Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: http://www.searchnu.com/410 Mozilla Firefox

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 02.07.2014, 18:31   #1
wurschthans
 
http://www.searchnu.com/410 Mozilla Firefox - Standard

http://www.searchnu.com/410 Mozilla Firefox



Hallo,

habe mir auf chip.de eine Software runtergeladen und vermutlich irgendwas unerwünschtes mitinstalliert. Seitdem habe ich o.g. Startseite auf meinem Browser.

Ich hoffe ihr könnt mir diesbezüglich helfen

LG
Katharina

Alt 02.07.2014, 18:32   #2
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
http://www.searchnu.com/410 Mozilla Firefox - Standard

http://www.searchnu.com/410 Mozilla Firefox





Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab.
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.



Los geht's:

Schritt 1


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 02.07.2014, 18:48   #3
wurschthans
 
http://www.searchnu.com/410 Mozilla Firefox - Standard

http://www.searchnu.com/410 Mozilla Firefox




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014
Ran by Katharina (administrator) on WICHTLZWERG on 02-07-2014 19:37:44
Running from C:\Users\Katharina\Downloads
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
() C:\Users\Katharina\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-07-04] (IDT, Inc.)
HKLM\...\Run: [DolbyTrayApp] => c:\program files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778864 2013-08-30] (Synaptics Incorporated)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15794160 2014-02-12] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80368 2014-02-12] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960 2013-05-14] (Vimicro)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-18] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [183376 2014-05-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132224 2013-02-28] ( (Atheros Communications))
HKU\S-1-5-21-3349096550-3144467483-3537340833-1002\...\Run: [Amazon Music] => C:\Users\Katharina\AppData\Local\Amazon Music\Amazon Music Helper.exe [3162944 2014-06-24] ()
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [245872 2013-05-24] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [201576 2013-05-24] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: SugarSyncBackedUp -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncPending -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncRoot -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncShared -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms}
SearchScopes: HKLM - {14810DE1-195E-4F23-B623-860FE40A0752} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - {14810DE1-195E-4F23-B623-860FE40A0752} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms}
SearchScopes: HKCU - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms}
SearchScopes: HKCU - {14810DE1-195E-4F23-B623-860FE40A0752} URL = 
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms}
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\ekrrck2g.default
FF DefaultSearchEngine: Search Results
FF SearchEngineOrder.1: Search Results
FF SelectedSearchEngine: Search Results
FF Homepage: hxxp://www.searchnu.com/410
FF Keyword.URL: hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=410&sr=0&q=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\ekrrck2g.default\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\ekrrck2g.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-06-21]
FF Extension: Ghostery - C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\ekrrck2g.default\Extensions\firefox@ghostery.com.xpi [2014-06-21]
FF Extension: Adblock Plus - C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\ekrrck2g.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-21]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227968 2013-02-28] (Qualcomm Atheros Commnucations)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [123984 2014-05-14] (Avira Operations GmbH & Co. KG)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-17] (Intel Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [337920 2013-07-04] (IDT, Inc.) [File not signed]
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-02-12] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-02-28] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-05-27] (Avira Operations GmbH & Co. KG)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-02-28] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [100184 2013-04-09] (Intel Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-30] (Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2014-06-22] (Duplex Secure Ltd.)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1064704 2013-05-31] (Vimicro Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-02 19:37 - 2014-07-02 19:37 - 00014446 _____ () C:\Users\Katharina\Downloads\FRST.txt
2014-07-02 19:37 - 2014-07-02 19:37 - 00000000 ____D () C:\FRST
2014-07-02 19:36 - 2014-07-02 19:36 - 02083840 _____ (Farbar) C:\Users\Katharina\Downloads\FRST64.exe
2014-07-02 18:59 - 2014-07-02 18:59 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-02 18:58 - 2014-07-02 18:58 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-02 18:58 - 2014-07-02 18:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-02 18:58 - 2014-07-02 18:58 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-02 18:58 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-02 18:58 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-07-02 18:58 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-07-02 18:57 - 2014-07-02 18:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Katharina\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-01 18:30 - 2014-07-01 18:42 - 00017536 _____ () C:\Users\Katharina\Desktop\Menüpläne.odt
2014-07-01 09:39 - 2014-07-01 09:39 - 00001046 _____ () C:\Users\Public\Desktop\PDFCreator.lnk
2014-07-01 09:39 - 2014-07-01 09:39 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\pdfforge
2014-07-01 09:39 - 2014-07-01 09:39 - 00000000 ____D () C:\ProgramData\PDF Architect 2
2014-07-01 09:39 - 2014-07-01 09:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2014-07-01 09:38 - 2014-07-01 09:39 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-07-01 09:38 - 2014-04-25 17:44 - 00137000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMAPI32.OCX
2014-07-01 09:38 - 2014-04-25 17:44 - 00110264 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll
2014-07-01 09:38 - 2014-04-25 17:44 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPIDE.DLL
2014-07-01 09:38 - 1998-07-06 18:56 - 00125712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6DE.DLL
2014-07-01 09:38 - 1998-07-06 18:55 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCMCDE.DLL
2014-07-01 09:38 - 1998-07-06 18:55 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCC2DE.DLL
2014-07-01 09:37 - 2014-07-01 09:37 - 27843432 _____ (pdfforge ) C:\Users\Katharina\Downloads\PDFCreator-1_7_3_setup.exe
2014-07-01 09:17 - 2013-09-01 12:59 - 01103872 _____ () C:\WINDOWS\SysWOW64\CBLCtlsU.ocx
2014-07-01 09:17 - 2013-07-13 12:15 - 00805376 _____ () C:\WINDOWS\SysWOW64\EditCtlsU.ocx
2014-07-01 09:17 - 2013-07-12 22:57 - 00539648 _____ () C:\WINDOWS\SysWOW64\LblCtlsU.ocx
2014-07-01 09:17 - 2013-04-05 13:55 - 00476160 _____ () C:\WINDOWS\SysWOW64\TabStripCtlU.ocx
2014-07-01 09:17 - 2013-03-28 23:13 - 00645632 _____ () C:\WINDOWS\SysWOW64\BtnCtlsU.ocx
2014-07-01 09:17 - 2013-03-03 14:37 - 01061888 _____ () C:\WINDOWS\SysWOW64\ExLvwU.ocx
2014-07-01 09:16 - 2014-07-01 09:16 - 07873675 _____ (7-PDF, Germany - Th. Hodes ) C:\Users\Katharina\Downloads\7PDF_10_0_0_1840_CB-DL-Manager [1].exe
2014-07-01 09:15 - 2014-07-01 09:15 - 00788832 _____ ( ) C:\Users\Katharina\Downloads\7PDF_10_0_0_1840_CB-DL-Manager.exe
2014-07-01 09:04 - 2014-07-01 09:04 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-06-30 20:56 - 2014-06-30 20:56 - 00000000 ____D () C:\Users\Katharina\dwhelper
2014-06-30 20:42 - 2014-06-30 20:42 - 00001329 _____ () C:\Users\Katharina\Desktop\Easy Audio Cutter.lnk
2014-06-30 20:42 - 2014-06-30 20:42 - 00001313 _____ () C:\Users\Katharina\Desktop\Free CD Ripper.lnk
2014-06-30 20:42 - 2014-06-30 20:42 - 00001311 _____ () C:\Users\Katharina\Desktop\Free Mp3 Wma Converter.lnk
2014-06-30 20:42 - 2014-06-30 20:42 - 00001184 _____ () C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.lnk
2014-06-30 20:42 - 2014-06-30 20:42 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\FreeAudioPack
2014-06-30 20:42 - 2014-06-30 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Audio Pack
2014-06-30 20:42 - 2014-06-30 20:42 - 00000000 ____D () C:\Program Files (x86)\Free mp3 Wma Converter
2014-06-30 20:42 - 2014-04-25 17:44 - 01070152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCTL.OCX
2014-06-30 20:42 - 2011-09-29 14:20 - 02084864 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\AudDesign.dll
2014-06-30 20:42 - 2011-09-29 14:20 - 01986560 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\AudFile.dll
2014-06-30 20:42 - 2011-09-29 14:20 - 01212416 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\AudioInfos.dll
2014-06-30 20:42 - 2011-09-29 14:20 - 00484352 _____ () C:\WINDOWS\SysWOW64\lame_enc.dll
2014-06-30 20:42 - 2011-09-29 14:20 - 00479232 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\AudioVisu.dll
2014-06-30 20:42 - 2011-09-29 14:20 - 00458752 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\AudPlayer.dll
2014-06-30 20:42 - 2011-09-29 14:20 - 00454656 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\AudioRecord.dll
2014-06-30 20:42 - 2011-09-29 14:20 - 00417792 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\AudDisplay.dll
2014-06-30 20:42 - 2011-09-29 14:20 - 00348160 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\WMAFile.dll
2014-06-30 20:42 - 2011-09-29 14:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr70.dll
2014-06-30 20:42 - 2011-09-29 14:20 - 00164144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COMCT232.OCX
2014-06-30 20:42 - 2011-09-29 14:20 - 00116296 _____ () C:\WINDOWS\SysWOW64\NCTWMAProfiles.prx
2014-06-30 20:42 - 2011-09-29 14:19 - 00662288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCT2.OCX
2014-06-30 20:42 - 2011-09-29 14:19 - 00224016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TABCTL32.OCX
2014-06-30 20:42 - 2011-09-29 14:19 - 00152848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COMDLG32.OCX
2014-06-30 20:42 - 2011-09-29 14:19 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCMCFR.DLL
2014-06-30 20:42 - 2011-09-29 14:19 - 00119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6FR.DLL
2014-06-30 20:42 - 2011-09-29 14:19 - 00115920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinet.OCX
2014-06-30 20:42 - 2011-09-29 14:19 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6STKIT.DLL
2014-06-30 20:42 - 2011-09-29 14:19 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Mscc2fr.dll
2014-06-30 20:42 - 2011-09-29 14:19 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMDLGFR.DLL
2014-06-30 20:42 - 2011-09-29 14:19 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TABCTFR.DLL
2014-06-30 20:42 - 2011-09-29 14:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetfr.DLL
2014-06-30 20:40 - 2014-06-30 20:40 - 00961360 _____ (Chip Digital GmbH) C:\Users\Katharina\Downloads\Free Mp3 Wma Converter - CHIP-Installer.exe
2014-06-30 20:32 - 2014-06-30 20:32 - 00001163 _____ () C:\Users\Katharina\Desktop\Amazon Music.lnk
2014-06-30 20:31 - 2014-06-30 20:31 - 38534920 _____ (Amazon) C:\Users\Katharina\Downloads\AmazonMusicInstaller.exe
2014-06-30 20:26 - 2014-06-30 20:27 - 09659608 _____ () C:\Users\Katharina\Downloads\AmazonMusicImporterInstaller-2.1.0._V337128703_.exe
2014-06-30 17:25 - 2014-06-30 17:25 - 00015074 _____ () C:\Users\Katharina\Documents\Saisonkalender_Obst_Gemüse.odt
2014-06-30 16:28 - 2014-06-30 16:28 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-06-30 15:58 - 2014-06-30 15:58 - 00013441 _____ () C:\Users\Katharina\Documents\Unbenannt 1.odt
2014-06-29 09:34 - 2014-06-30 20:27 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Adobe
2014-06-27 20:26 - 2014-06-27 20:26 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Macromedia
2014-06-26 21:02 - 2014-06-26 21:02 - 00955246 _____ () C:\Users\Katharina\Desktop\Hochzeitstag 26082014.MVM
2014-06-26 20:59 - 2014-06-26 20:59 - 00000000 ____D () C:\Users\Katharina\AppData\Local\CrashDumps
2014-06-26 20:43 - 2014-06-26 20:43 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\WebApp
2014-06-26 20:40 - 2014-06-26 20:40 - 00000000 ____D () C:\Users\Katharina\Documents\Lenovo
2014-06-26 20:40 - 2014-06-26 20:40 - 00000000 ____D () C:\Users\Katharina\Documents\CyberLink
2014-06-26 20:40 - 2014-06-26 20:40 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Lenovo
2014-06-26 20:40 - 2014-06-26 20:40 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\CyberLink
2014-06-26 13:32 - 2014-06-26 20:50 - 00023040 ___SH () C:\Users\Katharina\Downloads\Thumbs.db
2014-06-26 13:30 - 2014-06-26 13:31 - 00000000 ____D () C:\ProgramData\MAGIX
2014-06-26 13:30 - 2014-06-26 13:30 - 00001051 _____ () C:\Users\Public\Desktop\MAGIX Slideshow Maker 2.lnk
2014-06-26 13:30 - 2014-06-26 13:30 - 00000000 ____D () C:\Users\Katharina\Documents\MAGIX
2014-06-26 13:30 - 2014-06-26 13:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2014-06-26 13:30 - 2014-06-26 13:30 - 00000000 ____D () C:\Program Files (x86)\MAGIX
2014-06-26 13:27 - 2014-06-26 13:31 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\MAGIX
2014-06-26 13:25 - 2014-06-26 13:25 - 00961360 _____ (Chip Digital GmbH) C:\Users\Katharina\Downloads\Vollversion Magix Slideshow Maker - CHIP-Installer.exe
2014-06-26 13:09 - 2014-06-26 13:10 - 00000000 ____D () C:\Users\Katharina\AppData\Local\AquaSoft
2014-06-26 13:09 - 2014-06-26 13:09 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\AquaSoft
2014-06-24 17:24 - 2014-07-01 21:00 - 00115712 ___SH () C:\Users\Katharina\Desktop\Thumbs.db
2014-06-24 17:24 - 2014-06-24 17:24 - 00144345 _____ () C:\Users\Katharina\Desktop\klarna agb.odt
2014-06-24 16:41 - 2014-06-24 16:41 - 00307760 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-06-24 16:40 - 2014-06-24 16:40 - 00000000 ____D () C:\sources
2014-06-24 16:39 - 2014-06-25 17:13 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\CrashDumps
2014-06-22 22:33 - 2014-04-19 11:39 - 00628024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationUI.exe
2014-06-22 22:33 - 2014-04-19 10:45 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-06-22 22:33 - 2014-04-19 10:45 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-22 22:33 - 2014-04-19 08:57 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-06-22 22:33 - 2014-04-19 08:57 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-22 13:08 - 2014-05-31 07:16 - 00703992 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-06-22 13:08 - 2014-05-31 07:16 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-22 13:05 - 2014-06-22 13:09 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-06-22 12:08 - 2014-06-22 12:08 - 00564824 _____ (Duplex Secure Ltd.) C:\WINDOWS\system32\Drivers\sptd.sys
2014-06-22 12:07 - 2014-06-22 12:07 - 00000000 ____D () C:\Users\Katharina\AppData\Local\PackageAware
2014-06-22 12:02 - 2014-06-22 12:02 - 00961360 _____ (Chip Digital GmbH) C:\Users\Katharina\Downloads\DiaShow Ultimate - CHIP-Installer.exe
2014-06-22 11:38 - 2014-06-22 11:40 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-22 11:38 - 2014-06-01 17:17 - 95414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-06-21 19:48 - 2014-05-27 17:12 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2014-06-21 19:48 - 2014-05-27 17:12 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2014-06-21 19:48 - 2014-05-27 17:12 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2014-06-21 19:45 - 2014-06-21 19:48 - 00000000 ____D () C:\ProgramData\Avira
2014-06-21 19:45 - 2014-06-21 19:48 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-06-21 19:45 - 2014-06-21 19:45 - 00001148 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-06-21 19:45 - 2014-06-21 19:45 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-21 19:45 - 2014-06-21 12:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-06-21 19:37 - 2014-06-21 19:37 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Nitro
2014-06-21 19:34 - 2014-07-02 19:26 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3349096550-3144467483-3537340833-1002
2014-06-21 19:30 - 2014-06-21 19:30 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Katharina\Downloads\avira_de_av___ws.exe
2014-06-21 19:28 - 2014-06-21 19:28 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Intel Corporation
2014-06-21 19:27 - 2014-06-21 19:27 - 00000000 ____D () C:\Users\Katharina\Documents\Bluetooth Folder
2014-06-21 19:27 - 2014-06-21 19:27 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Atheros
2014-06-21 19:27 - 2014-06-21 19:27 - 00000000 ____D () C:\Users\Katharina\AppData\Local\BMExplorer
2014-06-21 19:27 - 2014-06-21 19:27 - 00000000 ____D () C:\ProgramData\Atheros
2014-06-21 19:26 - 2014-06-30 20:56 - 00000000 ____D () C:\Users\Katharina
2014-06-21 19:26 - 2014-06-30 20:27 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Adobe
2014-06-21 19:26 - 2014-06-22 13:09 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Packages
2014-06-21 19:26 - 2014-06-21 19:27 - 00001133 _____ () C:\Users\Katharina\Desktop\Cyberlink Power2Go.lnk
2014-06-21 19:26 - 2014-06-21 19:26 - 00001453 _____ () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-21 19:26 - 2014-06-21 19:26 - 00000139 _____ () C:\Users\Public\Desktop\eBay.url
2014-06-21 19:26 - 2014-06-21 19:26 - 00000020 ___SH () C:\Users\Katharina\ntuser.ini
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Vorlagen
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Startmenü
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Netzwerkumgebung
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Lokale Einstellungen
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Eigene Dateien
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Druckumgebung
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Documents\Eigene Musik
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Documents\Eigene Bilder
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\AppData\Local\Verlauf
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\AppData\Local\Anwendungsdaten
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Anwendungsdaten
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Macromedia
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 ____D () C:\Users\Katharina\AppData\Local\VirtualStore
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 ____D () C:\ProgramData\eBay
