2013-07-08] (Sandboxie Holdings, LLC)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2401632 2012-11-29] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-01] (Wondershare)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-05-20] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-05-20] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-07-05] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-07-05] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-07-05] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20130712.001\IDSvia64.sys [513184 2013-07-04] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20130712.001\IDSvia64.sys [513184 2013-07-04] (Symantec Corporation)
S3 MagicTune; C:\Windows\SysWow64\drivers\MTiCtwl.sys [13312 2006-08-28] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130715.003\ENG64.SYS [126040 2013-07-05] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130715.003\ENG64.SYS [126040 2013-07-05] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130715.003\EX64.SYS [2098776 2013-07-05] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130715.003\EX64.SYS [2098776 2013-07-05] (Symantec Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [199384 2013-07-08] (Sandboxie Holdings, LLC)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 SRTSP; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-15] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-20] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-05-07] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2012-07-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-07-19] (TuneUp Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 MagicTune; system32\drivers\MTiCtwl.sys [x]
S1 NCPro; \SystemRoot\system32\drivers\MTictwl.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-15 21:57 - 2013-07-15 21:58 - 00000619 ____A C:\Users\***\Desktop\JRT.txt
2013-07-15 21:51 - 2013-07-15 21:51 - 00000000 ____D C:\Windows\ERUNT
2013-07-15 21:49 - 2013-07-15 21:49 - 00002002 ____A C:\Users\***\Desktop\AdwCleaner[S1].txt
2013-07-15 21:45 - 2013-07-15 21:45 - 00002050 ____A C:\AdwCleaner[S1].txt
2013-07-15 21:41 - 2013-07-15 21:41 - 00662345 ____A C:\Users\***\Desktop\adwcleaner.exe
2013-07-15 21:41 - 2013-07-15 21:41 - 00559441 ____A (Oleg N. Scherbakov) C:\Users\***\Desktop\JRT.exe
2013-07-15 21:31 - 2013-07-15 21:31 - 00035027 ____A C:\ComboFix.txt
2013-07-15 21:11 - 2013-07-15 21:32 - 00000000 ____D C:\ComboFix
2013-07-15 20:55 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2013-07-15 20:55 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2013-07-15 20:55 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-07-15 20:55 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-07-15 20:55 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-07-15 20:55 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2013-07-15 20:55 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2013-07-15 20:55 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2013-07-15 20:53 - 2013-07-15 21:31 - 00000000 ____D C:\Qoobox
2013-07-15 20:52 - 2013-07-15 21:29 - 00000000 ____D C:\Windows\erdnt
2013-07-15 20:51 - 2013-07-15 20:51 - 05089088 ____R (Swearware) C:\Users\***\Desktop\ComboFix.exe
2013-07-15 20:47 - 2013-07-15 20:47 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Dual Monitor
2013-07-15 20:47 - 2013-07-10 07:49 - 00000914 ____A C:\Users\Kleines Flausch\Desktop\Sandboxed Web Browser.lnk
2013-07-15 19:28 - 2013-07-15 20:02 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Nero
2013-07-15 19:28 - 2013-07-15 19:28 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Nero_AG
2013-07-15 19:28 - 2013-07-15 19:28 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Nero
2013-07-15 18:46 - 2013-07-15 18:46 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Logitech® Webcam-Software
2013-07-15 17:33 - 2013-07-15 17:33 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-07-15 17:33 - 2013-07-15 17:33 - 00000000 ____D C:\Program Files\Realtek
2013-07-15 17:32 - 2013-07-15 17:32 - 00001769 ____A C:\Windows\Language_trs.ini
2013-07-15 17:32 - 2009-05-23 02:04 - 01762080 ____A (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2013-07-15 17:32 - 2009-05-23 00:21 - 01277984 ____A (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2013-07-15 17:32 - 2009-05-23 00:21 - 00611360 ____A (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2013-07-15 17:32 - 2009-05-23 00:21 - 00332320 ____A (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2013-07-15 17:32 - 2009-05-23 00:21 - 00149536 ____A (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2013-07-15 17:32 - 2009-05-23 00:20 - 01603104 ____A (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2013-07-15 17:32 - 2009-05-23 00:20 - 01163296 ____A (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2013-07-15 17:32 - 2009-05-23 00:20 - 00417824 ____A (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2013-07-15 17:32 - 2009-05-23 00:20 - 00058400 ____A (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInst64.dll
2013-07-15 17:32 - 2009-04-16 17:23 - 00540672 ____A (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2013-07-15 17:32 - 2009-04-16 10:13 - 00166400 ____A (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2013-07-15 17:32 - 2009-03-31 14:02 - 00108032 ____A (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2013-07-15 17:32 - 2009-03-09 05:32 - 00304640 ____A (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2013-07-15 17:32 - 2009-03-09 05:30 - 00304640 ____A (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2013-07-15 17:32 - 2009-02-12 17:14 - 00176640 ____A (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\FMAPO64.dll
2013-07-15 17:32 - 2008-11-09 11:57 - 00311296 ____A (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2013-07-15 17:32 - 2008-04-30 08:48 - 00193536 ____A (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2013-07-15 17:32 - 2007-07-25 09:34 - 00150528 ____A (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2013-07-15 17:32 - 2007-05-17 11:26 - 00211376 ____A (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2013-07-15 17:32 - 2006-12-13 10:30 - 00513536 ____A (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2013-07-13 23:06 - 2013-07-13 23:06 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Apple
2013-07-11 02:41 - 2013-07-11 02:41 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\NVIDIA
2013-07-11 01:37 - 2013-07-11 01:37 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Adobe
2013-07-11 00:57 - 2013-07-15 12:47 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Windows Live
2013-07-11 00:57 - 2013-07-11 00:57 - 00082944 ____A C:\Users\Kleines Flausch\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-11 00:57 - 2013-07-11 00:57 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Windows Live Writer
2013-07-11 00:57 - 2013-07-11 00:57 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Windows Live Writer
2013-07-11 00:47 - 2013-07-11 00:47 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Opera Software
2013-07-11 00:47 - 2013-07-11 00:47 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Opera Software
2013-07-11 00:45 - 2013-07-15 20:25 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Skype
2013-07-11 00:45 - 2013-07-11 00:45 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Macromedia
2013-07-11 00:44 - 2013-07-11 00:44 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\TuneUp Software
2013-07-11 00:44 - 2013-07-11 00:44 - 00000000 ____D C:\Intel
2013-07-11 00:41 - 2013-07-15 20:48 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\stickies
2013-07-11 00:41 - 2013-07-11 00:41 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Apple Computer
2013-07-11 00:41 - 2013-07-11 00:41 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Toshiba
2013-07-11 00:39 - 2013-07-13 23:11 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\VirtualStore
2013-07-11 00:39 - 2013-07-11 01:37 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Adobe
2013-07-11 00:39 - 2013-07-11 00:39 - 00000020 ___SH C:\Users\Kleines Flausch\ntuser.ini
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Vorlagen
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Startmenü
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Netzwerkumgebung
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Lokale Einstellungen
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Eigene Dateien
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Druckumgebung
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Documents\Eigene Musik
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Documents\Eigene Bilder
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\AppData\Local\Verlauf
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\AppData\Local\Anwendungsdaten
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Anwendungsdaten
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 ____D C:\Users\Kleines Flausch
2013-07-11 00:39 - 2013-07-10 00:44 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Microsoft Help
2013-07-11 00:27 - 2013-07-11 00:27 - 00015501 ____A C:\Users\***\Desktop\Desktop.zip
2013-07-11 00:09 - 2013-07-11 00:09 - 00000000 ____D C:\FRST
2013-07-10 19:12 - 2013-07-10 19:12 - 00003852 ____A C:\Windows\System32\Tasks\FileHippo.com-Online-Aktualisierungsprogramm
2013-07-10 19:10 - 2013-07-10 19:10 - 00002770 ____A C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2013-07-10 18:53 - 2013-07-10 18:53 - 01776889 ____A (Farbar) C:\Users\***\Desktop\FRST64.exe
2013-07-10 08:09 - 2013-07-10 08:09 - 00003042 ____A C:\Windows\System32\Tasks\PandaUSBVaccine
2013-07-10 08:09 - 2013-07-10 08:09 - 00000000 ____D C:\ProgramData\Panda Security
2013-07-10 08:04 - 2013-07-10 08:04 - 00000000 ____D C:\Program Files\Cygnus Software
2013-07-10 07:51 - 2013-07-10 07:51 - 00000000 ___RD C:\Sandbox
2013-07-10 07:49 - 2013-07-15 20:56 - 00002462 ____A C:\Windows\Sandboxie.ini
2013-07-10 07:49 - 2013-07-10 07:49 - 00000914 ____A C:\Users\***\Desktop\Sandboxed Web Browser.lnk
2013-07-10 07:49 - 2013-07-10 07:49 - 00000000 ____D C:\Program Files\Sandboxie
2013-07-10 07:48 - 2013-07-10 07:48 - 00002003 ____A C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
2013-07-10 07:09 - 2013-07-10 20:18 - 00001363 ____A C:\Users\***\Desktop\Windows Error Lookup Tool.exe - Verknüpfung.lnk
2013-07-10 06:47 - 2013-07-10 06:47 - 00000000 ____D C:\Program Files\7-Zip
2013-07-10 05:46 - 2013-07-10 05:46 - 00377856 ____A C:\Users\***\Desktop\gmer_2.1.19163.exe
2013-07-10 05:42 - 2013-07-10 05:42 - 00000000 ____A C:\Users\***\defogger_reenable
2013-07-10 05:41 - 2013-07-10 05:41 - 00050477 ____A C:\Users\***\Desktop\Defogger.exe
2013-07-10 05:36 - 2013-07-10 05:36 - 00602112 ____A (OldTimer Tools) C:\Users\***\Desktop\OTL.exe
2013-07-10 04:21 - 2013-07-10 04:21 - 00000000 ____D C:\ProgramData\DualMonitor
2013-07-10 04:03 - 2013-07-10 04:03 - 00000000 ____D C:\Users\***\AppData\Roaming\Dual Monitor
2013-07-10 03:34 - 2013-07-10 03:34 - 00002109 ____A C:\Users\Public\Desktop\Nero Kwik Media.lnk
2013-07-10 03:19 - 2013-07-10 03:19 - 00000000 ____D C:\Users\***\Documents\Apowersoft Free Screen Recorder
2013-07-10 03:18 - 2013-06-01 20:07 - 00443568 ___AH (Bytescout) C:\Windows\SysWOW64\ApowersoftScreenCapturing.dll
2013-07-10 03:18 - 2013-06-01 20:07 - 00271536 ___AH (Bytescout) C:\Windows\SysWOW64\ApowersoftScreenCapturingFilter.dll
2013-07-10 03:18 - 2013-06-01 20:07 - 00181424 ___AH (Bytescout) C:\Windows\SysWOW64\ApowersoftVideoMixerFilter.dll
2013-07-10 03:18 - 2013-06-01 13:56 - 00031920 ____A (Wondershare) C:\Windows\system32\Drivers\Apowersoft_AudioDevice.sys
2013-07-10 03:17 - 2013-07-10 03:17 - 00000000 ____D C:\Users\***\AppData\Roaming\Apowersoft
2013-07-10 03:11 - 2013-07-10 03:11 - 00000000 ____D C:\Users\***\AppData\Local\Google
2013-07-10 03:07 - 2013-07-15 21:50 - 00000000 ____D C:\Users\***\AppData\Roaming\stickies
