Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Tabs öffnen sich automatisch

Tabs öffnen sich automatisch


Plagegeister aller Art und deren Bekämpfung: Tabs öffnen sich automatisch

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 08.05.2014, 10:16   #1
Stobbel
 
Tabs öffnen sich automatisch - Standard

Tabs öffnen sich automatisch


Moin liebes Trojaner-Board Team,

wir haben uns in der Firma einen gebrauchten PC gekauft, welcher vom Vorbenutzer platt gemacht wurde. Da ich der einzige in der Firma bin, der sich ein bisschen mit PCs auskennt, sollte ich ihn einrichten. Also hab ich erstmal versucht, Avira zu installieren, aber direkt beim Öffnen von Firefox öffnen sich neue Tabs. Als Avira dann installiert war, hat es auch gleich eine Datei gefunden. "Genesis.exe" heißt diese Datei und ich hab sie erstmal in Quarantäne verschoben.

Anscheinend hat diese Datei ständig bewirkt, dass sich neue Tabs geöffnet haben, denn nach dem Verschieben in Quarantäne ist dies nicht mehr passiert.

So ganz vertraue ich dem Rechner jetzt aber nicht mehr, daher würde ich diesen PC gerne bereinigen, bevor er wirklich für die Arbeit verwendet wird.

Mit freundlichen Grüßen
Stobbel

Alt 08.05.2014, 10:33   #2
schrauber
/// the machine
/// TB-Ausbilder
 
Tabs öffnen sich automatisch - Standard

Tabs öffnen sich automatisch


hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________
Alt 08.05.2014, 11:05   #3
Stobbel
 
Tabs öffnen sich automatisch - Standard

Tabs öffnen sich automatisch


Der Text ist zu lang, ich hab die beiden Dateien daher in einen Zip Ordner gepackt und als Anhang hochgeladen.
__________________
Alt 09.05.2014, 09:21   #4
schrauber
/// the machine
/// TB-Ausbilder
 
Tabs öffnen sich automatisch - Standard

Tabs öffnen sich automatisch


Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.05.2014, 17:38   #5
Stobbel
 
Tabs öffnen sich automatisch - Standard

Tabs öffnen sich automatisch


Addition.txt:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-05-2014 01
Ran by Leistung at 2014-05-08 11:41:25
Running from C:\Users\Leistung\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Avira (HKLM-x32\...\{3361e961-9e49-487c-b1ac-9255348ccbaf}) (Version: 1.1.12.20002 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.12.20002 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Buzz-it (HKLM-x32\...\4bedd0b2-c0ad-4393-949d-73379f3151a8) (Version:  - Buzz-it software)
CloneCD (HKLM-x32\...\CloneCD) (Version:  - SlySoft)
DELISprint (HKLM-x32\...\{9480CCD5-BB18-4DF3-AB18-04198B30DD62}) (Version: 5.6.6.0 - DPD)
Genesis (HKCU\...\genesis) (Version:  - )
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla)
Mozilla Thunderbird 24.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.5.0 (x86 de)) (Version: 24.5.0 - Mozilla)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {6A38353E-F267-415F-B38B-9AB6D827F15D} - System32\Tasks\{7956A425-1838-4A39-8B29-6C1BE4648ACD} => C:\Program Files\Outlook Express\setup50.exe [2008-04-14] (Microsoft Corporation) <==== ATTENTION
Task: {8ADB38E7-D031-47C8-AFFE-5F5BDC01498B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29] (Adobe Systems Incorporated)
Task: {9FDA4EC6-D3F8-4868-B25A-4E52F6596384} - System32\Tasks\Buzz-it_wd => C:\Program Files (x86)\Buzz-it Corp\Buzz-it_wd.exe [2014-04-30] ()
Task: {E056495C-6837-454C-8275-90CFBBAC6A1B} - System32\Tasks\Buzz-it Update => C:\Program Files (x86)\Buzz-it Corp\Buzzi.exe [2014-04-30] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Buzz-it Update.job => C:\Program Files (x86)\Buzz-it Corp\Buzzi.exe
Task: C:\Windows\Tasks\Buzz-it_wd.job => C:\Program Files (x86)\Buzz-it Corp\Buzz-it_wd.exe

==================== Loaded Modules (whitelisted) =============

2014-04-30 09:32 - 2014-04-30 09:32 - 00077312 _____ () C:\Program Files (x86)\Buzz-it Corp\Buzz-it_wd.exe
2014-04-30 09:32 - 2014-04-30 09:32 - 00141824 _____ () C:\Program Files (x86)\Buzz-it Corp\Buzz-it158.exe
2014-04-30 09:31 - 2014-04-30 09:31 - 00706560 _____ () C:\Program Files\003\xmkysecqun64.exe
2014-05-08 10:55 - 2014-02-25 11:41 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-04-30 09:32 - 2014-04-30 09:32 - 00133120 _____ () C:\Program Files (x86)\Buzz-it Corp\Buzz-it158.dll
2014-05-05 10:37 - 2014-05-05 10:37 - 00138320 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-05-05 10:37 - 2014-05-05 10:37 - 00065616 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-05-08 10:56 - 2014-05-05 10:37 - 00049744 _____ () C:\Users\Leistung\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-04-22 13:44 - 2014-03-15 10:40 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-29 10:21 - 2014-04-29 10:21 - 16351920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Officejet Pro 8600
Description: Officejet Pro 8600
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/30/2014 10:19:09 AM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Name der fehlerhaften Anwendung: DelisPrint.exe, Version: 5.6.3.0, Zeitstempel: 0x4c3d6058
Name des fehlerhaften Moduls: DelisPrint.exe, Version: 5.6.3.0, Zeitstempel: 0x4c3d6058
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0008eb91
ID des fehlerhaften Prozesses: 0x1230
Startzeit der fehlerhaften Anwendung: 0xDelisPrint.exe0
Pfad der fehlerhaften Anwendung: DelisPrint.exe1
Pfad des fehlerhaften Moduls: DelisPrint.exe2
Berichtskennung: DelisPrint.exe3

Error: (04/30/2014 10:13:29 AM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Name der fehlerhaften Anwendung: DelisPrint.exe, Version: 5.6.3.0, Zeitstempel: 0x4c3d6058
Name des fehlerhaften Moduls: DelisPrint.exe, Version: 5.6.3.0, Zeitstempel: 0x4c3d6058
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0008eb91
ID des fehlerhaften Prozesses: 0x110c
Startzeit der fehlerhaften Anwendung: 0xDelisPrint.exe0
Pfad der fehlerhaften Anwendung: DelisPrint.exe1
Pfad des fehlerhaften Moduls: DelisPrint.exe2
Berichtskennung: DelisPrint.exe3

Error: (04/30/2014 09:38:49 AM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Name der fehlerhaften Anwendung: MsiExec.exe, Version: 5.0.7600.16385, Zeitstempel: 0x4a5bc3e6
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.1.7600.17038, Zeitstempel: 0x4fd2d370
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00080e20
ID des fehlerhaften Prozesses: 0xe38
Startzeit der fehlerhaften Anwendung: 0xMsiExec.exe0
Pfad der fehlerhaften Anwendung: MsiExec.exe1
Pfad des fehlerhaften Moduls: MsiExec.exe2
Berichtskennung: MsiExec.exe3

Error: (04/30/2014 09:34:03 AM) (Source: MsiInstaller) (User: Leistung-PC) (EventID: 11925)
Description: Product: SupraSavings -- Error 1925. You do not have sufficient privileges to complete this installation for all users of the machine.  Log on as administrator and then retry this installation.

Error: (04/29/2014 00:35:45 PM) (Source: MsiInstaller) (User: Leistung-PC) (EventID: 1024)
Description: Produkt: Adobe Reader XI (11.0.06) - Deutsch - Update "Adobe Reader XI (11.0.06)" konnte nicht installiert werden. Fehlercode 1603. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (04/29/2014 00:34:09 PM) (Source: MsiInstaller) (User: Leistung-PC) (EventID: 11935)
Description: Produkt: Adobe Reader XI (11.0.06) - Deutsch -- Fehler 1935. An error occurred during the installation of assembly component {B708EB72-AA82-3EB7-8BB0-D845BA35C93D}. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem, function: Commit, assembly name: Microsoft.VC90.CRT,version="9.0.21022.8",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="x86",type="win32"

Error: (04/22/2014 01:31:43 PM) (Source: Software Protection Platform Service) (User: ) (EventID: 1014)
Description: Fehler beim Erwerb der Endbenutzerlizenz. hr=0xC004C008
SKU-ID=5e017a8a-f3f9-4167-b1bd-ba3e236a4d8f

Error: (04/22/2014 01:31:43 PM) (Source: Software Protection Platform Service) (User: ) (EventID: 8200)
Description: Lizenzerwerb-Fehlerdetails. 
hr=0xC004C008

Error: (04/22/2014 01:09:01 PM) (Source: Software Protection Platform Service) (User: ) (EventID: 1014)
Description: Fehler beim Erwerb der Endbenutzerlizenz. hr=0xC004C008
SKU-ID=5e017a8a-f3f9-4167-b1bd-ba3e236a4d8f

Error: (04/22/2014 01:09:01 PM) (Source: Software Protection Platform Service) (User: ) (EventID: 8200)
Description: Lizenzerwerb-Fehlerdetails. 
hr=0xC004C008


System errors:
=============
Error: (05/08/2014 11:02:51 AM) (Source: DCOM) (User: NT-AUTORITÄT) (EventID: 10016)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (05/08/2014 11:01:42 AM) (Source: atikmdag) (User: ) (EventID: 10261)
Description: Display is not active

Error: (05/08/2014 11:01:42 AM) (Source: atikmdag) (User: ) (EventID: 19468)
Description: CPLIB :: General - Invalid Parameter

Error: (05/08/2014 10:30:17 AM) (Source: DCOM) (User: NT-AUTORITÄT) (EventID: 10016)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (05/08/2014 10:29:08 AM) (Source: atikmdag) (User: ) (EventID: 10261)
Description: Display is not active

Error: (05/08/2014 10:29:08 AM) (Source: atikmdag) (User: ) (EventID: 19468)
Description: CPLIB :: General - Invalid Parameter

Error: (05/02/2014 06:21:10 PM) (Source: atikmdag) (User: ) (EventID: 10261)
Description: Display is not active

Error: (05/02/2014 02:39:49 PM) (Source: DCOM) (User: NT-AUTORITÄT) (EventID: 10016)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (05/02/2014 02:38:42 PM) (Source: atikmdag) (User: ) (EventID: 10261)
Description: Display is not active

Error: (05/02/2014 02:38:42 PM) (Source: atikmdag) (User: ) (EventID: 19468)
Description: CPLIB :: General - Invalid Parameter


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 44%
Total physical RAM: 3071.18 MB
Available physical RAM: 1715.54 MB
Total Pagefile: 6140.49 MB
Available Pagefile: 4518.36 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:210.74 GB) NTFS
Drive e: () (Fixed) (Total:37.31 GB) (Free:27.45 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 43ADA5B5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=233 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 37 GB) (Disk ID: B147B147)
Partition 1: (Active) - (Size=37 GB) - (Type=07 NTFS)

==================== End Of Log ============================


Alt 09.05.2014, 17:40   #6
Stobbel
 
Tabs öffnen sich automatisch - Standard

Tabs öffnen sich automatisch


FRST.txt:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-05-2014 01
Ran by Leistung (administrator) on LEISTUNG-PC on 08-05-2014 11:40:23
Running from C:\Users\Leistung\Downloads
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\Buzz-it Corp\Buzz-it_wd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\Buzz-it Corp\Buzz-it158.exe
() C:\Program Files\003\xmkysecqun64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe


==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-30] (SlySoft, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [182352 2014-05-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3540134518-1956010994-2276479147-1000\...\Run: [genesis] => /r
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:13828
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xFFC11509205ECF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
URLSearchHook: HKCU - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: No Name - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Leistung\AppData\Roaming\Mozilla\Firefox\Profiles\j981zl7r.default
FF user.js: detected! => C:\Users\Leistung\AppData\Roaming\Mozilla\Firefox\Profiles\j981zl7r.default\user.js
FF NewTab: www.google.de
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Leistung\AppData\Roaming\Mozilla\Firefox\Profiles\j981zl7r.default\searchplugins\iminent.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Leistung\AppData\Roaming\Mozilla\Firefox\Profiles\j981zl7r.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-02]
FF HKCU\...\Firefox\Extensions: [{a64029fd-6e8f-4bbe-8f83-f4457bae30d6}] - C:\Program Files (x86)\Buzz-it Corp\158.xpi
FF Extension: No Name - C:\Program Files (x86)\Buzz-it Corp\158.xpi [2014-04-30]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [124496 2014-05-05] (Avira Operations GmbH & Co. KG)
R2 Buzz-it; C:\Program Files (x86)\Buzz-it Corp\Buzz-it158.exe [141824 2014-04-30] ()
R2 xmkysecqun64; C:\Program Files\003\xmkysecqun64.exe [706560 2014-04-30] ()