2014-06-21 19:26 - 2014-02-13 00:19 - 00000000 ___RD () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-06-21 19:26 - 2014-02-13 00:16 - 00000000 ___RD () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-21 19:26 - 2014-02-12 16:10 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-06-21 19:26 - 2013-02-04 08:18 - 00000189 _____ () C:\Users\Katharina\Desktop\Lenovo Telephony Start Now.url
2014-06-21 19:26 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-21 19:26 - 2012-07-26 10:13 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Programme
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-06-21 19:13 - 2014-07-02 11:37 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\vlc
2014-06-21 19:13 - 2014-06-21 19:13 - 00000882 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-06-21 19:13 - 2014-06-21 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-06-21 19:13 - 2014-06-21 19:13 - 00000000 ____D () C:\Program Files\VideoLAN
2014-06-21 19:11 - 2014-06-21 19:11 - 25055851 _____ () C:\Users\Katharina\Downloads\vlc-2.1.4-win64.exe
2014-06-21 14:09 - 2014-06-21 14:10 - 00000000 ____D () C:\ProgramData\tmp
2014-06-21 14:09 - 2014-06-21 14:10 - 00000000 ____D () C:\ProgramData\hps
2014-06-21 14:09 - 2014-06-21 14:09 - 00547393 _____ () C:\Users\Katharina\Downloads\uninstall.exe
2014-06-21 14:09 - 2014-06-21 14:09 - 00000818 _____ () C:\Users\Public\Desktop\CEWE FOTOSCHAU.lnk
2014-06-21 14:09 - 2014-06-21 14:09 - 00000803 _____ () C:\Users\Public\Desktop\dm-Fotowelt.lnk
2014-06-21 14:09 - 2014-06-21 14:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dm-Fotowelt
2014-06-21 14:07 - 2014-06-21 14:09 - 00000000 ____D () C:\Users\Katharina\Downloads\Resources
2014-06-21 14:07 - 2014-06-21 14:07 - 00000000 ____D () C:\Users\Katharina\Downloads\printsupport
2014-06-21 14:07 - 2014-06-21 14:07 - 00000000 ____D () C:\Users\Katharina\Downloads\platforms
2014-06-21 14:07 - 2014-06-21 14:07 - 00000000 ____D () C:\Users\Katharina\Downloads\orderprocessors
2014-06-21 14:07 - 2014-06-21 14:07 - 00000000 ____D () C:\Users\Katharina\Downloads\imageformats
2014-06-21 14:07 - 2014-04-03 09:09 - 01100288 _____ () C:\Users\Katharina\Downloads\CWTemplates.dll
2014-06-21 14:07 - 2014-04-03 09:09 - 00932864 _____ () C:\Users\Katharina\Downloads\CWAPM.dll
2014-06-21 14:07 - 2014-04-03 09:09 - 00578048 _____ () C:\Users\Katharina\Downloads\CWModelBase.dll
2014-06-21 14:07 - 2014-04-03 09:09 - 00572416 _____ () C:\Users\Katharina\Downloads\CWStartScreen.dll
2014-06-21 14:07 - 2014-04-03 09:09 - 00509952 _____ () C:\Users\Katharina\Downloads\CWCustomer.dll
2014-06-21 14:07 - 2014-04-03 09:09 - 00451584 _____ () C:\Users\Katharina\Downloads\CWPriceListDialog.dll
2014-06-21 14:07 - 2014-04-03 09:09 - 00396800 _____ () C:\Users\Katharina\Downloads\CWCalendar.dll
2014-06-21 14:07 - 2014-04-03 09:09 - 00352256 _____ () C:\Users\Katharina\Downloads\CWNetworkingXTCI.dll
2014-06-21 14:07 - 2014-04-03 09:09 - 00089600 _____ () C:\Users\Katharina\Downloads\CWRegionOfInterest.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 01309696 _____ () C:\Users\Katharina\Downloads\CWGUIWidgets.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 01226752 _____ () C:\Users\Katharina\Downloads\CWFoto.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00849920 _____ () C:\Users\Katharina\Downloads\CWCore.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00710144 _____ () C:\Users\Katharina\Downloads\CWImageProcessing.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00664064 _____ () C:\Users\Katharina\Downloads\CWProductProperties.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00458752 _____ () C:\Users\Katharina\Downloads\CWXML.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00422912 _____ () C:\Users\Katharina\Downloads\CWImageLoader.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00350208 _____ () C:\Users\Katharina\Downloads\CWImageProcessingGUI.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00220672 _____ () C:\Users\Katharina\Downloads\CWNetworking.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00209408 _____ () C:\Users\Katharina\Downloads\CWFotoschauDLL.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00204288 _____ () C:\Users\Katharina\Downloads\CWAssistant.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00192512 _____ () C:\Users\Katharina\Downloads\CWVideoAnalysis.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00168960 _____ () C:\Users\Katharina\Downloads\CWGeoLocation.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00122368 _____ () C:\Users\Katharina\Downloads\CWProductBase.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00019968 _____ () C:\Users\Katharina\Downloads\facedetection.exe
2014-06-21 14:07 - 2014-03-07 10:32 - 02340352 _____ (Smaller Animals Software, Inc.) C:\Users\Katharina\Downloads\_ISource50.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 21603328 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5WebKit.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 05216256 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Widgets.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 04941312 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Gui.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 04687360 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Core.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 03280384 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5V8.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 02407424 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Quick.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 01936896 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Qml.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 01242112 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Script.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 01035264 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Network.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 01018368 _____ (FotoNation Inc.) C:\Users\Katharina\Downloads\Face.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 00677376 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Multimedia.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 00352256 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5OpenGL.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 00269312 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5PrintSupport.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 00255488 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Svg.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 00226816 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5WebKitWidgets.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 00199680 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Xml.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 00198656 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Sql.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 00180736 _____ (FotoNation Inc.) C:\Users\Katharina\Downloads\RedEye.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 00173568 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Sensors.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 00099328 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5MultimediaWidgets.dll
2014-06-21 14:07 - 2013-11-27 13:29 - 06205952 _____ () C:\Users\Katharina\Downloads\avcodec-54.dll
2014-06-21 14:07 - 2013-11-27 13:29 - 01368576 _____ (ImageMagick Studio) C:\Users\Katharina\Downloads\CORE_RL_magick_.dll
2014-06-21 14:07 - 2013-11-27 13:29 - 01286144 _____ (The ICU Project) C:\Users\Katharina\Downloads\icuuc50.dll
2014-06-21 14:07 - 2013-11-27 13:29 - 00307712 _____ () C:\Users\Katharina\Downloads\avutil-52.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 20785664 _____ (The ICU Project) C:\Users\Katharina\Downloads\icudt50.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 05718872 _____ (Microsoft Corporation) C:\Users\Katharina\Downloads\vcredist2010_x64.exe
2014-06-21 14:07 - 2013-11-27 13:28 - 01629696 _____ (The ICU Project) C:\Users\Katharina\Downloads\icuin50.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 01505280 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\Katharina\Downloads\libeay32.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 01419776 _____ () C:\Users\Katharina\Downloads\exiv2.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 01374720 _____ () C:\Users\Katharina\Downloads\avformat-54.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00730112 _____ (ImageMagick Studio LLC) C:\Users\Katharina\Downloads\CORE_RL_wand_.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00530944 _____ () C:\Users\Katharina\Downloads\avfilter-3.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00466432 _____ () C:\Users\Katharina\Downloads\IccProfLib0.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00449536 _____ () C:\Users\Katharina\Downloads\CORE_RL_Magick++_.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00361472 _____ () C:\Users\Katharina\Downloads\swscale-2.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00354304 _____ (hxxp://hunspell.sourceforge.net/) C:\Users\Katharina\Downloads\libhunspell.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00347648 _____ () C:\Users\Katharina\Downloads\libwebp.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00325120 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\Katharina\Downloads\ssleay32.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00156672 _____ () C:\Users\Katharina\Downloads\libexpat.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00150528 _____ () C:\Users\Katharina\Downloads\swresample-0.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00105472 _____ () C:\Users\Katharina\Downloads\avdevice-54.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00086528 _____ () C:\Users\Katharina\Downloads\HE_3D2anaglyph.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00069120 _____ () C:\Users\Katharina\Downloads\zlib1.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00029696 _____ (TODO: <Firmenname>) C:\Users\Katharina\Downloads\ImapiBurner.dll
2014-06-21 14:06 - 2014-06-21 14:09 - 00000000 _____ () C:\Users\Katharina\Downloads\temp.txt
2014-06-21 14:06 - 2014-06-21 14:06 - 00001332 _____ () C:\Users\Katharina\Downloads\38-index-5.1.5.txt
2014-06-21 14:06 - 2014-04-03 09:09 - 07558656 _____ () C:\Users\Katharina\Downloads\dm-Fotowelt.exe
2014-06-21 14:06 - 2014-04-01 15:55 - 01532928 _____ () C:\Users\Katharina\Downloads\CEWE FOTOSCHAU.exe
2014-06-21 14:06 - 2014-04-01 15:55 - 00436736 _____ () C:\Users\Katharina\Downloads\CEWE FOTOIMPORTER.exe
2014-06-21 14:05 - 2014-06-21 14:05 - 01628432 _____ () C:\Users\Katharina\Downloads\setup_dm_Fotowelt.exe
2014-06-21 13:50 - 2014-06-21 13:50 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-21 13:50 - 2014-06-21 13:50 - 00002030 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-06-21 13:50 - 2014-06-21 13:50 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-06-21 13:48 - 2014-06-21 13:49 - 75151232 _____ (Adobe Systems Incorporated) C:\Users\Katharina\Downloads\AdbeRdr11007_de_DE.exe
2014-06-21 13:36 - 2014-06-21 13:36 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.0.lnk
2014-06-21 13:36 - 2014-06-21 13:36 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2014-06-21 13:36 - 2014-06-21 13:36 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\OpenOffice
2014-06-21 13:35 - 2014-06-21 13:36 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-06-21 13:27 - 2014-06-21 13:27 - 00961360 _____ (Chip Digital GmbH) C:\Users\Katharina\Downloads\OpenOffice - CHIP-Installer.exe
2014-06-21 13:24 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-06-21 13:24 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-06-21 13:24 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2014-06-21 13:24 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2014-06-21 13:24 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2014-06-21 13:24 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-06-21 13:24 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-06-21 13:24 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-06-21 13:24 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-06-21 13:24 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-06-21 13:24 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-06-21 13:24 - 2013-08-10 07:21 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-06-21 13:24 - 2013-08-10 07:21 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncInfo.dll
2014-06-21 13:24 - 2013-08-10 05:58 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-06-21 13:24 - 2013-08-03 08:40 - 01374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2014-06-21 13:24 - 2013-08-03 08:40 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll
2014-06-21 13:24 - 2013-08-03 08:40 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmon.ocx
2014-06-21 13:24 - 2013-08-03 07:14 - 00399360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2014-06-21 13:24 - 2013-08-03 07:13 - 01245696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2014-06-21 13:24 - 2013-08-03 07:13 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll
2014-06-21 13:24 - 2013-08-02 08:28 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2014-06-21 13:24 - 2013-08-02 07:08 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2014-06-21 13:24 - 2013-07-25 01:10 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2014-06-21 13:24 - 2013-07-25 01:06 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2014-06-21 13:24 - 2013-04-10 01:17 - 01125888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2014-06-21 13:24 - 2013-04-10 00:29 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2014-06-21 13:17 - 2014-04-30 00:32 - 01301504 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-21 13:17 - 2014-04-30 00:22 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-21 13:17 - 2013-10-10 13:53 - 00096600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-06-21 13:17 - 2013-10-10 11:21 - 01160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-06-21 13:17 - 2013-10-10 11:20 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-06-21 13:17 - 2013-09-04 05:11 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-06-21 13:16 - 2014-05-03 07:47 - 03246592 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-21 13:16 - 2014-05-03 05:34 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-06-21 13:16 - 2014-04-03 13:19 - 00328024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-06-21 13:16 - 2014-04-03 05:44 - 00619008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-06-21 13:16 - 2014-04-01 00:08 - 00387268 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-06-21 13:16 - 2014-03-28 10:23 - 19759104 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-06-21 13:16 - 2014-03-28 08:18 - 17562112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-06-21 13:16 - 2014-03-25 01:42 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-06-21 13:16 - 2014-03-25 00:56 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-06-21 13:16 - 2013-10-19 07:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-06-21 13:16 - 2013-10-19 06:04 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-06-21 13:16 - 2013-08-16 07:41 - 00058200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2014-06-21 13:16 - 2013-08-16 07:39 - 02371728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-06-21 13:16 - 2013-08-16 07:22 - 04917760 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-06-21 13:16 - 2013-08-16 07:21 - 01164288 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2014-06-21 13:16 - 2013-08-16 07:21 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2014-06-21 13:16 - 2013-08-16 07:21 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-06-21 13:16 - 2013-08-16 07:21 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2014-06-21 13:16 - 2013-08-16 07:21 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
2014-06-21 13:16 - 2013-08-16 07:21 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2014-06-21 13:16 - 2013-08-16 07:21 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcln.dll
2014-06-21 13:16 - 2013-08-16 07:20 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2014-06-21 13:16 - 2013-08-16 00:43 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-06-21 13:16 - 2013-08-16 00:43 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll
2014-06-21 13:16 - 2013-08-16 00:43 - 00083968 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-06-21 13:16 - 2013-08-16 00:42 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2014-06-21 13:16 - 2013-08-16 00:42 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupcln.dll
2014-06-21 13:16 - 2013-07-06 02:15 - 00652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2014-06-21 13:16 - 2013-07-04 04:13 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2014-06-21 13:15 - 2014-03-28 21:19 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-06-21 13:15 - 2014-03-24 00:11 - 00269592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-06-21 13:15 - 2013-12-09 02:45 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-06-21 13:15 - 2013-12-09 01:59 - 00600064 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-06-21 13:15 - 2013-10-09 03:33 - 00059416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-06-21 13:15 - 2013-10-09 00:30 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-06-21 13:15 - 2013-10-09 00:30 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-06-21 13:15 - 2013-10-09 00:30 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-06-21 13:15 - 2013-10-09 00:30 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-06-21 13:15 - 2013-10-09 00:28 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-06-21 13:15 - 2013-10-09 00:27 - 03279872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-06-21 13:15 - 2013-10-09 00:27 - 01622016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-06-21 13:15 - 2013-10-09 00:27 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-06-21 13:15 - 2013-10-09 00:27 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-06-21 13:15 - 2013-10-09 00:27 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-06-21 13:15 - 2013-10-09 00:27 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-06-21 13:15 - 2013-10-09 00:27 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-06-21 13:15 - 2013-10-05 08:10 - 00285016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-06-21 13:15 - 2013-10-02 04:50 - 00447320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-06-21 13:15 - 2013-09-28 07:48 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-06-21 13:15 - 2013-09-28 05:58 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-06-21 13:15 - 2013-09-19 09:32 - 01455448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-06-21 13:15 - 2013-09-14 00:36 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ubpm.dll