2013-07-10 03:07 - 2013-07-10 03:07 - 00000625 ____A C:\Windows\uninstallstickies.bat
2013-07-10 03:06 - 2013-07-15 21:50 - 00000426 ____A C:\Windows\Tasks\SlimDrivers Startup.job
2013-07-10 03:06 - 2013-07-15 21:48 - 00002868 ____A C:\Windows\System32\Tasks\SlimDrivers Startup
2013-07-10 03:06 - 2013-07-10 03:06 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2013-07-10 03:06 - 2013-07-10 03:06 - 00000000 ____D C:\Users\***\AppData\Local\SlimWare Utilities Inc
2013-07-10 03:05 - 2013-07-10 03:05 - 00000987 ____A C:\Users\***\Desktop\RecycleBinEx.lnk
2013-07-10 03:03 - 2013-07-10 03:03 - 00003310 ____A C:\Windows\System32\Tasks\RunAsStdUser Task
2013-07-10 03:03 - 2013-07-10 03:03 - 00001257 ____A C:\Users\***\Desktop\Moo0 Connection Watcher 1.55.lnk
2013-07-10 03:03 - 2013-07-10 03:03 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Moo0
2013-07-10 02:58 - 2013-07-10 02:58 - 00000796 ____A C:\Users\***\Desktop\Listary.lnk
2013-07-10 02:58 - 2013-07-10 02:58 - 00000000 ____D C:\Users\***\AppData\Roaming\Listary
2013-07-10 02:58 - 2013-07-10 02:58 - 00000000 ____D C:\Program Files\Listary
2013-07-10 02:55 - 2013-07-10 02:55 - 00001969 ____A C:\Users\Public\Desktop\LauschAngriff.lnk
2013-07-10 02:55 - 2013-07-10 02:55 - 00000020 ____A C:\Windows\LauschAngriff.ini
2013-07-10 02:54 - 2013-07-10 02:54 - 00000000 ___RD C:\Users\***\Documents\Notes
2013-07-10 02:54 - 2013-07-10 02:54 - 00000000 ____D C:\Users\***\AppData\Local\Tools&More
2013-07-10 02:53 - 2013-07-10 02:53 - 00001942 ____A C:\Users\Public\Desktop\Joe.lnk
2013-07-10 02:53 - 2013-07-10 02:53 - 00000000 ____D C:\Windows\Downloaded Installations
2013-07-10 02:51 - 2013-07-10 02:51 - 00037897 ____A C:\Windows\Hardcopy.log
2013-07-10 02:51 - 2013-07-10 02:51 - 00003172 ____A C:\Windows\System32\Tasks\hcdll2_ex_Win32
2013-07-10 02:51 - 2013-07-10 02:51 - 00003168 ____A C:\Windows\System32\Tasks\hcdll2_ex_x64
2013-07-10 02:51 - 2013-07-10 02:51 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hardcopy - Bildschirmausdruck
2013-07-10 02:51 - 2012-07-12 07:18 - 01707520 ____A (www.sw4you.de Siegfried Weckmann) C:\Windows\SwSetupu.exe
2013-07-10 02:12 - 2013-07-10 04:02 - 00000081 ____A C:\Windows\spwdrhgsa.INI
2013-07-10 02:00 - 2013-07-10 02:00 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-07-10 01:51 - 2012-08-29 14:06 - 00016696 ____A (Nero AG) C:\Windows\system32\Drivers\NBVolUp.sys
2013-07-10 01:50 - 2012-08-29 13:59 - 00073016 ____A (Nero AG) C:\Windows\system32\Drivers\NBVol.sys
2013-07-10 01:48 - 2013-07-10 01:48 - 00000000 ____D C:\Users\***\AppData\Local\Nero_AG
2013-07-10 01:26 - 2013-07-10 01:26 - 00000000 ____D C:\Users\***\AppData\Roaming\Nero
2013-07-10 01:10 - 2013-07-10 01:11 - 00000000 ____D C:\Windows\system32\MRT
2013-07-10 00:57 - 2013-07-10 00:57 - 00056072 ____A (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2013-07-10 00:57 - 2013-07-10 00:57 - 00047368 ____A (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll
2013-07-10 00:57 - 2013-07-10 00:57 - 00000000 ____D C:\Users\***\AppData\Local\Comodo
2013-07-10 00:56 - 2013-07-10 00:56 - 01700352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2013-07-10 00:56 - 2013-07-10 00:56 - 01060864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2013-07-10 00:56 - 2013-07-10 00:56 - 00348160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2013-07-10 00:48 - 2013-06-12 01:43 - 14329856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-10 00:48 - 2013-06-12 01:43 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-10 00:48 - 2013-06-12 01:43 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-10 00:48 - 2013-06-12 01:43 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-10 00:48 - 2013-06-12 01:43 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-10 00:48 - 2013-06-12 01:43 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-10 00:48 - 2013-06-12 01:43 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-10 00:48 - 2013-06-12 01:42 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-10 00:48 - 2013-06-12 01:42 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-10 00:48 - 2013-06-12 01:42 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-10 00:48 - 2013-06-12 01:42 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-10 00:48 - 2013-06-12 01:42 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-10 00:48 - 2013-06-12 01:42 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-10 00:48 - 2013-06-12 01:26 - 02241024 ____A (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-10 00:48 - 2013-06-12 01:26 - 01365504 ____A (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-10 00:48 - 2013-06-12 01:26 - 00051712 ____A (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-10 00:48 - 2013-06-12 01:25 - 19238912 ____A (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-10 00:48 - 2013-06-12 01:25 - 15404032 ____A (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-10 00:48 - 2013-06-12 01:25 - 03958784 ____A (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-10 00:48 - 2013-06-12 01:25 - 02648576 ____A (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-10 00:48 - 2013-06-12 01:25 - 00855552 ____A (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-10 00:48 - 2013-06-12 01:25 - 00603136 ____A (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-10 00:48 - 2013-06-12 01:25 - 00526336 ____A (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-10 00:48 - 2013-06-12 01:25 - 00136704 ____A (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-10 00:48 - 2013-06-12 01:25 - 00067072 ____A (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-10 00:48 - 2013-06-12 01:25 - 00053248 ____A (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-10 00:48 - 2013-06-12 01:25 - 00039936 ____A (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-10 00:48 - 2013-06-12 00:51 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-10 00:48 - 2013-06-12 00:50 - 00089600 ____A (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-10 00:48 - 2013-06-07 05:22 - 02706432 ____A (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-10 00:48 - 2013-06-07 04:37 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-10 00:44 - 2013-07-10 00:44 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-07-10 00:44 - 2013-07-10 00:44 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-07-10 00:42 - 2013-06-05 05:34 - 03153920 ____A (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-10 00:42 - 2013-06-04 08:00 - 00624128 ____A (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-10 00:42 - 2013-06-04 06:53 - 00509440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 00:42 - 2013-05-06 08:03 - 01887744 ____A (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 00:42 - 2013-05-06 06:56 - 01620480 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-10 00:41 - 2013-04-10 01:34 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 00:41 - 2013-04-03 00:51 - 01643520 ____A (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-07 15:17 - 2013-07-07 15:17 - 00000017 ____A C:\Users\***\AppData\Local\resmon.resmoncfg
2013-07-07 14:51 - 2009-06-04 18:54 - 00408600 ____A (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys
2013-07-06 02:41 - 2012-11-29 17:06 - 00037216 ____A (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2013-07-06 02:41 - 2012-11-29 17:06 - 00029536 ____A (TuneUp Software) C:\Windows\SysWOW64\uxtuneup.dll
2013-07-06 02:40 - 2012-11-29 17:06 - 00034656 ____A (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2013-07-06 02:40 - 2012-11-29 17:06 - 00025952 ____A (TuneUp Software) C:\Windows\system32\authuitu.dll
2013-07-06 02:40 - 2012-11-29 17:06 - 00021344 ____A (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2013-07-06 02:39 - 2013-07-10 07:45 - 00000000 ____D C:\Users\***\AppData\Roaming\TuneUp Software
2013-07-06 02:36 - 2013-07-06 02:39 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-07-06 02:09 - 2013-07-10 03:34 - 00000000 ____D C:\ProgramData\Nero
2013-07-06 01:42 - 2010-05-26 11:41 - 01998168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2013-07-06 01:42 - 2010-05-26 11:41 - 01868128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2013-07-06 01:42 - 2010-05-26 11:41 - 00470880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2013-07-06 01:42 - 2009-09-04 17:29 - 01974616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2013-07-06 01:42 - 2009-09-04 17:29 - 01892184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2013-07-06 01:41 - 2008-10-15 06:22 - 04379984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2013-07-06 01:41 - 2007-07-19 18:14 - 03727720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2013-07-06 01:41 - 2007-05-16 16:45 - 03497832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2013-07-06 01:41 - 2006-03-31 12:40 - 02388176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2013-07-05 23:34 - 2013-07-05 23:34 - 00000000 ____D C:\Program Files\iTunes
2013-07-05 23:34 - 2012-08-21 13:01 - 00033240 ____A (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2013-07-05 23:30 - 2013-07-05 23:32 - 00000000 ____D C:\Windows\system32\appmgmt
2013-07-05 23:16 - 2013-07-10 02:36 - 00000000 ____D C:\ProgramData\Adobe
2013-07-05 23:16 - 2004-12-19 06:32 - 00038229 ____N (Generic) C:\Windows\SysWOW64\Drivers\StMp3Rec.sys
2013-07-05 23:13 - 2013-07-05 23:37 - 00000000 ____D C:\Users\***\AppData\Roaming\Apple Computer
2013-07-05 23:13 - 2013-07-05 23:13 - 00000000 ____D C:\Users\***\AppData\Local\Apple Computer
2013-07-05 23:12 - 2013-07-10 02:00 - 00000000 ____D C:\ProgramData\Apple Computer
2013-07-05 23:12 - 2013-07-05 23:12 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-07-05 23:12 - 2013-07-05 23:12 - 00000000 ____D C:\Users\***\AppData\Local\Apple
2013-07-05 23:12 - 2013-07-05 23:12 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-07-05 23:11 - 2013-07-05 23:12 - 00000000 ____D C:\ProgramData\Apple
2013-07-05 23:11 - 2013-07-05 23:11 - 00000000 ____D C:\Program Files\Bonjour
2013-07-05 23:10 - 2013-07-10 01:02 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-05 23:06 - 2013-07-05 23:06 - 00003062 ____A C:\Windows\System32\Tasks\{BD19309D-E1CE-4D04-A172-796E35440276}
2013-07-05 22:52 - 2013-07-05 22:52 - 00000000 ____D C:\Users\***\AppData\Roaming\Windows Live Writer
2013-07-05 22:52 - 2013-07-05 22:52 - 00000000 ____D C:\Users\***\AppData\Local\Windows Live Writer
2013-07-05 22:51 - 2013-07-05 22:51 - 00000000 ____D C:\Windows\de
2013-07-05 22:47 - 2013-07-05 22:47 - 00000000 ____D C:\Program Files\Windows Live
2013-07-05 22:42 - 2010-06-02 04:55 - 00527192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2013-07-05 22:42 - 2010-06-02 04:55 - 00518488 ____A (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2013-07-05 22:42 - 2010-06-02 04:55 - 00077656 ____A (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2013-07-05 22:42 - 2010-06-02 04:55 - 00074072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2013-07-05 22:42 - 2010-05-26 11:41 - 02526056 ____A (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2013-07-05 22:42 - 2010-05-26 11:41 - 02106216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2013-07-05 22:42 - 2010-05-26 11:41 - 00276832 ____A (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2013-07-05 22:42 - 2010-05-26 11:41 - 00248672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2013-07-05 22:41 - 2009-09-04 17:29 - 00523088 ____A (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2013-07-05 22:41 - 2009-09-04 17:29 - 00453456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2013-07-05 22:39 - 2006-11-29 13:06 - 04398360 ____A (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2013-07-05 22:39 - 2006-11-29 13:06 - 03426072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2013-07-05 22:37 - 2013-07-15 20:50 - 00000000 ____D C:\Users\***\AppData\Local\Windows Live
2013-06-21 05:16 - 2013-06-21 05:16 - 00566048 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe

