| |
| |||||||
Log-Analyse und Auswertung: Windows 8 ; immer langsamer, hängt und friert einWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
17.10.2013, 20:59
| #1 |
 |  Windows 8 ; immer langsamer, hängt und friert ein Hallo liebe Trojaner-Board - LER, habe früher schon öfter mal hier rein geschaut, mich heute aber registriert, weil ich ein Problem habe, mit dem ich nicht mehr klar komme. mein System: Windows 8 64-Bit System Intel i3-3220 CPU 3.3 GHz ; 4.00 GB RAM I-Net über Lan - als auch Wlan (in anderem Raum) mit Fritzbox derzeit Trend Micro Titanium Internet Security MS Firewall seit etwas mehr als 2 Monaten, ist der laufender Betrieb und I-Net immer langsamer geworden Habe dann im Laufe der ZEIT mehrmals auf Auslieferung zurückgesetzt Da ich aber erst sehr spät Sicherungen (von separater Partition) auf DVD´s erstellt habe, bin ich nicht sicher ob sich etwas in der Wiederherstellung befindet. Ohne Besserung. Dann Festplatte und Ram ausgetauscht. Ohne Besserung. In letzter Zeit hat der pc 1x selbst heruntergefahre und wieder gestartet. Ein anderes Mal, ging der Bildschirm aus ; PC schien aber an zu sein, jedoch ohne spürbare Anzeichen dafür. Die vorbereitenden Schritte habe ich eingehalten und ausgeführt Danke für eure Hilfe Liebe Grüße Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 20:13 on 17/10/2013 (mein Name)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by mein Name (administrator) on NAME on 17-10-2013 20:21:48
Running from C:\Users\mein Name\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Intel(R) Corporation) c:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [BeatsOSDApp] - C:\Program Files\IDT\WDM\beats64.exe [37888 2012-08-10] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-08-10] (IDT, Inc.)
HKLM\...\Run: [Trend Micro Client Framework] - C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [221584 2013-07-23] (Trend Micro Inc.)
MountPoints2: {78e91d4f-2df8-11e3-be70-b4b52fcbccc4} - "G:\pushinst.exe"
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK13/4
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {94B26480-D04E-468B-85A0-89A447BF8438} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {94B26480-D04E-468B-85A0-89A447BF8438} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKCU - {94B26480-D04E-468B-85A0-89A447BF8438} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: TSToolbarBHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
BHO: TmIEPlugInBHO Class - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg.dll (Trend Micro Inc.)
BHO: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1109\8.0.1109\TmBpIe64.dll (Trend Micro Inc.)
BHO-x32: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-x32: TSToolbarBHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: TmIEPlugInBHO Class - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg32.dll (Trend Micro Inc.)
BHO-x32: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1109\8.0.1109\TmBpIe32.dll (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - TrendMicro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
Toolbar: HKLM-x32 - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1109\8.0.1109\TmBpIe64.dll (Trend Micro Inc.)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg.dll (Trend Micro Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - No File
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1109\8.0.1109\TmBpIe32.dll (Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg32.dll (Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\mein Name\AppData\Roaming\Mozilla\Firefox\Profiles\cwdtpita.default
FF user.js: detected! => C:\Users\mein Name\AppData\Roaming\Mozilla\Firefox\Profiles\cwdtpita.default\user.js
FF Homepage: hxxp://www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @TrendMicro.com/FFExtension - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll (Trend Micro Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Yahoo! Toolbar - C:\Users\mein Name\AppData\Roaming\Mozilla\Firefox\Profiles\cwdtpita.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF Extension: savedpasswordeditor - C:\Users\mein Name\AppData\Roaming\Mozilla\Firefox\Profiles\cwdtpita.default\Extensions\savedpasswordeditor@daniel.dawson.xpi
FF Extension: No Name - C:\Users\mein Name\AppData\Roaming\Mozilla\Firefox\Profiles\cwdtpita.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1109\8.0.1109\firefoxextension
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1109\8.0.1109\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1109\8.0.1109\firefoxextension
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1109\8.0.1109\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [{BBB77B49-9FF4-4d5c-8FE2-92B1D6CD696C}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension\
FF Extension: Trend Micro Osprey Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension\
FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1109\8.0.1109\chrome_tmbep.crx
CHR HKLM-x32\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1109\8.0.1109\chrome_tmbep.crx
CHR HKLM-x32\...\Chrome\Extension: [fmgckcapmffomaifonnhgkfdgljnkpgi] - C:\Program Files\Trend Micro\AMSP\module\20013\ChromeExt\chromeextension\TmOspreychromeExt.crx
CHR HKLM-x32\...\Chrome\Extension: [heoldelcflnigdllmlopiefhkkobendj] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\chromeextension\chromeextension.crx
==================== Services (Whitelisted) =================
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-26] (Microsoft Corporation)
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [x]
==================== Drivers (Whitelisted) ====================
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [116264 2013-09-04] (Trend Micro Inc.)
R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [282624 2013-09-04] (Trend Micro Inc.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [50976 2013-07-01] (Trend Micro Inc.)
R3 tmeevw; C:\Windows\system32\DRIVERS\tmeevw.sys [100640 2013-06-13] (Trend Micro Inc.)
S0 tmel; C:\Windows\System32\DRIVERS\tmel.sys [37904 2013-07-11] (Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [85424 2013-09-04] (Trend Micro Inc.)
R3 tmnciesc; C:\Windows\system32\DRIVERS\tmnciesc.sys [303392 2013-05-15] (Trend Micro Inc.)
R2 tmusa; C:\Windows\system32\DRIVERS\tmusa.sys [103712 2013-07-08] (Trend Micro Inc.)
U2 TMAgent;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-17 20:21 - 2013-10-17 20:21 - 00000000 ____D C:\FRST
2013-10-17 20:15 - 2013-10-17 20:15 - 01954124 _____ (Farbar) C:\Users\mein Name\Desktop\FRST64.exe
2013-10-17 20:13 - 2013-10-17 20:13 - 00000480 _____ C:\Users\mein Name\Desktop\defogger_disable.log
2013-10-17 20:13 - 2013-10-17 20:13 - 00000000 _____ C:\Users\mein Name\defogger_reenable
2013-10-17 20:10 - 2013-10-17 20:10 - 00050477 _____ C:\Users\mein Name\Desktop\Defogger.exe
2013-10-17 20:00 - 2013-10-17 20:00 - 00000117 _____ C:\Windows\system32\netcfg-12919140.txt
2013-10-17 19:31 - 2013-10-17 19:31 - 00000117 _____ C:\Windows\system32\netcfg-11188875.txt
2013-10-17 18:46 - 2013-10-17 20:14 - 00000881 _____ C:\Users\mein Name\Desktop\trojaner board.txt
2013-10-17 18:36 - 2013-10-17 18:36 - 00000117 _____ C:\Windows\system32\netcfg-7862437.txt
2013-10-17 18:36 - 2013-10-17 18:36 - 00000117 _____ C:\Windows\system32\netcfg-7862234.txt
2013-10-17 17:08 - 2013-10-17 17:08 - 01048960 _____ C:\Users\mein Name\Desktop\adwcleaner_3.0.0.7.exe
2013-10-17 16:13 - 2013-10-17 16:13 - 00000117 _____ C:\Windows\system32\netcfg-12582312.txt
2013-10-17 16:11 - 2013-10-17 16:11 - 00000117 _____ C:\Windows\system32\netcfg-12431531.txt
2013-10-17 15:26 - 2013-10-17 15:26 - 00000117 _____ C:\Windows\system32\netcfg-9764437.txt
2013-10-17 15:26 - 2013-10-17 15:26 - 00000117 _____ C:\Windows\system32\netcfg-9764000.txt
2013-10-17 12:55 - 2013-10-17 12:55 - 00000000 ___HD C:\TMRescueDisk
2013-10-17 12:50 - 2013-10-17 12:50 - 00001429 _____ C:\Users\mein Name\Desktop\Trend Micro Titanium Internet Security.lnk
2013-10-17 12:50 - 2013-10-17 12:50 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security
2013-10-17 12:50 - 2013-09-04 08:24 - 00116264 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmactmon.sys
2013-10-17 12:50 - 2013-09-04 08:22 - 00085424 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmevtmgr.sys
2013-10-17 12:50 - 2013-09-04 08:17 - 00282624 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2013-10-17 12:50 - 2013-07-11 04:39 - 00037904 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmel.sys
2013-10-17 12:50 - 2013-07-08 05:16 - 00103712 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmusa.sys
2013-10-17 12:50 - 2013-07-01 15:08 - 00050976 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\TMEBC64.sys
2013-10-17 12:50 - 2013-06-13 08:35 - 00100640 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmeevw.sys
2013-10-17 12:50 - 2013-05-15 12:23 - 00303392 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmnciesc.sys
2013-10-17 12:49 - 2013-10-17 12:49 - 00003268 _____ C:\Windows\System32\Tasks\Titanium BTC
2013-10-17 12:48 - 2013-10-17 16:26 - 00000000 ____D C:\ProgramData\Trend Micro
2013-10-17 12:48 - 2013-10-17 12:48 - 00000059 _____ C:\Windows\system32\SupportTool.exe.bat
2013-10-17 12:47 - 2013-10-17 12:48 - 00000000 ____D C:\Program Files\Trend Micro
2013-10-17 12:45 - 2013-10-17 12:45 - 00000036 _____ C:\Users\mein Name\AppData\Local\housecall.guid.cache
2013-10-17 12:43 - 2013-10-17 12:43 - 00000000 ____D C:\Users\mein Name\AppData\Local\Trend Micro
2013-10-17 12:37 - 2013-10-17 12:41 - 115016720 _____ (Trend Micro Inc.) C:\Users\Public\Desktop\Trend_Micro.exe
2013-10-17 12:34 - 2013-10-17 12:34 - 06631240 _____ (Trend Micro Inc.) C:\Users\mein Name\Desktop\Titanium_Internet_Security_2014.exe
2013-10-17 12:20 - 2013-10-17 12:20 - 00000117 _____ C:\Windows\system32\netcfg-45127859.txt
2013-10-17 12:01 - 2013-10-17 12:01 - 00000117 _____ C:\Windows\system32\netcfg-44028093.txt
2013-10-17 11:39 - 2013-10-17 11:39 - 00000117 _____ C:\Windows\system32\netcfg-42720328.txt
2013-10-17 11:39 - 2013-10-17 11:39 - 00000117 _____ C:\Windows\system32\netcfg-42698062.txt
2013-10-17 11:39 - 2013-10-17 11:39 - 00000117 _____ C:\Windows\system32\netcfg-42687218.txt
2013-10-17 11:28 - 2013-10-17 11:28 - 00000117 _____ C:\Windows\system32\netcfg-42011015.txt
2013-10-16 23:35 - 2013-10-16 23:35 - 00000115 _____ C:\Users\mein Name\Desktop\igno.txt
2013-10-16 20:31 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-16 20:31 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-16 20:31 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-16 20:31 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-16 20:30 - 2013-10-16 20:31 - 00004278 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-16 20:29 - 2013-10-16 20:29 - 00915368 _____ (Oracle Corporation) C:\Users\mein Name\Desktop\jxpiinstall.exe
2013-10-16 19:48 - 2013-10-16 19:48 - 00000117 _____ C:\Windows\system32\netcfg-18356390.txt
2013-10-16 19:06 - 2013-10-16 19:06 - 00000117 _____ C:\Windows\system32\netcfg-15839953.txt
2013-10-16 18:46 - 2013-10-16 18:46 - 00000117 _____ C:\Windows\system32\netcfg-14612062.txt
2013-10-16 18:35 - 2013-10-16 18:35 - 00000117 _____ C:\Windows\system32\netcfg-13975906.txt
2013-10-16 17:42 - 2013-10-16 17:42 - 00000117 _____ C:\Windows\system32\netcfg-10798078.txt
2013-10-16 17:39 - 2013-10-16 17:39 - 00000117 _____ C:\Windows\system32\netcfg-10600734.txt
2013-10-16 16:51 - 2013-10-16 16:51 - 00000117 _____ C:\Windows\system32\netcfg-7723078.txt
2013-10-16 16:48 - 2013-10-16 16:48 - 00000117 _____ C:\Windows\system32\netcfg-7538093.txt
2013-10-16 15:59 - 2013-10-16 15:59 - 00000117 _____ C:\Windows\system32\netcfg-4630343.txt
2013-10-16 15:59 - 2013-10-16 15:59 - 00000117 _____ C:\Windows\system32\netcfg-4629437.txt
2013-10-16 13:27 - 2013-10-16 13:27 - 00010240 _____ C:\Users\mein Name\Desktop\fahrrad fahren.wps
2013-10-16 11:39 - 2013-10-16 11:39 - 00000117 _____ C:\Windows\system32\netcfg-139965953.txt
2013-10-16 02:20 - 2013-10-16 02:20 - 00000117 _____ C:\Windows\system32\netcfg-106381421.txt
2013-10-15 19:26 - 2013-10-15 19:26 - 00000117 _____ C:\Windows\system32\netcfg-81555171.txt
2013-10-15 19:07 - 2013-10-15 19:07 - 00000117 _____ C:\Windows\system32\netcfg-80413812.txt
2013-10-15 15:56 - 2013-10-15 15:56 - 00000117 _____ C:\Windows\system32\netcfg-68955843.txt
2013-10-15 15:40 - 2013-10-15 15:40 - 00000117 _____ C:\Windows\system32\netcfg-67993203.txt
2013-10-15 14:37 - 2013-10-15 14:37 - 00000117 _____ C:\Windows\system32\netcfg-64215875.txt
2013-10-15 13:26 - 2013-10-15 13:26 - 00000117 _____ C:\Windows\system32\netcfg-59930578.txt
2013-10-15 10:44 - 2013-10-15 10:44 - 00000117 _____ C:\Windows\system32\netcfg-50255078.txt
2013-10-15 10:44 - 2013-10-15 10:44 - 00000117 _____ C:\Windows\system32\netcfg-50253234.txt
2013-10-14 20:47 - 2013-10-16 14:42 - 00003200 _____ C:\Windows\PFRO.log
2013-10-14 20:27 - 2013-10-14 20:29 - 00000000 ____D C:\ProgramData\Adobe
2013-10-14 20:27 - 2013-10-14 20:27 - 00002021 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-10-14 20:27 - 2013-10-14 20:27 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-10-14 20:20 - 2013-10-14 20:20 - 00000000 ____D C:\Windows\Sun
2013-10-14 20:19 - 2013-10-17 20:20 - 00000316 _____ C:\Windows\Tasks\UpdaterEX.job
2013-10-14 20:19 - 2013-10-14 20:23 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-10-14 20:19 - 2013-10-14 20:19 - 00002654 _____ C:\Windows\System32\Tasks\UpdaterEX
2013-10-14 20:19 - 2013-10-14 20:19 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\UpdaterEX
2013-10-14 20:19 - 2013-10-14 20:19 - 00000000 ____D C:\Users\mein Name\AppData\Local\Google
2013-10-14 20:06 - 2013-10-14 20:06 - 00000117 _____ C:\Windows\system32\netcfg-197544125.txt
2013-10-14 19:42 - 2013-10-14 19:42 - 00000117 _____ C:\Windows\system32\netcfg-196122671.txt
2013-10-14 18:28 - 2013-10-15 10:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-14 18:23 - 2013-10-14 18:23 - 00011264 _____ C:\Users\mein Name\Desktop\Tabelle orale Phase.wps
2013-10-14 16:44 - 2013-10-14 16:44 - 00000117 _____ C:\Windows\system32\netcfg-185445437.txt
2013-10-14 16:13 - 2013-10-14 16:13 - 00000117 _____ C:\Windows\system32\netcfg-183582062.txt
2013-10-14 15:52 - 2013-10-17 16:36 - 00525626 _____ C:\Windows\WindowsUpdate.log
2013-10-14 09:38 - 2013-10-14 09:38 - 00000117 _____ C:\Windows\system32\netcfg-159871250.txt
2013-10-14 02:01 - 2013-10-14 02:01 - 00000117 _____ C:\Windows\system32\netcfg-132414328.txt
2013-10-13 20:27 - 2013-10-13 20:27 - 00009216 _____ C:\Users\mein Name\Desktop\laterne basteln.wps
2013-10-13 19:23 - 2013-10-13 19:23 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Yahoo!
2013-10-13 19:22 - 2013-10-13 19:22 - 00000117 _____ C:\Windows\system32\netcfg-108519484.txt
2013-10-13 19:00 - 2013-10-13 19:00 - 00000117 _____ C:\Windows\system32\netcfg-107204859.txt
2013-10-13 16:16 - 2013-10-13 16:16 - 00000117 _____ C:\Windows\system32\netcfg-97367828.txt
2013-10-13 15:40 - 2013-10-13 15:40 - 00000117 _____ C:\Windows\system32\netcfg-95173625.txt
2013-10-13 12:39 - 2013-10-17 13:13 - 00000000 ____D C:\Users\mein Name\Desktop\url-25
2013-10-13 12:33 - 2013-10-13 12:33 - 00000117 _____ C:\Windows\system32\netcfg-83950609.txt
2013-10-13 02:40 - 2013-10-13 02:40 - 00000117 _____ C:\Windows\system32\netcfg-48368703.txt
2013-10-12 20:06 - 2013-10-12 20:06 - 00000117 _____ C:\Windows\system32\netcfg-24720421.txt
2013-10-12 17:38 - 2013-10-12 17:38 - 00071550 _____ C:\Users\mein Name\Desktop\cc_20131012_173753.reg
2013-10-12 17:38 - 2013-10-12 17:38 - 00007196 _____ C:\Users\mein Name\Desktop\cc_20131012_173821.reg
2013-10-12 17:38 - 2013-10-12 17:38 - 00000117 _____ C:\Windows\system32\netcfg-15891765.txt
2013-10-12 17:33 - 2013-10-12 17:33 - 00002780 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-10-12 17:33 - 2013-10-12 17:33 - 00000824 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-10-12 17:32 - 2013-10-12 17:33 - 00000000 ____D C:\Program Files\CCleaner
2013-10-12 17:31 - 2013-10-12 17:31 - 03294168 _____ (Piriform Ltd) C:\Users\mein Name\Desktop\ccsetup406_slim.exe
2013-10-12 16:55 - 2013-10-12 16:55 - 00000000 ____D C:\Users\mein Name\Desktop\von stick
2013-10-12 16:51 - 2013-10-12 16:51 - 00001579 _____ C:\Users\mein Name\Desktop\PS - Verknüpfung.lnk
2013-10-12 16:50 - 2013-10-12 16:50 - 00000000 ____D C:\Users\Public\Documents\CyberLink
2013-10-12 16:50 - 2013-10-12 16:50 - 00000000 ____D C:\Users\Public\CyberLink
2013-10-12 16:50 - 2013-10-12 16:50 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\CyberLink
2013-10-11 20:37 - 2013-10-11 20:37 - 00000117 _____ C:\Windows\system32\netcfg-360564218.txt
2013-10-11 20:34 - 2013-10-11 20:34 - 00000117 _____ C:\Windows\system32\netcfg-360358000.txt
2013-10-11 19:51 - 2013-10-11 19:51 - 00000117 _____ C:\Windows\system32\netcfg-357810250.txt
2013-10-11 19:44 - 2013-10-11 19:44 - 00000117 _____ C:\Windows\system32\netcfg-357392078.txt
2013-10-11 17:49 - 2013-10-11 17:49 - 00000117 _____ C:\Windows\system32\netcfg-350465515.txt
2013-10-11 17:34 - 2013-10-11 17:34 - 00000117 _____ C:\Windows\system32\netcfg-349605890.txt
2013-10-11 13:10 - 2013-10-11 13:10 - 00000117 _____ C:\Windows\system32\netcfg-333730328.txt
2013-10-11 13:10 - 2013-10-11 13:10 - 00000117 _____ C:\Windows\system32\netcfg-333729484.txt
2013-10-10 21:07 - 2013-10-10 21:07 - 00000117 _____ C:\Windows\system32\netcfg-275984031.txt
2013-10-10 21:06 - 2013-10-10 21:06 - 00000117 _____ C:\Windows\system32\netcfg-275911203.txt
2013-10-10 20:12 - 2013-10-10 20:12 - 00000117 _____ C:\Windows\system32\netcfg-272673031.txt
2013-10-10 19:39 - 2013-10-10 19:39 - 00000117 _____ C:\Windows\system32\netcfg-270674671.txt
2013-10-10 18:16 - 2013-10-10 18:16 - 00000117 _____ C:\Windows\system32\netcfg-265728343.txt
2013-10-10 16:20 - 2013-10-10 16:20 - 00000117 _____ C:\Windows\system32\netcfg-258740062.txt
2013-10-10 11:43 - 2013-10-10 11:43 - 00000117 _____ C:\Windows\system32\netcfg-242127203.txt
2013-10-10 02:29 - 2013-10-10 02:29 - 00000117 _____ C:\Windows\system32\netcfg-208915015.txt
2013-10-09 20:17 - 2013-10-09 20:17 - 00000117 _____ C:\Windows\system32\netcfg-186591750.txt
2013-10-09 18:46 - 2013-10-09 18:46 - 00000117 _____ C:\Windows\system32\netcfg-181124921.txt
2013-10-09 18:08 - 2013-10-09 18:08 - 00000117 _____ C:\Windows\system32\netcfg-178847390.txt
2013-10-09 17:03 - 2013-10-09 17:03 - 00000117 _____ C:\Windows\system32\netcfg-174927609.txt
2013-10-09 16:32 - 2013-10-09 16:32 - 00000117 _____ C:\Windows\system32\netcfg-173074687.txt
2013-10-09 16:26 - 2013-10-09 16:26 - 00000117 _____ C:\Windows\system32\netcfg-172735734.txt
2013-10-09 15:41 - 2013-10-09 15:41 - 00000146 _____ C:\Users\mein Name\Desktop\Windows Defender - Verknüpfung.lnk
2013-10-09 13:23 - 2013-10-09 13:23 - 00002771 _____ C:\Users\mein Name\Desktop\Citrus.txt
2013-10-09 11:59 - 2013-10-09 11:59 - 00000117 _____ C:\Windows\system32\netcfg-156687515.txt
2013-10-09 03:09 - 2013-10-09 03:09 - 00000117 _____ C:\Windows\system32\netcfg-124885515.txt
2013-10-08 21:10 - 2013-10-08 21:10 - 00000117 _____ C:\Windows\system32\netcfg-103343062.txt
2013-10-08 21:03 - 2013-10-08 21:03 - 00000117 _____ C:\Windows\system32\netcfg-102917531.txt
2013-10-08 20:11 - 2013-10-08 20:11 - 00000117 _____ C:\Windows\system32\netcfg-99830078.txt
2013-10-08 19:44 - 2013-10-08 19:44 - 00000117 _____ C:\Windows\system32\netcfg-98209328.txt
2013-10-08 17:44 - 2013-10-14 20:24 - 00000000 ____D C:\ProgramData\Yahoo!