2014-06-21 13:15 - 2013-09-14 00:33 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-06-21 13:15 - 2013-08-30 07:43 - 00061784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2014-06-21 13:15 - 2013-08-30 07:20 - 01173504 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2014-06-21 13:15 - 2013-08-30 07:19 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-06-21 13:15 - 2013-08-30 07:18 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-06-21 13:15 - 2013-08-30 01:48 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2014-06-21 13:15 - 2013-08-30 01:48 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-06-21 13:15 - 2013-08-30 01:47 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-06-21 13:15 - 2013-08-21 08:39 - 00465240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-06-21 13:15 - 2013-08-16 07:21 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-06-21 13:15 - 2013-08-16 07:21 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-06-21 13:15 - 2013-08-16 00:43 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-06-21 13:15 - 2013-08-10 08:30 - 00151896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2014-06-21 13:15 - 2013-07-25 01:10 - 10799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-06-21 13:15 - 2013-07-25 01:07 - 13661696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-06-21 13:15 - 2013-07-06 00:02 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbcir.sys
2014-06-21 13:15 - 2013-07-06 00:01 - 00210560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2014-06-21 13:15 - 2013-07-02 00:14 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbprint.sys
2014-06-21 13:15 - 2013-06-22 07:45 - 00785624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2014-06-21 13:15 - 2013-06-22 07:45 - 00054488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys
2014-06-21 13:14 - 2014-05-24 04:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-21 13:14 - 2014-05-24 04:47 - 02239488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-21 13:14 - 2014-05-24 04:47 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-21 13:14 - 2014-05-24 04:47 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-06-21 13:14 - 2014-05-24 04:47 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 19290112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 15368704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 03958784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 02650112 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-21 13:14 - 2014-05-24 04:45 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-21 13:14 - 2014-05-24 04:45 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-21 13:14 - 2014-05-24 04:45 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-21 13:14 - 2014-05-24 03:26 - 14365696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-21 13:14 - 2014-05-24 03:26 - 01766400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-21 13:14 - 2014-05-24 03:26 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-21 13:14 - 2014-05-24 03:26 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-21 13:14 - 2014-05-24 03:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-21 13:14 - 2014-05-24 03:26 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-21 13:14 - 2014-05-24 03:26 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-06-21 13:14 - 2014-05-24 03:25 - 13731328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-21 13:14 - 2014-05-24 03:25 - 02862080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-21 13:14 - 2014-05-24 03:25 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-21 13:14 - 2014-05-24 03:25 - 01440768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-21 13:14 - 2014-05-24 03:25 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-06-21 13:14 - 2014-05-24 03:25 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-21 13:14 - 2014-05-24 03:25 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-21 13:14 - 2014-05-24 03:25 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-06-21 13:14 - 2014-05-24 03:25 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-21 13:14 - 2014-05-24 03:25 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-21 13:14 - 2014-05-24 03:25 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-21 13:14 - 2014-05-24 03:09 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-06-21 13:14 - 2014-05-24 03:03 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-06-21 13:14 - 2014-05-24 00:37 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-06-21 13:14 - 2014-02-08 06:34 - 04036608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-06-21 13:14 - 2013-10-02 01:37 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-06-21 13:14 - 2013-10-02 01:26 - 01890816 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-06-21 13:14 - 2013-07-09 10:04 - 00120144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-06-21 13:14 - 2013-07-09 08:18 - 00439488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-06-21 13:14 - 2013-07-09 06:25 - 00385768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-06-21 13:14 - 2013-07-09 05:57 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-06-21 13:14 - 2013-07-09 00:46 - 00543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-06-21 13:14 - 2013-07-09 00:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-06-21 13:14 - 2013-07-09 00:46 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanadvui.dll
2014-06-21 13:14 - 2013-07-09 00:45 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-06-21 13:14 - 2013-07-06 02:16 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-06-21 13:14 - 2013-07-03 02:23 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2014-06-21 13:14 - 2013-07-03 02:22 - 02839552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-06-21 13:14 - 2013-07-03 02:11 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2014-06-21 13:14 - 2013-07-03 02:10 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-06-21 13:14 - 2013-07-01 00:30 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\openfiles.exe
2014-06-21 13:14 - 2013-07-01 00:29 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\openfiles.exe
2014-06-21 13:14 - 2013-06-29 08:15 - 00195416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-06-21 13:14 - 2013-06-29 08:15 - 00125784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-06-21 13:14 - 2013-06-26 05:01 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2014-06-21 13:14 - 2013-06-26 04:59 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HdAudio.sys
2014-06-21 13:14 - 2013-06-25 00:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2014-06-21 13:14 - 2013-06-25 00:54 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2014-06-21 13:14 - 2013-06-25 00:54 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-06-21 13:14 - 2013-06-19 07:36 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-06-21 13:14 - 2013-06-19 07:36 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-06-21 13:14 - 2013-06-19 00:38 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-06-21 13:14 - 2013-06-19 00:38 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-06-21 13:14 - 2013-06-12 01:43 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2014-06-21 13:14 - 2013-06-12 01:26 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2014-06-21 13:14 - 2013-06-10 21:16 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-06-21 13:14 - 2013-06-10 21:15 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-06-21 13:14 - 2013-06-10 21:10 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-06-21 13:14 - 2013-06-10 21:10 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-06-21 13:14 - 2013-06-06 10:03 - 00119040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-06-21 13:14 - 2013-05-24 01:02 - 01314816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-06-21 13:14 - 2013-05-24 00:25 - 00694272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-06-21 13:13 - 2014-04-12 11:27 - 00172888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-06-21 13:13 - 2014-04-12 11:10 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2014-06-21 13:13 - 2014-04-12 11:09 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2014-06-21 13:13 - 2014-04-12 11:09 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-06-21 13:13 - 2014-04-12 11:09 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2014-06-21 13:13 - 2014-04-12 11:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2014-06-21 13:13 - 2014-04-12 11:08 - 01281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-06-21 13:13 - 2014-04-12 11:08 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-06-21 13:13 - 2014-04-12 11:08 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2014-06-21 13:13 - 2014-04-12 11:08 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2014-06-21 13:13 - 2014-04-12 11:07 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2014-06-21 13:13 - 2014-04-12 09:23 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2014-06-21 13:13 - 2014-04-12 09:23 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-06-21 13:13 - 2014-04-12 09:23 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2014-06-21 13:13 - 2014-04-12 09:23 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll
2014-06-21 13:13 - 2014-04-12 09:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2014-06-21 13:13 - 2014-04-12 09:22 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-06-21 13:13 - 2014-04-12 09:22 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2014-06-21 13:13 - 2014-04-12 08:58 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\workerdd.dll
2014-06-21 13:13 - 2014-03-11 05:32 - 06987096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-06-21 13:13 - 2014-03-11 05:25 - 00100184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2014-06-21 13:13 - 2014-03-11 02:41 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2014-06-21 13:13 - 2014-03-11 02:41 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-06-21 13:13 - 2014-03-11 02:41 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dimsroam.dll
2014-06-21 13:13 - 2014-03-11 02:39 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2014-06-21 13:13 - 2014-03-11 02:38 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-06-21 13:13 - 2014-03-11 02:38 - 00684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2014-06-21 13:13 - 2014-03-11 02:38 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-06-21 13:13 - 2014-03-11 02:38 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2014-06-21 13:13 - 2014-03-11 02:38 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2014-06-21 13:13 - 2014-03-11 02:38 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dimsroam.dll
2014-06-21 13:13 - 2014-03-11 02:38 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2014-06-21 13:13 - 2014-03-10 05:05 - 00668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-06-21 13:13 - 2014-03-10 03:27 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2014-06-21 13:13 - 2014-03-04 01:07 - 00570216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-06-21 13:13 - 2013-12-05 01:43 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-06-21 13:13 - 2013-12-05 01:37 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-06-21 13:13 - 2013-10-31 07:56 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2014-06-21 13:13 - 2013-10-31 07:56 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2014-06-21 13:13 - 2013-10-31 06:01 - 00550400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2014-06-21 13:13 - 2013-10-31 05:42 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2014-06-21 13:13 - 2013-10-13 22:49 - 00100696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys
2014-06-21 13:13 - 2013-08-27 07:21 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-06-21 13:13 - 2013-08-27 07:19 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-06-21 13:13 - 2013-08-27 00:29 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-06-21 13:13 - 2013-08-27 00:28 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-06-21 13:13 - 2013-07-20 00:13 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-06-21 13:13 - 2013-07-20 00:13 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-06-21 13:13 - 2013-07-13 08:18 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-06-21 13:13 - 2013-07-13 08:16 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2014-06-21 13:13 - 2013-07-13 08:15 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2014-06-21 13:13 - 2013-07-13 08:15 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2014-06-21 13:13 - 2013-07-13 06:24 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-06-21 13:13 - 2013-07-13 06:23 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2014-06-21 13:13 - 2013-07-13 06:23 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2014-06-21 13:13 - 2013-07-01 03:42 - 00623448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-06-21 13:13 - 2013-07-01 03:42 - 00498008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-06-21 13:13 - 2013-07-01 03:42 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-06-21 13:13 - 2013-07-01 03:42 - 00021848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-06-21 13:13 - 2013-06-29 05:07 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-06-21 13:13 - 2013-06-29 05:06 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-06-21 13:13 - 2013-05-27 01:17 - 00035328 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2014-06-21 13:13 - 2013-05-27 00:59 - 00046080 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2014-06-21 13:13 - 2013-05-25 05:15 - 00362496 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2014-06-21 13:13 - 2013-05-25 04:32 - 00300032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2014-06-21 13:12 - 2014-04-03 13:22 - 02233176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-21 13:12 - 2014-03-28 10:23 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-06-21 13:12 - 2014-03-07 02:47 - 01419264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-21 13:12 - 2014-03-07 02:08 - 01845760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-21 13:12 - 2014-02-06 01:41 - 00595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-06-21 13:12 - 2014-02-06 01:37 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-06-21 13:12 - 2014-01-31 02:48 - 01339392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-06-21 13:12 - 2014-01-31 02:06 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-06-21 13:12 - 2014-01-13 01:30 - 02238976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-06-21 13:12 - 2014-01-13 01:30 - 02032640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-06-21 13:12 - 2013-11-23 08:43 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-06-21 13:12 - 2013-11-23 07:05 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-06-21 13:12 - 2013-11-20 02:15 - 03842560 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-06-21 13:12 - 2013-11-20 01:57 - 03288576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-06-21 13:12 - 2013-10-10 11:32 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2014-06-21 13:12 - 2013-10-10 11:30 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2014-06-21 13:12 - 2013-10-10 11:30 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-06-21 13:12 - 2013-10-10 11:24 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2014-06-21 13:12 - 2013-10-10 11:23 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2014-06-21 13:12 - 2013-10-10 11:22 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2014-06-21 13:12 - 2013-10-10 11:22 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-06-21 13:12 - 2013-10-02 01:37 - 02035712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-06-21 13:12 - 2013-10-02 01:26 - 02304512 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-06-21 13:12 - 2013-09-28 05:35 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2014-06-21 13:12 - 2013-08-23 09:22 - 02062848 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-06-21 13:12 - 2013-08-23 03:44 - 01711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-06-21 13:12 - 2013-08-07 07:15 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssdisai.dll
2014-06-21 13:12 - 2013-08-02 08:28 - 10116608 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-06-21 13:12 - 2013-08-02 07:08 - 08858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-06-21 13:12 - 2013-07-02 03:41 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-06-21 13:12 - 2013-07-02 03:41 - 00213336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2014-06-21 13:12 - 2013-03-22 05:49 - 02382336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2014-06-21 13:12 - 2013-03-22 00:47 - 02851840 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2014-06-21 13:11 - 2014-03-01 11:47 - 01258496 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-06-21 13:11 - 2014-03-01 11:47 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-06-21 13:11 - 2014-03-01 10:07 - 01075200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-06-21 13:11 - 2014-03-01 08:59 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-06-21 13:11 - 2014-02-27 01:18 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-06-21 13:11 - 2014-02-27 01:18 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-06-21 13:11 - 2014-02-27 01:18 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-06-21 13:11 - 2014-02-15 06:15 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-06-21 13:11 - 2013-11-26 01:17 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-06-21 13:11 - 2013-11-01 07:38 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-06-21 13:11 - 2013-11-01 05:49 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-06-21 13:11 - 2013-06-29 05:08 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2014-06-21 13:05 - 2014-06-24 16:46 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-21 12:54 - 2014-06-30 20:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-21 12:54 - 2014-06-21 12:55 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Mozilla
2014-06-21 12:54 - 2014-06-21 12:55 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Mozilla
2014-06-21 12:54 - 2014-06-21 12:54 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-21 12:54 - 2014-06-21 12:54 - 00001162 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-21 12:53 - 2014-06-21 12:53 - 29677544 _____ (Mozilla) C:\Users\Katharina\Downloads\Firefox_Setup_de30.0.exe
2014-06-21 12:50 - 2014-06-21 12:49 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2014-06-21 12:49 - 2014-06-21 12:49 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Avira