==================== One Month Modified Files and Folders =======

2013-07-15 21:58 - 2013-07-15 21:57 - 00000619 ____A C:\Users\***\Desktop\JRT.txt
2013-07-15 21:54 - 2009-07-14 06:45 - 00015120 ___AH C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-15 21:54 - 2009-07-14 06:45 - 00015120 ___AH C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-15 21:51 - 2013-07-15 21:51 - 00000000 ____D C:\Windows\ERUNT
2013-07-15 21:50 - 2013-07-10 03:07 - 00000000 ____D C:\Users\***\AppData\Roaming\stickies
2013-07-15 21:50 - 2013-07-10 03:06 - 00000426 ____A C:\Windows\Tasks\SlimDrivers Startup.job
2013-07-15 21:50 - 2013-05-07 07:15 - 01755371 ____A C:\Windows\WindowsUpdate.log
2013-07-15 21:49 - 2013-07-15 21:49 - 00002002 ____A C:\Users\***\Desktop\AdwCleaner[S1].txt
2013-07-15 21:48 - 2013-07-10 03:06 - 00002868 ____A C:\Windows\System32\Tasks\SlimDrivers Startup
2013-07-15 21:47 - 2013-05-07 07:21 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-15 21:47 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-15 21:47 - 2009-07-14 06:51 - 00030543 ____A C:\Windows\setupact.log
2013-07-15 21:45 - 2013-07-15 21:45 - 00002050 ____A C:\AdwCleaner[S1].txt
2013-07-15 21:41 - 2013-07-15 21:41 - 00662345 ____A C:\Users\***\Desktop\adwcleaner.exe
2013-07-15 21:41 - 2013-07-15 21:41 - 00559441 ____A (Oleg N. Scherbakov) C:\Users\***\Desktop\JRT.exe
2013-07-15 21:37 - 2013-05-07 18:09 - 00021004 ____A C:\Windows\PFRO.log
2013-07-15 21:32 - 2013-07-15 21:11 - 00000000 ____D C:\ComboFix
2013-07-15 21:31 - 2013-07-15 21:31 - 00035027 ____A C:\ComboFix.txt
2013-07-15 21:31 - 2013-07-15 20:53 - 00000000 ____D C:\Qoobox
2013-07-15 21:31 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-07-15 21:29 - 2013-07-15 20:52 - 00000000 ____D C:\Windows\erdnt
2013-07-15 21:23 - 2009-07-14 04:34 - 00000215 ____A C:\Windows\system.ini
2013-07-15 20:56 - 2013-07-10 07:49 - 00002462 ____A C:\Windows\Sandboxie.ini
2013-07-15 20:51 - 2013-07-15 20:51 - 05089088 ____R (Swearware) C:\Users\***\Desktop\ComboFix.exe
2013-07-15 20:50 - 2013-07-05 22:37 - 00000000 ____D C:\Users\***\AppData\Local\Windows Live
2013-07-15 20:48 - 2013-07-11 00:41 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\stickies
2013-07-15 20:47 - 2013-07-15 20:47 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Dual Monitor
2013-07-15 20:47 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-07-15 20:25 - 2013-07-11 00:45 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Skype
2013-07-15 20:23 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-07-15 20:02 - 2013-07-15 19:28 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Nero
2013-07-15 19:28 - 2013-07-15 19:28 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Nero_AG
2013-07-15 19:28 - 2013-07-15 19:28 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Nero
2013-07-15 18:46 - 2013-07-15 18:46 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Logitech® Webcam-Software
2013-07-15 17:33 - 2013-07-15 17:33 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-07-15 17:33 - 2013-07-15 17:33 - 00000000 ____D C:\Program Files\Realtek
2013-07-15 17:32 - 2013-07-15 17:32 - 00001769 ____A C:\Windows\Language_trs.ini
2013-07-15 12:47 - 2013-07-11 00:57 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Windows Live
2013-07-14 00:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-07-13 23:11 - 2013-07-11 00:39 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\VirtualStore
2013-07-13 23:06 - 2013-07-13 23:06 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Apple
2013-07-11 02:41 - 2013-07-11 02:41 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\NVIDIA
2013-07-11 02:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-11 01:37 - 2013-07-11 01:37 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Adobe
2013-07-11 01:37 - 2013-07-11 00:39 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Adobe
2013-07-11 00:57 - 2013-07-11 00:57 - 00082944 ____A C:\Users\Kleines Flausch\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-11 00:57 - 2013-07-11 00:57 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Windows Live Writer
2013-07-11 00:57 - 2013-07-11 00:57 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Windows Live Writer
2013-07-11 00:47 - 2013-07-11 00:47 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Opera Software
2013-07-11 00:47 - 2013-07-11 00:47 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Opera Software
2013-07-11 00:45 - 2013-07-11 00:45 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Macromedia
2013-07-11 00:44 - 2013-07-11 00:44 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\TuneUp Software
2013-07-11 00:44 - 2013-07-11 00:44 - 00000000 ____D C:\Intel
2013-07-11 00:41 - 2013-07-11 00:41 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Apple Computer
2013-07-11 00:41 - 2013-07-11 00:41 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Toshiba
2013-07-11 00:39 - 2013-07-11 00:39 - 00000020 ___SH C:\Users\Kleines Flausch\ntuser.ini
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Vorlagen
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Startmenü
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Netzwerkumgebung
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Lokale Einstellungen
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Eigene Dateien
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Druckumgebung
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Documents\Eigene Musik
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Documents\Eigene Bilder
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\AppData\Local\Verlauf
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\AppData\Local\Anwendungsdaten
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Anwendungsdaten
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 ____D C:\Users\Kleines Flausch
2013-07-11 00:27 - 2013-07-11 00:27 - 00015501 ____A C:\Users\***\Desktop\Desktop.zip
2013-07-11 00:09 - 2013-07-11 00:09 - 00000000 ____D C:\FRST
2013-07-11 00:04 - 2009-07-14 19:58 - 00696620 ____A C:\Windows\system32\perfh007.dat
2013-07-11 00:04 - 2009-07-14 19:58 - 00147916 ____A C:\Windows\system32\perfc007.dat
2013-07-11 00:04 - 2009-07-14 07:13 - 01612484 ____A C:\Windows\system32\PerfStringBackup.INI
2013-07-10 23:11 - 2013-05-07 21:57 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-07-10 20:18 - 2013-07-10 07:09 - 00001363 ____A C:\Users\***\Desktop\Windows Error Lookup Tool.exe - Verknüpfung.lnk
2013-07-10 19:48 - 2013-05-07 07:22 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-10 19:48 - 2013-05-07 07:22 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-10 19:48 - 2013-05-07 07:21 - 00000000 ____D C:\Users\***\AppData\Local\Adobe
2013-07-10 19:29 - 2013-05-07 09:18 - 00000000 ____D C:\Users\***\AppData\Roaming\Skype
2013-07-10 19:12 - 2013-07-10 19:12 - 00003852 ____A C:\Windows\System32\Tasks\FileHippo.com-Online-Aktualisierungsprogramm
2013-07-10 19:10 - 2013-07-10 19:10 - 00002770 ____A C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2013-07-10 18:53 - 2013-07-10 18:53 - 01776889 ____A (Farbar) C:\Users\***\Desktop\FRST64.exe
2013-07-10 08:09 - 2013-07-10 08:09 - 00003042 ____A C:\Windows\System32\Tasks\PandaUSBVaccine
2013-07-10 08:09 - 2013-07-10 08:09 - 00000000 ____D C:\ProgramData\Panda Security
2013-07-10 08:04 - 2013-07-10 08:04 - 00000000 ____D C:\Program Files\Cygnus Software
2013-07-10 07:51 - 2013-07-10 07:51 - 00000000 ___RD C:\Sandbox
2013-07-10 07:49 - 2013-07-15 20:47 - 00000914 ____A C:\Users\Kleines Flausch\Desktop\Sandboxed Web Browser.lnk
2013-07-10 07:49 - 2013-07-10 07:49 - 00000914 ____A C:\Users\***\Desktop\Sandboxed Web Browser.lnk
2013-07-10 07:49 - 2013-07-10 07:49 - 00000000 ____D C:\Program Files\Sandboxie
2013-07-10 07:48 - 2013-07-10 07:48 - 00002003 ____A C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
2013-07-10 07:45 - 2013-07-06 02:39 - 00000000 ____D C:\Users\***\AppData\Roaming\TuneUp Software
2013-07-10 06:47 - 2013-07-10 06:47 - 00000000 ____D C:\Program Files\7-Zip
2013-07-10 05:46 - 2013-07-10 05:46 - 00377856 ____A C:\Users\***\Desktop\gmer_2.1.19163.exe
2013-07-10 05:42 - 2013-07-10 05:42 - 00000000 ____A C:\Users\***\defogger_reenable
2013-07-10 05:42 - 2013-05-07 07:15 - 00000000 ____D C:\Users\***
2013-07-10 05:41 - 2013-07-10 05:41 - 00050477 ____A C:\Users\***\Desktop\Defogger.exe
2013-07-10 05:36 - 2013-07-10 05:36 - 00602112 ____A (OldTimer Tools) C:\Users\***\Desktop\OTL.exe
2013-07-10 05:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Registration
2013-07-10 05:11 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2013-07-10 05:01 - 2013-06-07 05:38 - 00000193 ____A C:\Windows\spwdrgaa.INI
2013-07-10 04:21 - 2013-07-10 04:21 - 00000000 ____D C:\ProgramData\DualMonitor
2013-07-10 04:03 - 2013-07-10 04:03 - 00000000 ____D C:\Users\***\AppData\Roaming\Dual Monitor
2013-07-10 04:02 - 2013-07-10 02:12 - 00000081 ____A C:\Windows\spwdrhgsa.INI
2013-07-10 03:34 - 2013-07-10 03:34 - 00002109 ____A C:\Users\Public\Desktop\Nero Kwik Media.lnk
2013-07-10 03:34 - 2013-07-06 02:09 - 00000000 ____D C:\ProgramData\Nero
2013-07-10 03:27 - 2009-07-14 06:45 - 00335528 ____A C:\Windows\system32\FNTCACHE.DAT
2013-07-10 03:19 - 2013-07-10 03:19 - 00000000 ____D C:\Users\***\Documents\Apowersoft Free Screen Recorder
2013-07-10 03:17 - 2013-07-10 03:17 - 00000000 ____D C:\Users\***\AppData\Roaming\Apowersoft
2013-07-10 03:11 - 2013-07-10 03:11 - 00000000 ____D C:\Users\***\AppData\Local\Google
2013-07-10 03:11 - 2013-05-07 07:25 - 00082944 ____A C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-10 03:07 - 2013-07-10 03:07 - 00000625 ____A C:\Windows\uninstallstickies.bat
2013-07-10 03:06 - 2013-07-10 03:06 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2013-07-10 03:06 - 2013-07-10 03:06 - 00000000 ____D C:\Users\***\AppData\Local\SlimWare Utilities Inc
2013-07-10 03:05 - 2013-07-10 03:05 - 00000987 ____A C:\Users\***\Desktop\RecycleBinEx.lnk
2013-07-10 03:03 - 2013-07-10 03:03 - 00003310 ____A C:\Windows\System32\Tasks\RunAsStdUser Task
2013-07-10 03:03 - 2013-07-10 03:03 - 00001257 ____A C:\Users\***\Desktop\Moo0 Connection Watcher 1.55.lnk
2013-07-10 03:03 - 2013-07-10 03:03 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Moo0
2013-07-10 03:03 - 2013-05-07 07:16 - 00000000 ___RD C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-10 02:58 - 2013-07-10 02:58 - 00000796 ____A C:\Users\***\Desktop\Listary.lnk
2013-07-10 02:58 - 2013-07-10 02:58 - 00000000 ____D C:\Users\***\AppData\Roaming\Listary
2013-07-10 02:58 - 2013-07-10 02:58 - 00000000 ____D C:\Program Files\Listary
2013-07-10 02:55 - 2013-07-10 02:55 - 00001969 ____A C:\Users\Public\Desktop\LauschAngriff.lnk
2013-07-10 02:55 - 2013-07-10 02:55 - 00000020 ____A C:\Windows\LauschAngriff.ini
2013-07-10 02:54 - 2013-07-10 02:54 - 00000000 ___RD C:\Users\***\Documents\Notes
2013-07-10 02:54 - 2013-07-10 02:54 - 00000000 ____D C:\Users\***\AppData\Local\Tools&More
2013-07-10 02:53 - 2013-07-10 02:53 - 00001942 ____A C:\Users\Public\Desktop\Joe.lnk
2013-07-10 02:53 - 2013-07-10 02:53 - 00000000 ____D C:\Windows\Downloaded Installations
2013-07-10 02:51 - 2013-07-10 02:51 - 00037897 ____A C:\Windows\Hardcopy.log
2013-07-10 02:51 - 2013-07-10 02:51 - 00003172 ____A C:\Windows\System32\Tasks\hcdll2_ex_Win32
2013-07-10 02:51 - 2013-07-10 02:51 - 00003168 ____A C:\Windows\System32\Tasks\hcdll2_ex_x64
2013-07-10 02:51 - 2013-07-10 02:51 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hardcopy - Bildschirmausdruck
2013-07-10 02:36 - 2013-07-05 23:16 - 00000000 ____D C:\ProgramData\Adobe
2013-07-10 02:35 - 2013-05-07 07:22 - 00000000 ____D C:\Users\***\AppData\Roaming\Adobe
2013-07-10 02:00 - 2013-07-10 02:00 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-07-10 02:00 - 2013-07-05 23:12 - 00000000 ____D C:\ProgramData\Apple Computer
2013-07-10 01:48 - 2013-07-10 01:48 - 00000000 ____D C:\Users\***\AppData\Local\Nero_AG
2013-07-10 01:29 - 2013-05-07 21:43 - 00000000 ____D C:\Users\***\AppData\Local\CrashDumps
2013-07-10 01:26 - 2013-07-10 01:26 - 00000000 ____D C:\Users\***\AppData\Roaming\Nero
2013-07-10 01:11 - 2013-07-10 01:10 - 00000000 ____D C:\Windows\system32\MRT
2013-07-10 01:02 - 2013-07-05 23:10 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-10 01:01 - 2009-07-14 20:18 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-10 01:01 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-10 00:57 - 2013-07-10 00:57 - 00056072 ____A (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2013-07-10 00:57 - 2013-07-10 00:57 - 00047368 ____A (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll
2013-07-10 00:57 - 2013-07-10 00:57 - 00000000 ____D C:\Users\***\AppData\Local\Comodo
2013-07-10 00:56 - 2013-07-10 00:56 - 01700352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2013-07-10 00:56 - 2013-07-10 00:56 - 01060864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2013-07-10 00:56 - 2013-07-10 00:56 - 00348160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2013-07-10 00:44 - 2013-07-11 00:39 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Microsoft Help
2013-07-10 00:44 - 2013-07-10 00:44 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-07-10 00:44 - 2013-07-10 00:44 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-07-10 00:44 - 2013-05-07 22:21 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-07 15:17 - 2013-07-07 15:17 - 00000017 ____A C:\Users\***\AppData\Local\resmon.resmoncfg
2013-07-06 02:39 - 2013-07-06 02:36 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-07-06 02:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Cursors
2013-07-06 01:40 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-07-05 23:37 - 2013-07-05 23:13 - 00000000 ____D C:\Users\***\AppData\Roaming\Apple Computer
2013-07-05 23:36 - 2013-05-07 07:16 - 00000000 ____D C:\Users\***\AppData\Local\VirtualStore
2013-07-05 23:34 - 2013-07-05 23:34 - 00000000 ____D C:\Program Files\iTunes
2013-07-05 23:32 - 2013-07-05 23:30 - 00000000 ____D C:\Windows\system32\appmgmt
2013-07-05 23:13 - 2013-07-05 23:13 - 00000000 ____D C:\Users\***\AppData\Local\Apple Computer
2013-07-05 23:12 - 2013-07-05 23:12 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-07-05 23:12 - 2013-07-05 23:12 - 00000000 ____D C:\Users\***\AppData\Local\Apple
2013-07-05 23:12 - 2013-07-05 23:12 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-07-05 23:12 - 2013-07-05 23:11 - 00000000 ____D C:\ProgramData\Apple
2013-07-05 23:11 - 2013-07-05 23:11 - 00000000 ____D C:\Program Files\Bonjour
2013-07-05 23:06 - 2013-07-05 23:06 - 00003062 ____A C:\Windows\System32\Tasks\{BD19309D-E1CE-4D04-A172-796E35440276}
2013-07-05 22:52 - 2013-07-05 22:52 - 00000000 ____D C:\Users\***\AppData\Roaming\Windows Live Writer
2013-07-05 22:52 - 2013-07-05 22:52 - 00000000 ____D C:\Users\***\AppData\Local\Windows Live Writer
2013-07-05 22:51 - 2013-07-05 22:51 - 00000000 ____D C:\Windows\de
2013-07-05 22:47 - 2013-07-05 22:47 - 00000000 ____D C:\Program Files\Windows Live
2013-06-24 00:57 - 2013-05-07 14:00 - 78277128 ____A (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-06-21 14:06 - 2013-05-07 21:18 - 27781920 ____A (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 25256224 ____A (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 21102368 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 17560352 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 15144928 ____A (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 13411896 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 11235104 ____A (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-06-21 14:06 - 2013-05-07 21:18 - 09239344 ____A (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 07687592 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 07641832 ____A (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 06324360 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 02953504 ____A (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 02777888 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 02363680 ____A (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 02002720 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 01832224 ____A (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 01511712 ____A (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 00925648 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 00572704 ____A (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 00570656 ____A (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 00467232 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 00465184 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 00266448 ____A (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 00218592 ____A (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 00214448 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 00181488 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-06-21 14:06 - 2013-05-07 07:20 - 00061216 ____A (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-06-21 14:06 - 2013-05-07 07:20 - 00053024 ____A (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-06-21 14:06 - 2013-02-26 00:32 - 15920536 ____A (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-06-21 14:06 - 2013-02-26 00:32 - 12427240 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-06-21 14:06 - 2013-02-26 00:32 - 02936208 ____A (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-06-21 14:06 - 2013-02-26 00:32 - 02597856 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-06-21 14:06 - 2013-02-26 00:32 - 01059560 ____A (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-06-21 14:06 - 2013-02-26 00:32 - 00021578 ____A C:\Windows\system32\nvinfo.pb
2013-06-21 12:23 - 2013-05-07 07:20 - 06496544 ____A (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-06-21 12:23 - 2013-05-07 07:20 - 03514656 ____A (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-06-21 12:23 - 2013-05-07 07:20 - 02555680 ____A (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-06-21 12:23 - 2013-05-07 07:20 - 00884512 ____A (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-06-21 12:23 - 2013-05-07 07:20 - 00237856 ____A (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-06-21 12:23 - 2013-05-07 07:20 - 00063776 ____A (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-06-21 05:16 - 2013-06-21 05:16 - 00566048 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-06-20 06:17 - 2013-05-07 07:20 - 03253909 ____A C:\Windows\system32\nvcoproc.bin

