Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Suchanfragen und angeklickte Links werden umgeleitet....sehr merkwürdig..unerwünschte Pop up fenster öffnen plötzlich

Suchanfragen und angeklickte Links werden umgeleitet....sehr merkwürdig..unerwünschte Pop up fenster öffnen plötzlich


Plagegeister aller Art und deren Bekämpfung: Suchanfragen und angeklickte Links werden umgeleitet....sehr merkwürdig..unerwünschte Pop up fenster öffnen plötzlich

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 07.02.2014, 19:17   #1
Nordherr
 
Suchanfragen und angeklickte Links werden umgeleitet....sehr merkwürdig..unerwünschte Pop up fenster öffnen plötzlich - Standard

Suchanfragen und angeklickte Links werden umgeleitet....sehr merkwürdig..unerwünschte Pop up fenster öffnen plötzlich



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2014
Ran by Amin (administrator) on HOME on 07-02-2014 19:16:19
Running from C:\Users\Amin\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHLE.EXE
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9600.16422_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(phonostar GmbH) C:\Program Files (x86)\phonostar-Player\phonostar.exe
(Farbar) C:\Users\Amin\Downloads\FRST64(1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BeatsOSDApp] - C:\Program Files\IDT\WDM\beats64.exe [41664 2013-08-01] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-01] (IDT, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-01-28] (Hewlett-Packard)
HKU\.DEFAULT\...\Run: [EPLTarget\P0000000000000000] - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE [283232 2013-04-06] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1673681543-265808494-507988786-1001\...\Run: [SkyDrive] - C:\Users\Amin\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-08-14] (Microsoft Corporation)
HKU\S-1-5-21-1673681543-265808494-507988786-1001\...\Run: [phonostar-PlayerTimer] - C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe [42496 2013-04-25] ()
HKU\S-1-5-21-1673681543-265808494-507988786-1001\...\Run: [EPLTarget\P0000000000000001] - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE [283232 2013-04-06] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1673681543-265808494-507988786-1001\...\Run: [EPLTarget\P0000000000000000] - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE [283232 2013-04-06] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1673681543-265808494-507988786-1001\...\Run: [GarminExpressTrayApp] - C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1095000 2013-12-30] (Garmin Ltd or its subsidiaries)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=nis&pvid=20.3.1.22
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK13/4
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {118EB14D-0553-43F9-93CB-3211F7B36BB3} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Amin\AppData\Roaming\Mozilla\Firefox\Profiles\i7zr99ca.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin HKCU: @phonostar.de/phonostar-Player - C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll ( )
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Broowsee22save - C:\Users\Amin\AppData\Roaming\Mozilla\Firefox\Profiles\i7zr99ca.default\Extensions\giiaomhqf@hi-.com [2013-04-01]
FF Extension: Clear Console - C:\Users\Amin\AppData\Roaming\Mozilla\Firefox\Profiles\i7zr99ca.default\Extensions\clearConsole@penzil.com.xpi [2013-03-31]
FF Extension: 1-Click YouTube Video Downloader - C:\Users\Amin\AppData\Roaming\Mozilla\Firefox\Profiles\i7zr99ca.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2013-07-13]
FF Extension: Adblock Plus - C:\Users\Amin\AppData\Roaming\Mozilla\Firefox\Profiles\i7zr99ca.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-31]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2014-01-26]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ []

Chrome: 
=======
CHR Extension: (Broowsee22save) - C:\Users\Amin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmaghkapjaejdhhhnamcdnoeojioanbb [2013-04-01]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\Exts\Chrome.crx [2014-01-30]