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-08 11:40 - 2014-05-08 11:40 - 00006774 _____ () C:\Users\Leistung\Downloads\FRST.txt
2014-05-08 11:40 - 2014-05-08 11:40 - 00000000 ____D () C:\FRST
2014-05-08 11:39 - 2014-05-08 11:39 - 02063872 _____ (Farbar) C:\Users\Leistung\Downloads\FRST64.exe
2014-05-08 10:57 - 2014-05-08 10:57 - 00000000 ____D () C:\Users\Leistung\AppData\Roaming\Avira
2014-05-08 10:55 - 2014-02-25 11:41 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-05-08 10:55 - 2014-02-25 11:41 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-08 10:55 - 2014-02-25 11:41 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-05-08 10:50 - 2014-05-08 10:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-08 10:50 - 2014-05-08 10:55 - 00000000 ____D () C:\ProgramData\Avira
2014-05-08 10:50 - 2014-05-08 10:55 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-08 10:50 - 2014-05-08 10:50 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-05-08 10:44 - 2014-05-08 10:45 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-08 10:44 - 2014-05-08 10:44 - 04530888 _____ (Avira Operations GmbH & Co. KG) C:\Users\Leistung\Downloads\avira_de_av___ws.exe
2014-05-08 10:34 - 2014-05-08 10:34 - 00002102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-05-08 10:34 - 2014-05-08 10:34 - 00002090 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-05-08 10:34 - 2014-05-08 10:34 - 00000000 ____D () C:\Users\Leistung\AppData\Roaming\Thunderbird
2014-05-08 10:34 - 2014-05-08 10:34 - 00000000 ____D () C:\Users\Leistung\AppData\Local\Thunderbird
2014-05-08 10:34 - 2014-05-08 10:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-05-08 10:33 - 2014-05-08 10:33 - 21987152 _____ (Mozilla) C:\Users\Leistung\Downloads\Thunderbird Setup 24.5.0.exe
2014-05-02 14:42 - 2014-05-02 14:42 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-02 14:42 - 2014-05-02 14:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELISprint
2014-05-02 14:42 - 2014-05-02 14:42 - 00000000 ____D () C:\DPD
2014-05-02 14:40 - 2014-05-02 14:41 - 25188838 _____ (DELICom DPD GmbH ) C:\Users\Leistung\Downloads\DELISprint_Setup(1).exe
2014-04-30 15:24 - 2014-04-30 15:24 - 00003164 _____ () C:\Windows\System32\Tasks\{336AD62F-8197-4CD9-9BD2-1A8DDB8D7A4D}
2014-04-30 14:59 - 2014-04-30 14:59 - 25188838 _____ (DELICom DPD GmbH ) C:\Users\Leistung\Downloads\DELISprint_Setup.exe
2014-04-30 11:12 - 2014-05-08 11:01 - 00088578 _____ () C:\Windows\PFRO.log
2014-04-30 10:05 - 2014-04-30 15:06 - 00000000 ____D () C:\Users\Leistung\Documents\DPD2
2014-04-30 10:04 - 2014-04-30 10:04 - 00002966 _____ () C:\Windows\System32\Tasks\{7956A425-1838-4A39-8B29-6C1BE4648ACD}
2014-04-30 09:47 - 2014-04-30 09:47 - 00003174 _____ () C:\Windows\System32\Tasks\{9FCA2C14-44E0-46C1-B035-3795426D257C}
2014-04-30 09:46 - 2014-04-30 09:46 - 00000000 ____D () C:\Program Files\Outlook Express
2014-04-30 09:42 - 2014-04-30 09:42 - 00003190 _____ () C:\Windows\System32\Tasks\{E489364C-062D-492C-A24B-48B4AB931506}
2014-04-30 09:32 - 2014-05-08 11:02 - 00000390 _____ () C:\Windows\Tasks\Buzz-it Update.job
2014-04-30 09:32 - 2014-05-08 11:01 - 00000384 _____ () C:\Windows\Tasks\Buzz-it_wd.job
2014-04-30 09:32 - 2014-04-30 09:42 - 00000898 _____ () C:\Windows\Active Setup Log.BAK
2014-04-30 09:32 - 2014-04-30 09:33 - 00000000 ____D () C:\Users\Leistung\AppData\Roaming\systweak
2014-04-30 09:32 - 2014-04-30 09:32 - 00003044 _____ () C:\Windows\System32\Tasks\Buzz-it Update
2014-04-30 09:32 - 2014-04-30 09:32 - 00002978 _____ () C:\Windows\System32\Tasks\Buzz-it_wd
2014-04-30 09:32 - 2014-04-30 09:32 - 00000000 ____D () C:\Program Files (x86)\Buzz-it Corp
2014-04-30 09:32 - 2013-08-22 18:36 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2014-04-30 09:31 - 2014-05-08 10:59 - 00000000 ____D () C:\Users\Leistung\AppData\Local\Genesis
2014-04-30 09:31 - 2014-04-30 09:39 - 00000000 ____D () C:\Program Files (x86)\IminentToolbar
2014-04-30 09:31 - 2014-04-30 09:31 - 00000000 ____D () C:\Program Files\003
2014-04-30 09:02 - 2014-04-30 09:02 - 00109296 _____ () C:\Users\Leistung\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-29 13:33 - 2012-09-24 10:13 - 00042915 _____ () C:\Users\Leistung\Desktop\Astoria Adresse(1).xps
2014-04-29 13:33 - 2012-09-24 10:13 - 00042915 _____ () C:\Users\Leistung\Desktop\Astoria Adresse(1)(1).xps
2014-04-29 13:33 - 2012-09-17 12:55 - 00042915 _____ () C:\Users\Leistung\Desktop\Astoria Adresse.xps
2014-04-29 12:54 - 2014-04-29 12:54 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-04-29 12:54 - 2014-04-29 12:54 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-04-29 12:53 - 2014-04-29 12:53 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-29 12:53 - 2010-09-14 08:45 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2014-04-29 12:53 - 2010-09-14 08:07 - 00276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2014-04-29 12:50 - 2009-09-10 08:28 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-04-29 12:50 - 2009-09-10 07:52 - 00257024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-04-29 12:49 - 2012-07-26 06:55 - 00785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-04-29 12:49 - 2012-07-26 06:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-04-29 12:49 - 2012-07-26 04:36 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-04-29 12:49 - 2012-06-02 16:35 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-04-29 12:35 - 2014-04-29 12:35 - 00000000 ____D () C:\ProgramData\McAfee
2014-04-29 12:32 - 2014-05-02 14:38 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-29 12:32 - 2014-04-29 12:32 - 17848832 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 12347904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 10926592 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-04-29 12:32 - 2014-04-29 12:32 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-04-29 12:32 - 2014-04-29 12:32 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-29 12:32 - 2014-04-29 12:32 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 12:32 - 2014-04-29 12:32 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-29 12:32 - 2014-04-29 12:32 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-29 12:32 - 2014-04-29 12:32 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-29 12:32 - 2014-04-29 12:32 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-04-29 12:32 - 2014-04-29 12:32 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-04-29 12:32 - 2014-04-29 12:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-04-29 12:32 - 2014-04-29 12:32 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-29 12:30 - 2014-04-29 12:33 - 00004747 _____ () C:\Windows\IE9_main.log
2014-04-29 12:29 - 2014-04-29 12:58 - 00000000 ____D () C:\Users\Leistung\AppData\Roaming\Adobe
2014-04-29 12:29 - 2014-04-29 12:29 - 00000000 ____D () C:\Users\Leistung\AppData\Roaming\Macromedia
2014-04-29 12:29 - 2014-04-29 12:29 - 00000000 ____D () C:\Users\Leistung\AppData\Local\Macromedia
2014-04-29 12:26 - 2012-12-16 18:52 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-04-29 12:26 - 2012-12-16 16:40 - 00367616 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-04-29 12:26 - 2012-12-16 16:25 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-04-29 12:26 - 2012-12-16 16:25 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-04-29 12:26 - 2009-10-19 16:46 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-04-29 12:26 - 2009-10-19 16:10 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-04-29 12:25 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-04-29 12:25 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-04-29 12:25 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-04-29 12:25 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-04-29 12:25 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-04-29 12:25 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-04-29 12:25 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-04-29 12:25 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-04-29 12:24 - 2014-04-30 15:45 - 00001443 _____ () C:\Users\Leistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-29 12:24 - 2014-04-29 12:24 - 00000000 ___RD () C:\Users\Leistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zubehör
2014-04-29 12:24 - 2014-04-29 12:24 - 00000000 ___RD () C:\Users\Leistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Verwaltung
2014-04-29 12:24 - 2014-04-29 12:24 - 00000000 ___RD () C:\Users\Leistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autostart
2014-04-29 12:24 - 2009-09-15 10:31 - 00001599 _____ () C:\Users\Leistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Remoteunterstützung.lnk
2014-04-29 12:23 - 2014-04-29 12:49 - 00000000 ____D () C:\Users\Leistung\Desktop\Sonstiges
2014-04-29 12:23 - 2014-04-29 12:24 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-29 12:23 - 2014-04-29 12:23 - 00000000 ___RD () C:\Users\Leistung\Favoriten
2014-04-29 12:23 - 2014-04-29 12:23 - 00000000 ____D () C:\Users\Leistung\Desktop\Plakate
2014-04-29 12:23 - 2014-04-29 12:23 - 00000000 ____D () C:\Users\Leistung\Desktop\Lager
2014-04-29 12:23 - 2014-04-29 12:23 - 00000000 ____D () C:\Users\Leistung\4.0
2014-04-29 12:23 - 2014-04-29 12:23 - 00000000 ____D () C:\Users\Leistung\.tfo4
2014-04-29 12:23 - 2014-03-31 03:51 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-29 12:23 - 2014-02-19 11:07 - 00030208 _____ () C:\Users\Leistung\Desktop\Neu Microsoft Office Publisher-Dokument.pub
2014-04-29 12:23 - 2014-02-19 11:06 - 00014336 _____ () C:\Users\Leistung\Documents\Adressaufkleber Astoria.xls
2014-04-29 12:23 - 2014-02-17 10:42 - 00010752 _____ () C:\Users\Leistung\Desktop\astoria
2014-04-29 12:23 - 2012-09-24 10:33 - 00015872 _____ () C:\Users\Leistung\Documents\Pölking GmbH.xls
2014-04-29 12:23 - 2012-09-03 16:00 - 00017408 _____ () C:\Users\Leistung\Documents\Lieferscheine Lager.xls
2014-04-29 12:23 - 2012-09-03 15:33 - 00014336 _____ () C:\Users\Leistung\Documents\Mappe1.xls
2014-04-29 12:23 - 2012-03-20 18:06 - 00008933 _____ () C:\Users\Leistung\hs_err_pid2208.log
2014-04-29 12:23 - 2011-10-25 14:27 - 00000129 _____ () C:\Users\Leistung\jagex_runescape_preferences2.dat
2014-04-29 12:23 - 2011-10-25 14:27 - 00000035 _____ () C:\Users\Leistung\jagex_runescape_preferences.dat
2014-04-29 12:23 - 2009-09-15 10:33 - 00002184 _____ () C:\Users\Leistung\dotNetFx.log
2014-04-29 12:23 - 2009-09-15 10:33 - 00001082 _____ () C:\Users\Leistung\langpackSetup.log
2014-04-29 12:22 - 2013-01-04 07:37 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-29 12:22 - 2013-01-04 07:37 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-29 12:22 - 2013-01-04 07:37 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-29 12:22 - 2013-01-04 07:36 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-04-29 12:22 - 2013-01-04 07:33 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-29 12:22 - 2013-01-04 07:30 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-29 12:22 - 2013-01-04 07:30 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-04-29 12:22 - 2013-01-04 07:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 07:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 07:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 07:27 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 07:27 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 07:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 07:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 07:26 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 07:26 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 07:26 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 06:51 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-29 12:22 - 2013-01-04 06:51 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-04-29 12:22 - 2013-01-04 06:51 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-29 12:22 - 2013-01-04 06:43 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 06:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 05:19 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-04-29 12:22 - 2013-01-04 04:48 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-29 12:22 - 2013-01-04 04:48 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-29 12:22 - 2013-01-04 04:48 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-29 12:22 - 2013-01-04 04:48 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-29 12:22 - 2013-01-04 04:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 04:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 04:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-04-29 12:22 - 2013-01-04 04:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-04-29 12:21 - 2013-02-12 17:42 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-04-29 12:21 - 2013-02-12 17:37 - 03138048 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-29 12:21 - 2013-02-12 17:31 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-04-29 12:21 - 2013-02-12 17:13 - 02691072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-04-29 12:21 - 2013-02-12 17:07 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-04-29 12:21 - 2013-02-12 15:59 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-04-29 12:21 - 2012-11-09 07:34 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-04-29 12:21 - 2012-11-09 07:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-04-29 12:21 - 2012-11-09 06:49 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-04-29 12:21 - 2012-11-09 06:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-04-29 12:21 - 2012-01-04 11:58 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-04-29 12:21 - 2012-01-04 11:03 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2014-04-29 12:21 - 2011-11-17 09:12 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-04-29 12:21 - 2011-11-17 07:39 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2014-04-29 12:21 - 2011-04-27 04:57 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-04-29 12:21 - 2010-11-02 07:18 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2014-04-29 12:21 - 2010-11-02 07:17 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2014-04-29 12:21 - 2010-11-02 07:17 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2014-04-29 12:21 - 2010-11-02 07:16 - 01114624 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-04-29 12:21 - 2010-11-02 07:10 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2014-04-29 12:21 - 2010-11-02 07:10 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2014-04-29 12:21 - 2010-11-02 06:40 - 00496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2014-04-29 12:21 - 2010-11-02 06:40 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2014-04-29 12:21 - 2010-11-02 06:34 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2014-04-29 12:21 - 2010-11-02 06:34 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2014-04-29 12:21 - 2010-03-05 09:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2014-04-29 12:21 - 2010-03-05 09:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2014-04-29 12:20 - 2013-03-01 05:32 - 03150848 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-04-29 12:20 - 2012-06-09 07:30 - 14165504 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-04-29 12:20 - 2012-06-09 06:46 - 12868608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-04-29 12:20 - 2012-03-03 08:29 - 01837568 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-04-29 12:20 - 2012-03-03 08:29 - 01541120 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-04-29 12:20 - 2012-03-03 08:29 - 00902656 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-04-29 12:20 - 2012-03-03 08:29 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-04-29 12:20 - 2012-03-03 08:29 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-04-29 12:20 - 2012-03-03 07:40 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-04-29 12:20 - 2012-03-03 07:40 - 01074176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-04-29 12:20 - 2012-03-03 07:40 - 00739840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-04-29 12:20 - 2012-03-03 07:40 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-04-29 12:20 - 2012-03-03 07:40 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-04-29 12:20 - 2011-10-26 07:22 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-04-29 12:20 - 2011-10-26 07:22 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-04-29 12:20 - 2011-10-26 06:28 - 01328640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-04-29 12:20 - 2011-10-26 06:28 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-04-29 12:20 - 2011-07-09 04:44 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-04-29 12:20 - 2011-06-16 07:31 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-04-29 12:20 - 2011-06-16 06:35 