2013-10-08 17:44 - 2013-10-08 17:44 - 00001143 _____ C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2013-10-08 17:42 - 2013-10-14 20:24 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2013-10-08 17:29 - 2013-10-08 17:29 - 00000117 _____ C:\Windows\system32\netcfg-90112281.txt
2013-10-08 17:21 - 2013-10-08 17:21 - 00000117 _____ C:\Windows\system32\netcfg-89583859.txt
2013-10-08 15:19 - 2013-10-08 15:19 - 00000117 _____ C:\Windows\system32\netcfg-82270359.txt
2013-10-08 13:43 - 2013-10-08 13:43 - 00000117 _____ C:\Windows\system32\netcfg-76551343.txt
2013-10-08 11:36 - 2013-10-08 11:36 - 00001920 _____ C:\Users\mein Name\Desktop\beckenboden.txt
2013-10-08 11:01 - 2013-10-08 11:01 - 00000117 _____ C:\Windows\system32\netcfg-66818187.txt
2013-10-08 02:42 - 2013-10-08 02:42 - 00000117 _____ C:\Windows\system32\netcfg-36863578.txt
2013-10-07 20:16 - 2013-10-07 20:16 - 00000117 _____ C:\Windows\system32\netcfg-13684281.txt
2013-10-07 18:48 - 2013-10-16 14:28 - 00001206 _____ C:\Users\mein Name\AppData\Roaming\wklnhst.dat
2013-10-07 18:48 - 2013-10-07 18:48 - 00001173 _____ C:\Users\mein Name\Desktop\Microsoft Works.LNK
2013-10-07 18:48 - 2013-10-07 18:48 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Template
2013-10-07 18:39 - 2013-10-07 18:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-10-07 18:36 - 2013-10-07 18:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2013-10-07 18:23 - 2013-10-07 18:23 - 00000117 _____ C:\Windows\system32\netcfg-6917859.txt
2013-10-07 17:40 - 2013-10-07 17:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-07 17:28 - 2013-10-16 20:31 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-07 17:21 - 2013-10-07 17:21 - 00000117 _____ C:\Windows\system32\netcfg-3235453.txt
2013-10-07 17:19 - 2013-10-07 17:19 - 00000117 _____ C:\Windows\system32\netcfg-3122375.txt
2013-10-07 17:17 - 2013-10-07 17:17 - 00000117 _____ C:\Windows\system32\netcfg-2989796.txt
2013-10-07 17:16 - 2013-10-07 17:16 - 00000117 _____ C:\Windows\system32\netcfg-2906203.txt
2013-10-07 17:15 - 2013-10-07 17:15 - 00000117 _____ C:\Windows\system32\netcfg-2872484.txt
2013-10-07 17:11 - 2013-10-07 17:11 - 00001153 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-07 17:11 - 2013-10-07 17:11 - 00000117 _____ C:\Windows\system32\netcfg-2589859.txt
2013-10-07 17:11 - 2013-10-07 17:11 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Mozilla
2013-10-07 16:33 - 2013-10-07 16:33 - 00000117 _____ C:\Windows\system32\netcfg-323750.txt
2013-10-07 16:33 - 2013-10-07 16:33 - 00000117 _____ C:\Windows\system32\netcfg-323734.txt
2013-10-07 16:33 - 2013-10-07 16:33 - 00000117 _____ C:\Windows\system32\netcfg-317734.txt
2013-10-07 16:27 - 2013-10-07 16:27 - 00000117 _____ C:\Windows\system32\netcfg-1062062.txt
2013-10-07 16:21 - 2013-10-07 16:21 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\hpqLog
2013-10-07 16:15 - 2013-10-07 16:16 - 00000117 _____ C:\Windows\system32\netcfg-354828.txt
2013-10-07 16:12 - 2013-10-07 16:12 - 00000000 ____D C:\ProgramData\Simply Super Software
2013-10-07 16:10 - 2013-10-07 16:10 - 00000117 _____ C:\Windows\system32\netcfg-27484.txt
2013-10-07 16:06 - 2013-05-02 17:29 - 00278800 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-10-07 15:08 - 2013-10-07 15:08 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Malwarebytes
2013-10-07 15:08 - 2013-10-07 15:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-07 15:06 - 2013-10-07 15:06 - 00000117 _____ C:\Windows\system32\netcfg-5651812.txt
2013-10-07 15:06 - 2013-10-07 15:06 - 00000117 _____ C:\Windows\system32\netcfg-5651515.txt
2013-10-07 13:25 - 2013-10-07 13:25 - 00000117 _____ C:\Windows\system32\netcfg-80359.txt
2013-10-07 13:25 - 2013-10-07 13:25 - 00000117 _____ C:\Windows\system32\netcfg-79609.txt
2013-10-07 12:50 - 2013-10-07 13:09 - 00000000 ____D C:\AdwCleaner
2013-10-07 12:47 - 2013-10-07 12:47 - 01045226 _____ C:\Users\mein Name\Desktop\adwcleaner_3.0.0.6.exe
2013-10-07 11:40 - 2013-10-07 11:40 - 00000117 _____ C:\Windows\system32\netcfg-135726031.txt
2013-10-07 01:49 - 2013-10-07 01:49 - 00000117 _____ C:\Windows\system32\netcfg-100287125.txt
2013-10-06 20:14 - 2013-10-06 20:14 - 00000117 _____ C:\Windows\system32\netcfg-80143484.txt
2013-10-06 19:13 - 2013-10-06 19:13 - 00000117 _____ C:\Windows\system32\netcfg-76489531.txt
2013-10-06 17:16 - 2013-10-06 17:16 - 00000117 _____ C:\Windows\system32\netcfg-69504921.txt
2013-10-06 15:43 - 2013-10-06 15:43 - 00000117 _____ C:\Windows\system32\netcfg-63923812.txt
2013-10-06 15:19 - 2013-10-06 15:19 - 00000117 _____ C:\Windows\system32\netcfg-62479484.txt
2013-10-06 15:05 - 2013-10-06 15:05 - 00000117 _____ C:\Windows\system32\netcfg-61607500.txt
2013-10-06 14:27 - 2013-10-16 13:31 - 00001378 _____ C:\Users\mein Name\Desktop\gangschaltung.txt
2013-10-06 14:05 - 2013-10-06 14:05 - 00000117 _____ C:\Windows\system32\netcfg-58040500.txt
2013-10-06 14:05 - 2013-10-06 14:05 - 00000117 _____ C:\Windows\system32\netcfg-58039734.txt
2013-10-06 12:11 - 2013-10-06 12:11 - 00000117 _____ C:\Windows\system32\netcfg-51167828.txt
2013-10-06 12:11 - 2013-10-06 12:11 - 00000117 _____ C:\Windows\system32\netcfg-51167468.txt
2013-10-06 00:49 - 2013-10-06 00:49 - 00000000 ____D C:\ProgramData\Recovery
2013-10-05 21:52 - 2013-10-05 21:52 - 00000936 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2013-10-05 21:52 - 2013-10-05 21:52 - 00000000 ____D C:\Program Files (x86)\epson
2013-10-05 21:52 - 2006-10-13 00:00 - 00093184 _____ (SEIKO EPSON CORP.) C:\Windows\system32\esxcwiad.dll
2013-10-05 21:45 - 2013-10-13 17:38 - 00000000 ____D C:\Users\mein Name\AppData\Local\Thunderbird
2013-10-05 21:45 - 2013-10-05 21:45 - 00002092 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2013-10-05 21:45 - 2013-10-05 21:45 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Thunderbird
2013-10-05 21:40 - 2013-10-16 20:33 - 00000000 ____D C:\ProgramData\Oracle
2013-10-05 21:40 - 2013-10-05 21:40 - 00000000 ____D C:\ProgramData\Sun
2013-10-05 21:36 - 2013-10-05 21:36 - 00000000 ____D C:\Users\mein Name\AppData\Local\Macromedia
2013-10-05 21:34 - 2013-10-14 20:28 - 00000000 ____D C:\Users\mein Name\AppData\Local\Adobe
2013-10-05 21:12 - 2013-10-16 14:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-05 21:12 - 2013-10-05 21:15 - 00000000 ____D C:\Users\mein Name\AppData\Local\Mozilla
2013-10-05 21:12 - 2013-10-05 21:12 - 00000000 ____D C:\ProgramData\Mozilla
2013-10-05 21:10 - 2013-10-05 21:10 - 00001008 _____ C:\Users\mein Name\Desktop\IrfanView.lnk
2013-10-05 21:10 - 2013-10-05 21:10 - 00000000 ____D C:\Program Files (x86)\IrfanView
2013-10-05 21:03 - 2013-10-05 21:03 - 00000117 _____ C:\Windows\system32\netcfg-15950734.txt
2013-10-05 20:10 - 2013-10-05 20:10 - 00000117 _____ C:\Windows\system32\netcfg-12765281.txt
2013-10-05 19:23 - 2013-10-05 19:23 - 00000117 _____ C:\Windows\system32\netcfg-9918046.txt
2013-10-05 18:08 - 2013-10-05 18:08 - 00000117 _____ C:\Windows\system32\netcfg-5405031.txt
2013-10-05 17:16 - 2013-10-05 17:16 - 00000000 ____D C:\sources
2013-10-05 16:58 - 2013-10-05 16:58 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Macromedia
2013-10-05 16:45 - 2013-10-05 16:45 - 00000117 _____ C:\Windows\system32\netcfg-477953.txt
2013-10-05 16:45 - 2013-10-05 16:45 - 00000117 _____ C:\Windows\system32\netcfg-477921.txt
2013-10-05 16:45 - 2013-10-05 16:45 - 00000117 _____ C:\Windows\system32\netcfg-477734.txt
2013-10-05 16:45 - 2013-10-05 16:45 - 00000117 _____ C:\Windows\system32\netcfg-474468.txt
2013-10-05 16:36 - 2013-10-16 14:28 - 00057344 _____ C:\Users\mein Name\Desktop\Zitrus - Kontroll-Notizen.wps
2013-10-05 16:36 - 2013-10-14 23:13 - 00000540 _____ C:\Users\mein Name\Desktop\rest.txt
2013-10-05 16:36 - 2013-09-18 23:36 - 00002738 _____ C:\Users\mein Name\Desktop\nicks.txt
2013-10-05 16:35 - 2013-10-11 16:00 - 00031232 _____ C:\Users\mein Name\Desktop\mobile.wps
2013-10-05 16:30 - 2013-10-05 16:30 - 00000000 ____D C:\Users\mein Name\AppData\Local\Hewlett-Packard
2013-10-05 16:02 - 2013-10-05 16:02 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-10-05 15:14 - 2013-10-14 21:16 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4071608636-3666989274-3695306699-1001
2013-10-05 15:09 - 2013-10-14 20:28 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Adobe
2013-10-05 15:09 - 2013-10-05 15:09 - 00001444 _____ C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-05 15:09 - 2013-10-05 15:09 - 00000000 __RSH C:\Windows\SysWOW64\Drivers\103C_HP_cPC_p6-2321eg_Y53316J_0U_QCZC2438N3V_E12CE3RR8605_4A_I2ADA_SFoxconn_V1.00_B8.09_T120928_W8101-0_L407_M8146_J500_7Intel_86A9_93.30_#121027_N10EC8168_Z_G10DE1049_Ohp CDDVDW SH-216BB_DSAM037B.MRK
2013-10-05 15:09 - 2013-10-05 15:09 - 00000000 __RSH C:\Windows\system32\Drivers\103C_HP_cPC_p6-2321eg_Y53316J_0U_QCZC2438N3V_E12CE3RR8605_4A_I2ADA_SFoxconn_V1.00_B8.09_T120928_W8101-0_L407_M8146_J500_7Intel_86A9_93.30_#121027_N10EC8168_Z_G10DE1049_Ohp CDDVDW SH-216BB_DSAM037B.MRK
2013-10-05 15:09 - 2013-10-05 15:09 - 00000000 ___RD C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-05 15:09 - 2013-10-05 15:09 - 00000000 ___RD C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-05 15:09 - 2013-10-05 15:09 - 00000000 ____D C:\Users\mein Name\AppData\Local\Power2Go8
2013-10-05 15:09 - 2012-10-27 03:30 - 00002217 _____ C:\Users\Public\Desktop\Snapfish Fotos.lnk
2013-10-05 15:08 - 2013-10-07 16:21 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Hewlett-Packard
2013-10-05 15:07 - 2013-10-17 20:13 - 00000000 ____D C:\Users\mein Name
2013-10-05 15:07 - 2013-10-07 18:48 - 00000000 ____D C:\Users\mein Name\AppData\Local\VirtualStore
2013-10-05 15:07 - 2013-10-05 15:33 - 00000000 ____D C:\Users\mein Name\AppData\Local\Packages
2013-10-05 15:07 - 2013-10-05 15:07 - 00000020 ___SH C:\Users\mein Name\ntuser.ini
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Vorlagen
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Startmenü
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Netzwerkumgebung
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Lokale Einstellungen
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Eigene Dateien
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Druckumgebung
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Documents\Eigene Musik
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Documents\Eigene Bilder
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\AppData\Local\Verlauf
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\AppData\Local\Anwendungsdaten
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Anwendungsdaten
2013-10-05 15:07 - 2012-10-27 03:16 - 00000000 ___HD C:\Users\mein Name\Documents\hp.system.package.metadata
2013-10-05 15:07 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-10-05 15:07 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-05 15:07 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-10-05 15:07 - 2012-07-26 10:13 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Programme
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Dokumente und Einstellungen
==================== One Month Modified Files and Folders =======
2013-10-17 20:21 - 2013-10-17 20:21 - 00000000 ____D C:\FRST
2013-10-17 20:20 - 2013-10-14 20:19 - 00000316 _____ C:\Windows\Tasks\UpdaterEX.job
2013-10-17 20:15 - 2013-10-17 20:15 - 01954124 _____ (Farbar) C:\Users\mein Name\Desktop\FRST64.exe
2013-10-17 20:14 - 2013-10-17 18:46 - 00000881 _____ C:\Users\mein Name\Desktop\trojaner board.txt
2013-10-17 20:13 - 2013-10-17 20:13 - 00000480 _____ C:\Users\mein Name\Desktop\defogger_disable.log
2013-10-17 20:13 - 2013-10-17 20:13 - 00000000 _____ C:\Users\mein Name\defogger_reenable
2013-10-17 20:13 - 2013-10-05 15:07 - 00000000 ____D C:\Users\mein Name
2013-10-17 20:10 - 2013-10-17 20:10 - 00050477 _____ C:\Users\mein Name\Desktop\Defogger.exe
2013-10-17 20:00 - 2013-10-17 20:00 - 00000117 _____ C:\Windows\system32\netcfg-12919140.txt
2013-10-17 20:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-10-17 19:31 - 2013-10-17 19:31 - 00000117 _____ C:\Windows\system32\netcfg-11188875.txt
2013-10-17 18:36 - 2013-10-17 18:36 - 00000117 _____ C:\Windows\system32\netcfg-7862437.txt
2013-10-17 18:36 - 2013-10-17 18:36 - 00000117 _____ C:\Windows\system32\netcfg-7862234.txt
2013-10-17 17:08 - 2013-10-17 17:08 - 01048960 _____ C:\Users\mein Name\Desktop\adwcleaner_3.0.0.7.exe
2013-10-17 16:36 - 2013-10-14 15:52 - 00525626 _____ C:\Windows\WindowsUpdate.log
2013-10-17 16:27 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-10-17 16:26 - 2013-10-17 12:48 - 00000000 ____D C:\ProgramData\Trend Micro
2013-10-17 16:25 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-17 16:13 - 2013-10-17 16:13 - 00000117 _____ C:\Windows\system32\netcfg-12582312.txt
2013-10-17 16:11 - 2013-10-17 16:11 - 00000117 _____ C:\Windows\system32\netcfg-12431531.txt
2013-10-17 15:26 - 2013-10-17 15:26 - 00000117 _____ C:\Windows\system32\netcfg-9764437.txt
2013-10-17 15:26 - 2013-10-17 15:26 - 00000117 _____ C:\Windows\system32\netcfg-9764000.txt
2013-10-17 13:13 - 2013-10-13 12:39 - 00000000 ____D C:\Users\mein Name\Desktop\url-25
2013-10-17 12:55 - 2013-10-17 12:55 - 00000000 ___HD C:\TMRescueDisk
2013-10-17 12:50 - 2013-10-17 12:50 - 00001429 _____ C:\Users\mein Name\Desktop\Trend Micro Titanium Internet Security.lnk
2013-10-17 12:50 - 2013-10-17 12:50 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security
2013-10-17 12:50 - 2012-07-26 10:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-10-17 12:49 - 2013-10-17 12:49 - 00003268 _____ C:\Windows\System32\Tasks\Titanium BTC
2013-10-17 12:48 - 2013-10-17 12:48 - 00000059 _____ C:\Windows\system32\SupportTool.exe.bat
2013-10-17 12:48 - 2013-10-17 12:47 - 00000000 ____D C:\Program Files\Trend Micro
2013-10-17 12:45 - 2013-10-17 12:45 - 00000036 _____ C:\Users\mein Name\AppData\Local\housecall.guid.cache
2013-10-17 12:43 - 2013-10-17 12:43 - 00000000 ____D C:\Users\mein Name\AppData\Local\Trend Micro
2013-10-17 12:41 - 2013-10-17 12:37 - 115016720 _____ (Trend Micro Inc.) C:\Users\Public\Desktop\Trend_Micro.exe
2013-10-17 12:34 - 2013-10-17 12:34 - 06631240 _____ (Trend Micro Inc.) C:\Users\mein Name\Desktop\Titanium_Internet_Security_2014.exe
2013-10-17 12:20 - 2013-10-17 12:20 - 00000117 _____ C:\Windows\system32\netcfg-45127859.txt
2013-10-17 12:01 - 2013-10-17 12:01 - 00000117 _____ C:\Windows\system32\netcfg-44028093.txt
2013-10-17 11:39 - 2013-10-17 11:39 - 00000117 _____ C:\Windows\system32\netcfg-42720328.txt
2013-10-17 11:39 - 2013-10-17 11:39 - 00000117 _____ C:\Windows\system32\netcfg-42698062.txt
2013-10-17 11:39 - 2013-10-17 11:39 - 00000117 _____ C:\Windows\system32\netcfg-42687218.txt
2013-10-17 11:28 - 2013-10-17 11:28 - 00000117 _____ C:\Windows\system32\netcfg-42011015.txt
2013-10-16 23:35 - 2013-10-16 23:35 - 00000115 _____ C:\Users\mein Name\Desktop\igno.txt
2013-10-16 21:03 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\LiveKernelReports
2013-10-16 20:33 - 2013-10-05 21:40 - 00000000 ____D C:\ProgramData\Oracle
2013-10-16 20:31 - 2013-10-16 20:30 - 00004278 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-16 20:31 - 2013-10-07 17:28 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-16 20:29 - 2013-10-16 20:29 - 00915368 _____ (Oracle Corporation) C:\Users\mein Name\Desktop\jxpiinstall.exe
2013-10-16 19:48 - 2013-10-16 19:48 - 00000117 _____ C:\Windows\system32\netcfg-18356390.txt
2013-10-16 19:06 - 2013-10-16 19:06 - 00000117 _____ C:\Windows\system32\netcfg-15839953.txt
2013-10-16 18:46 - 2013-10-16 18:46 - 00000117 _____ C:\Windows\system32\netcfg-14612062.txt
2013-10-16 18:35 - 2013-10-16 18:35 - 00000117 _____ C:\Windows\system32\netcfg-13975906.txt
2013-10-16 17:42 - 2013-10-16 17:42 - 00000117 _____ C:\Windows\system32\netcfg-10798078.txt
2013-10-16 17:39 - 2013-10-16 17:39 - 00000117 _____ C:\Windows\system32\netcfg-10600734.txt
2013-10-16 16:51 - 2013-10-16 16:51 - 00000117 _____ C:\Windows\system32\netcfg-7723078.txt
2013-10-16 16:48 - 2013-10-16 16:48 - 00000117 _____ C:\Windows\system32\netcfg-7538093.txt
2013-10-16 15:59 - 2013-10-16 15:59 - 00000117 _____ C:\Windows\system32\netcfg-4630343.txt
2013-10-16 15:59 - 2013-10-16 15:59 - 00000117 _____ C:\Windows\system32\netcfg-4629437.txt
2013-10-16 14:42 - 2013-10-14 20:47 - 00003200 _____ C:\Windows\PFRO.log
2013-10-16 14:42 - 2013-10-05 21:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-16 14:42 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-10-16 14:28 - 2013-10-07 18:48 - 00001206 _____ C:\Users\mein Name\AppData\Roaming\wklnhst.dat
2013-10-16 14:28 - 2013-10-05 16:36 - 00057344 _____ C:\Users\mein Name\Desktop\Zitrus - Kontroll-Notizen.wps
2013-10-16 13:52 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-10-16 13:31 - 2013-10-06 14:27 - 00001378 _____ C:\Users\mein Name\Desktop\gangschaltung.txt
2013-10-16 13:27 - 2013-10-16 13:27 - 00010240 _____ C:\Users\mein Name\Desktop\fahrrad fahren.wps
2013-10-16 11:39 - 2013-10-16 11:39 - 00000117 _____ C:\Windows\system32\netcfg-139965953.txt
2013-10-16 02:20 - 2013-10-16 02:20 - 00000117 _____ C:\Windows\system32\netcfg-106381421.txt
2013-10-15 19:26 - 2013-10-15 19:26 - 00000117 _____ C:\Windows\system32\netcfg-81555171.txt
2013-10-15 19:07 - 2013-10-15 19:07 - 00000117 _____ C:\Windows\system32\netcfg-80413812.txt
2013-10-15 15:56 - 2013-10-15 15:56 - 00000117 _____ C:\Windows\system32\netcfg-68955843.txt
2013-10-15 15:40 - 2013-10-15 15:40 - 00000117 _____ C:\Windows\system32\netcfg-67993203.txt
2013-10-15 14:37 - 2013-10-15 14:37 - 00000117 _____ C:\Windows\system32\netcfg-64215875.txt
2013-10-15 13:26 - 2013-10-15 13:26 - 00000117 _____ C:\Windows\system32\netcfg-59930578.txt
2013-10-15 10:47 - 2013-10-14 18:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-15 10:44 - 2013-10-15 10:44 - 00000117 _____ C:\Windows\system32\netcfg-50255078.txt
2013-10-15 10:44 - 2013-10-15 10:44 - 00000117 _____ C:\Windows\system32\netcfg-50253234.txt
2013-10-14 23:13 - 2013-10-05 16:36 - 00000540 _____ C:\Users\mein Name\Desktop\rest.txt
2013-10-14 21:16 - 2013-10-05 15:14 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4071608636-3666989274-3695306699-1001
2013-10-14 20:29 - 2013-10-14 20:27 - 00000000 ____D C:\ProgramData\Adobe
2013-10-14 20:28 - 2013-10-05 21:34 - 00000000 ____D C:\Users\mein Name\AppData\Local\Adobe
2013-10-14 20:28 - 2013-10-05 15:09 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Adobe
2013-10-14 20:27 - 2013-10-14 20:27 - 00002021 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-10-14 20:27 - 2013-10-14 20:27 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-10-14 20:24 - 2013-10-08 17:44 - 00000000 ____D C:\ProgramData\Yahoo!
2013-10-14 20:24 - 2013-10-08 17:42 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2013-10-14 20:23 - 2013-10-14 20:19 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-10-14 20:20 - 2013-10-14 20:20 - 00000000 ____D C:\Windows\Sun
2013-10-14 20:19 - 2013-10-14 20:19 - 00002654 _____ C:\Windows\System32\Tasks\UpdaterEX
2013-10-14 20:19 - 2013-10-14 20:19 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\UpdaterEX
2013-10-14 20:19 - 2013-10-14 20:19 - 00000000 ____D C:\Users\mein Name\AppData\Local\Google
2013-10-14 20:06 - 2013-10-14 20:06 - 00000117 _____ C:\Windows\system32\netcfg-197544125.txt
2013-10-14 19:42 - 2013-10-14 19:42 - 00000117 _____ C:\Windows\system32\netcfg-196122671.txt
2013-10-14 18:23 - 2013-10-14 18:23 - 00011264 _____ C:\Users\mein Name\Desktop\Tabelle orale Phase.wps
2013-10-14 16:44 - 2013-10-14 16:44 - 00000117 _____ C:\Windows\system32\netcfg-185445437.txt
2013-10-14 16:13 - 2013-10-14 16:13 - 00000117 _____ C:\Windows\system32\netcfg-183582062.txt
2013-10-14 09:38 - 2013-10-14 09:38 - 00000117 _____ C:\Windows\system32\netcfg-159871250.txt
2013-10-14 02:01 - 2013-10-14 02:01 - 00000117 _____ C:\Windows\system32\netcfg-132414328.txt
2013-10-13 20:27 - 2013-10-13 20:27 - 00009216 _____ C:\Users\mein Name\Desktop\laterne basteln.wps
2013-10-13 19:23 - 2013-10-13 19:23 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Yahoo!
2013-10-13 19:22 - 2013-10-13 19:22 - 00000117 _____ C:\Windows\system32\netcfg-108519484.txt
2013-10-13 19:00 - 2013-10-13 19:00 - 00000117 _____ C:\Windows\system32\netcfg-107204859.txt
2013-10-13 17:38 - 2013-10-05 21:45 - 00000000 ____D C:\Users\mein Name\AppData\Local\Thunderbird
2013-10-13 17:37 - 2012-10-27 12:06 - 00745562 _____ C:\Windows\system32\perfh007.dat
2013-10-13 17:37 - 2012-10-27 12:06 - 00169488 _____ C:\Windows\system32\perfc007.dat
2013-10-13 17:37 - 2012-07-26 09:28 - 01752656 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-13 17:01 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF
2013-10-13 16:16 - 2013-10-13 16:16 - 00000117 _____ C:\Windows\system32\netcfg-97367828.txt
2013-10-13 15:40 - 2013-10-13 15:40 - 00000117 _____ C:\Windows\system32\netcfg-95173625.txt
2013-10-13 12:33 - 2013-10-13 12:33 - 00000117 _____ C:\Windows\system32\netcfg-83950609.txt
2013-10-13 02:40 - 2013-10-13 02:40 - 00000117 _____ C:\Windows\system32\netcfg-48368703.txt
2013-10-12 20:06 - 2013-10-12 20:06 - 00000117 _____ C:\Windows\system32\netcfg-24720421.txt
2013-10-12 17:38 - 2013-10-12 17:38 - 00071550 _____ C:\Users\mein Name\Desktop\cc_20131012_173753.reg
2013-10-12 17:38 - 2013-10-12 17:38 - 00007196 _____ C:\Users\mein Name\Desktop\cc_20131012_173821.reg
2013-10-12 17:38 - 2013-10-12 17:38 - 00000117 _____ C:\Windows\system32\netcfg-15891765.txt
2013-10-12 17:35 - 2012-08-02 04:02 - 00000000 ____D C:\Windows\Panther
2013-10-12 17:33 - 2013-10-12 17:33 - 00002780 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-10-12 17:33 - 2013-10-12 17:33 - 00000824 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-10-12 17:33 - 2013-10-12 17:32 - 00000000 ____D C:\Program Files\CCleaner
2013-10-12 17:31 - 2013-10-12 17:31 - 03294168 _____ (Piriform Ltd) C:\Users\mein Name\Desktop\ccsetup406_slim.exe
2013-10-12 16:57 - 2012-10-27 03:22 - 00000000 ____D C:\ProgramData\CyberLink
2013-10-12 16:55 - 2013-10-12 16:55 - 00000000 ____D C:\Users\mein Name\Desktop\von stick
2013-10-12 16:51 - 2013-10-12 16:51 - 00001579 _____ C:\Users\mein Name\Desktop\PS - Verknüpfung.lnk
2013-10-12 16:50 - 2013-10-12 16:50 - 00000000 ____D C:\Users\Public\Documents\CyberLink
2013-10-12 16:50 - 2013-10-12 16:50 - 00000000 ____D C:\Users\Public\CyberLink
2013-10-12 16:50 - 2013-10-12 16:50 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\CyberLink
2013-10-12 13:14 - 2012-07-26 09:19 - 00339760 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-11 20:37 - 2013-10-11 20:37 - 00000117 _____ C:\Windows\system32\netcfg-360564218.txt
2013-10-11 20:34 - 2013-10-11 20:34 - 00000117 _____ C:\Windows\system32\netcfg-360358000.txt
2013-10-11 19:51 - 2013-10-11 19:51 - 00000117 _____ C:\Windows\system32\netcfg-357810250.txt
2013-10-11 19:44 - 2013-10-11 19:44 - 00000117 _____ C:\Windows\system32\netcfg-357392078.txt
2013-10-11 17:49 - 2013-10-11 17:49 - 00000117 _____ C:\Windows\system32\netcfg-350465515.txt
2013-10-11 17:34 - 2013-10-11 17:34 - 00000117 _____ C:\Windows\system32\netcfg-349605890.txt
2013-10-11 16:00 - 2013-10-05 16:35 - 00031232 _____ C:\Users\mein Name\Desktop\mobile.wps
2013-10-11 13:10 - 2013-10-11 13:10 - 00000117 _____ C:\Windows\system32\netcfg-333730328.txt
2013-10-11 13:10 - 2013-10-11 13:10 - 00000117 _____ C:\Windows\system32\netcfg-333729484.txt
2013-10-10 21:07 - 2013-10-10 21:07 - 00000117 _____ C:\Windows\system32\netcfg-275984031.txt
2013-10-10 21:06 - 2013-10-10 21:06 - 00000117 _____ C:\Windows\system32\netcfg-275911203.txt
2013-10-10 20:12 - 2013-10-10 20:12 - 00000117 _____ C:\Windows\system32\netcfg-272673031.txt
2013-10-10 19:39 - 2013-10-10 19:39 - 00000117 _____ C:\Windows\system32\netcfg-270674671.txt
2013-10-10 18:16 - 2013-10-10 18:16 - 00000117 _____ C:\Windows\system32\netcfg-265728343.txt
2013-10-10 16:20 - 2013-10-10 16:20 - 00000117 _____ C:\Windows\system32\netcfg-258740062.txt
2013-10-10 11:43 - 2013-10-10 11:43 - 00000117 _____ C:\Windows\system32\netcfg-242127203.txt
2013-10-10 02:29 - 2013-10-10 02:29 - 00000117 _____ C:\Windows\system32\netcfg-208915015.txt
2013-10-09 20:17 - 2013-10-09 20:17 - 00000117 _____ C:\Windows\system32\netcfg-186591750.txt
2013-10-09 18:46 - 2013-10-09 18:46 - 00000117 _____ C:\Windows\system32\netcfg-181124921.txt
2013-10-09 18:08 - 2013-10-09 18:08 - 00000117 _____ C:\Windows\system32\netcfg-178847390.txt
2013-10-09 17:03 - 2013-10-09 17:03 - 00000117 _____ C:\Windows\system32\netcfg-174927609.txt
2013-10-09 16:32 - 2013-10-09 16:32 - 00000117 _____ C:\Windows\system32\netcfg-173074687.txt
2013-10-09 16:26 - 2013-10-09 16:26 - 00000117 _____ C:\Windows\system32\netcfg-172735734.txt
2013-10-09 15:41 - 2013-10-09 15:41 - 00000146 _____ C:\Users\mein Name\Desktop\Windows Defender - Verknüpfung.lnk
2013-10-09 13:23 - 2013-10-09 13:23 - 00002771 _____ C:\Users\mein Name\Desktop\Citrus.txt
2013-10-09 11:59 - 2013-10-09 11:59 - 00000117 _____ C:\Windows\system32\netcfg-156687515.txt
2013-10-09 03:09 - 2013-10-09 03:09 - 00000117 _____ C:\Windows\system32\netcfg-124885515.txt
2013-10-08 21:10 - 2013-10-08 21:10 - 00000117 _____ C:\Windows\system32\netcfg-103343062.txt
2013-10-08 21:03 - 2013-10-08 21:03 - 00000117 _____ C:\Windows\system32\netcfg-102917531.txt
2013-10-08 20:11 - 2013-10-08 20:11 - 00000117 _____ C:\Windows\system32\netcfg-99830078.txt
2013-10-08 19:44 - 2013-10-08 19:44 - 00000117 _____ C:\Windows\system32\netcfg-98209328.txt
2013-10-08 17:44 - 2013-10-08 17:44 - 00001143 _____ C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2013-10-08 17:29 - 2013-10-08 17:29 - 00000117 _____ C:\Windows\system32\netcfg-90112281.txt
2013-10-08 17:21 - 2013-10-08 17:21 - 00000117 _____ C:\Windows\system32\netcfg-89583859.txt
2013-10-08 15:19 - 2013-10-08 15:19 - 00000117 _____ C:\Windows\system32\netcfg-82270359.txt
2013-10-08 13:43 - 2013-10-08 13:43 - 00000117 _____ C:\Windows\system32\netcfg-76551343.txt
2013-10-08 11:36 - 2013-10-08 11:36 - 00001920 _____ C:\Users\mein Name\Desktop\beckenboden.txt
2013-10-08 11:03 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-10-08 11:01 - 2013-10-08 11:01 - 00000117 _____ C:\Windows\system32\netcfg-66818187.txt
2013-10-08 07:50 - 2013-10-16 20:31 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-08 07:46 - 2013-10-16 20:31 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-08 07:46 - 2013-10-16 20:31 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-08 07:46 - 2013-10-16 20:31 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-08 02:42 - 2013-10-08 02:42 - 00000117 _____ C:\Windows\system32\netcfg-36863578.txt
2013-10-07 20:16 - 2013-10-07 20:16 - 00000117 _____ C:\Windows\system32\netcfg-13684281.txt
2013-10-07 18:48 - 2013-10-07 18:48 - 00001173 _____ C:\Users\mein Name\Desktop\Microsoft Works.LNK
2013-10-07 18:48 - 2013-10-07 18:48 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Template
2013-10-07 18:48 - 2013-10-05 15:07 - 00000000 ____D C:\Users\mein Name\AppData\Local\VirtualStore
2013-10-07 18:39 - 2013-10-07 18:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-10-07 18:39 - 2013-10-07 18:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2013-10-07 18:23 - 2013-10-07 18:23 - 00000117 _____ C:\Windows\system32\netcfg-6917859.txt
2013-10-07 17:40 - 2013-10-07 17:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-07 17:21 - 2013-10-07 17:21 - 00000117 _____ C:\Windows\system32\netcfg-3235453.txt
2013-10-07 17:19 - 2013-10-07 17:19 - 00000117 _____ C:\Windows\system32\netcfg-3122375.txt
2013-10-07 17:17 - 2013-10-07 17:17 - 00000117 _____ C:\Windows\system32\netcfg-2989796.txt
2013-10-07 17:16 - 2013-10-07 17:16 - 00000117 _____ C:\Windows\system32\netcfg-2906203.txt
2013-10-07 17:15 - 2013-10-07 17:15 - 00000117 _____ C:\Windows\system32\netcfg-2872484.txt
2013-10-07 17:11 - 2013-10-07 17:11 - 00001153 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-07 17:11 - 2013-10-07 17:11 - 00000117 _____ C:\Windows\system32\netcfg-2589859.txt
2013-10-07 17:11 - 2013-10-07 17:11 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Mozilla
2013-10-07 16:33 - 2013-10-07 16:33 - 00000117 _____ C:\Windows\system32\netcfg-323750.txt
2013-10-07 16:33 - 2013-10-07 16:33 - 00000117 _____ C:\Windows\system32\netcfg-323734.txt
2013-10-07 16:33 - 2013-10-07 16:33 - 00000117 _____ C:\Windows\system32\netcfg-317734.txt
2013-10-07 16:27 - 2013-10-07 16:27 - 00000117 _____ C:\Windows\system32\netcfg-1062062.txt
2013-10-07 16:26 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-10-07 16:23 - 2012-10-27 03:16 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2013-10-07 16:21 - 2013-10-07 16:21 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\hpqLog
2013-10-07 16:21 - 2013-10-05 15:08 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Hewlett-Packard
2013-10-07 16:21 - 2012-10-27 03:17 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-10-07 16:16 - 2013-10-07 16:15 - 00000117 _____ C:\Windows\system32\netcfg-354828.txt
2013-10-07 16:12 - 2013-10-07 16:12 - 00000000 ____D C:\ProgramData\Simply Super Software
2013-10-07 16:10 - 2013-10-07 16:10 - 00000117 _____ C:\Windows\system32\netcfg-27484.txt
2013-10-07 15:08 - 2013-10-07 15:08 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Malwarebytes
2013-10-07 15:08 - 2013-10-07 15:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-07 15:06 - 2013-10-07 15:06 - 00000117 _____ C:\Windows\system32\netcfg-5651812.txt
2013-10-07 15:06 - 2013-10-07 15:06 - 00000117 _____ C:\Windows\system32\netcfg-5651515.txt
2013-10-07 13:25 - 2013-10-07 13:25 - 00000117 _____ C:\Windows\system32\netcfg-80359.txt
2013-10-07 13:25 - 2013-10-07 13:25 - 00000117 _____ C:\Windows\system32\netcfg-79609.txt
2013-10-07 13:09 - 2013-10-07 12:50 - 00000000 ____D C:\AdwCleaner
2013-10-07 12:47 - 2013-10-07 12:47 - 01045226 _____ C:\Users\mein Name\Desktop\adwcleaner_3.0.0.6.exe
2013-10-07 11:40 - 2013-10-07 11:40 - 00000117 _____ C:\Windows\system32\netcfg-135726031.txt
2013-10-07 01:49 - 2013-10-07 01:49 - 00000117 _____ C:\Windows\system32\netcfg-100287125.txt
2013-10-06 20:14 - 2013-10-06 20:14 - 00000117 _____ C:\Windows\system32\netcfg-80143484.txt
2013-10-06 19:13 - 2013-10-06 19:13 - 00000117 _____ C:\Windows\system32\netcfg-76489531.txt
2013-10-06 17:16 - 2013-10-06 17:16 - 00000117 _____ C:\Windows\system32\netcfg-69504921.txt
2013-10-06 15:43 - 2013-10-06 15:43 - 00000117 _____ C:\Windows\system32\netcfg-63923812.txt
2013-10-06 15:19 - 2013-10-06 15:19 - 00000117 _____ C:\Windows\system32\netcfg-62479484.txt
2013-10-06 15:05 - 2013-10-06 15:05 - 00000117 _____ C:\Windows\system32\netcfg-61607500.txt
2013-10-06 14:05 - 2013-10-06 14:05 - 00000117 _____ C:\Windows\system32\netcfg-58040500.txt
2013-10-06 14:05 - 2013-10-06 14:05 - 00000117 _____ C:\Windows\system32\netcfg-58039734.txt
2013-10-06 12:11 - 2013-10-06 12:11 - 00000117 _____ C:\Windows\system32\netcfg-51167828.txt
2013-10-06 12:11 - 2013-10-06 12:11 - 00000117 _____ C:\Windows\system32\netcfg-51167468.txt
2013-10-06 00:50 - 2012-07-26 10:13 - 00262144 _____ C:\Windows\system32\config\BCD-Template
2013-10-06 00:49 - 2013-10-06 00:49 - 00000000 ____D C:\ProgramData\Recovery
2013-10-05 21:52 - 2013-10-05 21:52 - 00000936 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2013-10-05 21:52 - 2013-10-05 21:52 - 00000000 ____D C:\Program Files (x86)\epson
2013-10-05 21:45 - 2013-10-05 21:45 - 00002092 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2013-10-05 21:45 - 2013-10-05 21:45 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Thunderbird