==================== One Month Modified Files and Folders =======

2014-07-02 19:37 - 2014-07-02 19:37 - 00014446 _____ () C:\Users\Katharina\Downloads\FRST.txt
2014-07-02 19:37 - 2014-07-02 19:37 - 00000000 ____D () C:\FRST
2014-07-02 19:36 - 2014-07-02 19:36 - 02083840 _____ (Farbar) C:\Users\Katharina\Downloads\FRST64.exe
2014-07-02 19:31 - 2014-02-12 15:28 - 01459353 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-02 19:26 - 2014-06-21 19:34 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3349096550-3144467483-3537340833-1002
2014-07-02 19:24 - 2014-02-13 00:09 - 00754172 _____ () C:\WINDOWS\system32\perfh007.dat
2014-07-02 19:24 - 2014-02-13 00:09 - 00156362 _____ () C:\WINDOWS\system32\perfc007.dat
2014-07-02 19:24 - 2012-07-26 09:28 - 01748838 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-02 19:22 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\rescache
2014-07-02 19:20 - 2012-07-26 09:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-02 19:19 - 2014-02-12 16:15 - 00002560 _____ () C:\WINDOWS\system32\VfService.trf
2014-07-02 19:19 - 2013-03-25 23:02 - 00142132 _____ () C:\WINDOWS\PFRO.log
2014-07-02 19:19 - 2012-07-26 07:26 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-02 19:00 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-02 18:59 - 2014-07-02 18:59 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-02 18:58 - 2014-07-02 18:58 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-02 18:58 - 2014-07-02 18:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-02 18:58 - 2014-07-02 18:58 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-02 18:58 - 2014-07-02 18:57 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Katharina\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-02 11:37 - 2014-06-21 19:13 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\vlc
2014-07-01 21:00 - 2014-06-24 17:24 - 00115712 ___SH () C:\Users\Katharina\Desktop\Thumbs.db
2014-07-01 18:42 - 2014-07-01 18:30 - 00017536 _____ () C:\Users\Katharina\Desktop\Menüpläne.odt
2014-07-01 09:39 - 2014-07-01 09:39 - 00001046 _____ () C:\Users\Public\Desktop\PDFCreator.lnk
2014-07-01 09:39 - 2014-07-01 09:39 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\pdfforge
2014-07-01 09:39 - 2014-07-01 09:39 - 00000000 ____D () C:\ProgramData\PDF Architect 2
2014-07-01 09:39 - 2014-07-01 09:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2014-07-01 09:39 - 2014-07-01 09:38 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-07-01 09:37 - 2014-07-01 09:37 - 27843432 _____ (pdfforge ) C:\Users\Katharina\Downloads\PDFCreator-1_7_3_setup.exe
2014-07-01 09:16 - 2014-07-01 09:16 - 07873675 _____ (7-PDF, Germany - Th. Hodes ) C:\Users\Katharina\Downloads\7PDF_10_0_0_1840_CB-DL-Manager [1].exe
2014-07-01 09:15 - 2014-07-01 09:15 - 00788832 _____ ( ) C:\Users\Katharina\Downloads\7PDF_10_0_0_1840_CB-DL-Manager.exe
2014-07-01 09:14 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2014-07-01 09:04 - 2014-07-01 09:04 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-06-30 20:56 - 2014-06-30 20:56 - 00000000 ____D () C:\Users\Katharina\dwhelper
2014-06-30 20:56 - 2014-06-21 19:26 - 00000000 ____D () C:\Users\Katharina
2014-06-30 20:48 - 2012-07-26 09:21 - 00027033 _____ () C:\WINDOWS\setupact.log
2014-06-30 20:42 - 2014-06-30 20:42 - 00001329 _____ () C:\Users\Katharina\Desktop\Easy Audio Cutter.lnk
2014-06-30 20:42 - 2014-06-30 20:42 - 00001313 _____ () C:\Users\Katharina\Desktop\Free CD Ripper.lnk
2014-06-30 20:42 - 2014-06-30 20:42 - 00001311 _____ () C:\Users\Katharina\Desktop\Free Mp3 Wma Converter.lnk
2014-06-30 20:42 - 2014-06-30 20:42 - 00001184 _____ () C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.lnk
2014-06-30 20:42 - 2014-06-30 20:42 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\FreeAudioPack
2014-06-30 20:42 - 2014-06-30 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Audio Pack
2014-06-30 20:42 - 2014-06-30 20:42 - 00000000 ____D () C:\Program Files (x86)\Free mp3 Wma Converter
2014-06-30 20:42 - 2014-06-21 12:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-30 20:40 - 2014-06-30 20:40 - 00961360 _____ (Chip Digital GmbH) C:\Users\Katharina\Downloads\Free Mp3 Wma Converter - CHIP-Installer.exe
2014-06-30 20:32 - 2014-06-30 20:32 - 00001163 _____ () C:\Users\Katharina\Desktop\Amazon Music.lnk
2014-06-30 20:31 - 2014-06-30 20:31 - 38534920 _____ (Amazon) C:\Users\Katharina\Downloads\AmazonMusicInstaller.exe
2014-06-30 20:27 - 2014-06-30 20:26 - 09659608 _____ () C:\Users\Katharina\Downloads\AmazonMusicImporterInstaller-2.1.0._V337128703_.exe
2014-06-30 20:27 - 2014-06-29 09:34 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Adobe
2014-06-30 20:27 - 2014-06-21 19:26 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Adobe
2014-06-30 17:25 - 2014-06-30 17:25 - 00015074 _____ () C:\Users\Katharina\Documents\Saisonkalender_Obst_Gemüse.odt
2014-06-30 16:28 - 2014-06-30 16:28 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-06-30 15:58 - 2014-06-30 15:58 - 00013441 _____ () C:\Users\Katharina\Documents\Unbenannt 1.odt
2014-06-27 20:26 - 2014-06-27 20:26 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Macromedia
2014-06-26 21:02 - 2014-06-26 21:02 - 00955246 _____ () C:\Users\Katharina\Desktop\Hochzeitstag 26082014.MVM
2014-06-26 20:59 - 2014-06-26 20:59 - 00000000 ____D () C:\Users\Katharina\AppData\Local\CrashDumps
2014-06-26 20:50 - 2014-06-26 13:32 - 00023040 ___SH () C:\Users\Katharina\Downloads\Thumbs.db
2014-06-26 20:43 - 2014-06-26 20:43 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\WebApp
2014-06-26 20:40 - 2014-06-26 20:40 - 00000000 ____D () C:\Users\Katharina\Documents\Lenovo
2014-06-26 20:40 - 2014-06-26 20:40 - 00000000 ____D () C:\Users\Katharina\Documents\CyberLink
2014-06-26 20:40 - 2014-06-26 20:40 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Lenovo
2014-06-26 20:40 - 2014-06-26 20:40 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\CyberLink
2014-06-26 20:40 - 2014-02-12 16:15 - 00000000 ____D () C:\ProgramData\Lenovo
2014-06-26 20:40 - 2014-02-12 16:08 - 00000000 ____D () C:\ProgramData\CyberLink
2014-06-26 13:31 - 2014-06-26 13:30 - 00000000 ____D () C:\ProgramData\MAGIX
2014-06-26 13:31 - 2014-06-26 13:27 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\MAGIX
2014-06-26 13:30 - 2014-06-26 13:30 - 00001051 _____ () C:\Users\Public\Desktop\MAGIX Slideshow Maker 2.lnk
2014-06-26 13:30 - 2014-06-26 13:30 - 00000000 ____D () C:\Users\Katharina\Documents\MAGIX
2014-06-26 13:30 - 2014-06-26 13:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2014-06-26 13:30 - 2014-06-26 13:30 - 00000000 ____D () C:\Program Files (x86)\MAGIX
2014-06-26 13:25 - 2014-06-26 13:25 - 00961360 _____ (Chip Digital GmbH) C:\Users\Katharina\Downloads\Vollversion Magix Slideshow Maker - CHIP-Installer.exe
2014-06-26 13:10 - 2014-06-26 13:09 - 00000000 ____D () C:\Users\Katharina\AppData\Local\AquaSoft
2014-06-26 13:09 - 2014-06-26 13:09 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\AquaSoft
2014-06-25 17:13 - 2014-06-24 16:39 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\CrashDumps
2014-06-25 08:21 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-06-24 17:24 - 2014-06-24 17:24 - 00144345 _____ () C:\Users\Katharina\Desktop\klarna agb.odt
2014-06-24 16:46 - 2014-06-21 13:05 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-24 16:41 - 2014-06-24 16:41 - 00307760 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-06-24 16:40 - 2014-06-24 16:40 - 00000000 ____D () C:\sources
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\WinStore
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\Com
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\Com
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-06-24 16:40 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-06-24 16:40 - 2012-07-26 09:52 - 00000000 ____D () C:\Program Files\Windows Journal
2014-06-24 16:40 - 2012-07-26 09:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\winrm
2014-06-24 16:40 - 2012-07-26 09:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-06-24 16:40 - 2012-07-26 09:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-06-24 16:40 - 2012-07-26 09:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\slmgr
2014-06-24 16:40 - 2012-07-26 09:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2014-06-24 16:40 - 2012-07-26 09:51 - 00000000 ____D () C:\WINDOWS\system32\winrm
2014-06-24 16:40 - 2012-07-26 09:51 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-06-24 16:40 - 2012-07-26 09:51 - 00000000 ____D () C:\WINDOWS\system32\slmgr
2014-06-24 16:40 - 2012-07-26 09:51 - 00000000 ____D () C:\WINDOWS\system32\Printing_Admin_Scripts
2014-06-24 16:40 - 2012-07-26 07:38 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2014-06-24 16:40 - 2012-07-26 07:38 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-06-24 16:40 - 2012-07-26 07:38 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-06-24 16:40 - 2012-07-26 07:38 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-06-24 16:40 - 2012-07-26 07:38 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-06-22 13:09 - 2014-06-22 13:05 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-06-22 13:09 - 2014-06-21 19:26 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Packages
2014-06-22 13:09 - 2013-03-25 23:03 - 00000000 ____D () C:\ProgramData\PRICache
2014-06-22 13:05 - 2012-07-26 10:12 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-06-22 13:05 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-22 13:05 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-22 13:05 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-06-22 13:05 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-06-22 13:04 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-06-22 12:08 - 2014-06-22 12:08 - 00564824 _____ (Duplex Secure Ltd.) C:\WINDOWS\system32\Drivers\sptd.sys
2014-06-22 12:07 - 2014-06-22 12:07 - 00000000 ____D () C:\Users\Katharina\AppData\Local\PackageAware
2014-06-22 12:02 - 2014-06-22 12:02 - 00961360 _____ (Chip Digital GmbH) C:\Users\Katharina\Downloads\DiaShow Ultimate - CHIP-Installer.exe
2014-06-22 11:40 - 2014-06-22 11:38 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-22 11:38 - 2012-07-26 07:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-06-21 19:48 - 2014-06-21 19:45 - 00000000 ____D () C:\ProgramData\Avira
2014-06-21 19:48 - 2014-06-21 19:45 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-06-21 19:45 - 2014-06-21 19:45 - 00001148 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-06-21 19:45 - 2014-06-21 19:45 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-21 19:41 - 2012-07-26 10:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-06-21 19:37 - 2014-06-21 19:37 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Nitro
2014-06-21 19:35 - 2014-02-12 16:17 - 00000000 ____D () C:\ProgramData\Energy Manager
2014-06-21 19:30 - 2014-06-21 19:30 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Katharina\Downloads\avira_de_av___ws.exe
2014-06-21 19:28 - 2014-06-21 19:28 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Intel Corporation
2014-06-21 19:27 - 2014-06-21 19:27 - 00000000 ____D () C:\Users\Katharina\Documents\Bluetooth Folder
2014-06-21 19:27 - 2014-06-21 19:27 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Atheros
2014-06-21 19:27 - 2014-06-21 19:27 - 00000000 ____D () C:\Users\Katharina\AppData\Local\BMExplorer
2014-06-21 19:27 - 2014-06-21 19:27 - 00000000 ____D () C:\ProgramData\Atheros
2014-06-21 19:27 - 2014-06-21 19:26 - 00001133 _____ () C:\Users\Katharina\Desktop\Cyberlink Power2Go.lnk
2014-06-21 19:26 - 2014-06-21 19:26 - 00001453 _____ () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-21 19:26 - 2014-06-21 19:26 - 00000139 _____ () C:\Users\Public\Desktop\eBay.url
2014-06-21 19:26 - 2014-06-21 19:26 - 00000020 ___SH () C:\Users\Katharina\ntuser.ini
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Vorlagen
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Startmenü
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Netzwerkumgebung
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Lokale Einstellungen
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Eigene Dateien
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Druckumgebung
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Documents\Eigene Musik
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Documents\Eigene Bilder
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\AppData\Local\Verlauf
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\AppData\Local\Anwendungsdaten
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Anwendungsdaten
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Macromedia
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 ____D () C:\Users\Katharina\AppData\Local\VirtualStore
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 ____D () C:\ProgramData\eBay
2014-06-21 19:26 - 2014-02-13 01:25 - 00094656 _____ () C:\WINDOWS\modules.log
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Programme
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-06-21 19:16 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows NT
2014-06-21 19:16 - 2012-07-26 07:37 - 00000000 ___HD () C:\Users\Default
2014-06-21 19:13 - 2014-06-21 19:13 - 00000882 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-06-21 19:13 - 2014-06-21 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-06-21 19:13 - 2014-06-21 19:13 - 00000000 ____D () C:\Program Files\VideoLAN
2014-06-21 19:11 - 2014-06-21 19:11 - 25055851 _____ () C:\Users\Katharina\Downloads\vlc-2.1.4-win64.exe
2014-06-21 14:11 - 2014-02-12 16:02 - 00000000 ____D () C:\Program Files (x86)\Lenovo DE
2014-06-21 14:10 - 2014-06-21 14:09 - 00000000 ____D () C:\ProgramData\tmp
2014-06-21 14:10 - 2014-06-21 14:09 - 00000000 ____D () C:\ProgramData\hps
2014-06-21 14:09 - 2014-06-21 14:09 - 00547393 _____ () C:\Users\Katharina\Downloads\uninstall.exe
2014-06-21 14:09 - 2014-06-21 14:09 - 00000818 _____ () C:\Users\Public\Desktop\CEWE FOTOSCHAU.lnk
2014-06-21 14:09 - 2014-06-21 14:09 - 00000803 _____ () C:\Users\Public\Desktop\dm-Fotowelt.lnk
2014-06-21 14:09 - 2014-06-21 14:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dm-Fotowelt
2014-06-21 14:09 - 2014-06-21 14:07 - 00000000 ____D () C:\Users\Katharina\Downloads\Resources
2014-06-21 14:09 - 2014-06-21 14:06 - 00000000 _____ () C:\Users\Katharina\Downloads\temp.txt
2014-06-21 14:07 - 2014-06-21 14:07 - 00000000 ____D () C:\Users\Katharina\Downloads\printsupport
2014-06-21 14:07 - 2014-06-21 14:07 - 00000000 ____D () C:\Users\Katharina\Downloads\platforms
2014-06-21 14:07 - 2014-06-21 14:07 - 00000000 ____D () C:\Users\Katharina\Downloads\orderprocessors
2014-06-21 14:07 - 2014-06-21 14:07 - 00000000 ____D () C:\Users\Katharina\Downloads\imageformats
2014-06-21 14:06 - 2014-06-21 14:06 - 00001332 _____ () C:\Users\Katharina\Downloads\38-index-5.1.5.txt
2014-06-21 14:05 - 2014-06-21 14:05 - 01628432 _____ () C:\Users\Katharina\Downloads\setup_dm_Fotowelt.exe
2014-06-21 13:50 - 2014-06-21 13:50 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-21 13:50 - 2014-06-21 13:50 - 00002030 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-06-21 13:50 - 2014-06-21 13:50 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-06-21 13:49 - 2014-06-21 13:48 - 75151232 _____ (Adobe Systems Incorporated) C:\Users\Katharina\Downloads\AdbeRdr11007_de_DE.exe
2014-06-21 13:36 - 2014-06-21 13:36 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.0.lnk
2014-06-21 13:36 - 2014-06-21 13:36 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2014-06-21 13:36 - 2014-06-21 13:36 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\OpenOffice
2014-06-21 13:36 - 2014-06-21 13:35 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-06-21 13:27 - 2014-06-21 13:27 - 00961360 _____ (Chip Digital GmbH) C:\Users\Katharina\Downloads\OpenOffice - CHIP-Installer.exe
2014-06-21 12:55 - 2014-06-21 12:54 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Mozilla
2014-06-21 12:55 - 2014-06-21 12:54 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Mozilla
2014-06-21 12:54 - 2014-06-21 12:54 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-21 12:54 - 2014-06-21 12:54 - 00001162 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-21 12:53 - 2014-06-21 12:53 - 29677544 _____ (Mozilla) C:\Users\Katharina\Downloads\Firefox_Setup_de30.0.exe
2014-06-21 12:49 - 2014-06-21 12:50 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2014-06-21 12:49 - 2014-06-21 12:49 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Avira
2014-06-21 12:48 - 2014-06-21 19:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