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2014-04-29 12:20 - 2011-06-15 11:58 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-04-29 12:20 - 2011-06-15 11:58 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-04-29 12:20 - 2011-06-15 11:58 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-04-29 12:20 - 2011-06-15 11:58 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-04-29 12:20 - 2011-06-15 11:04 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2014-04-29 12:20 - 2011-06-15 11:04 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2014-04-29 12:20 - 2011-06-15 11:04 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2014-04-29 12:20 - 2011-06-15 11:04 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2014-04-29 12:20 - 2011-06-15 11:04 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2014-04-29 12:20 - 2011-05-04 07:30 - 02326016 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-04-29 12:20 - 2011-05-04 07:28 - 02228224 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-04-29 12:20 - 2011-05-04 07:28 - 00779264 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-04-29 12:20 - 2011-05-04 07:28 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-04-29 12:20 - 2011-05-04 07:28 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-04-29 12:20 - 2011-05-04 07:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-04-29 12:20 - 2011-05-04 07:24 - 00593408 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-04-29 12:20 - 2011-05-04 07:24 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-04-29 12:20 - 2011-05-04 07:24 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-04-29 12:20 - 2011-05-04 06:53 - 01553920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2014-04-29 12:20 - 2011-05-04 06:52 - 01401856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2014-04-29 12:20 - 2011-05-04 06:52 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2014-04-29 12:20 - 2011-05-04 06:52 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2014-04-29 12:20 - 2011-05-04 06:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2014-04-29 12:20 - 2011-05-04 06:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2014-04-29 12:20 - 2011-05-04 06:52 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-04-29 12:20 - 2011-05-04 06:52 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2014-04-29 12:20 - 2011-05-04 06:52 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2014-04-29 12:20 - 2011-05-04 04:51 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-04-29 12:20 - 2011-05-04 04:51 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-04-29 12:20 - 2011-04-29 05:13 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-04-29 12:20 - 2011-04-29 05:12 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-04-29 12:20 - 2011-04-29 05:12 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-04-29 12:20 - 2011-04-09 08:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-04-29 12:20 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-04-29 12:20 - 2010-12-23 08:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-04-29 12:20 - 2010-12-23 08:07 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-04-29 12:20 - 2010-12-23 08:02 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-04-29 12:20 - 2010-12-23 07:28 - 00850432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2014-04-29 12:20 - 2010-12-23 07:28 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2014-04-29 12:20 - 2010-12-23 07:24 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2014-04-29 12:20 - 2010-08-26 07:27 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2014-04-29 12:20 - 2010-08-26 06:39 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2014-04-29 12:20 - 2010-06-29 07:39 - 02085376 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2014-04-29 12:20 - 2010-06-29 07:02 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2014-04-29 12:20 - 2010-05-05 09:37 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2014-04-29 12:20 - 2010-05-05 08:46 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2014-04-29 12:20 - 2010-01-19 11:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-04-29 12:20 - 2010-01-19 11:05 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-04-29 12:20 - 2010-01-19 11:05 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-04-29 12:20 - 2010-01-19 11:05 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-04-29 12:20 - 2010-01-19 11:00 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-04-29 12:20 - 2010-01-19 11:00 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-04-29 12:20 - 2010-01-19 11:00 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-04-29 12:20 - 2010-01-19 11:00 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-04-29 12:20 - 2010-01-19 01:29 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-04-29 12:20 - 2010-01-19 01:29 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-04-29 12:20 - 2010-01-19 01:29 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-04-29 12:20 - 2010-01-19 01:29 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-04-29 12:20 - 2010-01-19 01:28 - 00324608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-04-29 12:20 - 2010-01-19 01:28 - 00320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-04-29 12:20 - 2010-01-19 01:28 - 00280064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-04-29 12:20 - 2010-01-19 01:28 - 00277504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-04-29 12:20 - 2009-09-03 09:36 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2014-04-29 12:20 - 2009-09-03 09:04 - 01320960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2014-04-29 12:19 - 2013-04-12 16:36 - 01653096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-29 12:19 - 2013-01-04 07:41 - 01893224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-04-29 12:19 - 2013-01-04 07:40 - 00287576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-04-29 12:19 - 2012-12-07 07:41 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-04-29 12:19 - 2012-12-07 07:35 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-04-29 12:19 - 2012-12-07 07:04 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-04-29 12:19 - 2012-12-07 06:57 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2014-04-29 12:19 - 2012-12-07 05:45 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-04-29 12:19 - 2012-12-07 05:45 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-04-29 12:19 - 2012-12-07 05:45 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-04-29 12:19 - 2012-12-07 05:45 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-04-29 12:19 - 2012-12-07 05:45 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-04-29 12:19 - 2012-12-07 05:45 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-04-29 12:19 - 2012-12-07 05:45 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-04-29 12:19 - 2012-12-07 05:45 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-04-29 12:19 - 2012-12-07 05:45 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-04-29 12:19 - 2012-12-07 05:45 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-04-29 12:19 - 2012-12-07 05:45 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-04-29 12:19 - 2012-12-07 05:45 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-04-29 12:19 - 2012-12-07 05:45 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-04-29 12:19 - 2012-12-07 05:45 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-04-29 12:19 - 2012-12-07 05:21 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2014-04-29 12:19 - 2012-12-07 05:21 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2014-04-29 12:19 - 2012-12-07 05:21 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2014-04-29 12:19 - 2012-12-07 05:21 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2014-04-29 12:19 - 2012-12-07 05:21 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2014-04-29 12:19 - 2012-12-07 05:21 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2014-04-29 12:19 - 2012-12-07 05:21 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2014-04-29 12:19 - 2012-12-07 05:21 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2014-04-29 12:19 - 2012-12-07 05:21 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2014-04-29 12:19 - 2012-12-07 05:21 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2014-04-29 12:19 - 2012-12-07 05:21 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2014-04-29 12:19 - 2012-12-07 05:21 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2014-04-29 12:19 - 2012-12-07 05:21 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2014-04-29 12:19 - 2012-12-07 05:21 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2014-04-29 12:19 - 2012-11-30 01:21 - 00420032 _____ () C:\Windows\SysWOW64\locale.nls
2014-04-29 12:19 - 2012-11-30 01:19 - 00420032 _____ () C:\Windows\system32\locale.nls
2014-04-29 12:19 - 2012-11-22 12:32 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-04-29 12:19 - 2012-11-22 11:33 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-04-29 12:19 - 2012-11-02 07:30 - 02001408 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-04-29 12:19 - 2012-11-02 07:30 - 01880064 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-04-29 12:19 - 2012-11-02 06:50 - 01388544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-04-29 12:19 - 2012-11-02 06:50 - 01236992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-04-29 12:19 - 2012-06-02 07:38 - 00152432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-04-29 12:19 - 2012-06-02 07:38 - 00095088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-04-29 12:19 - 2012-06-02 07:37 - 00459216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-04-29 12:19 - 2012-06-02 07:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-04-29 12:19 - 2012-06-02 06:48 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-04-29 12:19 - 2012-06-02 06:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-04-29 12:19 - 2012-06-02 06:42 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-04-29 12:19 - 2012-05-02 07:32 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-04-29 12:19 - 2012-04-26 07:34 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-04-29 12:19 - 2012-04-26 07:34 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-04-29 12:19 - 2012-04-26 07:28 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-04-29 12:19 - 2012-01-03 08:24 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-04-29 12:19 - 2012-01-03 07:44 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2014-04-29 12:19 - 2011-11-17 09:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-04-29 12:19 - 2011-11-17 09:11 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-04-29 12:19 - 2011-11-17 09:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-04-29 12:19 - 2011-11-17 09:08 - 01446912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-04-29 12:19 - 2011-11-17 09:05 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-04-29 12:19 - 2011-08-17 07:32 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-04-29 12:19 - 2011-08-17 07:27 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2014-04-29 12:19 - 2011-08-17 07:27 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-04-29 12:19 - 2011-08-17 07:27 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2014-04-29 12:19 - 2011-08-17 07:27 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2014-04-29 12:19 - 2011-08-17 06:26 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2014-04-29 12:19 - 2011-08-17 06:22 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2014-04-29 12:19 - 2011-08-17 06:22 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2014-04-29 12:19 - 2011-08-17 06:22 - 00072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2014-04-29 12:19 - 2011-08-17 06:22 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2014-04-29 12:19 - 2011-04-22 22:18 - 00027008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-29 12:19 - 2011-03-12 14:03 - 00662528 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-04-29 12:19 - 2011-03-12 13:31 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-04-29 12:19 - 2011-03-11 08:19 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-04-29 12:19 - 2011-03-11 08:19 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-04-29 12:19 - 2011-03-11 07:40 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2014-04-29 12:19 - 2011-03-11 07:40 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2014-04-29 12:19 - 2011-03-03 08:17 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-04-29 12:19 - 2011-03-03 08:17 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-04-29 12:19 - 2011-03-03 08:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-04-29 12:19 - 2011-03-03 07:29 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-04-29 12:19 - 2011-03-03 07:27 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2014-04-29 12:19 - 2011-02-24 08:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-04-29 12:19 - 2011-01-26 08:53 - 00982912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-04-29 12:19 - 2011-01-26 08:53 - 00265088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-04-29 12:19 - 2011-01-26 08:31 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-04-29 12:19 - 2010-12-21 08:16 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2014-04-29 12:19 - 2010-12-21 08:16 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-04-29 12:19 - 2010-12-21 08:16 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-04-29 12:19 - 2010-12-21 08:16 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2014-04-29 12:19 - 2010-12-21 08:15 - 00264192 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll
2014-04-29 12:19 - 2010-12-21 08:15 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2014-04-29 12:19 - 2010-12-21 08:10 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-04-29 12:19 - 2010-12-21 07:38 - 00350720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2014-04-29 12:19 - 2010-12-21 07:38 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-04-29 12:19 - 2010-12-21 07:38 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnp.dll
2014-04-29 12:19 - 2010-12-21 07:38 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2014-04-29 12:19 - 2010-12-21 07:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2014-04-29 12:19 - 2010-12-21 07:34 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-04-29 12:19 - 2010-11-02 07:18 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2014-04-29 12:19 - 2010-11-02 07:12 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-04-29 12:19 - 2010-11-02 06:41 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2014-04-29 12:19 - 2010-08-31 06:32 - 00954752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40.dll
2014-04-29 12:19 - 2010-08-31 06:32 - 00954288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40u.dll
2014-04-29 12:19 - 2010-07-29 08:30 - 00082944 _____ (Radius Inc.) C:\Windows\SysWOW64\iccvid.dll
2014-04-29 12:19 - 2010-06-26 07:31 - 01863680 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2014-04-29 12:19 - 2010-06-26 07:14 - 01495040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2014-04-29 12:19 - 2010-05-23 12:15 - 01619456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-04-29 12:19 - 2010-05-23 12:11 - 03181568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-04-29 12:19 - 2010-05-23 12:11 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-04-29 12:19 - 2010-05-23 10:37 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-04-29 12:19 - 2010-05-23 10:35 - 04068864 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-04-29 12:19 - 2010-05-23 10:35 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-04-29 12:19 - 2010-05-23 10:35 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-04-29 12:18 - 2013-02-12 16:02 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-04-29 12:18 - 2012-11-20 07:55 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-04-29 12:18 - 2012-11-20 07:10 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-04-29 12:18 - 2012-11-02 07:27 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-04-29 12:18 - 2012-11-02 06:48 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-04-29 12:18 - 2012-09-06 19:38 - 00295792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-04-29 12:18 - 2012-08-24 20:05 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-04-29 12:18 - 2012-08-24 19:10 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-04-29 12:18 - 2012-08-11 02:53 - 00714752 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-04-29 12:18 - 2012-08-11 01:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-04-29 12:18 - 2012-08-02 19:55 - 00574464 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-04-29 12:18 - 2012-08-02 19:05 - 00490496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-04-29 12:18 - 2012-04-28 05:50 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-04-29 12:18 - 2011-02-24 07:32 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-04-29 12:18 - 2011-02-05 14:41 - 00640896 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-04-29 12:18 - 2011-02-05 14:41 - 00556928 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-04-29 12:18 - 2011-02-05 14:41 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2014-04-29 12:18 - 2011-02-05 14:41 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2014-04-29 12:18 - 2011-02-05 14:41 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2014-04-29 12:18 - 2011-02-05 14:39 - 00603976 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-04-29 12:18 - 2011-02-05 14:39 - 00518160 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-04-29 12:18 - 2010-08-21 08:38 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-04-29 12:18 - 2010-08-21 08:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-04-29 12:18 - 2010-08-21 07:36 - 00738816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2014-04-29 12:18 - 2010-08-21 07:33 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-04-29 12:18 - 2009-12-19 11:50 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