2013-10-05 21:40 - 2013-10-05 21:40 - 00000000 ____D C:\ProgramData\Sun
2013-10-05 21:36 - 2013-10-05 21:36 - 00000000 ____D C:\Users\mein Name\AppData\Local\Macromedia
2013-10-05 21:15 - 2013-10-05 21:12 - 00000000 ____D C:\Users\mein Name\AppData\Local\Mozilla
2013-10-05 21:12 - 2013-10-05 21:12 - 00000000 ____D C:\ProgramData\Mozilla
2013-10-05 21:10 - 2013-10-05 21:10 - 00001008 _____ C:\Users\mein Name\Desktop\IrfanView.lnk
2013-10-05 21:10 - 2013-10-05 21:10 - 00000000 ____D C:\Program Files (x86)\IrfanView
2013-10-05 21:03 - 2013-10-05 21:03 - 00000117 _____ C:\Windows\system32\netcfg-15950734.txt
2013-10-05 20:10 - 2013-10-05 20:10 - 00000117 _____ C:\Windows\system32\netcfg-12765281.txt
2013-10-05 19:23 - 2013-10-05 19:23 - 00000117 _____ C:\Windows\system32\netcfg-9918046.txt
2013-10-05 18:08 - 2013-10-05 18:08 - 00000117 _____ C:\Windows\system32\netcfg-5405031.txt
2013-10-05 17:19 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-10-05 17:18 - 2012-07-26 11:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-10-05 17:18 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\SysWOW64\winrm
2013-10-05 17:18 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2013-10-05 17:18 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2013-10-05 17:18 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-10-05 17:18 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2013-10-05 17:18 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\en-GB
2013-10-05 17:18 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-10-05 17:18 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-10-05 17:18 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\System
2013-10-05 17:18 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-10-05 17:18 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-10-05 17:18 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\oobe
2013-10-05 17:18 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2013-10-05 17:17 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\SysWOW64\WCN
2013-10-05 17:17 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2013-10-05 17:17 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\system32\winrm
2013-10-05 17:17 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\system32\slmgr
2013-10-05 17:17 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2013-10-05 17:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\MUI
2013-10-05 17:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2013-10-05 17:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\Com
2013-10-05 17:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\migwiz
2013-10-05 17:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\inetsrv
2013-10-05 17:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\en-GB
2013-10-05 17:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-10-05 17:17 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-10-05 17:17 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Sysprep
2013-10-05 17:17 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-10-05 17:16 - 2013-10-05 17:16 - 00000000 ____D C:\sources
2013-10-05 17:16 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\system32\WCN
2013-10-05 17:16 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2013-10-05 17:16 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2013-10-05 17:16 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\MUI
2013-10-05 17:16 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\Com
2013-10-05 17:16 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Dism
2013-10-05 16:58 - 2013-10-05 16:58 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Macromedia
2013-10-05 16:45 - 2013-10-05 16:45 - 00000117 _____ C:\Windows\system32\netcfg-477953.txt
2013-10-05 16:45 - 2013-10-05 16:45 - 00000117 _____ C:\Windows\system32\netcfg-477921.txt
2013-10-05 16:45 - 2013-10-05 16:45 - 00000117 _____ C:\Windows\system32\netcfg-477734.txt
2013-10-05 16:45 - 2013-10-05 16:45 - 00000117 _____ C:\Windows\system32\netcfg-474468.txt
2013-10-05 16:30 - 2013-10-05 16:30 - 00000000 ____D C:\Users\mein Name\AppData\Local\Hewlett-Packard
2013-10-05 16:21 - 2012-10-27 03:33 - 00000000 ____D C:\ProgramData\Norton
2013-10-05 16:02 - 2013-10-05 16:02 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-10-05 15:33 - 2013-10-05 15:07 - 00000000 ____D C:\Users\mein Name\AppData\Local\Packages
2013-10-05 15:31 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\restore
2013-10-05 15:09 - 2013-10-05 15:09 - 00001444 _____ C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-05 15:09 - 2013-10-05 15:09 - 00000000 __RSH C:\Windows\SysWOW64\Drivers\103C_HP_cPC_p6-2321eg_Y53316J_0U_QCZC2438N3V_E12CE3RR8605_4A_I2ADA_SFoxconn_V1.00_B8.09_T120928_W8101-0_L407_M8146_J500_7Intel_86A9_93.30_#121027_N10EC8168_Z_G10DE1049_Ohp CDDVDW SH-216BB_DSAM037B.MRK
2013-10-05 15:09 - 2013-10-05 15:09 - 00000000 __RSH C:\Windows\system32\Drivers\103C_HP_cPC_p6-2321eg_Y53316J_0U_QCZC2438N3V_E12CE3RR8605_4A_I2ADA_SFoxconn_V1.00_B8.09_T120928_W8101-0_L407_M8146_J500_7Intel_86A9_93.30_#121027_N10EC8168_Z_G10DE1049_Ohp CDDVDW SH-216BB_DSAM037B.MRK
2013-10-05 15:09 - 2013-10-05 15:09 - 00000000 ___RD C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-05 15:09 - 2013-10-05 15:09 - 00000000 ___RD C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-05 15:09 - 2013-10-05 15:09 - 00000000 ____D C:\Users\mein Name\AppData\Local\Power2Go8
2013-10-05 15:09 - 2012-10-27 03:32 - 00000000 ___RD C:\Program Files\Online Services
2013-10-05 15:09 - 2012-10-27 03:23 - 00000000 ___RD C:\Program Files (x86)\Online Services
2013-10-05 15:09 - 2012-09-12 15:34 - 00000000 _RSHD C:\hp
2013-10-05 15:09 - 2012-08-02 05:15 - 00000000 ____D C:\SWSETUP
2013-10-05 15:09 - 2012-08-01 11:57 - 00000000 _RSHD C:\SYSTEM.SAV
2013-10-05 15:09 - 2012-07-26 10:12 - 00000000 __SHD C:\Program Files\Windows Sidebar
2013-10-05 15:07 - 2013-10-05 15:07 - 00000020 ___SH C:\Users\mein Name\ntuser.ini
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Vorlagen
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Startmenü
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Netzwerkumgebung
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Lokale Einstellungen
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Eigene Dateien
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Druckumgebung
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Documents\Eigene Musik
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Documents\Eigene Bilder
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\AppData\Local\Verlauf
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\AppData\Local\Anwendungsdaten
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Anwendungsdaten
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Programme
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-10-05 14:58 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows NT
2013-10-05 14:58 - 2012-07-26 07:37 - 00000000 __RHD C:\Users\Default
2013-09-18 23:36 - 2013-10-05 16:36 - 00002738 _____ C:\Users\mein Name\Desktop\nicks.txt
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-15 12:10
==================== End Of Log ============================Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by mein Name at 2013-10-17 20:22:29
Running from C:\Users\mein Name\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Trend Micro Titanium Internet Security (Enabled - Up to date) {5D349EF8-873B-C657-917F-F1D93E101A7C}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Trend Micro Titanium Internet Security (Enabled - Up to date) {E6557F1C-A101-C9D9-ABCF-CAAB459750C1}
==================== Installed Programs ======================
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
CCleaner (Version: 4.06)
CyberLink LabelPrint (x32 Version: 2.5.1.5510)
CyberLink Media Suite 10 (x32 Version: 10.0.1.1916)
CyberLink PhotoDirector (x32 Version: 2.0.1.3109)
CyberLink Power2Go 8 (x32 Version: 8.0.1.1902)
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1925)
CyberLink PowerDVD (x32 Version: 10.0.1.4319)
EPSON Scan (x32)
Extended Update (HKCU)
Google Update Helper (x32 Version: 1.3.23.0)
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7)
HP Postscript Converter (Version: 3.1.3591)
HP Support Information (x32 Version: 12.00.0000)
IDT Audio (x32 Version: 1.0.6418.0)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
IrfanView (remove only) (x32 Version: 4.36)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Works (x32 Version: 08.05.0822)
Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0.1)
Mozilla Thunderbird 24.0.1 (x86 de) (x32 Version: 24.0.1)
NVIDIA Control Panel 305.29 (Version: 305.29)
NVIDIA Graphics Driver 305.29 (Version: 305.29)
NVIDIA HD Audio Driver 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.82.513)
NVIDIA PhysX (x32 Version: 9.12.0613)
NVIDIA PhysX System Software 9.12.0613 (Version: 9.12.0613)
Recovery Manager (x32 Version: 5.5.0.5530)
Trend Micro Titanium (Version: 7.0)
Trend Micro Titanium Internet Security (Version: 7.0)
Yahoo! Messenger (x32)
==================== Restore Points =========================
05-10-2013 13:31:11 Microsoft Office wird entfernt
07-10-2013 14:19:27 Removed Bonjour
16-10-2013 12:53:23 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {20C3B62A-2DEA-4872-99CA-F19ED38308F8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {312B625A-E885-43DB-88FE-D7048E453312} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-08-07] (Hewlett-Packard Company)
Task: {50536DA7-2ECF-49CF-B6CA-B7F5E6C5A985} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {56543AA2-AD7E-4B3D-A26D-2808CB96BDCA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd)
Task: {60607833-54B7-41E2-95A7-7D0D048400B6} - System32\Tasks\Titanium BTC => C:\Program Files\Trend Micro\Titanium\plugin\TMDC\TMDC.exe [2013-08-27] (Trend Micro Inc.)
Task: {8D7EA2FF-A246-4D7A-9602-19690C9FD287} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {9841E81A-D3FF-4970-B16E-3EB926F7F06D} - System32\Tasks\UpdaterEX => C:\Users\mein Name\AppData\Roaming\UpdaterEX\UpdateProc\UpdateTask.exe [2013-04-12] ()
Task: {AB96B97B-39C2-46A2-876A-EEB6AE199033} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup => C:\Windows\System32\dism.exe [2012-07-26] (Microsoft Corporation)
Task: {E26522D2-4916-490C-9EDC-B60EFB29A401} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: C:\Windows\Tasks\UpdaterEX.job => C:\Users\MEINNA~1\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE
==================== Loaded Modules (whitelisted) =============
2013-10-17 12:48 - 2013-01-16 04:19 - 00048128 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc110-mt-1_49.dll
2013-10-17 12:48 - 2013-01-16 04:23 - 00058368 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc110-mt-1_49.dll
2013-10-17 12:41 - 2013-07-23 17:28 - 00057584 _____ () C:\Program Files\Trend Micro\Titanium\plugin\fcMsgDispatcher.dll
2012-10-27 03:18 - 2012-07-18 10:50 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-10-07 17:40 - 2013-10-07 17:40 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/17/2013 04:25:57 PM) (Source: Windows Search Service) (User: )
Description: Die Registrierungsinformationen der Leistungsindikatoren für WSearchIdxPi für die Instanz konnten wegen des folgenden Fehlers nicht abgerufen werden: Der Vorgang wurde erfolgreich beendet. 0x0.
Error: (10/17/2013 04:25:57 PM) (Source: Windows Search Service) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.
Kontext: Anwendung, SystemIndex Katalog
Error: (10/17/2013 04:25:56 PM) (Source: Windows Search Service) (User: )
Description: Die Leistungsüberwachung kann für den Gatherer-Dienst nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.
Error: (10/17/2013 00:44:49 PM) (Source: Windows Search Service) (User: )
Description: Die Registrierungsinformationen der Leistungsindikatoren für WSearchIdxPi für die Instanz konnten wegen des folgenden Fehlers nicht abgerufen werden: Der Vorgang wurde erfolgreich beendet. 0x0.
Error: (10/17/2013 00:44:49 PM) (Source: Windows Search Service) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.
Kontext: Anwendung, SystemIndex Katalog
Error: (10/17/2013 00:44:49 PM) (Source: Windows Search Service) (User: )
Description: Die Leistungsüberwachung kann für den Gatherer-Dienst nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.
Error: (10/16/2013 11:48:21 PM) (Source: Windows Search Service) (User: )
Description: Die Registrierungsinformationen der Leistungsindikatoren für WSearchIdxPi für die Instanz konnten wegen des folgenden Fehlers nicht abgerufen werden: Der Vorgang wurde erfolgreich beendet. 0x0.
Error: (10/16/2013 11:48:21 PM) (Source: Windows Search Service) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.
Kontext: Anwendung, SystemIndex Katalog
Error: (10/16/2013 11:48:21 PM) (Source: Windows Search Service) (User: )
Description: Die Leistungsüberwachung kann für den Gatherer-Dienst nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.
Error: (10/16/2013 09:06:36 PM) (Source: Windows Search Service) (User: )
Description: Die Registrierungsinformationen der Leistungsindikatoren für WSearchIdxPi für die Instanz konnten wegen des folgenden Fehlers nicht abgerufen werden: Der Vorgang wurde erfolgreich beendet. 0x0.
System errors:
=============
Error: (10/17/2013 04:25:34 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 17.10.2013 um 15:54:41 unerwartet heruntergefahren.
Error: (10/17/2013 04:25:11 PM) (Source: Microsoft-Windows-Kernel-Boot) (User: NT-AUTORITÄT)
Description: 32212265131128368
Error: (10/16/2013 09:06:16 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 16.10.2013 um 20:27:46 unerwartet heruntergefahren.
Error: (10/16/2013 02:45:55 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/16/2013 02:45:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/16/2013 02:45:05 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Audio Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/16/2013 02:44:42 PM) (Source: Service Control Manager) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/15/2013 06:46:18 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/13/2013 05:51:44 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR4 gefunden.
Error: (10/12/2013 01:14:25 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 12.10.2013 um 02:39:48 unerwartet heruntergefahren.
Microsoft Office Sessions:
=========================
Error: (10/17/2013 04:25:57 PM) (Source: Windows Search Service)(User: )
Description: WSearchIdxPiDer Vorgang wurde erfolgreich beendet. 0x0
Error: (10/17/2013 04:25:57 PM) (Source: Windows Search Service)(User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Error: (10/17/2013 04:25:56 PM) (Source: Windows Search Service)(User: )
Description:
Error: (10/17/2013 00:44:49 PM) (Source: Windows Search Service)(User: )
Description: WSearchIdxPiDer Vorgang wurde erfolgreich beendet. 0x0
Error: (10/17/2013 00:44:49 PM) (Source: Windows Search Service)(User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Error: (10/17/2013 00:44:49 PM) (Source: Windows Search Service)(User: )
Description:
Error: (10/16/2013 11:48:21 PM) (Source: Windows Search Service)(User: )
Description: WSearchIdxPiDer Vorgang wurde erfolgreich beendet. 0x0
Error: (10/16/2013 11:48:21 PM) (Source: Windows Search Service)(User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Error: (10/16/2013 11:48:21 PM) (Source: Windows Search Service)(User: )
Description:
Error: (10/16/2013 09:06:36 PM) (Source: Windows Search Service)(User: )
Description: WSearchIdxPiDer Vorgang wurde erfolgreich beendet. 0x0
==================== Memory info ===========================
Percentage of memory in use: 27%
Total physical RAM: 4048.96 MB
Available physical RAM: 2935.05 MB
Total Pagefile: 4448.96 MB
Available Pagefile: 2910.77 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:453.07 GB) (Free:420.34 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:11.21 GB) (Free:1.37 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: F6437C75)
Partition: GPT Partition Type
==================== End Of Log ============================GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-10-17 21:03:59
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000034 HGST_HTS545050A7E380 rev.GG2OAC90 465,76GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\MEINNA~1\AppData\Local\Temp\fxloqpow.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1092] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007f9be821532 4 bytes [82, BE, F9, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1092] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007f9be82153a 4 bytes [82, BE, F9, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1092] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007f9be82165a 4 bytes [82, BE, F9, 07]
.text C:\Windows\system32\nvvsvc.exe[1104] C:\Windows\system32\MSIMG32.dll!GradientFill + 690 000007f9be821532 4 bytes [82, BE, F9, 07]
.text C:\Windows\system32\nvvsvc.exe[1104] C:\Windows\system32\MSIMG32.dll!GradientFill + 698 000007f9be82153a 4 bytes [82, BE, F9, 07]
.text C:\Windows\system32\nvvsvc.exe[1104] C:\Windows\system32\MSIMG32.dll!TransparentBlt + 246 000007f9be82165a 4 bytes [82, BE, F9, 07]
.text C:\Windows\system32\nvvsvc.exe[1104] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007f9c29e177a 4 bytes [9E, C2, F9, 07]
.text C:\Windows\system32\nvvsvc.exe[1104] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007f9c29e1782 4 bytes [9E, C2, F9, 07]
---- Threads - GMER 2.1 ----
Thread C:\Windows\system32\csrss.exe [640:664] fffff960008c25e8
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
|
|
18.10.2013, 07:29
| #2 |
| /// the machine /// TB-Ausbilder    | Windows 8 ; immer langsamer, hängt und friert ein hi,
__________________Scan mit Combofix
__________________ |
|
18.10.2013, 11:16
| #3 |
| | Windows 8 ; immer langsamer, hängt und friert ein hallo schrauber
__________________zunächst Danke für die schnelle Antwort ! habe die Anweisung befolgt und der Scan wurde ohne Fehlermeldung ausgeführt /beendet liebe Grüße Code:
ATTFilter ComboFix 13-10-16.02 - mein Name 18.10.2013 11:53:42.1.4 - x64
Microsoft Windows 8 6.2.9200.0.1252.49.1031.18.4049.3054 [GMT 2:00]
ausgeführt von:: c:\users\mein Name\Desktop\ComboFix.exe
AV: Trend Micro Titanium Internet Security *Disabled/Updated* {5D349EF8-873B-C657-917F-F1D93E101A7C}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Trend Micro Titanium Internet Security *Disabled/Updated* {E6557F1C-A101-C9D9-ABCF-CAAB459750C1}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\mein Name\AppData\Local\assembly\tmp
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-09-18 bis 2013-10-18 ))))))))))))))))))))))))))))))
.
.
2013-10-18 09:57 . 2013-10-18 09:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-17 18:21 . 2013-10-17 18:21 -------- d-----w- C:\FRST
2013-10-17 12:19 . 2013-10-17 12:19 -------- d-----w- c:\windows\ServiceProfiles\LocalService\winhttp
2013-10-17 10:55 . 2013-10-17 10:55 -------- d-----w- C:\TMRescueDisk
2013-10-17 10:50 . 2013-06-13 06:35 100640 ----a-w- c:\windows\system32\drivers\tmeevw.sys
2013-10-17 10:50 . 2013-05-15 10:23 303392 ----a-w- c:\windows\system32\drivers\tmnciesc.sys
2013-10-17 10:50 . 2013-09-04 06:24 116264 ----a-w- c:\windows\system32\drivers\tmactmon.sys
2013-10-17 10:50 . 2013-09-04 06:22 85424 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys
2013-10-17 10:50 . 2013-09-04 06:17 282624 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2013-10-17 10:50 . 2013-07-01 13:08 50976 ----a-w- c:\windows\system32\drivers\TMEBC64.sys
2013-10-17 10:50 . 2013-07-11 02:39 37904 ----a-w- c:\windows\system32\drivers\tmel.sys
2013-10-17 10:50 . 2013-07-08 03:16 103712 ----a-w- c:\windows\system32\drivers\tmusa.sys
2013-10-17 10:48 . 2013-10-17 10:48 59 ----a-w- c:\windows\system32\SupportTool.exe.bat
2013-10-17 10:48 . 2013-10-17 14:26 -------- d-----w- c:\programdata\Trend Micro
2013-10-17 10:47 . 2013-10-17 10:48 -------- d-----w- c:\program files\Trend Micro
2013-10-16 18:31 . 2013-10-08 05:50 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-16 12:32 . 2013-09-04 20:32 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CD666DD3-C014-4CBD-93E3-7328EB82D076}\mpengine.dll
2013-10-14 18:27 . 2013-10-14 18:27 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2013-10-14 18:20 . 2013-10-14 18:20 -------- d-----w- c:\windows\Sun
2013-10-14 18:19 . 2013-10-14 18:23 -------- d-----w- c:\program files (x86)\BonanzaDeals
2013-10-14 16:28 . 2013-10-15 08:47 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2013-10-12 15:32 . 2013-10-12 15:33 -------- d-----w- c:\program files\CCleaner
2013-10-12 14:50 . 2013-10-12 14:50 -------- d-----w- c:\users\Public\CyberLink
2013-10-08 15:44 . 2013-10-14 18:24 -------- d-----w- c:\programdata\Yahoo!
2013-10-08 15:42 . 2013-10-14 18:24 -------- d-----w- c:\program files (x86)\Yahoo!
2013-10-07 16:36 . 2013-10-07 16:39 -------- d-----w- c:\program files (x86)\Microsoft Works
2013-10-07 15:28 . 2013-10-07 15:28 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-10-07 15:28 . 2013-10-16 18:31 -------- d-----w- c:\program files (x86)\Java
2013-10-07 14:12 . 2013-10-07 14:12 -------- d-----w- c:\programdata\Simply Super Software
2013-10-07 14:06 . 2013-05-02 15:29 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-10-07 13:08 . 2013-10-07 13:08 -------- d-----w- c:\programdata\Malwarebytes
2013-10-07 10:50 . 2013-10-07 11:09 -------- d-----w- C:\AdwCleaner
2013-10-05 22:49 . 2013-10-05 22:49 -------- d-----w- c:\programdata\Recovery
2013-10-05 19:52 . 2013-10-05 19:52 -------- d-----w- c:\program files (x86)\epson
2013-10-05 19:52 . 2006-10-12 22:00 93184 ----a-w- c:\windows\system32\esxcwiad.dll
2013-10-05 19:40 . 2013-10-16 18:33 -------- d-----w- c:\programdata\Oracle
2013-10-05 19:12 . 2013-10-16 12:42 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-10-05 19:10 . 2013-10-05 19:10 -------- d-----w- c:\program files (x86)\IrfanView
2013-10-05 19:06 . 2013-10-05 19:06 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-10-05 15:16 . 2013-10-05 15:16 -------- d-----w- C:\sources
2013-10-05 13:07 . 2013-10-17 18:13 -------- d-----w- c:\users\mein Name
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{959A5673-7971-48e6-AF54-58F745AC4ABC}]
2013-08-08 07:23 336920 ------w- c:\program files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"="c:\program files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" [2012-06-08 111120]
"CLVirtualDrive"="c:\program files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" [2012-07-02 491120]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-09-05 958576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
R0 tmel;tmel;c:\windows\system32\DRIVERS\tmel.sys;c:\windows\SYSNATIVE\DRIVERS\tmel.sys [x]
R2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
S0 TMEBC;TMEBC;c:\windows\system32\DRIVERS\TMEBC64.sys;c:\windows\SYSNATIVE\DRIVERS\TMEBC64.sys [x]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualDrive.sys [x]
S1 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys;c:\windows\SYSNATIVE\DRIVERS\tmevtmgr.sys [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 tmusa;Trend Micro Osprey Driver;c:\windows\system32\DRIVERS\tmusa.sys;c:\windows\SYSNATIVE\DRIVERS\tmusa.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 tmeevw;tmeevw;c:\windows\system32\DRIVERS\tmeevw.sys;c:\windows\SYSNATIVE\DRIVERS\tmeevw.sys [x]
S3 tmnciesc;tmnciesc;c:\windows\system32\DRIVERS\tmnciesc.sys;c:\windows\SYSNATIVE\DRIVERS\tmnciesc.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
apphost REG_MULTI_SZ apphostsvc
iissvcs REG_MULTI_SZ w3svc was
.
Inhalt des "geplante Tasks" Ordners
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{959A5673-7971-48e6-AF54-58F745AC4ABC}]
2013-08-08 07:23 456216 ------w- c:\program files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2012-08-10 37888]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-08-10 1425408]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2013-07-23 221584]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.178.1
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - c:\program files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg32.dll
FF - ProfilePath - c:\users\mein Name\AppData\Roaming\Mozilla\Firefox\Profiles\cwdtpita.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de
FF - ExtSQL: 2013-10-07 17:37; savedpasswordeditor@daniel.dawson; c:\users\mein Name\AppData\Roaming\Mozilla\Firefox\Profiles\cwdtpita.default\extensions\savedpasswordeditor@daniel.dawson.xpi
FF - ExtSQL: 2013-10-08 11:20; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\mein Name\AppData\Roaming\Mozilla\Firefox\Profiles\cwdtpita.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-10-08 17:44; {635abd67-4fe9-1b23-4f01-e679fa7484c1}; c:\users\mein Name\AppData\Roaming\Mozilla\Firefox\Profiles\cwdtpita.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - ExtSQL: 2013-10-17 12:50; {22181a4d-af90-4ca3-a569-faed9118d6bc}; c:\program files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
FF - ExtSQL: 2013-10-17 13:02; tmbepff@trendmicro.com; c:\program files\Trend Micro\AMSP\module\20002\8.0.1109\8.0.1109\firefoxextension
FF - ExtSQL: 2013-10-17 13:02; {BBB77B49-9FF4-4d5c-8FE2-92B1D6CD696C}; c:\program files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Zeit der Fertigstellung: 2013-10-18 11:58:29
ComboFix-quarantined-files.txt 2013-10-18 09:58
.
Vor Suchlauf: 12 Verzeichnis(se), 451.098.226.688 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 451.010.236.416 Bytes frei
.
- - End Of File - - DEBB58A26F1B89C8ADB81AEA9A2B7994
5FB38429D5D77768867C76DCBDB35194
|
|
18.10.2013, 18:18
| #4 |
| /// the machine /// TB-Ausbilder | Windows 8 ; immer langsamer, hängt und friert ein Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
18.10.2013, 21:12
| #5 |
| | Windows 8 ; immer langsamer, hängt und friert ein hallo schraube, habe die Weisungen exakt ausgeführt es folgen die Log´s Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.10.18.09 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16384 mein Name :: NAME [Administrator] 18.10.2013 21:02:36 mbam-log-2013-10-18 (21-02-36).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 203131 Laufzeit: 3 Minute(n), 25 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter # AdwCleaner v3.008 - Bericht erstellt am 18/10/2013 um 21:28:04
# Updated 17/10/2013 von Xplode
# Betriebssystem : Windows 8 (64 bits)
# Benutzername : mein Name - NAME
# Gestartet von : C:\Users\mein Name\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Users\mein Name\AppData\Roaming\Mozilla\Firefox\Profiles\cwdtpita.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Datei Gelöscht : C:\Users\mein Name\AppData\Roaming\Mozilla\Firefox\Profiles\cwdtpita.default\user.js
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\heoldelcflnigdllmlopiefhkkobendj
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16384
-\\ Mozilla Firefox v24.0 (de)
[ Datei : C:\Users\mein Name\AppData\Roaming\Mozilla\Firefox\Profiles\cwdtpita.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [1792 octets] - [07/10/2013 12:50:17]
AdwCleaner[R1].txt - [1852 octets] - [07/10/2013 13:09:05]
AdwCleaner[R2].txt - [1874 octets] - [18/10/2013 21:16:46]
AdwCleaner[S0].txt - [1669 octets] - [07/10/2013 13:09:43]
AdwCleaner[S1].txt - [1795 octets] - [18/10/2013 21:28:04]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1855 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 8 x64
Ran by mein Name on 18.10.2013 at 21:39:12,27
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{94B26480-D04E-468B-85A0-89A447BF8438}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{94B26480-D04E-468B-85A0-89A447BF8438}
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.10.2013 at 21:41:37,23
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by mein Name (administrator) on NAME on 18-10-2013 21:45:56
Running from C:\Users\mein Name\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Intel(R) Corporation) c:\Program Files\Intel\iCLS Client\HeciServer.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [BeatsOSDApp] - C:\Program Files\IDT\WDM\beats64.exe [37888 2012-08-10] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-08-10] (IDT, Inc.)
HKLM\...\Run: [Trend Micro Client Framework] - C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [221584 2013-07-23] (Trend Micro Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK13/4
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {94B26480-D04E-468B-85A0-89A447BF8438} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: TSToolbarBHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
BHO: TmIEPlugInBHO Class - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg.dll (Trend Micro Inc.)
BHO: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1109\8.0.1109\TmBpIe64.dll (Trend Micro Inc.)
BHO-x32: TSToolbarBHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: TmIEPlugInBHO Class - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg32.dll (Trend Micro Inc.)
BHO-x32: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1109\8.0.1109\TmBpIe32.dll (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - TrendMicro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
Toolbar: HKLM-x32 - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1109\8.0.1109\TmBpIe64.dll (Trend Micro Inc.)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg.dll (Trend Micro Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - No File
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1109\8.0.1109\TmBpIe32.dll (Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg32.dll (Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\mein Name\AppData\Roaming\Mozilla\Firefox\Profiles\cwdtpita.default
FF Homepage: hxxp://www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @TrendMicro.com/FFExtension - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll (Trend Micro Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: savedpasswordeditor - C:\Users\mein Name\AppData\Roaming\Mozilla\Firefox\Profiles\cwdtpita.default\Extensions\savedpasswordeditor@daniel.dawson.xpi
FF Extension: No Name - C:\Users\mein Name\AppData\Roaming\Mozilla\Firefox\Profiles\cwdtpita.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1109\8.0.1109\firefoxextension
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1109\8.0.1109\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1109\8.0.1109\firefoxextension
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1109\8.0.1109\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [{BBB77B49-9FF4-4d5c-8FE2-92B1D6CD696C}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension\
FF Extension: Trend Micro Osprey Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension\
FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1109\8.0.1109\chrome_tmbep.crx
CHR HKLM-x32\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1109\8.0.1109\chrome_tmbep.crx
CHR HKLM-x32\...\Chrome\Extension: [fmgckcapmffomaifonnhgkfdgljnkpgi] - C:\Program Files\Trend Micro\AMSP\module\20013\ChromeExt\chromeextension\TmOspreychromeExt.crx
==================== Services (Whitelisted) =================
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-26] (Microsoft Corporation)
S2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [x]
==================== Drivers (Whitelisted) ====================
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [116264 2013-09-04] (Trend Micro Inc.)