==================== Services (Whitelisted) =================

R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250712 2013-12-30] (Garmin Ltd or its subsidiaries)
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35744 2012-10-12] (Hewlett-Packard)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe [275696 2013-10-08] (Symantec Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-01-23] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [1526488 2014-01-21] (Symantec Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1501000.012\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 CpqDfw; C:\Windows\System32\drivers\CpqDfw.sys [27456 2012-05-29] (Windows (R) Codename Longhorn DDK provider)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-01-25] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-01-25] (Symantec Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R3 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140206.001\IDSvia64.sys [521944 2014-01-24] (Symantec Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-01-23] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140206.024\ENG64.SYS [126040 2014-01-25] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140206.024\EX64.SYS [2099288 2014-01-25] (Symantec Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-01-23] (Microsoft Corporation)
R3 SRTSP; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSP64.SYS [858200 2013-09-27] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1501000.012\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1501000.012\SYMEFA64.SYS [1147480 2013-09-27] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1501000.012\SymELAM.sys [23568 2013-09-10] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-01-26] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1501000.012\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R3 SymNetS; C:\Windows\system32\drivers\NISx64\1501000.012\SYMNETS.SYS [590936 2013-09-26] (Symantec Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-07 19:15 - 2014-02-07 19:15 - 02079744 _____ (Farbar) C:\Users\Amin\Downloads\FRST64(1).exe
2014-02-06 18:51 - 2014-02-06 18:51 - 00001354 _____ () C:\Users\Amin\Desktop\JRT.txt
2014-02-06 18:39 - 2014-02-06 18:39 - 01037530 _____ (Thisisu) C:\Users\Amin\Downloads\JRT.exe
2014-02-06 18:11 - 2014-02-06 18:11 - 01166132 _____ () C:\Users\Amin\Downloads\adwcleaner.exe
2014-02-06 17:44 - 2014-02-06 17:44 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Amin\Downloads\mbam-setup-1.75.0.1300(1).exe
2014-02-03 19:05 - 2014-02-03 19:05 - 00000000 ____D () C:\Users\Amin\Documents\Garmin
2014-02-03 19:03 - 2014-02-03 19:03 - 00000000 ____D () C:\Users\Amin\AppData\Local\Garmin
2014-02-03 19:03 - 2014-02-03 19:03 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-03 19:03 - 2014-02-03 19:03 - 00000000 ____D () C:\ProgramData\Garmin
2014-02-03 19:03 - 2014-02-03 19:03 - 00000000 ____D () C:\Program Files (x86)\Garmin
2014-02-03 19:02 - 2014-02-03 19:02 - 12160392 _____ (Garmin Ltd or its subsidiaries) C:\Users\Amin\Downloads\GarminExpress.exe
2014-02-01 21:03 - 2014-02-01 21:03 - 00019373 _____ () C:\Users\Amin\Downloads\Addition.txt
2014-02-01 21:02 - 2014-02-07 19:16 - 00017471 _____ () C:\Users\Amin\Downloads\FRST.txt
2014-02-01 21:02 - 2014-02-07 19:16 - 00000000 ____D () C:\FRST
2014-02-01 21:01 - 2014-02-01 21:01 - 02080256 _____ (Farbar) C:\Users\Amin\Downloads\FRST64.exe
2014-02-01 20:58 - 2014-02-01 20:58 - 01137152 _____ (Farbar) C:\Users\Amin\Downloads\FRST.exe
2014-01-31 19:24 - 2014-01-31 19:24 - 00720253 _____ () C:\Users\Amin\Downloads\Google Maps.htm
2014-01-31 19:24 - 2014-01-31 19:24 - 00000000 ____D () C:\Users\Amin\Downloads\Google Maps-Dateien
2014-01-30 17:31 - 2014-01-30 17:31 - 00000000 ____D () C:\Users\Amin\AppData\Roaming\Malwarebytes
2014-01-30 17:30 - 2014-02-06 17:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-30 17:30 - 2014-01-30 17:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-01-30 17:30 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-01-30 17:29 - 2014-01-30 17:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Amin\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-30 16:12 - 2014-02-07 19:02 - 00003910 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B1D613F6-3AB0-4891-8822-639152C26EF6}
2014-01-30 15:55 - 2014-01-30 15:55 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-01-30 15:55 - 2014-01-30 15:55 - 00000000 _____ () C:\autoexec.bat
2014-01-30 15:54 - 2014-01-30 16:14 - 00000000 ____D () C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-01-30 15:53 - 2014-01-30 15:54 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Amin\Downloads\SpyHunter-Installer.exe
2014-01-30 15:51 - 2014-02-06 18:22 - 00000000 ____D () C:\Users\Amin\Documents\Aufnahmen
2014-01-30 11:42 - 2014-01-30 11:42 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-01-29 18:48 - 2014-01-30 18:02 - 00000000 ____D () C:\Users\Amin\Documents\Programme
2014-01-29 18:38 - 2014-02-06 18:53 - 00000000 ____D () C:\AdwCleaner
2014-01-26 16:48 - 2014-01-26 16:48 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2014-01-26 16:43 - 2014-01-26 16:43 - 00000000 ____D () C:\Users\Amin\Documents\Symantec
2014-01-26 16:42 - 2014-01-26 16:42 - 00177752 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2014-01-26 16:42 - 2014-01-26 16:42 - 00008222 _____ () C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2014-01-26 16:42 - 2014-01-26 16:42 - 00003234 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-01-26 16:42 - 2014-01-26 16:42 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-01-26 16:41 - 2014-01-26 16:41 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NISx64
2014-01-26 16:41 - 2014-01-26 16:41 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security
2014-01-26 16:39 - 2014-01-26 16:39 - 00000000 ____D () C:\ProgramData\PCSettings
2014-01-26 16:35 - 2014-01-26 16:35 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-01-26 03:44 - 2014-01-26 03:44 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-01-25 03:34 - 2014-01-25 03:34 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-01-25 03:34 - 2014-01-25 03:34 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-01-25 03:34 - 2014-01-25 03:34 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-01-25 03:34 - 2014-01-25 03:34 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-01-25 03:34 - 2014-01-25 03:34 - 00000000 ____D () C:\ProgramData\Sun