Some content of TEMP:
====================
C:\Users\Katharina\AppData\Local\Temp\avgnt.exe
C:\Users\Katharina\AppData\Local\Temp\installhelper.dll
C:\Users\Katharina\AppData\Local\Temp\SRAssetsHelper.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-01 09:27

==================== End Of Log ============================
         
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-07-2014
Ran by Katharina at 2014-07-02 19:38:23
Running from C:\Users\Katharina\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.1.1245.72250 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.1.1245.72250 - Alcor Micro Corp.) Hidden
Amazon Music (HKCU\...\Amazon Amazon Music) (Version: 3.0.5.567 - Amazon Services LLC)
Avira (HKLM-x32\...\{68e29fba-92b1-4f6f-a604-1d8679da3a9f}) (Version: 1.1.13.24161 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.13.24161 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.672 - Avira)
Benutzerhandbuch (x32 Version: 1.0.0.15 - Lenovo) Hidden
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.1.5 - CEWE Stiftung u Co. KGaA)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.28 - Lenovo)
Energy Manager (x32 Version: 1.0.0.28 - Lenovo) Hidden
Free Mp3 Wma Converter V 2.2 (HKLM-x32\...\Free Mp3 Wma Converter_is1) (Version: 2.2.0.0 - Koyote Soft)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6486.0 - IDT)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1010 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.10.1372 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3257 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.6.0.1033 - Intel Corporation) Hidden
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.13.531.1 - Vimicro)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5108.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5108.52 - CyberLink Corp.) Hidden
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3423 - CyberLink Corp.) Hidden
MAGIX Slideshow Maker 2 (HKLM-x32\...\MAGIX_MSI_Slideshow_Maker_2) (Version: 2.0.0.8 - MAGIX AG)
MAGIX Slideshow Maker 2 (x32 Version: 2.0.0.8 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
NVIDIA GeForce Experience 1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.70 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.124.810 - NVIDIA Corporation) Hidden
NVIDIA Optimus 4.11.9 (Version: 4.11.9 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Systemsteuerung 311.70 (Version: 311.70 - NVIDIA Corporation) Hidden
NVIDIA Update 4.11.9 (Version: 4.11.9 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 4.11.9 - NVIDIA Corporation) Hidden
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.222 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.16 - Qualcomm Atheros Communications Inc.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.7 - Synaptics Incorporated)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)

==================== Restore Points  =========================

21-06-2014 11:18:46 Removed Nitro Pro 8
23-06-2014 14:08:27 Sprachpaketdeinstallation
01-07-2014 07:39:33 Installed PDF Architect 2 View Module

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1C8F3795-C9F1-488E-BB75-728A55072437} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-06-01] (Microsoft Corporation)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {7C6E816E-BA3A-4A20-A555-55C832FACDF8} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {7F6A6D6B-1DE9-4E2E-90D2-6EDA9C42B748} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {C8959E4F-A5D3-4AEF-84AB-A31B10D64CF6} - System32\Tasks\OFFICE2013ACT => C:\ProgramData\Microsoft\Windows\OFFICEICON.vbs [2012-03-08] ()
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask

==================== Loaded Modules (whitelisted) =============

2014-02-12 16:15 - 2014-02-12 16:15 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2014-02-12 16:15 - 2014-02-12 16:15 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2014-02-13 00:12 - 2013-07-02 21:43 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-02-28 19:05 - 2013-02-28 19:05 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-02-28 19:02 - 2013-02-28 19:02 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-02-28 19:06 - 2013-02-28 19:06 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2014-06-30 20:32 - 2014-06-24 23:24 - 03162944 _____ () C:\Users\Katharina\AppData\Local\Amazon Music\Amazon Music Helper.exe
2014-05-14 14:27 - 2014-05-14 14:27 - 00137296 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-05-14 14:27 - 2014-05-14 14:27 - 00065616 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-06-21 12:48 - 2014-05-14 14:27 - 00049744 _____ () C:\Users\Katharina\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-02-12 15:50 - 2013-05-17 01:06 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-06-21 12:54 - 2014-06-06 06:38 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:nlsPreferences

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/02/2014 10:33:48 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/01/2014 10:36:54 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (06/30/2014 11:39:19 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (06/28/2014 09:27:38 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (06/27/2014 03:54:41 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (06/26/2014 08:59:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DllHost.exe, Version: 6.2.9200.16384, Zeitstempel: 0x5010888a
Name des fehlerhaften Moduls: combase.dll, Version: 6.2.9200.16420, Zeitstempel: 0x505a976e
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x00025c44
ID des fehlerhaften Prozesses: 0xe78
Startzeit der fehlerhaften Anwendung: 0xDllHost.exe0
Pfad der fehlerhaften Anwendung: DllHost.exe1
Pfad des fehlerhaften Moduls: DllHost.exe2
Berichtskennung: DllHost.exe3
Vollständiger Name des fehlerhaften Pakets: DllHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DllHost.exe5

Error: (06/26/2014 00:11:21 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (06/25/2014 06:58:32 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (06/25/2014 05:13:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: daemonu.exe, Version: 4.11.9.1, Zeitstempel: 0x5194eb80
Name des fehlerhaften Moduls: daemonu.exe, Version: 4.11.9.1, Zeitstempel: 0x5194eb80
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00025fc5
ID des fehlerhaften Prozesses: 0x7ac
Startzeit der fehlerhaften Anwendung: 0xdaemonu.exe0
Pfad der fehlerhaften Anwendung: daemonu.exe1
Pfad des fehlerhaften Moduls: daemonu.exe2
Berichtskennung: daemonu.exe3
Vollständiger Name des fehlerhaften Pakets: daemonu.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: daemonu.exe5

Error: (06/24/2014 05:30:19 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005


System errors:
=============
Error: (06/30/2014 08:53:58 PM) (Source: DCOM) (EventID: 10010) (User: WICHTLZWERG)
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}

Error: (06/30/2014 08:53:10 PM) (Source: DCOM) (EventID: 10010) (User: WICHTLZWERG)
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}

Error: (06/30/2014 08:52:12 PM) (Source: DCOM) (EventID: 10010) (User: WICHTLZWERG)
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}

Error: (06/27/2014 04:07:51 PM) (Source: DCOM) (EventID: 10010) (User: WICHTLZWERG)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (06/27/2014 04:07:51 PM) (Source: DCOM) (EventID: 10010) (User: WICHTLZWERG)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (06/25/2014 05:13:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/24/2014 04:44:47 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT-AUTORITÄT)
Description: Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x80080005

Error: (06/24/2014 04:44:47 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (06/24/2014 04:39:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/22/2014 01:13:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (07/02/2014 10:33:48 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/01/2014 10:36:54 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (06/30/2014 11:39:19 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (06/28/2014 09:27:38 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (06/27/2014 03:54:41 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (06/26/2014 08:59:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DllHost.exe6.2.9200.163845010888acombase.dll6.2.9200.16420505a976ec00000fd00025c44e7801cf9170b473a05cC:\WINDOWS\SysWOW64\DllHost.exeC:\WINDOWS\SYSTEM32\combase.dllf3f0b1d4-fd63-11e3-be77-40f02ff2e08a

Error: (06/26/2014 00:11:21 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (06/25/2014 06:58:32 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (06/25/2014 05:13:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: daemonu.exe4.11.9.15194eb80daemonu.exe4.11.9.15194eb80c000000500025fc57ac01cf8fba7ecbb029C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exeC:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe45f29c12-fc7b-11e3-be77-40f02ff2e08a

Error: (06/24/2014 05:30:19 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005


==================== Memory info =========================== 

Percentage of memory in use: 25%
Total physical RAM: 8104.27 MB
Available physical RAM: 6037.82 MB
Total Pagefile: 9320.27 MB
Available Pagefile: 7203.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:425.8 GB) (Free:378.93 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 237A1541)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
__________________

Alt 02.07.2014, 18:53   #4
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
http://www.searchnu.com/410 Mozilla Firefox - Standard

http://www.searchnu.com/410 Mozilla Firefox



Hi,

Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 2
Scan mit Malwarebytes Antimalware
Unter Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
Klicke im Anschluss auf "Suchlauf", wähle den Bedrohungssuchlauf aus, aktualisiere die Datenbanken und klicke auf "Suchlauf jetzt starten".
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. (geht so...)
Poste mir den Inhalt der Logdatei. Klicke dazu auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Suchlauf-Protokoll aus und klicke auf Ansicht. Klicke auf "In Zwischenablage kopieren" poste mir den Inhalt in Code-Tags als Antwort in den Thread.


