| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Sämtliche USB-Sticks Berechtigung Zugriff verweigert Win7 prof.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
06.05.2014, 16:52
| #16 |
 |  Sämtliche USB-Sticks Berechtigung Zugriff verweigert Win7 prof. Avira habe ich deinstalliert Bis auf 10 Einträge in der Registry Problem mit USB-Geräten besteht immer noch |
|
06.05.2014, 17:23
| #17 | |
| /// Malwareteam   | Sämtliche USB-Sticks Berechtigung Zugriff verweigert Win7 prof.Zitat:
 .
__________________ |
|
06.05.2014, 17:51
| #18 |
| | Sämtliche USB-Sticks Berechtigung Zugriff verweigert Win7 prof.FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2014
Ran by admin (administrator) on ADMIN-HP on 06-05-2014 18:48:25
Running from C:\Users\admin\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Flexera Software LLC.) C:\Program Files\PTC\FLEXnet Admin License Server\lmadmin.exe
(MKS Software Inc.) C:\Windows\System32\nutsrv4.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(PTC) C:\Program Files\PTC\FLEXnet Admin License Server\i486_nt\obj\ptc_d.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Hewlett-Packard Company) C:\Windows\SysWOW64\flcdlock.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Intel Corporation) C:\Program Files\Intel\Thunderbolt Software\Thunderbolt.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(sw4you) C:\Program Files (x86)\Hardcopy\hardcopy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
() C:\ProgramData\Avira\My Avira\Temp\antivirus.exe
(Avira Operations GmbH & Co. KG) C:\Windows\Temp\RarSFX0\presetup.exe
(Avira Operations GmbH & Co. KG) C:\Windows\Temp\RarSFX0\setup.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Thunderbolt] => c:\Program Files\Intel\Thunderbolt Software\Thunderbolt.exe [767944 2013-07-23] (Intel Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-08] (Intel Corporation)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-09-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [11585408 2012-11-16] (Motorola Solutions, Inc.)
HKLM\...\Run: [RtsCM] => C:\Windows\RTSCM64.EXE [147160 2013-08-02] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2812656 2014-04-05] (Synaptics Incorporated)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2747680 2014-04-05] ()
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-04-05] (IDT, Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-04-05] (Intel Corporation)
HKLM-x32\...\Run: [YouCam Mirage] => c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2013-06-24] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [167488 2013-06-24] (CyberLink Corp.)
HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [13685464 2013-03-06] (Hewlett-Packard)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144 2013-03-12] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [493528 2013-05-21] (CyberLink Corp.)
HKLM-x32\...\Run: [NuTCSetupEnviron] => C:\Program Files\PTC\MKS Toolkit\bin\ncoeenv.exe [37248 2012-10-12] (MKS Software Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [683656 2013-07-18] (PDF Complete Inc)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-10-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [185144 2013-12-10] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [CitrixReceiver] => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [395656 2013-10-01] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153992 2013-10-01] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [336672 2014-02-10] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [182352 2014-04-30] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-2573168942-1884357690-58221193-1002\...\Run: [GoogleChromeAutoLaunch_A822CA3D40D4B8944864CFEA751D8D57] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-04-24] (Google Inc.)
HKU\S-1-5-21-2573168942-1884357690-58221193-1002\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-2573168942-1884357690-58221193-1002\...\Policies\Explorer: []
HKU\S-1-5-21-2573168942-1884357690-58221193-1002\...\MountPoints2: {8e6fc8fa-bd0a-11e3-bb07-c4d98760109d} - G:\HTC_Sync_Manager_PC.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Outlook 2007.lnk
ShortcutTarget: Microsoft Office Outlook 2007.lnk -> C:\Windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\outicon.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK
ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you)
==================== Internet (Whitelisted) ====================
StartMenuInternet: IEXPLORE.EXE - c:\program files (x86)\internet explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CMDTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CMDTDFJS
SearchScopes: HKCU - DefaultScope {3DE21B6E-E85C-4174-AA7E-C4C18B5445A5} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CMDTDFJS
SearchScopes: HKCU - {3DE21B6E-E85C-4174-AA7E-C4C18B5445A5} URL = https://www.google.com/search?q={searchTerms}
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: HP File Sanitizer - {3134413B-49B4-425C-98A5-893C1F195601} - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Winsock: Catalog9 12 C:\Windows\SysWOW64\nutafun4.dll [164232] (MKS Software Inc.)
Winsock: Catalog9 13 C:\Windows\SysWOW64\nutafun4.dll [164232] (MKS Software Inc.)
Winsock: Catalog9-x64 12 %SystemRoot%\system32\nutafun4.dll [205624] (MKS Software Inc.)
Winsock: Catalog9-x64 13 %SystemRoot%\system32\nutafun4.dll [205624] (MKS Software Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Citrix.com/npican - C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @ptc.com/ProductViewLite - C:\Program Files (x86)\Common Files\PTC\np6_pvapplite9.dll (PTC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll (DigitalPersona, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome
FF Extension: HP Client Security Manager - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2014-04-05]
Chrome:
=======
CHR HomePage: https://www.google.de/
CHR RestoreOnStartup: "sync"
CHR StartupUrls: "hxxp://www.google.de/"
CHR Extension: (Google Docs) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-05]
CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-05]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-05]
CHR Extension: (Google-Suche) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-05]
CHR Extension: (Avira Browser Safety) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-05-06]
CHR Extension: (HP Client Security Manager) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab [2014-04-05]
CHR Extension: (Google Wallet) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-05]
CHR Extension: (Google Mail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-05]
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx [2013-11-21]
==================== Services (Whitelisted) =================
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
U2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [125008 2014-04-30] (Avira Operations GmbH & Co. KG)
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [337824 2012-11-28] (AVM Berlin)
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143776 2012-11-28] (AVM Berlin)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-09-18] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-09-18] (CyberLink)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [500048 2013-11-21] (DigitalPersona, Inc.)
R2 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [568120 2013-09-25] (Hewlett-Packard Company)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [683296 2014-02-10] (Hewlett-Packard Company)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-18] (Nero AG)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-08] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-04-05] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-04-05] (Intel Corporation)
R2 lmadmin_ptc; C:\Program Files\PTC\FLEXnet Admin License Server\lmadmin.exe [6928208 2014-04-01] (Flexera Software LLC.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()
R2 NuTCRACKERService; C:\Windows\system32\nutsrv4.exe [574776 2012-10-12] (MKS Software Inc.)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [191328 2013-06-10] (AVM Berlin)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] ()
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1143432 2013-07-18] (PDF Complete Inc)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R3 AX88772; C:\Windows\System32\DRIVERS\ax88772.sys [83968 2013-12-03] (ASIX Electronics Corp.)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [131968 2012-10-30] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1345920 2012-11-06] (Motorola Solutions, Inc.)
S3 btmlehid; C:\Windows\system32\drivers\btmlehid.sys [75648 2012-11-13] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [90608 2011-12-27] (CyberLink)
R3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [65752 2013-09-24] (Hewlett-Packard Company)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-07-12] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-08-08] (Intel Corporation)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [88280 2014-04-19] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2014-04-05] (Intel Corporation)
S3 nhi; C:\Windows\system32\drivers\trw70x.sys [73016 2013-07-23] (Intel Corporation)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284448 2014-04-05] (NVIDIA Corporation)
R3 NWIM; C:\Windows\System32\DRIVERS\avmnwim.sys [412024 2011-07-05] (AVM Berlin)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [418520 2013-06-17] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8873688 2013-08-02] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [30448 2013-06-12] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2014-04-05] (Synaptics Incorporated)
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [206744 2013-06-21] (Windows (R) Win 7 DDK provider)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-06 18:48 - 2014-05-06 18:48 - 02063872 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2014-05-06 18:48 - 2014-05-06 18:48 - 00000000 ____D () C:\Users\admin\Desktop\FRST-OlderVersion
2014-05-06 18:48 - 2014-02-25 11:41 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-06 18:46 - 2014-05-06 18:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-06 18:46 - 2014-05-06 18:48 - 00000000 ____D () C:\ProgramData\Avira
2014-05-06 18:46 - 2014-05-06 18:48 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-06 18:46 - 2014-05-06 18:46 - 04530864 _____ (Avira Operations GmbH & Co. KG) C:\Users\admin\Downloads\avira_de_av___ws.exe
2014-05-06 18:46 - 2014-05-06 18:46 - 00001144 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-05-06 18:43 - 2014-05-06 18:45 - 00001078 _____ () C:\Windows\system32dbgraw.bmp
2014-05-06 17:46 - 2014-05-06 17:46 - 00227096 _____ () C:\Users\admin\Downloads\avira_registry_cleaner_de.exe
2014-05-06 10:51 - 2014-05-06 10:51 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 10:43 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-06 10:43 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-05 10:15 - 2014-05-05 14:57 - 00000000 ____D () C:\Users\admin\Documents\Fax
2014-05-05 09:31 - 2014-05-05 09:32 - 00001664 _____ () C:\Users\admin\Desktop\WF4 für KERO.lnk
2014-05-05 07:47 - 2014-05-05 07:47 - 00000818 _____ () C:\Windows\PFRO.log
2014-05-04 10:52 - 2014-05-04 10:52 - 02347384 _____ (ESET) C:\Users\admin\Downloads\esetsmartinstaller_deu.exe
2014-05-03 11:31 - 2014-04-29 16:01 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-03 11:31 - 2014-04-29 15:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-03 11:31 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-03 11:31 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-03 10:45 - 2014-05-06 10:19 - 00003718 _____ () C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2014-05-03 10:45 - 2014-05-03 10:45 - 00003476 _____ () C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2014-05-02 13:26 - 2014-05-02 13:27 - 00027232 _____ () C:\Users\admin\Desktop\Logs.zip
2014-05-02 13:14 - 2014-05-02 13:15 - 00026580 _____ () C:\Users\admin\Desktop\Addition.txt
2014-05-02 13:10 - 2014-05-06 18:48 - 00029219 _____ () C:\Users\admin\Desktop\FRST.txt
2014-05-02 12:15 - 2014-05-06 12:15 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForadmin
2014-05-02 12:15 - 2014-05-06 12:15 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForadmin.job
2014-05-02 12:14 - 2014-05-02 12:14 - 00002224 _____ () C:\Users\admin\Desktop\HP Support Assistant.lnk
2014-05-02 12:10 - 2014-05-02 12:10 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-04-19 18:44 - 2014-05-06 18:43 - 00004853 _____ () C:\Windows\setupact.log
2014-04-19 18:44 - 2014-04-19 18:44 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-19 18:01 - 2014-04-19 18:01 - 00000000 __SHD () C:\Users\admin\AppData\Local\EmieUserList
2014-04-19 18:01 - 2014-04-19 18:01 - 00000000 __SHD () C:\Users\admin\AppData\Local\EmieSiteList
2014-04-19 16:23 - 2014-04-19 16:23 - 00000000 _____ () C:\Users\admin\Desktop\Gmer.txt
2014-04-19 14:20 - 2014-05-06 18:43 - 00391666 _____ () C:\Windows\WindowsUpdate.log
2014-04-19 12:32 - 2014-05-04 10:46 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Nico Mak Computing
2014-04-19 12:31 - 2014-04-19 12:31 - 04894544 _____ (WinZip International LLC ) C:\Users\admin\Downloads\wzmalwareprotector_1.exe
2014-04-19 12:25 - 2014-04-19 12:25 - 00380416 _____ () C:\Users\admin\Downloads\Gmer-19357.exe
2014-04-19 12:24 - 2014-04-19 12:24 - 00000000 _____ () C:\Users\admin\defogger_reenable
2014-04-19 12:23 - 2014-04-19 16:06 - 00000472 _____ () C:\Users\admin\Downloads\defogger_disable.log
2014-04-19 12:23 - 2014-04-19 12:23 - 00050477 _____ () C:\Users\admin\Downloads\Defogger.exe
2014-04-19 12:23 - 2014-04-19 12:23 - 00000244 _____ () C:\Users\admin\Downloads\defogger_enable.log
2014-04-19 12:10 - 2014-04-19 12:10 - 04892480 _____ (WinZip International LLC ) C:\Users\admin\Downloads\wzmp_8.exe
2014-04-19 11:53 - 2014-04-19 16:09 - 00044486 _____ () C:\Users\admin\Downloads\Shortcut.txt
2014-04-19 11:53 - 2014-04-19 11:53 - 00448512 _____ (OldTimer Tools) C:\Users\admin\Downloads\TFC.exe
2014-04-18 19:10 - 2014-04-18 19:10 - 00000625 _____ () C:\Users\admin\Desktop\JRT.txt
2014-04-18 19:05 - 2014-04-18 19:05 - 01016261 _____ (Thisisu) C:\Users\admin\Downloads\JRT.exe
2014-04-18 19:05 - 2014-04-18 19:05 - 00000000 ____D () C:\Windows\ERUNT
2014-04-18 19:01 - 2014-04-19 18:07 - 00000000 ____D () C:\AdwCleaner
2014-04-18 19:01 - 2014-04-18 19:01 - 01426178 _____ () C:\Users\admin\Downloads\adwcleaner.exe
2014-04-18 18:59 - 2014-04-19 16:09 - 00025777 _____ () C:\Users\admin\Downloads\Addition.txt
2014-04-18 18:58 - 2014-05-06 18:48 - 00000000 ____D () C:\FRST
2014-04-18 18:58 - 2014-05-02 13:09 - 00115877 _____ () C:\Users\admin\Downloads\FRST.txt
2014-04-18 18:57 - 2014-04-18 18:58 - 02158592 _____ (Farbar) C:\Users\admin\Downloads\FRST64.exe
2014-04-18 18:37 - 2014-04-19 17:44 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-18 18:37 - 2014-04-19 17:33 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-18 18:37 - 2014-04-18 18:37 - 00001109 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-18 18:37 - 2014-04-18 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-04-18 18:37 - 2014-04-18 18:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-18 18:37 - 2014-04-18 18:37 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-04-18 18:37 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-18 18:37 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-18 18:36 - 2014-04-18 18:36 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\admin\Desktop\mbam-setup-2-0-1-1004.exe
2014-04-18 18:23 - 2014-04-18 18:23 - 00000000 ____D () C:\Users\admin\AppData\Local\Hewlett-Packard_Developme
2014-04-17 06:23 - 2014-04-17 06:23 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_HpqKbFiltr_01011.Wdf
2014-04-16 15:09 - 2014-04-16 15:09 - 00347816 _____ (Microsoft Corporation) C:\Users\admin\Downloads\MicrosoftFixit.Devices.RNP.13321084561308373.1.1.Run.exe
2014-04-16 14:31 - 2014-04-16 14:31 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Intel Corporation
2014-04-16 14:30 - 2014-04-16 14:30 - 00141696 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-16 14:30 - 2014-04-16 14:30 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{3F3ED25F-A7C8-49F1-90AA-E15FF965648D}
2014-04-16 14:30 - 2014-04-16 14:30 - 00001424 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Synaptics
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\ICAClient
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\hpqlog
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Hewlett-Packard
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Power2Go8
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Local\PDFC
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Citrix
2014-04-16 14:29 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator
2014-04-16 14:29 - 2014-04-16 14:29 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Vorlagen
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Startmenü
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Netzwerkumgebung
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Lokale Einstellungen
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Eigene Dateien
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Druckumgebung
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Documents\Eigene Musik
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Documents\Eigene Bilder
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\AppData\Local\Verlauf
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\AppData\Local\Anwendungsdaten
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Anwendungsdaten
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Intel
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\DigitalPersona
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 ____D () C:\Users\Administrator\AppData\Local\DigitalPersona
2014-04-16 14:29 - 2014-04-06 12:54 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Microsoft Help
2014-04-16 14:29 - 2014-04-06 12:42 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-04-16 14:29 - 2014-03-21 14:31 - 00000000 ___HD () C:\Users\Administrator\Documents\hp.system.package.metadata
2014-04-16 14:29 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-16 14:29 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-04-16 14:21 - 2014-04-16 14:21 - 04591136 _____ (TeamViewer) C:\Users\admin\Downloads\TeamViewerQS_de-ckc.exe
2014-04-16 14:21 - 2014-04-16 14:21 - 00000000 ____D () C:\Users\admin\AppData\Roaming\TeamViewer
2014-04-16 12:53 - 2014-04-16 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-04-16 12:53 - 2014-04-16 12:53 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-16 12:53 - 2014-04-16 12:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-16 12:52 - 2014-04-16 12:53 - 13084896 _____ (Microsoft Corporation) C:\Users\admin\Downloads\Silverlight_x64.exe
2014-04-13 08:34 - 2014-04-13 08:34 - 00001375 _____ () C:\Users\admin\Desktop\FRITZVPN.lnk
2014-04-13 08:33 - 2014-04-13 08:33 - 12995204 _____ () C:\Users\admin\Downloads\Fritz_Fernzugang_VPN_1.3.1.0 (2).zip
2014-04-13 08:31 - 2014-04-13 08:31 - 12995204 _____ () C:\Users\admin\Downloads\Fritz_Fernzugang_VPN_1.3.1.0 (1).zip
2014-04-13 08:26 - 2014-04-13 08:26 - 00000112 _____ () C:\Windows\system32\snetcfg.log
2014-04-13 08:15 - 2014-04-13 08:15 - 00001528 _____ () C:\Users\admin\Desktop\VPNAdmin.exe - Verknüpfung.lnk
2014-04-13 07:44 - 2014-04-13 08:16 - 00000000 ____D () C:\Users\admin\AppData\Roaming\AVM
2014-04-13 07:18 - 2014-04-13 07:18 - 00001144 _____ () C:\WirelessDiagLog.csv
2014-04-12 10:02 - 2014-05-05 09:33 - 00000000 ____D () C:\Users\admin\AppData\Local\cache
2014-04-12 09:58 - 2014-04-12 09:58 - 00002010 _____ () C:\Users\Public\Desktop\Autodesk 360.lnk
2014-04-12 09:57 - 2014-04-12 09:57 - 00002118 _____ () C:\Users\Public\Desktop\AutoCAD LT 2014 - Deutsch (German).lnk