R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [282624 2013-09-04] (Trend Micro Inc.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [50976 2013-07-01] (Trend Micro Inc.)
R3 tmeevw; C:\Windows\system32\DRIVERS\tmeevw.sys [100640 2013-06-13] (Trend Micro Inc.)
S0 tmel; C:\Windows\System32\DRIVERS\tmel.sys [37904 2013-07-11] (Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [85424 2013-09-04] (Trend Micro Inc.)
R3 tmnciesc; C:\Windows\system32\DRIVERS\tmnciesc.sys [303392 2013-05-15] (Trend Micro Inc.)
R2 tmusa; C:\Windows\system32\DRIVERS\tmusa.sys [103712 2013-07-08] (Trend Micro Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [30208 2012-07-26] (Microsoft Corporation)
U2 TMAgent;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-18 21:41 - 2013-10-18 21:41 - 00000909 _____ C:\Users\mein Name\Desktop\JRT.txt
2013-10-18 21:39 - 2013-10-18 21:39 - 00000000 ____D C:\Windows\ERUNT
2013-10-18 21:36 - 2013-10-18 21:36 - 01033335 _____ (Thisisu) C:\Users\mein Name\Desktop\JRT.exe
2013-10-18 21:30 - 2013-10-18 21:30 - 00001935 _____ C:\Users\mein Name\Desktop\AdwCleaner[S1].txt
2013-10-18 21:12 - 2013-10-18 21:12 - 01050644 _____ C:\Users\mein Name\Desktop\adwcleaner.exe
2013-10-18 21:09 - 2013-10-18 21:10 - 00000000 ____D C:\Users\mein Name\Desktop\erster durchlauf
2013-10-18 20:56 - 2013-10-18 20:56 - 00001115 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-10-18 20:56 - 2013-10-18 20:56 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-18 20:56 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-10-18 20:51 - 2013-10-18 20:51 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\mein Name\Desktop\mbam-setup-1.75.0.1300.exe
2013-10-18 20:04 - 2013-10-18 20:04 - 00000117 _____ C:\Windows\system32\netcfg-82687218.txt
2013-10-18 18:19 - 2013-10-18 18:19 - 00000117 _____ C:\Windows\system32\netcfg-76396171.txt
2013-10-18 17:00 - 2013-10-18 17:00 - 00000117 _____ C:\Windows\system32\netcfg-71628218.txt
2013-10-18 16:33 - 2013-10-18 16:33 - 00000117 _____ C:\Windows\system32\netcfg-70002812.txt
2013-10-18 16:06 - 2013-10-18 16:06 - 00000117 _____ C:\Windows\system32\netcfg-68416562.txt
2013-10-18 16:03 - 2013-10-18 16:03 - 00000117 _____ C:\Windows\system32\netcfg-68218906.txt
2013-10-18 11:52 - 2013-10-18 11:58 - 00000000 ____D C:\Qoobox
2013-10-18 11:52 - 2013-10-18 11:57 - 00000000 ____D C:\Windows\erdnt
2013-10-18 11:52 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-10-18 11:52 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-10-18 11:52 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-10-18 11:52 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-10-18 11:52 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-10-18 11:52 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2013-10-18 11:52 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-10-18 11:52 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-10-18 11:52 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-10-18 11:48 - 2013-10-18 11:48 - 05134711 ____R (Swearware) C:\Users\mein Name\Desktop\ComboFix.exe
2013-10-18 11:38 - 2013-10-18 11:38 - 00000117 _____ C:\Windows\system32\netcfg-52339421.txt
2013-10-18 02:04 - 2013-10-18 02:04 - 00000117 _____ C:\Windows\system32\netcfg-17904453.txt
2013-10-17 21:08 - 2013-10-17 21:08 - 00000117 _____ C:\Windows\system32\netcfg-139281.txt
2013-10-17 20:45 - 2013-10-17 20:45 - 00000117 _____ C:\Windows\system32\netcfg-15628828.txt
2013-10-17 20:29 - 2013-10-17 20:29 - 00377856 _____ C:\Users\mein Name\Desktop\gmer_2.1.19163.exe
2013-10-17 20:21 - 2013-10-17 20:21 - 00000000 ____D C:\FRST
2013-10-17 20:15 - 2013-10-17 20:15 - 01954124 _____ (Farbar) C:\Users\mein Name\Desktop\FRST64.exe
2013-10-17 20:13 - 2013-10-17 20:13 - 00000000 _____ C:\Users\mein Name\defogger_reenable
2013-10-17 20:10 - 2013-10-17 20:10 - 00050477 _____ C:\Users\mein Name\Desktop\Defogger.exe
2013-10-17 20:00 - 2013-10-17 20:00 - 00000117 _____ C:\Windows\system32\netcfg-12919140.txt
2013-10-17 19:31 - 2013-10-17 19:31 - 00000117 _____ C:\Windows\system32\netcfg-11188875.txt
2013-10-17 18:46 - 2013-10-17 22:01 - 00003026 _____ C:\Users\mein Name\Desktop\trojaner board.txt
2013-10-17 18:36 - 2013-10-17 18:36 - 00000117 _____ C:\Windows\system32\netcfg-7862437.txt
2013-10-17 18:36 - 2013-10-17 18:36 - 00000117 _____ C:\Windows\system32\netcfg-7862234.txt
2013-10-17 16:13 - 2013-10-17 16:13 - 00000117 _____ C:\Windows\system32\netcfg-12582312.txt
2013-10-17 16:11 - 2013-10-17 16:11 - 00000117 _____ C:\Windows\system32\netcfg-12431531.txt
2013-10-17 15:26 - 2013-10-17 15:26 - 00000117 _____ C:\Windows\system32\netcfg-9764437.txt
2013-10-17 15:26 - 2013-10-17 15:26 - 00000117 _____ C:\Windows\system32\netcfg-9764000.txt
2013-10-17 12:55 - 2013-10-17 12:55 - 00000000 ____D C:\TMRescueDisk
2013-10-17 12:50 - 2013-10-17 12:50 - 00001429 _____ C:\Users\mein Name\Desktop\Trend Micro Titanium Internet Security.lnk
2013-10-17 12:50 - 2013-10-17 12:50 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security
2013-10-17 12:50 - 2013-09-04 08:24 - 00116264 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmactmon.sys
2013-10-17 12:50 - 2013-09-04 08:22 - 00085424 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmevtmgr.sys
2013-10-17 12:50 - 2013-09-04 08:17 - 00282624 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2013-10-17 12:50 - 2013-07-11 04:39 - 00037904 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmel.sys
2013-10-17 12:50 - 2013-07-08 05:16 - 00103712 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmusa.sys
2013-10-17 12:50 - 2013-07-01 15:08 - 00050976 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\TMEBC64.sys
2013-10-17 12:50 - 2013-06-13 08:35 - 00100640 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmeevw.sys
2013-10-17 12:50 - 2013-05-15 12:23 - 00303392 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmnciesc.sys
2013-10-17 12:49 - 2013-10-17 12:49 - 00003268 _____ C:\Windows\System32\Tasks\Titanium BTC
2013-10-17 12:48 - 2013-10-17 16:26 - 00000000 ____D C:\ProgramData\Trend Micro
2013-10-17 12:48 - 2013-10-17 12:48 - 00000059 _____ C:\Windows\system32\SupportTool.exe.bat
2013-10-17 12:47 - 2013-10-17 12:48 - 00000000 ____D C:\Program Files\Trend Micro
2013-10-17 12:45 - 2013-10-17 12:45 - 00000036 _____ C:\Users\mein Name\AppData\Local\housecall.guid.cache
2013-10-17 12:43 - 2013-10-17 12:43 - 00000000 ____D C:\Users\mein Name\AppData\Local\Trend Micro
2013-10-17 12:37 - 2013-10-17 12:41 - 115016720 _____ (Trend Micro Inc.) C:\Users\Public\Desktop\Trend_Micro.exe
2013-10-17 12:34 - 2013-10-17 12:34 - 06631240 _____ (Trend Micro Inc.) C:\Users\mein Name\Desktop\Titanium_Internet_Security_2014.exe
2013-10-17 12:20 - 2013-10-17 12:20 - 00000117 _____ C:\Windows\system32\netcfg-45127859.txt
2013-10-17 12:01 - 2013-10-17 12:01 - 00000117 _____ C:\Windows\system32\netcfg-44028093.txt
2013-10-17 11:39 - 2013-10-17 11:39 - 00000117 _____ C:\Windows\system32\netcfg-42720328.txt
2013-10-17 11:39 - 2013-10-17 11:39 - 00000117 _____ C:\Windows\system32\netcfg-42698062.txt
2013-10-17 11:39 - 2013-10-17 11:39 - 00000117 _____ C:\Windows\system32\netcfg-42687218.txt
2013-10-17 11:28 - 2013-10-17 11:28 - 00000117 _____ C:\Windows\system32\netcfg-42011015.txt
2013-10-16 23:35 - 2013-10-16 23:35 - 00000115 _____ C:\Users\mein Name\Desktop\igno.txt
2013-10-16 20:31 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-16 20:31 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-16 20:31 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-16 20:31 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-16 20:30 - 2013-10-16 20:31 - 00004278 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-16 20:29 - 2013-10-16 20:29 - 00915368 _____ (Oracle Corporation) C:\Users\mein Name\Desktop\jxpiinstall.exe
2013-10-16 19:48 - 2013-10-16 19:48 - 00000117 _____ C:\Windows\system32\netcfg-18356390.txt
2013-10-16 19:06 - 2013-10-16 19:06 - 00000117 _____ C:\Windows\system32\netcfg-15839953.txt
2013-10-16 18:46 - 2013-10-16 18:46 - 00000117 _____ C:\Windows\system32\netcfg-14612062.txt
2013-10-16 18:35 - 2013-10-16 18:35 - 00000117 _____ C:\Windows\system32\netcfg-13975906.txt
2013-10-16 17:42 - 2013-10-16 17:42 - 00000117 _____ C:\Windows\system32\netcfg-10798078.txt
2013-10-16 17:39 - 2013-10-16 17:39 - 00000117 _____ C:\Windows\system32\netcfg-10600734.txt
2013-10-16 16:51 - 2013-10-16 16:51 - 00000117 _____ C:\Windows\system32\netcfg-7723078.txt
2013-10-16 16:48 - 2013-10-16 16:48 - 00000117 _____ C:\Windows\system32\netcfg-7538093.txt
2013-10-16 15:59 - 2013-10-16 15:59 - 00000117 _____ C:\Windows\system32\netcfg-4630343.txt
2013-10-16 15:59 - 2013-10-16 15:59 - 00000117 _____ C:\Windows\system32\netcfg-4629437.txt
2013-10-16 13:27 - 2013-10-16 13:27 - 00010240 _____ C:\Users\mein Name\Desktop\fahrrad fahren.wps
2013-10-16 11:39 - 2013-10-16 11:39 - 00000117 _____ C:\Windows\system32\netcfg-139965953.txt
2013-10-16 02:20 - 2013-10-16 02:20 - 00000117 _____ C:\Windows\system32\netcfg-106381421.txt
2013-10-15 19:26 - 2013-10-15 19:26 - 00000117 _____ C:\Windows\system32\netcfg-81555171.txt
2013-10-15 19:07 - 2013-10-15 19:07 - 00000117 _____ C:\Windows\system32\netcfg-80413812.txt
2013-10-15 15:56 - 2013-10-15 15:56 - 00000117 _____ C:\Windows\system32\netcfg-68955843.txt
2013-10-15 15:40 - 2013-10-15 15:40 - 00000117 _____ C:\Windows\system32\netcfg-67993203.txt
2013-10-15 14:37 - 2013-10-15 14:37 - 00000117 _____ C:\Windows\system32\netcfg-64215875.txt
2013-10-15 13:26 - 2013-10-15 13:26 - 00000117 _____ C:\Windows\system32\netcfg-59930578.txt
2013-10-15 10:44 - 2013-10-15 10:44 - 00000117 _____ C:\Windows\system32\netcfg-50255078.txt
2013-10-15 10:44 - 2013-10-15 10:44 - 00000117 _____ C:\Windows\system32\netcfg-50253234.txt
2013-10-14 20:47 - 2013-10-18 21:28 - 00003758 _____ C:\Windows\PFRO.log
2013-10-14 20:27 - 2013-10-14 20:29 - 00000000 ____D C:\ProgramData\Adobe
2013-10-14 20:27 - 2013-10-14 20:27 - 00002021 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-10-14 20:27 - 2013-10-14 20:27 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-10-14 20:20 - 2013-10-14 20:20 - 00000000 ____D C:\Windows\Sun
2013-10-14 20:19 - 2013-10-14 20:19 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\UpdaterEX
2013-10-14 20:19 - 2013-10-14 20:19 - 00000000 ____D C:\Users\mein Name\AppData\Local\Google
2013-10-14 20:06 - 2013-10-14 20:06 - 00000117 _____ C:\Windows\system32\netcfg-197544125.txt
2013-10-14 19:42 - 2013-10-14 19:42 - 00000117 _____ C:\Windows\system32\netcfg-196122671.txt
2013-10-14 18:28 - 2013-10-15 10:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-14 16:44 - 2013-10-14 16:44 - 00000117 _____ C:\Windows\system32\netcfg-185445437.txt
2013-10-14 16:13 - 2013-10-14 16:13 - 00000117 _____ C:\Windows\system32\netcfg-183582062.txt
2013-10-14 15:52 - 2013-10-18 21:39 - 00654495 _____ C:\Windows\WindowsUpdate.log
2013-10-14 09:38 - 2013-10-14 09:38 - 00000117 _____ C:\Windows\system32\netcfg-159871250.txt
2013-10-14 02:01 - 2013-10-14 02:01 - 00000117 _____ C:\Windows\system32\netcfg-132414328.txt
2013-10-13 20:27 - 2013-10-13 20:27 - 00009216 _____ C:\Users\mein Name\Desktop\laterne basteln.wps
2013-10-13 19:23 - 2013-10-13 19:23 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Yahoo!
2013-10-13 19:22 - 2013-10-13 19:22 - 00000117 _____ C:\Windows\system32\netcfg-108519484.txt
2013-10-13 19:00 - 2013-10-13 19:00 - 00000117 _____ C:\Windows\system32\netcfg-107204859.txt
2013-10-13 16:16 - 2013-10-13 16:16 - 00000117 _____ C:\Windows\system32\netcfg-97367828.txt
2013-10-13 15:40 - 2013-10-13 15:40 - 00000117 _____ C:\Windows\system32\netcfg-95173625.txt
2013-10-13 12:33 - 2013-10-13 12:33 - 00000117 _____ C:\Windows\system32\netcfg-83950609.txt
2013-10-13 02:40 - 2013-10-13 02:40 - 00000117 _____ C:\Windows\system32\netcfg-48368703.txt
2013-10-12 20:06 - 2013-10-12 20:06 - 00000117 _____ C:\Windows\system32\netcfg-24720421.txt
2013-10-12 17:38 - 2013-10-12 17:38 - 00071550 _____ C:\Users\mein Name\Desktop\cc_20131012_173753.reg
2013-10-12 17:38 - 2013-10-12 17:38 - 00007196 _____ C:\Users\mein Name\Desktop\cc_20131012_173821.reg
2013-10-12 17:38 - 2013-10-12 17:38 - 00000117 _____ C:\Windows\system32\netcfg-15891765.txt
2013-10-12 17:33 - 2013-10-12 17:33 - 00002780 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-10-12 17:33 - 2013-10-12 17:33 - 00000824 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-10-12 17:32 - 2013-10-12 17:33 - 00000000 ____D C:\Program Files\CCleaner
2013-10-12 17:31 - 2013-10-12 17:31 - 03294168 _____ (Piriform Ltd) C:\Users\mein Name\Desktop\ccsetup406_slim.exe
2013-10-12 16:55 - 2013-10-12 16:55 - 00000000 ____D C:\Users\mein Name\Desktop\von stick
2013-10-12 16:51 - 2013-10-12 16:51 - 00001579 _____ C:\Users\mein Name\Desktop\PS - Verknüpfung.lnk
2013-10-12 16:50 - 2013-10-12 16:50 - 00000000 ____D C:\Users\Public\Documents\CyberLink
2013-10-12 16:50 - 2013-10-12 16:50 - 00000000 ____D C:\Users\Public\CyberLink
2013-10-12 16:50 - 2013-10-12 16:50 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\CyberLink
2013-10-11 20:37 - 2013-10-11 20:37 - 00000117 _____ C:\Windows\system32\netcfg-360564218.txt
2013-10-11 20:34 - 2013-10-11 20:34 - 00000117 _____ C:\Windows\system32\netcfg-360358000.txt
2013-10-11 19:51 - 2013-10-11 19:51 - 00000117 _____ C:\Windows\system32\netcfg-357810250.txt
2013-10-11 19:44 - 2013-10-11 19:44 - 00000117 _____ C:\Windows\system32\netcfg-357392078.txt
2013-10-11 17:49 - 2013-10-11 17:49 - 00000117 _____ C:\Windows\system32\netcfg-350465515.txt
2013-10-11 17:34 - 2013-10-11 17:34 - 00000117 _____ C:\Windows\system32\netcfg-349605890.txt
2013-10-11 13:10 - 2013-10-11 13:10 - 00000117 _____ C:\Windows\system32\netcfg-333730328.txt
2013-10-11 13:10 - 2013-10-11 13:10 - 00000117 _____ C:\Windows\system32\netcfg-333729484.txt
2013-10-10 21:07 - 2013-10-10 21:07 - 00000117 _____ C:\Windows\system32\netcfg-275984031.txt
2013-10-10 21:06 - 2013-10-10 21:06 - 00000117 _____ C:\Windows\system32\netcfg-275911203.txt
2013-10-10 20:12 - 2013-10-10 20:12 - 00000117 _____ C:\Windows\system32\netcfg-272673031.txt
2013-10-10 19:39 - 2013-10-10 19:39 - 00000117 _____ C:\Windows\system32\netcfg-270674671.txt
2013-10-10 18:16 - 2013-10-10 18:16 - 00000117 _____ C:\Windows\system32\netcfg-265728343.txt
2013-10-10 16:20 - 2013-10-10 16:20 - 00000117 _____ C:\Windows\system32\netcfg-258740062.txt
2013-10-10 11:43 - 2013-10-10 11:43 - 00000117 _____ C:\Windows\system32\netcfg-242127203.txt
2013-10-10 02:29 - 2013-10-10 02:29 - 00000117 _____ C:\Windows\system32\netcfg-208915015.txt
2013-10-09 20:17 - 2013-10-09 20:17 - 00000117 _____ C:\Windows\system32\netcfg-186591750.txt
2013-10-09 18:46 - 2013-10-09 18:46 - 00000117 _____ C:\Windows\system32\netcfg-181124921.txt
2013-10-09 18:08 - 2013-10-09 18:08 - 00000117 _____ C:\Windows\system32\netcfg-178847390.txt
2013-10-09 17:03 - 2013-10-09 17:03 - 00000117 _____ C:\Windows\system32\netcfg-174927609.txt
2013-10-09 16:32 - 2013-10-09 16:32 - 00000117 _____ C:\Windows\system32\netcfg-173074687.txt
2013-10-09 16:26 - 2013-10-09 16:26 - 00000117 _____ C:\Windows\system32\netcfg-172735734.txt
2013-10-09 15:41 - 2013-10-09 15:41 - 00000146 _____ C:\Users\mein Name\Desktop\Windows Defender - Verknüpfung.lnk
2013-10-09 13:23 - 2013-10-09 13:23 - 00002771 _____ C:\Users\mein Name\Desktop\Citrus.txt
2013-10-09 11:59 - 2013-10-09 11:59 - 00000117 _____ C:\Windows\system32\netcfg-156687515.txt
2013-10-09 03:09 - 2013-10-09 03:09 - 00000117 _____ C:\Windows\system32\netcfg-124885515.txt
2013-10-08 21:10 - 2013-10-08 21:10 - 00000117 _____ C:\Windows\system32\netcfg-103343062.txt
2013-10-08 21:03 - 2013-10-08 21:03 - 00000117 _____ C:\Windows\system32\netcfg-102917531.txt
2013-10-08 20:11 - 2013-10-08 20:11 - 00000117 _____ C:\Windows\system32\netcfg-99830078.txt
2013-10-08 19:44 - 2013-10-08 19:44 - 00000117 _____ C:\Windows\system32\netcfg-98209328.txt
2013-10-08 17:44 - 2013-10-14 20:24 - 00000000 ____D C:\ProgramData\Yahoo!
2013-10-08 17:44 - 2013-10-08 17:44 - 00001143 _____ C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2013-10-08 17:42 - 2013-10-14 20:24 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2013-10-08 17:29 - 2013-10-08 17:29 - 00000117 _____ C:\Windows\system32\netcfg-90112281.txt
2013-10-08 17:21 - 2013-10-08 17:21 - 00000117 _____ C:\Windows\system32\netcfg-89583859.txt
2013-10-08 15:19 - 2013-10-08 15:19 - 00000117 _____ C:\Windows\system32\netcfg-82270359.txt
2013-10-08 13:43 - 2013-10-08 13:43 - 00000117 _____ C:\Windows\system32\netcfg-76551343.txt
2013-10-08 11:36 - 2013-10-08 11:36 - 00001920 _____ C:\Users\mein Name\Desktop\beckenboden.txt
2013-10-08 11:01 - 2013-10-08 11:01 - 00000117 _____ C:\Windows\system32\netcfg-66818187.txt
2013-10-08 02:42 - 2013-10-08 02:42 - 00000117 _____ C:\Windows\system32\netcfg-36863578.txt
2013-10-07 20:16 - 2013-10-07 20:16 - 00000117 _____ C:\Windows\system32\netcfg-13684281.txt
2013-10-07 18:48 - 2013-10-18 15:19 - 00001206 _____ C:\Users\mein Name\AppData\Roaming\wklnhst.dat
2013-10-07 18:48 - 2013-10-07 18:48 - 00001173 _____ C:\Users\mein Name\Desktop\Microsoft Works.LNK
2013-10-07 18:48 - 2013-10-07 18:48 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Template
2013-10-07 18:39 - 2013-10-07 18:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-10-07 18:36 - 2013-10-07 18:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2013-10-07 18:23 - 2013-10-07 18:23 - 00000117 _____ C:\Windows\system32\netcfg-6917859.txt
2013-10-07 17:40 - 2013-10-07 17:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-07 17:28 - 2013-10-16 20:31 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-07 17:21 - 2013-10-07 17:21 - 00000117 _____ C:\Windows\system32\netcfg-3235453.txt
2013-10-07 17:19 - 2013-10-07 17:19 - 00000117 _____ C:\Windows\system32\netcfg-3122375.txt
2013-10-07 17:17 - 2013-10-07 17:17 - 00000117 _____ C:\Windows\system32\netcfg-2989796.txt
2013-10-07 17:16 - 2013-10-07 17:16 - 00000117 _____ C:\Windows\system32\netcfg-2906203.txt
2013-10-07 17:15 - 2013-10-07 17:15 - 00000117 _____ C:\Windows\system32\netcfg-2872484.txt
2013-10-07 17:11 - 2013-10-07 17:11 - 00001153 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-07 17:11 - 2013-10-07 17:11 - 00000117 _____ C:\Windows\system32\netcfg-2589859.txt
2013-10-07 17:11 - 2013-10-07 17:11 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Mozilla
2013-10-07 16:33 - 2013-10-07 16:33 - 00000117 _____ C:\Windows\system32\netcfg-323750.txt
2013-10-07 16:33 - 2013-10-07 16:33 - 00000117 _____ C:\Windows\system32\netcfg-323734.txt
2013-10-07 16:33 - 2013-10-07 16:33 - 00000117 _____ C:\Windows\system32\netcfg-317734.txt
2013-10-07 16:27 - 2013-10-07 16:27 - 00000117 _____ C:\Windows\system32\netcfg-1062062.txt
2013-10-07 16:21 - 2013-10-07 16:21 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\hpqLog
2013-10-07 16:15 - 2013-10-07 16:16 - 00000117 _____ C:\Windows\system32\netcfg-354828.txt
2013-10-07 16:12 - 2013-10-07 16:12 - 00000000 ____D C:\ProgramData\Simply Super Software
2013-10-07 16:10 - 2013-10-07 16:10 - 00000117 _____ C:\Windows\system32\netcfg-27484.txt
2013-10-07 16:06 - 2013-05-02 17:29 - 00278800 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-10-07 15:08 - 2013-10-07 15:08 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Malwarebytes
2013-10-07 15:08 - 2013-10-07 15:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-07 15:06 - 2013-10-07 15:06 - 00000117 _____ C:\Windows\system32\netcfg-5651812.txt
2013-10-07 15:06 - 2013-10-07 15:06 - 00000117 _____ C:\Windows\system32\netcfg-5651515.txt
2013-10-07 13:25 - 2013-10-07 13:25 - 00000117 _____ C:\Windows\system32\netcfg-80359.txt
2013-10-07 13:25 - 2013-10-07 13:25 - 00000117 _____ C:\Windows\system32\netcfg-79609.txt
2013-10-07 12:50 - 2013-10-18 21:28 - 00000000 ____D C:\AdwCleaner
2013-10-07 12:47 - 2013-10-07 12:47 - 01045226 _____ C:\Users\mein Name\Desktop\adwcleaner_3.0.0.6.exe
2013-10-07 11:40 - 2013-10-07 11:40 - 00000117 _____ C:\Windows\system32\netcfg-135726031.txt
2013-10-07 01:49 - 2013-10-07 01:49 - 00000117 _____ C:\Windows\system32\netcfg-100287125.txt
2013-10-06 20:14 - 2013-10-06 20:14 - 00000117 _____ C:\Windows\system32\netcfg-80143484.txt
2013-10-06 19:13 - 2013-10-06 19:13 - 00000117 _____ C:\Windows\system32\netcfg-76489531.txt
2013-10-06 17:16 - 2013-10-06 17:16 - 00000117 _____ C:\Windows\system32\netcfg-69504921.txt
2013-10-06 15:43 - 2013-10-06 15:43 - 00000117 _____ C:\Windows\system32\netcfg-63923812.txt
2013-10-06 15:19 - 2013-10-06 15:19 - 00000117 _____ C:\Windows\system32\netcfg-62479484.txt
2013-10-06 15:05 - 2013-10-06 15:05 - 00000117 _____ C:\Windows\system32\netcfg-61607500.txt
2013-10-06 14:27 - 2013-10-16 13:31 - 00001378 _____ C:\Users\mein Name\Desktop\gangschaltung.txt
2013-10-06 14:05 - 2013-10-06 14:05 - 00000117 _____ C:\Windows\system32\netcfg-58040500.txt
2013-10-06 14:05 - 2013-10-06 14:05 - 00000117 _____ C:\Windows\system32\netcfg-58039734.txt
2013-10-06 12:11 - 2013-10-06 12:11 - 00000117 _____ C:\Windows\system32\netcfg-51167828.txt
2013-10-06 12:11 - 2013-10-06 12:11 - 00000117 _____ C:\Windows\system32\netcfg-51167468.txt
2013-10-06 00:49 - 2013-10-06 00:49 - 00000000 ____D C:\ProgramData\Recovery
2013-10-05 21:52 - 2013-10-05 21:52 - 00000936 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2013-10-05 21:52 - 2013-10-05 21:52 - 00000000 ____D C:\Program Files (x86)\epson
2013-10-05 21:52 - 2006-10-13 00:00 - 00093184 _____ (SEIKO EPSON CORP.) C:\Windows\system32\esxcwiad.dll
2013-10-05 21:45 - 2013-10-13 17:38 - 00000000 ____D C:\Users\mein Name\AppData\Local\Thunderbird
2013-10-05 21:45 - 2013-10-05 21:45 - 00002092 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2013-10-05 21:45 - 2013-10-05 21:45 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Thunderbird
2013-10-05 21:40 - 2013-10-16 20:33 - 00000000 ____D C:\ProgramData\Oracle
2013-10-05 21:40 - 2013-10-05 21:40 - 00000000 ____D C:\ProgramData\Sun
2013-10-05 21:36 - 2013-10-05 21:36 - 00000000 ____D C:\Users\mein Name\AppData\Local\Macromedia
2013-10-05 21:34 - 2013-10-14 20:28 - 00000000 ____D C:\Users\mein Name\AppData\Local\Adobe
2013-10-05 21:12 - 2013-10-16 14:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-05 21:12 - 2013-10-05 21:15 - 00000000 ____D C:\Users\mein Name\AppData\Local\Mozilla
2013-10-05 21:12 - 2013-10-05 21:12 - 00000000 ____D C:\ProgramData\Mozilla
2013-10-05 21:10 - 2013-10-05 21:10 - 00001008 _____ C:\Users\mein Name\Desktop\IrfanView.lnk
2013-10-05 21:10 - 2013-10-05 21:10 - 00000000 ____D C:\Program Files (x86)\IrfanView
2013-10-05 21:03 - 2013-10-05 21:03 - 00000117 _____ C:\Windows\system32\netcfg-15950734.txt
2013-10-05 20:10 - 2013-10-05 20:10 - 00000117 _____ C:\Windows\system32\netcfg-12765281.txt
2013-10-05 19:23 - 2013-10-05 19:23 - 00000117 _____ C:\Windows\system32\netcfg-9918046.txt
2013-10-05 18:08 - 2013-10-05 18:08 - 00000117 _____ C:\Windows\system32\netcfg-5405031.txt
2013-10-05 17:16 - 2013-10-05 17:16 - 00000000 ____D C:\sources
2013-10-05 16:58 - 2013-10-05 16:58 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Macromedia
2013-10-05 16:45 - 2013-10-05 16:45 - 00000117 _____ C:\Windows\system32\netcfg-477953.txt
2013-10-05 16:45 - 2013-10-05 16:45 - 00000117 _____ C:\Windows\system32\netcfg-477921.txt
2013-10-05 16:45 - 2013-10-05 16:45 - 00000117 _____ C:\Windows\system32\netcfg-477734.txt
2013-10-05 16:45 - 2013-10-05 16:45 - 00000117 _____ C:\Windows\system32\netcfg-474468.txt
2013-10-05 16:36 - 2013-10-18 13:06 - 00057344 _____ C:\Users\mein Name\Desktop\Zitrus - Kontroll-Notizen.wps
2013-10-05 16:36 - 2013-10-17 22:54 - 00000540 _____ C:\Users\mein Name\Desktop\rest.txt
2013-10-05 16:36 - 2013-09-18 23:36 - 00002738 _____ C:\Users\mein Name\Desktop\nicks.txt
2013-10-05 16:35 - 2013-10-11 16:00 - 00031232 _____ C:\Users\mein Name\Desktop\mobile.wps
2013-10-05 16:30 - 2013-10-05 16:30 - 00000000 ____D C:\Users\mein Name\AppData\Local\Hewlett-Packard
2013-10-05 16:02 - 2013-10-05 16:02 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-10-05 15:14 - 2013-10-14 21:16 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4071608636-3666989274-3695306699-1001
2013-10-05 15:09 - 2013-10-14 20:28 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Adobe
2013-10-05 15:09 - 2013-10-05 15:09 - 00001444 _____ C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-05 15:09 - 2013-10-05 15:09 - 00000000 __RSH C:\Windows\SysWOW64\Drivers\103C_HP_cPC_p6-2321eg_Y53316J_0U_QCZC2438N3V_E12CE3RR8605_4A_I2ADA_SFoxconn_V1.00_B8.09_T120928_W8101-0_L407_M8146_J500_7Intel_86A9_93.30_#121027_N10EC8168_Z_G10DE1049_Ohp CDDVDW SH-216BB_DSAM037B.MRK
2013-10-05 15:09 - 2013-10-05 15:09 - 00000000 __RSH C:\Windows\system32\Drivers\103C_HP_cPC_p6-2321eg_Y53316J_0U_QCZC2438N3V_E12CE3RR8605_4A_I2ADA_SFoxconn_V1.00_B8.09_T120928_W8101-0_L407_M8146_J500_7Intel_86A9_93.30_#121027_N10EC8168_Z_G10DE1049_Ohp CDDVDW SH-216BB_DSAM037B.MRK
2013-10-05 15:09 - 2013-10-05 15:09 - 00000000 ___RD C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-05 15:09 - 2013-10-05 15:09 - 00000000 ___RD C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-05 15:09 - 2013-10-05 15:09 - 00000000 ____D C:\Users\mein Name\AppData\Local\Power2Go8