2014-01-25 03:34 - 2014-01-25 03:34 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-25 03:34 - 2014-01-25 03:34 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-24 00:34 - 2014-01-24 00:34 - 00000000 ____D () C:\ProgramData\AmUStor
2014-01-24 00:34 - 2014-01-24 00:34 - 00000000 ____D () C:\Program Files (x86)\AmUStor
2014-01-24 00:33 - 2014-01-24 00:33 - 00942080 _____ () C:\WINDOWS\system32\AmRdrIco.icl
2014-01-24 00:33 - 2014-01-24 00:33 - 00083224 _____ (Alcor Micro, Corp.) C:\WINDOWS\system32\Drivers\AmUStor.sys
2014-01-24 00:33 - 2014-01-24 00:33 - 00021784 _____ (Alcor Micro, Corp.) C:\WINDOWS\system32\AmUStor.dll
2014-01-24 00:33 - 2014-01-24 00:33 - 00004435 _____ () C:\WINDOWS\system32\AmUStor.ini
2014-01-24 00:33 - 2014-01-24 00:33 - 00000640 _____ () C:\WINDOWS\system32\VendorCmd0.bin
2014-01-24 00:33 - 2014-01-24 00:33 - 00000008 _____ () C:\WINDOWS\system32\CardDetect.bin
2014-01-23 17:48 - 2014-01-23 17:54 - 00000000 ____D () C:\Users\Amin\AppData\Local\DTAG
2014-01-23 17:48 - 2014-01-23 17:48 - 00000000 ____D () C:\Users\Amin\AppData\Local\mquadr.at
2014-01-23 17:48 - 2014-01-23 17:48 - 00000000 ____D () C:\ProgramData\mquadr.at
2014-01-23 17:48 - 2012-09-28 12:52 - 02475456 _____ (mquadr.at software engineering und consulting GmbH) C:\WINDOWS\SysWOW64\M2ElevatedCalls.dll
2014-01-23 17:48 - 2012-08-08 09:02 - 00243197 _____ (mquadr.at software engineering & consulting GmbH, web: www.mquadr.at, mail: office@mquadr.at) C:\WINDOWS\SysWOW64\SSDPDiscovery.dll
2014-01-23 17:48 - 2012-06-26 13:24 - 00238080 _____ (Nicomsoft Ltd.) C:\WINDOWS\SysWOW64\WiFiMan.dll
2014-01-23 17:48 - 2012-04-04 08:06 - 00948608 _____ (mquadr.at software engineering) C:\WINDOWS\SysWOW64\M2ElevatedNetworkAdapters.dll
2014-01-23 14:14 - 2014-02-01 19:32 - 00049152 ___SH () C:\Users\Amin\Downloads\Thumbs.db
2014-01-23 14:07 - 2014-01-23 14:07 - 00000295 _____ () C:\Users\Amin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb.lnk
2014-01-23 13:38 - 2014-02-06 18:25 - 00000338 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForAmin.job
2014-01-23 13:38 - 2014-02-06 18:22 - 00003150 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForAmin
2014-01-23 12:43 - 2014-01-23 12:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-01-23 12:20 - 2011-04-20 03:03 - 00120320 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ILMHLE.DLL
2014-01-23 12:20 - 2011-03-15 03:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ID4BHLE.DLL
2014-01-23 12:20 - 2007-04-10 01:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\E_GCINST.DLL
2014-01-23 12:13 - 2014-01-23 12:13 - 00003086 _____ () C:\WINDOWS\System32\Tasks\Microsoft SkyDrive Auto Update Task-S-1-5-21-1673681543-265808494-507988786-1001
2014-01-23 12:11 - 2014-01-23 12:11 - 00001452 _____ () C:\Users\Amin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-23 12:11 - 2014-01-23 12:11 - 00000020 ___SH () C:\Users\Amin\ntuser.ini
2014-01-23 12:01 - 2014-01-23 12:01 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-01-23 12:01 - 2014-01-23 12:01 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-01-23 12:01 - 2014-01-23 12:01 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-01-23 12:01 - 2014-01-23 12:01 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-01-23 12:01 - 2014-01-23 12:01 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-01-23 12:01 - 2014-01-23 12:01 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-01-23 12:01 - 2014-01-23 12:01 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-01-23 12:01 - 2014-01-23 12:01 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-01-23 12:01 - 2014-01-23 12:01 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-23 12:01 - 2014-01-23 12:01 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-01-23 12:01 - 2014-01-23 12:01 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-01-23 12:01 - 2014-01-23 12:01 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-01-23 12:01 - 2014-01-23 12:01 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-01-23 12:01 - 2014-01-23 12:01 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-01-23 12:01 - 2014-01-23 12:01 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-23 12:01 - 2014-01-23 12:01 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-01-23 12:01 - 2014-01-23 12:01 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-01-23 12:00 - 2014-01-23 12:00 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-01-23 11:54 - 2014-01-23 11:54 - 00000000 ____D () C:\Users\Default\Documents\hp.system.package.metadata
2014-01-23 11:54 - 2014-01-23 11:54 - 00000000 ____D () C:\Users\Default User\Documents\hp.system.package.metadata
2014-01-23 11:53 - 2014-01-23 11:53 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-01-23 11:52 - 2014-01-23 12:11 - 00000000 ____D () C:\Users\Amin
2014-01-23 11:52 - 2014-01-23 12:00 - 00020958 _____ () C:\WINDOWS\diagwrn.xml
2014-01-23 11:52 - 2014-01-23 12:00 - 00020958 _____ () C:\WINDOWS\diagerr.xml
2014-01-23 11:52 - 2014-01-23 11:52 - 00000000 _SHDL () C:\Users\Amin\Vorlagen
2014-01-23 11:52 - 2014-01-23 11:52 - 00000000 _SHDL () C:\Users\Amin\Startmenü
2014-01-23 11:52 - 2014-01-23 11:52 - 00000000 _SHDL () C:\Users\Amin\Netzwerkumgebung
2014-01-23 11:52 - 2014-01-23 11:52 - 00000000 _SHDL () C:\Users\Amin\Lokale Einstellungen
2014-01-23 11:52 - 2014-01-23 11:52 - 00000000 _SHDL () C:\Users\Amin\Eigene Dateien
2014-01-23 11:52 - 2014-01-23 11:52 - 00000000 _SHDL () C:\Users\Amin\Druckumgebung
2014-01-23 11:52 - 2014-01-23 11:52 - 00000000 _SHDL () C:\Users\Amin\Documents\Eigene Musik
2014-01-23 11:52 - 2014-01-23 11:52 - 00000000 _SHDL () C:\Users\Amin\Documents\Eigene Bilder
2014-01-23 11:52 - 2014-01-23 11:52 - 00000000 _SHDL () C:\Users\Amin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-23 11:52 - 2014-01-23 11:52 - 00000000 _SHDL () C:\Users\Amin\AppData\Local\Verlauf
2014-01-23 11:52 - 2014-01-23 11:52 - 00000000 _SHDL () C:\Users\Amin\AppData\Local\Anwendungsdaten
2014-01-23 11:52 - 2014-01-23 11:52 - 00000000 _SHDL () C:\Users\Amin\Anwendungsdaten