2014-04-12 09:57 - 2014-04-12 09:57 - 00000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-04-12 09:57 - 2014-04-12 09:57 - 00000000 ____D () C:\Users\Public\Documents\Autodesk
2014-04-12 09:57 - 2014-04-12 09:57 - 00000000 ____D () C:\Program Files\Autodesk
2014-04-12 09:53 - 2014-04-12 09:53 - 00000000 ____D () C:\Program Files (x86)\Autodesk
2014-04-12 09:52 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-04-12 09:52 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-04-12 09:52 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-04-12 09:52 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-04-12 09:52 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-04-12 09:52 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-04-12 09:52 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-04-12 09:52 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-04-12 09:52 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-04-12 09:52 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-04-12 09:52 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-04-12 09:52 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-04-12 09:52 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-04-12 09:52 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-04-12 09:52 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-04-12 09:52 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-04-12 09:52 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-04-12 09:52 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-04-12 09:52 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-04-12 09:52 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-04-12 09:52 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-04-12 09:52 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-04-12 09:52 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-04-12 09:52 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-04-12 09:46 - 2014-04-12 09:46 - 00000000 ____D () C:\Autodesk
2014-04-10 20:10 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-10 20:10 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-10 20:10 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-10 20:10 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-10 20:10 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-10 20:10 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-10 20:10 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-10 20:10 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-10 20:10 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-10 20:10 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-10 20:10 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-10 20:05 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-10 20:05 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-10 20:05 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-10 20:05 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-10 20:05 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-10 20:05 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-10 17:26 - 2014-04-16 13:04 - 00000000 ___DC () C:\Users\admin\AppData\Local\MigWiz
2014-04-09 22:51 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-09 22:51 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-09 22:51 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-09 22:51 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-09 22:51 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-09 22:51 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-09 22:51 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-09 22:51 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-09 22:51 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-09 22:51 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-09 22:51 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-09 22:51 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-09 22:51 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-09 22:51 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-09 22:51 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-09 22:51 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-09 22:51 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-09 22:51 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-09 22:51 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-09 22:51 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-09 22:51 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-09 22:51 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-09 22:51 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-09 22:51 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-09 22:51 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-09 22:51 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-09 22:51 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-09 22:51 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-09 22:51 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-09 22:51 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-09 22:51 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-09 22:51 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-09 22:51 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-09 22:51 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-09 22:51 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-09 22:51 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-09 22:51 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-09 22:51 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-09 22:51 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-09 22:51 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-09 22:51 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-09 22:51 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-09 22:51 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-09 22:51 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-09 21:10 - 2014-04-09 21:10 - 00007609 _____ () C:\Users\admin\AppData\Local\Resmon.ResmonCfg
2014-04-09 19:56 - 2014-04-09 22:34 - 00000000 ____D () C:\Users\admin\AppData\Roaming\EMX
2014-04-09 19:56 - 2014-04-09 19:56 - 00000000 ____D () C:\Users\admin\.emx
2014-04-09 19:44 - 2014-04-09 19:45 - 00001710 _____ () C:\Users\admin\Desktop\Creo Parametric 2.0 mit EMX 8.0.lnk
2014-04-09 19:20 - 2014-04-09 19:20 - 00000000 ____D () C:\Program Files (x86)\buw
2014-04-09 19:05 - 2014-04-09 19:05 - 13839836 _____ () C:\Users\admin\Downloads\EMX80_M021_20140131.zip
2014-04-09 18:52 - 2014-04-09 19:04 - 236602811 _____ () C:\Users\admin\Downloads\EMX80_M020.exe
2014-04-08 21:40 - 2014-04-08 21:40 - 00000233 _____ () C:\Users\admin\Downloads\message-delivery-status-attachment
2014-04-08 21:23 - 2014-04-08 21:23 - 00003172 _____ () C:\Windows\System32\Tasks\hcdll2_ex_Win32
2014-04-08 21:23 - 2014-04-08 21:23 - 00003168 _____ () C:\Windows\System32\Tasks\hcdll2_ex_x64
2014-04-08 21:23 - 2014-04-08 21:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hardcopy - Bildschirmausdruck
2014-04-08 21:23 - 2014-04-08 21:23 - 00000000 ____D () C:\Program Files (x86)\Hardcopy
2014-04-08 21:23 - 2012-07-12 07:18 - 01707520 _____ (www.sw4you.de Siegfried Weckmann) C:\Windows\SwSetupu.exe
2014-04-08 20:22 - 2014-04-08 21:55 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Skype
2014-04-07 21:18 - 2014-04-07 21:18 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-04-07 21:18 - 2014-04-07 21:18 - 00000829 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-04-07 21:18 - 2014-04-07 21:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-04-07 21:18 - 2014-04-07 21:18 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-07 21:17 - 2014-04-07 21:17 - 03710504 _____ (Piriform Ltd) C:\Users\admin\Downloads\ccsetup412_slim.exe
2014-04-07 19:59 - 2014-04-07 19:59 - 00001625 _____ () C:\Users\admin\Desktop\FTP-Zugang.lnk
2014-04-07 19:42 - 2014-04-09 22:31 - 00000000 ____D () C:\Users\admin\AppData\Roaming\FileZilla
2014-04-07 19:41 - 2014-04-07 19:41 - 00000000 ____D () C:\Users\admin\Downloads\FileZilla_3.8.0_win32
2014-04-07 19:39 - 2014-04-07 19:40 - 07386124 _____ () C:\Users\admin\Downloads\FileZilla_3.8.0_win32.zip
2014-04-06 18:55 - 2014-05-05 14:07 - 00000000 ___RD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-06 18:51 - 2014-04-13 08:34 - 00000000 ____D () C:\Program Files\FRITZ!Fernzugang
2014-04-06 18:51 - 2014-04-06 18:51 - 00000000 ____D () C:\ProgramData\AVM
2014-04-06 18:50 - 2014-04-06 18:50 - 12995204 _____ () C:\Users\admin\Downloads\Fritz_Fernzugang_VPN_1.3.1.0.zip
2014-04-06 18:50 - 2014-04-06 18:50 - 00000000 ____D () C:\Users\admin\Downloads\Fritz_Fernzugang_VPN_1.3.1.0
2014-04-06 17:50 - 2014-04-19 18:48 - 00000000 ____D () C:\tmp
2014-04-06 17:46 - 2014-04-06 17:47 - 00001668 _____ () C:\Users\admin\Desktop\Pro ENGINEER WF4 für Sirona.lnk
2014-04-06 17:36 - 2014-04-06 17:46 - 00001666 _____ () C:\Users\admin\Desktop\Pro ENGINEER WF4 für Willi.lnk
2014-04-06 17:33 - 2014-04-09 19:43 - 00000000 ____D () C:\cad
2014-04-06 17:20 - 2014-04-13 08:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!Fernzugang
2014-04-06 17:20 - 2014-04-13 08:16 - 00000000 ____D () C:\Program Files (x86)\FRITZ!Fernzugang einrichten
2014-04-06 17:20 - 2014-04-06 17:20 - 05946232 _____ () C:\Users\admin\Downloads\FRITZ_Box-Fernzugang_einrichten.exe
2014-04-06 16:45 - 2014-04-06 16:45 - 00003146 _____ () C:\Windows\System32\Tasks\{B05D1A77-021B-4F16-9B22-42633BAE80D2}
2014-04-06 12:55 - 2014-04-06 12:55 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-04-06 12:54 - 2014-04-06 12:54 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-04-06 12:54 - 2014-04-06 12:54 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-04-06 12:42 - 2014-04-06 12:42 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-04-06 12:42 - 2014-04-06 12:42 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-04-06 12:36 - 2014-04-06 12:36 - 00000064 _____ () C:\Users\admin\Desktop\AutoCAD LT.url
2014-04-06 12:26 - 2014-04-06 12:36 - 1042836700 _____ (Autodesk, Inc.) C:\Users\admin\Downloads\Nicht bestätigt 311999.crdownload
2014-04-06 12:12 - 2014-04-06 12:12 - 67621704 _____ (Autodesk, Inc.) C:\Users\admin\Downloads\AutoCAD_LT_2014_SP1_64bit.exe
2014-04-06 12:01 - 2014-04-06 12:01 - 00323728 _____ () C:\Users\admin\Downloads\Autodesk LT 2014.exe
2014-04-06 10:36 - 2014-04-12 10:00 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-04-06 10:31 - 2014-04-06 10:31 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2014-04-06 10:26 - 2014-05-06 17:04 - 00000000 ____D () C:\Program Files\AutoCAD LT 2010
2014-04-06 10:18 - 2014-05-06 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2014-04-06 10:12 - 2014-05-06 17:04 - 00000000 ____D () C:\ProgramData\Autodesk
2014-04-06 10:12 - 2014-05-06 17:04 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2014-04-06 10:12 - 2014-04-12 10:05 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Autodesk
2014-04-06 10:12 - 2014-04-12 10:00 - 00000000 ____D () C:\Users\admin\AppData\Local\Autodesk
==================== One Month Modified Files and Folders =======
2014-05-06 18:48 - 2014-05-06 18:48 - 02063872 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2014-05-06 18:48 - 2014-05-06 18:48 - 00000000 ____D () C:\Users\admin\Desktop\FRST-OlderVersion
2014-05-06 18:48 - 2014-05-06 18:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-06 18:48 - 2014-05-06 18:46 - 00000000 ____D () C:\ProgramData\Avira
2014-05-06 18:48 - 2014-05-06 18:46 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-06 18:48 - 2014-05-02 13:10 - 00029219 _____ () C:\Users\admin\Desktop\FRST.txt
2014-05-06 18:48 - 2014-04-18 18:58 - 00000000 ____D () C:\FRST
2014-05-06 18:48 - 2014-03-21 14:12 - 00703890 _____ () C:\Windows\system32\perfh007.dat
2014-05-06 18:48 - 2014-03-21 14:12 - 00150996 _____ () C:\Windows\system32\perfc007.dat
2014-05-06 18:48 - 2009-07-14 07:13 - 01631306 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-06 18:47 - 2014-04-19 14:20 - 00391666 _____ () C:\Windows\WindowsUpdate.log
2014-05-06 18:46 - 2014-05-06 18:46 - 04530864 _____ (Avira Operations GmbH & Co. KG) C:\Users\admin\Downloads\avira_de_av___ws.exe
2014-05-06 18:46 - 2014-05-06 18:46 - 00001144 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-05-06 18:46 - 2014-01-18 23:14 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-06 18:45 - 2014-05-06 18:43 - 00001078 _____ () C:\Windows\system32dbgraw.bmp
2014-05-06 18:44 - 2014-04-05 23:50 - 00000000 ____D () C:\Users\admin\AppData\Local\HTC MediaHub
2014-05-06 18:44 - 2014-04-05 13:15 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-06 18:43 - 2014-04-19 18:44 - 00004853 _____ () C:\Windows\setupact.log
2014-05-06 18:43 - 2014-01-18 23:19 - 00000000 ____D () C:\ProgramData\PDFC
2014-05-06 18:43 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-06 18:27 - 2014-04-05 13:15 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-06 17:50 - 2009-07-14 06:45 - 00026608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-06 17:50 - 2009-07-14 06:45 - 00026608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-06 17:49 - 2014-01-18 23:19 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-06 17:46 - 2014-05-06 17:46 - 00227096 _____ () C:\Users\admin\Downloads\avira_registry_cleaner_de.exe
2014-05-06 17:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-06 17:04 - 2014-04-06 10:26 - 00000000 ____D () C:\Program Files\AutoCAD LT 2010
2014-05-06 17:04 - 2014-04-06 10:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2014-05-06 17:04 - 2014-04-06 10:12 - 00000000 ____D () C:\ProgramData\Autodesk
2014-05-06 17:04 - 2014-04-06 10:12 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2014-05-06 17:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-05-06 12:15 - 2014-05-02 12:15 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForadmin
2014-05-06 12:15 - 2014-05-02 12:15 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForadmin.job
2014-05-06 10:51 - 2014-05-06 10:51 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 10:42 - 2014-04-01 09:05 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{A96240A6-7A05-4C75-A006-B599752D55AB}
2014-05-06 10:19 - 2014-05-03 10:45 - 00003718 _____ () C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2014-05-05 14:57 - 2014-05-05 10:15 - 00000000 ____D () C:\Users\admin\Documents\Fax
2014-05-05 14:07 - 2014-04-06 18:55 - 00000000 ___RD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-05 09:33 - 2014-04-12 10:02 - 00000000 ____D () C:\Users\admin\AppData\Local\cache
2014-05-05 09:32 - 2014-05-05 09:31 - 00001664 _____ () C:\Users\admin\Desktop\WF4 für KERO.lnk
2014-05-05 07:47 - 2014-05-05 07:47 - 00000818 _____ () C:\Windows\PFRO.log
2014-05-04 10:52 - 2014-05-04 10:52 - 02347384 _____ (ESET) C:\Users\admin\Downloads\esetsmartinstaller_deu.exe
2014-05-04 10:46 - 2014-04-19 12:32 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Nico Mak Computing
2014-05-03 10:45 - 2014-05-03 10:45 - 00003476 _____ () C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2014-05-03 10:45 - 2014-01-18 23:19 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-05-02 13:27 - 2014-05-02 13:26 - 00027232 _____ () C:\Users\admin\Desktop\Logs.zip
2014-05-02 13:15 - 2014-05-02 13:14 - 00026580 _____ () C:\Users\admin\Desktop\Addition.txt
2014-05-02 13:09 - 2014-04-18 18:58 - 00115877 _____ () C:\Users\admin\Downloads\FRST.txt
2014-05-02 12:15 - 2014-04-01 09:14 - 00000000 ____D () C:\Users\admin\AppData\Local\Hewlett-Packard
2014-05-02 12:14 - 2014-05-02 12:14 - 00002224 _____ () C:\Users\admin\Desktop\HP Support Assistant.lnk
2014-05-02 12:14 - 2014-01-18 23:18 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2014-05-02 12:14 - 2014-01-18 23:17 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-02 12:13 - 2014-01-18 23:17 - 00000000 ____D () C:\Windows\System32\Tasks\Hewlett-Packard
2014-05-02 12:12 - 2014-01-18 23:15 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-05-02 12:10 - 2014-05-02 12:10 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-05-02 12:09 - 2014-01-18 23:17 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-05-02 12:09 - 2011-02-11 18:32 - 00000000 ____D () C:\SWSETUP
2014-05-02 11:49 - 2014-01-18 23:19 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-02 11:49 - 2014-01-18 23:19 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-02 11:49 - 2014-01-18 23:19 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-02 11:36 - 2014-04-05 13:15 - 00002182 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-02 10:10 - 2014-04-05 12:02 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-05-02 10:09 - 2014-04-05 12:02 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-04-29 16:01 - 2014-05-03 11:31 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 15:40 - 2014-05-03 11:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 14:48 - 2014-05-03 11:31 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 14:34 - 2014-05-03 11:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-19 18:48 - 2014-04-06 17:50 - 00000000 ____D () C:\tmp
2014-04-19 18:44 - 2014-04-19 18:44 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-19 18:07 - 2014-04-18 19:01 - 00000000 ____D () C:\AdwCleaner
2014-04-19 18:01 - 2014-04-19 18:01 - 00000000 __SHD () C:\Users\admin\AppData\Local\EmieUserList
2014-04-19 18:01 - 2014-04-19 18:01 - 00000000 __SHD () C:\Users\admin\AppData\Local\EmieSiteList
2014-04-19 17:58 - 2014-04-05 12:42 - 00000000 ____D () C:\Windows\PCHEALTH
2014-04-19 17:44 - 2014-04-18 18:37 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-19 17:33 - 2014-04-18 18:37 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-19 16:23 - 2014-04-19 16:23 - 00000000 _____ () C:\Users\admin\Desktop\Gmer.txt
2014-04-19 16:09 - 2014-04-19 11:53 - 00044486 _____ () C:\Users\admin\Downloads\Shortcut.txt
2014-04-19 16:09 - 2014-04-18 18:59 - 00025777 _____ () C:\Users\admin\Downloads\Addition.txt
2014-04-19 16:06 - 2014-04-19 12:23 - 00000472 _____ () C:\Users\admin\Downloads\defogger_disable.log
2014-04-19 12:31 - 2014-04-19 12:31 - 04894544 _____ (WinZip International LLC ) C:\Users\admin\Downloads\wzmalwareprotector_1.exe
2014-04-19 12:25 - 2014-04-19 12:25 - 00380416 _____ () C:\Users\admin\Downloads\Gmer-19357.exe
2014-04-19 12:24 - 2014-04-19 12:24 - 00000000 _____ () C:\Users\admin\defogger_reenable
2014-04-19 12:24 - 2014-04-01 09:05 - 00000000 ____D () C:\Users\admin
2014-04-19 12:23 - 2014-04-19 12:23 - 00050477 _____ () C:\Users\admin\Downloads\Defogger.exe
2014-04-19 12:23 - 2014-04-19 12:23 - 00000244 _____ () C:\Users\admin\Downloads\defogger_enable.log
2014-04-19 12:10 - 2014-04-19 12:10 - 04892480 _____ (WinZip International LLC ) C:\Users\admin\Downloads\wzmp_8.exe
2014-04-19 11:53 - 2014-04-19 11:53 - 00448512 _____ (OldTimer Tools) C:\Users\admin\Downloads\TFC.exe
2014-04-18 19:10 - 2014-04-18 19:10 - 00000625 _____ () C:\Users\admin\Desktop\JRT.txt
2014-04-18 19:05 - 2014-04-18 19:05 - 01016261 _____ (Thisisu) C:\Users\admin\Downloads\JRT.exe
2014-04-18 19:05 - 2014-04-18 19:05 - 00000000 ____D () C:\Windows\ERUNT
2014-04-18 19:01 - 2014-04-18 19:01 - 01426178 _____ () C:\Users\admin\Downloads\adwcleaner.exe
2014-04-18 18:58 - 2014-04-18 18:57 - 02158592 _____ (Farbar) C:\Users\admin\Downloads\FRST64.exe
2014-04-18 18:37 - 2014-04-18 18:37 - 00001109 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-18 18:37 - 2014-04-18 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-04-18 18:37 - 2014-04-18 18:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-18 18:37 - 2014-04-18 18:37 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-04-18 18:36 - 2014-04-18 18:36 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\admin\Desktop\mbam-setup-2-0-1-1004.exe
2014-04-18 18:23 - 2014-04-18 18:23 - 00000000 ____D () C:\Users\admin\AppData\Local\Hewlett-Packard_Developme
2014-04-18 18:12 - 2014-04-05 11:42 - 00008579 _____ () C:\Windows\system32\lvcoinst.log
2014-04-17 06:23 - 2014-04-17 06:23 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_HpqKbFiltr_01011.Wdf
2014-04-17 06:23 - 2014-04-01 09:06 - 00000000 ____D () C:\Users\admin\AppData\Roaming\hpqLog