2013-10-05 15:09 - 2012-10-27 03:30 - 00002217 _____ C:\Users\Public\Desktop\Snapfish Fotos.lnk
2013-10-05 15:08 - 2013-10-07 16:21 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Hewlett-Packard
2013-10-05 15:07 - 2013-10-17 20:13 - 00000000 ____D C:\Users\mein Name
2013-10-05 15:07 - 2013-10-07 18:48 - 00000000 ____D C:\Users\mein Name\AppData\Local\VirtualStore
2013-10-05 15:07 - 2013-10-05 15:33 - 00000000 ____D C:\Users\mein Name\AppData\Local\Packages
2013-10-05 15:07 - 2013-10-05 15:07 - 00000020 ___SH C:\Users\mein Name\ntuser.ini
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Vorlagen
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Startmenü
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Netzwerkumgebung
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Lokale Einstellungen
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Eigene Dateien
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Druckumgebung
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Documents\Eigene Musik
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Documents\Eigene Bilder
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\AppData\Local\Verlauf
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\AppData\Local\Anwendungsdaten
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Anwendungsdaten
2013-10-05 15:07 - 2012-10-27 03:16 - 00000000 ___HD C:\Users\mein Name\Documents\hp.system.package.metadata
2013-10-05 15:07 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-10-05 15:07 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-05 15:07 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-10-05 15:07 - 2012-07-26 10:13 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Programme
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Dokumente und Einstellungen
==================== One Month Modified Files and Folders =======
2013-10-18 21:41 - 2013-10-18 21:41 - 00000909 _____ C:\Users\mein Name\Desktop\JRT.txt
2013-10-18 21:39 - 2013-10-18 21:39 - 00000000 ____D C:\Windows\ERUNT
2013-10-18 21:39 - 2013-10-14 15:52 - 00654495 _____ C:\Windows\WindowsUpdate.log
2013-10-18 21:36 - 2013-10-18 21:36 - 01033335 _____ (Thisisu) C:\Users\mein Name\Desktop\JRT.exe
2013-10-18 21:31 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-10-18 21:30 - 2013-10-18 21:30 - 00001935 _____ C:\Users\mein Name\Desktop\AdwCleaner[S1].txt
2013-10-18 21:29 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-18 21:28 - 2013-10-14 20:47 - 00003758 _____ C:\Windows\PFRO.log
2013-10-18 21:28 - 2013-10-07 12:50 - 00000000 ____D C:\AdwCleaner
2013-10-18 21:12 - 2013-10-18 21:12 - 01050644 _____ C:\Users\mein Name\Desktop\adwcleaner.exe
2013-10-18 21:10 - 2013-10-18 21:09 - 00000000 ____D C:\Users\mein Name\Desktop\erster durchlauf
2013-10-18 21:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-10-18 20:56 - 2013-10-18 20:56 - 00001115 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-10-18 20:56 - 2013-10-18 20:56 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-18 20:51 - 2013-10-18 20:51 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\mein Name\Desktop\mbam-setup-1.75.0.1300.exe
2013-10-18 20:04 - 2013-10-18 20:04 - 00000117 _____ C:\Windows\system32\netcfg-82687218.txt
2013-10-18 18:19 - 2013-10-18 18:19 - 00000117 _____ C:\Windows\system32\netcfg-76396171.txt
2013-10-18 17:00 - 2013-10-18 17:00 - 00000117 _____ C:\Windows\system32\netcfg-71628218.txt
2013-10-18 16:33 - 2013-10-18 16:33 - 00000117 _____ C:\Windows\system32\netcfg-70002812.txt
2013-10-18 16:06 - 2013-10-18 16:06 - 00000117 _____ C:\Windows\system32\netcfg-68416562.txt
2013-10-18 16:03 - 2013-10-18 16:03 - 00000117 _____ C:\Windows\system32\netcfg-68218906.txt
2013-10-18 15:19 - 2013-10-07 18:48 - 00001206 _____ C:\Users\mein Name\AppData\Roaming\wklnhst.dat
2013-10-18 15:19 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-10-18 13:22 - 2012-10-27 12:06 - 00745562 _____ C:\Windows\system32\perfh007.dat
2013-10-18 13:22 - 2012-10-27 12:06 - 00169488 _____ C:\Windows\system32\perfc007.dat
2013-10-18 13:22 - 2012-07-26 09:28 - 01752656 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-18 13:06 - 2013-10-05 16:36 - 00057344 _____ C:\Users\mein Name\Desktop\Zitrus - Kontroll-Notizen.wps
2013-10-18 11:58 - 2013-10-18 11:52 - 00000000 ____D C:\Qoobox
2013-10-18 11:58 - 2012-07-26 07:37 - 00000000 __RHD C:\Users\Default
2013-10-18 11:57 - 2013-10-18 11:52 - 00000000 ____D C:\Windows\erdnt
2013-10-18 11:57 - 2012-07-26 07:26 - 00000215 _____ C:\Windows\system.ini
2013-10-18 11:48 - 2013-10-18 11:48 - 05134711 ____R (Swearware) C:\Users\mein Name\Desktop\ComboFix.exe
2013-10-18 11:38 - 2013-10-18 11:38 - 00000117 _____ C:\Windows\system32\netcfg-52339421.txt
2013-10-18 02:04 - 2013-10-18 02:04 - 00000117 _____ C:\Windows\system32\netcfg-17904453.txt
2013-10-17 22:54 - 2013-10-05 16:36 - 00000540 _____ C:\Users\mein Name\Desktop\rest.txt
2013-10-17 22:01 - 2013-10-17 18:46 - 00003026 _____ C:\Users\mein Name\Desktop\trojaner board.txt
2013-10-17 21:08 - 2013-10-17 21:08 - 00000117 _____ C:\Windows\system32\netcfg-139281.txt
2013-10-17 20:45 - 2013-10-17 20:45 - 00000117 _____ C:\Windows\system32\netcfg-15628828.txt
2013-10-17 20:29 - 2013-10-17 20:29 - 00377856 _____ C:\Users\mein Name\Desktop\gmer_2.1.19163.exe
2013-10-17 20:21 - 2013-10-17 20:21 - 00000000 ____D C:\FRST
2013-10-17 20:15 - 2013-10-17 20:15 - 01954124 _____ (Farbar) C:\Users\mein Name\Desktop\FRST64.exe
2013-10-17 20:13 - 2013-10-17 20:13 - 00000000 _____ C:\Users\mein Name\defogger_reenable
2013-10-17 20:13 - 2013-10-05 15:07 - 00000000 ____D C:\Users\mein Name
2013-10-17 20:10 - 2013-10-17 20:10 - 00050477 _____ C:\Users\mein Name\Desktop\Defogger.exe
2013-10-17 20:00 - 2013-10-17 20:00 - 00000117 _____ C:\Windows\system32\netcfg-12919140.txt
2013-10-17 19:31 - 2013-10-17 19:31 - 00000117 _____ C:\Windows\system32\netcfg-11188875.txt
2013-10-17 18:36 - 2013-10-17 18:36 - 00000117 _____ C:\Windows\system32\netcfg-7862437.txt
2013-10-17 18:36 - 2013-10-17 18:36 - 00000117 _____ C:\Windows\system32\netcfg-7862234.txt
2013-10-17 16:26 - 2013-10-17 12:48 - 00000000 ____D C:\ProgramData\Trend Micro
2013-10-17 16:13 - 2013-10-17 16:13 - 00000117 _____ C:\Windows\system32\netcfg-12582312.txt
2013-10-17 16:11 - 2013-10-17 16:11 - 00000117 _____ C:\Windows\system32\netcfg-12431531.txt
2013-10-17 15:26 - 2013-10-17 15:26 - 00000117 _____ C:\Windows\system32\netcfg-9764437.txt
2013-10-17 15:26 - 2013-10-17 15:26 - 00000117 _____ C:\Windows\system32\netcfg-9764000.txt
2013-10-17 12:55 - 2013-10-17 12:55 - 00000000 ____D C:\TMRescueDisk
2013-10-17 12:50 - 2013-10-17 12:50 - 00001429 _____ C:\Users\mein Name\Desktop\Trend Micro Titanium Internet Security.lnk
2013-10-17 12:50 - 2013-10-17 12:50 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security
2013-10-17 12:50 - 2012-07-26 10:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-10-17 12:49 - 2013-10-17 12:49 - 00003268 _____ C:\Windows\System32\Tasks\Titanium BTC
2013-10-17 12:48 - 2013-10-17 12:48 - 00000059 _____ C:\Windows\system32\SupportTool.exe.bat
2013-10-17 12:48 - 2013-10-17 12:47 - 00000000 ____D C:\Program Files\Trend Micro
2013-10-17 12:45 - 2013-10-17 12:45 - 00000036 _____ C:\Users\mein Name\AppData\Local\housecall.guid.cache
2013-10-17 12:43 - 2013-10-17 12:43 - 00000000 ____D C:\Users\mein Name\AppData\Local\Trend Micro
2013-10-17 12:41 - 2013-10-17 12:37 - 115016720 _____ (Trend Micro Inc.) C:\Users\Public\Desktop\Trend_Micro.exe
2013-10-17 12:34 - 2013-10-17 12:34 - 06631240 _____ (Trend Micro Inc.) C:\Users\mein Name\Desktop\Titanium_Internet_Security_2014.exe
2013-10-17 12:20 - 2013-10-17 12:20 - 00000117 _____ C:\Windows\system32\netcfg-45127859.txt
2013-10-17 12:01 - 2013-10-17 12:01 - 00000117 _____ C:\Windows\system32\netcfg-44028093.txt
2013-10-17 11:39 - 2013-10-17 11:39 - 00000117 _____ C:\Windows\system32\netcfg-42720328.txt
2013-10-17 11:39 - 2013-10-17 11:39 - 00000117 _____ C:\Windows\system32\netcfg-42698062.txt
2013-10-17 11:39 - 2013-10-17 11:39 - 00000117 _____ C:\Windows\system32\netcfg-42687218.txt
2013-10-17 11:28 - 2013-10-17 11:28 - 00000117 _____ C:\Windows\system32\netcfg-42011015.txt
2013-10-16 23:35 - 2013-10-16 23:35 - 00000115 _____ C:\Users\mein Name\Desktop\igno.txt
2013-10-16 21:03 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\LiveKernelReports
2013-10-16 20:33 - 2013-10-05 21:40 - 00000000 ____D C:\ProgramData\Oracle
2013-10-16 20:31 - 2013-10-16 20:30 - 00004278 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-16 20:31 - 2013-10-07 17:28 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-16 20:29 - 2013-10-16 20:29 - 00915368 _____ (Oracle Corporation) C:\Users\mein Name\Desktop\jxpiinstall.exe
2013-10-16 19:48 - 2013-10-16 19:48 - 00000117 _____ C:\Windows\system32\netcfg-18356390.txt
2013-10-16 19:06 - 2013-10-16 19:06 - 00000117 _____ C:\Windows\system32\netcfg-15839953.txt
2013-10-16 18:46 - 2013-10-16 18:46 - 00000117 _____ C:\Windows\system32\netcfg-14612062.txt
2013-10-16 18:35 - 2013-10-16 18:35 - 00000117 _____ C:\Windows\system32\netcfg-13975906.txt
2013-10-16 17:42 - 2013-10-16 17:42 - 00000117 _____ C:\Windows\system32\netcfg-10798078.txt
2013-10-16 17:39 - 2013-10-16 17:39 - 00000117 _____ C:\Windows\system32\netcfg-10600734.txt
2013-10-16 16:51 - 2013-10-16 16:51 - 00000117 _____ C:\Windows\system32\netcfg-7723078.txt
2013-10-16 16:48 - 2013-10-16 16:48 - 00000117 _____ C:\Windows\system32\netcfg-7538093.txt
2013-10-16 15:59 - 2013-10-16 15:59 - 00000117 _____ C:\Windows\system32\netcfg-4630343.txt
2013-10-16 15:59 - 2013-10-16 15:59 - 00000117 _____ C:\Windows\system32\netcfg-4629437.txt
2013-10-16 14:42 - 2013-10-05 21:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-16 14:42 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-10-16 13:31 - 2013-10-06 14:27 - 00001378 _____ C:\Users\mein Name\Desktop\gangschaltung.txt
2013-10-16 13:27 - 2013-10-16 13:27 - 00010240 _____ C:\Users\mein Name\Desktop\fahrrad fahren.wps
2013-10-16 11:39 - 2013-10-16 11:39 - 00000117 _____ C:\Windows\system32\netcfg-139965953.txt
2013-10-16 02:20 - 2013-10-16 02:20 - 00000117 _____ C:\Windows\system32\netcfg-106381421.txt
2013-10-15 19:26 - 2013-10-15 19:26 - 00000117 _____ C:\Windows\system32\netcfg-81555171.txt
2013-10-15 19:07 - 2013-10-15 19:07 - 00000117 _____ C:\Windows\system32\netcfg-80413812.txt
2013-10-15 15:56 - 2013-10-15 15:56 - 00000117 _____ C:\Windows\system32\netcfg-68955843.txt
2013-10-15 15:40 - 2013-10-15 15:40 - 00000117 _____ C:\Windows\system32\netcfg-67993203.txt
2013-10-15 14:37 - 2013-10-15 14:37 - 00000117 _____ C:\Windows\system32\netcfg-64215875.txt
2013-10-15 13:26 - 2013-10-15 13:26 - 00000117 _____ C:\Windows\system32\netcfg-59930578.txt
2013-10-15 10:47 - 2013-10-14 18:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-15 10:44 - 2013-10-15 10:44 - 00000117 _____ C:\Windows\system32\netcfg-50255078.txt
2013-10-15 10:44 - 2013-10-15 10:44 - 00000117 _____ C:\Windows\system32\netcfg-50253234.txt
2013-10-14 21:16 - 2013-10-05 15:14 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4071608636-3666989274-3695306699-1001
2013-10-14 20:29 - 2013-10-14 20:27 - 00000000 ____D C:\ProgramData\Adobe
2013-10-14 20:28 - 2013-10-05 21:34 - 00000000 ____D C:\Users\mein Name\AppData\Local\Adobe
2013-10-14 20:28 - 2013-10-05 15:09 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Adobe
2013-10-14 20:27 - 2013-10-14 20:27 - 00002021 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-10-14 20:27 - 2013-10-14 20:27 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-10-14 20:24 - 2013-10-08 17:44 - 00000000 ____D C:\ProgramData\Yahoo!
2013-10-14 20:24 - 2013-10-08 17:42 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2013-10-14 20:20 - 2013-10-14 20:20 - 00000000 ____D C:\Windows\Sun
2013-10-14 20:19 - 2013-10-14 20:19 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\UpdaterEX
2013-10-14 20:19 - 2013-10-14 20:19 - 00000000 ____D C:\Users\mein Name\AppData\Local\Google
2013-10-14 20:06 - 2013-10-14 20:06 - 00000117 _____ C:\Windows\system32\netcfg-197544125.txt
2013-10-14 19:42 - 2013-10-14 19:42 - 00000117 _____ C:\Windows\system32\netcfg-196122671.txt
2013-10-14 16:44 - 2013-10-14 16:44 - 00000117 _____ C:\Windows\system32\netcfg-185445437.txt
2013-10-14 16:13 - 2013-10-14 16:13 - 00000117 _____ C:\Windows\system32\netcfg-183582062.txt
2013-10-14 09:38 - 2013-10-14 09:38 - 00000117 _____ C:\Windows\system32\netcfg-159871250.txt
2013-10-14 02:01 - 2013-10-14 02:01 - 00000117 _____ C:\Windows\system32\netcfg-132414328.txt
2013-10-13 20:27 - 2013-10-13 20:27 - 00009216 _____ C:\Users\mein Name\Desktop\laterne basteln.wps
2013-10-13 19:23 - 2013-10-13 19:23 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Yahoo!
2013-10-13 19:22 - 2013-10-13 19:22 - 00000117 _____ C:\Windows\system32\netcfg-108519484.txt
2013-10-13 19:00 - 2013-10-13 19:00 - 00000117 _____ C:\Windows\system32\netcfg-107204859.txt
2013-10-13 17:38 - 2013-10-05 21:45 - 00000000 ____D C:\Users\mein Name\AppData\Local\Thunderbird
2013-10-13 17:01 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF
2013-10-13 16:16 - 2013-10-13 16:16 - 00000117 _____ C:\Windows\system32\netcfg-97367828.txt
2013-10-13 15:40 - 2013-10-13 15:40 - 00000117 _____ C:\Windows\system32\netcfg-95173625.txt
2013-10-13 12:33 - 2013-10-13 12:33 - 00000117 _____ C:\Windows\system32\netcfg-83950609.txt
2013-10-13 02:40 - 2013-10-13 02:40 - 00000117 _____ C:\Windows\system32\netcfg-48368703.txt
2013-10-12 20:06 - 2013-10-12 20:06 - 00000117 _____ C:\Windows\system32\netcfg-24720421.txt
2013-10-12 17:38 - 2013-10-12 17:38 - 00071550 _____ C:\Users\mein Name\Desktop\cc_20131012_173753.reg
2013-10-12 17:38 - 2013-10-12 17:38 - 00007196 _____ C:\Users\mein Name\Desktop\cc_20131012_173821.reg
2013-10-12 17:38 - 2013-10-12 17:38 - 00000117 _____ C:\Windows\system32\netcfg-15891765.txt
2013-10-12 17:35 - 2012-08-02 04:02 - 00000000 ____D C:\Windows\Panther
2013-10-12 17:33 - 2013-10-12 17:33 - 00002780 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-10-12 17:33 - 2013-10-12 17:33 - 00000824 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-10-12 17:33 - 2013-10-12 17:32 - 00000000 ____D C:\Program Files\CCleaner
2013-10-12 17:31 - 2013-10-12 17:31 - 03294168 _____ (Piriform Ltd) C:\Users\mein Name\Desktop\ccsetup406_slim.exe
2013-10-12 16:57 - 2012-10-27 03:22 - 00000000 ____D C:\ProgramData\CyberLink
2013-10-12 16:55 - 2013-10-12 16:55 - 00000000 ____D C:\Users\mein Name\Desktop\von stick
2013-10-12 16:51 - 2013-10-12 16:51 - 00001579 _____ C:\Users\mein Name\Desktop\PS - Verknüpfung.lnk
2013-10-12 16:50 - 2013-10-12 16:50 - 00000000 ____D C:\Users\Public\Documents\CyberLink
2013-10-12 16:50 - 2013-10-12 16:50 - 00000000 ____D C:\Users\Public\CyberLink
2013-10-12 16:50 - 2013-10-12 16:50 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\CyberLink
2013-10-12 13:14 - 2012-07-26 09:19 - 00339760 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-11 20:37 - 2013-10-11 20:37 - 00000117 _____ C:\Windows\system32\netcfg-360564218.txt
2013-10-11 20:34 - 2013-10-11 20:34 - 00000117 _____ C:\Windows\system32\netcfg-360358000.txt
2013-10-11 19:51 - 2013-10-11 19:51 - 00000117 _____ C:\Windows\system32\netcfg-357810250.txt
2013-10-11 19:44 - 2013-10-11 19:44 - 00000117 _____ C:\Windows\system32\netcfg-357392078.txt
2013-10-11 17:49 - 2013-10-11 17:49 - 00000117 _____ C:\Windows\system32\netcfg-350465515.txt
2013-10-11 17:34 - 2013-10-11 17:34 - 00000117 _____ C:\Windows\system32\netcfg-349605890.txt
2013-10-11 16:00 - 2013-10-05 16:35 - 00031232 _____ C:\Users\mein Name\Desktop\mobile.wps
2013-10-11 13:10 - 2013-10-11 13:10 - 00000117 _____ C:\Windows\system32\netcfg-333730328.txt
2013-10-11 13:10 - 2013-10-11 13:10 - 00000117 _____ C:\Windows\system32\netcfg-333729484.txt
2013-10-10 21:07 - 2013-10-10 21:07 - 00000117 _____ C:\Windows\system32\netcfg-275984031.txt
2013-10-10 21:06 - 2013-10-10 21:06 - 00000117 _____ C:\Windows\system32\netcfg-275911203.txt
2013-10-10 20:12 - 2013-10-10 20:12 - 00000117 _____ C:\Windows\system32\netcfg-272673031.txt
2013-10-10 19:39 - 2013-10-10 19:39 - 00000117 _____ C:\Windows\system32\netcfg-270674671.txt
2013-10-10 18:16 - 2013-10-10 18:16 - 00000117 _____ C:\Windows\system32\netcfg-265728343.txt
2013-10-10 16:20 - 2013-10-10 16:20 - 00000117 _____ C:\Windows\system32\netcfg-258740062.txt
2013-10-10 11:43 - 2013-10-10 11:43 - 00000117 _____ C:\Windows\system32\netcfg-242127203.txt
2013-10-10 02:29 - 2013-10-10 02:29 - 00000117 _____ C:\Windows\system32\netcfg-208915015.txt
2013-10-09 20:17 - 2013-10-09 20:17 - 00000117 _____ C:\Windows\system32\netcfg-186591750.txt
2013-10-09 18:46 - 2013-10-09 18:46 - 00000117 _____ C:\Windows\system32\netcfg-181124921.txt
2013-10-09 18:08 - 2013-10-09 18:08 - 00000117 _____ C:\Windows\system32\netcfg-178847390.txt
2013-10-09 17:03 - 2013-10-09 17:03 - 00000117 _____ C:\Windows\system32\netcfg-174927609.txt
2013-10-09 16:32 - 2013-10-09 16:32 - 00000117 _____ C:\Windows\system32\netcfg-173074687.txt
2013-10-09 16:26 - 2013-10-09 16:26 - 00000117 _____ C:\Windows\system32\netcfg-172735734.txt
2013-10-09 15:41 - 2013-10-09 15:41 - 00000146 _____ C:\Users\mein Name\Desktop\Windows Defender - Verknüpfung.lnk
2013-10-09 13:23 - 2013-10-09 13:23 - 00002771 _____ C:\Users\mein Name\Desktop\Citrus.txt
2013-10-09 11:59 - 2013-10-09 11:59 - 00000117 _____ C:\Windows\system32\netcfg-156687515.txt
2013-10-09 03:09 - 2013-10-09 03:09 - 00000117 _____ C:\Windows\system32\netcfg-124885515.txt
2013-10-08 21:10 - 2013-10-08 21:10 - 00000117 _____ C:\Windows\system32\netcfg-103343062.txt
2013-10-08 21:03 - 2013-10-08 21:03 - 00000117 _____ C:\Windows\system32\netcfg-102917531.txt
2013-10-08 20:11 - 2013-10-08 20:11 - 00000117 _____ C:\Windows\system32\netcfg-99830078.txt
2013-10-08 19:44 - 2013-10-08 19:44 - 00000117 _____ C:\Windows\system32\netcfg-98209328.txt
2013-10-08 17:44 - 2013-10-08 17:44 - 00001143 _____ C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2013-10-08 17:29 - 2013-10-08 17:29 - 00000117 _____ C:\Windows\system32\netcfg-90112281.txt
2013-10-08 17:21 - 2013-10-08 17:21 - 00000117 _____ C:\Windows\system32\netcfg-89583859.txt
2013-10-08 15:19 - 2013-10-08 15:19 - 00000117 _____ C:\Windows\system32\netcfg-82270359.txt
2013-10-08 13:43 - 2013-10-08 13:43 - 00000117 _____ C:\Windows\system32\netcfg-76551343.txt
2013-10-08 11:36 - 2013-10-08 11:36 - 00001920 _____ C:\Users\mein Name\Desktop\beckenboden.txt
2013-10-08 11:03 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-10-08 11:01 - 2013-10-08 11:01 - 00000117 _____ C:\Windows\system32\netcfg-66818187.txt
2013-10-08 07:50 - 2013-10-16 20:31 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-08 07:46 - 2013-10-16 20:31 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-08 07:46 - 2013-10-16 20:31 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-08 07:46 - 2013-10-16 20:31 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-08 02:42 - 2013-10-08 02:42 - 00000117 _____ C:\Windows\system32\netcfg-36863578.txt
2013-10-07 20:16 - 2013-10-07 20:16 - 00000117 _____ C:\Windows\system32\netcfg-13684281.txt
2013-10-07 18:48 - 2013-10-07 18:48 - 00001173 _____ C:\Users\mein Name\Desktop\Microsoft Works.LNK
2013-10-07 18:48 - 2013-10-07 18:48 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Template
2013-10-07 18:48 - 2013-10-05 15:07 - 00000000 ____D C:\Users\mein Name\AppData\Local\VirtualStore
2013-10-07 18:39 - 2013-10-07 18:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-10-07 18:39 - 2013-10-07 18:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2013-10-07 18:23 - 2013-10-07 18:23 - 00000117 _____ C:\Windows\system32\netcfg-6917859.txt
2013-10-07 17:40 - 2013-10-07 17:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-07 17:21 - 2013-10-07 17:21 - 00000117 _____ C:\Windows\system32\netcfg-3235453.txt
2013-10-07 17:19 - 2013-10-07 17:19 - 00000117 _____ C:\Windows\system32\netcfg-3122375.txt
2013-10-07 17:17 - 2013-10-07 17:17 - 00000117 _____ C:\Windows\system32\netcfg-2989796.txt
2013-10-07 17:16 - 2013-10-07 17:16 - 00000117 _____ C:\Windows\system32\netcfg-2906203.txt
2013-10-07 17:15 - 2013-10-07 17:15 - 00000117 _____ C:\Windows\system32\netcfg-2872484.txt
2013-10-07 17:11 - 2013-10-07 17:11 - 00001153 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-07 17:11 - 2013-10-07 17:11 - 00000117 _____ C:\Windows\system32\netcfg-2589859.txt
2013-10-07 17:11 - 2013-10-07 17:11 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Mozilla
2013-10-07 16:33 - 2013-10-07 16:33 - 00000117 _____ C:\Windows\system32\netcfg-323750.txt
2013-10-07 16:33 - 2013-10-07 16:33 - 00000117 _____ C:\Windows\system32\netcfg-323734.txt
2013-10-07 16:33 - 2013-10-07 16:33 - 00000117 _____ C:\Windows\system32\netcfg-317734.txt
2013-10-07 16:27 - 2013-10-07 16:27 - 00000117 _____ C:\Windows\system32\netcfg-1062062.txt
2013-10-07 16:26 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-10-07 16:23 - 2012-10-27 03:16 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2013-10-07 16:21 - 2013-10-07 16:21 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\hpqLog
2013-10-07 16:21 - 2013-10-05 15:08 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Hewlett-Packard
2013-10-07 16:21 - 2012-10-27 03:17 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-10-07 16:16 - 2013-10-07 16:15 - 00000117 _____ C:\Windows\system32\netcfg-354828.txt
2013-10-07 16:12 - 2013-10-07 16:12 - 00000000 ____D C:\ProgramData\Simply Super Software
2013-10-07 16:10 - 2013-10-07 16:10 - 00000117 _____ C:\Windows\system32\netcfg-27484.txt
2013-10-07 15:08 - 2013-10-07 15:08 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Malwarebytes
2013-10-07 15:08 - 2013-10-07 15:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-07 15:06 - 2013-10-07 15:06 - 00000117 _____ C:\Windows\system32\netcfg-5651812.txt
2013-10-07 15:06 - 2013-10-07 15:06 - 00000117 _____ C:\Windows\system32\netcfg-5651515.txt
2013-10-07 13:25 - 2013-10-07 13:25 - 00000117 _____ C:\Windows\system32\netcfg-80359.txt
2013-10-07 13:25 - 2013-10-07 13:25 - 00000117 _____ C:\Windows\system32\netcfg-79609.txt
2013-10-07 12:47 - 2013-10-07 12:47 - 01045226 _____ C:\Users\mein Name\Desktop\adwcleaner_3.0.0.6.exe
2013-10-07 11:40 - 2013-10-07 11:40 - 00000117 _____ C:\Windows\system32\netcfg-135726031.txt
2013-10-07 01:49 - 2013-10-07 01:49 - 00000117 _____ C:\Windows\system32\netcfg-100287125.txt
2013-10-06 20:14 - 2013-10-06 20:14 - 00000117 _____ C:\Windows\system32\netcfg-80143484.txt
2013-10-06 19:13 - 2013-10-06 19:13 - 00000117 _____ C:\Windows\system32\netcfg-76489531.txt
2013-10-06 17:16 - 2013-10-06 17:16 - 00000117 _____ C:\Windows\system32\netcfg-69504921.txt
2013-10-06 15:43 - 2013-10-06 15:43 - 00000117 _____ C:\Windows\system32\netcfg-63923812.txt
2013-10-06 15:19 - 2013-10-06 15:19 - 00000117 _____ C:\Windows\system32\netcfg-62479484.txt
2013-10-06 15:05 - 2013-10-06 15:05 - 00000117 _____ C:\Windows\system32\netcfg-61607500.txt
2013-10-06 14:05 - 2013-10-06 14:05 - 00000117 _____ C:\Windows\system32\netcfg-58040500.txt
2013-10-06 14:05 - 2013-10-06 14:05 - 00000117 _____ C:\Windows\system32\netcfg-58039734.txt
2013-10-06 12:11 - 2013-10-06 12:11 - 00000117 _____ C:\Windows\system32\netcfg-51167828.txt
2013-10-06 12:11 - 2013-10-06 12:11 - 00000117 _____ C:\Windows\system32\netcfg-51167468.txt
2013-10-06 00:50 - 2012-07-26 10:13 - 00262144 _____ C:\Windows\system32\config\BCD-Template
2013-10-06 00:49 - 2013-10-06 00:49 - 00000000 ____D C:\ProgramData\Recovery
2013-10-05 21:52 - 2013-10-05 21:52 - 00000936 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2013-10-05 21:52 - 2013-10-05 21:52 - 00000000 ____D C:\Program Files (x86)\epson
2013-10-05 21:45 - 2013-10-05 21:45 - 00002092 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2013-10-05 21:45 - 2013-10-05 21:45 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Thunderbird
2013-10-05 21:40 - 2013-10-05 21:40 - 00000000 ____D C:\ProgramData\Sun
2013-10-05 21:36 - 2013-10-05 21:36 - 00000000 ____D C:\Users\mein Name\AppData\Local\Macromedia
2013-10-05 21:15 - 2013-10-05 21:12 - 00000000 ____D C:\Users\mein Name\AppData\Local\Mozilla
2013-10-05 21:12 - 2013-10-05 21:12 - 00000000 ____D C:\ProgramData\Mozilla
2013-10-05 21:10 - 2013-10-05 21:10 - 00001008 _____ C:\Users\mein Name\Desktop\IrfanView.lnk
2013-10-05 21:10 - 2013-10-05 21:10 - 00000000 ____D C:\Program Files (x86)\IrfanView
2013-10-05 21:03 - 2013-10-05 21:03 - 00000117 _____ C:\Windows\system32\netcfg-15950734.txt
2013-10-05 20:10 - 2013-10-05 20:10 - 00000117 _____ C:\Windows\system32\netcfg-12765281.txt
2013-10-05 19:23 - 2013-10-05 19:23 - 00000117 _____ C:\Windows\system32\netcfg-9918046.txt
2013-10-05 18:08 - 2013-10-05 18:08 - 00000117 _____ C:\Windows\system32\netcfg-5405031.txt
2013-10-05 17:19 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-10-05 17:18 - 2012-07-26 11:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-10-05 17:18 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\SysWOW64\winrm