2014-04-29 12:18 - 2009-12-19 11:47 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll
2014-04-29 12:18 - 2009-12-19 11:47 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll
2014-04-29 12:18 - 2009-12-19 11:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll
2014-04-29 12:18 - 2009-12-19 11:46 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll
2014-04-29 12:18 - 2009-12-19 11:02 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\avifil32.dll
2014-04-29 12:18 - 2009-12-19 11:02 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mciavi32.dll
2014-04-29 12:18 - 2009-12-19 11:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iyuv_32.dll
2014-04-29 12:18 - 2009-12-19 11:02 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvidc32.dll
2014-04-29 12:18 - 2009-12-19 11:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msyuv.dll
2014-04-29 12:18 - 2009-12-19 11:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrle32.dll
2014-04-29 12:18 - 2009-12-19 11:02 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsbyuv.dll
2014-04-29 12:18 - 2009-10-31 08:34 - 02870272 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-04-29 12:18 - 2009-10-31 07:45 - 02614272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-04-29 12:18 - 2009-10-28 08:24 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-04-29 12:17 - 2012-09-26 00:39 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-04-29 12:17 - 2012-09-25 23:55 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-04-29 12:17 - 2012-04-07 14:18 - 03213824 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-04-29 12:17 - 2012-04-07 13:34 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-04-29 12:17 - 2012-03-17 09:55 - 00075632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-04-29 12:17 - 2011-12-28 05:59 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-04-29 12:17 - 2010-08-21 08:29 - 00558592 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-04-29 12:17 - 2010-06-19 08:53 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
2014-04-29 12:17 - 2010-06-19 08:23 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtutils.dll
2014-04-29 12:17 - 2009-08-29 09:50 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\msasn1.dll
2014-04-29 12:17 - 2009-08-29 08:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msasn1.dll
2014-04-29 12:14 - 2012-07-05 00:04 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-04-29 12:14 - 2012-07-05 00:01 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-04-29 12:14 - 2012-07-05 00:01 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-04-29 12:14 - 2012-07-04 23:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-04-29 12:14 - 2012-07-04 23:23 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2014-04-29 12:14 - 2011-05-24 13:21 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-04-29 12:14 - 2011-05-24 12:34 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2014-04-29 12:14 - 2011-05-24 12:34 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2014-04-29 12:14 - 2011-05-24 12:34 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2014-04-29 12:14 - 2011-05-24 12:32 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-04-29 12:14 - 2011-02-18 08:33 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-04-29 12:14 - 2011-02-18 07:33 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2014-04-29 12:14 - 2010-12-18 08:08 - 01097216 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-04-29 12:14 - 2010-12-18 07:26 - 01034240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-04-29 12:14 - 2010-09-01 07:21 - 14627840 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-04-29 12:14 - 2010-09-01 07:12 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-04-29 12:14 - 2010-09-01 06:29 - 11406848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-04-29 12:14 - 2010-09-01 06:23 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-04-29 12:13 - 2013-01-24 07:41 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-04-29 12:13 - 2012-05-14 07:20 - 00956416 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-04-29 12:13 - 2012-05-05 10:30 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-04-29 12:13 - 2012-05-05 09:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-04-29 12:13 - 2011-02-12 08:14 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-04-29 11:54 - 2014-04-30 10:53 - 00000000 ____D () C:\Users\Leistung\Documents\DPD1
2014-04-29 11:26 - 2014-04-29 11:26 - 00002703 _____ () C:\Users\Leistung\Desktop\Microsoft Office Excel 2007.lnk
2014-04-29 11:26 - 2014-04-29 11:26 - 00002697 _____ () C:\Users\Leistung\Desktop\Microsoft Office Word 2007.lnk
2014-04-29 10:21 - 2014-05-08 11:33 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-29 10:21 - 2014-04-29 10:21 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 10:21 - 2014-04-29 10:21 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-29 10:21 - 2014-04-29 10:21 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 10:21 - 2014-04-29 10:21 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-04-29 10:21 - 2014-04-29 10:21 - 00000000 ____D () C:\Windows\system32\Macromed
2014-04-29 10:19 - 2014-04-29 12:58 - 00000000 ____D () C:\Users\Leistung\AppData\Local\Adobe
2014-04-22 18:45 - 2014-04-22 18:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-04-22 18:44 - 2014-04-22 18:44 - 00000000 ____D () C:\Windows\PCHEALTH
2014-04-22 18:44 - 2014-04-22 18:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-04-22 18:44 - 2014-04-22 18:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio
2014-04-22 18:43 - 2014-04-29 12:12 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-04-22 18:42 - 2014-04-22 18:45 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-22 18:42 - 2014-04-22 18:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-04-22 18:42 - 2014-04-22 18:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-04-22 18:42 - 2014-04-22 18:42 - 00000000 __RHD () C:\MSOCache
2014-04-22 18:42 - 2014-04-22 18:42 - 00000000 ____D () C:\Users\Leistung\AppData\Local\Microsoft Help
2014-04-22 14:17 - 2012-03-01 08:54 - 00022896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-04-22 14:17 - 2012-03-01 08:40 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-04-22 14:17 - 2012-03-01 08:35 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-04-22 14:17 - 2012-03-01 07:45 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-04-22 14:17 - 2012-03-01 07:40 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2014-04-22 14:17 - 2010-02-23 10:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-04-22 14:03 - 2014-03-31 09:35 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-04-22 13:44 - 2014-05-08 11:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-22 13:44 - 2014-04-22 13:44 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-22 13:44 - 2014-04-22 13:44 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-22 13:44 - 2014-04-22 13:44 - 00000000 ____D () C:\Users\Leistung\AppData\Roaming\Mozilla
2014-04-22 13:44 - 2014-04-22 13:44 - 00000000 ____D () C:\Users\Leistung\AppData\Local\Mozilla
2014-04-22 13:44 - 2014-04-22 13:44 - 00000000 ____D () C:\ProgramData\Mozilla
2014-04-22 13:44 - 2014-04-22 13:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-22 13:43 - 2014-04-22 13:44 - 00283192 _____ (Mozilla) C:\Users\Leistung\Downloads\Firefox Setup Stub 28.0.exe
2014-04-22 13:43 - 2009-11-25 12:47 - 01942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-04-22 13:43 - 2009-11-25 12:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-04-22 13:43 - 2009-11-25 12:47 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2014-04-22 13:43 - 2009-11-25 12:47 - 00320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2014-04-22 13:43 - 2009-11-25 12:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
2014-04-22 13:43 - 2009-11-25 12:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
2014-04-22 13:43 - 2009-11-25 12:47 - 00109912 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2014-04-22 13:43 - 2009-11-25 12:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
2014-04-22 13:43 - 2009-11-25 12:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
2014-04-22 13:43 - 2009-11-25 12:47 - 00048960 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2014-04-22 13:42 - 2010-08-04 09:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\msdri.dll
2014-04-22 13:38 - 2014-04-22 13:38 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-04-22 13:35 - 2011-12-16 10:42 - 00634368 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-04-22 13:35 - 2011-12-16 09:59 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2014-04-22 13:35 - 2011-10-15 08:25 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-04-22 13:35 - 2011-10-15 07:48 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2014-04-22 13:35 - 2011-08-27 07:40 - 00861184 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-04-22 13:35 - 2011-08-27 07:40 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-04-22 13:35 - 2011-08-27 06:43 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-04-22 13:35 - 2011-08-27 06:43 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2014-04-22 13:35 - 2011-05-03 07:21 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-04-22 13:35 - 2011-05-03 06:50 - 00740864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-04-22 13:35 - 2011-02-23 07:15 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-04-22 13:35 - 2010-10-16 07:23 - 00112000 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-04-22 13:34 - 2013-03-19 08:19 - 05497688 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-04-22 13:34 - 2013-03-19 07:54 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-04-22 13:34 - 2013-03-19 07:06 - 03958120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-04-22 13:34 - 2013-03-19 07:06 - 03902312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-04-22 13:34 - 2013-03-19 06:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-04-22 13:34 - 2013-03-19 05:19 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-04-22 13:34 - 2012-06-02 07:25 - 01462784 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-04-22 13:34 - 2012-06-02 07:25 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-04-22 13:34 - 2012-06-02 07:25 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-04-22 13:34 - 2012-06-02 06:45 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-04-22 13:34 - 2012-06-02 06:45 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-04-22 13:34 - 2012-06-02 06:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-04-22 13:34 - 2011-11-17 09:14 - 01739160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-04-22 13:34 - 2011-11-17 07:41 - 01292592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-04-22 13:34 - 2010-10-16 07:17 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2014-04-22 13:34 - 2010-10-16 06:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll
2014-04-22 13:34 - 2010-08-27 08:14 - 00236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-04-22 13:34 - 2010-08-27 07:46 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2014-04-22 13:33 - 2011-11-19 17:07 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-04-22 13:33 - 2011-11-19 16:06 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-04-22 13:32 - 2014-04-22 13:32 - 00000000 ____D () C:\ProgramData\SlySoft
2014-04-22 13:31 - 2014-04-22 13:31 - 00001117 _____ () C:\Users\Public\Desktop\CloneCD.lnk
2014-04-22 13:31 - 2014-04-22 13:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft
2014-04-22 13:31 - 2014-04-22 13:31 - 00000000 ____D () C:\Program Files (x86)\SlySoft
2014-04-22 13:14 - 2010-03-04 06:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-04-22 13:14 - 2009-10-10 05:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys
2014-04-22 13:13 - 2012-02-15 08:27 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-04-22 13:13 - 2012-02-15 07:44 - 00826368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2014-04-22 13:13 - 2012-02-15 06:46 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-04-22 13:13 - 2010-01-09 09:19 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2014-04-22 13:13 - 2010-01-09 08:52 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cabview.dll
2014-04-22 13:09 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-04-22 13:09 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-04-22 13:09 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-04-22 13:09 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-04-22 13:09 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-04-22 13:09 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-04-22 13:09 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-04-22 13:08 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-04-22 13:08 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-04-21 16:02 - 2014-04-21 15:26 - 00000000 ____D () C:\Windows\Panther
2014-04-21 15:27 - 2014-04-30 15:45 - 00001409 _____ () C:\Users\Leistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-04-21 15:27 - 2014-04-30 09:34 - 00000000 ___RD () C:\Users\Leistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-21 15:27 - 2014-04-29 12:58 - 00000000 ___RD () C:\Users\Leistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-21 15:27 - 2014-04-21 15:27 - 00000000 ____D () C:\Users\Leistung\AppData\Local\VirtualStore
2014-04-21 15:26 - 2014-04-29 12:23 - 00000000 ____D () C:\Users\Leistung
2014-04-21 15:26 - 2014-04-21 15:26 - 00000020 ___SH () C:\Users\Leistung\ntuser.ini
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 RSHDL () C:\Users\Leistung\Startmenü
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 RSHDL () C:\Users\Leistung\Eigene Dateien
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 RSHDL () C:\Users\Leistung\Documents\Eigene Musik
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 RSHDL () C:\Users\Leistung\Documents\Eigene Bilder
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 RSHDL () C:\Users\Leistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Leistung\Vorlagen
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Leistung\Netzwerkumgebung
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Leistung\Lokale Einstellungen
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Leistung\Druckumgebung
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Leistung\AppData\Local\Verlauf
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Leistung\AppData\Local\Anwendungsdaten
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Leistung\Anwendungsdaten
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Programme
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\ProgramData\Favoriten
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 __SHD () C:\Recovery
2014-04-21 15:26 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Leistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-21 15:26 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Leistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-04-21 15:07 - 2014-04-21 15:07 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-04-21 15:07 - 2014-04-21 15:07 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-04-21 15:06 - 2014-05-08 11:05 - 01491973 _____ () C:\Windows\WindowsUpdate.log
2014-04-21 15:06 - 2014-04-21 15:06 - 00001313 _____ () C:\Windows\TSSysprep.log
2014-04-21 15:06 - 2014-04-21 15:06 - 00000000 _____ () C:\Windows\ativpsrm.bin