2014-04-17 06:21 - 2014-01-18 23:19 - 00000000 ____D () C:\Windows\Hewlett-Packard
2014-04-16 15:09 - 2014-04-16 15:09 - 00347816 _____ (Microsoft Corporation) C:\Users\admin\Downloads\MicrosoftFixit.Devices.RNP.13321084561308373.1.1.Run.exe
2014-04-16 14:31 - 2014-04-16 14:31 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Intel Corporation
2014-04-16 14:30 - 2014-04-16 14:30 - 00141696 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-16 14:30 - 2014-04-16 14:30 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{3F3ED25F-A7C8-49F1-90AA-E15FF965648D}
2014-04-16 14:30 - 2014-04-16 14:30 - 00001424 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Synaptics
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\ICAClient
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\hpqlog
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Hewlett-Packard
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Power2Go8
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Local\PDFC
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Citrix
2014-04-16 14:30 - 2014-04-16 14:29 - 00000000 ____D () C:\Users\Administrator
2014-04-16 14:30 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-04-16 14:29 - 2014-04-16 14:29 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Vorlagen
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Startmenü
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Netzwerkumgebung
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Lokale Einstellungen
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Eigene Dateien
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Druckumgebung
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Documents\Eigene Musik
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Documents\Eigene Bilder
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\AppData\Local\Verlauf
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\AppData\Local\Anwendungsdaten
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Anwendungsdaten
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Intel
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\DigitalPersona
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 ____D () C:\Users\Administrator\AppData\Local\DigitalPersona
2014-04-16 14:21 - 2014-04-16 14:21 - 04591136 _____ (TeamViewer) C:\Users\admin\Downloads\TeamViewerQS_de-ckc.exe
2014-04-16 14:21 - 2014-04-16 14:21 - 00000000 ____D () C:\Users\admin\AppData\Roaming\TeamViewer
2014-04-16 13:04 - 2014-04-10 17:26 - 00000000 ___DC () C:\Users\admin\AppData\Local\MigWiz
2014-04-16 12:53 - 2014-04-16 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-04-16 12:53 - 2014-04-16 12:53 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-16 12:53 - 2014-04-16 12:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-16 12:53 - 2014-04-16 12:52 - 13084896 _____ (Microsoft Corporation) C:\Users\admin\Downloads\Silverlight_x64.exe
2014-04-16 12:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-14 19:02 - 2011-02-11 15:51 - 01605586 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-04-14 04:24 - 2014-05-06 10:43 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:19 - 2014-05-06 10:43 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-13 08:34 - 2014-04-13 08:34 - 00001375 _____ () C:\Users\admin\Desktop\FRITZVPN.lnk
2014-04-13 08:34 - 2014-04-06 18:51 - 00000000 ____D () C:\Program Files\FRITZ!Fernzugang
2014-04-13 08:33 - 2014-04-13 08:33 - 12995204 _____ () C:\Users\admin\Downloads\Fritz_Fernzugang_VPN_1.3.1.0 (2).zip
2014-04-13 08:32 - 2014-04-06 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!Fernzugang
2014-04-13 08:31 - 2014-04-13 08:31 - 12995204 _____ () C:\Users\admin\Downloads\Fritz_Fernzugang_VPN_1.3.1.0 (1).zip
2014-04-13 08:27 - 2014-04-01 14:02 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-04-13 08:26 - 2014-04-13 08:26 - 00000112 _____ () C:\Windows\system32\snetcfg.log
2014-04-13 08:16 - 2014-04-13 07:44 - 00000000 ____D () C:\Users\admin\AppData\Roaming\AVM
2014-04-13 08:16 - 2014-04-06 17:20 - 00000000 ____D () C:\Program Files (x86)\FRITZ!Fernzugang einrichten
2014-04-13 08:15 - 2014-04-13 08:15 - 00001528 _____ () C:\Users\admin\Desktop\VPNAdmin.exe - Verknüpfung.lnk
2014-04-13 07:18 - 2014-04-13 07:18 - 00001144 _____ () C:\WirelessDiagLog.csv
2014-04-12 10:49 - 2009-07-14 06:45 - 00492136 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-12 10:05 - 2014-04-06 10:12 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Autodesk
2014-04-12 10:00 - 2014-04-06 10:36 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-04-12 10:00 - 2014-04-06 10:12 - 00000000 ____D () C:\Users\admin\AppData\Local\Autodesk
2014-04-12 10:00 - 2014-04-01 09:06 - 00141696 _____ () C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-12 09:58 - 2014-04-12 09:58 - 00002010 _____ () C:\Users\Public\Desktop\Autodesk 360.lnk
2014-04-12 09:57 - 2014-04-12 09:57 - 00002118 _____ () C:\Users\Public\Desktop\AutoCAD LT 2014 - Deutsch (German).lnk
2014-04-12 09:57 - 2014-04-12 09:57 - 00000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-04-12 09:57 - 2014-04-12 09:57 - 00000000 ____D () C:\Users\Public\Documents\Autodesk
2014-04-12 09:57 - 2014-04-12 09:57 - 00000000 ____D () C:\Program Files\Autodesk
2014-04-12 09:56 - 2014-04-01 09:05 - 00003760 _____ () C:\Windows\System32\Tasks\Registration
2014-04-12 09:53 - 2014-04-12 09:53 - 00000000 ____D () C:\Program Files (x86)\Autodesk
2014-04-12 09:46 - 2014-04-12 09:46 - 00000000 ____D () C:\Autodesk
2014-04-10 20:13 - 2014-04-05 12:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-10 20:12 - 2014-04-01 09:33 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 20:12 - 2014-03-21 14:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-04-10 20:11 - 2014-04-01 09:33 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-10 15:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-09 22:34 - 2014-04-09 19:56 - 00000000 ____D () C:\Users\admin\AppData\Roaming\EMX
2014-04-09 22:31 - 2014-04-07 19:42 - 00000000 ____D () C:\Users\admin\AppData\Roaming\FileZilla
2014-04-09 21:10 - 2014-04-09 21:10 - 00007609 _____ () C:\Users\admin\AppData\Local\Resmon.ResmonCfg
2014-04-09 19:56 - 2014-04-09 19:56 - 00000000 ____D () C:\Users\admin\.emx
2014-04-09 19:45 - 2014-04-09 19:44 - 00001710 _____ () C:\Users\admin\Desktop\Creo Parametric 2.0 mit EMX 8.0.lnk
2014-04-09 19:43 - 2014-04-06 17:33 - 00000000 ____D () C:\cad
2014-04-09 19:40 - 2014-04-05 11:56 - 00000000 ____D () C:\CAD-Arbeitsbereich
2014-04-09 19:20 - 2014-04-09 19:20 - 00000000 ____D () C:\Program Files (x86)\buw
2014-04-09 19:05 - 2014-04-09 19:05 - 13839836 _____ () C:\Users\admin\Downloads\EMX80_M021_20140131.zip
2014-04-09 19:04 - 2014-04-09 18:52 - 236602811 _____ () C:\Users\admin\Downloads\EMX80_M020.exe
2014-04-09 18:49 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-08 21:55 - 2014-04-08 20:22 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Skype
2014-04-08 21:40 - 2014-04-08 21:40 - 00000233 _____ () C:\Users\admin\Downloads\message-delivery-status-attachment
2014-04-08 21:23 - 2014-04-08 21:23 - 00003172 _____ () C:\Windows\System32\Tasks\hcdll2_ex_Win32
2014-04-08 21:23 - 2014-04-08 21:23 - 00003168 _____ () C:\Windows\System32\Tasks\hcdll2_ex_x64
2014-04-08 21:23 - 2014-04-08 21:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hardcopy - Bildschirmausdruck
2014-04-08 21:23 - 2014-04-08 21:23 - 00000000 ____D () C:\Program Files (x86)\Hardcopy
2014-04-08 21:23 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-07 21:19 - 2011-02-11 15:38 - 00000000 ____D () C:\Windows\Panther
2014-04-07 21:18 - 2014-04-07 21:18 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-04-07 21:18 - 2014-04-07 21:18 - 00000829 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-04-07 21:18 - 2014-04-07 21:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-04-07 21:18 - 2014-04-07 21:18 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-07 21:17 - 2014-04-07 21:17 - 03710504 _____ (Piriform Ltd) C:\Users\admin\Downloads\ccsetup412_slim.exe
2014-04-07 19:59 - 2014-04-07 19:59 - 00001625 _____ () C:\Users\admin\Desktop\FTP-Zugang.lnk
2014-04-07 19:41 - 2014-04-07 19:41 - 00000000 ____D () C:\Users\admin\Downloads\FileZilla_3.8.0_win32
2014-04-07 19:40 - 2014-04-07 19:39 - 07386124 _____ () C:\Users\admin\Downloads\FileZilla_3.8.0_win32.zip
2014-04-06 18:51 - 2014-04-06 18:51 - 00000000 ____D () C:\ProgramData\AVM
2014-04-06 18:50 - 2014-04-06 18:50 - 12995204 _____ () C:\Users\admin\Downloads\Fritz_Fernzugang_VPN_1.3.1.0.zip
2014-04-06 18:50 - 2014-04-06 18:50 - 00000000 ____D () C:\Users\admin\Downloads\Fritz_Fernzugang_VPN_1.3.1.0
2014-04-06 17:51 - 2014-04-01 09:05 - 00000000 ____D () C:\Users\admin\AppData\Local\DigitalPersona
2014-04-06 17:47 - 2014-04-06 17:46 - 00001668 _____ () C:\Users\admin\Desktop\Pro ENGINEER WF4 für Sirona.lnk
2014-04-06 17:46 - 2014-04-06 17:36 - 00001666 _____ () C:\Users\admin\Desktop\Pro ENGINEER WF4 für Willi.lnk
2014-04-06 17:22 - 2014-04-05 13:15 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-06 17:22 - 2014-04-05 13:15 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-06 17:20 - 2014-04-06 17:20 - 05946232 _____ () C:\Users\admin\Downloads\FRITZ_Box-Fernzugang_einrichten.exe
2014-04-06 16:45 - 2014-04-06 16:45 - 00003146 _____ () C:\Windows\System32\Tasks\{B05D1A77-021B-4F16-9B22-42633BAE80D2}
2014-04-06 12:55 - 2014-04-06 12:55 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-04-06 12:54 - 2014-04-16 14:29 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Microsoft Help
2014-04-06 12:54 - 2014-04-06 12:54 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-04-06 12:54 - 2014-04-06 12:54 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-04-06 12:54 - 2009-07-14 04:34 - 00000478 _____ () C:\Windows\win.ini
2014-04-06 12:42 - 2014-04-16 14:29 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-04-06 12:42 - 2014-04-06 12:42 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-04-06 12:42 - 2014-04-06 12:42 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-04-06 12:36 - 2014-04-06 12:36 - 00000064 _____ () C:\Users\admin\Desktop\AutoCAD LT.url
2014-04-06 12:36 - 2014-04-06 12:26 - 1042836700 _____ (Autodesk, Inc.) C:\Users\admin\Downloads\Nicht bestätigt 311999.crdownload
2014-04-06 12:12 - 2014-04-06 12:12 - 67621704 _____ (Autodesk, Inc.) C:\Users\admin\Downloads\AutoCAD_LT_2014_SP1_64bit.exe
2014-04-06 12:01 - 2014-04-06 12:01 - 00323728 _____ () C:\Users\admin\Downloads\Autodesk LT 2014.exe
2014-04-06 10:31 - 2014-04-06 10:31 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
Some content of TEMP:
====================
C:\Users\admin\AppData\Local\Temp\AcDeltree.exe
C:\Users\admin\AppData\Local\Temp\avgnt.exe
C:\Users\admin\AppData\Local\Temp\sp64126.exe
C:\Users\admin\AppData\Local\Temp\UninstallHPSA.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-05 10:38
==================== End Of Log ============================
|
|
07.05.2014, 18:28
| #19 | |
| /// Malwareteam | Sämtliche USB-Sticks Berechtigung Zugriff verweigert Win7 prof.Zitat:
 .
__________________ Gruß, Jonas |
|
07.05.2014, 19:58
| #20 |
| | Sämtliche USB-Sticks Berechtigung Zugriff verweigert Win7 prof. Hallo Jonas, leider wird der Zugriff immer noch verweigert. Wenn ich das Problem loshabe, melde ich es umgehend. Gruß Frank |
|
11.05.2014, 17:50
| #21 |
| | Sämtliche USB-Sticks Berechtigung Zugriff verweigert Win7 prof. Hallo Jonas, nachfolgend das aktuellste Logfile. Wenn alles nicht hilft, ist dann eine Neuinstallation von Win7 angesagt? Gruß Frank FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-05-2014
Ran by admin (administrator) on ADMIN-HP on 11-05-2014 18:47:11
Running from C:\Users\admin\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Flexera Software LLC.) C:\Program Files\PTC\FLEXnet Admin License Server\lmadmin.exe
(MKS Software Inc.) C:\Windows\System32\nutsrv4.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
(PTC) C:\Program Files\PTC\FLEXnet Admin License Server\i486_nt\obj\ptc_d.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Hewlett-Packard Company) C:\Windows\SysWOW64\flcdlock.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Intel Corporation) C:\Program Files\Intel\Thunderbolt Software\Thunderbolt.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(sw4you) C:\Program Files (x86)\Hardcopy\hardcopy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(AVM Berlin) C:\Users\admin\AppData\Local\Apps\2.0\VHACOC7G.ACJ\L5LOKYVW.CW1\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
() C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Thunderbolt] => c:\Program Files\Intel\Thunderbolt Software\Thunderbolt.exe [767944 2013-07-23] (Intel Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-08] (Intel Corporation)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-09-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [11585408 2012-11-16] (Motorola Solutions, Inc.)
HKLM\...\Run: [RtsCM] => C:\Windows\RTSCM64.EXE [147160 2013-08-02] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2812656 2014-04-05] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-04-05] (IDT, Inc.)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2728736 2014-05-08] ()
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-04-05] (Intel Corporation)
HKLM-x32\...\Run: [YouCam Mirage] => c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2013-06-24] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [167488 2013-06-24] (CyberLink Corp.)
HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [13685464 2013-03-06] (Hewlett-Packard)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144 2013-03-12] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [493528 2013-05-21] (CyberLink Corp.)
HKLM-x32\...\Run: [NuTCSetupEnviron] => C:\Program Files\PTC\MKS Toolkit\bin\ncoeenv.exe [37248 2012-10-12] (MKS Software Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [683656 2013-07-18] (PDF Complete Inc)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-10-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [185144 2013-12-10] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [CitrixReceiver] => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [395656 2013-10-01] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153992 2013-10-01] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [336672 2014-02-10] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [182352 2014-04-30] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-04-22] (Hewlett-Packard)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-2573168942-1884357690-58221193-1002\...\Run: [GoogleChromeAutoLaunch_A822CA3D40D4B8944864CFEA751D8D57] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-04-24] (Google Inc.)
HKU\S-1-5-21-2573168942-1884357690-58221193-1002\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-2573168942-1884357690-58221193-1002\...\Run: [AVMUSBFernanschluss] => C:\Users\admin\AppData\Local\Apps\2.0\VHACOC7G.ACJ\L5LOKYVW.CW1\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe [139264 2014-05-08] (AVM Berlin)
HKU\S-1-5-21-2573168942-1884357690-58221193-1002\...\Policies\Explorer: []
HKU\S-1-5-21-2573168942-1884357690-58221193-1002\...\MountPoints2: {8e6fc8fa-bd0a-11e3-bb07-c4d98760109d} - G:\HTC_Sync_Manager_PC.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Outlook 2007.lnk
ShortcutTarget: Microsoft Office Outlook 2007.lnk -> C:\Windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\outicon.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK
ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you)
==================== Internet (Whitelisted) ====================
StartMenuInternet: IEXPLORE.EXE - c:\program files (x86)\internet explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CMDTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CMDTDFJS
SearchScopes: HKCU - DefaultScope {3DE21B6E-E85C-4174-AA7E-C4C18B5445A5} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CMDTDFJS
SearchScopes: HKCU - {3DE21B6E-E85C-4174-AA7E-C4C18B5445A5} URL = https://www.google.com/search?q={searchTerms}
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: HP File Sanitizer - {3134413B-49B4-425C-98A5-893C1F195601} - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Winsock: Catalog9 12 C:\Windows\SysWOW64\nutafun4.dll [164232] (MKS Software Inc.)
Winsock: Catalog9 13 C:\Windows\SysWOW64\nutafun4.dll [164232] (MKS Software Inc.)
Winsock: Catalog9-x64 12 %SystemRoot%\system32\nutafun4.dll [205624] (MKS Software Inc.)
Winsock: Catalog9-x64 13 %SystemRoot%\system32\nutafun4.dll [205624] (MKS Software Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Citrix.com/npican - C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @ptc.com/ProductViewLite - C:\Program Files (x86)\Common Files\PTC\np6_pvapplite9.dll (PTC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll (DigitalPersona, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome
FF Extension: HP Client Security Manager - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2014-04-05]
Chrome:
=======
CHR HomePage: https://www.google.de/
CHR RestoreOnStartup: "sync": {
"app_settings": true,
"apps": true,
"autofill": true,
"autofill_profile": true,
"bookmarks": true,
"dictionary": true,
"encryption_bootstrap_token": "AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAA7s26EBY5rU6/73XmG4ZFoAAAAAACAAAAAAAQZgAAAAEAACAAAACo9DNKXn8rpvWwu9iKm9ZG69GkFpa2rqYnDn424haZNAAAAAAOgAAAAAIAACAAAABbMwPkbML0yLaU1tuX91zgEnc75ID1LoTOsfgGUGSun0AAAADT6MkvYOuiFOA8l/E7Lnh/982D7V0KdMoM+jC63xwpk/hvkEIRSafdzpWtVN3NL2q2D8hgUvzwxB6eqr48y2OVQAAAANPw3hMIzA/pNxtUWcmJ0BMdBy0GTBJfFyJ2UmyQ7823BRMSai5ge3p3NuehSW888b/Ypwi9wz8KZLUs9QZ0s9c=",
"extension_settings": true,
"extensions": true,
"favicon_images": true,
"favicon_tracking": true,
"has_setup_completed": true,
"history_delete_directives": true,
"keystore_encryption_bootstrap_token": "AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAA7s26EBY5rU6/73XmG4ZFoAAAAAACAAAAAAAQZgAAAAEAACAAAABhQ3kI2MY9ZNMAJwHKhM1fyhLQRtaS15LFGBVlsfI5SgAAAAAOgAAAAAIAACAAAAD7lKguGcdytu16dwQp0JT2Z71JHA6IikWUGi4RpnwlclAAAACYGA8oEd7quwmwCG8zlor0IRI2N5mJbQjlSXQN+lLadivXaDozOsgvmJXk4nEW+N/WqxtvBs9/vNDGIWSZo2atlOQKy7vpfoZCYDBboMrpmkAAAADfOBID1vOB7ZG+0pLJSyRFzL5bfH0AglH2UdiQ6D9Qz46jAoem7VFrm3KsBJJm21ebedjqBbrN34NjRL+BNksw",
"last_synced_time": "13044300392550453",
"managed_user_shared_settings": true,
"managed_users": true,
"passwords": true,
"preferences": true,
"priority_preferences": true,
"search_engines": true,
"session_sync_guid": "session_sync+QpJ6X4TJDpHC+2+O7HJmA==",
"sessions": true,
"suppress_start": false,
"synced_notifications": true,
"tabs": true,
"themes": true,
"typed_urls": true
},
"sync_promo": {
"startup_count": 1
},
"synced_notification": {
"enabled_sending_services": [ "Google+"
CHR StartupUrls: "hxxp://www.google.de/"
CHR Extension: (Google Docs) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-05]
CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-05]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-05]
CHR Extension: (Google-Suche) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-05]
CHR Extension: (Avira Browser Safety) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-05-06]
CHR Extension: (HP Client Security Manager) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab [2014-04-05]
CHR Extension: (Google Wallet) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-05]
CHR Extension: (Google Mail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-05]
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx [2013-11-21]
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [125008 2014-04-30] (Avira Operations GmbH & Co. KG)
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [337824 2012-11-28] (AVM Berlin)
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143776 2012-11-28] (AVM Berlin)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-09-18] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-09-18] (CyberLink)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [500048 2013-11-21] (DigitalPersona, Inc.)