2014-01-23 11:52 - 2014-01-23 11:52 - 00000000 ___RD () C:\Users\Amin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-01-23 11:52 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Amin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-01-23 11:52 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Amin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-01-23 11:52 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Amin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-01-23 11:50 - 2014-01-23 11:52 - 00012096 _____ () C:\WINDOWS\iis.log
2014-01-23 11:50 - 2014-01-23 11:50 - 01914374 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-01-23 11:49 - 2014-02-06 18:54 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-01-23 11:48 - 2014-02-07 18:21 - 02069460 _____ () C:\WINDOWS\WindowsUpdate.log
2014-01-23 11:48 - 2014-01-23 11:53 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-01-23 11:48 - 2014-01-23 11:49 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-01-23 11:48 - 2014-01-23 11:48 - 00000000 ____D () C:\WINDOWS\system32\SRSLabs
2014-01-23 11:48 - 2014-01-23 11:48 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-01-23 11:48 - 2013-10-28 12:12 - 00061216 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2014-01-23 11:48 - 2013-10-28 12:12 - 00053024 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2014-01-23 11:48 - 2013-08-29 23:43 - 06599968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-01-23 11:48 - 2013-08-29 23:43 - 03452192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-01-23 11:48 - 2013-08-29 23:43 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-01-23 11:48 - 2013-08-29 23:43 - 00920864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-01-23 11:48 - 2013-08-29 23:43 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-01-23 11:48 - 2013-08-29 23:43 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-01-23 11:48 - 2013-08-29 21:28 - 03349466 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-01-23 11:46 - 2014-01-23 12:11 - 00000000 ___DC () C:\WINDOWS\Panther
2014-01-23 11:46 - 2014-01-23 11:46 - 00000000 __SHD () C:\Recovery
2014-01-23 11:45 - 2014-01-23 11:45 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-01-23 11:45 - 2014-01-23 11:45 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-01-23 11:45 - 2014-01-23 11:45 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-01-23 11:45 - 2014-01-23 11:45 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-01-23 11:45 - 2014-01-23 11:45 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-01-23 11:45 - 2014-01-23 11:45 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-01-23 11:44 - 2014-01-23 11:44 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-01-23 11:44 - 2014-01-23 11:44 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-01-23 11:44 - 2014-01-23 11:44 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-01-23 11:44 - 2014-01-23 11:44 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-01-23 11:44 - 2014-01-23 11:44 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-01-23 11:44 - 2014-01-23 11:44 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-01-23 11:44 - 2014-01-23 11:44 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-01-23 11:44 - 2014-01-23 11:44 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-01-23 11:44 - 2014-01-23 11:44 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-01-23 11:44 - 2014-01-23 11:44 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-01-23 11:44 - 2014-01-23 11:44 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-01-23 11:44 - 2014-01-23 11:44 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-01-23 11:44 - 2014-01-23 11:44 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-01-23 11:44 - 2014-01-23 11:44 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-01-23 11:44 - 2014-01-23 11:44 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2014-01-23 11:44 - 2014-01-23 11:44 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-01-23 11:44 - 2014-01-23 11:44 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-01-23 11:44 - 2014-01-23 11:44 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-01-23 11:43 - 2014-01-23 11:43 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-01-23 11:41 - 2014-01-23 11:41 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2014-01-23 11:41 - 2014-01-23 11:41 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2014-01-23 11:41 - 2014-01-23 11:41 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2014-01-23 11:41 - 2014-01-23 11:41 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2014-01-23 11:41 - 2014-01-23 11:41 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2014-01-23 11:41 - 2014-01-23 11:41 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2014-01-23 11:41 - 2014-01-23 11:41 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2014-01-23 11:41 - 2014-01-23 11:41 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2014-01-23 11:41 - 2014-01-23 11:41 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2014-01-23 11:41 - 2014-01-23 11:41 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2014-01-23 11:41 - 2014-01-23 11:41 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2014-01-23 11:41 - 2014-01-23 11:41 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2014-01-23 11:41 - 2014-01-23 11:41 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2014-01-23 11:41 - 2014-01-23 11:41 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-01-23 11:41 - 2014-01-23 11:41 - 00000000 ____D () C:\Program Files\MSBuild
2014-01-23 11:41 - 2014-01-23 11:41 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-01-23 11:41 - 2014-01-23 11:41 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-01-23 11:41 - 2014-01-23 11:41 - 00000000 ____D () C:\inetpub
2014-01-23 11:41 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-01-23 11:41 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-01-23 11:41 - 2013-08-03 05:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-01-23 11:41 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-01-23 11:41 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-01-23 11:41 - 2013-08-03 05:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-01-23 11:24 - 2014-01-23 12:00 - 00006629 _____ () C:\WINDOWS\comsetup.log