==================== One Month Modified Files and Folders =======

2014-05-08 11:40 - 2014-05-08 11:40 - 00006774 _____ () C:\Users\Leistung\Downloads\FRST.txt
2014-05-08 11:40 - 2014-05-08 11:40 - 00000000 ____D () C:\FRST
2014-05-08 11:39 - 2014-05-08 11:39 - 02063872 _____ (Farbar) C:\Users\Leistung\Downloads\FRST64.exe
2014-05-08 11:33 - 2014-04-29 10:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-08 11:09 - 2009-07-14 06:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-08 11:09 - 2009-07-14 06:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-08 11:06 - 2009-07-14 19:58 - 00653928 _____ () C:\Windows\system32\perfh007.dat
2014-05-08 11:06 - 2009-07-14 19:58 - 00129800 _____ () C:\Windows\system32\perfc007.dat
2014-05-08 11:06 - 2009-07-14 07:13 - 01498506 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-08 11:05 - 2014-04-21 15:06 - 01491973 _____ () C:\Windows\WindowsUpdate.log
2014-05-08 11:02 - 2014-04-30 09:32 - 00000390 _____ () C:\Windows\Tasks\Buzz-it Update.job
2014-05-08 11:01 - 2014-04-30 11:12 - 00088578 _____ () C:\Windows\PFRO.log
2014-05-08 11:01 - 2014-04-30 09:32 - 00000384 _____ () C:\Windows\Tasks\Buzz-it_wd.job
2014-05-08 11:01 - 2014-04-22 13:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-08 11:01 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-08 11:01 - 2009-07-14 06:51 - 00018545 _____ () C:\Windows\setupact.log
2014-05-08 10:59 - 2014-04-30 09:31 - 00000000 ____D () C:\Users\Leistung\AppData\Local\Genesis
2014-05-08 10:57 - 2014-05-08 10:57 - 00000000 ____D () C:\Users\Leistung\AppData\Roaming\Avira
2014-05-08 10:55 - 2014-05-08 10:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-08 10:55 - 2014-05-08 10:50 - 00000000 ____D () C:\ProgramData\Avira
2014-05-08 10:55 - 2014-05-08 10:50 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-08 10:50 - 2014-05-08 10:50 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-05-08 10:45 - 2014-05-08 10:44 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-08 10:44 - 2014-05-08 10:44 - 04530888 _____ (Avira Operations GmbH & Co. KG) C:\Users\Leistung\Downloads\avira_de_av___ws.exe
2014-05-08 10:34 - 2014-05-08 10:34 - 00002102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-05-08 10:34 - 2014-05-08 10:34 - 00002090 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-05-08 10:34 - 2014-05-08 10:34 - 00000000 ____D () C:\Users\Leistung\AppData\Roaming\Thunderbird
2014-05-08 10:34 - 2014-05-08 10:34 - 00000000 ____D () C:\Users\Leistung\AppData\Local\Thunderbird
2014-05-08 10:34 - 2014-05-08 10:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-05-08 10:33 - 2014-05-08 10:33 - 21987152 _____ (Mozilla) C:\Users\Leistung\Downloads\Thunderbird Setup 24.5.0.exe
2014-05-08 10:31 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-05-02 14:42 - 2014-05-02 14:42 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-02 14:42 - 2014-05-02 14:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELISprint
2014-05-02 14:42 - 2014-05-02 14:42 - 00000000 ____D () C:\DPD
2014-05-02 14:41 - 2014-05-02 14:40 - 25188838 _____ (DELICom DPD GmbH ) C:\Users\Leistung\Downloads\DELISprint_Setup(1).exe
2014-05-02 14:38 - 2014-04-29 12:32 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-30 15:48 - 2009-07-14 20:18 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-04-30 15:45 - 2014-04-29 12:24 - 00001443 _____ () C:\Users\Leistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-30 15:45 - 2014-04-21 15:27 - 00001409 _____ () C:\Users\Leistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-04-30 15:24 - 2014-04-30 15:24 - 00003164 _____ () C:\Windows\System32\Tasks\{336AD62F-8197-4CD9-9BD2-1A8DDB8D7A4D}
2014-04-30 15:06 - 2014-04-30 10:05 - 00000000 ____D () C:\Users\Leistung\Documents\DPD2
2014-04-30 14:59 - 2014-04-30 14:59 - 25188838 _____ (DELICom DPD GmbH ) C:\Users\Leistung\Downloads\DELISprint_Setup.exe
2014-04-30 10:53 - 2014-04-29 11:54 - 00000000 ____D () C:\Users\Leistung\Documents\DPD1
2014-04-30 10:04 - 2014-04-30 10:04 - 00002966 _____ () C:\Windows\System32\Tasks\{7956A425-1838-4A39-8B29-6C1BE4648ACD}
2014-04-30 09:47 - 2014-04-30 09:47 - 00003174 _____ () C:\Windows\System32\Tasks\{9FCA2C14-44E0-46C1-B035-3795426D257C}
2014-04-30 09:46 - 2014-04-30 09:46 - 00000000 ____D () C:\Program Files\Outlook Express
2014-04-30 09:42 - 2014-04-30 09:42 - 00003190 _____ () C:\Windows\System32\Tasks\{E489364C-062D-492C-A24B-48B4AB931506}
2014-04-30 09:42 - 2014-04-30 09:32 - 00000898 _____ () C:\Windows\Active Setup Log.BAK
2014-04-30 09:39 - 2014-04-30 09:31 - 00000000 ____D () C:\Program Files (x86)\IminentToolbar
2014-04-30 09:34 - 2014-04-21 15:27 - 00000000 ___RD () C:\Users\Leistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-30 09:33 - 2014-04-30 09:32 - 00000000 ____D () C:\Users\Leistung\AppData\Roaming\systweak
2014-04-30 09:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-04-30 09:32 - 2014-04-30 09:32 - 00003044 _____ () C:\Windows\System32\Tasks\Buzz-it Update
2014-04-30 09:32 - 2014-04-30 09:32 - 00002978 _____ () C:\Windows\System32\Tasks\Buzz-it_wd
2014-04-30 09:32 - 2014-04-30 09:32 - 00000000 ____D () C:\Program Files (x86)\Buzz-it Corp
2014-04-30 09:31 - 2014-04-30 09:31 - 00000000 ____D () C:\Program Files\003
2014-04-30 09:02 - 2014-04-30 09:02 - 00109296 _____ () C:\Users\Leistung\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-29 12:58 - 2014-04-29 12:29 - 00000000 ____D () C:\Users\Leistung\AppData\Roaming\Adobe
2014-04-29 12:58 - 2014-04-29 10:19 - 00000000 ____D () C:\Users\Leistung\AppData\Local\Adobe
2014-04-29 12:58 - 2014-04-21 15:27 - 00000000 ___RD () C:\Users\Leistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-29 12:57 - 2009-07-14 06:45 - 00416336 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-29 12:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-04-29 12:54 - 2014-04-29 12:54 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-04-29 12:54 - 2014-04-29 12:54 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-04-29 12:53 - 2014-04-29 12:53 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-29 12:49 - 2014-04-29 12:23 - 00000000 ____D () C:\Users\Leistung\Desktop\Sonstiges
2014-04-29 12:48 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-29 12:41 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-29 12:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-29 12:35 - 2014-04-29 12:35 - 00000000 ____D () C:\ProgramData\McAfee
2014-04-29 12:33 - 2014-04-29 12:30 - 00004747 _____ () C:\Windows\IE9_main.log
2014-04-29 12:32 - 2014-04-29 12:32 - 17848832 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 12347904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 10926592 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-04-29 12:32 - 2014-04-29 12:32 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-04-29 12:32 - 2014-04-29 12:32 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-29 12:32 - 2014-04-29 12:32 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 12:32 - 2014-04-29 12:32 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-29 12:32 - 2014-04-29 12:32 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-29 12:32 - 2014-04-29 12:32 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-29 12:32 - 2014-04-29 12:32 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-04-29 12:32 - 2014-04-29 12:32 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-04-29 12:32 - 2014-04-29 12:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-04-29 12:32 - 2014-04-29 12:32 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-04-29 12:32 - 2014-04-29 12:32 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-04-29 12:32 - 2014-04-29 12:32 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-29 12:29 - 2014-04-29 12:29 - 00000000 ____D () C:\Users\Leistung\AppData\Roaming\Macromedia
2014-04-29 12:29 - 2014-04-29 12:29 - 00000000 ____D () C:\Users\Leistung\AppData\Local\Macromedia
2014-04-29 12:24 - 2014-04-29 12:24 - 00000000 ___RD () C:\Users\Leistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zubehör
2014-04-29 12:24 - 2014-04-29 12:24 - 00000000 ___RD () C:\Users\Leistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Verwaltung
2014-04-29 12:24 - 2014-04-29 12:24 - 00000000 ___RD () C:\Users\Leistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autostart
2014-04-29 12:24 - 2014-04-29 12:23 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-29 12:23 - 2014-04-29 12:23 - 00000000 ___RD () C:\Users\Leistung\Favoriten
2014-04-29 12:23 - 2014-04-29 12:23 - 00000000 ____D () C:\Users\Leistung\Desktop\Plakate
2014-04-29 12:23 - 2014-04-29 12:23 - 00000000 ____D () C:\Users\Leistung\Desktop\Lager
2014-04-29 12:23 - 2014-04-29 12:23 - 00000000 ____D () C:\Users\Leistung\4.0
2014-04-29 12:23 - 2014-04-29 12:23 - 00000000 ____D () C:\Users\Leistung\.tfo4
2014-04-29 12:23 - 2014-04-21 15:26 - 00000000 ____D () C:\Users\Leistung
2014-04-29 12:12 - 2014-04-22 18:43 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-04-29 11:26 - 2014-04-29 11:26 - 00002703 _____ () C:\Users\Leistung\Desktop\Microsoft Office Excel 2007.lnk
2014-04-29 11:26 - 2014-04-29 11:26 - 00002697 _____ () C:\Users\Leistung\Desktop\Microsoft Office Word 2007.lnk
2014-04-29 10:21 - 2014-04-29 10:21 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 10:21 - 2014-04-29 10:21 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-29 10:21 - 2014-04-29 10:21 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 10:21 - 2014-04-29 10:21 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-04-29 10:21 - 2014-04-29 10:21 - 00000000 ____D () C:\Windows\system32\Macromed
2014-04-28 15:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-22 18:45 - 2014-04-22 18:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-04-22 18:45 - 2014-04-22 18:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-22 18:44 - 2014-04-22 18:44 - 00000000 ____D () C:\Windows\PCHEALTH
2014-04-22 18:44 - 2014-04-22 18:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-04-22 18:44 - 2014-04-22 18:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio
2014-04-22 18:44 - 2014-04-22 18:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-04-22 18:44 - 2009-07-14 20:18 - 00000000 ____D () C:\Windows\ShellNew
2014-04-22 18:44 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-04-22 18:43 - 2014-04-22 18:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-04-22 18:42 - 2014-04-22 18:42 - 00000000 __RHD () C:\MSOCache
2014-04-22 18:42 - 2014-04-22 18:42 - 00000000 ____D () C:\Users\Leistung\AppData\Local\Microsoft Help
2014-04-22 18:42 - 2009-07-14 04:34 - 00000478 _____ () C:\Windows\win.ini
2014-04-22 18:40 - 2009-07-14 20:18 - 00000000 ____D () C:\Program Files\Windows Journal
2014-04-22 13:44 - 2014-04-22 13:44 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-22 13:44 - 2014-04-22 13:44 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-22 13:44 - 2014-04-22 13:44 - 00000000 ____D () C:\Users\Leistung\AppData\Roaming\Mozilla
2014-04-22 13:44 - 2014-04-22 13:44 - 00000000 ____D () C:\Users\Leistung\AppData\Local\Mozilla
2014-04-22 13:44 - 2014-04-22 13:44 - 00000000 ____D () C:\ProgramData\Mozilla
2014-04-22 13:44 - 2014-04-22 13:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-22 13:44 - 2014-04-22 13:43 - 00283192 _____ (Mozilla) C:\Users\Leistung\Downloads\Firefox Setup Stub 28.0.exe
2014-04-22 13:38 - 2014-04-22 13:38 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-04-22 13:32 - 2014-04-22 13:32 - 00000000 ____D () C:\ProgramData\SlySoft
2014-04-22 13:31 - 2014-04-22 13:31 - 00001117 _____ () C:\Users\Public\Desktop\CloneCD.lnk
2014-04-22 13:31 - 2014-04-22 13:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft
2014-04-22 13:31 - 2014-04-22 13:31 - 00000000 ____D () C:\Program Files (x86)\SlySoft
2014-04-22 13:08 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\restore
2014-04-21 16:02 - 2009-07-14 07:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-04-21 16:02 - 2009-07-14 07:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-04-21 15:27 - 2014-04-21 15:27 - 00000000 ____D () C:\Users\Leistung\AppData\Local\VirtualStore
2014-04-21 15:26 - 2014-04-21 16:02 - 00000000 ____D () C:\Windows\Panther
2014-04-21 15:26 - 2014-04-21 15:26 - 00000020 ___SH () C:\Users\Leistung\ntuser.ini
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 RSHDL () C:\Users\Leistung\Startmenü
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 RSHDL () C:\Users\Leistung\Eigene Dateien
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 RSHDL () C:\Users\Leistung\Documents\Eigene Musik
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 RSHDL () C:\Users\Leistung\Documents\Eigene Bilder
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 RSHDL () C:\Users\Leistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Leistung\Vorlagen
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Leistung\Netzwerkumgebung
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Leistung\Lokale Einstellungen
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Leistung\Druckumgebung
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Leistung\AppData\Local\Verlauf
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Leistung\AppData\Local\Anwendungsdaten
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Leistung\Anwendungsdaten
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Programme
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\ProgramData\Favoriten
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-04-21 15:26 - 2014-04-21 15:26 - 00000000 __SHD () C:\Recovery
2014-04-21 15:26 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-04-21 15:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Windows NT
2014-04-21 15:07 - 2014-04-21 15:07 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-04-21 15:07 - 2014-04-21 15:07 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-04-21 15:07 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-04-21 15:07 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-21 15:06 - 2014-04-21 15:06 - 00001313 _____ () C:\Windows\TSSysprep.log
2014-04-21 15:06 - 2014-04-21 15:06 - 00000000 _____ () C:\Windows\ativpsrm.bin
2014-04-21 15:06 - 2009-07-14 06:46 - 00001774 _____ () C:\Windows\DtcInstall.log
2014-04-21 15:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sysprep