2013-10-05 17:18 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2013-10-05 17:18 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2013-10-05 17:18 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-10-05 17:18 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2013-10-05 17:18 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\en-GB
2013-10-05 17:18 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-10-05 17:18 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-10-05 17:18 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\System
2013-10-05 17:18 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-10-05 17:18 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-10-05 17:18 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\oobe
2013-10-05 17:18 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2013-10-05 17:17 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\SysWOW64\WCN
2013-10-05 17:17 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2013-10-05 17:17 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\system32\winrm
2013-10-05 17:17 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\system32\slmgr
2013-10-05 17:17 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2013-10-05 17:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\MUI
2013-10-05 17:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2013-10-05 17:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\Com
2013-10-05 17:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\migwiz
2013-10-05 17:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\inetsrv
2013-10-05 17:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\en-GB
2013-10-05 17:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-10-05 17:17 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-10-05 17:17 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Sysprep
2013-10-05 17:17 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-10-05 17:16 - 2013-10-05 17:16 - 00000000 ____D C:\sources
2013-10-05 17:16 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\system32\WCN
2013-10-05 17:16 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2013-10-05 17:16 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2013-10-05 17:16 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\MUI
2013-10-05 17:16 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\Com
2013-10-05 17:16 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Dism
2013-10-05 16:58 - 2013-10-05 16:58 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Macromedia
2013-10-05 16:45 - 2013-10-05 16:45 - 00000117 _____ C:\Windows\system32\netcfg-477953.txt
2013-10-05 16:45 - 2013-10-05 16:45 - 00000117 _____ C:\Windows\system32\netcfg-477921.txt
2013-10-05 16:45 - 2013-10-05 16:45 - 00000117 _____ C:\Windows\system32\netcfg-477734.txt
2013-10-05 16:45 - 2013-10-05 16:45 - 00000117 _____ C:\Windows\system32\netcfg-474468.txt
2013-10-05 16:30 - 2013-10-05 16:30 - 00000000 ____D C:\Users\mein Name\AppData\Local\Hewlett-Packard
2013-10-05 16:21 - 2012-10-27 03:33 - 00000000 ____D C:\ProgramData\Norton
2013-10-05 16:02 - 2013-10-05 16:02 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-10-05 15:33 - 2013-10-05 15:07 - 00000000 ____D C:\Users\mein Name\AppData\Local\Packages
2013-10-05 15:31 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\restore
2013-10-05 15:09 - 2013-10-05 15:09 - 00001444 _____ C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-05 15:09 - 2013-10-05 15:09 - 00000000 __RSH C:\Windows\SysWOW64\Drivers\103C_HP_cPC_p6-2321eg_Y53316J_0U_QCZC2438N3V_E12CE3RR8605_4A_I2ADA_SFoxconn_V1.00_B8.09_T120928_W8101-0_L407_M8146_J500_7Intel_86A9_93.30_#121027_N10EC8168_Z_G10DE1049_Ohp CDDVDW SH-216BB_DSAM037B.MRK
2013-10-05 15:09 - 2013-10-05 15:09 - 00000000 __RSH C:\Windows\system32\Drivers\103C_HP_cPC_p6-2321eg_Y53316J_0U_QCZC2438N3V_E12CE3RR8605_4A_I2ADA_SFoxconn_V1.00_B8.09_T120928_W8101-0_L407_M8146_J500_7Intel_86A9_93.30_#121027_N10EC8168_Z_G10DE1049_Ohp CDDVDW SH-216BB_DSAM037B.MRK
2013-10-05 15:09 - 2013-10-05 15:09 - 00000000 ___RD C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-05 15:09 - 2013-10-05 15:09 - 00000000 ___RD C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-05 15:09 - 2013-10-05 15:09 - 00000000 ____D C:\Users\mein Name\AppData\Local\Power2Go8
2013-10-05 15:09 - 2012-10-27 03:32 - 00000000 ___RD C:\Program Files\Online Services
2013-10-05 15:09 - 2012-10-27 03:23 - 00000000 ___RD C:\Program Files (x86)\Online Services
2013-10-05 15:09 - 2012-09-12 15:34 - 00000000 ___RD C:\hp
2013-10-05 15:09 - 2012-08-02 05:15 - 00000000 ____D C:\SWSETUP
2013-10-05 15:09 - 2012-08-01 11:57 - 00000000 ___RD C:\SYSTEM.SAV
2013-10-05 15:09 - 2012-07-26 10:12 - 00000000 __SHD C:\Program Files\Windows Sidebar
2013-10-05 15:07 - 2013-10-05 15:07 - 00000020 ___SH C:\Users\mein Name\ntuser.ini
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Vorlagen
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Startmenü
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Netzwerkumgebung
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Lokale Einstellungen
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Eigene Dateien
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Druckumgebung
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Documents\Eigene Musik
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Documents\Eigene Bilder
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\AppData\Local\Verlauf
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\AppData\Local\Anwendungsdaten
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Anwendungsdaten
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Programme
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-10-05 14:58 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows NT
2013-09-18 23:36 - 2013-10-05 16:36 - 00002738 _____ C:\Users\mein Name\Desktop\nicks.txt
Some content of TEMP:
====================
C:\Users\mein Name\AppData\Local\temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-15 12:10
==================== End Of Log ============================
--- --- --- --- --- --- vielen Dank ! liebe Grüße |
|
19.10.2013, 14:40
| #6 |
| /// the machine /// TB-Ausbilder | Windows 8 ; immer langsamer, hängt und friert einESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ --> Windows 8 ; immer langsamer, hängt und friert ein |
|
19.10.2013, 18:15
| #7 |
| | Windows 8 ; immer langsamer, hängt und friert ein hallo schrauber, danke für deine Mühen und die - doch recht zügige - Abarbeitung meines Problems. Bevor ich mich hier registriert hatte, hatte ich mich schon etwas eingehender mit der SAche beschäftigt. So z.B. hatte ich Scans mit Malwarebytes machen lassen, die mit Befund waren. In einem anderen Threat -in diesem Forum- war die Rede von gefährlichen Websites und Bildbetrachtern, insbesondere von ImageView und ImageAvenue. Ich meine mich erinnern zu können, Imageavenue - Bilder geladen zu haben (Fotos waren riesengroß) und das auch auch aus diesem Zeitraum stammende Veränderungen eingetreten waren. *Just to your Info* Den letzten -aus meiner Initiative durchgeführten- Scan, füge ich mit ein. Bilanz: zwischenzeitlich schien es mal so, als sei der PC etwas schneller geworden aber inzwischen ist wieder kein Unterschied spürbar. Programme öffnen sehr zäh und Internet ist noch genauso träge wie zuvor. Es folgen die Log´s: als erstes der von Malwarebytes mit Befund Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.10.16.06 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16384 mein Name :: NAME [Administrator] 16.10.2013 14:35:58 mbam-log-2013-10-16 (14-35-58).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 197666 Laufzeit: 1 Minute(n), 49 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 6 HKCR\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} (PUP.Optional.Wajam) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 1 HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Daten: 0Z1N1J -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 7 C:\ProgramData\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\BonanzaDealsLive\Update (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\BonanzaDealsLive\Update\Log (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\mein Name\AppData\Local\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\mein Name\AppData\Local\BonanzaDealsLive\CrashReports (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\BonanzaDealsLive\CrashReports (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateien: 3 C:\Users\mein Name\AppData\Local\Temp\is1275519350\198266466_stp\wajam_download.exe (PUP.Optional.Wajam) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\mein Name\AppData\Local\Temp\is1275519350\198266525_stp\bd.exe (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\BonanzaDealsLive\Update\Log\BonanzaDealsLive.log (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=2962e23f203a714395af0bd621089ddc
# engine=15548
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-10-19 03:05:38
# local_time=2013-10-19 05:05:38 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=5893 16776574 100 94 268383 38925050 0 0
# scanned=237133
# found=0
# cleaned=0
# scan_time=3137
FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-10-2013
Ran by mein Name (administrator) on NAME on 19-10-2013 18:51:05
Running from C:\Users\mein Name\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
(Intel(R) Corporation) c:\Program Files\Intel\iCLS Client\HeciServer.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Win8Cpnt\TmToastNotificationCaller.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [BeatsOSDApp] - C:\Program Files\IDT\WDM\beats64.exe [37888 2012-08-10] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-08-10] (IDT, Inc.)
HKLM\...\Run: [Trend Micro Client Framework] - C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [221584 2013-07-23] (Trend Micro Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK13/4
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {94B26480-D04E-468B-85A0-89A447BF8438} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: TSToolbarBHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
BHO: TmIEPlugInBHO Class - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg.dll (Trend Micro Inc.)
BHO: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1109\8.0.1109\TmBpIe64.dll (Trend Micro Inc.)
BHO-x32: TSToolbarBHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: TmIEPlugInBHO Class - {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg32.dll (Trend Micro Inc.)
BHO-x32: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1109\8.0.1109\TmBpIe32.dll (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - TrendMicro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
Toolbar: HKLM-x32 - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1109\8.0.1109\TmBpIe64.dll (Trend Micro Inc.)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg.dll (Trend Micro Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - No File
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1109\8.0.1109\TmBpIe32.dll (Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1277\1.6.1092\TmopIEPlg32.dll (Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\mein Name\AppData\Roaming\Mozilla\Firefox\Profiles\cwdtpita.default
FF Homepage: hxxp://www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @TrendMicro.com/FFExtension - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll (Trend Micro Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: savedpasswordeditor - C:\Users\mein Name\AppData\Roaming\Mozilla\Firefox\Profiles\cwdtpita.default\Extensions\savedpasswordeditor@daniel.dawson.xpi
FF Extension: No Name - C:\Users\mein Name\AppData\Roaming\Mozilla\Firefox\Profiles\cwdtpita.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1109\8.0.1109\firefoxextension
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1109\8.0.1109\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1109\8.0.1109\firefoxextension
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1109\8.0.1109\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [{BBB77B49-9FF4-4d5c-8FE2-92B1D6CD696C}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension\
FF Extension: Trend Micro Osprey Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension\
FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1109\8.0.1109\chrome_tmbep.crx
CHR HKLM-x32\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1109\8.0.1109\chrome_tmbep.crx
CHR HKLM-x32\...\Chrome\Extension: [fmgckcapmffomaifonnhgkfdgljnkpgi] - C:\Program Files\Trend Micro\AMSP\module\20013\ChromeExt\chromeextension\TmOspreychromeExt.crx
==================== Services (Whitelisted) =================
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-26] (Microsoft Corporation)
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [x]
==================== Drivers (Whitelisted) ====================
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [116264 2013-09-04] (Trend Micro Inc.)
R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [282624 2013-09-04] (Trend Micro Inc.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [50976 2013-07-01] (Trend Micro Inc.)
R3 tmeevw; C:\Windows\system32\DRIVERS\tmeevw.sys [100640 2013-06-13] (Trend Micro Inc.)
S0 tmel; C:\Windows\System32\DRIVERS\tmel.sys [37904 2013-07-11] (Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [85424 2013-09-04] (Trend Micro Inc.)
R3 tmnciesc; C:\Windows\system32\DRIVERS\tmnciesc.sys [303392 2013-05-15] (Trend Micro Inc.)
R2 tmusa; C:\Windows\system32\DRIVERS\tmusa.sys [103712 2013-07-08] (Trend Micro Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [30208 2012-07-26] (Microsoft Corporation)
U2 TMAgent;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-19 18:49 - 2013-10-19 18:49 - 01954548 _____ (Farbar) C:\Users\mein Name\Desktop\FRST64.exe
2013-10-19 18:26 - 2013-10-19 18:26 - 00000938 _____ C:\Users\mein Name\Desktop\checkup.txt
2013-10-19 18:22 - 2013-10-19 18:22 - 00891167 _____ C:\Users\mein Name\Desktop\SecurityCheck.exe
2013-10-19 18:17 - 2013-10-19 18:17 - 00000117 _____ C:\Windows\system32\netcfg-8169078.txt
2013-10-19 17:12 - 2013-10-19 17:12 - 00000117 _____ C:\Windows\system32\netcfg-4243156.txt
2013-10-19 16:07 - 2013-10-19 16:07 - 02347384 _____ (ESET) C:\Users\mein Name\Desktop\esetsmartinstaller_enu.exe
2013-10-19 14:00 - 2013-10-19 14:00 - 00006412 _____ C:\Users\mein Name\Desktop\bonanza dingens.txt
2013-10-19 13:48 - 2013-10-19 13:48 - 00000117 _____ C:\Windows\system32\netcfg-57688640.txt
2013-10-19 13:36 - 2013-10-19 13:36 - 00000117 _____ C:\Windows\system32\netcfg-56955937.txt
2013-10-19 12:53 - 2013-10-19 12:53 - 00000117 _____ C:\Windows\system32\netcfg-54370953.txt
2013-10-19 01:51 - 2013-10-19 01:51 - 00000117 _____ C:\Windows\system32\netcfg-14639687.txt
2013-10-18 21:41 - 2013-10-18 21:41 - 00000909 _____ C:\Users\mein Name\Desktop\JRT.txt
2013-10-18 21:39 - 2013-10-18 21:39 - 00000000 ____D C:\Windows\ERUNT
2013-10-18 21:36 - 2013-10-18 21:36 - 01033335 _____ (Thisisu) C:\Users\mein Name\Desktop\JRT.exe
2013-10-18 21:30 - 2013-10-18 21:30 - 00001935 _____ C:\Users\mein Name\Desktop\AdwCleaner[S1].txt
2013-10-18 21:12 - 2013-10-18 21:12 - 01050644 _____ C:\Users\mein Name\Desktop\adwcleaner.exe
2013-10-18 21:09 - 2013-10-18 21:10 - 00000000 ____D C:\Users\mein Name\Desktop\erster durchlauf
2013-10-18 20:56 - 2013-10-18 20:56 - 00001115 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-10-18 20:56 - 2013-10-18 20:56 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-18 20:56 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-10-18 20:51 - 2013-10-18 20:51 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\mein Name\Desktop\mbam-setup-1.75.0.1300.exe
2013-10-18 20:04 - 2013-10-18 20:04 - 00000117 _____ C:\Windows\system32\netcfg-82687218.txt
2013-10-18 18:19 - 2013-10-18 18:19 - 00000117 _____ C:\Windows\system32\netcfg-76396171.txt
2013-10-18 17:00 - 2013-10-18 17:00 - 00000117 _____ C:\Windows\system32\netcfg-71628218.txt
2013-10-18 16:33 - 2013-10-18 16:33 - 00000117 _____ C:\Windows\system32\netcfg-70002812.txt
2013-10-18 16:06 - 2013-10-18 16:06 - 00000117 _____ C:\Windows\system32\netcfg-68416562.txt
2013-10-18 16:03 - 2013-10-18 16:03 - 00000117 _____ C:\Windows\system32\netcfg-68218906.txt
2013-10-18 11:52 - 2013-10-18 11:58 - 00000000 ____D C:\Qoobox
2013-10-18 11:52 - 2013-10-18 11:57 - 00000000 ____D C:\Windows\erdnt
2013-10-18 11:52 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-10-18 11:52 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-10-18 11:52 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-10-18 11:52 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-10-18 11:52 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-10-18 11:52 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2013-10-18 11:52 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-10-18 11:52 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-10-18 11:52 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-10-18 11:48 - 2013-10-18 11:48 - 05134711 ____R (Swearware) C:\Users\mein Name\Desktop\ComboFix.exe
2013-10-18 11:38 - 2013-10-18 11:38 - 00000117 _____ C:\Windows\system32\netcfg-52339421.txt
2013-10-18 02:04 - 2013-10-18 02:04 - 00000117 _____ C:\Windows\system32\netcfg-17904453.txt
2013-10-17 21:08 - 2013-10-17 21:08 - 00000117 _____ C:\Windows\system32\netcfg-139281.txt
2013-10-17 20:45 - 2013-10-17 20:45 - 00000117 _____ C:\Windows\system32\netcfg-15628828.txt
2013-10-17 20:29 - 2013-10-17 20:29 - 00377856 _____ C:\Users\mein Name\Desktop\gmer_2.1.19163.exe
2013-10-17 20:21 - 2013-10-17 20:21 - 00000000 ____D C:\FRST
2013-10-17 20:13 - 2013-10-17 20:13 - 00000000 _____ C:\Users\mein Name\defogger_reenable
2013-10-17 20:10 - 2013-10-17 20:10 - 00050477 _____ C:\Users\mein Name\Desktop\Defogger.exe
2013-10-17 20:00 - 2013-10-17 20:00 - 00000117 _____ C:\Windows\system32\netcfg-12919140.txt
2013-10-17 19:31 - 2013-10-17 19:31 - 00000117 _____ C:\Windows\system32\netcfg-11188875.txt
2013-10-17 18:46 - 2013-10-17 22:01 - 00003026 _____ C:\Users\mein Name\Desktop\trojaner board.txt
2013-10-17 18:36 - 2013-10-17 18:36 - 00000117 _____ C:\Windows\system32\netcfg-7862437.txt
2013-10-17 18:36 - 2013-10-17 18:36 - 00000117 _____ C:\Windows\system32\netcfg-7862234.txt
2013-10-17 16:13 - 2013-10-17 16:13 - 00000117 _____ C:\Windows\system32\netcfg-12582312.txt
2013-10-17 16:11 - 2013-10-17 16:11 - 00000117 _____ C:\Windows\system32\netcfg-12431531.txt
2013-10-17 15:26 - 2013-10-17 15:26 - 00000117 _____ C:\Windows\system32\netcfg-9764437.txt
2013-10-17 15:26 - 2013-10-17 15:26 - 00000117 _____ C:\Windows\system32\netcfg-9764000.txt
2013-10-17 12:55 - 2013-10-17 12:55 - 00000000 ____D C:\TMRescueDisk
2013-10-17 12:50 - 2013-10-17 12:50 - 00001429 _____ C:\Users\mein Name\Desktop\Trend Micro Titanium Internet Security.lnk
2013-10-17 12:50 - 2013-10-17 12:50 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security
2013-10-17 12:50 - 2013-09-04 08:24 - 00116264 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmactmon.sys
2013-10-17 12:50 - 2013-09-04 08:22 - 00085424 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmevtmgr.sys
2013-10-17 12:50 - 2013-09-04 08:17 - 00282624 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2013-10-17 12:50 - 2013-07-11 04:39 - 00037904 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmel.sys
2013-10-17 12:50 - 2013-07-08 05:16 - 00103712 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmusa.sys
2013-10-17 12:50 - 2013-07-01 15:08 - 00050976 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\TMEBC64.sys
2013-10-17 12:50 - 2013-06-13 08:35 - 00100640 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmeevw.sys
2013-10-17 12:50 - 2013-05-15 12:23 - 00303392 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmnciesc.sys
2013-10-17 12:49 - 2013-10-17 12:49 - 00003268 _____ C:\Windows\System32\Tasks\Titanium BTC
2013-10-17 12:48 - 2013-10-17 16:26 - 00000000 ____D C:\ProgramData\Trend Micro
2013-10-17 12:48 - 2013-10-17 12:48 - 00000059 _____ C:\Windows\system32\SupportTool.exe.bat
2013-10-17 12:47 - 2013-10-17 12:48 - 00000000 ____D C:\Program Files\Trend Micro
2013-10-17 12:45 - 2013-10-17 12:45 - 00000036 _____ C:\Users\mein Name\AppData\Local\housecall.guid.cache
2013-10-17 12:43 - 2013-10-17 12:43 - 00000000 ____D C:\Users\mein Name\AppData\Local\Trend Micro
2013-10-17 12:37 - 2013-10-17 12:41 - 115016720 _____ (Trend Micro Inc.) C:\Users\Public\Desktop\Trend_Micro.exe
2013-10-17 12:34 - 2013-10-17 12:34 - 06631240 _____ (Trend Micro Inc.) C:\Users\mein Name\Desktop\Titanium_Internet_Security_2014.exe
2013-10-17 12:20 - 2013-10-17 12:20 - 00000117 _____ C:\Windows\system32\netcfg-45127859.txt
2013-10-17 12:01 - 2013-10-17 12:01 - 00000117 _____ C:\Windows\system32\netcfg-44028093.txt
2013-10-17 11:39 - 2013-10-17 11:39 - 00000117 _____ C:\Windows\system32\netcfg-42720328.txt
2013-10-17 11:39 - 2013-10-17 11:39 - 00000117 _____ C:\Windows\system32\netcfg-42698062.txt
2013-10-17 11:39 - 2013-10-17 11:39 - 00000117 _____ C:\Windows\system32\netcfg-42687218.txt
2013-10-17 11:28 - 2013-10-17 11:28 - 00000117 _____ C:\Windows\system32\netcfg-42011015.txt
2013-10-16 23:35 - 2013-10-16 23:35 - 00000115 _____ C:\Users\mein Name\Desktop\igno.txt
2013-10-16 20:31 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-16 20:31 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-16 20:31 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-16 20:31 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-16 20:30 - 2013-10-16 20:31 - 00004278 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-16 20:29 - 2013-10-16 20:29 - 00915368 _____ (Oracle Corporation) C:\Users\mein Name\Desktop\jxpiinstall.exe
2013-10-16 19:48 - 2013-10-16 19:48 - 00000117 _____ C:\Windows\system32\netcfg-18356390.txt
2013-10-16 19:06 - 2013-10-16 19:06 - 00000117 _____ C:\Windows\system32\netcfg-15839953.txt
2013-10-16 18:46 - 2013-10-16 18:46 - 00000117 _____ C:\Windows\system32\netcfg-14612062.txt
2013-10-16 18:35 - 2013-10-16 18:35 - 00000117 _____ C:\Windows\system32\netcfg-13975906.txt
2013-10-16 17:42 - 2013-10-16 17:42 - 00000117 _____ C:\Windows\system32\netcfg-10798078.txt
2013-10-16 17:39 - 2013-10-16 17:39 - 00000117 _____ C:\Windows\system32\netcfg-10600734.txt
2013-10-16 16:51 - 2013-10-16 16:51 - 00000117 _____ C:\Windows\system32\netcfg-7723078.txt
2013-10-16 16:48 - 2013-10-16 16:48 - 00000117 _____ C:\Windows\system32\netcfg-7538093.txt
2013-10-16 15:59 - 2013-10-16 15:59 - 00000117 _____ C:\Windows\system32\netcfg-4630343.txt
2013-10-16 15:59 - 2013-10-16 15:59 - 00000117 _____ C:\Windows\system32\netcfg-4629437.txt
2013-10-16 13:27 - 2013-10-16 13:27 - 00010240 _____ C:\Users\mein Name\Desktop\fahrrad fahren.wps
2013-10-16 11:39 - 2013-10-16 11:39 - 00000117 _____ C:\Windows\system32\netcfg-139965953.txt
2013-10-16 02:20 - 2013-10-16 02:20 - 00000117 _____ C:\Windows\system32\netcfg-106381421.txt
2013-10-15 19:26 - 2013-10-15 19:26 - 00000117 _____ C:\Windows\system32\netcfg-81555171.txt
2013-10-15 19:07 - 2013-10-15 19:07 - 00000117 _____ C:\Windows\system32\netcfg-80413812.txt
2013-10-15 15:56 - 2013-10-15 15:56 - 00000117 _____ C:\Windows\system32\netcfg-68955843.txt
2013-10-15 15:40 - 2013-10-15 15:40 - 00000117 _____ C:\Windows\system32\netcfg-67993203.txt
2013-10-15 14:37 - 2013-10-15 14:37 - 00000117 _____ C:\Windows\system32\netcfg-64215875.txt
2013-10-15 13:26 - 2013-10-15 13:26 - 00000117 _____ C:\Windows\system32\netcfg-59930578.txt
2013-10-15 10:44 - 2013-10-15 10:44 - 00000117 _____ C:\Windows\system32\netcfg-50255078.txt
2013-10-15 10:44 - 2013-10-15 10:44 - 00000117 _____ C:\Windows\system32\netcfg-50253234.txt
2013-10-14 20:47 - 2013-10-19 18:31 - 00005224 _____ C:\Windows\PFRO.log
2013-10-14 20:27 - 2013-10-14 20:29 - 00000000 ____D C:\ProgramData\Adobe
2013-10-14 20:27 - 2013-10-14 20:27 - 00002021 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-10-14 20:27 - 2013-10-14 20:27 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-10-14 20:20 - 2013-10-14 20:20 - 00000000 ____D C:\Windows\Sun
2013-10-14 20:19 - 2013-10-14 20:19 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\UpdaterEX
2013-10-14 20:19 - 2013-10-14 20:19 - 00000000 ____D C:\Users\mein Name\AppData\Local\Google
2013-10-14 20:06 - 2013-10-14 20:06 - 00000117 _____ C:\Windows\system32\netcfg-197544125.txt
2013-10-14 19:42 - 2013-10-14 19:42 - 00000117 _____ C:\Windows\system32\netcfg-196122671.txt
2013-10-14 18:28 - 2013-10-15 10:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-14 16:44 - 2013-10-14 16:44 - 00000117 _____ C:\Windows\system32\netcfg-185445437.txt
2013-10-14 16:13 - 2013-10-14 16:13 - 00000117 _____ C:\Windows\system32\netcfg-183582062.txt
2013-10-14 15:52 - 2013-10-19 18:41 - 00708249 _____ C:\Windows\WindowsUpdate.log
2013-10-14 09:38 - 2013-10-14 09:38 - 00000117 _____ C:\Windows\system32\netcfg-159871250.txt
2013-10-14 02:01 - 2013-10-14 02:01 - 00000117 _____ C:\Windows\system32\netcfg-132414328.txt
2013-10-13 20:27 - 2013-10-13 20:27 - 00009216 _____ C:\Users\mein Name\Desktop\laterne basteln.wps
2013-10-13 19:23 - 2013-10-13 19:23 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Yahoo!