==================== One Month Modified Files and Folders =======

2014-02-07 19:16 - 2014-02-01 21:02 - 00017471 _____ () C:\Users\Amin\Downloads\FRST.txt
2014-02-07 19:16 - 2014-02-01 21:02 - 00000000 ____D () C:\FRST
2014-02-07 19:15 - 2014-02-07 19:15 - 02079744 _____ (Farbar) C:\Users\Amin\Downloads\FRST64(1).exe
2014-02-07 19:02 - 2014-01-30 16:12 - 00003910 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B1D613F6-3AB0-4891-8822-639152C26EF6}
2014-02-07 19:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-02-07 18:59 - 2011-12-14 21:40 - 00000000 ____D () C:\Users\Amin\Documents\Private
2014-02-07 18:53 - 2013-03-28 20:47 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-02-07 18:28 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2014-02-07 18:21 - 2014-01-23 11:48 - 02069460 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-07 18:19 - 2013-09-16 10:58 - 00000382 _____ () C:\WINDOWS\Tasks\WpsUpdateTask_Amin.job
2014-02-07 17:31 - 2013-04-06 14:36 - 00000000 __RDO () C:\Users\Amin\SkyDrive
2014-02-06 19:53 - 2013-03-26 20:01 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1673681543-265808494-507988786-1001
2014-02-06 19:01 - 2013-11-14 08:27 - 01980870 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-06 19:01 - 2013-11-14 08:11 - 00841326 _____ () C:\WINDOWS\system32\perfh007.dat
2014-02-06 19:01 - 2013-11-14 08:11 - 00191558 _____ () C:\WINDOWS\system32\perfc007.dat
2014-02-06 18:54 - 2014-01-23 11:49 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-06 18:54 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-06 18:53 - 2014-01-29 18:38 - 00000000 ____D () C:\AdwCleaner
2014-02-06 18:53 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-02-06 18:51 - 2014-02-06 18:51 - 00001354 _____ () C:\Users\Amin\Desktop\JRT.txt
2014-02-06 18:39 - 2014-02-06 18:39 - 01037530 _____ (Thisisu) C:\Users\Amin\Downloads\JRT.exe
2014-02-06 18:30 - 2013-03-31 14:15 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2014-02-06 18:30 - 2013-03-31 14:14 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-02-06 18:25 - 2014-01-23 13:38 - 00000338 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForAmin.job
2014-02-06 18:22 - 2014-01-30 15:51 - 00000000 ____D () C:\Users\Amin\Documents\Aufnahmen
2014-02-06 18:22 - 2014-01-23 13:38 - 00003150 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForAmin
2014-02-06 18:20 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-02-06 18:17 - 2013-11-13 23:18 - 00579812 _____ () C:\WINDOWS\PFRO.log
2014-02-06 18:11 - 2014-02-06 18:11 - 01166132 _____ () C:\Users\Amin\Downloads\adwcleaner.exe
2014-02-06 17:51 - 2013-05-18 08:26 - 00000000 ____D () C:\Users\Amin\AppData\Roaming\vlc
2014-02-06 17:45 - 2014-01-30 17:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-06 17:44 - 2014-02-06 17:44 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Amin\Downloads\mbam-setup-1.75.0.1300(1).exe
2014-02-05 19:15 - 2013-05-11 20:10 - 00000000 ____D () C:\Program Files (x86)\phonostar-Player
2014-02-05 18:53 - 2013-03-28 20:47 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-02-03 20:49 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-02-03 20:44 - 2013-03-26 19:51 - 00000000 ____D () C:\Users\Amin\AppData\Local\Packages
2014-02-03 19:05 - 2014-02-03 19:05 - 00000000 ____D () C:\Users\Amin\Documents\Garmin
2014-02-03 19:03 - 2014-02-03 19:03 - 00000000 ____D () C:\Users\Amin\AppData\Local\Garmin
2014-02-03 19:03 - 2014-02-03 19:03 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-03 19:03 - 2014-02-03 19:03 - 00000000 ____D () C:\ProgramData\Garmin
2014-02-03 19:03 - 2014-02-03 19:03 - 00000000 ____D () C:\Program Files (x86)\Garmin
2014-02-03 19:02 - 2014-02-03 19:02 - 12160392 _____ (Garmin Ltd or its subsidiaries) C:\Users\Amin\Downloads\GarminExpress.exe
2014-02-03 19:00 - 2013-08-22 15:46 - 00296891 _____ () C:\WINDOWS\setupact.log
2014-02-01 21:03 - 2014-02-01 21:03 - 00019373 _____ () C:\Users\Amin\Downloads\Addition.txt
2014-02-01 21:01 - 2014-02-01 21:01 - 02080256 _____ (Farbar) C:\Users\Amin\Downloads\FRST64.exe
2014-02-01 20:58 - 2014-02-01 20:58 - 01137152 _____ (Farbar) C:\Users\Amin\Downloads\FRST.exe
2014-02-01 19:32 - 2014-01-23 14:14 - 00049152 ___SH () C:\Users\Amin\Downloads\Thumbs.db
2014-01-31 19:24 - 2014-01-31 19:24 - 00720253 _____ () C:\Users\Amin\Downloads\Google Maps.htm
2014-01-31 19:24 - 2014-01-31 19:24 - 00000000 ____D () C:\Users\Amin\Downloads\Google Maps-Dateien
2014-01-31 17:51 - 2013-04-01 19:26 - 00000000 ____D () C:\ProgramData\Broowsee22save
2014-01-30 21:47 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-30 21:47 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-30 18:02 - 2014-01-29 18:48 - 00000000 ____D () C:\Users\Amin\Documents\Programme
2014-01-30 17:31 - 2014-01-30 17:31 - 00000000 ____D () C:\Users\Amin\AppData\Roaming\Malwarebytes
2014-01-30 17:30 - 2014-01-30 17:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-01-30 17:29 - 2014-01-30 17:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Amin\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-30 16:14 - 2014-01-30 15:54 - 00000000 ____D () C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-01-30 15:55 - 2014-01-30 15:55 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-01-30 15:55 - 2014-01-30 15:55 - 00000000 _____ () C:\autoexec.bat
2014-01-30 15:54 - 2014-01-30 15:53 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Amin\Downloads\SpyHunter-Installer.exe
2014-01-30 11:42 - 2014-01-30 11:42 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-01-26 16:48 - 2014-01-26 16:48 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2014-01-26 16:44 - 2013-02-08 12:52 - 00000000 ____D () C:\ProgramData\Norton
2014-01-26 16:43 - 2014-01-26 16:43 - 00000000 ____D () C:\Users\Amin\Documents\Symantec
2014-01-26 16:42 - 2014-01-26 16:42 - 00177752 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2014-01-26 16:42 - 2014-01-26 16:42 - 00008222 _____ () C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2014-01-26 16:42 - 2014-01-26 16:42 - 00003234 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-01-26 16:42 - 2014-01-26 16:42 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-01-26 16:42 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-01-26 16:41 - 2014-01-26 16:41 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NISx64
2014-01-26 16:41 - 2014-01-26 16:41 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security
2014-01-26 16:41 - 2013-04-01 19:33 - 00048128 ___SH () C:\Users\Amin\Desktop\Thumbs.db
2014-01-26 16:39 - 2014-01-26 16:39 - 00000000 ____D () C:\ProgramData\PCSettings