Files to move or delete:
====================
C:\Users\Leistung\jagex_runescape_preferences.dat
C:\Users\Leistung\jagex_runescape_preferences2.dat


Some content of TEMP:
====================
C:\Users\Leistung\AppData\Local\Temp\avgnt.exe
C:\Users\Leistung\AppData\Local\Temp\BackupSetup.exe
C:\Users\Leistung\AppData\Local\Temp\buzsetup.exe
C:\Users\Leistung\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\Leistung\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Leistung\AppData\Local\Temp\gkc.exe
C:\Users\Leistung\AppData\Local\Temp\RegClean6.exe
C:\Users\Leistung\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-22 14:15

==================== End Of Log ============================
--- --- ---
Alt 10.05.2014, 17:33   #7
schrauber
/// the machine
/// TB-Ausbilder
 
Tabs öffnen sich automatisch - Standard

Tabs öffnen sich automatisch


hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 14.05.2014, 09:05   #8
Stobbel
 
Tabs öffnen sich automatisch - Standard

Tabs öffnen sich automatisch


Moin! Sorry, dass meine Antwort ein paar Tage gedauert hat, hab mir ein paar Tage frei genommen.

Avira hat nach dem Neustart nicht rumgemeckert.


Logfile:
Code:
ATTFilter
ComboFix 14-05-13.01 - Leistung 14.05.2014   9:54.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.49.1031.18.3071.1446 [GMT 2:00]
ausgeführt von:: c:\users\Leistung\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Leistung\4.0
c:\users\Leistung\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-04-14 bis 2014-05-14  ))))))))))))))))))))))))))))))
.
.
2014-05-12 12:16 . 2012-10-17 02:31	741480	------w-	c:\windows\system32\HPDiscoPM5912.dll
2014-05-12 12:15 . 2014-05-12 12:15	--------	d-----w-	c:\programdata\HP
2014-05-12 12:15 . 2014-05-12 12:15	--------	d-----w-	c:\program files\HP
2014-05-12 12:15 . 2014-05-12 12:15	--------	d-----w-	c:\program files (x86)\HP
2014-05-12 05:48 . 2014-05-12 05:47	84720	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2014-05-08 09:49 . 2014-05-08 09:49	--------	d-----w-	c:\program files (x86)\7-Zip
2014-05-08 09:40 . 2014-05-08 09:41	--------	d-----w-	C:\FRST
2014-05-08 08:55 . 2014-02-25 09:41	28600	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2014-05-08 08:55 . 2014-02-25 09:41	131576	----a-w-	c:\windows\system32\drivers\avipbb.sys
2014-05-08 08:55 . 2014-02-25 09:41	108440	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2014-05-08 08:50 . 2014-05-08 08:55	--------	d-----w-	c:\programdata\Avira
2014-05-08 08:50 . 2014-05-08 08:55	--------	d-----w-	c:\program files (x86)\Avira
2014-05-08 08:44 . 2014-05-08 08:45	--------	d-----w-	c:\programdata\Package Cache
2014-05-08 08:34 . 2014-05-08 08:34	--------	d-----w-	c:\program files (x86)\Mozilla Thunderbird
2014-05-02 12:42 . 2014-05-02 12:42	--------	d--h--w-	c:\program files (x86)\InstallShield Installation Information
2014-05-02 12:42 . 2014-05-02 12:42	--------	d-----w-	C:\DPD
2014-05-02 12:41 . 2014-05-02 12:41	--------	d-----w-	c:\program files (x86)\Common Files\InstallShield
2014-04-30 07:46 . 2014-04-30 07:46	--------	d-----w-	c:\program files\Outlook Express
2014-04-30 07:32 . 2013-08-22 16:36	20312	----a-w-	c:\windows\system32\roboot64.exe
2014-04-30 07:32 . 2014-05-08 09:42	--------	d-----w-	c:\program files (x86)\Buzz-it Corp
2014-04-30 07:32 . 2014-04-30 07:34	--------	d-----w-	C:\temp
2014-04-30 07:31 . 2014-04-30 07:39	--------	d-----w-	c:\program files (x86)\IminentToolbar
2014-04-30 07:31 . 2014-04-30 07:31	--------	d-----w-	c:\program files\003
2014-04-29 10:53 . 2014-04-29 10:53	--------	d-----w-	c:\program files (x86)\Common Files\Adobe
2014-04-29 10:53 . 2010-09-14 06:45	367104	----a-w-	c:\windows\system32\wcncsvc.dll
2014-04-29 10:53 . 2010-09-14 06:07	276992	----a-w-	c:\windows\SysWow64\wcncsvc.dll
2014-04-29 10:50 . 2009-09-10 06:28	311808	----a-w-	c:\windows\system32\msv1_0.dll
2014-04-29 10:50 . 2009-09-10 05:52	257024	----a-w-	c:\windows\SysWow64\msv1_0.dll
2014-04-29 10:49 . 2012-07-26 07:46	2560	----a-w-	c:\windows\system32\drivers\de-DE\wdf01000.sys.mui
2014-04-29 10:49 . 2012-07-26 04:55	785512	----a-w-	c:\windows\system32\drivers\Wdf01000.sys
2014-04-29 10:49 . 2012-07-26 04:55	54376	----a-w-	c:\windows\system32\drivers\WdfLdr.sys
2014-04-29 10:49 . 2012-07-26 02:36	9728	----a-w-	c:\windows\system32\Wdfres.dll
2014-04-29 10:39 . 2014-04-29 10:39	--------	d-----w-	c:\windows\SysWow64\wbem\en-US
2014-04-29 10:39 . 2014-04-29 10:39	--------	d-----w-	c:\windows\system32\wbem\en-US
2014-04-29 10:35 . 2014-04-29 10:35	--------	d-----w-	c:\programdata\McAfee
2014-04-29 10:26 . 2012-12-16 16:52	46080	----a-w-	c:\windows\system32\atmlib.dll
2014-04-29 10:26 . 2012-12-16 14:40	367616	----a-w-	c:\windows\system32\atmfd.dll
2014-04-29 10:26 . 2012-12-16 14:25	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
2014-04-29 10:26 . 2012-12-16 14:25	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2014-04-29 10:26 . 2009-10-19 14:46	100864	----a-w-	c:\windows\system32\fontsub.dll
2014-04-29 10:26 . 2009-10-19 14:10	70656	----a-w-	c:\windows\SysWow64\fontsub.dll
2014-04-29 10:25 . 2012-07-26 03:08	229888	----a-w-	c:\windows\system32\WUDFHost.exe
2014-04-29 10:25 . 2012-07-26 03:08	84992	----a-w-	c:\windows\system32\WUDFSvc.dll
2014-04-29 10:25 . 2012-07-26 03:08	744448	----a-w-	c:\windows\system32\WUDFx.dll
2014-04-29 10:25 . 2012-07-26 03:08	45056	----a-w-	c:\windows\system32\WUDFCoinstaller.dll
2014-04-29 10:25 . 2012-07-26 03:08	194048	----a-w-	c:\windows\system32\WUDFPlatform.dll
2014-04-29 10:25 . 2012-07-26 02:26	87040	----a-w-	c:\windows\system32\drivers\WUDFPf.sys
2014-04-29 10:25 . 2012-07-26 02:26	198656	----a-w-	c:\windows\system32\drivers\WUDFRd.sys
2014-04-29 10:23 . 2014-04-29 10:24	--------	d-----w-	c:\windows\system32\MRT
2014-04-29 10:23 . 2014-04-17 03:31	10651704	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{00FB9198-2CAD-4A4A-B51F-4F64DCE2DAA2}\mpengine.dll
2014-04-29 10:21 . 2010-11-02 05:18	524288	----a-w-	c:\windows\system32\wmicmiplugin.dll
2014-04-29 10:20 . 2011-04-09 06:58	142336	----a-w-	c:\windows\system32\poqexec.exe
2014-04-29 10:19 . 2010-05-23 08:37	1888256	----a-w-	c:\windows\system32\WMVDECOD.DLL
2014-04-29 10:18 . 2011-02-24 05:32	288256	----a-w-	c:\windows\SysWow64\XpsGdiConverter.dll
2014-04-29 10:17 . 2010-08-21 06:29	558592	----a-w-	c:\windows\system32\spoolsv.exe
2014-04-29 10:17 . 2012-03-17 07:55	75632	----a-w-	c:\windows\system32\drivers\partmgr.sys
2014-04-29 10:17 . 2010-06-19 06:53	52224	----a-w-	c:\windows\system32\rtutils.dll
2014-04-29 10:17 . 2010-06-19 06:23	37376	----a-w-	c:\windows\SysWow64\rtutils.dll
2014-04-29 10:17 . 2012-04-07 12:18	3213824	----a-w-	c:\windows\system32\msi.dll
2014-04-29 10:17 . 2012-04-07 11:34	2342400	----a-w-	c:\windows\SysWow64\msi.dll
2014-04-29 10:17 . 2012-09-25 22:39	95744	----a-w-	c:\windows\system32\synceng.dll
2014-04-29 10:17 . 2012-09-25 21:55	78336	----a-w-	c:\windows\SysWow64\synceng.dll
2014-04-29 10:17 . 2011-12-28 03:59	499200	----a-w-	c:\windows\system32\drivers\afd.sys
2014-04-29 10:17 . 2009-08-29 07:50	46592	----a-w-	c:\windows\system32\msasn1.dll
2014-04-29 10:17 . 2009-08-29 06:57	34816	----a-w-	c:\windows\SysWow64\msasn1.dll
2014-04-29 10:13 . 2013-01-24 05:41	223752	----a-w-	c:\windows\system32\drivers\fvevol.sys
2014-04-29 10:13 . 2012-05-05 08:30	503808	----a-w-	c:\windows\system32\srcore.dll
2014-04-29 10:13 . 2012-05-05 07:44	43008	----a-w-	c:\windows\SysWow64\srclient.dll
2014-04-29 10:13 . 2012-05-14 05:20	956416	----a-w-	c:\windows\system32\localspl.dll
2014-04-29 10:13 . 2011-02-12 06:14	267776	----a-w-	c:\windows\system32\FXSCOVER.exe
2014-04-29 08:21 . 2014-04-29 08:21	70832	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-29 08:21 . 2014-04-29 08:21	692400	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-29 08:21 . 2014-04-29 08:21	--------	d-----w-	c:\windows\SysWow64\Macromed
2014-04-29 08:21 . 2014-04-29 08:21	--------	d-----w-	c:\windows\system32\Macromed
2014-04-22 16:44 . 2014-04-22 16:44	--------	d-----w-	c:\program files (x86)\Microsoft Works
2014-04-22 16:44 . 2014-05-08 08:47	--------	d-----w-	c:\program files (x86)\Microsoft.NET