R2 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [568120 2013-09-25] (Hewlett-Packard Company)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [683296 2014-02-10] (Hewlett-Packard Company)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-18] (Nero AG)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-08] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-04-05] (Intel Corporation)
R3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-04-05] (Intel Corporation)
R2 lmadmin_ptc; C:\Program Files\PTC\FLEXnet Admin License Server\lmadmin.exe [6928208 2014-04-01] (Flexera Software LLC.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()
R2 NuTCRACKERService; C:\Windows\system32\nutsrv4.exe [574776 2012-10-12] (MKS Software Inc.)
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [2510624 2014-05-08] (NVIDIA Corporation)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [191328 2013-06-10] (AVM Berlin)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] ()
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1143432 2013-07-18] (PDF Complete Inc)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
S3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2014-05-08] (AVM Berlin)
R3 AX88772; C:\Windows\System32\DRIVERS\ax88772.sys [83968 2013-12-03] (ASIX Electronics Corp.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [131968 2012-10-30] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1345920 2012-11-06] (Motorola Solutions, Inc.)
S3 btmlehid; C:\Windows\system32\drivers\btmlehid.sys [75648 2012-11-13] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [90608 2011-12-27] (CyberLink)
R3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [65752 2013-09-24] (Hewlett-Packard Company)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-07-12] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-08-08] (Intel Corporation)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [88280 2014-04-19] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2014-04-05] (Intel Corporation)
S3 nhi; C:\Windows\system32\drivers\trw70x.sys [73016 2013-07-23] (Intel Corporation)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [300320 2014-05-08] (NVIDIA Corporation)
R3 NWIM; C:\Windows\System32\DRIVERS\avmnwim.sys [412024 2011-07-05] (AVM Berlin)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [418520 2013-06-17] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8873688 2013-08-02] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [30448 2013-06-12] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2014-04-05] (Synaptics Incorporated)
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [206744 2013-06-21] (Windows (R) Win 7 DDK provider)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-11 18:41 - 2014-05-11 18:42 - 00001078 _____ () C:\Windows\system32dbgraw.bmp
2014-05-09 12:31 - 2014-05-09 12:31 - 00909482 _____ () C:\Users\admin\Downloads\usbfehlerbehebung22 (2).zip
2014-05-09 12:02 - 2014-05-09 12:02 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-05-09 12:02 - 2014-05-09 12:02 - 00000000 ____D () C:\Windows\system32\NV
2014-05-09 11:04 - 2014-05-09 11:04 - 00909482 _____ () C:\Users\admin\Downloads\usbfehlerbehebung22 (1).zip
2014-05-09 09:47 - 2014-05-09 09:47 - 00909482 _____ () C:\Users\admin\Downloads\usbfehlerbehebung22.zip
2014-05-08 10:18 - 2014-05-11 18:44 - 00021583 _____ () C:\Windows\avmacc.log
2014-05-08 10:18 - 2014-05-09 12:07 - 00003498 _____ () C:\Windows\avmacc1.log
2014-05-08 10:18 - 2014-05-08 10:18 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRITZ!Box
2014-05-08 10:18 - 2014-05-08 10:17 - 00116480 _____ (AVM Berlin) C:\Windows\system32\Drivers\avmaura.sys
2014-05-08 10:17 - 2014-05-08 10:17 - 00010243 _____ () C:\Users\admin\Downloads\fritzbox-usb-fernanschluss.application
2014-05-08 09:55 - 2014-05-08 09:55 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-05-08 09:55 - 2014-05-08 09:46 - 02510624 _____ (NVIDIA Corporation) C:\Windows\system32\nvwmi64.exe
2014-05-08 09:55 - 2014-05-08 09:46 - 00004084 _____ () C:\Windows\system32\nvPerfProvider.man
2014-05-08 09:47 - 2014-05-08 09:46 - 30385440 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 25258784 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 22971168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 18312672 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 18224592 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 17564448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 15879264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 15232936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 12672800 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-08 09:47 - 2014-05-08 09:46 - 11629960 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 11578984 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 09724432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 09681696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 03138336 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 03130144 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 02952992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 02752800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 02701392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433265.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433265.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 01248568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 00887584 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 00877344 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 00857888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 00845088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 00479520 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 00405280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 00357152 _____ () C:\Windows\system32\NvIFROpenGL.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 00314656 _____ () C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 00300320 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvkflt.sys
2014-05-08 09:47 - 2014-05-08 09:46 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-05-08 09:35 - 2014-05-08 09:35 - 00000031 _____ () C:\Users\admin\Desktop\ProE.txt
2014-05-07 08:45 - 2014-05-07 08:45 - 00000000 ____D () C:\Users\admin\AppData\Roaming\EDrawings
2014-05-07 08:44 - 2014-05-07 12:18 - 00009533 _____ () C:\Users\admin\Documents\trail.txt.1
2014-05-06 20:36 - 2014-05-06 20:36 - 00000000 ____D () C:\ProgramData\creo2
2014-05-06 20:36 - 2014-05-06 20:36 - 00000000 ____D () C:\Program Files\Common Files\eDrawings2013
2014-05-06 20:14 - 2014-05-06 20:36 - 00002114 _____ () C:\Users\Public\Desktop\eDrawings 2014 x64 Edition.lnk
2014-05-06 20:14 - 2014-05-06 20:36 - 00000000 ____D () C:\ProgramData\text
2014-05-06 20:14 - 2014-05-06 20:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eDrawings for Pro ENGINEER (x64)
2014-05-06 20:14 - 2014-05-06 20:14 - 00000000 ____D () C:\Users\admin\AppData\Roaming\help_images_otherUI
2014-05-06 20:14 - 2014-05-06 20:14 - 00000000 ____D () C:\ProgramData\proeWF5
2014-05-06 20:14 - 2014-05-06 20:14 - 00000000 ____D () C:\Program Files\ProEeDrawings
2014-05-06 20:14 - 2014-05-06 20:14 - 00000000 ____D () C:\Program Files\Common Files\Geometric Software
2014-05-06 20:14 - 2014-05-06 20:14 - 00000000 ____D () C:\Program Files\Common Files\eDrawings2014
2014-05-06 20:14 - 2014-05-06 20:14 - 00000000 _____ () C:\Windows\70726f653230313331313134.ini
2014-05-06 20:13 - 2014-05-06 20:13 - 00000000 _____ () C:\Windows\eDrawingOfficeAutomator.INI
2014-05-06 20:12 - 2014-05-06 20:12 - 00002072 _____ () C:\Users\Public\Desktop\eDrawings 2014.lnk
2014-05-06 20:12 - 2014-05-06 20:12 - 00001068 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eDrawings 2014.lnk
2014-05-06 18:54 - 2014-05-06 18:54 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Avira
2014-05-06 18:48 - 2014-05-11 18:47 - 02066432 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2014-05-06 18:48 - 2014-05-11 18:47 - 00000000 ____D () C:\Users\admin\Desktop\FRST-OlderVersion
2014-05-06 18:48 - 2014-02-25 11:41 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-06 18:46 - 2014-05-06 18:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-06 18:46 - 2014-05-06 18:48 - 00000000 ____D () C:\ProgramData\Avira
2014-05-06 18:46 - 2014-05-06 18:48 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-06 18:46 - 2014-05-06 18:46 - 04530864 _____ (Avira Operations GmbH & Co. KG) C:\Users\admin\Downloads\avira_de_av___ws.exe
2014-05-06 18:46 - 2014-05-06 18:46 - 00001144 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-05-06 17:46 - 2014-05-06 17:46 - 00227096 _____ () C:\Users\admin\Downloads\avira_registry_cleaner_de.exe
2014-05-06 10:51 - 2014-05-06 10:51 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 10:43 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-06 10:43 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-05 10:15 - 2014-05-05 14:57 - 00000000 ____D () C:\Users\admin\Documents\Fax
2014-05-05 09:31 - 2014-05-05 09:32 - 00001664 _____ () C:\Users\admin\Desktop\WF4 für KERO.lnk
2014-05-05 07:47 - 2014-05-07 08:36 - 00083658 _____ () C:\Windows\PFRO.log
2014-05-04 10:52 - 2014-05-04 10:52 - 02347384 _____ (ESET) C:\Users\admin\Downloads\esetsmartinstaller_deu.exe
2014-05-03 11:31 - 2014-04-29 16:01 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-03 11:31 - 2014-04-29 15:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-03 11:31 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-03 11:31 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-03 10:45 - 2014-05-06 10:19 - 00003718 _____ () C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2014-05-03 10:45 - 2014-05-03 10:45 - 00003476 _____ () C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2014-05-02 13:26 - 2014-05-02 13:27 - 00027232 _____ () C:\Users\admin\Desktop\Logs.zip
2014-05-02 13:14 - 2014-05-02 13:15 - 00026580 _____ () C:\Users\admin\Desktop\Addition.txt
2014-05-02 13:10 - 2014-05-11 18:47 - 00031899 _____ () C:\Users\admin\Desktop\FRST.txt
2014-05-02 12:15 - 2014-05-06 12:15 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForadmin
2014-05-02 12:15 - 2014-05-06 12:15 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForadmin.job
2014-05-02 12:14 - 2014-05-02 12:14 - 00002224 _____ () C:\Users\admin\Desktop\HP Support Assistant.lnk
2014-05-02 12:10 - 2014-05-02 12:10 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-04-19 18:44 - 2014-05-11 18:41 - 00006434 _____ () C:\Windows\setupact.log
2014-04-19 18:44 - 2014-04-19 18:44 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-19 18:01 - 2014-04-19 18:01 - 00000000 __SHD () C:\Users\admin\AppData\Local\EmieUserList
2014-04-19 18:01 - 2014-04-19 18:01 - 00000000 __SHD () C:\Users\admin\AppData\Local\EmieSiteList
2014-04-19 16:23 - 2014-04-19 16:23 - 00000000 _____ () C:\Users\admin\Desktop\Gmer.txt
2014-04-19 14:20 - 2014-05-09 13:05 - 00480592 _____ () C:\Windows\WindowsUpdate.log
2014-04-19 12:32 - 2014-05-04 10:46 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Nico Mak Computing
2014-04-19 12:31 - 2014-04-19 12:31 - 04894544 _____ (WinZip International LLC ) C:\Users\admin\Downloads\wzmalwareprotector_1.exe
2014-04-19 12:25 - 2014-04-19 12:25 - 00380416 _____ () C:\Users\admin\Downloads\Gmer-19357.exe
2014-04-19 12:24 - 2014-04-19 12:24 - 00000000 _____ () C:\Users\admin\defogger_reenable
2014-04-19 12:23 - 2014-04-19 16:06 - 00000472 _____ () C:\Users\admin\Downloads\defogger_disable.log
2014-04-19 12:23 - 2014-04-19 12:23 - 00050477 _____ () C:\Users\admin\Downloads\Defogger.exe
2014-04-19 12:23 - 2014-04-19 12:23 - 00000244 _____ () C:\Users\admin\Downloads\defogger_enable.log
2014-04-19 12:10 - 2014-04-19 12:10 - 04892480 _____ (WinZip International LLC ) C:\Users\admin\Downloads\wzmp_8.exe
2014-04-19 11:53 - 2014-04-19 16:09 - 00044486 _____ () C:\Users\admin\Downloads\Shortcut.txt
2014-04-19 11:53 - 2014-04-19 11:53 - 00448512 _____ (OldTimer Tools) C:\Users\admin\Downloads\TFC.exe
2014-04-18 19:10 - 2014-04-18 19:10 - 00000625 _____ () C:\Users\admin\Desktop\JRT.txt
2014-04-18 19:05 - 2014-04-18 19:05 - 01016261 _____ (Thisisu) C:\Users\admin\Downloads\JRT.exe
2014-04-18 19:05 - 2014-04-18 19:05 - 00000000 ____D () C:\Windows\ERUNT
2014-04-18 19:01 - 2014-04-19 18:07 - 00000000 ____D () C:\AdwCleaner
2014-04-18 19:01 - 2014-04-18 19:01 - 01426178 _____ () C:\Users\admin\Downloads\adwcleaner.exe
2014-04-18 18:59 - 2014-04-19 16:09 - 00025777 _____ () C:\Users\admin\Downloads\Addition.txt
2014-04-18 18:58 - 2014-05-11 18:47 - 00000000 ____D () C:\FRST
2014-04-18 18:58 - 2014-05-02 13:09 - 00115877 _____ () C:\Users\admin\Downloads\FRST.txt
2014-04-18 18:57 - 2014-04-18 18:58 - 02158592 _____ (Farbar) C:\Users\admin\Downloads\FRST64.exe
2014-04-18 18:37 - 2014-04-19 17:44 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-18 18:37 - 2014-04-19 17:33 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-18 18:37 - 2014-04-18 18:37 - 00001109 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-18 18:37 - 2014-04-18 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-04-18 18:37 - 2014-04-18 18:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-18 18:37 - 2014-04-18 18:37 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-04-18 18:37 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-18 18:37 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-18 18:36 - 2014-04-18 18:36 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\admin\Desktop\mbam-setup-2-0-1-1004.exe
2014-04-18 18:23 - 2014-04-18 18:23 - 00000000 ____D () C:\Users\admin\AppData\Local\Hewlett-Packard_Developme
2014-04-17 06:23 - 2014-04-17 06:23 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_HpqKbFiltr_01011.Wdf
2014-04-16 15:09 - 2014-04-16 15:09 - 00347816 _____ (Microsoft Corporation) C:\Users\admin\Downloads\MicrosoftFixit.Devices.RNP.13321084561308373.1.1.Run.exe
2014-04-16 14:31 - 2014-04-16 14:31 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Intel Corporation
2014-04-16 14:30 - 2014-04-16 14:30 - 00141696 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-16 14:30 - 2014-04-16 14:30 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{3F3ED25F-A7C8-49F1-90AA-E15FF965648D}
2014-04-16 14:30 - 2014-04-16 14:30 - 00001424 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Synaptics
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\ICAClient
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\hpqlog
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Hewlett-Packard
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Power2Go8
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Local\PDFC
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Citrix
2014-04-16 14:29 - 2014-05-09 12:02 - 00000000 ____D () C:\Users\Administrator
2014-04-16 14:29 - 2014-04-16 14:29 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Vorlagen
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Startmenü
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Netzwerkumgebung
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Lokale Einstellungen
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Eigene Dateien
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Druckumgebung
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Documents\Eigene Musik
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Documents\Eigene Bilder
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\AppData\Local\Verlauf
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\AppData\Local\Anwendungsdaten
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Anwendungsdaten
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Intel
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\DigitalPersona
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 ____D () C:\Users\Administrator\AppData\Local\DigitalPersona
2014-04-16 14:29 - 2014-04-06 12:54 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Microsoft Help
2014-04-16 14:29 - 2014-04-06 12:42 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-04-16 14:29 - 2014-03-21 14:31 - 00000000 ___HD () C:\Users\Administrator\Documents\hp.system.package.metadata
2014-04-16 14:29 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-16 14:29 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-04-16 14:21 - 2014-04-16 14:21 - 04591136 _____ (TeamViewer) C:\Users\admin\Downloads\TeamViewerQS_de-ckc.exe
2014-04-16 14:21 - 2014-04-16 14:21 - 00000000 ____D () C:\Users\admin\AppData\Roaming\TeamViewer
2014-04-16 12:53 - 2014-04-16 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-04-16 12:53 - 2014-04-16 12:53 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-16 12:53 - 2014-04-16 12:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-16 12:52 - 2014-04-16 12:53 - 13084896 _____ (Microsoft Corporation) C:\Users\admin\Downloads\Silverlight_x64.exe
2014-04-13 08:34 - 2014-04-13 08:34 - 00001375 _____ () C:\Users\admin\Desktop\FRITZVPN.lnk
2014-04-13 08:33 - 2014-04-13 08:33 - 12995204 _____ () C:\Users\admin\Downloads\Fritz_Fernzugang_VPN_1.3.1.0 (2).zip
2014-04-13 08:31 - 2014-04-13 08:31 - 12995204 _____ () C:\Users\admin\Downloads\Fritz_Fernzugang_VPN_1.3.1.0 (1).zip
2014-04-13 08:26 - 2014-04-13 08:26 - 00000112 _____ () C:\Windows\system32\snetcfg.log
2014-04-13 08:15 - 2014-04-13 08:15 - 00001528 _____ () C:\Users\admin\Desktop\VPNAdmin.exe - Verknüpfung.lnk
2014-04-13 07:44 - 2014-04-13 08:16 - 00000000 ____D () C:\Users\admin\AppData\Roaming\AVM
2014-04-13 07:18 - 2014-04-13 07:18 - 00001144 _____ () C:\WirelessDiagLog.csv
2014-04-12 10:02 - 2014-05-05 09:33 - 00000000 ____D () C:\Users\admin\AppData\Local\cache
2014-04-12 09:58 - 2014-04-12 09:58 - 00002010 _____ () C:\Users\Public\Desktop\Autodesk 360.lnk
2014-04-12 09:57 - 2014-04-12 09:57 - 00002118 _____ () C:\Users\Public\Desktop\AutoCAD LT 2014 - Deutsch (German).lnk
2014-04-12 09:57 - 2014-04-12 09:57 - 00000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-04-12 09:57 - 2014-04-12 09:57 - 00000000 ____D () C:\Users\Public\Documents\Autodesk
2014-04-12 09:57 - 2014-04-12 09:57 - 00000000 ____D () C:\Program Files\Autodesk
2014-04-12 09:53 - 2014-04-12 09:53 - 00000000 ____D () C:\Program Files (x86)\Autodesk
2014-04-12 09:52 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-04-12 09:52 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-04-12 09:52 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-04-12 09:52 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-04-12 09:52 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-04-12 09:52 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-04-12 09:52 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-04-12 09:52 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-04-12 09:52 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-04-12 09:52 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-04-12 09:52 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-04-12 09:52 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-04-12 09:52 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-04-12 09:52 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-04-12 09:52 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-04-12 09:52 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-04-12 09:52 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-04-12 09:52 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-04-12 09:52 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-04-12 09:52 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-04-12 09:52 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-04-12 09:52 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-04-12 09:52 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-04-12 09:52 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-04-12 09:46 - 2014-04-12 09:46 - 00000000 ____D () C:\Autodesk
==================== One Month Modified Files and Folders =======
2014-05-11 18:47 - 2014-05-06 18:48 - 02066432 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2014-05-11 18:47 - 2014-05-06 18:48 - 00000000 ____D () C:\Users\admin\Desktop\FRST-OlderVersion
2014-05-11 18:47 - 2014-05-02 13:10 - 00031899 _____ () C:\Users\admin\Desktop\FRST.txt
2014-05-11 18:47 - 2014-04-18 18:58 - 00000000 ____D () C:\FRST
2014-05-11 18:45 - 2014-04-19 14:20 - 00480592 _____ () C:\Windows\WindowsUpdate.log
2014-05-11 18:44 - 2014-05-08 10:18 - 00021583 _____ () C:\Windows\avmacc.log
2014-05-11 18:44 - 2014-04-01 09:05 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{A96240A6-7A05-4C75-A006-B599752D55AB}
2014-05-11 18:42 - 2014-05-11 18:41 - 00001078 _____ () C:\Windows\system32dbgraw.bmp
2014-05-11 18:42 - 2014-04-05 23:50 - 00000000 ____D () C:\Users\admin\AppData\Local\HTC MediaHub