2014-01-26 16:35 - 2014-01-26 16:35 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-01-26 13:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-01-26 03:44 - 2014-01-26 03:44 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-01-25 03:34 - 2014-01-25 03:34 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-01-25 03:34 - 2014-01-25 03:34 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-01-25 03:34 - 2014-01-25 03:34 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-01-25 03:34 - 2014-01-25 03:34 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-01-25 03:34 - 2014-01-25 03:34 - 00000000 ____D () C:\ProgramData\Sun
2014-01-25 03:34 - 2014-01-25 03:34 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-25 03:34 - 2014-01-25 03:34 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-24 02:25 - 2013-07-13 15:46 - 00000000 ____D () C:\Users\Amin\AppData\Local\Adobe
2014-01-24 00:34 - 2014-01-24 00:34 - 00000000 ____D () C:\ProgramData\AmUStor
2014-01-24 00:34 - 2014-01-24 00:34 - 00000000 ____D () C:\Program Files (x86)\AmUStor
2014-01-24 00:34 - 2013-02-08 12:34 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-01-24 00:33 - 2014-01-24 00:33 - 00942080 _____ () C:\WINDOWS\system32\AmRdrIco.icl
2014-01-24 00:33 - 2014-01-24 00:33 - 00083224 _____ (Alcor Micro, Corp.) C:\WINDOWS\system32\Drivers\AmUStor.sys
2014-01-24 00:33 - 2014-01-24 00:33 - 00021784 _____ (Alcor Micro, Corp.) C:\WINDOWS\system32\AmUStor.dll
2014-01-24 00:33 - 2014-01-24 00:33 - 00004435 _____ () C:\WINDOWS\system32\AmUStor.ini
2014-01-24 00:33 - 2014-01-24 00:33 - 00000640 _____ () C:\WINDOWS\system32\VendorCmd0.bin
2014-01-24 00:33 - 2014-01-24 00:33 - 00000008 _____ () C:\WINDOWS\system32\CardDetect.bin
2014-01-24 00:33 - 2012-10-12 04:24 - 00000000 ____D () C:\SWSETUP
2014-01-24 00:25 - 2013-03-27 13:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-23 17:54 - 2014-01-23 17:48 - 00000000 ____D () C:\Users\Amin\AppData\Local\DTAG
2014-01-23 17:48 - 2014-01-23 17:48 - 00000000 ____D () C:\Users\Amin\AppData\Local\mquadr.at
2014-01-23 17:48 - 2014-01-23 17:48 - 00000000 ____D () C:\ProgramData\mquadr.at
2014-01-23 14:07 - 2014-01-23 14:07 - 00000295 _____ () C:\Users\Amin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb.lnk
2014-01-23 13:24 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-01-23 12:43 - 2014-01-23 12:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-01-23 12:13 - 2014-01-23 12:13 - 00003086 _____ () C:\WINDOWS\System32\Tasks\Microsoft SkyDrive Auto Update Task-S-1-5-21-1673681543-265808494-507988786-1001
2014-01-23 12:12 - 2013-03-26 19:53 - 00000000 ___RD () C:\Users\Amin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-23 12:12 - 2013-03-26 19:53 - 00000000 ___RD () C:\Users\Amin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-01-23 12:11 - 2014-01-23 12:11 - 00001452 _____ () C:\Users\Amin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-23 12:11 - 2014-01-23 12:11 - 00000020 ___SH () C:\Users\Amin\ntuser.ini
2014-01-23 12:11 - 2014-01-23 11:52 - 00000000 ____D () C:\Users\Amin
2014-01-23 12:11 - 2014-01-23 11:46 - 00000000 ___DC () C:\WINDOWS\Panther
2014-01-23 12:01 - 2014-01-23 12:01 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-01-23 12:01 - 2014-01-23 12:01 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-01-23 12:01 - 2014-01-23 12:01 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-01-23 12:01 - 2014-01-23 12:01 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-01-23 12:01 - 2014-01-23 12:01 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-01-23 12:01 - 2014-01-23 12:01 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-01-23 12:01 - 2014-01-23 12:01 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-01-23 12:01 - 2014-01-23 12:01 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-01-23 12:01 - 2014-01-23 12:01 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-23 12:01 - 2014-01-23 12:01 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-01-23 12:01 - 2014-01-23 12:01 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-01-23 12:01 - 2014-01-23 12:01 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-01-23 12:01 - 2014-01-23 12:01 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-01-23 12:01 - 2014-01-23 12:01 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-01-23 12:01 - 2014-01-23 12:01 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-23 12:01 - 2014-01-23 12:01 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-01-23 12:01 - 2014-01-23 12:01 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-01-23 12:01 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2014-01-23 12:01 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2014-01-23 12:00 - 2014-01-23 12:00 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-01-23 12:00 - 2014-01-23 11:52 - 00020958 _____ () C:\WINDOWS\diagwrn.xml
2014-01-23 12:00 - 2014-01-23 11:52 - 00020958 _____ () C:\WINDOWS\diagerr.xml
2014-01-23 12:00 - 2014-01-23 11:24 - 00006629 _____ () C:\WINDOWS\comsetup.log
2014-01-23 12:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-01-23 11:58 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-01-23 11:58 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-01-23 11:57 - 2013-02-08 12:28 - 00000000 ____D () C:\ProgramData\SoundResearch
2014-01-23 11:56 - 2013-08-22 15:44 - 00352064 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-01-23 11:55 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-01-23 11:55 - 2013-02-08 12:51 - 00000000 ____D () C:\WINDOWS\de
2014-01-23 11:55 - 2012-07-26 10:43 - 00000000 ____D () C:\WINDOWS\en-GB
2014-01-23 11:54 - 2014-01-23 11:54 - 00000000 ____D () C:\Users\Default\Documents\hp.system.package.metadata
2014-01-23 11:54 - 2014-01-23 11:54 - 00000000 ____D () C:\Users\Default User\Documents\hp.system.package.metadata
2014-01-23 11:54 - 2013-11-14 08:13 - 00000000 ____D () C:\WINDOWS\ShellNew
2014-01-23 11:54 - 2013-11-14 08:11 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-01-23 11:54 - 2013-11-14 08:11 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-01-23 11:54 - 2013-11-14 08:11 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-01-23 11:54 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-01-23 11:54 - 2013-08-22 16:37 - 00004893 _____ () C:\WINDOWS\DtcInstall.log
2014-01-23 11:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-01-23 11:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-01-23 11:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2014-01-23 11:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-01-23 11:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-01-23 11:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-01-23 11:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME
2014-01-23 11:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2014-01-23 11:54 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-01-23 11:54 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-01-23 11:54 - 2012-08-10 16:06 - 00000000 ____D () C:\ProgramData\PRICache