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-14 00:28

==================== End Of Log ============================
         
--- --- ---

Alt 16.07.2013, 07:14   #12
schrauber
/// the machine
/// TB-Ausbilder
 

desk365 installiert - Standard

desk365 installiert




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.07.2013, 10:17   #13
Laschmunzel
 
desk365 installiert - Standard

desk365 installiert



Hallo schrauber!

Na Eset is ein ganz schöner Auftrag - wohl sehr gründlich das Tool - hat gedauert. Angehängt alle meine neuen Logs:

ESET:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internet# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=d2efa2f3fc85c34d83a0d5cd8ea23b24
# engine=14409
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-07-16 08:57:31
# local_time=2013-07-16 10:57:31 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3591 16777213 100 91 123230 136590435 0 0
# compatibility_mode=5893 16776574 100 94 554189 125594901 0 0
# scanned=212091
# found=0
# cleaned=0
# scan_time=8290
         
Checkup:

Code:
ATTFilter
Results of screen317's Security Check version 0.99.69  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
Norton Internet Security   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 TuneUp Utilities 2013   
 TuneUp Utilities Language Pack (de-DE) 
 Adobe Flash Player 11.8.800.94  
 Adobe Reader XI  
````````Process Check: objlist.exe by Laurent````````  
 Norton ccSvcHst.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
neues Frst:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-07-2013 01 (ATTENTION: FRST version is 6 days old)
Ran by *** (administrator) on 16-07-2013 11:10:52
Running from C:\Users\***\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Cristi) C:\Program Files (x86)\Dual Monitor\DualMonitor.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
(Opera Software) C:\Program Files (x86)\Opera\15.0.1147.141\opera.exe
() C:\Program Files (x86)\Opera\15.0.1147.141\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\15.0.1147.141\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\15.0.1147.141\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\15.0.1147.141\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\15.0.1147.141\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\15.0.1147.141\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\15.0.1147.141\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\15.0.1147.141\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\15.0.1147.141\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\15.0.1147.141\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\15.0.1147.141\opera.exe
(Corel) C:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7833120 2009-05-23] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-05-23] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Nvtmru] - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [1028896 2013-07-03] (NVIDIA Corporation)
HKCU\...\Run: [ftweak_recyclebinex] - C:\Program Files (x86)\RecycleBinEx\recyclebinex.exe -autocleanupwithoption -close [2313728 2010-05-30] (FTweak Inc.)
HKCU\...\Run: [dualmonitor] - C:\Program Files (x86)\Dual Monitor\DualMonitor.exe [478720 2013-02-18] (Cristi)
HKCU\...\Run: [SandboxieControl] - "C:\Program Files\Sandboxie\SbieCtrl.exe" [759384 2013-07-08] (Sandboxie Holdings, LLC)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
HKLM-x32\...\Run: [ITSecMng] - %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START [83336 2009-07-22] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [MultiScreen] - C:\Program Files (x86)\MultiScreen\MultiScreen.exe [114688 2008-02-22] ()
HKLM-x32\...\Run: [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Standby] - "C:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe" -START [105632 2010-03-19] (Corel)
HKU\Default\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\Kleines Flausch\...\Run: [ftweak_recyclebinex] - C:\Program Files (x86)\RecycleBinEx\recyclebinex.exe -autocleanupwithoption -close [2313728 2010-05-30] (FTweak Inc.)
HKU\Kleines Flausch\...\Run: [dualmonitor] - C:\Program Files (x86)\Dual Monitor\DualMonitor.exe [478720 2013-02-18] (Cristi)
HKU\Kleines Flausch\...\Run: [SandboxieControl] - "C:\Program Files\Sandboxie\SbieCtrl.exe" [759384 2013-07-08] (Sandboxie Holdings, LLC)
IMEO\spwdrgaa.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IMEO\unins000.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Start Menu\Programs\Startup\Bluetooth Manager.lnk
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\NCProTray.lnk
ShortcutTarget: NCProTray.lnk -> C:\Program Files (x86)\SEC\Natural Color Pro\NCProTray.exe (Samsung)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Stickies.lnk
ShortcutTarget: Stickies.lnk -> C:\Program Files (x86)\Stickies\stickies.exe (Zhorn Software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 212.186.211.21 195.34.133.21

==================== Services (Whitelisted) =================

R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2095752 2013-06-20] ()
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
S3 iPod Service; C:\Program Files (x86)\iPod\bin\iPodService.exe [641352 2013-05-31] (Apple Inc.)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [183896 2013-07-08] (Sandboxie Holdings, LLC)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2401632 2012-11-29] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-01] (Wondershare)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-05-20] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-05-20] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-07-05] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-07-05] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-07-05] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20130713.001\IDSvia64.sys [513184 2013-07-04] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20130713.001\IDSvia64.sys [513184 2013-07-04] (Symantec Corporation)
S3 MagicTune; C:\Windows\SysWow64\drivers\MTiCtwl.sys [13312 2006-08-28] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130715.033\ENG64.SYS [126040 2013-07-15] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130715.033\ENG64.SYS [126040 2013-07-15] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130715.033\EX64.SYS [2098776 2013-07-15] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130715.033\EX64.SYS [2098776 2013-07-15] (Symantec Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [199384 2013-07-08] (Sandboxie Holdings, LLC)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 SMR322; C:\Windows\System32\drivers\SMR322.SYS [96856 2013-07-16] (Symantec Corporation)
R3 SRTSP; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-15] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2013-07-16] ()
R0 SymDS; C:\Windows\System32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-20] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-05-07] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2012-07-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-07-19] (TuneUp Software)
R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [90960 2013-03-15] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [633680 2013-03-15] (Paragon)
R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [390352 2013-03-15] (Paragon)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 MagicTune; system32\drivers\MTiCtwl.sys [x]
S1 NCPro; \SystemRoot\system32\drivers\MTictwl.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-16 11:09 - 2013-07-16 11:09 - 00000781 ____A C:\Users\***\Desktop\checkup.txt
2013-07-16 11:05 - 2013-07-16 11:05 - 00002280 ____A C:\Users\***\Desktop\ESET.txt
2013-07-16 10:59 - 2013-07-16 10:59 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-16 10:59 - 2013-07-16 10:59 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-16 10:59 - 2013-07-16 10:59 - 00003822 ____A C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-16 10:59 - 2013-07-16 10:59 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-16 10:40 - 2000-01-01 02:00 - 00053248 ____A (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2013-07-16 10:23 - 2013-07-16 10:23 - 00000000 ____D C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2013-07-16 08:34 - 2013-07-16 08:34 - 00096856 ____A (Symantec Corporation) C:\Windows\system32\Drivers\SMR322.SYS
2013-07-16 08:34 - 2013-07-16 08:34 - 00000020 ____A C:\Windows\system32\Drivers\SMR322.dat
2013-07-16 08:30 - 2013-07-16 08:30 - 00891022 ____A C:\Users\***\Desktop\SecurityCheck.exe
2013-07-16 08:21 - 2013-07-16 08:34 - 00000000 ____D C:\Users\***\AppData\Local\NPE
2013-07-16 08:19 - 2013-07-16 08:19 - 02989560 ____A (Symantec Corporation) C:\Users\***\Desktop\NPE.exe
2013-07-16 08:18 - 2013-07-16 08:19 - 214807824 ____A C:\Users\***\Desktop\20130715-033-v5i64.exe
2013-07-16 08:16 - 2013-07-16 08:16 - 00000000 ____D C:\Windows\System32\Tasks\Games
2013-07-16 08:04 - 2013-07-16 08:22 - 00003766 ____A C:\Windows\System32\Tasks\***
2013-07-16 08:02 - 2013-07-16 10:36 - 00004248 ____A C:\Windows\System32\Tasks\*** Nero LIVEBackup 6 0
2013-07-16 08:02 - 2013-07-16 10:02 - 00003522 ____A C:\Windows\System32\Tasks\*** NBAgent 6 0
2013-07-16 08:02 - 2013-07-16 08:02 - 00003808 ____A C:\Windows\System32\Tasks\*** Nero LIVEBackup Merge 6 0
2013-07-16 07:54 - 2013-07-16 07:54 - 00000000 ____D C:\Windows\pss
2013-07-16 07:36 - 2013-07-16 07:36 - 00000000 ____D C:\archive_db
2013-07-16 07:14 - 2013-07-16 07:14 - 00002489 ____A C:\Users\***\Desktop\Paragon Backup & Recovery™ 2013 Free.lnk
2013-07-16 07:14 - 2013-07-16 07:14 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paragon Backup & Recovery™ 2013 Free
2013-07-16 07:14 - 2013-07-16 07:14 - 00000000 ____D C:\ProgramData\launcher
2013-07-16 07:14 - 2013-07-16 07:14 - 00000000 ____D C:\ProgramData\explauncher
2013-07-16 07:14 - 2013-07-16 07:14 - 00000000 ____D C:\ProgramData\backup
2013-07-16 04:51 - 2013-07-16 04:51 - 00004114 ____A C:\Windows\System32\Tasks\Kleines Flausch2
2013-07-16 04:50 - 2013-07-16 04:50 - 00004112 ____A C:\Windows\System32\Tasks\Kleines Flausch
2013-07-16 04:49 - 2013-07-16 04:49 - 00003530 ____A C:\Windows\System32\Tasks\Kleines Flausch NBAgent 6 0
2013-07-16 01:09 - 2013-07-16 01:09 - 00003473 ____A C:\Users\***\Documents\Linuxforum_opensusestart.txt
2013-07-16 00:55 - 2013-07-16 00:55 - 00001106 ____A C:\Users\UpdatusUser\Desktop\EVEREST Home Edition.lnk
2013-07-16 00:55 - 2013-07-16 00:55 - 00001106 ____A C:\Users\Kleines Flausch\Desktop\EVEREST Home Edition.lnk
2013-07-16 00:55 - 2013-07-16 00:55 - 00001106 ____A C:\Users\***\Desktop\EVEREST Home Edition.lnk
2013-07-15 23:07 - 2013-07-16 07:51 - 00000000 ___RD C:\Users\***\Dropbox
2013-07-15 23:07 - 2013-07-15 23:07 - 00001050 ____A C:\Users\***\Desktop\Dropbox.lnk
2013-07-15 23:06 - 2013-07-15 23:06 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-07-15 23:05 - 2013-07-16 07:58 - 00000000 ____D C:\Users\***\AppData\Roaming\Dropbox
2013-07-15 21:51 - 2013-07-15 21:51 - 00000000 ____D C:\Windows\ERUNT
2013-07-15 21:45 - 2013-07-15 21:45 - 00002050 ____A C:\AdwCleaner[S1].txt
2013-07-15 21:41 - 2013-07-15 21:41 - 00662345 ____A C:\Users\***\Desktop\adwcleaner.exe
2013-07-15 21:41 - 2013-07-15 21:41 - 00559441 ____A (Oleg N. Scherbakov) C:\Users\***\Desktop\JRT.exe
2013-07-15 21:31 - 2013-07-15 21:31 - 00035027 ____A C:\ComboFix.txt
2013-07-15 21:11 - 2013-07-15 21:32 - 00000000 ____D C:\ComboFix
2013-07-15 20:55 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2013-07-15 20:55 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2013-07-15 20:55 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-07-15 20:55 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-07-15 20:55 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-07-15 20:55 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2013-07-15 20:55 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2013-07-15 20:55 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2013-07-15 20:53 - 2013-07-15 21:31 - 00000000 ____D C:\Qoobox