2014-04-22 16:44 . 2014-04-22 16:44	--------	d-----w-	c:\windows\PCHEALTH
2014-04-22 16:43 . 2014-04-29 10:12	--------	d-----w-	c:\program files\Microsoft Office
2014-04-22 16:42 . 2014-04-22 16:43	--------	d-----w-	c:\program files (x86)\Microsoft Visual Studio 8
2014-04-22 16:42 . 2014-04-22 16:45	--------	d-----w-	c:\programdata\Microsoft Help
2014-04-22 16:42 . 2014-05-12 12:16	--------	d-sh--w-	c:\windows\Installer
2014-04-22 16:42 . 2014-04-22 16:42	--------	d-----r-	C:\MSOCache
2014-04-22 12:17 . 2010-02-23 08:16	294912	----a-w-	c:\windows\system32\browserchoice.exe
2014-04-22 12:17 . 2012-03-01 06:54	22896	----a-w-	c:\windows\system32\drivers\fs_rec.sys
2014-04-22 12:17 . 2012-03-01 06:40	80896	----a-w-	c:\windows\system32\imagehlp.dll
2014-04-22 12:17 . 2012-03-01 06:35	5120	----a-w-	c:\windows\system32\wmi.dll
2014-04-22 12:17 . 2012-03-01 05:45	158720	----a-w-	c:\windows\SysWow64\imagehlp.dll
2014-04-22 12:17 . 2012-03-01 05:40	5120	----a-w-	c:\windows\SysWow64\wmi.dll
2014-04-22 12:03 . 2014-03-31 07:35	270496	------w-	c:\windows\system32\MpSigStub.exe
2014-04-22 11:44 . 2014-05-08 09:01	--------	d-----w-	c:\program files (x86)\Mozilla Maintenance Service
2014-04-22 11:43 . 2009-11-25 10:47	99176	----a-w-	c:\windows\SysWow64\PresentationHostProxy.dll
2014-04-22 11:43 . 2009-11-25 10:47	49472	----a-w-	c:\windows\SysWow64\netfxperf.dll
2014-04-22 11:43 . 2009-11-25 10:47	48960	----a-w-	c:\windows\system32\netfxperf.dll
2014-04-22 11:43 . 2009-11-25 10:47	297808	----a-w-	c:\windows\SysWow64\mscoree.dll
2014-04-22 11:43 . 2009-11-25 10:47	295264	----a-w-	c:\windows\SysWow64\PresentationHost.exe
2014-04-22 11:43 . 2009-11-25 10:47	1130824	----a-w-	c:\windows\SysWow64\dfshim.dll
2014-04-22 11:43 . 2009-11-25 10:47	109912	----a-w-	c:\windows\system32\PresentationHostProxy.dll
2014-04-22 11:43 . 2009-11-25 10:47	444752	----a-w-	c:\windows\system32\mscoree.dll
2014-04-22 11:43 . 2009-11-25 10:47	320352	----a-w-	c:\windows\system32\PresentationHost.exe
2014-04-22 11:43 . 2009-11-25 10:47	1942856	----a-w-	c:\windows\system32\dfshim.dll
2014-04-22 11:42 . 2010-08-04 07:07	552960	----a-w-	c:\windows\system32\msdri.dll
2014-04-22 11:35 . 2011-05-03 05:21	976896	----a-w-	c:\windows\system32\inetcomm.dll
2014-04-22 11:35 . 2011-05-03 04:50	740864	----a-w-	c:\windows\SysWow64\inetcomm.dll
2014-04-22 11:35 . 2011-12-16 08:42	634368	----a-w-	c:\windows\system32\msvcrt.dll
2014-04-22 11:35 . 2011-12-16 07:59	690688	----a-w-	c:\windows\SysWow64\msvcrt.dll
2014-04-22 11:35 . 2010-10-16 05:23	112000	----a-w-	c:\windows\system32\consent.exe
2014-04-22 11:35 . 2011-02-23 05:15	90624	----a-w-	c:\windows\system32\drivers\bowser.sys
2014-04-22 11:35 . 2011-08-27 05:40	861184	----a-w-	c:\windows\system32\oleaut32.dll
2014-04-22 11:35 . 2011-08-27 05:40	331776	----a-w-	c:\windows\system32\oleacc.dll
2014-04-22 11:35 . 2011-08-27 04:43	571904	----a-w-	c:\windows\SysWow64\oleaut32.dll
2014-04-22 11:35 . 2011-08-27 04:43	233472	----a-w-	c:\windows\SysWow64\oleacc.dll
2014-04-22 11:35 . 2011-10-15 06:25	723456	----a-w-	c:\windows\system32\EncDec.dll
2014-04-22 11:35 . 2011-10-15 05:48	534528	----a-w-	c:\windows\SysWow64\EncDec.dll
2014-04-22 11:33 . 2011-11-19 15:07	77312	----a-w-	c:\windows\system32\packager.dll
2014-04-22 11:33 . 2011-11-19 14:06	67072	----a-w-	c:\windows\SysWow64\packager.dll
2014-04-22 11:32 . 2014-04-22 11:32	--------	d-----w-	c:\programdata\SlySoft
2014-04-22 11:31 . 2014-04-22 11:31	--------	d-----w-	c:\program files (x86)\SlySoft
2014-04-22 11:14 . 2010-03-04 04:32	243712	----a-w-	c:\windows\system32\drivers\ks.sys
2014-04-22 11:14 . 2009-10-10 03:17	14336	----a-w-	c:\windows\system32\drivers\sffp_sd.sys
2014-04-22 11:13 . 2012-02-15 06:27	1031680	----a-w-	c:\windows\system32\rdpcore.dll
2014-04-22 11:13 . 2012-02-15 05:44	826368	----a-w-	c:\windows\SysWow64\rdpcore.dll
2014-04-22 11:13 . 2012-02-15 04:46	23552	----a-w-	c:\windows\system32\drivers\tdtcp.sys
2014-04-22 11:13 . 2010-01-09 07:19	139264	----a-w-	c:\windows\system32\cabview.dll
2014-04-22 11:13 . 2010-01-09 06:52	132608	----a-w-	c:\windows\SysWow64\cabview.dll
2014-04-22 11:09 . 2012-06-02 22:19	2428952	----a-w-	c:\windows\system32\wuaueng.dll
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"genesis"="/r" [X]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"CloneCDTray"="c:\program files (x86)\SlySoft\CloneCD\CloneCDTray.exe" [2009-01-29 57344]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-12-21 959904]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-05-05 182352]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-02-25 689744]
.
c:\users\Leistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Tintenwarnungen überwachen - HP Officejet Pro 8600.lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Officejet Pro 8600\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN32KBXGS105KC;CONNECTION=USB;MONITOR=1; [2009-7-14 45568]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 Buzz-it;Buzz-it;c:\program files (x86)\Buzz-it Corp\Buzz-it158.exe;c:\program files (x86)\Buzz-it Corp\Buzz-it158.exe [x]
S2 xmkysecqun64;xmkysecqun64;c:\program files\003\xmkysecqun64.exe run options=01110010030000000000000000000000 sourceguid=19A6D51C-2D35-44DB-B412-0B01BF8D2D62;c:\program files\003\xmkysecqun64.exe run options=01110010030000000000000000000000 sourceguid=19A6D51C-2D35-44DB-B412-0B01BF8D2D62 [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2014-05-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29 08:21]
.
2014-05-14 c:\windows\Tasks\Buzz-it_wd.job
- c:\program files (x86)\Buzz-it Corp\Buzz-it_wd.exe [2014-04-30 07:32]
.
.
--------- X64 Entries -----------
.
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=127.0.0.1:13828
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
FF - ProfilePath - c:\users\Leistung\AppData\Roaming\Mozilla\Firefox\Profiles\j981zl7r.default\
FF - prefs.js: browser.search.selectedEngine - 
FF - prefs.js: browser.startup.homepage - www.google.de
FF - user.js: extensions.iminent.tlbrSrchUrl - hxxp://start.iminent.com/?ref=toolbarm#q=
FF - user.js: extensions.iminent.id - 5681aefd00000000000090e6ba811ed0
FF - user.js: extensions.iminent.appId - {0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}
FF - user.js: extensions.iminent.instlDay - 16190
FF - user.js: extensions.iminent.vrsn - 1.8.28.3
FF - user.js: extensions.iminent.vrsni - 1.8.28.3
FF - user.js: extensions.iminent.vrsnTs - 1.8.28.39:31
FF - user.js: extensions.iminent.prtnrId - iminent
FF - user.js: extensions.iminent.prdct - iminent
FF - user.js: extensions.iminent.aflt - orgnl
FF - user.js: extensions.iminent.smplGrp - none
FF - user.js: extensions.iminent.tlbrId - YBCPCSTIPO
FF - user.js: extensions.iminent.instlRef - 
FF - user.js: extensions.iminent.dfltLng - 
FF - user.js: extensions.iminent.excTlbr - false
FF - user.js: extensions.iminent.ffxUnstlRst - false
FF - user.js: extensions.iminent.admin - false
FF - user.js: extensions.iminent.autoRvrt - false
FF - user.js: extensions.iminent.rvrt - false
FF - user.js: extensions.iminent.newTab - false
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
BHO-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
AddRemove-genesis - c:\users\leistung\appdata\local\genesis\genesis.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\avira\antivir desktop\ipmGui.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-05-14  10:02:01 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-05-14 08:02
.
Vor Suchlauf: 9 Verzeichnis(se), 225.556.557.824 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 226.189.369.344 Bytes frei
.
- - End Of File - - 3CB3872A032E0B0EC15E7CDE7DFBF00D
A36C5E4F47E84449FF07ED3517B43A31

Alt 15.05.2014, 07:28   #9
schrauber
/// the machine
/// TB-Ausbilder
 
Tabs öffnen sich automatisch - Standard

Tabs öffnen sich automatisch


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.05.2014, 09:46   #10
Stobbel
 
Tabs öffnen sich automatisch - Standard

Tabs öffnen sich automatisch


Die FRST Logdatei ist zu groß, soll ich die als Anhang hochladen?