2014-01-23 11:54 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2014-01-23 11:53 - 2014-01-23 11:53 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-01-23 11:53 - 2014-01-23 11:48 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-01-23 11:53 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-01-23 11:53 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-01-23 11:53 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-01-23 11:53 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-01-23 11:52 - 2014-01-23 11:52 - 00000000 _SHDL () C:\Users\Amin\Vorlagen
2014-01-23 11:52 - 2014-01-23 11:52 - 00000000 _SHDL () C:\Users\Amin\Startmenü
2014-01-23 11:52 - 2014-01-23 11:52 - 00000000 _SHDL () C:\Users\Amin\Netzwerkumgebung
2014-01-23 11:52 - 2014-01-23 11:52 - 00000000 _SHDL () C:\Users\Amin\Lokale Einstellungen
2014-01-23 11:52 - 2014-01-23 11:52 - 00000000 _SHDL () C:\Users\Amin\Eigene Dateien
2014-01-23 11:52 - 2014-01-23 11:52 - 00000000 _SHDL () C:\Users\Amin\Druckumgebung
2014-01-23 11:52 - 2014-01-23 11:52 - 00000000 _SHDL () C:\Users\Amin\Documents\Eigene Musik
2014-01-23 11:52 - 2014-01-23 11:52 - 00000000 _SHDL () C:\Users\Amin\Documents\Eigene Bilder
2014-01-23 11:52 - 2014-01-23 11:52 - 00000000 _SHDL () C:\Users\Amin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-23 11:52 - 2014-01-23 11:52 - 00000000 _SHDL () C:\Users\Amin\AppData\Local\Verlauf
2014-01-23 11:52 - 2014-01-23 11:52 - 00000000 _SHDL () C:\Users\Amin\AppData\Local\Anwendungsdaten
2014-01-23 11:52 - 2014-01-23 11:52 - 00000000 _SHDL () C:\Users\Amin\Anwendungsdaten
2014-01-23 11:52 - 2014-01-23 11:52 - 00000000 ___RD () C:\Users\Amin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-01-23 11:52 - 2014-01-23 11:50 - 00012096 _____ () C:\WINDOWS\iis.log
2014-01-23 11:50 - 2014-01-23 11:50 - 01914374 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-01-23 11:49 - 2014-01-23 11:48 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-01-23 11:48 - 2014-01-23 11:48 - 00000000 ____D () C:\WINDOWS\system32\SRSLabs
2014-01-23 11:48 - 2014-01-23 11:48 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-01-23 11:46 - 2014-01-23 11:46 - 00000000 __SHD () C:\Recovery
2014-01-23 11:46 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-01-23 11:45 - 2014-01-23 11:45 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-01-23 11:45 - 2014-01-23 11:45 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-01-23 11:45 - 2014-01-23 11:45 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-01-23 11:45 - 2014-01-23 11:45 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-01-23 11:45 - 2014-01-23 11:45 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-01-23 11:45 - 2014-01-23 11:45 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-01-23 11:45 - 2014-01-23 11:45 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-01-23 11:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-01-23 11:44 - 2014-01-23 11:44 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-01-23 11:44 - 2014-01-23 11:44 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-01-23 11:44 - 2014-01-23 11:44 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-01-23 11:44 - 2014-01-23 11:44 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-01-23 11:44 - 2014-01-23 11:44 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-01-23 11:44 - 2014-01-23 11:44 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-01-23 11:44 - 2014-01-23 11:44 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-01-23 11:44 - 2014-01-23 11:44 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-01-23 11:44 - 2014-01-23 11:44 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-01-23 11:44 - 2014-01-23 11:44 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-01-23 11:44 - 2014-01-23 11:44 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-01-23 11:44 - 2014-01-23 11:44 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-01-23 11:44 - 2014-01-23 11:44 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-01-23 11:44 - 2014-01-23 11:44 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-01-23 11:44 - 2014-01-23 11:44 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-01-23 11:44 - 2014-01-23 11:44 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2014-01-23 11:44 - 2014-01-23 11:44 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-01-23 11:44 - 2014-01-23 11:44 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-01-23 11:44 - 2014-01-23 11:44 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-01-23 11:44 - 2014-01-23 11:44 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-01-23 11:44 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-01-23 11:44 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-01-23 11:44 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-01-23 11:44 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-01-23 11:43 - 2014-01-23 11:43 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-01-23 11:41 - 2014-01-23 11:41 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2014-01-23 11:41 - 2014-01-23 11:41 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2014-01-23 11:41 - 2014-01-23 11:41 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2014-01-23 11:41 - 2014-01-23 11:41 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2014-01-23 11:41 - 2014-01-23 11:41 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2014-01-23 11:41 - 2014-01-23 11:41 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2014-01-23 11:41 - 2014-01-23 11:41 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2014-01-23 11:41 - 2014-01-23 11:41 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2014-01-23 11:41 - 2014-01-23 11:41 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2014-01-23 11:41 - 2014-01-23 11:41 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2014-01-23 11:41 - 2014-01-23 11:41 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2014-01-23 11:41 - 2014-01-23 11:41 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2014-01-23 11:41 - 2014-01-23 11:41 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2014-01-23 11:41 - 2014-01-23 11:41 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-01-23 11:41 - 2014-01-23 11:41 - 00000000 ____D () C:\Program Files\MSBuild
2014-01-23 11:41 - 2014-01-23 11:41 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-01-23 11:41 - 2014-01-23 11:41 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-01-23 11:41 - 2014-01-23 11:41 - 00000000 ____D () C:\inetpub
2014-01-23 11:41 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-01-23 11:41 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\inetsrv
2014-01-23 11:41 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-01-23 11:41 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2014-01-23 11:35 - 2013-03-26 19:51 - 01965831 _____ () C:\WINDOWS\WindowsUpdate (1).log
2014-01-23 11:11 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-01-23 10:58 - 2013-07-22 20:07 - 00000000 ____D () C:\WINDOWS\system32\MRT