2014-05-11 18:42 - 2014-04-05 13:15 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-11 18:41 - 2014-04-19 18:44 - 00006434 _____ () C:\Windows\setupact.log
2014-05-11 18:41 - 2014-01-18 23:19 - 00000000 ____D () C:\ProgramData\PDFC
2014-05-11 18:41 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-09 13:05 - 2014-03-21 14:12 - 00703890 _____ () C:\Windows\system32\perfh007.dat
2014-05-09 13:05 - 2014-03-21 14:12 - 00150996 _____ () C:\Windows\system32\perfc007.dat
2014-05-09 13:05 - 2009-07-14 07:13 - 01631306 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-09 12:50 - 2009-07-14 06:45 - 00026608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-09 12:50 - 2009-07-14 06:45 - 00026608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-09 12:49 - 2014-01-18 23:19 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-09 12:34 - 2014-04-05 11:42 - 00008883 _____ () C:\Windows\system32\lvcoinst.log
2014-05-09 12:31 - 2014-05-09 12:31 - 00909482 _____ () C:\Users\admin\Downloads\usbfehlerbehebung22 (2).zip
2014-05-09 12:27 - 2014-04-05 13:15 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-09 12:07 - 2014-05-08 10:18 - 00003498 _____ () C:\Windows\avmacc1.log
2014-05-09 12:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-09 12:04 - 2014-04-01 09:05 - 00000000 ____D () C:\Users\admin
2014-05-09 12:02 - 2014-05-09 12:02 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-05-09 12:02 - 2014-05-09 12:02 - 00000000 ____D () C:\Windows\system32\NV
2014-05-09 12:02 - 2014-04-16 14:29 - 00000000 ____D () C:\Users\Administrator
2014-05-09 12:01 - 2014-01-18 23:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-05-09 12:01 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-09 12:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\security
2014-05-09 12:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-05-09 11:04 - 2014-05-09 11:04 - 00909482 _____ () C:\Users\admin\Downloads\usbfehlerbehebung22 (1).zip
2014-05-09 09:47 - 2014-05-09 09:47 - 00909482 _____ () C:\Users\admin\Downloads\usbfehlerbehebung22.zip
2014-05-08 10:38 - 2014-03-21 14:37 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-08 10:18 - 2014-05-08 10:18 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRITZ!Box
2014-05-08 10:18 - 2014-04-05 13:14 - 00000000 ____D () C:\Users\admin\AppData\Local\Deployment
2014-05-08 10:17 - 2014-05-08 10:18 - 00116480 _____ (AVM Berlin) C:\Windows\system32\Drivers\avmaura.sys
2014-05-08 10:17 - 2014-05-08 10:17 - 00010243 _____ () C:\Users\admin\Downloads\fritzbox-usb-fernanschluss.application
2014-05-08 09:56 - 2014-04-05 12:02 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-05-08 09:55 - 2014-05-08 09:55 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-05-08 09:55 - 2014-03-21 14:36 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-05-08 09:55 - 2014-03-21 14:35 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-05-08 09:46 - 2014-05-08 09:55 - 02510624 _____ (NVIDIA Corporation) C:\Windows\system32\nvwmi64.exe
2014-05-08 09:46 - 2014-05-08 09:55 - 00004084 _____ () C:\Windows\system32\nvPerfProvider.man
2014-05-08 09:46 - 2014-05-08 09:47 - 30385440 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 25258784 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 22971168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 18312672 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 18224592 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 17564448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 15879264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 15232936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 12672800 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-08 09:46 - 2014-05-08 09:47 - 11629960 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 11578984 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 09724432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 09681696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 03138336 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 03130144 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 02952992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 02752800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 02701392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433265.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433265.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 01248568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 00887584 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 00877344 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 00857888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 00845088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 00479520 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 00405280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 00357152 _____ () C:\Windows\system32\NvIFROpenGL.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 00314656 _____ () C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 00300320 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvkflt.sys
2014-05-08 09:46 - 2014-05-08 09:47 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-05-08 09:46 - 2014-03-21 14:36 - 03075776 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-05-08 09:46 - 2014-03-21 14:36 - 01444816 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-05-08 09:46 - 2014-03-21 14:36 - 00023754 _____ () C:\Windows\system32\nvinfo.pb
2014-05-08 09:46 - 2011-02-11 18:32 - 00000000 ____D () C:\SWSETUP
2014-05-08 09:35 - 2014-05-08 09:35 - 00000031 _____ () C:\Users\admin\Desktop\ProE.txt
2014-05-08 08:59 - 2014-04-05 12:02 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-05-07 20:54 - 2014-04-01 09:14 - 00000000 ____D () C:\Users\admin\AppData\Local\Hewlett-Packard
2014-05-07 12:18 - 2014-05-07 08:44 - 00009533 _____ () C:\Users\admin\Documents\trail.txt.1
2014-05-07 08:45 - 2014-05-07 08:45 - 00000000 ____D () C:\Users\admin\AppData\Roaming\EDrawings
2014-05-07 08:45 - 2014-04-06 10:36 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-05-07 08:36 - 2014-05-05 07:47 - 00083658 _____ () C:\Windows\PFRO.log
2014-05-07 08:36 - 2009-07-14 06:45 - 00492864 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-06 21:02 - 2014-04-01 09:06 - 00142104 _____ () C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-06 20:36 - 2014-05-06 20:36 - 00000000 ____D () C:\ProgramData\creo2
2014-05-06 20:36 - 2014-05-06 20:36 - 00000000 ____D () C:\Program Files\Common Files\eDrawings2013
2014-05-06 20:36 - 2014-05-06 20:14 - 00002114 _____ () C:\Users\Public\Desktop\eDrawings 2014 x64 Edition.lnk
2014-05-06 20:36 - 2014-05-06 20:14 - 00000000 ____D () C:\ProgramData\text
2014-05-06 20:36 - 2014-05-06 20:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eDrawings for Pro ENGINEER (x64)
2014-05-06 20:14 - 2014-05-06 20:14 - 00000000 ____D () C:\Users\admin\AppData\Roaming\help_images_otherUI
2014-05-06 20:14 - 2014-05-06 20:14 - 00000000 ____D () C:\ProgramData\proeWF5
2014-05-06 20:14 - 2014-05-06 20:14 - 00000000 ____D () C:\Program Files\ProEeDrawings
2014-05-06 20:14 - 2014-05-06 20:14 - 00000000 ____D () C:\Program Files\Common Files\Geometric Software
2014-05-06 20:14 - 2014-05-06 20:14 - 00000000 ____D () C:\Program Files\Common Files\eDrawings2014
2014-05-06 20:14 - 2014-05-06 20:14 - 00000000 _____ () C:\Windows\70726f653230313331313134.ini
2014-05-06 20:13 - 2014-05-06 20:13 - 00000000 _____ () C:\Windows\eDrawingOfficeAutomator.INI
2014-05-06 20:12 - 2014-05-06 20:12 - 00002072 _____ () C:\Users\Public\Desktop\eDrawings 2014.lnk
2014-05-06 20:12 - 2014-05-06 20:12 - 00001068 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eDrawings 2014.lnk
2014-05-06 18:54 - 2014-05-06 18:54 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Avira
2014-05-06 18:48 - 2014-05-06 18:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-06 18:48 - 2014-05-06 18:46 - 00000000 ____D () C:\ProgramData\Avira
2014-05-06 18:48 - 2014-05-06 18:46 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-06 18:46 - 2014-05-06 18:46 - 04530864 _____ (Avira Operations GmbH & Co. KG) C:\Users\admin\Downloads\avira_de_av___ws.exe
2014-05-06 18:46 - 2014-05-06 18:46 - 00001144 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-05-06 18:46 - 2014-01-18 23:14 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-06 17:46 - 2014-05-06 17:46 - 00227096 _____ () C:\Users\admin\Downloads\avira_registry_cleaner_de.exe
2014-05-06 17:04 - 2014-04-06 10:26 - 00000000 ____D () C:\Program Files\AutoCAD LT 2010
2014-05-06 17:04 - 2014-04-06 10:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2014-05-06 17:04 - 2014-04-06 10:12 - 00000000 ____D () C:\ProgramData\Autodesk
2014-05-06 17:04 - 2014-04-06 10:12 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2014-05-06 17:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-05-06 12:15 - 2014-05-02 12:15 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForadmin
2014-05-06 12:15 - 2014-05-02 12:15 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForadmin.job
2014-05-06 10:51 - 2014-05-06 10:51 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 10:19 - 2014-05-03 10:45 - 00003718 _____ () C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2014-05-05 14:57 - 2014-05-05 10:15 - 00000000 ____D () C:\Users\admin\Documents\Fax
2014-05-05 14:07 - 2014-04-06 18:55 - 00000000 ___RD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-05 09:33 - 2014-04-12 10:02 - 00000000 ____D () C:\Users\admin\AppData\Local\cache
2014-05-05 09:32 - 2014-05-05 09:31 - 00001664 _____ () C:\Users\admin\Desktop\WF4 für KERO.lnk
2014-05-04 10:52 - 2014-05-04 10:52 - 02347384 _____ (ESET) C:\Users\admin\Downloads\esetsmartinstaller_deu.exe
2014-05-04 10:46 - 2014-04-19 12:32 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Nico Mak Computing
2014-05-03 10:45 - 2014-05-03 10:45 - 00003476 _____ () C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2014-05-03 10:45 - 2014-01-18 23:19 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-05-02 13:27 - 2014-05-02 13:26 - 00027232 _____ () C:\Users\admin\Desktop\Logs.zip
2014-05-02 13:15 - 2014-05-02 13:14 - 00026580 _____ () C:\Users\admin\Desktop\Addition.txt
2014-05-02 13:09 - 2014-04-18 18:58 - 00115877 _____ () C:\Users\admin\Downloads\FRST.txt
2014-05-02 12:14 - 2014-05-02 12:14 - 00002224 _____ () C:\Users\admin\Desktop\HP Support Assistant.lnk
2014-05-02 12:14 - 2014-01-18 23:18 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2014-05-02 12:14 - 2014-01-18 23:17 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-02 12:13 - 2014-01-18 23:17 - 00000000 ____D () C:\Windows\System32\Tasks\Hewlett-Packard
2014-05-02 12:12 - 2014-01-18 23:15 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-05-02 12:10 - 2014-05-02 12:10 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-05-02 12:09 - 2014-01-18 23:17 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-05-02 11:49 - 2014-01-18 23:19 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-02 11:49 - 2014-01-18 23:19 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-02 11:49 - 2014-01-18 23:19 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-02 11:36 - 2014-04-05 13:15 - 00002182 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-29 16:01 - 2014-05-03 11:31 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 15:40 - 2014-05-03 11:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 14:48 - 2014-05-03 11:31 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 14:34 - 2014-05-03 11:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-19 18:48 - 2014-04-06 17:50 - 00000000 ____D () C:\tmp
2014-04-19 18:44 - 2014-04-19 18:44 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-19 18:07 - 2014-04-18 19:01 - 00000000 ____D () C:\AdwCleaner
2014-04-19 18:01 - 2014-04-19 18:01 - 00000000 __SHD () C:\Users\admin\AppData\Local\EmieUserList
2014-04-19 18:01 - 2014-04-19 18:01 - 00000000 __SHD () C:\Users\admin\AppData\Local\EmieSiteList
2014-04-19 17:58 - 2014-04-05 12:42 - 00000000 ____D () C:\Windows\PCHEALTH
2014-04-19 17:44 - 2014-04-18 18:37 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-19 17:33 - 2014-04-18 18:37 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-19 16:23 - 2014-04-19 16:23 - 00000000 _____ () C:\Users\admin\Desktop\Gmer.txt
2014-04-19 16:09 - 2014-04-19 11:53 - 00044486 _____ () C:\Users\admin\Downloads\Shortcut.txt
2014-04-19 16:09 - 2014-04-18 18:59 - 00025777 _____ () C:\Users\admin\Downloads\Addition.txt
2014-04-19 16:06 - 2014-04-19 12:23 - 00000472 _____ () C:\Users\admin\Downloads\defogger_disable.log
2014-04-19 12:31 - 2014-04-19 12:31 - 04894544 _____ (WinZip International LLC ) C:\Users\admin\Downloads\wzmalwareprotector_1.exe
2014-04-19 12:25 - 2014-04-19 12:25 - 00380416 _____ () C:\Users\admin\Downloads\Gmer-19357.exe
2014-04-19 12:24 - 2014-04-19 12:24 - 00000000 _____ () C:\Users\admin\defogger_reenable
2014-04-19 12:23 - 2014-04-19 12:23 - 00050477 _____ () C:\Users\admin\Downloads\Defogger.exe
2014-04-19 12:23 - 2014-04-19 12:23 - 00000244 _____ () C:\Users\admin\Downloads\defogger_enable.log
2014-04-19 12:10 - 2014-04-19 12:10 - 04892480 _____ (WinZip International LLC ) C:\Users\admin\Downloads\wzmp_8.exe
2014-04-19 11:53 - 2014-04-19 11:53 - 00448512 _____ (OldTimer Tools) C:\Users\admin\Downloads\TFC.exe
2014-04-18 19:10 - 2014-04-18 19:10 - 00000625 _____ () C:\Users\admin\Desktop\JRT.txt
2014-04-18 19:05 - 2014-04-18 19:05 - 01016261 _____ (Thisisu) C:\Users\admin\Downloads\JRT.exe
2014-04-18 19:05 - 2014-04-18 19:05 - 00000000 ____D () C:\Windows\ERUNT
2014-04-18 19:01 - 2014-04-18 19:01 - 01426178 _____ () C:\Users\admin\Downloads\adwcleaner.exe
2014-04-18 18:58 - 2014-04-18 18:57 - 02158592 _____ (Farbar) C:\Users\admin\Downloads\FRST64.exe
2014-04-18 18:37 - 2014-04-18 18:37 - 00001109 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-18 18:37 - 2014-04-18 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-04-18 18:37 - 2014-04-18 18:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-18 18:37 - 2014-04-18 18:37 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-04-18 18:36 - 2014-04-18 18:36 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\admin\Desktop\mbam-setup-2-0-1-1004.exe
2014-04-18 18:23 - 2014-04-18 18:23 - 00000000 ____D () C:\Users\admin\AppData\Local\Hewlett-Packard_Developme
2014-04-17 06:23 - 2014-04-17 06:23 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_HpqKbFiltr_01011.Wdf
2014-04-17 06:23 - 2014-04-01 09:06 - 00000000 ____D () C:\Users\admin\AppData\Roaming\hpqLog
2014-04-17 06:21 - 2014-01-18 23:19 - 00000000 ____D () C:\Windows\Hewlett-Packard
2014-04-16 15:09 - 2014-04-16 15:09 - 00347816 _____ (Microsoft Corporation) C:\Users\admin\Downloads\MicrosoftFixit.Devices.RNP.13321084561308373.1.1.Run.exe
2014-04-16 14:31 - 2014-04-16 14:31 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Intel Corporation
2014-04-16 14:30 - 2014-04-16 14:30 - 00141696 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-16 14:30 - 2014-04-16 14:30 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{3F3ED25F-A7C8-49F1-90AA-E15FF965648D}
2014-04-16 14:30 - 2014-04-16 14:30 - 00001424 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Synaptics
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\ICAClient
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\hpqlog
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Hewlett-Packard
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Power2Go8
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Local\PDFC
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Citrix
2014-04-16 14:30 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-04-16 14:29 - 2014-04-16 14:29 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Vorlagen
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Startmenü
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Netzwerkumgebung
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Lokale Einstellungen
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Eigene Dateien
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Druckumgebung
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Documents\Eigene Musik
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Documents\Eigene Bilder
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\AppData\Local\Verlauf
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\AppData\Local\Anwendungsdaten
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Anwendungsdaten
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Intel
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\DigitalPersona
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 ____D () C:\Users\Administrator\AppData\Local\DigitalPersona
2014-04-16 14:21 - 2014-04-16 14:21 - 04591136 _____ (TeamViewer) C:\Users\admin\Downloads\TeamViewerQS_de-ckc.exe
2014-04-16 14:21 - 2014-04-16 14:21 - 00000000 ____D () C:\Users\admin\AppData\Roaming\TeamViewer
2014-04-16 13:04 - 2014-04-10 17:26 - 00000000 ___DC () C:\Users\admin\AppData\Local\MigWiz
2014-04-16 12:53 - 2014-04-16 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-04-16 12:53 - 2014-04-16 12:53 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-16 12:53 - 2014-04-16 12:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-16 12:53 - 2014-04-16 12:52 - 13084896 _____ (Microsoft Corporation) C:\Users\admin\Downloads\Silverlight_x64.exe
2014-04-16 12:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-14 19:02 - 2011-02-11 15:51 - 01605586 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-04-14 04:24 - 2014-05-06 10:43 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:19 - 2014-05-06 10:43 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-13 08:34 - 2014-04-13 08:34 - 00001375 _____ () C:\Users\admin\Desktop\FRITZVPN.lnk
2014-04-13 08:34 - 2014-04-06 18:51 - 00000000 ____D () C:\Program Files\FRITZ!Fernzugang
2014-04-13 08:33 - 2014-04-13 08:33 - 12995204 _____ () C:\Users\admin\Downloads\Fritz_Fernzugang_VPN_1.3.1.0 (2).zip
2014-04-13 08:32 - 2014-04-06 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!Fernzugang
2014-04-13 08:31 - 2014-04-13 08:31 - 12995204 _____ () C:\Users\admin\Downloads\Fritz_Fernzugang_VPN_1.3.1.0 (1).zip
2014-04-13 08:27 - 2014-04-01 14:02 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-04-13 08:26 - 2014-04-13 08:26 - 00000112 _____ () C:\Windows\system32\snetcfg.log
2014-04-13 08:16 - 2014-04-13 07:44 - 00000000 ____D () C:\Users\admin\AppData\Roaming\AVM
2014-04-13 08:16 - 2014-04-06 17:20 - 00000000 ____D () C:\Program Files (x86)\FRITZ!Fernzugang einrichten
2014-04-13 08:15 - 2014-04-13 08:15 - 00001528 _____ () C:\Users\admin\Desktop\VPNAdmin.exe - Verknüpfung.lnk
2014-04-13 07:18 - 2014-04-13 07:18 - 00001144 _____ () C:\WirelessDiagLog.csv
2014-04-12 10:05 - 2014-04-06 10:12 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Autodesk
2014-04-12 10:00 - 2014-04-06 10:12 - 00000000 ____D () C:\Users\admin\AppData\Local\Autodesk
2014-04-12 09:58 - 2014-04-12 09:58 - 00002010 _____ () C:\Users\Public\Desktop\Autodesk 360.lnk
2014-04-12 09:57 - 2014-04-12 09:57 - 00002118 _____ () C:\Users\Public\Desktop\AutoCAD LT 2014 - Deutsch (German).lnk
2014-04-12 09:57 - 2014-04-12 09:57 - 00000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-04-12 09:57 - 2014-04-12 09:57 - 00000000 ____D () C:\Users\Public\Documents\Autodesk
2014-04-12 09:57 - 2014-04-12 09:57 - 00000000 ____D () C:\Program Files\Autodesk
2014-04-12 09:56 - 2014-04-01 09:05 - 00003760 _____ () C:\Windows\System32\Tasks\Registration
2014-04-12 09:53 - 2014-04-12 09:53 - 00000000 ____D () C:\Program Files (x86)\Autodesk
2014-04-12 09:46 - 2014-04-12 09:46 - 00000000 ____D () C:\Autodesk
Files to move or delete:
====================
C:\ProgramData\eDViewer.exe
Some content of TEMP:
====================
C:\Users\admin\AppData\Local\Temp\AcDeltree.exe
C:\Users\admin\AppData\Local\Temp\avgnt.exe
C:\Users\admin\AppData\Local\Temp\Extract.exe
C:\Users\admin\AppData\Local\Temp\sp64126.exe
C:\Users\admin\AppData\Local\Temp\SP65853.exe
C:\Users\admin\AppData\Local\Temp\UninstallHPSA.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-05 10:38
==================== End Of Log ============================
|
|
12.05.2014, 15:17
| #22 | |
| /// Malwareteam | Sämtliche USB-Sticks Berechtigung Zugriff verweigert Win7 prof. Hi, Zitat:
Gebe in die Ausführenzeile msconfig ein (du brauchst Administratorrechte, um das Programm auszuführen). Es öffnet sich ein Fenster, in dem du unter dem aktuellen Reiter ("Allgemein") den "Diagnosesystemstart" auswählst. Starte deinen Rechner neu und gucke im normalen Modus, ob du auf die USB-Sticks zugreifen kannst. Wenn nicht, wähle wieder msconfig aus und stelle den Systemstart auf "Benutzerdefinierten Systemstart".