Schritt 3



Bitte starte FRST erneut, und drücke auf Scan.
Bitte poste mir den Inhalt des Logs.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 02.07.2014, 19:30   #5
wurschthans
 
http://www.searchnu.com/410 Mozilla Firefox - Standard

http://www.searchnu.com/410 Mozilla Firefox



Hallo Jürgen,

das geht ja flott hier :-)

Also:


Code:
ATTFilter
# AdwCleaner v3.214 - Bericht erstellt am 02/07/2014 um 19:54:30
# Aktualisiert 29/06/2014 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : Katharina - WICHTLZWERG
# Gestartet von : C:\Users\Katharina\Downloads\adwcleaner_3.214.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Katharina\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\KATHAR~1\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Katharina\AppData\Roaming\pdfforge
Datei Gelöscht : C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.lnk
Datei Gelöscht : C:\Users\KATHAR~1\AppData\Local\Temp\Searchqu.ini
Datei Gelöscht : C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\ekrrck2g.default\searchplugins\Search_Results.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Schlüssel Gelöscht : HKCU\Software\OCS

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16921


-\\ Mozilla Firefox v30.0 (de)

[ Datei : C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\ekrrck2g.default\prefs.js ]

Zeile gelöscht : user_pref("browser.search.defaultenginename", "Search Results");
Zeile gelöscht : user_pref("browser.search.order.1", "Search Results");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "Search Results");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://www.searchnu.com/410");
Zeile gelöscht : user_pref("keyword.URL", "hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=410&sr=0&q=");

*************************

AdwCleaner[R0].txt - [2925 octets] - [02/07/2014 19:53:20]
AdwCleaner[S0].txt - [2666 octets] - [02/07/2014 19:54:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2726 octets] ##########
         
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 02.07.2014
Suchlauf-Zeit: 20:01:35
Logdatei: 
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.07.02.05
Rootkit Datenbank: v2014.07.01.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: Katharina

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 300696
Verstrichene Zeit: 12 Min, 25 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Tiefer Rootkit-Suchlauf: Aktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)
         