Malwarebytes Anti-Malware :

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 15.05.2014
Suchlauf-Zeit: 10:16:22
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.05.15.01
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7
CPU: x64
Dateisystem: NTFS
Benutzer: Leistung

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 254801
Verstrichene Zeit: 5 Min, 58 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 2
Adware.Adpeak, C:\Program Files\003\xmkysecqun64.exe, 1800, Löschen bei Neustart, [931a90c1ccaf043269773702e51f6f91]
PUP.Optional.AdPeak.A, C:\Program Files\003\xmkysecqun64.exe, 1800, Löschen bei Neustart, [d5d8272a06759e983ab3abda5ea4bb45]

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 11
Adware.Adpeak, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\xmkysecqun64, In Quarantäne, [931a90c1ccaf043269773702e51f6f91], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, In Quarantäne, [d5d82f22ee8d12247a4055070bf7659b], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, In Quarantäne, [c6e7470a4d2ee55119a28fcd56acae52], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, In Quarantäne, [c4e9331e05761d19dc730e4eb64ca45c], 
PUP.Optional.AdPeak.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\xmkysecqun64, In Quarantäne, [d5d8272a06759e983ab3abda5ea4bb45], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\Iminent, In Quarantäne, [6e3f460b354652e4e9ad5446c33f06fa], 
PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\suprasavings, In Quarantäne, [535a71e0a3d8280ec28175169171956b], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent, In Quarantäne, [85281a3735463bfb777a0cb8c73c2cd4], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, In Quarantäne, [9518a5ac3546af87eaac9901b84af20e], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent, In Quarantäne, [cfde1a37077445f105ec9e26907349b7], 
PUP.Optional.SupraSavings.A, HKU\S-1-5-21-3540134518-1956010994-2276479147-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Supra Savings, Löschen bei Neustart, [88255bf6611a4aec01303654f50d01ff], 

Registrierungswerte: 1
PUM.Bad.Proxy, HKU\S-1-5-21-3540134518-1956010994-2276479147-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|ProxyServer, http=127.0.0.1:13828, Löschen bei Neustart, [0f9e8bc66b1087afaae2b5138d76ae52]

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 1
PUP.Optional.Iminent.A, C:\Program Files (x86)\IminentToolbar, In Quarantäne, [c9e41041eb904ee86ff89ed1976b50b0], 

Dateien: 8
Adware.Adpeak, C:\Program Files\003\xmkysecqun64.exe, Löschen bei Neustart, [931a90c1ccaf043269773702e51f6f91], 
PUP.Optional.AdPeak.A, C:\temp\InstallFilter64.msi, In Quarantäne, [a805e76a611ade58ea8ae05d2cd44ab6], 
PUP.Optional.SupraSavings.A, C:\temp\t.msi, In Quarantäne, [208d450c3f3ca4924e464deb63a1bd43], 
PUP.Optional.AdPeak.A, C:\Program Files\003\xmkysecqun64.exe, Löschen bei Neustart, [d5d8272a06759e983ab3abda5ea4bb45], 
PUP.Optional.Iminent.A, C:\Users\Leistung\AppData\Roaming\Mozilla\Firefox\Profiles\j981zl7r.default\searchplugins\iminent.xml, In Quarantäne, [c0ed90c12a512115459eb1ddb2500000], 
PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe, In Quarantäne, [604d074ac6b5f046d0a31e7533cfae52], 
PUP.Optional.BuzzIT.A, C:\Windows\Tasks\Buzz-it_wd.job, In Quarantäne, [5558cd84087361d52ebc23703ec4b749], 
PUP.Optional.Iminent.A, C:\Users\Leistung\AppData\Roaming\Mozilla\Firefox\Profiles\j981zl7r.default\user.js, Gut: (), Schlecht: (user_pref("extensions.iminent.tlbrSrchUrl", "hxxp://start.iminent.com/?ref=toolbarm#q=");), Ersetzt,[46671839ee8d2b0b1c99f0844aba3dc3]

Physische Sektoren: 0
(No malicious items detected)


(end)
Adw. Cleaner:

Code:
ATTFilter
# AdwCleaner v3.208 - Bericht erstellt am 15/05/2014 um 10:22:20
# Aktualisiert 11/05/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium  (64 bits)
# Benutzername : Leistung - LEISTUNG-PC
# Gestartet von : C:\Users\Leistung\Desktop\adwcleaner_3.208.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files (x86)\Buzz-it Corp
Ordner Gelöscht : C:\Program Files\003
Ordner Gelöscht : C:\Users\Leistung\AppData\Local\Genesis
Ordner Gelöscht : C:\Users\Leistung\AppData\Roaming\Systweak
Datei Gelöscht : C:\Users\Leistung\AppData\Roaming\Mozilla\Firefox\Profiles\j981zl7r.default\user.js

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [genesis]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IMinentToolbar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IMinentToolbar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasmancs
Schlüssel Gelöscht : HKCU\Software\genesis
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\LevelQualityWatcher

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16545


-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\Leistung\AppData\Roaming\Mozilla\Firefox\Profiles\j981zl7r.default\prefs.js ]

Zeile gelöscht : user_pref("extensions.iminent.admin", false);
Zeile gelöscht : user_pref("extensions.iminent.aflt", "orgnl");
Zeile gelöscht : user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}");
Zeile gelöscht : user_pref("extensions.iminent.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.iminent.dfltLng", "");
Zeile gelöscht : user_pref("extensions.iminent.excTlbr", false);
Zeile gelöscht : user_pref("extensions.iminent.ffxUnstlRst", false);
Zeile gelöscht : user_pref("extensions.iminent.id", "5681aefd00000000000090e6ba811ed0");
Zeile gelöscht : user_pref("extensions.iminent.instlDay", "16190");
Zeile gelöscht : user_pref("extensions.iminent.instlRef", "");
Zeile gelöscht : user_pref("extensions.iminent.newTab", false);
Zeile gelöscht : user_pref("extensions.iminent.prdct", "iminent");
Zeile gelöscht : user_pref("extensions.iminent.prtnrId", "iminent");
Zeile gelöscht : user_pref("extensions.iminent.rvrt", "false");
Zeile gelöscht : user_pref("extensions.iminent.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.iminent.tlbrId", "YBCPCSTIPO");
Zeile gelöscht : user_pref("extensions.iminent.tlbrSrchUrl", "hxxp://start.iminent.com/?ref=toolbarm#q=");
Zeile gelöscht : user_pref("extensions.iminent.vrsn", "1.8.28.3");
Zeile gelöscht : user_pref("extensions.iminent.vrsnTs", "1.8.28.39:31:51");
Zeile gelöscht : user_pref("extensions.iminent.vrsni", "1.8.28.3");
Zeile gelöscht : user_pref("iminent.adapters", "{\"www.systweak.com\":{\"CountryCode\":\"DE\",\"NoAds\":false,\"Status\":1,\"AdapterKey\":\"default_adapter\",\"v\":true,\"p\":0.01871164,\"t\":1,\"th\":0.228,\"expireTi[...]
Zeile gelöscht : user_pref("iminent.externalScripts", "{\"value\":[{\"addonUid\":\"10bb6277-6b2b-413e-8d82-ad9398543254\",\"name\":\"Dealply\",\"addonId\":1,\"url\":\"//i.iminentjs.info/imitin/javascript.js\",\"queryS[...]

*************************

AdwCleaner[R0].txt - [4011 octets] - [15/05/2014 10:21:38]
AdwCleaner[S0].txt - [3827 octets] - [15/05/2014 10:22:20]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3887 octets] ##########
JRT.txt:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Leistung on 15.05.2014 at 10:27:38,55
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Leistung\AppData\Roaming\mozilla\firefox\profiles\j981zl7r.default\minidumps [2 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.05.2014 at 10:33:59,39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Alt 16.05.2014, 09:47   #11
schrauber
/// the machine
/// TB-Ausbilder
 
Tabs öffnen sich automatisch - Standard

Tabs öffnen sich automatisch



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Tabs öffnen sich automatisch
adware.adpeak, automatisch, gekauft, installieren, installiert, nicht mehr, pum.bad.proxy, pup.optional.adpeak.a, pup.optional.buzzit.a, pup.optional.iminent.a, pup.optional.pcperformer.a, pup.optional.suprasavings.a, quarantäne, sich automatisch, tabs öffnen, verschieben, versucht, verwendet, wirklich, öffnen


« Spam-Trojaner oder Mailkontenmissbrauch oder keins von beiden? | Email-Konto gehackt? »


Ähnliche Themen: Tabs öffnen sich automatisch


  1. Unter Google Chrome öffnen sich automatisch Tabs
    Plagegeister aller Art und deren Bekämpfung - 23.03.2015 (15)
  2. zwei neue Tabs öffnen sich in Chrome automatisch
    Log-Analyse und Auswertung - 17.02.2015 (3)
  3. Tabs öffnen sich automatisch
    Plagegeister aller Art und deren Bekämpfung - 02.02.2015 (7)
  4. Zwei Tabs mit Werbung öffnen sich gleichzeitig automatisch in Google Chrom
    Log-Analyse und Auswertung - 10.01.2015 (19)
  5. Tabs öffnen sich automatisch
    Log-Analyse und Auswertung - 15.12.2014 (5)
  6. Tabs öffnen sich automatisch
    Log-Analyse und Auswertung - 02.12.2014 (7)
  7. Browser startet automatisch, Tabs öffnen sich eigenständig mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 13.10.2014 (13)
  8. Tabs öffnen sich automatisch
    Plagegeister aller Art und deren Bekämpfung - 17.09.2014 (31)
  9. Chrome Tabs öffnen sich automatisch
    Log-Analyse und Auswertung - 29.06.2014 (19)
  10. Immer wieder öffnen sich Tabs mit Werbungen automatisch!
    Alles rund um Windows - 23.05.2014 (3)
  11. tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 29.12.2011 (13)
  12. Feststelltaste verselbständigt sich, Firefox Tabs öffnen automatisch
    Log-Analyse und Auswertung - 01.05.2011 (12)
  13. Win7 64Bit | Firefox-> TABS öffnen sich automatisch
    Log-Analyse und Auswertung - 05.11.2010 (6)
  14. Tabs öffnen sich automatisch - Scan durchgeführt - ist mein Laptop wieder sauber?
    Plagegeister aller Art und deren Bekämpfung - 20.09.2010 (24)
  15. Tabs öffnen sich automatisch
    Plagegeister aller Art und deren Bekämpfung - 10.12.2009 (7)
  16. Tabs öffnen sich automatisch im IE und im Firefox
    Log-Analyse und Auswertung - 11.11.2008 (1)
  17. Hijack Problem - Tabs im IE öffnen sich automatisch
    Log-Analyse und Auswertung - 19.07.2008 (12)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Tabs öffnen sich automatisch - Moin liebes Trojaner-Board Team, wir haben uns in der Firma einen gebrauchten PC gekauft, welcher vom Vorbenutzer platt gemacht wurde. Da ich der einzige in der Firma bin, der sich - Tabs öffnen sich automatisch...
Archiv
Du betrachtest: Tabs öffnen sich automatisch auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55