2013-07-15 20:52 - 2013-07-15 21:29 - 00000000 ____D C:\Windows\erdnt
2013-07-15 20:51 - 2013-07-15 20:51 - 05089088 ____R (Swearware) C:\Users\***\Desktop\ComboFix.exe
2013-07-15 20:47 - 2013-07-15 20:47 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Dual Monitor
2013-07-15 20:47 - 2013-07-10 07:49 - 00000914 ____A C:\Users\Kleines Flausch\Desktop\Sandboxed Web Browser.lnk
2013-07-15 19:28 - 2013-07-16 05:17 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Nero
2013-07-15 19:28 - 2013-07-16 04:39 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Nero_AG
2013-07-15 19:28 - 2013-07-15 20:02 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Nero
2013-07-15 18:46 - 2013-07-15 18:46 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Logitech® Webcam-Software
2013-07-15 17:33 - 2013-07-15 17:33 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-07-15 17:33 - 2013-07-15 17:33 - 00000000 ____D C:\Program Files\Realtek
2013-07-15 17:32 - 2013-07-15 17:32 - 00001769 ____A C:\Windows\Language_trs.ini
2013-07-15 17:32 - 2009-05-23 02:04 - 01762080 ____A (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2013-07-15 17:32 - 2009-05-23 00:21 - 01277984 ____A (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2013-07-15 17:32 - 2009-05-23 00:21 - 00611360 ____A (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2013-07-15 17:32 - 2009-05-23 00:21 - 00332320 ____A (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2013-07-15 17:32 - 2009-05-23 00:21 - 00149536 ____A (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2013-07-15 17:32 - 2009-05-23 00:20 - 01603104 ____A (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2013-07-15 17:32 - 2009-05-23 00:20 - 01163296 ____A (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2013-07-15 17:32 - 2009-05-23 00:20 - 00417824 ____A (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2013-07-15 17:32 - 2009-05-23 00:20 - 00058400 ____A (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInst64.dll
2013-07-15 17:32 - 2009-04-16 17:23 - 00540672 ____A (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2013-07-15 17:32 - 2009-04-16 10:13 - 00166400 ____A (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2013-07-15 17:32 - 2009-03-31 14:02 - 00108032 ____A (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2013-07-15 17:32 - 2009-03-09 05:32 - 00304640 ____A (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2013-07-15 17:32 - 2009-03-09 05:30 - 00304640 ____A (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2013-07-15 17:32 - 2009-02-12 17:14 - 00176640 ____A (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\FMAPO64.dll
2013-07-15 17:32 - 2008-11-09 11:57 - 00311296 ____A (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2013-07-15 17:32 - 2008-04-30 08:48 - 00193536 ____A (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2013-07-15 17:32 - 2007-07-25 09:34 - 00150528 ____A (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2013-07-15 17:32 - 2007-05-17 11:26 - 00211376 ____A (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2013-07-15 17:32 - 2006-12-13 10:30 - 00513536 ____A (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2013-07-13 23:06 - 2013-07-13 23:06 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Apple
2013-07-11 02:41 - 2013-07-11 02:41 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\NVIDIA
2013-07-11 01:37 - 2013-07-11 01:37 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Adobe
2013-07-11 00:57 - 2013-07-16 01:58 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Windows Live
2013-07-11 00:57 - 2013-07-11 00:57 - 00082944 ____A C:\Users\Kleines Flausch\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-11 00:57 - 2013-07-11 00:57 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Windows Live Writer
2013-07-11 00:57 - 2013-07-11 00:57 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Windows Live Writer
2013-07-11 00:47 - 2013-07-11 00:47 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Opera Software
2013-07-11 00:47 - 2013-07-11 00:47 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Opera Software
2013-07-11 00:45 - 2013-07-16 04:29 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Skype
2013-07-11 00:45 - 2013-07-11 00:45 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Macromedia
2013-07-11 00:44 - 2013-07-11 00:44 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\TuneUp Software
2013-07-11 00:44 - 2013-07-11 00:44 - 00000000 ____D C:\Intel
2013-07-11 00:41 - 2013-07-16 04:09 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\stickies
2013-07-11 00:41 - 2013-07-11 00:41 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Apple Computer
2013-07-11 00:41 - 2013-07-11 00:41 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Toshiba
2013-07-11 00:39 - 2013-07-13 23:11 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\VirtualStore
2013-07-11 00:39 - 2013-07-11 01:37 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Adobe
2013-07-11 00:39 - 2013-07-11 00:39 - 00000020 ___SH C:\Users\Kleines Flausch\ntuser.ini
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Vorlagen
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Startmenü
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Netzwerkumgebung
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Lokale Einstellungen
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Eigene Dateien
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Druckumgebung
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Documents\Eigene Musik
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Documents\Eigene Bilder
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\AppData\Local\Verlauf
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\AppData\Local\Anwendungsdaten
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Anwendungsdaten
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 ____D C:\Users\Kleines Flausch
2013-07-11 00:39 - 2013-07-10 00:44 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Microsoft Help
2013-07-11 00:09 - 2013-07-11 00:09 - 00000000 ____D C:\FRST
2013-07-10 19:12 - 2013-07-10 19:12 - 00003852 ____A C:\Windows\System32\Tasks\FileHippo.com-Online-Aktualisierungsprogramm
2013-07-10 19:10 - 2013-07-10 19:10 - 00002770 ____A C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2013-07-10 18:53 - 2013-07-10 18:53 - 01776889 ____A (Farbar) C:\Users\***\Desktop\FRST64.exe
2013-07-10 08:09 - 2013-07-10 08:09 - 00003042 ____A C:\Windows\System32\Tasks\PandaUSBVaccine
2013-07-10 08:09 - 2013-07-10 08:09 - 00000000 ____D C:\ProgramData\Panda Security
2013-07-10 08:04 - 2013-07-10 08:04 - 00000000 ____D C:\Program Files\Cygnus Software
2013-07-10 07:51 - 2013-07-10 07:51 - 00000000 ___RD C:\Sandbox
2013-07-10 07:49 - 2013-07-15 20:56 - 00002462 ____A C:\Windows\Sandboxie.ini
2013-07-10 07:49 - 2013-07-10 07:49 - 00000914 ____A C:\Users\***\Desktop\Sandboxed Web Browser.lnk
2013-07-10 07:49 - 2013-07-10 07:49 - 00000000 ____D C:\Program Files\Sandboxie
2013-07-10 07:48 - 2013-07-10 07:48 - 00002003 ____A C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
2013-07-10 07:09 - 2013-07-10 20:18 - 00001363 ____A C:\Users\***\Desktop\Windows Error Lookup Tool.exe - Verknüpfung.lnk
2013-07-10 06:47 - 2013-07-10 06:47 - 00000000 ____D C:\Program Files\7-Zip
2013-07-10 05:46 - 2013-07-10 05:46 - 00377856 ____A C:\Users\***\Desktop\gmer_2.1.19163.exe
2013-07-10 05:42 - 2013-07-10 05:42 - 00000000 ____A C:\Users\***\defogger_reenable
2013-07-10 05:41 - 2013-07-10 05:41 - 00050477 ____A C:\Users\***\Desktop\Defogger.exe
2013-07-10 05:36 - 2013-07-10 05:36 - 00602112 ____A (OldTimer Tools) C:\Users\***\Desktop\OTL.exe
2013-07-10 04:21 - 2013-07-10 04:21 - 00000000 ____D C:\ProgramData\DualMonitor
2013-07-10 04:03 - 2013-07-10 04:03 - 00000000 ____D C:\Users\***\AppData\Roaming\Dual Monitor
2013-07-10 03:34 - 2013-07-10 03:34 - 00002109 ____A C:\Users\Public\Desktop\Nero Kwik Media.lnk
2013-07-10 03:19 - 2013-07-10 03:19 - 00000000 ____D C:\Users\***\Documents\Apowersoft Free Screen Recorder
2013-07-10 03:18 - 2013-06-01 20:07 - 00443568 ___AH (Bytescout) C:\Windows\SysWOW64\ApowersoftScreenCapturing.dll
2013-07-10 03:18 - 2013-06-01 20:07 - 00271536 ___AH (Bytescout) C:\Windows\SysWOW64\ApowersoftScreenCapturingFilter.dll
2013-07-10 03:18 - 2013-06-01 20:07 - 00181424 ___AH (Bytescout) C:\Windows\SysWOW64\ApowersoftVideoMixerFilter.dll
2013-07-10 03:18 - 2013-06-01 13:56 - 00031920 ____A (Wondershare) C:\Windows\system32\Drivers\Apowersoft_AudioDevice.sys
2013-07-10 03:17 - 2013-07-10 03:17 - 00000000 ____D C:\Users\***\AppData\Roaming\Apowersoft
2013-07-10 03:11 - 2013-07-10 03:11 - 00000000 ____D C:\Users\***\AppData\Local\Google
2013-07-10 03:07 - 2013-07-16 08:37 - 00000000 ____D C:\Users\***\AppData\Roaming\stickies
2013-07-10 03:07 - 2013-07-10 03:07 - 00000625 ____A C:\Windows\uninstallstickies.bat
2013-07-10 03:06 - 2013-07-16 10:34 - 00016152 ____A C:\Windows\system32\Drivers\SWDUMon.sys
2013-07-10 03:06 - 2013-07-16 10:34 - 00002868 ____A C:\Windows\System32\Tasks\SlimDrivers Startup
2013-07-10 03:06 - 2013-07-16 10:34 - 00000426 ____A C:\Windows\Tasks\SlimDrivers Startup.job
2013-07-10 03:06 - 2013-07-10 03:06 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2013-07-10 03:06 - 2013-07-10 03:06 - 00000000 ____D C:\Users\***\AppData\Local\SlimWare Utilities Inc
2013-07-10 03:05 - 2013-07-10 03:05 - 00000987 ____A C:\Users\***\Desktop\RecycleBinEx.lnk
2013-07-10 03:03 - 2013-07-10 03:03 - 00003310 ____A C:\Windows\System32\Tasks\RunAsStdUser Task
2013-07-10 03:03 - 2013-07-10 03:03 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Moo0
2013-07-10 02:58 - 2013-07-10 02:58 - 00000796 ____A C:\Users\***\Desktop\Listary.lnk
2013-07-10 02:58 - 2013-07-10 02:58 - 00000000 ____D C:\Users\***\AppData\Roaming\Listary
2013-07-10 02:58 - 2013-07-10 02:58 - 00000000 ____D C:\Program Files\Listary
2013-07-10 02:55 - 2013-07-10 02:55 - 00001969 ____A C:\Users\Public\Desktop\LauschAngriff.lnk
2013-07-10 02:55 - 2013-07-10 02:55 - 00000020 ____A C:\Windows\LauschAngriff.ini
2013-07-10 02:54 - 2013-07-10 02:54 - 00000000 ___RD C:\Users\***\Documents\Notes
2013-07-10 02:54 - 2013-07-10 02:54 - 00000000 ____D C:\Users\***\AppData\Local\Tools&More
2013-07-10 02:53 - 2013-07-10 02:53 - 00001942 ____A C:\Users\Public\Desktop\Joe.lnk
2013-07-10 02:53 - 2013-07-10 02:53 - 00000000 ____D C:\Windows\Downloaded Installations
2013-07-10 02:51 - 2013-07-10 02:51 - 00037897 ____A C:\Windows\Hardcopy.log
2013-07-10 02:51 - 2013-07-10 02:51 - 00003172 ____A C:\Windows\System32\Tasks\hcdll2_ex_Win32
2013-07-10 02:51 - 2013-07-10 02:51 - 00003168 ____A C:\Windows\System32\Tasks\hcdll2_ex_x64
2013-07-10 02:51 - 2013-07-10 02:51 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hardcopy - Bildschirmausdruck
2013-07-10 02:51 - 2012-07-12 07:18 - 01707520 ____A (www.sw4you.de Siegfried Weckmann) C:\Windows\SwSetupu.exe
2013-07-10 02:12 - 2013-07-10 04:02 - 00000081 ____A C:\Windows\spwdrhgsa.INI
2013-07-10 02:00 - 2013-07-10 02:00 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-07-10 01:51 - 2012-08-29 14:06 - 00016696 ____A (Nero AG) C:\Windows\system32\Drivers\NBVolUp.sys
2013-07-10 01:50 - 2012-08-29 13:59 - 00073016 ____A (Nero AG) C:\Windows\system32\Drivers\NBVol.sys
2013-07-10 01:48 - 2013-07-16 08:22 - 00000000 ____D C:\Users\***\AppData\Local\Nero_AG
2013-07-10 01:26 - 2013-07-16 00:28 - 00000000 ____D C:\Users\***\AppData\Roaming\Nero
2013-07-10 01:10 - 2013-07-10 01:11 - 00000000 ____D C:\Windows\system32\MRT