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014
Ran by Katharina (administrator) on WICHTLZWERG on 02-07-2014 20:25:50
Running from C:\Users\Katharina\Downloads
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
() C:\Users\Katharina\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files (x86)\Lenovo\UserGuide\UserGuide.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-07-04] (IDT, Inc.)
HKLM\...\Run: [DolbyTrayApp] => c:\program files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778864 2013-08-30] (Synaptics Incorporated)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15794160 2014-02-12] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80368 2014-02-12] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960 2013-05-14] (Vimicro)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-18] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [183376 2014-05-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132224 2013-02-28] ( (Atheros Communications))
HKU\S-1-5-21-3349096550-3144467483-3537340833-1002\...\Run: [Amazon Music] => C:\Users\Katharina\AppData\Local\Amazon Music\Amazon Music Helper.exe [3162944 2014-06-24] ()
HKU\S-1-5-21-3349096550-3144467483-3537340833-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Amazon Music] => C:\Users\Katharina\AppData\Local\Amazon Music\Amazon Music Helper.exe [3162944 2014-06-24] ()
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [245872 2013-05-24] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [201576 2013-05-24] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: SugarSyncBackedUp -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncPending -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncRoot -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncShared -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = 
SearchScopes: HKLM - {14810DE1-195E-4F23-B623-860FE40A0752} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {14810DE1-195E-4F23-B623-860FE40A0752} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
SearchScopes: HKCU - {14810DE1-195E-4F23-B623-860FE40A0752} URL = 
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\ekrrck2g.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\ekrrck2g.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-06-21]
FF Extension: Ghostery - C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\ekrrck2g.default\Extensions\firefox@ghostery.com.xpi [2014-06-21]
FF Extension: Adblock Plus - C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\ekrrck2g.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-21]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227968 2013-02-28] (Qualcomm Atheros Commnucations)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [123984 2014-05-14] (Avira Operations GmbH & Co. KG)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-17] (Intel Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [337920 2013-07-04] (IDT, Inc.) [File not signed]
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-02-12] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-02-28] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-05-27] (Avira Operations GmbH & Co. KG)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-02-28] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [100184 2013-04-09] (Intel Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-30] (Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2014-06-22] (Duplex Secure Ltd.)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1064704 2013-05-31] (Vimicro Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-02 19:53 - 2014-07-02 19:54 - 00000000 ____D () C:\AdwCleaner
2014-07-02 19:52 - 2014-07-02 19:52 - 01346519 _____ () C:\Users\Katharina\Downloads\adwcleaner_3.214.exe
2014-07-02 19:38 - 2014-07-02 19:38 - 00019179 _____ () C:\Users\Katharina\Downloads\Addition.txt
2014-07-02 19:37 - 2014-07-02 20:25 - 00013487 _____ () C:\Users\Katharina\Downloads\FRST.txt
2014-07-02 19:37 - 2014-07-02 20:25 - 00000000 ____D () C:\FRST
2014-07-02 19:36 - 2014-07-02 19:36 - 02083840 _____ (Farbar) C:\Users\Katharina\Downloads\FRST64.exe
2014-07-02 18:59 - 2014-07-02 20:01 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-02 18:58 - 2014-07-02 18:58 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-02 18:58 - 2014-07-02 18:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-02 18:58 - 2014-07-02 18:58 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-02 18:58 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-02 18:58 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-07-02 18:58 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-07-02 18:57 - 2014-07-02 18:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Katharina\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-01 18:30 - 2014-07-01 18:42 - 00017536 _____ () C:\Users\Katharina\Desktop\Menüpläne.odt
2014-07-01 09:39 - 2014-07-01 09:39 - 00001046 _____ () C:\Users\Public\Desktop\PDFCreator.lnk
2014-07-01 09:39 - 2014-07-01 09:39 - 00000000 ____D () C:\ProgramData\PDF Architect 2
2014-07-01 09:39 - 2014-07-01 09:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2014-07-01 09:38 - 2014-07-01 09:39 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-07-01 09:38 - 2014-04-25 17:44 - 00137000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMAPI32.OCX
2014-07-01 09:38 - 2014-04-25 17:44 - 00110264 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll
2014-07-01 09:38 - 2014-04-25 17:44 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPIDE.DLL
2014-07-01 09:38 - 1998-07-06 18:56 - 00125712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6DE.DLL
2014-07-01 09:38 - 1998-07-06 18:55 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCMCDE.DLL
2014-07-01 09:38 - 1998-07-06 18:55 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCC2DE.DLL
2014-07-01 09:37 - 2014-07-01 09:37 - 27843432 _____ (pdfforge ) C:\Users\Katharina\Downloads\PDFCreator-1_7_3_setup.exe
2014-07-01 09:17 - 2013-09-01 12:59 - 01103872 _____ () C:\WINDOWS\SysWOW64\CBLCtlsU.ocx
2014-07-01 09:17 - 2013-07-13 12:15 - 00805376 _____ () C:\WINDOWS\SysWOW64\EditCtlsU.ocx
2014-07-01 09:17 - 2013-07-12 22:57 - 00539648 _____ () C:\WINDOWS\SysWOW64\LblCtlsU.ocx
2014-07-01 09:17 - 2013-04-05 13:55 - 00476160 _____ () C:\WINDOWS\SysWOW64\TabStripCtlU.ocx
2014-07-01 09:17 - 2013-03-28 23:13 - 00645632 _____ () C:\WINDOWS\SysWOW64\BtnCtlsU.ocx
2014-07-01 09:17 - 2013-03-03 14:37 - 01061888 _____ () C:\WINDOWS\SysWOW64\ExLvwU.ocx
2014-07-01 09:16 - 2014-07-01 09:16 - 07873675 _____ (7-PDF, Germany - Th. Hodes ) C:\Users\Katharina\Downloads\7PDF_10_0_0_1840_CB-DL-Manager [1].exe
2014-07-01 09:15 - 2014-07-01 09:15 - 00788832 _____ ( ) C:\Users\Katharina\Downloads\7PDF_10_0_0_1840_CB-DL-Manager.exe
2014-07-01 09:04 - 2014-07-01 09:04 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-06-30 20:56 - 2014-06-30 20:56 - 00000000 ____D () C:\Users\Katharina\dwhelper
2014-06-30 20:42 - 2014-06-30 20:42 - 00001329 _____ () C:\Users\Katharina\Desktop\Easy Audio Cutter.lnk
2014-06-30 20:42 - 2014-06-30 20:42 - 00001313 _____ () C:\Users\Katharina\Desktop\Free CD Ripper.lnk
2014-06-30 20:42 - 2014-06-30 20:42 - 00001311 _____ () C:\Users\Katharina\Desktop\Free Mp3 Wma Converter.lnk
2014-06-30 20:42 - 2014-06-30 20:42 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\FreeAudioPack
2014-06-30 20:42 - 2014-06-30 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Audio Pack
2014-06-30 20:42 - 2014-06-30 20:42 - 00000000 ____D () C:\Program Files (x86)\Free mp3 Wma Converter
2014-06-30 20:42 - 2014-04-25 17:44 - 01070152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCTL.OCX
2014-06-30 20:42 - 2011-09-29 14:20 - 02084864 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\AudDesign.dll
2014-06-30 20:42 - 2011-09-29 14:20 - 01986560 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\AudFile.dll
2014-06-30 20:42 - 2011-09-29 14:20 - 01212416 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\AudioInfos.dll
2014-06-30 20:42 - 2011-09-29 14:20 - 00484352 _____ () C:\WINDOWS\SysWOW64\lame_enc.dll
2014-06-30 20:42 - 2011-09-29 14:20 - 00479232 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\AudioVisu.dll
2014-06-30 20:42 - 2011-09-29 14:20 - 00458752 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\AudPlayer.dll
2014-06-30 20:42 - 2011-09-29 14:20 - 00454656 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\AudioRecord.dll
2014-06-30 20:42 - 2011-09-29 14:20 - 00417792 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\AudDisplay.dll
2014-06-30 20:42 - 2011-09-29 14:20 - 00348160 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\WMAFile.dll
2014-06-30 20:42 - 2011-09-29 14:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr70.dll
2014-06-30 20:42 - 2011-09-29 14:20 - 00164144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COMCT232.OCX
2014-06-30 20:42 - 2011-09-29 14:20 - 00116296 _____ () C:\WINDOWS\SysWOW64\NCTWMAProfiles.prx
2014-06-30 20:42 - 2011-09-29 14:19 - 00662288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCT2.OCX
2014-06-30 20:42 - 2011-09-29 14:19 - 00224016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TABCTL32.OCX
2014-06-30 20:42 - 2011-09-29 14:19 - 00152848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COMDLG32.OCX
2014-06-30 20:42 - 2011-09-29 14:19 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCMCFR.DLL
2014-06-30 20:42 - 2011-09-29 14:19 - 00119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6FR.DLL
2014-06-30 20:42 - 2011-09-29 14:19 - 00115920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinet.OCX
2014-06-30 20:42 - 2011-09-29 14:19 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6STKIT.DLL
2014-06-30 20:42 - 2011-09-29 14:19 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Mscc2fr.dll
2014-06-30 20:42 - 2011-09-29 14:19 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMDLGFR.DLL
2014-06-30 20:42 - 2011-09-29 14:19 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TABCTFR.DLL
2014-06-30 20:42 - 2011-09-29 14:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetfr.DLL
2014-06-30 20:40 - 2014-06-30 20:40 - 00961360 _____ (Chip Digital GmbH) C:\Users\Katharina\Downloads\Free Mp3 Wma Converter - CHIP-Installer.exe
2014-06-30 20:32 - 2014-06-30 20:32 - 00001163 _____ () C:\Users\Katharina\Desktop\Amazon Music.lnk
2014-06-30 20:31 - 2014-06-30 20:31 - 38534920 _____ (Amazon) C:\Users\Katharina\Downloads\AmazonMusicInstaller.exe
2014-06-30 20:26 - 2014-06-30 20:27 - 09659608 _____ () C:\Users\Katharina\Downloads\AmazonMusicImporterInstaller-2.1.0._V337128703_.exe
2014-06-30 17:25 - 2014-06-30 17:25 - 00015074 _____ () C:\Users\Katharina\Documents\Saisonkalender_Obst_Gemüse.odt
2014-06-30 16:28 - 2014-06-30 16:28 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-06-30 15:58 - 2014-06-30 15:58 - 00013441 _____ () C:\Users\Katharina\Documents\Unbenannt 1.odt
2014-06-29 09:34 - 2014-06-30 20:27 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Adobe
2014-06-27 20:26 - 2014-06-27 20:26 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Macromedia
2014-06-26 21:02 - 2014-06-26 21:02 - 00955246 _____ () C:\Users\Katharina\Desktop\Hochzeitstag 26082014.MVM
2014-06-26 20:59 - 2014-06-26 20:59 - 00000000 ____D () C:\Users\Katharina\AppData\Local\CrashDumps
2014-06-26 20:43 - 2014-06-26 20:43 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\WebApp
2014-06-26 20:40 - 2014-06-26 20:40 - 00000000 ____D () C:\Users\Katharina\Documents\Lenovo
2014-06-26 20:40 - 2014-06-26 20:40 - 00000000 ____D () C:\Users\Katharina\Documents\CyberLink
2014-06-26 20:40 - 2014-06-26 20:40 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Lenovo
2014-06-26 20:40 - 2014-06-26 20:40 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\CyberLink
2014-06-26 13:32 - 2014-06-26 20:50 - 00023040 ___SH () C:\Users\Katharina\Downloads\Thumbs.db
2014-06-26 13:30 - 2014-06-26 13:31 - 00000000 ____D () C:\ProgramData\MAGIX
2014-06-26 13:30 - 2014-06-26 13:30 - 00001051 _____ () C:\Users\Public\Desktop\MAGIX Slideshow Maker 2.lnk
2014-06-26 13:30 - 2014-06-26 13:30 - 00000000 ____D () C:\Users\Katharina\Documents\MAGIX
2014-06-26 13:30 - 2014-06-26 13:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2014-06-26 13:30 - 2014-06-26 13:30 - 00000000 ____D () C:\Program Files (x86)\MAGIX
2014-06-26 13:27 - 2014-06-26 13:31 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\MAGIX
2014-06-26 13:25 - 2014-06-26 13:25 - 00961360 _____ (Chip Digital GmbH) C:\Users\Katharina\Downloads\Vollversion Magix Slideshow Maker - CHIP-Installer.exe
2014-06-26 13:09 - 2014-06-26 13:10 - 00000000 ____D () C:\Users\Katharina\AppData\Local\AquaSoft