Some content of TEMP:
====================
C:\Users\Amin\AppData\Local\Temp\Extract.exe
C:\Users\Amin\AppData\Local\Temp\Quarantine.exe
C:\Users\Amin\AppData\Local\Temp\SHSetup.exe
C:\Users\Amin\AppData\Local\Temp\SP64760.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-06 19:53

==================== End Of Log ============================
--- --- ---
Antwort

Themen zu Suchanfragen und angeklickte Links werden umgeleitet....sehr merkwürdig..unerwünschte Pop up fenster öffnen plötzlich
anti-malware, antivirus, erfolgreich, fehler, fenster, folge, folgendes, frage, fragen, geld, klicke, klicken, link, links, lizenz, malwarebytes, nichts, norton, online, plötzlich, pop up, problem, seite, öffnen, öffnet


« Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab | Trojaner OCS »


Ähnliche Themen: Suchanfragen und angeklickte Links werden umgeleitet....sehr merkwürdig..unerwünschte Pop up fenster öffnen plötzlich


  1. WIN7 Suchanfragen werden auf Werbesuchseiten umgeleitet, Laptop bootet extrem langsam
    Log-Analyse und Auswertung - 02.06.2015 (23)
  2. Fenster öffnen sich und wörter werden blau unterstrichen (links)
    Plagegeister aller Art und deren Bekämpfung - 31.12.2014 (13)
  3. Unerwünschte Links und Pop-Up-Fenster
    Log-Analyse und Auswertung - 07.11.2013 (13)
  4. Windows 7: Google-Suchanfragen werden umgeleitet (Ihavenet, Newsbusters)
    Log-Analyse und Auswertung - 09.09.2013 (7)
  5. Probleme mit FF und IE die Suchanfragen bei google werden auf http://click.sureonlinefind.com umgeleitet
    Plagegeister aller Art und deren Bekämpfung - 18.08.2013 (29)
  6. Googlelinks/Links werden umgeleitet
    Alles rund um Windows - 26.05.2013 (8)
  7. ihavent.net Virus--> angeklickte links werden umgeleitet
    Plagegeister aller Art und deren Bekämpfung - 23.11.2012 (4)
  8. Dringend! Google Links werden umgeleitet - OTL & GMER werden von Virus beendet
    Plagegeister aller Art und deren Bekämpfung - 25.07.2011 (1)
  9. Suchanfragen werden umgeleitet
    Log-Analyse und Auswertung - 04.07.2011 (3)
  10. Suchanfragen (Google, Yahoo, etc.) werden umgeleitet (Firefox)
    Log-Analyse und Auswertung - 03.07.2011 (7)
  11. Suchanfragen werden umgeleitet
    Plagegeister aller Art und deren Bekämpfung - 12.05.2011 (16)
  12. Google Suchanfragen werden umgeleitet
    Log-Analyse und Auswertung - 17.11.2010 (19)
  13. Google - Suchanfragen werden umgeleitet, manipulierte TCP/IP-Einstellungen
    Log-Analyse und Auswertung - 14.11.2010 (19)
  14. links werden umgeleitet und werbe-links öffnen sich von allein (firefox)
    Log-Analyse und Auswertung - 08.04.2010 (18)
  15. firefox: links werden umgeleitet und werbe-links öffnen sich von allein
    Log-Analyse und Auswertung - 30.03.2010 (11)
  16. Links werden umgeleitet
    Log-Analyse und Auswertung - 10.10.2009 (11)
  17. Google links werden umgeleitet
    Log-Analyse und Auswertung - 02.10.2006 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Suchanfragen und angeklickte Links werden umgeleitet....sehr merkwürdig..unerwünschte Pop up fenster öffnen plötzlich - FRST Logfile: Code: Alles auswählen Aufklappen ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2014 Ran by Amin (administrator) on HOME on 07-02-2014 19:16:19 Running from C:\Users\Amin\Downloads - Suchanfragen und angeklickte Links werden umgeleitet....sehr merkwürdig..unerwünschte Pop up fenster öffnen plötzlich...
Archiv
Du betrachtest: Suchanfragen und angeklickte Links werden umgeleitet....sehr merkwürdig..unerwünschte Pop up fenster öffnen plötzlich auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131