2013-07-10 00:57 - 2013-07-10 00:57 - 00056072 ____A (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2013-07-10 00:57 - 2013-07-10 00:57 - 00047368 ____A (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll
2013-07-10 00:57 - 2013-07-10 00:57 - 00000000 ____D C:\Users\***\AppData\Local\Comodo
2013-07-10 00:56 - 2013-07-10 00:56 - 01700352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2013-07-10 00:56 - 2013-07-10 00:56 - 01060864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2013-07-10 00:56 - 2013-07-10 00:56 - 00348160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2013-07-10 00:48 - 2013-06-12 01:43 - 14329856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-10 00:48 - 2013-06-12 01:43 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-10 00:48 - 2013-06-12 01:43 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-10 00:48 - 2013-06-12 01:43 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-10 00:48 - 2013-06-12 01:43 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-10 00:48 - 2013-06-12 01:43 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-10 00:48 - 2013-06-12 01:43 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-10 00:48 - 2013-06-12 01:42 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-10 00:48 - 2013-06-12 01:42 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-10 00:48 - 2013-06-12 01:42 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-10 00:48 - 2013-06-12 01:42 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-10 00:48 - 2013-06-12 01:42 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-10 00:48 - 2013-06-12 01:42 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-10 00:48 - 2013-06-12 01:26 - 02241024 ____A (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-10 00:48 - 2013-06-12 01:26 - 01365504 ____A (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-10 00:48 - 2013-06-12 01:26 - 00051712 ____A (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-10 00:48 - 2013-06-12 01:25 - 19238912 ____A (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-10 00:48 - 2013-06-12 01:25 - 15404032 ____A (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-10 00:48 - 2013-06-12 01:25 - 03958784 ____A (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-10 00:48 - 2013-06-12 01:25 - 02648576 ____A (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-10 00:48 - 2013-06-12 01:25 - 00855552 ____A (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-10 00:48 - 2013-06-12 01:25 - 00603136 ____A (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-10 00:48 - 2013-06-12 01:25 - 00526336 ____A (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-10 00:48 - 2013-06-12 01:25 - 00136704 ____A (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-10 00:48 - 2013-06-12 01:25 - 00067072 ____A (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-10 00:48 - 2013-06-12 01:25 - 00053248 ____A (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-10 00:48 - 2013-06-12 01:25 - 00039936 ____A (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-10 00:48 - 2013-06-12 00:51 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-10 00:48 - 2013-06-12 00:50 - 00089600 ____A (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-10 00:48 - 2013-06-07 05:22 - 02706432 ____A (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-10 00:48 - 2013-06-07 04:37 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-10 00:44 - 2013-07-10 00:44 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-07-10 00:44 - 2013-07-10 00:44 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-07-10 00:42 - 2013-06-05 05:34 - 03153920 ____A (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-10 00:42 - 2013-06-04 08:00 - 00624128 ____A (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-10 00:42 - 2013-06-04 06:53 - 00509440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 00:42 - 2013-05-06 08:03 - 01887744 ____A (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-10 00:42 - 2013-05-06 06:56 - 01620480 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-10 00:41 - 2013-04-10 01:34 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 00:41 - 2013-04-03 00:51 - 01643520 ____A (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-07 15:17 - 2013-07-07 15:17 - 00000017 ____A C:\Users\***\AppData\Local\resmon.resmoncfg
2013-07-07 14:51 - 2009-06-04 18:54 - 00408600 ____A (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys
2013-07-06 02:41 - 2012-11-29 17:06 - 00037216 ____A (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2013-07-06 02:41 - 2012-11-29 17:06 - 00029536 ____A (TuneUp Software) C:\Windows\SysWOW64\uxtuneup.dll
2013-07-06 02:40 - 2012-11-29 17:06 - 00034656 ____A (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2013-07-06 02:40 - 2012-11-29 17:06 - 00025952 ____A (TuneUp Software) C:\Windows\system32\authuitu.dll
2013-07-06 02:40 - 2012-11-29 17:06 - 00021344 ____A (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2013-07-06 02:39 - 2013-07-10 07:45 - 00000000 ____D C:\Users\***\AppData\Roaming\TuneUp Software
2013-07-06 02:36 - 2013-07-06 02:39 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-07-06 02:09 - 2013-07-10 03:34 - 00000000 ____D C:\ProgramData\Nero
2013-07-06 01:42 - 2010-05-26 11:41 - 01998168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2013-07-06 01:42 - 2010-05-26 11:41 - 01868128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2013-07-06 01:42 - 2010-05-26 11:41 - 00470880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2013-07-06 01:42 - 2009-09-04 17:29 - 01974616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2013-07-06 01:42 - 2009-09-04 17:29 - 01892184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2013-07-06 01:41 - 2008-10-15 06:22 - 04379984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2013-07-06 01:41 - 2007-07-19 18:14 - 03727720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2013-07-06 01:41 - 2007-05-16 16:45 - 03497832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2013-07-06 01:41 - 2006-03-31 12:40 - 02388176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2013-07-05 23:34 - 2013-07-05 23:34 - 00000000 ____D C:\Program Files\iTunes
2013-07-05 23:34 - 2012-08-21 13:01 - 00033240 ____A (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2013-07-05 23:30 - 2013-07-05 23:32 - 00000000 ____D C:\Windows\system32\appmgmt
2013-07-05 23:16 - 2013-07-10 02:36 - 00000000 ____D C:\ProgramData\Adobe
2013-07-05 23:16 - 2004-12-19 06:32 - 00038229 ____N (Generic) C:\Windows\SysWOW64\Drivers\StMp3Rec.sys
2013-07-05 23:13 - 2013-07-05 23:37 - 00000000 ____D C:\Users\***\AppData\Roaming\Apple Computer
2013-07-05 23:13 - 2013-07-05 23:13 - 00000000 ____D C:\Users\***\AppData\Local\Apple Computer
2013-07-05 23:12 - 2013-07-10 02:00 - 00000000 ____D C:\ProgramData\Apple Computer
2013-07-05 23:12 - 2013-07-05 23:12 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-07-05 23:12 - 2013-07-05 23:12 - 00000000 ____D C:\Users\***\AppData\Local\Apple
2013-07-05 23:12 - 2013-07-05 23:12 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-07-05 23:11 - 2013-07-05 23:12 - 00000000 ____D C:\ProgramData\Apple
2013-07-05 23:11 - 2013-07-05 23:11 - 00000000 ____D C:\Program Files\Bonjour
2013-07-05 23:10 - 2013-07-10 01:02 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-05 23:06 - 2013-07-05 23:06 - 00003062 ____A C:\Windows\System32\Tasks\{BD19309D-E1CE-4D04-A172-796E35440276}
2013-07-05 22:52 - 2013-07-05 22:52 - 00000000 ____D C:\Users\***\AppData\Roaming\Windows Live Writer
2013-07-05 22:52 - 2013-07-05 22:52 - 00000000 ____D C:\Users\***\AppData\Local\Windows Live Writer
2013-07-05 22:51 - 2013-07-05 22:51 - 00000000 ____D C:\Windows\de
2013-07-05 22:47 - 2013-07-05 22:47 - 00000000 ____D C:\Program Files\Windows Live
2013-07-05 22:42 - 2010-06-02 04:55 - 00527192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2013-07-05 22:42 - 2010-06-02 04:55 - 00518488 ____A (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2013-07-05 22:42 - 2010-06-02 04:55 - 00077656 ____A (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2013-07-05 22:42 - 2010-06-02 04:55 - 00074072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2013-07-05 22:42 - 2010-05-26 11:41 - 02526056 ____A (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2013-07-05 22:42 - 2010-05-26 11:41 - 02106216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2013-07-05 22:42 - 2010-05-26 11:41 - 00276832 ____A (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2013-07-05 22:42 - 2010-05-26 11:41 - 00248672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2013-07-05 22:41 - 2009-09-04 17:29 - 00523088 ____A (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2013-07-05 22:41 - 2009-09-04 17:29 - 00453456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2013-07-05 22:39 - 2006-11-29 13:06 - 04398360 ____A (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2013-07-05 22:39 - 2006-11-29 13:06 - 03426072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2013-07-05 22:37 - 2013-07-16 10:24 - 00000000 ____D C:\Users\***\AppData\Local\Windows Live
2013-06-21 05:16 - 2013-06-21 05:16 - 00566048 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe

==================== One Month Modified Files and Folders =======

2013-07-16 11:09 - 2013-07-16 11:09 - 00000781 ____A C:\Users\***\Desktop\checkup.txt
2013-07-16 11:05 - 2013-07-16 11:05 - 00002280 ____A C:\Users\***\Desktop\ESET.txt
2013-07-16 10:59 - 2013-07-16 10:59 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-16 10:59 - 2013-07-16 10:59 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-16 10:59 - 2013-07-16 10:59 - 00003822 ____A C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-16 10:59 - 2013-07-16 10:59 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-16 10:58 - 2013-05-07 07:21 - 00000000 ____D C:\Users\***\AppData\Local\Adobe
2013-07-16 10:36 - 2013-07-16 08:02 - 00004248 ____A C:\Windows\System32\Tasks\*** Nero LIVEBackup 6 0
2013-07-16 10:34 - 2013-07-10 03:06 - 00016152 ____A C:\Windows\system32\Drivers\SWDUMon.sys
2013-07-16 10:34 - 2013-07-10 03:06 - 00002868 ____A C:\Windows\System32\Tasks\SlimDrivers Startup
2013-07-16 10:34 - 2013-07-10 03:06 - 00000426 ____A C:\Windows\Tasks\SlimDrivers Startup.job
2013-07-16 10:24 - 2013-07-05 22:37 - 00000000 ____D C:\Users\***\AppData\Local\Windows Live
2013-07-16 10:23 - 2013-07-16 10:23 - 00000000 ____D C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2013-07-16 10:07 - 2009-07-14 06:45 - 00015120 ___AH C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-16 10:07 - 2009-07-14 06:45 - 00015120 ___AH C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-16 10:02 - 2013-07-16 08:02 - 00003522 ____A C:\Windows\System32\Tasks\*** NBAgent 6 0
2013-07-16 08:37 - 2013-07-10 03:07 - 00000000 ____D C:\Users\***\AppData\Roaming\stickies
2013-07-16 08:37 - 2013-05-07 07:15 - 01828140 ____A C:\Windows\WindowsUpdate.log
2013-07-16 08:34 - 2013-07-16 08:34 - 00096856 ____A (Symantec Corporation) C:\Windows\system32\Drivers\SMR322.SYS
2013-07-16 08:34 - 2013-07-16 08:34 - 00000020 ____A C:\Windows\system32\Drivers\SMR322.dat
2013-07-16 08:34 - 2013-07-16 08:21 - 00000000 ____D C:\Users\***\AppData\Local\NPE
2013-07-16 08:34 - 2013-05-07 07:21 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-16 08:34 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-16 08:34 - 2009-07-14 06:51 - 00031271 ____A C:\Windows\setupact.log
2013-07-16 08:33 - 2013-05-07 07:16 - 00000000 ___RD C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-16 08:30 - 2013-07-16 08:30 - 00891022 ____A C:\Users\***\Desktop\SecurityCheck.exe
2013-07-16 08:22 - 2013-07-16 08:04 - 00003766 ____A C:\Windows\System32\Tasks\***
2013-07-16 08:22 - 2013-07-10 01:48 - 00000000 ____D C:\Users\***\AppData\Local\Nero_AG