__________________ Gruß, Jonas |
|
12.05.2014, 16:22
| #23 |
| | Sämtliche USB-Sticks Berechtigung Zugriff verweigert Win7 prof. Hallo Jonas, beim Versuch, Diagnosesystemstart auszuwählen, springt es auf Benutzerdef. Systemstart, wenn übernehmen gedrückt wird (Avira blockiert Registry). In diesem Modus habe ich Zugriff auf die USB-Geräte. Mit normalem Systemstart wird der Zugriff weiterhin verweigert. Gruß Frank |
|
12.05.2014, 16:53
| #24 | |
| /// Malwareteam | Sämtliche USB-Sticks Berechtigung Zugriff verweigert Win7 prof. Hi, Zitat:
Wähle im Reiter "Allgemein" den "Benutzerdefinierten Systemstart". Gehe auf den Reiter "Dienste" und setze einen Haken unten bei "Alle Microsoft-Dienste ausblenden" (falls Avira meckern sollte, klicke in dem sich öffnenden Fenster auf Einstellungen und deaktiviere alles temporär). Danach drücke "Alle deaktivieren" und wähle "Übernehmen aus". Wechsle zum nächsten Reiter "Systemstart" und drücke ebenfalls "Alle deaktivieren" und "Übernehmen". Jetzt werden auch im Normalen Modus nur wichtigere Dienste und Programme gestartet. Starte deinen Rechner neu und gucke, ob du auf die USB-Sticks wieder zugreifen kannst. Wenn ja, musst du danach jeden einzelnen Dienst und jedes Programm wieder aktivieren und zwischendruch neustarten und gucken, ob du noch Zugriff hast. Somit kannst du das Problem lokalisieren.
__________________ Gruß, Jonas |
|
13.05.2014, 07:15
| #25 |
| | Sämtliche USB-Sticks Berechtigung Zugriff verweigert Win7 prof. Hallo Jonas, wenn der Dienst HP Device Locking / Auditing von Hewlett-Packerd Company nicht gestartet wird, habe ich auf sämtliche USB-Geräte Zugriff! Vielen Dank für Deinen Tipp! Gruß Frank |
|
13.05.2014, 14:24
| #26 |
| /// Malwareteam | Sämtliche USB-Sticks Berechtigung Zugriff verweigert Win7 prof. Ok, dann erstelle bitte zum Abschluss noch ein neues FRST Logfile .
__________________ Gruß, Jonas |
|
13.05.2014, 14:27
| #27 |
| | Sämtliche USB-Sticks Berechtigung Zugriff verweigert Win7 prof.FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-05-2014 01
Ran by admin (administrator) on ADMIN-HP on 13-05-2014 15:26:16
Running from C:\Users\admin\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Flexera Software LLC.) C:\Program Files\PTC\FLEXnet Admin License Server\lmadmin.exe
(MKS Software Inc.) C:\Windows\System32\nutsrv4.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
(PTC) C:\Program Files\PTC\FLEXnet Admin License Server\i486_nt\obj\ptc_d.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Program Files\Intel\Thunderbolt Software\Thunderbolt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(sw4you) C:\Program Files (x86)\Hardcopy\hardcopy.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
(AVM Berlin) C:\Users\admin\AppData\Local\Apps\2.0\VHACOC7G.ACJ\L5LOKYVW.CW1\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfService.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-09-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [11585408 2012-11-16] (Motorola Solutions, Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-08] (Intel Corporation)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2728736 2014-05-08] ()
HKLM\...\Run: [RtsCM] => C:\Windows\RTSCM64.EXE [147160 2013-08-02] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-04-05] (IDT, Inc.)
HKLM\...\Run: [Thunderbolt] => c:\Program Files\Intel\Thunderbolt Software\Thunderbolt.exe [767944 2013-07-23] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2812656 2014-04-05] (Synaptics Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-10-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [182352 2014-05-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [CitrixReceiver] => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144 2013-03-12] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [493528 2013-05-21] (CyberLink Corp.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [395656 2013-10-01] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [13685464 2013-03-06] (Hewlett-Packard)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [185144 2013-12-10] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [NuTCSetupEnviron] => C:\Program Files\PTC\MKS Toolkit\bin\ncoeenv.exe [37248 2012-10-12] (MKS Software Inc.)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [683656 2013-07-18] (PDF Complete Inc)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [336672 2014-02-10] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153992 2013-10-01] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-04-05] (Intel Corporation)
HKLM-x32\...\Run: [YouCam Mirage] => c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2013-06-24] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [167488 2013-06-24] (CyberLink Corp.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-04-22] (Hewlett-Packard)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-2573168942-1884357690-58221193-1002\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-2573168942-1884357690-58221193-1002\...\Run: [AVMUSBFernanschluss] => C:\Users\admin\AppData\Local\Apps\2.0\VHACOC7G.ACJ\L5LOKYVW.CW1\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe [139264 2014-05-08] (AVM Berlin)
HKU\S-1-5-21-2573168942-1884357690-58221193-1002\...\Run: [GoogleChromeAutoLaunch_A822CA3D40D4B8944864CFEA751D8D57] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-04-24] (Google Inc.)
HKU\S-1-5-21-2573168942-1884357690-58221193-1002\...\Policies\Explorer: []
HKU\S-1-5-21-2573168942-1884357690-58221193-1002\...\MountPoints2: {8e6fc8fa-bd0a-11e3-bb07-c4d98760109d} - G:\HTC_Sync_Manager_PC.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Outlook 2007.lnk
ShortcutTarget: Microsoft Office Outlook 2007.lnk -> C:\Windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\outicon.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK
ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you)
==================== Internet (Whitelisted) ====================
StartMenuInternet: IEXPLORE.EXE - c:\program files (x86)\internet explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CMDTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CMDTDFJS
SearchScopes: HKCU - DefaultScope {3DE21B6E-E85C-4174-AA7E-C4C18B5445A5} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CMDTDFJS
SearchScopes: HKCU - {3DE21B6E-E85C-4174-AA7E-C4C18B5445A5} URL = https://www.google.com/search?q={searchTerms}
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: HP File Sanitizer - {3134413B-49B4-425C-98A5-893C1F195601} - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Winsock: Catalog9 12 C:\Windows\SysWOW64\nutafun4.dll [164232] (MKS Software Inc.)
Winsock: Catalog9 13 C:\Windows\SysWOW64\nutafun4.dll [164232] (MKS Software Inc.)
Winsock: Catalog9-x64 12 %SystemRoot%\system32\nutafun4.dll [205624] (MKS Software Inc.)
Winsock: Catalog9-x64 13 %SystemRoot%\system32\nutafun4.dll [205624] (MKS Software Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @Citrix.com/npican - C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @ptc.com/ProductViewLite - C:\Program Files (x86)\Common Files\PTC\np6_pvapplite9.dll (PTC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll (DigitalPersona, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome
FF Extension: HP Client Security Manager - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2014-04-05]
Chrome:
=======
CHR HomePage: https://www.google.de/
CHR RestoreOnStartup: "sync": {
"app_settings": true,
"apps": true,
"autofill": true,
"autofill_profile": true,
"bookmarks": true,
"dictionary": true,
"encryption_bootstrap_token": "AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAA7s26EBY5rU6/73XmG4ZFoAAAAAACAAAAAAAQZgAAAAEAACAAAACo9DNKXn8rpvWwu9iKm9ZG69GkFpa2rqYnDn424haZNAAAAAAOgAAAAAIAACAAAABbMwPkbML0yLaU1tuX91zgEnc75ID1LoTOsfgGUGSun0AAAADT6MkvYOuiFOA8l/E7Lnh/982D7V0KdMoM+jC63xwpk/hvkEIRSafdzpWtVN3NL2q2D8hgUvzwxB6eqr48y2OVQAAAANPw3hMIzA/pNxtUWcmJ0BMdBy0GTBJfFyJ2UmyQ7823BRMSai5ge3p3NuehSW888b/Ypwi9wz8KZLUs9QZ0s9c=",
"extension_settings": true,
"extensions": true,
"favicon_images": true,
"favicon_tracking": true,
"has_setup_completed": true,
"history_delete_directives": true,
"keystore_encryption_bootstrap_token": "AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAA7s26EBY5rU6/73XmG4ZFoAAAAAACAAAAAAAQZgAAAAEAACAAAABhQ3kI2MY9ZNMAJwHKhM1fyhLQRtaS15LFGBVlsfI5SgAAAAAOgAAAAAIAACAAAAD7lKguGcdytu16dwQp0JT2Z71JHA6IikWUGi4RpnwlclAAAACYGA8oEd7quwmwCG8zlor0IRI2N5mJbQjlSXQN+lLadivXaDozOsgvmJXk4nEW+N/WqxtvBs9/vNDGIWSZo2atlOQKy7vpfoZCYDBboMrpmkAAAADfOBID1vOB7ZG+0pLJSyRFzL5bfH0AglH2UdiQ6D9Qz46jAoem7VFrm3KsBJJm21ebedjqBbrN34NjRL+BNksw",
"last_synced_time": "13044461155922184",
"managed_user_shared_settings": true,
"managed_users": true,
"passwords": true,
"preferences": true,
"priority_preferences": true,
"search_engines": true,
"session_sync_guid": "session_sync+QpJ6X4TJDpHC+2+O7HJmA==",
"sessions": true,
"suppress_start": false,
"synced_notifications": true,
"tabs": true,
"themes": true,
"typed_urls": true
},
"sync_promo": {
"startup_count": 1
},
"synced_notification": {
"enabled_sending_services": [ "Google+"
CHR StartupUrls: "hxxp://www.google.de/"
CHR Extension: (Google Docs) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-05]
CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-05]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-05]
CHR Extension: (Google-Suche) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-05]
CHR Extension: (Avira Browser Safety) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-05-06]
CHR Extension: (HP Client Security Manager) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab [2014-04-05]
CHR Extension: (Google Wallet) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-05]
CHR Extension: (Google Mail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-05]
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx [2013-11-21]
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [124496 2014-05-05] (Avira Operations GmbH & Co. KG)
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [337824 2012-11-28] (AVM Berlin)
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143776 2012-11-28] (AVM Berlin)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-09-18] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-09-18] (CyberLink)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [500048 2013-11-21] (DigitalPersona, Inc.)
S4 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [568120 2013-09-25] (Hewlett-Packard Company)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [683296 2014-02-10] (Hewlett-Packard Company)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-18] (Nero AG)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-08] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-04-05] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-04-05] (Intel Corporation)
R2 lmadmin_ptc; C:\Program Files\PTC\FLEXnet Admin License Server\lmadmin.exe [6928208 2014-04-01] (Flexera Software LLC.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()
R2 NuTCRACKERService; C:\Windows\system32\nutsrv4.exe [574776 2012-10-12] (MKS Software Inc.)
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [2510624 2014-05-08] (NVIDIA Corporation)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [191328 2013-06-10] (AVM Berlin)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] ()
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1143432 2013-07-18] (PDF Complete Inc)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2014-05-08] (AVM Berlin)
R3 AX88772; C:\Windows\System32\DRIVERS\ax88772.sys [83968 2013-12-03] (ASIX Electronics Corp.)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [131968 2012-10-30] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1345920 2012-11-06] (Motorola Solutions, Inc.)