2013-10-13 19:22 - 2013-10-13 19:22 - 00000117 _____ C:\Windows\system32\netcfg-108519484.txt
2013-10-13 19:00 - 2013-10-13 19:00 - 00000117 _____ C:\Windows\system32\netcfg-107204859.txt
2013-10-13 16:16 - 2013-10-13 16:16 - 00000117 _____ C:\Windows\system32\netcfg-97367828.txt
2013-10-13 15:40 - 2013-10-13 15:40 - 00000117 _____ C:\Windows\system32\netcfg-95173625.txt
2013-10-13 12:33 - 2013-10-13 12:33 - 00000117 _____ C:\Windows\system32\netcfg-83950609.txt
2013-10-13 02:40 - 2013-10-13 02:40 - 00000117 _____ C:\Windows\system32\netcfg-48368703.txt
2013-10-12 20:06 - 2013-10-12 20:06 - 00000117 _____ C:\Windows\system32\netcfg-24720421.txt
2013-10-12 17:38 - 2013-10-12 17:38 - 00071550 _____ C:\Users\mein Name\Desktop\cc_20131012_173753.reg
2013-10-12 17:38 - 2013-10-12 17:38 - 00007196 _____ C:\Users\mein Name\Desktop\cc_20131012_173821.reg
2013-10-12 17:38 - 2013-10-12 17:38 - 00000117 _____ C:\Windows\system32\netcfg-15891765.txt
2013-10-12 17:33 - 2013-10-12 17:33 - 00002780 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-10-12 17:33 - 2013-10-12 17:33 - 00000824 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-10-12 17:32 - 2013-10-12 17:33 - 00000000 ____D C:\Program Files\CCleaner
2013-10-12 17:31 - 2013-10-12 17:31 - 03294168 _____ (Piriform Ltd) C:\Users\mein Name\Desktop\ccsetup406_slim.exe
2013-10-12 16:55 - 2013-10-12 16:55 - 00000000 ____D C:\Users\mein Name\Desktop\von stick
2013-10-12 16:51 - 2013-10-12 16:51 - 00001579 _____ C:\Users\mein Name\Desktop\PS - Verknüpfung.lnk
2013-10-12 16:50 - 2013-10-12 16:50 - 00000000 ____D C:\Users\Public\Documents\CyberLink
2013-10-12 16:50 - 2013-10-12 16:50 - 00000000 ____D C:\Users\Public\CyberLink
2013-10-12 16:50 - 2013-10-12 16:50 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\CyberLink
2013-10-11 20:37 - 2013-10-11 20:37 - 00000117 _____ C:\Windows\system32\netcfg-360564218.txt
2013-10-11 20:34 - 2013-10-11 20:34 - 00000117 _____ C:\Windows\system32\netcfg-360358000.txt
2013-10-11 19:51 - 2013-10-11 19:51 - 00000117 _____ C:\Windows\system32\netcfg-357810250.txt
2013-10-11 19:44 - 2013-10-11 19:44 - 00000117 _____ C:\Windows\system32\netcfg-357392078.txt
2013-10-11 17:49 - 2013-10-11 17:49 - 00000117 _____ C:\Windows\system32\netcfg-350465515.txt
2013-10-11 17:34 - 2013-10-11 17:34 - 00000117 _____ C:\Windows\system32\netcfg-349605890.txt
2013-10-11 13:10 - 2013-10-11 13:10 - 00000117 _____ C:\Windows\system32\netcfg-333730328.txt
2013-10-11 13:10 - 2013-10-11 13:10 - 00000117 _____ C:\Windows\system32\netcfg-333729484.txt
2013-10-10 21:07 - 2013-10-10 21:07 - 00000117 _____ C:\Windows\system32\netcfg-275984031.txt
2013-10-10 21:06 - 2013-10-10 21:06 - 00000117 _____ C:\Windows\system32\netcfg-275911203.txt
2013-10-10 20:12 - 2013-10-10 20:12 - 00000117 _____ C:\Windows\system32\netcfg-272673031.txt
2013-10-10 19:39 - 2013-10-10 19:39 - 00000117 _____ C:\Windows\system32\netcfg-270674671.txt
2013-10-10 18:16 - 2013-10-10 18:16 - 00000117 _____ C:\Windows\system32\netcfg-265728343.txt
2013-10-10 16:20 - 2013-10-10 16:20 - 00000117 _____ C:\Windows\system32\netcfg-258740062.txt
2013-10-10 11:43 - 2013-10-10 11:43 - 00000117 _____ C:\Windows\system32\netcfg-242127203.txt
2013-10-10 02:29 - 2013-10-10 02:29 - 00000117 _____ C:\Windows\system32\netcfg-208915015.txt
2013-10-09 20:17 - 2013-10-09 20:17 - 00000117 _____ C:\Windows\system32\netcfg-186591750.txt
2013-10-09 18:46 - 2013-10-09 18:46 - 00000117 _____ C:\Windows\system32\netcfg-181124921.txt
2013-10-09 18:08 - 2013-10-09 18:08 - 00000117 _____ C:\Windows\system32\netcfg-178847390.txt
2013-10-09 17:03 - 2013-10-09 17:03 - 00000117 _____ C:\Windows\system32\netcfg-174927609.txt
2013-10-09 16:32 - 2013-10-09 16:32 - 00000117 _____ C:\Windows\system32\netcfg-173074687.txt
2013-10-09 16:26 - 2013-10-09 16:26 - 00000117 _____ C:\Windows\system32\netcfg-172735734.txt
2013-10-09 15:41 - 2013-10-09 15:41 - 00000146 _____ C:\Users\mein Name\Desktop\Windows Defender - Verknüpfung.lnk
2013-10-09 13:23 - 2013-10-09 13:23 - 00002771 _____ C:\Users\mein Name\Desktop\Citrus.txt
2013-10-09 11:59 - 2013-10-09 11:59 - 00000117 _____ C:\Windows\system32\netcfg-156687515.txt
2013-10-09 03:09 - 2013-10-09 03:09 - 00000117 _____ C:\Windows\system32\netcfg-124885515.txt
2013-10-08 21:10 - 2013-10-08 21:10 - 00000117 _____ C:\Windows\system32\netcfg-103343062.txt
2013-10-08 21:03 - 2013-10-08 21:03 - 00000117 _____ C:\Windows\system32\netcfg-102917531.txt
2013-10-08 20:11 - 2013-10-08 20:11 - 00000117 _____ C:\Windows\system32\netcfg-99830078.txt
2013-10-08 19:44 - 2013-10-08 19:44 - 00000117 _____ C:\Windows\system32\netcfg-98209328.txt
2013-10-08 17:44 - 2013-10-14 20:24 - 00000000 ____D C:\ProgramData\Yahoo!
2013-10-08 17:44 - 2013-10-08 17:44 - 00001143 _____ C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2013-10-08 17:42 - 2013-10-14 20:24 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2013-10-08 17:29 - 2013-10-08 17:29 - 00000117 _____ C:\Windows\system32\netcfg-90112281.txt
2013-10-08 17:21 - 2013-10-08 17:21 - 00000117 _____ C:\Windows\system32\netcfg-89583859.txt
2013-10-08 15:19 - 2013-10-08 15:19 - 00000117 _____ C:\Windows\system32\netcfg-82270359.txt
2013-10-08 13:43 - 2013-10-08 13:43 - 00000117 _____ C:\Windows\system32\netcfg-76551343.txt
2013-10-08 11:36 - 2013-10-08 11:36 - 00001920 _____ C:\Users\mein Name\Desktop\beckenboden.txt
2013-10-08 11:01 - 2013-10-08 11:01 - 00000117 _____ C:\Windows\system32\netcfg-66818187.txt
2013-10-08 02:42 - 2013-10-08 02:42 - 00000117 _____ C:\Windows\system32\netcfg-36863578.txt
2013-10-07 20:16 - 2013-10-07 20:16 - 00000117 _____ C:\Windows\system32\netcfg-13684281.txt
2013-10-07 18:48 - 2013-10-18 15:19 - 00001206 _____ C:\Users\mein Name\AppData\Roaming\wklnhst.dat
2013-10-07 18:48 - 2013-10-07 18:48 - 00001173 _____ C:\Users\mein Name\Desktop\Microsoft Works.LNK
2013-10-07 18:48 - 2013-10-07 18:48 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Template
2013-10-07 18:39 - 2013-10-07 18:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-10-07 18:36 - 2013-10-07 18:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2013-10-07 18:23 - 2013-10-07 18:23 - 00000117 _____ C:\Windows\system32\netcfg-6917859.txt
2013-10-07 17:40 - 2013-10-07 17:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-07 17:28 - 2013-10-16 20:31 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-07 17:21 - 2013-10-07 17:21 - 00000117 _____ C:\Windows\system32\netcfg-3235453.txt
2013-10-07 17:19 - 2013-10-07 17:19 - 00000117 _____ C:\Windows\system32\netcfg-3122375.txt
2013-10-07 17:17 - 2013-10-07 17:17 - 00000117 _____ C:\Windows\system32\netcfg-2989796.txt
2013-10-07 17:16 - 2013-10-07 17:16 - 00000117 _____ C:\Windows\system32\netcfg-2906203.txt
2013-10-07 17:15 - 2013-10-07 17:15 - 00000117 _____ C:\Windows\system32\netcfg-2872484.txt
2013-10-07 17:11 - 2013-10-07 17:11 - 00001153 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-07 17:11 - 2013-10-07 17:11 - 00000117 _____ C:\Windows\system32\netcfg-2589859.txt
2013-10-07 17:11 - 2013-10-07 17:11 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Mozilla
2013-10-07 16:33 - 2013-10-07 16:33 - 00000117 _____ C:\Windows\system32\netcfg-323750.txt
2013-10-07 16:33 - 2013-10-07 16:33 - 00000117 _____ C:\Windows\system32\netcfg-323734.txt
2013-10-07 16:33 - 2013-10-07 16:33 - 00000117 _____ C:\Windows\system32\netcfg-317734.txt
2013-10-07 16:27 - 2013-10-07 16:27 - 00000117 _____ C:\Windows\system32\netcfg-1062062.txt
2013-10-07 16:21 - 2013-10-07 16:21 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\hpqLog
2013-10-07 16:15 - 2013-10-07 16:16 - 00000117 _____ C:\Windows\system32\netcfg-354828.txt
2013-10-07 16:12 - 2013-10-07 16:12 - 00000000 ____D C:\ProgramData\Simply Super Software
2013-10-07 16:10 - 2013-10-07 16:10 - 00000117 _____ C:\Windows\system32\netcfg-27484.txt
2013-10-07 16:06 - 2013-05-02 17:29 - 00278800 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-10-07 15:08 - 2013-10-07 15:08 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Malwarebytes
2013-10-07 15:08 - 2013-10-07 15:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-07 15:06 - 2013-10-07 15:06 - 00000117 _____ C:\Windows\system32\netcfg-5651812.txt
2013-10-07 15:06 - 2013-10-07 15:06 - 00000117 _____ C:\Windows\system32\netcfg-5651515.txt
2013-10-07 13:25 - 2013-10-07 13:25 - 00000117 _____ C:\Windows\system32\netcfg-80359.txt
2013-10-07 13:25 - 2013-10-07 13:25 - 00000117 _____ C:\Windows\system32\netcfg-79609.txt
2013-10-07 12:50 - 2013-10-18 21:28 - 00000000 ____D C:\AdwCleaner
2013-10-07 12:47 - 2013-10-07 12:47 - 01045226 _____ C:\Users\mein Name\Desktop\adwcleaner_3.0.0.6.exe
2013-10-07 11:40 - 2013-10-07 11:40 - 00000117 _____ C:\Windows\system32\netcfg-135726031.txt
2013-10-07 01:49 - 2013-10-07 01:49 - 00000117 _____ C:\Windows\system32\netcfg-100287125.txt
2013-10-06 20:14 - 2013-10-06 20:14 - 00000117 _____ C:\Windows\system32\netcfg-80143484.txt
2013-10-06 19:13 - 2013-10-06 19:13 - 00000117 _____ C:\Windows\system32\netcfg-76489531.txt
2013-10-06 17:16 - 2013-10-06 17:16 - 00000117 _____ C:\Windows\system32\netcfg-69504921.txt
2013-10-06 15:43 - 2013-10-06 15:43 - 00000117 _____ C:\Windows\system32\netcfg-63923812.txt
2013-10-06 15:19 - 2013-10-06 15:19 - 00000117 _____ C:\Windows\system32\netcfg-62479484.txt
2013-10-06 15:05 - 2013-10-06 15:05 - 00000117 _____ C:\Windows\system32\netcfg-61607500.txt
2013-10-06 14:27 - 2013-10-16 13:31 - 00001378 _____ C:\Users\mein Name\Desktop\gangschaltung.txt
2013-10-06 14:05 - 2013-10-06 14:05 - 00000117 _____ C:\Windows\system32\netcfg-58040500.txt
2013-10-06 14:05 - 2013-10-06 14:05 - 00000117 _____ C:\Windows\system32\netcfg-58039734.txt
2013-10-06 12:11 - 2013-10-06 12:11 - 00000117 _____ C:\Windows\system32\netcfg-51167828.txt
2013-10-06 12:11 - 2013-10-06 12:11 - 00000117 _____ C:\Windows\system32\netcfg-51167468.txt
2013-10-06 00:49 - 2013-10-06 00:49 - 00000000 ____D C:\ProgramData\Recovery
2013-10-05 21:52 - 2013-10-05 21:52 - 00000936 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2013-10-05 21:52 - 2013-10-05 21:52 - 00000000 ____D C:\Program Files (x86)\epson
2013-10-05 21:52 - 2006-10-13 00:00 - 00093184 _____ (SEIKO EPSON CORP.) C:\Windows\system32\esxcwiad.dll
2013-10-05 21:45 - 2013-10-13 17:38 - 00000000 ____D C:\Users\mein Name\AppData\Local\Thunderbird
2013-10-05 21:45 - 2013-10-05 21:45 - 00002092 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2013-10-05 21:45 - 2013-10-05 21:45 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Thunderbird
2013-10-05 21:40 - 2013-10-16 20:33 - 00000000 ____D C:\ProgramData\Oracle
2013-10-05 21:40 - 2013-10-05 21:40 - 00000000 ____D C:\ProgramData\Sun
2013-10-05 21:36 - 2013-10-05 21:36 - 00000000 ____D C:\Users\mein Name\AppData\Local\Macromedia
2013-10-05 21:34 - 2013-10-14 20:28 - 00000000 ____D C:\Users\mein Name\AppData\Local\Adobe
2013-10-05 21:12 - 2013-10-16 14:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-05 21:12 - 2013-10-05 21:15 - 00000000 ____D C:\Users\mein Name\AppData\Local\Mozilla
2013-10-05 21:12 - 2013-10-05 21:12 - 00000000 ____D C:\ProgramData\Mozilla
2013-10-05 21:10 - 2013-10-05 21:10 - 00001008 _____ C:\Users\mein Name\Desktop\IrfanView.lnk
2013-10-05 21:10 - 2013-10-05 21:10 - 00000000 ____D C:\Program Files (x86)\IrfanView
2013-10-05 21:03 - 2013-10-05 21:03 - 00000117 _____ C:\Windows\system32\netcfg-15950734.txt
2013-10-05 20:10 - 2013-10-05 20:10 - 00000117 _____ C:\Windows\system32\netcfg-12765281.txt
2013-10-05 19:23 - 2013-10-05 19:23 - 00000117 _____ C:\Windows\system32\netcfg-9918046.txt
2013-10-05 18:08 - 2013-10-05 18:08 - 00000117 _____ C:\Windows\system32\netcfg-5405031.txt
2013-10-05 17:16 - 2013-10-05 17:16 - 00000000 ____D C:\sources
2013-10-05 16:58 - 2013-10-05 16:58 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Macromedia
2013-10-05 16:45 - 2013-10-05 16:45 - 00000117 _____ C:\Windows\system32\netcfg-477953.txt
2013-10-05 16:45 - 2013-10-05 16:45 - 00000117 _____ C:\Windows\system32\netcfg-477921.txt
2013-10-05 16:45 - 2013-10-05 16:45 - 00000117 _____ C:\Windows\system32\netcfg-477734.txt
2013-10-05 16:45 - 2013-10-05 16:45 - 00000117 _____ C:\Windows\system32\netcfg-474468.txt
2013-10-05 16:36 - 2013-10-18 13:06 - 00057344 _____ C:\Users\mein Name\Desktop\Zitrus - Kontroll-Notizen.wps
2013-10-05 16:36 - 2013-10-17 22:54 - 00000540 _____ C:\Users\mein Name\Desktop\rest.txt
2013-10-05 16:36 - 2013-09-18 23:36 - 00002738 _____ C:\Users\mein Name\Desktop\nicks.txt
2013-10-05 16:35 - 2013-10-11 16:00 - 00031232 _____ C:\Users\mein Name\Desktop\mobile.wps
2013-10-05 16:30 - 2013-10-05 16:30 - 00000000 ____D C:\Users\mein Name\AppData\Local\Hewlett-Packard
2013-10-05 16:02 - 2013-10-05 16:02 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-10-05 15:14 - 2013-10-14 21:16 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4071608636-3666989274-3695306699-1001
2013-10-05 15:09 - 2013-10-14 20:28 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Adobe
2013-10-05 15:09 - 2013-10-05 15:09 - 00001444 _____ C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-05 15:09 - 2013-10-05 15:09 - 00000000 __RSH C:\Windows\SysWOW64\Drivers\103C_HP_cPC_p6-2321eg_Y53316J_0U_QCZC2438N3V_E12CE3RR8605_4A_I2ADA_SFoxconn_V1.00_B8.09_T120928_W8101-0_L407_M8146_J500_7Intel_86A9_93.30_#121027_N10EC8168_Z_G10DE1049_Ohp CDDVDW SH-216BB_DSAM037B.MRK
2013-10-05 15:09 - 2013-10-05 15:09 - 00000000 __RSH C:\Windows\system32\Drivers\103C_HP_cPC_p6-2321eg_Y53316J_0U_QCZC2438N3V_E12CE3RR8605_4A_I2ADA_SFoxconn_V1.00_B8.09_T120928_W8101-0_L407_M8146_J500_7Intel_86A9_93.30_#121027_N10EC8168_Z_G10DE1049_Ohp CDDVDW SH-216BB_DSAM037B.MRK
2013-10-05 15:09 - 2013-10-05 15:09 - 00000000 ___RD C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-05 15:09 - 2013-10-05 15:09 - 00000000 ___RD C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-05 15:09 - 2013-10-05 15:09 - 00000000 ____D C:\Users\mein Name\AppData\Local\Power2Go8
2013-10-05 15:09 - 2012-10-27 03:30 - 00002217 _____ C:\Users\Public\Desktop\Snapfish Fotos.lnk
2013-10-05 15:08 - 2013-10-07 16:21 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Hewlett-Packard
2013-10-05 15:07 - 2013-10-17 20:13 - 00000000 ____D C:\Users\mein Name
2013-10-05 15:07 - 2013-10-07 18:48 - 00000000 ____D C:\Users\mein Name\AppData\Local\VirtualStore
2013-10-05 15:07 - 2013-10-05 15:33 - 00000000 ____D C:\Users\mein Name\AppData\Local\Packages
2013-10-05 15:07 - 2013-10-05 15:07 - 00000020 ___SH C:\Users\mein Name\ntuser.ini
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Vorlagen
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Startmenü
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Netzwerkumgebung
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Lokale Einstellungen
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Eigene Dateien
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Druckumgebung
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Documents\Eigene Musik
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Documents\Eigene Bilder
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\AppData\Local\Verlauf
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\AppData\Local\Anwendungsdaten
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Anwendungsdaten
2013-10-05 15:07 - 2012-10-27 03:16 - 00000000 ___HD C:\Users\mein Name\Documents\hp.system.package.metadata
2013-10-05 15:07 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-10-05 15:07 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-05 15:07 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-10-05 15:07 - 2012-07-26 10:13 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Programme
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Dokumente und Einstellungen
==================== One Month Modified Files and Folders =======
2013-10-19 18:49 - 2013-10-19 18:49 - 01954548 _____ (Farbar) C:\Users\mein Name\Desktop\FRST64.exe
2013-10-19 18:41 - 2013-10-14 15:52 - 00708249 _____ C:\Windows\WindowsUpdate.log
2013-10-19 18:33 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-10-19 18:31 - 2013-10-14 20:47 - 00005224 _____ C:\Windows\PFRO.log
2013-10-19 18:31 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-19 18:26 - 2013-10-19 18:26 - 00000938 _____ C:\Users\mein Name\Desktop\checkup.txt
2013-10-19 18:22 - 2013-10-19 18:22 - 00891167 _____ C:\Users\mein Name\Desktop\SecurityCheck.exe
2013-10-19 18:17 - 2013-10-19 18:17 - 00000117 _____ C:\Windows\system32\netcfg-8169078.txt
2013-10-19 18:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-10-19 17:12 - 2013-10-19 17:12 - 00000117 _____ C:\Windows\system32\netcfg-4243156.txt
2013-10-19 16:07 - 2013-10-19 16:07 - 02347384 _____ (ESET) C:\Users\mein Name\Desktop\esetsmartinstaller_enu.exe
2013-10-19 14:00 - 2013-10-19 14:00 - 00006412 _____ C:\Users\mein Name\Desktop\bonanza dingens.txt
2013-10-19 13:48 - 2013-10-19 13:48 - 00000117 _____ C:\Windows\system32\netcfg-57688640.txt
2013-10-19 13:36 - 2013-10-19 13:36 - 00000117 _____ C:\Windows\system32\netcfg-56955937.txt
2013-10-19 12:53 - 2013-10-19 12:53 - 00000117 _____ C:\Windows\system32\netcfg-54370953.txt
2013-10-19 01:51 - 2013-10-19 01:51 - 00000117 _____ C:\Windows\system32\netcfg-14639687.txt
2013-10-18 21:41 - 2013-10-18 21:41 - 00000909 _____ C:\Users\mein Name\Desktop\JRT.txt
2013-10-18 21:39 - 2013-10-18 21:39 - 00000000 ____D C:\Windows\ERUNT
2013-10-18 21:36 - 2013-10-18 21:36 - 01033335 _____ (Thisisu) C:\Users\mein Name\Desktop\JRT.exe
2013-10-18 21:30 - 2013-10-18 21:30 - 00001935 _____ C:\Users\mein Name\Desktop\AdwCleaner[S1].txt
2013-10-18 21:28 - 2013-10-07 12:50 - 00000000 ____D C:\AdwCleaner
2013-10-18 21:12 - 2013-10-18 21:12 - 01050644 _____ C:\Users\mein Name\Desktop\adwcleaner.exe
2013-10-18 21:10 - 2013-10-18 21:09 - 00000000 ____D C:\Users\mein Name\Desktop\erster durchlauf
2013-10-18 20:56 - 2013-10-18 20:56 - 00001115 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-10-18 20:56 - 2013-10-18 20:56 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-18 20:51 - 2013-10-18 20:51 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\mein Name\Desktop\mbam-setup-1.75.0.1300.exe
2013-10-18 20:04 - 2013-10-18 20:04 - 00000117 _____ C:\Windows\system32\netcfg-82687218.txt
2013-10-18 18:19 - 2013-10-18 18:19 - 00000117 _____ C:\Windows\system32\netcfg-76396171.txt
2013-10-18 17:00 - 2013-10-18 17:00 - 00000117 _____ C:\Windows\system32\netcfg-71628218.txt
2013-10-18 16:33 - 2013-10-18 16:33 - 00000117 _____ C:\Windows\system32\netcfg-70002812.txt
2013-10-18 16:06 - 2013-10-18 16:06 - 00000117 _____ C:\Windows\system32\netcfg-68416562.txt
2013-10-18 16:03 - 2013-10-18 16:03 - 00000117 _____ C:\Windows\system32\netcfg-68218906.txt
2013-10-18 15:19 - 2013-10-07 18:48 - 00001206 _____ C:\Users\mein Name\AppData\Roaming\wklnhst.dat
2013-10-18 15:19 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-10-18 13:22 - 2012-10-27 12:06 - 00745562 _____ C:\Windows\system32\perfh007.dat
2013-10-18 13:22 - 2012-10-27 12:06 - 00169488 _____ C:\Windows\system32\perfc007.dat
2013-10-18 13:22 - 2012-07-26 09:28 - 01752656 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-18 13:06 - 2013-10-05 16:36 - 00057344 _____ C:\Users\mein Name\Desktop\Zitrus - Kontroll-Notizen.wps
2013-10-18 11:58 - 2013-10-18 11:52 - 00000000 ____D C:\Qoobox
2013-10-18 11:58 - 2012-07-26 07:37 - 00000000 __RHD C:\Users\Default
2013-10-18 11:57 - 2013-10-18 11:52 - 00000000 ____D C:\Windows\erdnt
2013-10-18 11:57 - 2012-07-26 07:26 - 00000215 _____ C:\Windows\system.ini
2013-10-18 11:48 - 2013-10-18 11:48 - 05134711 ____R (Swearware) C:\Users\mein Name\Desktop\ComboFix.exe
2013-10-18 11:38 - 2013-10-18 11:38 - 00000117 _____ C:\Windows\system32\netcfg-52339421.txt
2013-10-18 02:04 - 2013-10-18 02:04 - 00000117 _____ C:\Windows\system32\netcfg-17904453.txt
2013-10-17 22:54 - 2013-10-05 16:36 - 00000540 _____ C:\Users\mein Name\Desktop\rest.txt
2013-10-17 22:01 - 2013-10-17 18:46 - 00003026 _____ C:\Users\mein Name\Desktop\trojaner board.txt
2013-10-17 21:08 - 2013-10-17 21:08 - 00000117 _____ C:\Windows\system32\netcfg-139281.txt
2013-10-17 20:45 - 2013-10-17 20:45 - 00000117 _____ C:\Windows\system32\netcfg-15628828.txt
2013-10-17 20:29 - 2013-10-17 20:29 - 00377856 _____ C:\Users\mein Name\Desktop\gmer_2.1.19163.exe
2013-10-17 20:21 - 2013-10-17 20:21 - 00000000 ____D C:\FRST
2013-10-17 20:13 - 2013-10-17 20:13 - 00000000 _____ C:\Users\mein Name\defogger_reenable
2013-10-17 20:13 - 2013-10-05 15:07 - 00000000 ____D C:\Users\mein Name
2013-10-17 20:10 - 2013-10-17 20:10 - 00050477 _____ C:\Users\mein Name\Desktop\Defogger.exe
2013-10-17 20:00 - 2013-10-17 20:00 - 00000117 _____ C:\Windows\system32\netcfg-12919140.txt
2013-10-17 19:31 - 2013-10-17 19:31 - 00000117 _____ C:\Windows\system32\netcfg-11188875.txt
2013-10-17 18:36 - 2013-10-17 18:36 - 00000117 _____ C:\Windows\system32\netcfg-7862437.txt
2013-10-17 18:36 - 2013-10-17 18:36 - 00000117 _____ C:\Windows\system32\netcfg-7862234.txt
2013-10-17 16:26 - 2013-10-17 12:48 - 00000000 ____D C:\ProgramData\Trend Micro
2013-10-17 16:13 - 2013-10-17 16:13 - 00000117 _____ C:\Windows\system32\netcfg-12582312.txt
2013-10-17 16:11 - 2013-10-17 16:11 - 00000117 _____ C:\Windows\system32\netcfg-12431531.txt
2013-10-17 15:26 - 2013-10-17 15:26 - 00000117 _____ C:\Windows\system32\netcfg-9764437.txt
2013-10-17 15:26 - 2013-10-17 15:26 - 00000117 _____ C:\Windows\system32\netcfg-9764000.txt
2013-10-17 12:55 - 2013-10-17 12:55 - 00000000 ____D C:\TMRescueDisk
2013-10-17 12:50 - 2013-10-17 12:50 - 00001429 _____ C:\Users\mein Name\Desktop\Trend Micro Titanium Internet Security.lnk
2013-10-17 12:50 - 2013-10-17 12:50 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security
2013-10-17 12:50 - 2012-07-26 10:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-10-17 12:49 - 2013-10-17 12:49 - 00003268 _____ C:\Windows\System32\Tasks\Titanium BTC
2013-10-17 12:48 - 2013-10-17 12:48 - 00000059 _____ C:\Windows\system32\SupportTool.exe.bat
2013-10-17 12:48 - 2013-10-17 12:47 - 00000000 ____D C:\Program Files\Trend Micro
2013-10-17 12:45 - 2013-10-17 12:45 - 00000036 _____ C:\Users\mein Name\AppData\Local\housecall.guid.cache
2013-10-17 12:43 - 2013-10-17 12:43 - 00000000 ____D C:\Users\mein Name\AppData\Local\Trend Micro
2013-10-17 12:41 - 2013-10-17 12:37 - 115016720 _____ (Trend Micro Inc.) C:\Users\Public\Desktop\Trend_Micro.exe
2013-10-17 12:34 - 2013-10-17 12:34 - 06631240 _____ (Trend Micro Inc.) C:\Users\mein Name\Desktop\Titanium_Internet_Security_2014.exe
2013-10-17 12:20 - 2013-10-17 12:20 - 00000117 _____ C:\Windows\system32\netcfg-45127859.txt
2013-10-17 12:01 - 2013-10-17 12:01 - 00000117 _____ C:\Windows\system32\netcfg-44028093.txt
2013-10-17 11:39 - 2013-10-17 11:39 - 00000117 _____ C:\Windows\system32\netcfg-42720328.txt
2013-10-17 11:39 - 2013-10-17 11:39 - 00000117 _____ C:\Windows\system32\netcfg-42698062.txt
2013-10-17 11:39 - 2013-10-17 11:39 - 00000117 _____ C:\Windows\system32\netcfg-42687218.txt
2013-10-17 11:28 - 2013-10-17 11:28 - 00000117 _____ C:\Windows\system32\netcfg-42011015.txt
2013-10-16 23:35 - 2013-10-16 23:35 - 00000115 _____ C:\Users\mein Name\Desktop\igno.txt
2013-10-16 21:03 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\LiveKernelReports
2013-10-16 20:33 - 2013-10-05 21:40 - 00000000 ____D C:\ProgramData\Oracle
2013-10-16 20:31 - 2013-10-16 20:30 - 00004278 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-16 20:31 - 2013-10-07 17:28 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-16 20:29 - 2013-10-16 20:29 - 00915368 _____ (Oracle Corporation) C:\Users\mein Name\Desktop\jxpiinstall.exe
2013-10-16 19:48 - 2013-10-16 19:48 - 00000117 _____ C:\Windows\system32\netcfg-18356390.txt
2013-10-16 19:06 - 2013-10-16 19:06 - 00000117 _____ C:\Windows\system32\netcfg-15839953.txt
2013-10-16 18:46 - 2013-10-16 18:46 - 00000117 _____ C:\Windows\system32\netcfg-14612062.txt
2013-10-16 18:35 - 2013-10-16 18:35 - 00000117 _____ C:\Windows\system32\netcfg-13975906.txt
2013-10-16 17:42 - 2013-10-16 17:42 - 00000117 _____ C:\Windows\system32\netcfg-10798078.txt
2013-10-16 17:39 - 2013-10-16 17:39 - 00000117 _____ C:\Windows\system32\netcfg-10600734.txt
2013-10-16 16:51 - 2013-10-16 16:51 - 00000117 _____ C:\Windows\system32\netcfg-7723078.txt
2013-10-16 16:48 - 2013-10-16 16:48 - 00000117 _____ C:\Windows\system32\netcfg-7538093.txt
2013-10-16 15:59 - 2013-10-16 15:59 - 00000117 _____ C:\Windows\system32\netcfg-4630343.txt
2013-10-16 15:59 - 2013-10-16 15:59 - 00000117 _____ C:\Windows\system32\netcfg-4629437.txt
2013-10-16 14:42 - 2013-10-05 21:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-16 14:42 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-10-16 13:31 - 2013-10-06 14:27 - 00001378 _____ C:\Users\mein Name\Desktop\gangschaltung.txt
2013-10-16 13:27 - 2013-10-16 13:27 - 00010240 _____ C:\Users\mein Name\Desktop\fahrrad fahren.wps
2013-10-16 11:39 - 2013-10-16 11:39 - 00000117 _____ C:\Windows\system32\netcfg-139965953.txt
2013-10-16 02:20 - 2013-10-16 02:20 - 00000117 _____ C:\Windows\system32\netcfg-106381421.txt
2013-10-15 19:26 - 2013-10-15 19:26 - 00000117 _____ C:\Windows\system32\netcfg-81555171.txt
2013-10-15 19:07 - 2013-10-15 19:07 - 00000117 _____ C:\Windows\system32\netcfg-80413812.txt
2013-10-15 15:56 - 2013-10-15 15:56 - 00000117 _____ C:\Windows\system32\netcfg-68955843.txt
2013-10-15 15:40 - 2013-10-15 15:40 - 00000117 _____ C:\Windows\system32\netcfg-67993203.txt
2013-10-15 14:37 - 2013-10-15 14:37 - 00000117 _____ C:\Windows\system32\netcfg-64215875.txt
2013-10-15 13:26 - 2013-10-15 13:26 - 00000117 _____ C:\Windows\system32\netcfg-59930578.txt
2013-10-15 10:47 - 2013-10-14 18:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-15 10:44 - 2013-10-15 10:44 - 00000117 _____ C:\Windows\system32\netcfg-50255078.txt
2013-10-15 10:44 - 2013-10-15 10:44 - 00000117 _____ C:\Windows\system32\netcfg-50253234.txt
2013-10-14 21:16 - 2013-10-05 15:14 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4071608636-3666989274-3695306699-1001
2013-10-14 20:29 - 2013-10-14 20:27 - 00000000 ____D C:\ProgramData\Adobe
2013-10-14 20:28 - 2013-10-05 21:34 - 00000000 ____D C:\Users\mein Name\AppData\Local\Adobe
2013-10-14 20:28 - 2013-10-05 15:09 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Adobe
2013-10-14 20:27 - 2013-10-14 20:27 - 00002021 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-10-14 20:27 - 2013-10-14 20:27 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-10-14 20:24 - 2013-10-08 17:44 - 00000000 ____D C:\ProgramData\Yahoo!