2013-07-16 08:21 - 2013-05-07 20:54 - 00000000 ____D C:\ProgramData\Norton
2013-07-16 08:19 - 2013-07-16 08:19 - 02989560 ____A (Symantec Corporation) C:\Users\***\Desktop\NPE.exe
2013-07-16 08:19 - 2013-07-16 08:18 - 214807824 ____A C:\Users\***\Desktop\20130715-033-v5i64.exe
2013-07-16 08:16 - 2013-07-16 08:16 - 00000000 ____D C:\Windows\System32\Tasks\Games
2013-07-16 08:02 - 2013-07-16 08:02 - 00003808 ____A C:\Windows\System32\Tasks\*** Nero LIVEBackup Merge 6 0
2013-07-16 07:58 - 2013-07-15 23:05 - 00000000 ____D C:\Users\***\AppData\Roaming\Dropbox
2013-07-16 07:54 - 2013-07-16 07:54 - 00000000 ____D C:\Windows\pss
2013-07-16 07:51 - 2013-07-15 23:07 - 00000000 ___RD C:\Users\***\Dropbox
2013-07-16 07:36 - 2013-07-16 07:36 - 00000000 ____D C:\archive_db
2013-07-16 07:14 - 2013-07-16 07:14 - 00002489 ____A C:\Users\***\Desktop\Paragon Backup & Recovery™ 2013 Free.lnk
2013-07-16 07:14 - 2013-07-16 07:14 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paragon Backup & Recovery™ 2013 Free
2013-07-16 07:14 - 2013-07-16 07:14 - 00000000 ____D C:\ProgramData\launcher
2013-07-16 07:14 - 2013-07-16 07:14 - 00000000 ____D C:\ProgramData\explauncher
2013-07-16 07:14 - 2013-07-16 07:14 - 00000000 ____D C:\ProgramData\backup
2013-07-16 05:17 - 2013-07-15 19:28 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Nero
2013-07-16 04:51 - 2013-07-16 04:51 - 00004114 ____A C:\Windows\System32\Tasks\Kleines Flausch2
2013-07-16 04:50 - 2013-07-16 04:50 - 00004112 ____A C:\Windows\System32\Tasks\Kleines Flausch
2013-07-16 04:49 - 2013-07-16 04:49 - 00003530 ____A C:\Windows\System32\Tasks\Kleines Flausch NBAgent 6 0
2013-07-16 04:39 - 2013-07-15 19:28 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Nero_AG
2013-07-16 04:29 - 2013-07-11 00:45 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Skype
2013-07-16 04:09 - 2013-07-11 00:41 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\stickies
2013-07-16 01:58 - 2013-07-11 00:57 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Windows Live
2013-07-16 01:09 - 2013-07-16 01:09 - 00003473 ____A C:\Users\***\Documents\Linuxforum_opensusestart.txt
2013-07-16 00:55 - 2013-07-16 00:55 - 00001106 ____A C:\Users\UpdatusUser\Desktop\EVEREST Home Edition.lnk
2013-07-16 00:55 - 2013-07-16 00:55 - 00001106 ____A C:\Users\Kleines Flausch\Desktop\EVEREST Home Edition.lnk
2013-07-16 00:55 - 2013-07-16 00:55 - 00001106 ____A C:\Users\***\Desktop\EVEREST Home Edition.lnk
2013-07-16 00:28 - 2013-07-10 01:26 - 00000000 ____D C:\Users\***\AppData\Roaming\Nero
2013-07-16 00:27 - 2013-06-07 05:47 - 00003036 ____A C:\Windows\System32\Tasks\{954C44F4-AE69-48D9-BF93-92026E5DF43D}
2013-07-16 00:27 - 2013-06-07 05:46 - 00003036 ____A C:\Windows\System32\Tasks\{13FB3090-ADDB-4890-85B1-9D761963B54B}
2013-07-16 00:27 - 2013-06-07 05:45 - 00003036 ____A C:\Windows\System32\Tasks\{C5E0EEB2-B4A5-4040-B809-F3A1EFAF9738}
2013-07-16 00:27 - 2013-06-07 05:45 - 00003036 ____A C:\Windows\System32\Tasks\{A51DF6A1-2FFC-4562-825E-87031537D27A}
2013-07-15 23:25 - 2013-05-07 09:18 - 00000000 ____D C:\Users\***\AppData\Roaming\Skype
2013-07-15 23:07 - 2013-07-15 23:07 - 00001050 ____A C:\Users\***\Desktop\Dropbox.lnk
2013-07-15 23:07 - 2013-05-07 07:15 - 00000000 ____D C:\Users\***
2013-07-15 23:06 - 2013-07-15 23:06 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-07-15 21:51 - 2013-07-15 21:51 - 00000000 ____D C:\Windows\ERUNT
2013-07-15 21:45 - 2013-07-15 21:45 - 00002050 ____A C:\AdwCleaner[S1].txt
2013-07-15 21:41 - 2013-07-15 21:41 - 00662345 ____A C:\Users\***\Desktop\adwcleaner.exe
2013-07-15 21:41 - 2013-07-15 21:41 - 00559441 ____A (Oleg N. Scherbakov) C:\Users\***\Desktop\JRT.exe
2013-07-15 21:37 - 2013-05-07 18:09 - 00021004 ____A C:\Windows\PFRO.log
2013-07-15 21:32 - 2013-07-15 21:11 - 00000000 ____D C:\ComboFix
2013-07-15 21:31 - 2013-07-15 21:31 - 00035027 ____A C:\ComboFix.txt
2013-07-15 21:31 - 2013-07-15 20:53 - 00000000 ____D C:\Qoobox
2013-07-15 21:31 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-07-15 21:29 - 2013-07-15 20:52 - 00000000 ____D C:\Windows\erdnt
2013-07-15 21:23 - 2009-07-14 04:34 - 00000215 ____A C:\Windows\system.ini
2013-07-15 20:56 - 2013-07-10 07:49 - 00002462 ____A C:\Windows\Sandboxie.ini
2013-07-15 20:51 - 2013-07-15 20:51 - 05089088 ____R (Swearware) C:\Users\***\Desktop\ComboFix.exe
2013-07-15 20:47 - 2013-07-15 20:47 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Dual Monitor
2013-07-15 20:47 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-07-15 20:23 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-07-15 20:02 - 2013-07-15 19:28 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Nero
2013-07-15 18:46 - 2013-07-15 18:46 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Logitech® Webcam-Software
2013-07-15 17:33 - 2013-07-15 17:33 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-07-15 17:33 - 2013-07-15 17:33 - 00000000 ____D C:\Program Files\Realtek
2013-07-15 17:32 - 2013-07-15 17:32 - 00001769 ____A C:\Windows\Language_trs.ini
2013-07-14 00:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-07-13 23:11 - 2013-07-11 00:39 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\VirtualStore
2013-07-13 23:06 - 2013-07-13 23:06 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Apple
2013-07-11 02:41 - 2013-07-11 02:41 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\NVIDIA
2013-07-11 02:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-11 01:37 - 2013-07-11 01:37 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Adobe
2013-07-11 01:37 - 2013-07-11 00:39 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Adobe
2013-07-11 00:57 - 2013-07-11 00:57 - 00082944 ____A C:\Users\Kleines Flausch\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-11 00:57 - 2013-07-11 00:57 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Windows Live Writer
2013-07-11 00:57 - 2013-07-11 00:57 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Windows Live Writer
2013-07-11 00:47 - 2013-07-11 00:47 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Opera Software
2013-07-11 00:47 - 2013-07-11 00:47 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Opera Software
2013-07-11 00:45 - 2013-07-11 00:45 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Macromedia
2013-07-11 00:44 - 2013-07-11 00:44 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\TuneUp Software
2013-07-11 00:44 - 2013-07-11 00:44 - 00000000 ____D C:\Intel
2013-07-11 00:41 - 2013-07-11 00:41 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Roaming\Apple Computer
2013-07-11 00:41 - 2013-07-11 00:41 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Toshiba
2013-07-11 00:39 - 2013-07-11 00:39 - 00000020 ___SH C:\Users\Kleines Flausch\ntuser.ini
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Vorlagen
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Startmenü
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Netzwerkumgebung
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Lokale Einstellungen
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Eigene Dateien
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Druckumgebung
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Documents\Eigene Musik
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Documents\Eigene Bilder
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\AppData\Local\Verlauf
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\AppData\Local\Anwendungsdaten
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 __SHD C:\Users\Kleines Flausch\Anwendungsdaten
2013-07-11 00:39 - 2013-07-11 00:39 - 00000000 ____D C:\Users\Kleines Flausch
2013-07-11 00:09 - 2013-07-11 00:09 - 00000000 ____D C:\FRST
2013-07-11 00:04 - 2009-07-14 19:58 - 00696620 ____A C:\Windows\system32\perfh007.dat
2013-07-11 00:04 - 2009-07-14 19:58 - 00147916 ____A C:\Windows\system32\perfc007.dat
2013-07-11 00:04 - 2009-07-14 07:13 - 01612484 ____A C:\Windows\system32\PerfStringBackup.INI
2013-07-10 23:11 - 2013-05-07 21:57 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-07-10 20:18 - 2013-07-10 07:09 - 00001363 ____A C:\Users\***\Desktop\Windows Error Lookup Tool.exe - Verknüpfung.lnk
2013-07-10 19:12 - 2013-07-10 19:12 - 00003852 ____A C:\Windows\System32\Tasks\FileHippo.com-Online-Aktualisierungsprogramm
2013-07-10 19:10 - 2013-07-10 19:10 - 00002770 ____A C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2013-07-10 18:53 - 2013-07-10 18:53 - 01776889 ____A (Farbar) C:\Users\***\Desktop\FRST64.exe
2013-07-10 08:09 - 2013-07-10 08:09 - 00003042 ____A C:\Windows\System32\Tasks\PandaUSBVaccine
2013-07-10 08:09 - 2013-07-10 08:09 - 00000000 ____D C:\ProgramData\Panda Security
2013-07-10 08:04 - 2013-07-10 08:04 - 00000000 ____D C:\Program Files\Cygnus Software
2013-07-10 07:51 - 2013-07-10 07:51 - 00000000 ___RD C:\Sandbox
2013-07-10 07:49 - 2013-07-15 20:47 - 00000914 ____A C:\Users\Kleines Flausch\Desktop\Sandboxed Web Browser.lnk
2013-07-10 07:49 - 2013-07-10 07:49 - 00000914 ____A C:\Users\***\Desktop\Sandboxed Web Browser.lnk
2013-07-10 07:49 - 2013-07-10 07:49 - 00000000 ____D C:\Program Files\Sandboxie
2013-07-10 07:48 - 2013-07-10 07:48 - 00002003 ____A C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
2013-07-10 07:45 - 2013-07-06 02:39 - 00000000 ____D C:\Users\***\AppData\Roaming\TuneUp Software
2013-07-10 06:47 - 2013-07-10 06:47 - 00000000 ____D C:\Program Files\7-Zip
2013-07-10 05:46 - 2013-07-10 05:46 - 00377856 ____A C:\Users\***\Desktop\gmer_2.1.19163.exe
2013-07-10 05:42 - 2013-07-10 05:42 - 00000000 ____A C:\Users\***\defogger_reenable
2013-07-10 05:41 - 2013-07-10 05:41 - 00050477 ____A C:\Users\***\Desktop\Defogger.exe
2013-07-10 05:36 - 2013-07-10 05:36 - 00602112 ____A (OldTimer Tools) C:\Users\***\Desktop\OTL.exe
2013-07-10 05:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Registration
2013-07-10 05:11 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2013-07-10 05:01 - 2013-06-07 05:38 - 00000193 ____A C:\Windows\spwdrgaa.INI
2013-07-10 04:21 - 2013-07-10 04:21 - 00000000 ____D C:\ProgramData\DualMonitor
2013-07-10 04:03 - 2013-07-10 04:03 - 00000000 ____D C:\Users\***\AppData\Roaming\Dual Monitor
2013-07-10 04:02 - 2013-07-10 02:12 - 00000081 ____A C:\Windows\spwdrhgsa.INI
2013-07-10 03:34 - 2013-07-10 03:34 - 00002109 ____A C:\Users\Public\Desktop\Nero Kwik Media.lnk
2013-07-10 03:34 - 2013-07-06 02:09 - 00000000 ____D C:\ProgramData\Nero
2013-07-10 03:27 - 2009-07-14 06:45 - 00335528 ____A C:\Windows\system32\FNTCACHE.DAT
2013-07-10 03:19 - 2013-07-10 03:19 - 00000000 ____D C:\Users\***\Documents\Apowersoft Free Screen Recorder
2013-07-10 03:17 - 2013-07-10 03:17 - 00000000 ____D C:\Users\***\AppData\Roaming\Apowersoft
2013-07-10 03:11 - 2013-07-10 03:11 - 00000000 ____D C:\Users\***\AppData\Local\Google
2013-07-10 03:11 - 2013-05-07 07:25 - 00082944 ____A C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-10 03:07 - 2013-07-10 03:07 - 00000625 ____A C:\Windows\uninstallstickies.bat
2013-07-10 03:06 - 2013-07-10 03:06 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2013-07-10 03:06 - 2013-07-10 03:06 - 00000000 ____D C:\Users\***\AppData\Local\SlimWare Utilities Inc
2013-07-10 03:05 - 2013-07-10 03:05 - 00000987 ____A C:\Users\***\Desktop\RecycleBinEx.lnk
2013-07-10 03:03 - 2013-07-10 03:03 - 00003310 ____A C:\Windows\System32\Tasks\RunAsStdUser Task
2013-07-10 03:03 - 2013-07-10 03:03 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Moo0
2013-07-10 02:58 - 2013-07-10 02:58 - 00000796 ____A C:\Users\***\Desktop\Listary.lnk
2013-07-10 02:58 - 2013-07-10 02:58 - 00000000 ____D C:\Users\***\AppData\Roaming\Listary
2013-07-10 02:58 - 2013-07-10 02:58 - 00000000 ____D C:\Program Files\Listary
2013-07-10 02:55 - 2013-07-10 02:55 - 00001969 ____A C:\Users\Public\Desktop\LauschAngriff.lnk