S3 btmlehid; C:\Windows\system32\drivers\btmlehid.sys [75648 2012-11-13] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [90608 2011-12-27] (CyberLink)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [65752 2013-09-24] (Hewlett-Packard Company)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-07-12] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-08-08] (Intel Corporation)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [88280 2014-04-19] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2014-04-05] (Intel Corporation)
S3 nhi; C:\Windows\system32\drivers\trw70x.sys [73016 2013-07-23] (Intel Corporation)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [300320 2014-05-08] (NVIDIA Corporation)
R3 NWIM; C:\Windows\System32\DRIVERS\avmnwim.sys [412024 2011-07-05] (AVM Berlin)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [418520 2013-06-17] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8873688 2013-08-02] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [30448 2013-06-12] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2014-04-05] (Synaptics Incorporated)
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [206744 2013-06-21] (Windows (R) Win 7 DDK provider)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-13 13:02 - 2014-05-13 13:02 - 00001078 _____ () C:\Windows\system32dbgraw.bmp
2014-05-13 12:34 - 2014-05-13 12:34 - 00010243 _____ () C:\Users\admin\Downloads\fritzbox-usb-fernanschluss (1).application
2014-05-13 12:34 - 2014-05-13 12:34 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRITZ!Box
2014-05-13 10:02 - 2014-05-13 10:03 - 00058625 _____ () C:\Users\admin\Documents\trail.txt.2
2014-05-12 20:55 - 2014-05-12 20:55 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-05-12 20:55 - 2014-05-12 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-12 16:27 - 2014-05-12 20:45 - 00000000 ____D () C:\Windows\pss
2014-05-12 13:14 - 2014-05-12 13:14 - 00001785 _____ () C:\Users\admin\Desktop\HPConnectionManager.exe - Verknüpfung.lnk
2014-05-09 12:31 - 2014-05-09 12:31 - 00909482 _____ () C:\Users\admin\Downloads\usbfehlerbehebung22 (2).zip
2014-05-09 12:02 - 2014-05-09 12:02 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-05-09 12:02 - 2014-05-09 12:02 - 00000000 ____D () C:\Windows\system32\NV
2014-05-09 11:04 - 2014-05-09 11:04 - 00909482 _____ () C:\Users\admin\Downloads\usbfehlerbehebung22 (1).zip
2014-05-09 09:47 - 2014-05-09 09:47 - 00909482 _____ () C:\Users\admin\Downloads\usbfehlerbehebung22.zip
2014-05-08 10:18 - 2014-05-13 13:02 - 00138264 _____ () C:\Windows\avmacc.log
2014-05-08 10:18 - 2014-05-13 12:46 - 00003270 _____ () C:\Windows\avmacc1.log
2014-05-08 10:18 - 2014-05-08 10:17 - 00116480 _____ (AVM Berlin) C:\Windows\system32\Drivers\avmaura.sys
2014-05-08 10:17 - 2014-05-08 10:17 - 00010243 _____ () C:\Users\admin\Downloads\fritzbox-usb-fernanschluss.application
2014-05-08 09:55 - 2014-05-08 09:55 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-05-08 09:55 - 2014-05-08 09:46 - 02510624 _____ (NVIDIA Corporation) C:\Windows\system32\nvwmi64.exe
2014-05-08 09:55 - 2014-05-08 09:46 - 00004084 _____ () C:\Windows\system32\nvPerfProvider.man
2014-05-08 09:47 - 2014-05-08 09:46 - 30385440 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 25258784 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 22971168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 18312672 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 18224592 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 17564448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 15879264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 15232936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 12672800 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-08 09:47 - 2014-05-08 09:46 - 11629960 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 11578984 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 09724432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 09681696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 03138336 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 03130144 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 02952992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 02752800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 02701392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433265.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433265.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 01248568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 00887584 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 00877344 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 00857888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 00845088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 00479520 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 00405280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 00357152 _____ () C:\Windows\system32\NvIFROpenGL.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 00314656 _____ () C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 00300320 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvkflt.sys
2014-05-08 09:47 - 2014-05-08 09:46 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-05-08 09:47 - 2014-05-08 09:46 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-05-08 09:35 - 2014-05-13 11:12 - 00000060 _____ () C:\Users\admin\Desktop\ProE.txt
2014-05-07 08:45 - 2014-05-07 08:45 - 00000000 ____D () C:\Users\admin\AppData\Roaming\EDrawings
2014-05-07 08:44 - 2014-05-07 12:18 - 00009533 _____ () C:\Users\admin\Documents\trail.txt.1
2014-05-06 20:36 - 2014-05-06 20:36 - 00000000 ____D () C:\ProgramData\creo2
2014-05-06 20:36 - 2014-05-06 20:36 - 00000000 ____D () C:\Program Files\Common Files\eDrawings2013
2014-05-06 20:14 - 2014-05-06 20:36 - 00002114 _____ () C:\Users\Public\Desktop\eDrawings 2014 x64 Edition.lnk
2014-05-06 20:14 - 2014-05-06 20:36 - 00000000 ____D () C:\ProgramData\text
2014-05-06 20:14 - 2014-05-06 20:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eDrawings for Pro ENGINEER (x64)
2014-05-06 20:14 - 2014-05-06 20:14 - 00000000 ____D () C:\Users\admin\AppData\Roaming\help_images_otherUI
2014-05-06 20:14 - 2014-05-06 20:14 - 00000000 ____D () C:\ProgramData\proeWF5
2014-05-06 20:14 - 2014-05-06 20:14 - 00000000 ____D () C:\Program Files\ProEeDrawings
2014-05-06 20:14 - 2014-05-06 20:14 - 00000000 ____D () C:\Program Files\Common Files\Geometric Software
2014-05-06 20:14 - 2014-05-06 20:14 - 00000000 ____D () C:\Program Files\Common Files\eDrawings2014
2014-05-06 20:14 - 2014-05-06 20:14 - 00000000 _____ () C:\Windows\70726f653230313331313134.ini
2014-05-06 20:13 - 2014-05-06 20:13 - 00000000 _____ () C:\Windows\eDrawingOfficeAutomator.INI
2014-05-06 20:12 - 2014-05-06 20:12 - 00002072 _____ () C:\Users\Public\Desktop\eDrawings 2014.lnk
2014-05-06 20:12 - 2014-05-06 20:12 - 00001068 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eDrawings 2014.lnk
2014-05-06 18:54 - 2014-05-06 18:54 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Avira
2014-05-06 18:48 - 2014-05-13 15:26 - 02066944 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2014-05-06 18:48 - 2014-05-13 15:26 - 00000000 ____D () C:\Users\admin\Desktop\FRST-OlderVersion
2014-05-06 18:48 - 2014-02-25 11:41 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-06 18:46 - 2014-05-12 13:17 - 00001144 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-05-06 18:46 - 2014-05-12 13:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-06 18:46 - 2014-05-12 13:17 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-06 18:46 - 2014-05-06 18:48 - 00000000 ____D () C:\ProgramData\Avira
2014-05-06 18:46 - 2014-05-06 18:46 - 04530864 _____ (Avira Operations GmbH & Co. KG) C:\Users\admin\Downloads\avira_de_av___ws.exe
2014-05-06 17:46 - 2014-05-06 17:46 - 00227096 _____ () C:\Users\admin\Downloads\avira_registry_cleaner_de.exe
2014-05-06 10:51 - 2014-05-06 10:51 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 10:43 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-06 10:43 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-05 10:15 - 2014-05-05 14:57 - 00000000 ____D () C:\Users\admin\Documents\Fax
2014-05-05 09:31 - 2014-05-05 09:32 - 00001664 _____ () C:\Users\admin\Desktop\WF4 für KERO.lnk
2014-05-05 07:47 - 2014-05-13 11:57 - 00084068 _____ () C:\Windows\PFRO.log
2014-05-04 10:52 - 2014-05-04 10:52 - 02347384 _____ (ESET) C:\Users\admin\Downloads\esetsmartinstaller_deu.exe
2014-05-03 11:31 - 2014-04-29 16:01 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-03 11:31 - 2014-04-29 15:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-03 11:31 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-03 11:31 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-03 10:45 - 2014-05-06 10:19 - 00003718 _____ () C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2014-05-03 10:45 - 2014-05-03 10:45 - 00003476 _____ () C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2014-05-02 13:26 - 2014-05-02 13:27 - 00027232 _____ () C:\Users\admin\Desktop\Logs.zip
2014-05-02 13:14 - 2014-05-02 13:15 - 00026580 _____ () C:\Users\admin\Desktop\Addition.txt
2014-05-02 13:10 - 2014-05-13 15:26 - 00032221 _____ () C:\Users\admin\Desktop\FRST.txt
2014-05-02 12:15 - 2014-05-12 18:15 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForadmin
2014-05-02 12:15 - 2014-05-12 18:15 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForadmin.job
2014-05-02 12:14 - 2014-05-02 12:14 - 00002224 _____ () C:\Users\admin\Desktop\HP Support Assistant.lnk
2014-05-02 12:10 - 2014-05-02 12:10 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-04-19 18:44 - 2014-05-13 13:01 - 00008855 _____ () C:\Windows\setupact.log
2014-04-19 18:44 - 2014-04-19 18:44 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-19 18:01 - 2014-04-19 18:01 - 00000000 __SHD () C:\Users\admin\AppData\Local\EmieUserList
2014-04-19 18:01 - 2014-04-19 18:01 - 00000000 __SHD () C:\Users\admin\AppData\Local\EmieSiteList
2014-04-19 16:23 - 2014-04-19 16:23 - 00000000 _____ () C:\Users\admin\Desktop\Gmer.txt
2014-04-19 14:20 - 2014-05-13 12:58 - 00621164 _____ () C:\Windows\WindowsUpdate.log
2014-04-19 12:32 - 2014-05-04 10:46 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Nico Mak Computing
2014-04-19 12:31 - 2014-04-19 12:31 - 04894544 _____ (WinZip International LLC ) C:\Users\admin\Downloads\wzmalwareprotector_1.exe
2014-04-19 12:25 - 2014-04-19 12:25 - 00380416 _____ () C:\Users\admin\Downloads\Gmer-19357.exe
2014-04-19 12:24 - 2014-04-19 12:24 - 00000000 _____ () C:\Users\admin\defogger_reenable
2014-04-19 12:23 - 2014-04-19 16:06 - 00000472 _____ () C:\Users\admin\Downloads\defogger_disable.log
2014-04-19 12:23 - 2014-04-19 12:23 - 00050477 _____ () C:\Users\admin\Downloads\Defogger.exe
2014-04-19 12:23 - 2014-04-19 12:23 - 00000244 _____ () C:\Users\admin\Downloads\defogger_enable.log
2014-04-19 12:10 - 2014-04-19 12:10 - 04892480 _____ (WinZip International LLC ) C:\Users\admin\Downloads\wzmp_8.exe
2014-04-19 11:53 - 2014-04-19 16:09 - 00044486 _____ () C:\Users\admin\Downloads\Shortcut.txt
2014-04-19 11:53 - 2014-04-19 11:53 - 00448512 _____ (OldTimer Tools) C:\Users\admin\Downloads\TFC.exe
2014-04-18 19:10 - 2014-04-18 19:10 - 00000625 _____ () C:\Users\admin\Desktop\JRT.txt
2014-04-18 19:05 - 2014-04-18 19:05 - 01016261 _____ (Thisisu) C:\Users\admin\Downloads\JRT.exe
2014-04-18 19:05 - 2014-04-18 19:05 - 00000000 ____D () C:\Windows\ERUNT
2014-04-18 19:01 - 2014-04-19 18:07 - 00000000 ____D () C:\AdwCleaner
2014-04-18 19:01 - 2014-04-18 19:01 - 01426178 _____ () C:\Users\admin\Downloads\adwcleaner.exe
2014-04-18 18:59 - 2014-04-19 16:09 - 00025777 _____ () C:\Users\admin\Downloads\Addition.txt
2014-04-18 18:58 - 2014-05-13 15:26 - 00000000 ____D () C:\FRST
2014-04-18 18:58 - 2014-05-02 13:09 - 00115877 _____ () C:\Users\admin\Downloads\FRST.txt
2014-04-18 18:57 - 2014-04-18 18:58 - 02158592 _____ (Farbar) C:\Users\admin\Downloads\FRST64.exe
2014-04-18 18:37 - 2014-04-19 17:44 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-18 18:37 - 2014-04-19 17:33 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-18 18:37 - 2014-04-18 18:37 - 00001109 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-18 18:37 - 2014-04-18 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-04-18 18:37 - 2014-04-18 18:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-18 18:37 - 2014-04-18 18:37 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-04-18 18:37 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-18 18:37 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-18 18:36 - 2014-04-18 18:36 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\admin\Desktop\mbam-setup-2-0-1-1004.exe
2014-04-18 18:23 - 2014-04-18 18:23 - 00000000 ____D () C:\Users\admin\AppData\Local\Hewlett-Packard_Developme
2014-04-17 06:23 - 2014-04-17 06:23 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_HpqKbFiltr_01011.Wdf
2014-04-16 15:09 - 2014-04-16 15:09 - 00347816 _____ (Microsoft Corporation) C:\Users\admin\Downloads\MicrosoftFixit.Devices.RNP.13321084561308373.1.1.Run.exe
2014-04-16 14:31 - 2014-04-16 14:31 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Intel Corporation
2014-04-16 14:30 - 2014-04-16 14:30 - 00141696 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-16 14:30 - 2014-04-16 14:30 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{3F3ED25F-A7C8-49F1-90AA-E15FF965648D}
2014-04-16 14:30 - 2014-04-16 14:30 - 00001424 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Synaptics
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\ICAClient
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\hpqlog
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Hewlett-Packard
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Power2Go8
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Local\PDFC
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Citrix
2014-04-16 14:29 - 2014-05-09 12:02 - 00000000 ____D () C:\Users\Administrator
2014-04-16 14:29 - 2014-04-16 14:29 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Vorlagen
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Startmenü
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Netzwerkumgebung
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Lokale Einstellungen
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Eigene Dateien
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Druckumgebung
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Documents\Eigene Musik
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Documents\Eigene Bilder
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\AppData\Local\Verlauf
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\AppData\Local\Anwendungsdaten
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Anwendungsdaten
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Intel
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\DigitalPersona
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 ____D () C:\Users\Administrator\AppData\Local\DigitalPersona
2014-04-16 14:29 - 2014-04-06 12:54 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Microsoft Help
2014-04-16 14:29 - 2014-04-06 12:42 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-04-16 14:29 - 2014-03-21 14:31 - 00000000 ___HD () C:\Users\Administrator\Documents\hp.system.package.metadata
2014-04-16 14:29 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-16 14:29 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-04-16 14:21 - 2014-04-16 14:21 - 04591136 _____ (TeamViewer) C:\Users\admin\Downloads\TeamViewerQS_de-ckc.exe
2014-04-16 14:21 - 2014-04-16 14:21 - 00000000 ____D () C:\Users\admin\AppData\Roaming\TeamViewer
2014-04-16 12:53 - 2014-04-16 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-04-16 12:53 - 2014-04-16 12:53 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-16 12:53 - 2014-04-16 12:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-16 12:52 - 2014-04-16 12:53 - 13084896 _____ (Microsoft Corporation) C:\Users\admin\Downloads\Silverlight_x64.exe
2014-04-13 08:34 - 2014-04-13 08:34 - 00001375 _____ () C:\Users\admin\Desktop\FRITZVPN.lnk
2014-04-13 08:33 - 2014-04-13 08:33 - 12995204 _____ () C:\Users\admin\Downloads\Fritz_Fernzugang_VPN_1.3.1.0 (2).zip
2014-04-13 08:31 - 2014-04-13 08:31 - 12995204 _____ () C:\Users\admin\Downloads\Fritz_Fernzugang_VPN_1.3.1.0 (1).zip
2014-04-13 08:26 - 2014-04-13 08:26 - 00000112 _____ () C:\Windows\system32\snetcfg.log
2014-04-13 08:15 - 2014-04-13 08:15 - 00001528 _____ () C:\Users\admin\Desktop\VPNAdmin.exe - Verknüpfung.lnk
2014-04-13 07:44 - 2014-04-13 08:16 - 00000000 ____D () C:\Users\admin\AppData\Roaming\AVM
2014-04-13 07:18 - 2014-04-13 07:18 - 00001144 _____ () C:\WirelessDiagLog.csv
==================== One Month Modified Files and Folders =======
2014-05-13 15:26 - 2014-05-06 18:48 - 02066944 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2014-05-13 15:26 - 2014-05-06 18:48 - 00000000 ____D () C:\Users\admin\Desktop\FRST-OlderVersion
2014-05-13 15:26 - 2014-05-02 13:10 - 00032221 _____ () C:\Users\admin\Desktop\FRST.txt
2014-05-13 15:26 - 2014-04-18 18:58 - 00000000 ____D () C:\FRST
2014-05-13 14:49 - 2014-01-18 23:19 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-13 14:34 - 2014-04-05 13:15 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-13 13:12 - 2014-03-21 14:12 - 00703890 _____ () C:\Windows\system32\perfh007.dat
2014-05-13 13:12 - 2014-03-21 14:12 - 00150996 _____ () C:\Windows\system32\perfc007.dat
2014-05-13 13:12 - 2009-07-14 07:13 - 01631306 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-13 13:09 - 2009-07-14 06:45 - 00026608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-13 13:09 - 2009-07-14 06:45 - 00026608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-13 13:02 - 2014-05-13 13:02 - 00001078 _____ () C:\Windows\system32dbgraw.bmp
2014-05-13 13:02 - 2014-05-08 10:18 - 00138264 _____ () C:\Windows\avmacc.log
2014-05-13 13:02 - 2014-04-05 23:50 - 00000000 ____D () C:\Users\admin\AppData\Local\HTC MediaHub
2014-05-13 13:02 - 2014-04-05 13:15 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-13 13:02 - 2014-01-18 23:19 - 00000000 ____D () C:\ProgramData\PDFC
2014-05-13 13:01 - 2014-04-19 18:44 - 00008855 _____ () C:\Windows\setupact.log
2014-05-13 13:01 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-13 12:58 - 2014-04-19 14:20 - 00621164 _____ () C:\Windows\WindowsUpdate.log
2014-05-13 12:46 - 2014-05-08 10:18 - 00003270 _____ () C:\Windows\avmacc1.log
2014-05-13 12:34 - 2014-05-13 12:34 - 00010243 _____ () C:\Users\admin\Downloads\fritzbox-usb-fernanschluss (1).application
2014-05-13 12:34 - 2014-05-13 12:34 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRITZ!Box
2014-05-13 12:34 - 2014-04-05 13:14 - 00000000 ____D () C:\Users\admin\AppData\Local\Deployment
2014-05-13 12:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-13 11:57 - 2014-05-05 07:47 - 00084068 _____ () C:\Windows\PFRO.log
2014-05-13 11:57 - 2009-07-14 07:08 - 00032604 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-13 11:12 - 2014-05-08 09:35 - 00000060 _____ () C:\Users\admin\Desktop\ProE.txt
2014-05-13 10:06 - 2014-01-18 23:19 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-13 10:06 - 2014-01-18 23:19 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-13 10:06 - 2014-01-18 23:19 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-13 10:05 - 2014-04-12 10:02 - 00000000 ____D () C:\Users\admin\AppData\Local\cache
2014-05-13 10:05 - 2014-04-01 14:11 - 00000000 ____D () C:\Users\admin\AppData\Local\Adobe
2014-05-13 10:03 - 2014-05-13 10:02 - 00058625 _____ () C:\Users\admin\Documents\trail.txt.2
2014-05-13 08:13 - 2014-04-01 09:05 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{A96240A6-7A05-4C75-A006-B599752D55AB}
2014-05-12 20:55 - 2014-05-12 20:55 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-05-12 20:55 - 2014-05-12 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-12 20:55 - 2014-04-01 14:10 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-12 20:55 - 2014-04-01 14:10 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-12 20:45 - 2014-05-12 16:27 - 00000000 ____D () C:\Windows\pss
2014-05-12 20:45 - 2014-04-06 18:55 - 00000000 ___RD () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-12 20:45 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-12 18:15 - 2014-05-02 12:15 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForadmin
2014-05-12 18:15 - 2014-05-02 12:15 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForadmin.job
2014-05-12 17:45 - 2014-04-07 21:18 - 00000873 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-05-12 17:28 - 2014-04-06 17:50 - 00000000 ____D () C:\tmp