2013-10-14 20:24 - 2013-10-08 17:42 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2013-10-14 20:20 - 2013-10-14 20:20 - 00000000 ____D C:\Windows\Sun
2013-10-14 20:19 - 2013-10-14 20:19 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\UpdaterEX
2013-10-14 20:19 - 2013-10-14 20:19 - 00000000 ____D C:\Users\mein Name\AppData\Local\Google
2013-10-14 20:06 - 2013-10-14 20:06 - 00000117 _____ C:\Windows\system32\netcfg-197544125.txt
2013-10-14 19:42 - 2013-10-14 19:42 - 00000117 _____ C:\Windows\system32\netcfg-196122671.txt
2013-10-14 16:44 - 2013-10-14 16:44 - 00000117 _____ C:\Windows\system32\netcfg-185445437.txt
2013-10-14 16:13 - 2013-10-14 16:13 - 00000117 _____ C:\Windows\system32\netcfg-183582062.txt
2013-10-14 09:38 - 2013-10-14 09:38 - 00000117 _____ C:\Windows\system32\netcfg-159871250.txt
2013-10-14 02:01 - 2013-10-14 02:01 - 00000117 _____ C:\Windows\system32\netcfg-132414328.txt
2013-10-13 20:27 - 2013-10-13 20:27 - 00009216 _____ C:\Users\mein Name\Desktop\laterne basteln.wps
2013-10-13 19:23 - 2013-10-13 19:23 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Yahoo!
2013-10-13 19:22 - 2013-10-13 19:22 - 00000117 _____ C:\Windows\system32\netcfg-108519484.txt
2013-10-13 19:00 - 2013-10-13 19:00 - 00000117 _____ C:\Windows\system32\netcfg-107204859.txt
2013-10-13 17:38 - 2013-10-05 21:45 - 00000000 ____D C:\Users\mein Name\AppData\Local\Thunderbird
2013-10-13 17:01 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF
2013-10-13 16:16 - 2013-10-13 16:16 - 00000117 _____ C:\Windows\system32\netcfg-97367828.txt
2013-10-13 15:40 - 2013-10-13 15:40 - 00000117 _____ C:\Windows\system32\netcfg-95173625.txt
2013-10-13 12:33 - 2013-10-13 12:33 - 00000117 _____ C:\Windows\system32\netcfg-83950609.txt
2013-10-13 02:40 - 2013-10-13 02:40 - 00000117 _____ C:\Windows\system32\netcfg-48368703.txt
2013-10-12 20:06 - 2013-10-12 20:06 - 00000117 _____ C:\Windows\system32\netcfg-24720421.txt
2013-10-12 17:38 - 2013-10-12 17:38 - 00071550 _____ C:\Users\mein Name\Desktop\cc_20131012_173753.reg
2013-10-12 17:38 - 2013-10-12 17:38 - 00007196 _____ C:\Users\mein Name\Desktop\cc_20131012_173821.reg
2013-10-12 17:38 - 2013-10-12 17:38 - 00000117 _____ C:\Windows\system32\netcfg-15891765.txt
2013-10-12 17:35 - 2012-08-02 04:02 - 00000000 ____D C:\Windows\Panther
2013-10-12 17:33 - 2013-10-12 17:33 - 00002780 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-10-12 17:33 - 2013-10-12 17:33 - 00000824 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-10-12 17:33 - 2013-10-12 17:32 - 00000000 ____D C:\Program Files\CCleaner
2013-10-12 17:31 - 2013-10-12 17:31 - 03294168 _____ (Piriform Ltd) C:\Users\mein Name\Desktop\ccsetup406_slim.exe
2013-10-12 16:57 - 2012-10-27 03:22 - 00000000 ____D C:\ProgramData\CyberLink
2013-10-12 16:55 - 2013-10-12 16:55 - 00000000 ____D C:\Users\mein Name\Desktop\von stick
2013-10-12 16:51 - 2013-10-12 16:51 - 00001579 _____ C:\Users\mein Name\Desktop\PS - Verknüpfung.lnk
2013-10-12 16:50 - 2013-10-12 16:50 - 00000000 ____D C:\Users\Public\Documents\CyberLink
2013-10-12 16:50 - 2013-10-12 16:50 - 00000000 ____D C:\Users\Public\CyberLink
2013-10-12 16:50 - 2013-10-12 16:50 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\CyberLink
2013-10-12 13:14 - 2012-07-26 09:19 - 00339760 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-11 20:37 - 2013-10-11 20:37 - 00000117 _____ C:\Windows\system32\netcfg-360564218.txt
2013-10-11 20:34 - 2013-10-11 20:34 - 00000117 _____ C:\Windows\system32\netcfg-360358000.txt
2013-10-11 19:51 - 2013-10-11 19:51 - 00000117 _____ C:\Windows\system32\netcfg-357810250.txt
2013-10-11 19:44 - 2013-10-11 19:44 - 00000117 _____ C:\Windows\system32\netcfg-357392078.txt
2013-10-11 17:49 - 2013-10-11 17:49 - 00000117 _____ C:\Windows\system32\netcfg-350465515.txt
2013-10-11 17:34 - 2013-10-11 17:34 - 00000117 _____ C:\Windows\system32\netcfg-349605890.txt
2013-10-11 16:00 - 2013-10-05 16:35 - 00031232 _____ C:\Users\mein Name\Desktop\mobile.wps
2013-10-11 13:10 - 2013-10-11 13:10 - 00000117 _____ C:\Windows\system32\netcfg-333730328.txt
2013-10-11 13:10 - 2013-10-11 13:10 - 00000117 _____ C:\Windows\system32\netcfg-333729484.txt
2013-10-10 21:07 - 2013-10-10 21:07 - 00000117 _____ C:\Windows\system32\netcfg-275984031.txt
2013-10-10 21:06 - 2013-10-10 21:06 - 00000117 _____ C:\Windows\system32\netcfg-275911203.txt
2013-10-10 20:12 - 2013-10-10 20:12 - 00000117 _____ C:\Windows\system32\netcfg-272673031.txt
2013-10-10 19:39 - 2013-10-10 19:39 - 00000117 _____ C:\Windows\system32\netcfg-270674671.txt
2013-10-10 18:16 - 2013-10-10 18:16 - 00000117 _____ C:\Windows\system32\netcfg-265728343.txt
2013-10-10 16:20 - 2013-10-10 16:20 - 00000117 _____ C:\Windows\system32\netcfg-258740062.txt
2013-10-10 11:43 - 2013-10-10 11:43 - 00000117 _____ C:\Windows\system32\netcfg-242127203.txt
2013-10-10 02:29 - 2013-10-10 02:29 - 00000117 _____ C:\Windows\system32\netcfg-208915015.txt
2013-10-09 20:17 - 2013-10-09 20:17 - 00000117 _____ C:\Windows\system32\netcfg-186591750.txt
2013-10-09 18:46 - 2013-10-09 18:46 - 00000117 _____ C:\Windows\system32\netcfg-181124921.txt
2013-10-09 18:08 - 2013-10-09 18:08 - 00000117 _____ C:\Windows\system32\netcfg-178847390.txt
2013-10-09 17:03 - 2013-10-09 17:03 - 00000117 _____ C:\Windows\system32\netcfg-174927609.txt
2013-10-09 16:32 - 2013-10-09 16:32 - 00000117 _____ C:\Windows\system32\netcfg-173074687.txt
2013-10-09 16:26 - 2013-10-09 16:26 - 00000117 _____ C:\Windows\system32\netcfg-172735734.txt
2013-10-09 15:41 - 2013-10-09 15:41 - 00000146 _____ C:\Users\mein Name\Desktop\Windows Defender - Verknüpfung.lnk
2013-10-09 13:23 - 2013-10-09 13:23 - 00002771 _____ C:\Users\mein Name\Desktop\Citrus.txt
2013-10-09 11:59 - 2013-10-09 11:59 - 00000117 _____ C:\Windows\system32\netcfg-156687515.txt
2013-10-09 03:09 - 2013-10-09 03:09 - 00000117 _____ C:\Windows\system32\netcfg-124885515.txt
2013-10-08 21:10 - 2013-10-08 21:10 - 00000117 _____ C:\Windows\system32\netcfg-103343062.txt
2013-10-08 21:03 - 2013-10-08 21:03 - 00000117 _____ C:\Windows\system32\netcfg-102917531.txt
2013-10-08 20:11 - 2013-10-08 20:11 - 00000117 _____ C:\Windows\system32\netcfg-99830078.txt
2013-10-08 19:44 - 2013-10-08 19:44 - 00000117 _____ C:\Windows\system32\netcfg-98209328.txt
2013-10-08 17:44 - 2013-10-08 17:44 - 00001143 _____ C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2013-10-08 17:29 - 2013-10-08 17:29 - 00000117 _____ C:\Windows\system32\netcfg-90112281.txt
2013-10-08 17:21 - 2013-10-08 17:21 - 00000117 _____ C:\Windows\system32\netcfg-89583859.txt
2013-10-08 15:19 - 2013-10-08 15:19 - 00000117 _____ C:\Windows\system32\netcfg-82270359.txt
2013-10-08 13:43 - 2013-10-08 13:43 - 00000117 _____ C:\Windows\system32\netcfg-76551343.txt
2013-10-08 11:36 - 2013-10-08 11:36 - 00001920 _____ C:\Users\mein Name\Desktop\beckenboden.txt
2013-10-08 11:03 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-10-08 11:01 - 2013-10-08 11:01 - 00000117 _____ C:\Windows\system32\netcfg-66818187.txt
2013-10-08 07:50 - 2013-10-16 20:31 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-08 07:46 - 2013-10-16 20:31 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-08 07:46 - 2013-10-16 20:31 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-08 07:46 - 2013-10-16 20:31 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-08 02:42 - 2013-10-08 02:42 - 00000117 _____ C:\Windows\system32\netcfg-36863578.txt
2013-10-07 20:16 - 2013-10-07 20:16 - 00000117 _____ C:\Windows\system32\netcfg-13684281.txt
2013-10-07 18:48 - 2013-10-07 18:48 - 00001173 _____ C:\Users\mein Name\Desktop\Microsoft Works.LNK
2013-10-07 18:48 - 2013-10-07 18:48 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Template
2013-10-07 18:48 - 2013-10-05 15:07 - 00000000 ____D C:\Users\mein Name\AppData\Local\VirtualStore
2013-10-07 18:39 - 2013-10-07 18:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-10-07 18:39 - 2013-10-07 18:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2013-10-07 18:23 - 2013-10-07 18:23 - 00000117 _____ C:\Windows\system32\netcfg-6917859.txt
2013-10-07 17:40 - 2013-10-07 17:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-07 17:21 - 2013-10-07 17:21 - 00000117 _____ C:\Windows\system32\netcfg-3235453.txt
2013-10-07 17:19 - 2013-10-07 17:19 - 00000117 _____ C:\Windows\system32\netcfg-3122375.txt
2013-10-07 17:17 - 2013-10-07 17:17 - 00000117 _____ C:\Windows\system32\netcfg-2989796.txt
2013-10-07 17:16 - 2013-10-07 17:16 - 00000117 _____ C:\Windows\system32\netcfg-2906203.txt
2013-10-07 17:15 - 2013-10-07 17:15 - 00000117 _____ C:\Windows\system32\netcfg-2872484.txt
2013-10-07 17:11 - 2013-10-07 17:11 - 00001153 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-07 17:11 - 2013-10-07 17:11 - 00000117 _____ C:\Windows\system32\netcfg-2589859.txt
2013-10-07 17:11 - 2013-10-07 17:11 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Mozilla
2013-10-07 16:33 - 2013-10-07 16:33 - 00000117 _____ C:\Windows\system32\netcfg-323750.txt
2013-10-07 16:33 - 2013-10-07 16:33 - 00000117 _____ C:\Windows\system32\netcfg-323734.txt
2013-10-07 16:33 - 2013-10-07 16:33 - 00000117 _____ C:\Windows\system32\netcfg-317734.txt
2013-10-07 16:27 - 2013-10-07 16:27 - 00000117 _____ C:\Windows\system32\netcfg-1062062.txt
2013-10-07 16:26 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-10-07 16:23 - 2012-10-27 03:16 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2013-10-07 16:21 - 2013-10-07 16:21 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\hpqLog
2013-10-07 16:21 - 2013-10-05 15:08 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Hewlett-Packard
2013-10-07 16:21 - 2012-10-27 03:17 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-10-07 16:16 - 2013-10-07 16:15 - 00000117 _____ C:\Windows\system32\netcfg-354828.txt
2013-10-07 16:12 - 2013-10-07 16:12 - 00000000 ____D C:\ProgramData\Simply Super Software
2013-10-07 16:10 - 2013-10-07 16:10 - 00000117 _____ C:\Windows\system32\netcfg-27484.txt
2013-10-07 15:08 - 2013-10-07 15:08 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Malwarebytes
2013-10-07 15:08 - 2013-10-07 15:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-07 15:06 - 2013-10-07 15:06 - 00000117 _____ C:\Windows\system32\netcfg-5651812.txt
2013-10-07 15:06 - 2013-10-07 15:06 - 00000117 _____ C:\Windows\system32\netcfg-5651515.txt
2013-10-07 13:25 - 2013-10-07 13:25 - 00000117 _____ C:\Windows\system32\netcfg-80359.txt
2013-10-07 13:25 - 2013-10-07 13:25 - 00000117 _____ C:\Windows\system32\netcfg-79609.txt
2013-10-07 12:47 - 2013-10-07 12:47 - 01045226 _____ C:\Users\mein Name\Desktop\adwcleaner_3.0.0.6.exe
2013-10-07 11:40 - 2013-10-07 11:40 - 00000117 _____ C:\Windows\system32\netcfg-135726031.txt
2013-10-07 01:49 - 2013-10-07 01:49 - 00000117 _____ C:\Windows\system32\netcfg-100287125.txt
2013-10-06 20:14 - 2013-10-06 20:14 - 00000117 _____ C:\Windows\system32\netcfg-80143484.txt
2013-10-06 19:13 - 2013-10-06 19:13 - 00000117 _____ C:\Windows\system32\netcfg-76489531.txt
2013-10-06 17:16 - 2013-10-06 17:16 - 00000117 _____ C:\Windows\system32\netcfg-69504921.txt
2013-10-06 15:43 - 2013-10-06 15:43 - 00000117 _____ C:\Windows\system32\netcfg-63923812.txt
2013-10-06 15:19 - 2013-10-06 15:19 - 00000117 _____ C:\Windows\system32\netcfg-62479484.txt
2013-10-06 15:05 - 2013-10-06 15:05 - 00000117 _____ C:\Windows\system32\netcfg-61607500.txt
2013-10-06 14:05 - 2013-10-06 14:05 - 00000117 _____ C:\Windows\system32\netcfg-58040500.txt
2013-10-06 14:05 - 2013-10-06 14:05 - 00000117 _____ C:\Windows\system32\netcfg-58039734.txt
2013-10-06 12:11 - 2013-10-06 12:11 - 00000117 _____ C:\Windows\system32\netcfg-51167828.txt
2013-10-06 12:11 - 2013-10-06 12:11 - 00000117 _____ C:\Windows\system32\netcfg-51167468.txt
2013-10-06 00:50 - 2012-07-26 10:13 - 00262144 _____ C:\Windows\system32\config\BCD-Template
2013-10-06 00:49 - 2013-10-06 00:49 - 00000000 ____D C:\ProgramData\Recovery
2013-10-05 21:52 - 2013-10-05 21:52 - 00000936 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2013-10-05 21:52 - 2013-10-05 21:52 - 00000000 ____D C:\Program Files (x86)\epson
2013-10-05 21:45 - 2013-10-05 21:45 - 00002092 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2013-10-05 21:45 - 2013-10-05 21:45 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Thunderbird
2013-10-05 21:40 - 2013-10-05 21:40 - 00000000 ____D C:\ProgramData\Sun
2013-10-05 21:36 - 2013-10-05 21:36 - 00000000 ____D C:\Users\mein Name\AppData\Local\Macromedia
2013-10-05 21:15 - 2013-10-05 21:12 - 00000000 ____D C:\Users\mein Name\AppData\Local\Mozilla
2013-10-05 21:12 - 2013-10-05 21:12 - 00000000 ____D C:\ProgramData\Mozilla
2013-10-05 21:10 - 2013-10-05 21:10 - 00001008 _____ C:\Users\mein Name\Desktop\IrfanView.lnk
2013-10-05 21:10 - 2013-10-05 21:10 - 00000000 ____D C:\Program Files (x86)\IrfanView
2013-10-05 21:03 - 2013-10-05 21:03 - 00000117 _____ C:\Windows\system32\netcfg-15950734.txt
2013-10-05 20:10 - 2013-10-05 20:10 - 00000117 _____ C:\Windows\system32\netcfg-12765281.txt
2013-10-05 19:23 - 2013-10-05 19:23 - 00000117 _____ C:\Windows\system32\netcfg-9918046.txt
2013-10-05 18:08 - 2013-10-05 18:08 - 00000117 _____ C:\Windows\system32\netcfg-5405031.txt
2013-10-05 17:19 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-10-05 17:18 - 2012-07-26 11:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-10-05 17:18 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\SysWOW64\winrm
2013-10-05 17:18 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2013-10-05 17:18 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2013-10-05 17:18 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-10-05 17:18 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2013-10-05 17:18 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\en-GB
2013-10-05 17:18 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-10-05 17:18 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-10-05 17:18 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\System
2013-10-05 17:18 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-10-05 17:18 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-10-05 17:18 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\oobe
2013-10-05 17:18 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2013-10-05 17:17 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\SysWOW64\WCN
2013-10-05 17:17 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2013-10-05 17:17 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\system32\winrm
2013-10-05 17:17 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\system32\slmgr
2013-10-05 17:17 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2013-10-05 17:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\MUI
2013-10-05 17:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2013-10-05 17:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\Com
2013-10-05 17:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\migwiz
2013-10-05 17:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\inetsrv
2013-10-05 17:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\en-GB
2013-10-05 17:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-10-05 17:17 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-10-05 17:17 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Sysprep
2013-10-05 17:17 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-10-05 17:16 - 2013-10-05 17:16 - 00000000 ____D C:\sources
2013-10-05 17:16 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\system32\WCN
2013-10-05 17:16 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2013-10-05 17:16 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2013-10-05 17:16 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\MUI
2013-10-05 17:16 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\Com
2013-10-05 17:16 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Dism
2013-10-05 16:58 - 2013-10-05 16:58 - 00000000 ____D C:\Users\mein Name\AppData\Roaming\Macromedia
2013-10-05 16:45 - 2013-10-05 16:45 - 00000117 _____ C:\Windows\system32\netcfg-477953.txt
2013-10-05 16:45 - 2013-10-05 16:45 - 00000117 _____ C:\Windows\system32\netcfg-477921.txt
2013-10-05 16:45 - 2013-10-05 16:45 - 00000117 _____ C:\Windows\system32\netcfg-477734.txt
2013-10-05 16:45 - 2013-10-05 16:45 - 00000117 _____ C:\Windows\system32\netcfg-474468.txt
2013-10-05 16:30 - 2013-10-05 16:30 - 00000000 ____D C:\Users\mein Name\AppData\Local\Hewlett-Packard
2013-10-05 16:21 - 2012-10-27 03:33 - 00000000 ____D C:\ProgramData\Norton
2013-10-05 16:02 - 2013-10-05 16:02 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-10-05 15:33 - 2013-10-05 15:07 - 00000000 ____D C:\Users\mein Name\AppData\Local\Packages
2013-10-05 15:31 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\restore
2013-10-05 15:09 - 2013-10-05 15:09 - 00001444 _____ C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-05 15:09 - 2013-10-05 15:09 - 00000000 __RSH C:\Windows\SysWOW64\Drivers\103C_HP_cPC_p6-2321eg_Y53316J_0U_QCZC2438N3V_E12CE3RR8605_4A_I2ADA_SFoxconn_V1.00_B8.09_T120928_W8101-0_L407_M8146_J500_7Intel_86A9_93.30_#121027_N10EC8168_Z_G10DE1049_Ohp CDDVDW SH-216BB_DSAM037B.MRK
2013-10-05 15:09 - 2013-10-05 15:09 - 00000000 __RSH C:\Windows\system32\Drivers\103C_HP_cPC_p6-2321eg_Y53316J_0U_QCZC2438N3V_E12CE3RR8605_4A_I2ADA_SFoxconn_V1.00_B8.09_T120928_W8101-0_L407_M8146_J500_7Intel_86A9_93.30_#121027_N10EC8168_Z_G10DE1049_Ohp CDDVDW SH-216BB_DSAM037B.MRK
2013-10-05 15:09 - 2013-10-05 15:09 - 00000000 ___RD C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-05 15:09 - 2013-10-05 15:09 - 00000000 ___RD C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-05 15:09 - 2013-10-05 15:09 - 00000000 ____D C:\Users\mein Name\AppData\Local\Power2Go8
2013-10-05 15:09 - 2012-10-27 03:32 - 00000000 ___RD C:\Program Files\Online Services
2013-10-05 15:09 - 2012-10-27 03:23 - 00000000 ___RD C:\Program Files (x86)\Online Services
2013-10-05 15:09 - 2012-09-12 15:34 - 00000000 ___RD C:\hp
2013-10-05 15:09 - 2012-08-02 05:15 - 00000000 ____D C:\SWSETUP
2013-10-05 15:09 - 2012-08-01 11:57 - 00000000 ___RD C:\SYSTEM.SAV
2013-10-05 15:09 - 2012-07-26 10:12 - 00000000 __SHD C:\Program Files\Windows Sidebar
2013-10-05 15:07 - 2013-10-05 15:07 - 00000020 ___SH C:\Users\mein Name\ntuser.ini
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Vorlagen
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Startmenü
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Netzwerkumgebung
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Lokale Einstellungen
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Eigene Dateien
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Druckumgebung
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Documents\Eigene Musik
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Documents\Eigene Bilder
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\AppData\Local\Verlauf
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\AppData\Local\Anwendungsdaten
2013-10-05 15:07 - 2013-10-05 15:07 - 00000000 _SHDL C:\Users\mein Name\Anwendungsdaten
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Programme
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-10-05 14:58 - 2013-10-05 14:58 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-10-05 14:58 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows NT
Some content of TEMP:
====================
C:\Users\mein Name\AppData\Local\temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-19 13:20
==================== End Of Log ============================
--- --- --- --- --- --- Gibt es Hoffnung und weitere Möglichkeiten, um das Problem beseitigen zu können ? liebe Grüße |
|
19.10.2013, 19:55
| #8 |
| /// the machine /// TB-Ausbilder | Windows 8 ; immer langsamer, hängt und friert ein Versuch bitte mal nen Clean Boot und schau wie der Rechner dann läuft.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
19.10.2013, 21:49
| #9 |
| | Windows 8 ; immer langsamer, hängt und friert ein hallo schrauber, habe den Clean Boot ausgeführt aber es ist keine Veränderung zu spüren. Gerade eben habe ich mal noch die GraKa getauscht. Ebenfalls ohne Veränderung. Besteht die Möglichkeit, daß ich etwas falsch gemacht /übersehen habe und würde es etwas bringen, das Prozedere nochmal zu durchlaufen ? Oder gibt es noch eine "Brechstange" ? liebe Grüße Edit Es sieht einfach irgendwie so aus, als ob alles verzögert ankäme ,,,, Geändert von snoozle_s (19.10.2013 um 21:56 Uhr) |
|
20.10.2013, 14:11
| #10 |
| /// the machine /// TB-Ausbilder | Windows 8 ; immer langsamer, hängt und friert ein Selbst bei Clean Boot? Schonmal ein inplace Upgrade gemacht?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
21.10.2013, 20:07
| #11 |
| | Windows 8 ; immer langsamer, hängt und friert ein Ja, selbst bei einem Clean Boot Von einem Inplace Upgrade hab´ ich noch nichts gehört. Werde mich mal schlau machen und es ggf. ausführen hallo Inplace Upgrade - nach anfänglichen Schwierigkeiten - ausgeführt Ergebnis : Unverändert Heute Abend habe ich eine neue Windows 8 Pro - Installation durchgeführt ( dazu habe ich die neue / Wechsel - HDD manuell formatiert bzw. zuvor auch die Partitionen gelöscht ) Ergebnis : scheint etwas schneller zu sein ,,, aber noch lange nicht so (wie ich es in Erinnerung habe) wie es vorher mal war Bin ziemlich verzweifelt |
|
22.10.2013, 13:32
| #12 |
| /// the machine /// TB-Ausbilder | Windows 8 ; immer langsamer, hängt und friert ein Ne komplette Neuinstallation? Und sonst auch keine unnötigen Programme installiert?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
22.10.2013, 17:28
| #13 |
| | Windows 8 ; immer langsamer, hängt und friert ein Ja, eine nagelneue NUR- Windows 8 Pro - Install (ohne irgendwelches andere Gedöns) in der Bootoption davon, hab´ ich die Partitionen gelöscht und formatiert Schien zunächst etwas schneller aber nach all den Updates kann man wieder auf die Uhr sehen, um festzustellen, wie lange das laden (I-Net Google Chrome oder auch IE ) dauert. Hatte dann den Verdacht, daß etwas im Bios sein könnte ,,,,, und dort einfach mal auf " Standard Einstellungen " geändert. Null Änderung CMOS rausgefingert und paar Minuten ohne Power stehen lassen ,,, dann wieder rein Heute Nachmittag habe ich SiSoftSandra runtergeladen und mal ein paar Werte angeschaut. Scheint alles normal. Als ich wieder einen ganzen Schwung Updates drauf bekam - ich war zwischenzeitlich eine neue Tastatur holen [ die andere wurde wegen Fehler angemeckert ,,,, 6 maliger Piepton ] Ich stöpsle also alles aus und schliesse mit der neuen Tasti auch wieder alles an. Das einschalten wurde dann mit einer Meldung eingeleitet : " Schließen Sie die Kamera an " Nach dem abbrechen -durch Schalter Aus - hat die Mühle richtig gebootet ,,,, dann aber ewig gebraucht, um den vermeintlichen Treiber für die Tasti zu installieren. Bin ziemlich am Ende mit den Nerven ,,, |
|
23.10.2013, 07:10
| #14 |
| /// the machine /// TB-Ausbilder | Windows 8 ; immer langsamer, hängt und friert ein Really strange. Mach mal nen Clean Boot. Wenn das auch gar nit hilft: Wieviel RAM-Riegel sind drin?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
23.10.2013, 12:46
| #15 |
| | Windows 8 ; immer langsamer, hängt und friert ein hallo schrauber hab´ den Clean Boot ausgeführt (Virenscanner erst deaktivieren sonst setzt der sich möglicherweise gleich wieder rein ; war bei mir jedenfalls so) gebootet Null Änderung Sind jetzt 2 Ram-Riegel je 4Giga drin , also 8Giga und werden auch so erkannt Ach ja ,,, hatte irgendwann mal die Ereignisse durchgesehen und dort wurde öfter ein Fehler ID aufgeführt (weiß nicht mehr, wie der sich nannte) naja, jedenfalls wurde in der Erklärung dort angeführt, das es zu erheblichen Leistungseinbußen kommen kann. Hab dann im Net bissl gesucht .... aber immer nur wieder, daß man diesen Fehler getrost ignorieren kann. Trifft angeblich nix zu. Soweit Jetzt hab ich wieder mal reingeschaut und da steht unter anderem : Ereignis ID 5 22.10.2013 16:45:19 {Registrierungsstruktur wiederhergestellt} Registrierungsstruktur (Datei):"\??\C:\Users\mein Name\AppData\Local\Microsoft\Windows\UsrClass.dat" war beschädigt und wurde wiederhergestellt. Möglicherweise sind Daten verloren gegangen. und weiter : In der Dateisystemstruktur auf C:\ wurde ein Fehler ..... Ich wüßte zwar nicht, wo so ein Fehler hergekommen sein sollte aber ich werde die Platte nochmals austauschen |
|
| Themen zu Windows 8 ; immer langsamer, hängt und friert ein |
| acrobat update, adobe, bildschirm, browser, ccsetup, computer, converter, defender, farbar, farbar recovery scan tool, festplatte, flash player, homepage, hängt, internet, plug-in, problem, pup.optional.bonanzadeals.a, pup.optional.installcore.a, pup.optional.wajam, pup.optional.wajam.a, services.exe, software, super, svchost.exe, windows |
WARNUNG an die MITLESER: 
Linear-Darstellung