2013-07-10 02:55 - 2013-07-10 02:55 - 00000020 ____A C:\Windows\LauschAngriff.ini
2013-07-10 02:54 - 2013-07-10 02:54 - 00000000 ___RD C:\Users\***\Documents\Notes
2013-07-10 02:54 - 2013-07-10 02:54 - 00000000 ____D C:\Users\***\AppData\Local\Tools&More
2013-07-10 02:53 - 2013-07-10 02:53 - 00001942 ____A C:\Users\Public\Desktop\Joe.lnk
2013-07-10 02:53 - 2013-07-10 02:53 - 00000000 ____D C:\Windows\Downloaded Installations
2013-07-10 02:51 - 2013-07-10 02:51 - 00037897 ____A C:\Windows\Hardcopy.log
2013-07-10 02:51 - 2013-07-10 02:51 - 00003172 ____A C:\Windows\System32\Tasks\hcdll2_ex_Win32
2013-07-10 02:51 - 2013-07-10 02:51 - 00003168 ____A C:\Windows\System32\Tasks\hcdll2_ex_x64
2013-07-10 02:51 - 2013-07-10 02:51 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hardcopy - Bildschirmausdruck
2013-07-10 02:36 - 2013-07-05 23:16 - 00000000 ____D C:\ProgramData\Adobe
2013-07-10 02:35 - 2013-05-07 07:22 - 00000000 ____D C:\Users\***\AppData\Roaming\Adobe
2013-07-10 02:00 - 2013-07-10 02:00 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-07-10 02:00 - 2013-07-05 23:12 - 00000000 ____D C:\ProgramData\Apple Computer
2013-07-10 01:29 - 2013-05-07 21:43 - 00000000 ____D C:\Users\***\AppData\Local\CrashDumps
2013-07-10 01:11 - 2013-07-10 01:10 - 00000000 ____D C:\Windows\system32\MRT
2013-07-10 01:02 - 2013-07-05 23:10 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-10 01:01 - 2009-07-14 20:18 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-10 01:01 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-10 00:57 - 2013-07-10 00:57 - 00056072 ____A (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2013-07-10 00:57 - 2013-07-10 00:57 - 00047368 ____A (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll
2013-07-10 00:57 - 2013-07-10 00:57 - 00000000 ____D C:\Users\***\AppData\Local\Comodo
2013-07-10 00:56 - 2013-07-10 00:56 - 01700352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2013-07-10 00:56 - 2013-07-10 00:56 - 01060864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2013-07-10 00:56 - 2013-07-10 00:56 - 00348160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2013-07-10 00:44 - 2013-07-11 00:39 - 00000000 ____D C:\Users\Kleines Flausch\AppData\Local\Microsoft Help
2013-07-10 00:44 - 2013-07-10 00:44 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-07-10 00:44 - 2013-07-10 00:44 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-07-10 00:44 - 2013-05-07 22:21 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-07 15:17 - 2013-07-07 15:17 - 00000017 ____A C:\Users\***\AppData\Local\resmon.resmoncfg
2013-07-06 02:39 - 2013-07-06 02:36 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-07-06 02:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Cursors
2013-07-06 01:40 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-07-05 23:37 - 2013-07-05 23:13 - 00000000 ____D C:\Users\***\AppData\Roaming\Apple Computer
2013-07-05 23:36 - 2013-05-07 07:16 - 00000000 ____D C:\Users\***\AppData\Local\VirtualStore
2013-07-05 23:34 - 2013-07-05 23:34 - 00000000 ____D C:\Program Files\iTunes
2013-07-05 23:32 - 2013-07-05 23:30 - 00000000 ____D C:\Windows\system32\appmgmt
2013-07-05 23:13 - 2013-07-05 23:13 - 00000000 ____D C:\Users\***\AppData\Local\Apple Computer
2013-07-05 23:12 - 2013-07-05 23:12 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-07-05 23:12 - 2013-07-05 23:12 - 00000000 ____D C:\Users\***\AppData\Local\Apple
2013-07-05 23:12 - 2013-07-05 23:12 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-07-05 23:12 - 2013-07-05 23:11 - 00000000 ____D C:\ProgramData\Apple
2013-07-05 23:11 - 2013-07-05 23:11 - 00000000 ____D C:\Program Files\Bonjour
2013-07-05 23:06 - 2013-07-05 23:06 - 00003062 ____A C:\Windows\System32\Tasks\{BD19309D-E1CE-4D04-A172-796E35440276}
2013-07-05 22:52 - 2013-07-05 22:52 - 00000000 ____D C:\Users\***\AppData\Roaming\Windows Live Writer
2013-07-05 22:52 - 2013-07-05 22:52 - 00000000 ____D C:\Users\***\AppData\Local\Windows Live Writer
2013-07-05 22:51 - 2013-07-05 22:51 - 00000000 ____D C:\Windows\de
2013-07-05 22:47 - 2013-07-05 22:47 - 00000000 ____D C:\Program Files\Windows Live
2013-06-24 00:57 - 2013-05-07 14:00 - 78277128 ____A (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-06-21 14:06 - 2013-05-07 21:18 - 27781920 ____A (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 25256224 ____A (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 21102368 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 17560352 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 15144928 ____A (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 13411896 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 11235104 ____A (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-06-21 14:06 - 2013-05-07 21:18 - 09239344 ____A (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 07687592 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 07641832 ____A (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 06324360 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 02953504 ____A (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 02777888 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 02363680 ____A (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 02002720 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 01832224 ____A (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 01511712 ____A (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 00925648 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 00572704 ____A (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 00570656 ____A (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 00467232 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 00465184 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 00266448 ____A (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 00218592 ____A (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 00214448 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-06-21 14:06 - 2013-05-07 21:18 - 00181488 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-06-21 14:06 - 2013-05-07 07:20 - 00061216 ____A (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-06-21 14:06 - 2013-05-07 07:20 - 00053024 ____A (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-06-21 14:06 - 2013-02-26 00:32 - 15920536 ____A (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-06-21 14:06 - 2013-02-26 00:32 - 12427240 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-06-21 14:06 - 2013-02-26 00:32 - 02936208 ____A (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-06-21 14:06 - 2013-02-26 00:32 - 02597856 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-06-21 14:06 - 2013-02-26 00:32 - 01059560 ____A (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-06-21 14:06 - 2013-02-26 00:32 - 00021578 ____A C:\Windows\system32\nvinfo.pb
2013-06-21 12:23 - 2013-05-07 07:20 - 06496544 ____A (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-06-21 12:23 - 2013-05-07 07:20 - 03514656 ____A (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-06-21 12:23 - 2013-05-07 07:20 - 02555680 ____A (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-06-21 12:23 - 2013-05-07 07:20 - 00884512 ____A (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-06-21 12:23 - 2013-05-07 07:20 - 00237856 ____A (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-06-21 12:23 - 2013-05-07 07:20 - 00063776 ____A (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-06-21 05:16 - 2013-06-21 05:16 - 00566048 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-06-20 06:17 - 2013-05-07 07:20 - 03253909 ____A C:\Windows\system32\nvcoproc.bin

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-14 00:28

==================== End Of Log ============================
         
--- --- ---


Probleme? Nö? Hatte ich auch nicht. Nur sorge - naja die Windows Sicherung geht nicht. Sonst alles klar.

Und? Bin ich sauber???

(die Hoffnung stirbt zuletzt...)

Alt 16.07.2013, 11:08   #14
schrauber
/// the machine
/// TB-Ausbilder
 

desk365 installiert - Standard

desk365 installiert



Sicherung geht nicht heisst genau?

Downloade dir bitte Farbar Service Scanner Farbar Service Scanner
  • Starte das Tool mit Doppelklick auf die FSS.exe
  • Gehe sicher, dass folgende Optionen angehakt sind.
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Klicke auf Scan.
  • Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.


__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.07.2013, 13:57   #15
Laschmunzel
 
desk365 installiert - Standard

desk365 installiert



Hallo!

das ging wiederum sehr rasch!

FSS:

Code:
ATTFilter
Farbar Service Scanner Version: 13-07-2013
Ran by *** (administrator) on 16-07-2013 at 14:52:00
Running from "C:\Users\***\Desktop"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Disabled Policy: 
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
         
Windows Sicherung wird macht bis zu ca. 85% und bricht dann mit Fehlercode ab. Sicherung konnte nicht durchgeführt werden. Ereignisanzeige sagt mir, es gibt ein E/A-Problem. Somit mal Datenträgerüberprüfung machen und schauen was sich tut. Ich weis zwar nicht wie ich es geschafft habe, aber ich hab keine 100 MB Partition mehr - möglicherweise gefällt das dem System nicht. Oder die backup tools und utilitys die ich drauf hab. Ich werd schon noch dahinter kommen.

Lg, Laschmunzl

PS: Sauber....?

Antwort

Themen zu desk365 installiert
anwendung, control, deinstallation, desk365, diverse, error, explorer, fehlermeldung, gefährliche, gesucht, gmer, hängen, installation, installiert, internetexplorer, neu, nicht mehr, norton, programme, rechner, registry, seltsame, software, tool, unbekanntes, windows, wsys control



Ähnliche Themen: desk365 installiert


  1. Adware installiert.
    Log-Analyse und Auswertung - 19.05.2015 (20)
  2. Trojaner aus der DHL SMS installiert
    Smartphone, Tablet & Handy Security - 05.08.2014 (14)
  3. Mipony-Verknüpfung im Browser entfernen + Lollipop, Desk365, addlyrics, Optimizer Pro
    Plagegeister aller Art und deren Bekämpfung - 07.04.2014 (39)
  4. Trojaner von CD installiert?
    Plagegeister aller Art und deren Bekämpfung - 22.02.2014 (1)
  5. Desk365 auf dem Laptop... nicht zu löschen
    Plagegeister aller Art und deren Bekämpfung - 29.10.2013 (6)
  6. Zuerst die Toolbar Snpa.Do mit installiert und nun SpyHunter4 installiert
    Log-Analyse und Auswertung - 27.10.2013 (21)
  7. Spy Hunter 4 installiert
    Log-Analyse und Auswertung - 22.07.2013 (5)
  8. Qvo6 Virus, Desk365 Meldung und OTL.exe hängt sich auf, keine Files möglich
    Plagegeister aller Art und deren Bekämpfung - 13.07.2013 (19)
  9. Adobe Acrobat XI (englisch) installiert sich von selbst, obwohl Acrobat XI Pro installiert ist
    Plagegeister aller Art und deren Bekämpfung - 21.01.2013 (19)
  10. Virus der MSN installiert
    Plagegeister aller Art und deren Bekämpfung - 31.10.2011 (29)
  11. Windows XP neu installiert "Anwendungen werden installiert"?
    Alles rund um Windows - 26.05.2009 (2)
  12. Windows installiert
    Alles rund um Windows - 17.02.2009 (1)
  13. NetPumper installiert -.-
    Plagegeister aller Art und deren Bekämpfung - 29.10.2008 (19)
  14. neu installiert und trotzdem
    Alles rund um Windows - 04.04.2006 (9)
  15. SP2 Installiert und hab ein problem...
    Log-Analyse und Auswertung - 08.11.2005 (2)
  16. RedHat 8 installiert und...
    Alles rund um Mac OSX & Linux - 26.01.2003 (10)

Zum Thema desk365 installiert - Hallo! Ich habe mir ein paar Programme herunter geladen und mit ihnen dann desk365 installiert. Ich hab nach der Installation den Rechner neu gestartet und dann sofort gemerkt das da - desk365 installiert...
Archiv
Du betrachtest: desk365 installiert auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.