2014-05-12 13:23 - 2014-04-01 09:05 - 00003760 _____ () C:\Windows\System32\Tasks\Registration
2014-05-12 13:17 - 2014-05-06 18:46 - 00001144 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-05-12 13:17 - 2014-05-06 18:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-12 13:17 - 2014-05-06 18:46 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-12 13:17 - 2014-01-18 23:14 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-12 13:14 - 2014-05-12 13:14 - 00001785 _____ () C:\Users\admin\Desktop\HPConnectionManager.exe - Verknüpfung.lnk
2014-05-11 19:29 - 2014-04-05 13:15 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-11 19:29 - 2014-04-05 13:15 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-09 12:34 - 2014-04-05 11:42 - 00008883 _____ () C:\Windows\system32\lvcoinst.log
2014-05-09 12:31 - 2014-05-09 12:31 - 00909482 _____ () C:\Users\admin\Downloads\usbfehlerbehebung22 (2).zip
2014-05-09 12:04 - 2014-04-01 09:05 - 00000000 ____D () C:\Users\admin
2014-05-09 12:02 - 2014-05-09 12:02 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-05-09 12:02 - 2014-05-09 12:02 - 00000000 ____D () C:\Windows\system32\NV
2014-05-09 12:02 - 2014-04-16 14:29 - 00000000 ____D () C:\Users\Administrator
2014-05-09 12:01 - 2014-01-18 23:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-05-09 12:01 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-09 12:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\security
2014-05-09 12:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-05-09 11:04 - 2014-05-09 11:04 - 00909482 _____ () C:\Users\admin\Downloads\usbfehlerbehebung22 (1).zip
2014-05-09 09:47 - 2014-05-09 09:47 - 00909482 _____ () C:\Users\admin\Downloads\usbfehlerbehebung22.zip
2014-05-08 10:38 - 2014-03-21 14:37 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-08 10:17 - 2014-05-08 10:18 - 00116480 _____ (AVM Berlin) C:\Windows\system32\Drivers\avmaura.sys
2014-05-08 10:17 - 2014-05-08 10:17 - 00010243 _____ () C:\Users\admin\Downloads\fritzbox-usb-fernanschluss.application
2014-05-08 09:56 - 2014-04-05 12:02 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-05-08 09:55 - 2014-05-08 09:55 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-05-08 09:55 - 2014-03-21 14:36 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-05-08 09:55 - 2014-03-21 14:35 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-05-08 09:46 - 2014-05-08 09:55 - 02510624 _____ (NVIDIA Corporation) C:\Windows\system32\nvwmi64.exe
2014-05-08 09:46 - 2014-05-08 09:55 - 00004084 _____ () C:\Windows\system32\nvPerfProvider.man
2014-05-08 09:46 - 2014-05-08 09:47 - 30385440 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 25258784 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 22971168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 18312672 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 18224592 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 17564448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 15879264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 15232936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 12672800 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-08 09:46 - 2014-05-08 09:47 - 11629960 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 11578984 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 09724432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 09681696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 03138336 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 03130144 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 02952992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 02752800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 02701392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433265.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433265.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 01248568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 00887584 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 00877344 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 00857888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 00845088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 00479520 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 00405280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 00357152 _____ () C:\Windows\system32\NvIFROpenGL.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 00314656 _____ () C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 00300320 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvkflt.sys
2014-05-08 09:46 - 2014-05-08 09:47 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-05-08 09:46 - 2014-05-08 09:47 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-05-08 09:46 - 2014-03-21 14:36 - 03075776 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-05-08 09:46 - 2014-03-21 14:36 - 01444816 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-05-08 09:46 - 2014-03-21 14:36 - 00023754 _____ () C:\Windows\system32\nvinfo.pb
2014-05-08 09:46 - 2011-02-11 18:32 - 00000000 ____D () C:\SWSETUP
2014-05-08 08:59 - 2014-04-05 12:02 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-05-07 20:54 - 2014-04-01 09:14 - 00000000 ____D () C:\Users\admin\AppData\Local\Hewlett-Packard
2014-05-07 12:18 - 2014-05-07 08:44 - 00009533 _____ () C:\Users\admin\Documents\trail.txt.1
2014-05-07 08:45 - 2014-05-07 08:45 - 00000000 ____D () C:\Users\admin\AppData\Roaming\EDrawings
2014-05-07 08:45 - 2014-04-06 10:36 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-05-07 08:36 - 2009-07-14 06:45 - 00492864 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-06 21:02 - 2014-04-01 09:06 - 00142104 _____ () C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-06 20:36 - 2014-05-06 20:36 - 00000000 ____D () C:\ProgramData\creo2
2014-05-06 20:36 - 2014-05-06 20:36 - 00000000 ____D () C:\Program Files\Common Files\eDrawings2013
2014-05-06 20:36 - 2014-05-06 20:14 - 00002114 _____ () C:\Users\Public\Desktop\eDrawings 2014 x64 Edition.lnk
2014-05-06 20:36 - 2014-05-06 20:14 - 00000000 ____D () C:\ProgramData\text
2014-05-06 20:36 - 2014-05-06 20:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eDrawings for Pro ENGINEER (x64)
2014-05-06 20:14 - 2014-05-06 20:14 - 00000000 ____D () C:\Users\admin\AppData\Roaming\help_images_otherUI
2014-05-06 20:14 - 2014-05-06 20:14 - 00000000 ____D () C:\ProgramData\proeWF5
2014-05-06 20:14 - 2014-05-06 20:14 - 00000000 ____D () C:\Program Files\ProEeDrawings
2014-05-06 20:14 - 2014-05-06 20:14 - 00000000 ____D () C:\Program Files\Common Files\Geometric Software
2014-05-06 20:14 - 2014-05-06 20:14 - 00000000 ____D () C:\Program Files\Common Files\eDrawings2014
2014-05-06 20:14 - 2014-05-06 20:14 - 00000000 _____ () C:\Windows\70726f653230313331313134.ini
2014-05-06 20:13 - 2014-05-06 20:13 - 00000000 _____ () C:\Windows\eDrawingOfficeAutomator.INI
2014-05-06 20:12 - 2014-05-06 20:12 - 00002072 _____ () C:\Users\Public\Desktop\eDrawings 2014.lnk
2014-05-06 20:12 - 2014-05-06 20:12 - 00001068 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eDrawings 2014.lnk
2014-05-06 18:54 - 2014-05-06 18:54 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Avira
2014-05-06 18:48 - 2014-05-06 18:46 - 00000000 ____D () C:\ProgramData\Avira
2014-05-06 18:46 - 2014-05-06 18:46 - 04530864 _____ (Avira Operations GmbH & Co. KG) C:\Users\admin\Downloads\avira_de_av___ws.exe
2014-05-06 17:46 - 2014-05-06 17:46 - 00227096 _____ () C:\Users\admin\Downloads\avira_registry_cleaner_de.exe
2014-05-06 17:04 - 2014-04-06 10:26 - 00000000 ____D () C:\Program Files\AutoCAD LT 2010
2014-05-06 17:04 - 2014-04-06 10:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2014-05-06 17:04 - 2014-04-06 10:12 - 00000000 ____D () C:\ProgramData\Autodesk
2014-05-06 17:04 - 2014-04-06 10:12 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2014-05-06 17:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-05-06 10:51 - 2014-05-06 10:51 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 10:19 - 2014-05-03 10:45 - 00003718 _____ () C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2014-05-05 14:57 - 2014-05-05 10:15 - 00000000 ____D () C:\Users\admin\Documents\Fax
2014-05-05 09:32 - 2014-05-05 09:31 - 00001664 _____ () C:\Users\admin\Desktop\WF4 für KERO.lnk
2014-05-04 10:52 - 2014-05-04 10:52 - 02347384 _____ (ESET) C:\Users\admin\Downloads\esetsmartinstaller_deu.exe
2014-05-04 10:46 - 2014-04-19 12:32 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Nico Mak Computing
2014-05-03 10:45 - 2014-05-03 10:45 - 00003476 _____ () C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2014-05-03 10:45 - 2014-01-18 23:19 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-05-02 13:27 - 2014-05-02 13:26 - 00027232 _____ () C:\Users\admin\Desktop\Logs.zip
2014-05-02 13:15 - 2014-05-02 13:14 - 00026580 _____ () C:\Users\admin\Desktop\Addition.txt
2014-05-02 13:09 - 2014-04-18 18:58 - 00115877 _____ () C:\Users\admin\Downloads\FRST.txt
2014-05-02 12:14 - 2014-05-02 12:14 - 00002224 _____ () C:\Users\admin\Desktop\HP Support Assistant.lnk
2014-05-02 12:14 - 2014-01-18 23:18 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2014-05-02 12:14 - 2014-01-18 23:17 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-02 12:13 - 2014-01-18 23:17 - 00000000 ____D () C:\Windows\System32\Tasks\Hewlett-Packard
2014-05-02 12:12 - 2014-01-18 23:15 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-05-02 12:10 - 2014-05-02 12:10 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-05-02 12:09 - 2014-01-18 23:17 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-05-02 11:36 - 2014-04-05 13:15 - 00002182 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-29 16:01 - 2014-05-03 11:31 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 15:40 - 2014-05-03 11:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 14:48 - 2014-05-03 11:31 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 14:34 - 2014-05-03 11:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-19 18:44 - 2014-04-19 18:44 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-19 18:07 - 2014-04-18 19:01 - 00000000 ____D () C:\AdwCleaner
2014-04-19 18:01 - 2014-04-19 18:01 - 00000000 __SHD () C:\Users\admin\AppData\Local\EmieUserList
2014-04-19 18:01 - 2014-04-19 18:01 - 00000000 __SHD () C:\Users\admin\AppData\Local\EmieSiteList
2014-04-19 17:58 - 2014-04-05 12:42 - 00000000 ____D () C:\Windows\PCHEALTH
2014-04-19 17:44 - 2014-04-18 18:37 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-19 17:33 - 2014-04-18 18:37 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-19 16:23 - 2014-04-19 16:23 - 00000000 _____ () C:\Users\admin\Desktop\Gmer.txt
2014-04-19 16:09 - 2014-04-19 11:53 - 00044486 _____ () C:\Users\admin\Downloads\Shortcut.txt
2014-04-19 16:09 - 2014-04-18 18:59 - 00025777 _____ () C:\Users\admin\Downloads\Addition.txt
2014-04-19 16:06 - 2014-04-19 12:23 - 00000472 _____ () C:\Users\admin\Downloads\defogger_disable.log
2014-04-19 12:31 - 2014-04-19 12:31 - 04894544 _____ (WinZip International LLC ) C:\Users\admin\Downloads\wzmalwareprotector_1.exe
2014-04-19 12:25 - 2014-04-19 12:25 - 00380416 _____ () C:\Users\admin\Downloads\Gmer-19357.exe
2014-04-19 12:24 - 2014-04-19 12:24 - 00000000 _____ () C:\Users\admin\defogger_reenable
2014-04-19 12:23 - 2014-04-19 12:23 - 00050477 _____ () C:\Users\admin\Downloads\Defogger.exe
2014-04-19 12:23 - 2014-04-19 12:23 - 00000244 _____ () C:\Users\admin\Downloads\defogger_enable.log
2014-04-19 12:10 - 2014-04-19 12:10 - 04892480 _____ (WinZip International LLC ) C:\Users\admin\Downloads\wzmp_8.exe
2014-04-19 11:53 - 2014-04-19 11:53 - 00448512 _____ (OldTimer Tools) C:\Users\admin\Downloads\TFC.exe
2014-04-18 19:10 - 2014-04-18 19:10 - 00000625 _____ () C:\Users\admin\Desktop\JRT.txt
2014-04-18 19:05 - 2014-04-18 19:05 - 01016261 _____ (Thisisu) C:\Users\admin\Downloads\JRT.exe
2014-04-18 19:05 - 2014-04-18 19:05 - 00000000 ____D () C:\Windows\ERUNT
2014-04-18 19:01 - 2014-04-18 19:01 - 01426178 _____ () C:\Users\admin\Downloads\adwcleaner.exe
2014-04-18 18:58 - 2014-04-18 18:57 - 02158592 _____ (Farbar) C:\Users\admin\Downloads\FRST64.exe
2014-04-18 18:37 - 2014-04-18 18:37 - 00001109 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-18 18:37 - 2014-04-18 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-04-18 18:37 - 2014-04-18 18:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-18 18:37 - 2014-04-18 18:37 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-04-18 18:36 - 2014-04-18 18:36 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\admin\Desktop\mbam-setup-2-0-1-1004.exe
2014-04-18 18:23 - 2014-04-18 18:23 - 00000000 ____D () C:\Users\admin\AppData\Local\Hewlett-Packard_Developme
2014-04-17 06:23 - 2014-04-17 06:23 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_HpqKbFiltr_01011.Wdf
2014-04-17 06:23 - 2014-04-01 09:06 - 00000000 ____D () C:\Users\admin\AppData\Roaming\hpqLog
2014-04-17 06:21 - 2014-01-18 23:19 - 00000000 ____D () C:\Windows\Hewlett-Packard
2014-04-16 15:09 - 2014-04-16 15:09 - 00347816 _____ (Microsoft Corporation) C:\Users\admin\Downloads\MicrosoftFixit.Devices.RNP.13321084561308373.1.1.Run.exe
2014-04-16 14:31 - 2014-04-16 14:31 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Intel Corporation
2014-04-16 14:30 - 2014-04-16 14:30 - 00141696 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-16 14:30 - 2014-04-16 14:30 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{3F3ED25F-A7C8-49F1-90AA-E15FF965648D}
2014-04-16 14:30 - 2014-04-16 14:30 - 00001424 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Synaptics
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\ICAClient
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\hpqlog
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Hewlett-Packard
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Power2Go8
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Local\PDFC
2014-04-16 14:30 - 2014-04-16 14:30 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Citrix
2014-04-16 14:30 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-04-16 14:29 - 2014-04-16 14:29 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Vorlagen
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Startmenü
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Netzwerkumgebung
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Lokale Einstellungen
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Eigene Dateien
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Druckumgebung
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Documents\Eigene Musik
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Documents\Eigene Bilder
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\AppData\Local\Verlauf
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\AppData\Local\Anwendungsdaten
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 _SHDL () C:\Users\Administrator\Anwendungsdaten
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Intel
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\DigitalPersona
2014-04-16 14:29 - 2014-04-16 14:29 - 00000000 ____D () C:\Users\Administrator\AppData\Local\DigitalPersona
2014-04-16 14:21 - 2014-04-16 14:21 - 04591136 _____ (TeamViewer) C:\Users\admin\Downloads\TeamViewerQS_de-ckc.exe
2014-04-16 14:21 - 2014-04-16 14:21 - 00000000 ____D () C:\Users\admin\AppData\Roaming\TeamViewer
2014-04-16 13:04 - 2014-04-10 17:26 - 00000000 ___DC () C:\Users\admin\AppData\Local\MigWiz
2014-04-16 12:53 - 2014-04-16 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-04-16 12:53 - 2014-04-16 12:53 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-16 12:53 - 2014-04-16 12:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-16 12:53 - 2014-04-16 12:52 - 13084896 _____ (Microsoft Corporation) C:\Users\admin\Downloads\Silverlight_x64.exe
2014-04-16 12:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-14 20:13 - 2014-04-01 14:10 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2014-04-01 14:10 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-14 20:05 - 2014-04-01 14:10 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-14 20:04 - 2014-04-01 14:10 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-14 19:02 - 2011-02-11 15:51 - 01605586 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-04-14 04:24 - 2014-05-06 10:43 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:19 - 2014-05-06 10:43 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-13 08:34 - 2014-04-13 08:34 - 00001375 _____ () C:\Users\admin\Desktop\FRITZVPN.lnk
2014-04-13 08:34 - 2014-04-06 18:51 - 00000000 ____D () C:\Program Files\FRITZ!Fernzugang
2014-04-13 08:33 - 2014-04-13 08:33 - 12995204 _____ () C:\Users\admin\Downloads\Fritz_Fernzugang_VPN_1.3.1.0 (2).zip
2014-04-13 08:32 - 2014-04-06 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!Fernzugang
2014-04-13 08:31 - 2014-04-13 08:31 - 12995204 _____ () C:\Users\admin\Downloads\Fritz_Fernzugang_VPN_1.3.1.0 (1).zip
2014-04-13 08:27 - 2014-04-01 14:02 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-04-13 08:26 - 2014-04-13 08:26 - 00000112 _____ () C:\Windows\system32\snetcfg.log
2014-04-13 08:16 - 2014-04-13 07:44 - 00000000 ____D () C:\Users\admin\AppData\Roaming\AVM
2014-04-13 08:16 - 2014-04-06 17:20 - 00000000 ____D () C:\Program Files (x86)\FRITZ!Fernzugang einrichten
2014-04-13 08:15 - 2014-04-13 08:15 - 00001528 _____ () C:\Users\admin\Desktop\VPNAdmin.exe - Verknüpfung.lnk
2014-04-13 07:18 - 2014-04-13 07:18 - 00001144 _____ () C:\WirelessDiagLog.csv
Files to move or delete:
====================
C:\ProgramData\eDViewer.exe
Some content of TEMP:
====================
C:\Users\admin\AppData\Local\Temp\AcDeltree.exe
C:\Users\admin\AppData\Local\Temp\avgnt.exe
C:\Users\admin\AppData\Local\Temp\Extract.exe
C:\Users\admin\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\admin\AppData\Local\Temp\sp64126.exe
C:\Users\admin\AppData\Local\Temp\SP65853.exe
C:\Users\admin\AppData\Local\Temp\UninstallHPSA.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-12 19:11
==================== End Of Log ============================
|
|
13.05.2014, 19:30
| #28 | ||||||||
| /// Malwareteam | Sämtliche USB-Sticks Berechtigung Zugriff verweigert Win7 prof. Ok, wenn du jetzt keine weiteren Fragen oder Probleme mehr hast, sind wir fertig .Cleanup Falls du Malwarebytes Anti-Malware und den ESET Online Scanner nicht mehr behalten möchtest, kannst du diese über die Systemsteuerung deinstallieren. Ich empfehle dir, mindestens ein Programm zu behalten (näheres in den Tipps). Windows XP: Start --> Systemsteuerung --> Kategorieansicht auswählen (falls nicht voreingestellt) --> SoftwareDie Reihenfolge ist hier entscheidend.
In deinen Logfiles sehe ich im Moment keine schädlichen Einträge mehr, du bist in meinen Augen Clean. Für die Zukunft habe ich dir Tipps aufgeschrieben, damit du uns in nächster Zeit nicht mehr brauchst .Tipps - Frequently Asked Questions (FAQ)/Häufig gestellte Fragen  Welcher Antivirenscanner ist der beste?
Aber Updates muss ich immer installieren, oder?
Ok, muss ich auf etwas achten, wenn ich im Internet surfe?
Welche Programme sollte ich nicht verwenden?
Gibt es noch weitere Tipps, um mich zu schützen?
 .Wenn du die Arbeit des Trojaner-Boards unterstützen möchtest, kannst du gerne spenden .Ich wünsche dir eine schöne und malwarefreie Zeit  .
__________________ Gruß, Jonas |
|
14.05.2014, 08:36
| #29 |
| | Sämtliche USB-Sticks Berechtigung Zugriff verweigert Win7 prof. Hallo Jonas, vielen Dank für deine Hilfe und vor allem für deine Geduld! Ich werde gerne eine Betrag spenden und auch den Lieferant bitten, euch zu unterstützen, da es eigentlich sein Job gewesen wäre, mir zu helfen. Gruß Frank |
|
14.05.2014, 17:52
| #30 | |
| /// Malwareteam | Sämtliche USB-Sticks Berechtigung Zugriff verweigert Win7 prof. Hallo frarot, Zitat:
 .Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht, damit erhalte ich keine Benachrichtungen über neue Antworten in diesem Thread. Solltest Du das Thema erneut brauchen, schicke mir bitte eine private Nachricht. Jeder Andere bitte hier klicken und einen eigenen Thread erstellen.
__________________ Gruß, Jonas |
|
| Themen zu Sämtliche USB-Sticks Berechtigung Zugriff verweigert Win7 prof. |
| administrator, adware.adpeak, adware/crossrider.t, adware/crossrider.u, appdatalow, auftrag, installation, internet, internet explorer, js/crossrider.l, preferences, pup.optional.adpeak.a, pup.optional.betterdeals.a, pup.optional.mysearchdial.a, pup.optional.rrsavings.a, pup.optional.settingsmanager.a, pup.optional.softonic.a, pup.optional.suprasavings.a, registrierungsdatenbank, tr/kazy.324119.11, tr/spy.90112.948, trojan.agent, usb zugriff verweigert, zugriff verweigert |