2014-06-26 13:09 - 2014-06-26 13:09 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\AquaSoft
2014-06-24 17:24 - 2014-07-01 21:00 - 00115712 ___SH () C:\Users\Katharina\Desktop\Thumbs.db
2014-06-24 17:24 - 2014-06-24 17:24 - 00144345 _____ () C:\Users\Katharina\Desktop\klarna agb.odt
2014-06-24 16:41 - 2014-06-24 16:41 - 00307760 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-06-24 16:40 - 2014-06-24 16:40 - 00000000 ____D () C:\sources
2014-06-24 16:39 - 2014-06-25 17:13 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\CrashDumps
2014-06-22 22:33 - 2014-04-19 11:39 - 00628024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationUI.exe
2014-06-22 22:33 - 2014-04-19 10:45 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-06-22 22:33 - 2014-04-19 10:45 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-22 22:33 - 2014-04-19 08:57 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-06-22 22:33 - 2014-04-19 08:57 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-22 13:08 - 2014-05-31 07:16 - 00703992 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-06-22 13:08 - 2014-05-31 07:16 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-22 13:05 - 2014-06-22 13:09 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-06-22 12:08 - 2014-06-22 12:08 - 00564824 _____ (Duplex Secure Ltd.) C:\WINDOWS\system32\Drivers\sptd.sys
2014-06-22 12:02 - 2014-06-22 12:02 - 00961360 _____ (Chip Digital GmbH) C:\Users\Katharina\Downloads\DiaShow Ultimate - CHIP-Installer.exe
2014-06-22 11:38 - 2014-06-22 11:40 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-22 11:38 - 2014-06-01 17:17 - 95414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-06-21 19:48 - 2014-05-27 17:12 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2014-06-21 19:48 - 2014-05-27 17:12 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2014-06-21 19:48 - 2014-05-27 17:12 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2014-06-21 19:45 - 2014-06-21 19:48 - 00000000 ____D () C:\ProgramData\Avira
2014-06-21 19:45 - 2014-06-21 19:48 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-06-21 19:45 - 2014-06-21 19:45 - 00001148 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-06-21 19:45 - 2014-06-21 19:45 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-21 19:45 - 2014-06-21 12:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-06-21 19:37 - 2014-06-21 19:37 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Nitro
2014-06-21 19:34 - 2014-07-02 20:00 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3349096550-3144467483-3537340833-1002
2014-06-21 19:30 - 2014-06-21 19:30 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Katharina\Downloads\avira_de_av___ws.exe
2014-06-21 19:28 - 2014-06-21 19:28 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Intel Corporation
2014-06-21 19:27 - 2014-06-21 19:27 - 00000000 ____D () C:\Users\Katharina\Documents\Bluetooth Folder
2014-06-21 19:27 - 2014-06-21 19:27 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Atheros
2014-06-21 19:27 - 2014-06-21 19:27 - 00000000 ____D () C:\Users\Katharina\AppData\Local\BMExplorer
2014-06-21 19:27 - 2014-06-21 19:27 - 00000000 ____D () C:\ProgramData\Atheros
2014-06-21 19:26 - 2014-06-30 20:56 - 00000000 ____D () C:\Users\Katharina
2014-06-21 19:26 - 2014-06-30 20:27 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Adobe
2014-06-21 19:26 - 2014-06-22 13:09 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Packages
2014-06-21 19:26 - 2014-06-21 19:27 - 00001133 _____ () C:\Users\Katharina\Desktop\Cyberlink Power2Go.lnk
2014-06-21 19:26 - 2014-06-21 19:26 - 00001453 _____ () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-21 19:26 - 2014-06-21 19:26 - 00000139 _____ () C:\Users\Public\Desktop\eBay.url
2014-06-21 19:26 - 2014-06-21 19:26 - 00000020 ___SH () C:\Users\Katharina\ntuser.ini
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Vorlagen
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Startmenü
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Netzwerkumgebung
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Lokale Einstellungen
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Eigene Dateien
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Druckumgebung
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Documents\Eigene Musik
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Documents\Eigene Bilder
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\AppData\Local\Verlauf
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\AppData\Local\Anwendungsdaten
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Anwendungsdaten
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Macromedia
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 ____D () C:\Users\Katharina\AppData\Local\VirtualStore
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 ____D () C:\ProgramData\eBay
2014-06-21 19:26 - 2014-02-13 00:19 - 00000000 ___RD () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-06-21 19:26 - 2014-02-13 00:16 - 00000000 ___RD () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-21 19:26 - 2014-02-12 16:10 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-06-21 19:26 - 2013-02-04 08:18 - 00000189 _____ () C:\Users\Katharina\Desktop\Lenovo Telephony Start Now.url
2014-06-21 19:26 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-21 19:26 - 2012-07-26 10:13 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Programme
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-06-21 19:13 - 2014-07-02 11:37 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\vlc
2014-06-21 19:13 - 2014-06-21 19:13 - 00000882 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-06-21 19:13 - 2014-06-21 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-06-21 19:13 - 2014-06-21 19:13 - 00000000 ____D () C:\Program Files\VideoLAN
2014-06-21 19:11 - 2014-06-21 19:11 - 25055851 _____ () C:\Users\Katharina\Downloads\vlc-2.1.4-win64.exe
2014-06-21 14:09 - 2014-06-21 14:10 - 00000000 ____D () C:\ProgramData\tmp
2014-06-21 14:09 - 2014-06-21 14:10 - 00000000 ____D () C:\ProgramData\hps
2014-06-21 14:09 - 2014-06-21 14:09 - 00547393 _____ () C:\Users\Katharina\Downloads\uninstall.exe
2014-06-21 14:09 - 2014-06-21 14:09 - 00000818 _____ () C:\Users\Public\Desktop\CEWE FOTOSCHAU.lnk
2014-06-21 14:09 - 2014-06-21 14:09 - 00000803 _____ () C:\Users\Public\Desktop\dm-Fotowelt.lnk
2014-06-21 14:09 - 2014-06-21 14:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dm-Fotowelt
2014-06-21 14:07 - 2014-06-21 14:09 - 00000000 ____D () C:\Users\Katharina\Downloads\Resources
2014-06-21 14:07 - 2014-06-21 14:07 - 00000000 ____D () C:\Users\Katharina\Downloads\printsupport
2014-06-21 14:07 - 2014-06-21 14:07 - 00000000 ____D () C:\Users\Katharina\Downloads\platforms
2014-06-21 14:07 - 2014-06-21 14:07 - 00000000 ____D () C:\Users\Katharina\Downloads\orderprocessors
2014-06-21 14:07 - 2014-06-21 14:07 - 00000000 ____D () C:\Users\Katharina\Downloads\imageformats
2014-06-21 14:07 - 2014-04-03 09:09 - 01100288 _____ () C:\Users\Katharina\Downloads\CWTemplates.dll
2014-06-21 14:07 - 2014-04-03 09:09 - 00932864 _____ () C:\Users\Katharina\Downloads\CWAPM.dll
2014-06-21 14:07 - 2014-04-03 09:09 - 00578048 _____ () C:\Users\Katharina\Downloads\CWModelBase.dll
2014-06-21 14:07 - 2014-04-03 09:09 - 00572416 _____ () C:\Users\Katharina\Downloads\CWStartScreen.dll
2014-06-21 14:07 - 2014-04-03 09:09 - 00509952 _____ () C:\Users\Katharina\Downloads\CWCustomer.dll
2014-06-21 14:07 - 2014-04-03 09:09 - 00451584 _____ () C:\Users\Katharina\Downloads\CWPriceListDialog.dll
2014-06-21 14:07 - 2014-04-03 09:09 - 00396800 _____ () C:\Users\Katharina\Downloads\CWCalendar.dll
2014-06-21 14:07 - 2014-04-03 09:09 - 00352256 _____ () C:\Users\Katharina\Downloads\CWNetworkingXTCI.dll
2014-06-21 14:07 - 2014-04-03 09:09 - 00089600 _____ () C:\Users\Katharina\Downloads\CWRegionOfInterest.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 01309696 _____ () C:\Users\Katharina\Downloads\CWGUIWidgets.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 01226752 _____ () C:\Users\Katharina\Downloads\CWFoto.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00849920 _____ () C:\Users\Katharina\Downloads\CWCore.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00710144 _____ () C:\Users\Katharina\Downloads\CWImageProcessing.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00664064 _____ () C:\Users\Katharina\Downloads\CWProductProperties.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00458752 _____ () C:\Users\Katharina\Downloads\CWXML.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00422912 _____ () C:\Users\Katharina\Downloads\CWImageLoader.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00350208 _____ () C:\Users\Katharina\Downloads\CWImageProcessingGUI.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00220672 _____ () C:\Users\Katharina\Downloads\CWNetworking.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00209408 _____ () C:\Users\Katharina\Downloads\CWFotoschauDLL.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00204288 _____ () C:\Users\Katharina\Downloads\CWAssistant.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00192512 _____ () C:\Users\Katharina\Downloads\CWVideoAnalysis.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00168960 _____ () C:\Users\Katharina\Downloads\CWGeoLocation.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00122368 _____ () C:\Users\Katharina\Downloads\CWProductBase.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00019968 _____ () C:\Users\Katharina\Downloads\facedetection.exe
2014-06-21 14:07 - 2014-03-07 10:32 - 02340352 _____ (Smaller Animals Software, Inc.) C:\Users\Katharina\Downloads\_ISource50.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 21603328 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5WebKit.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 05216256 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Widgets.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 04941312 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Gui.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 04687360 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Core.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 03280384 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5V8.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 02407424 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Quick.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 01936896 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Qml.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 01242112 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Script.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 01035264 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Network.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 01018368 _____ (FotoNation Inc.) C:\Users\Katharina\Downloads\Face.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 00677376 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Multimedia.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 00352256 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5OpenGL.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 00269312 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5PrintSupport.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 00255488 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Svg.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 00226816 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5WebKitWidgets.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 00199680 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Xml.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 00198656 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Sql.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 00180736 _____ (FotoNation Inc.) C:\Users\Katharina\Downloads\RedEye.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 00173568 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Sensors.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 00099328 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5MultimediaWidgets.dll
2014-06-21 14:07 - 2013-11-27 13:29 - 06205952 _____ () C:\Users\Katharina\Downloads\avcodec-54.dll
2014-06-21 14:07 - 2013-11-27 13:29 - 01368576 _____ (ImageMagick Studio) C:\Users\Katharina\Downloads\CORE_RL_magick_.dll
2014-06-21 14:07 - 2013-11-27 13:29 - 01286144 _____ (The ICU Project) C:\Users\Katharina\Downloads\icuuc50.dll
2014-06-21 14:07 - 2013-11-27 13:29 - 00307712 _____ () C:\Users\Katharina\Downloads\avutil-52.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 20785664 _____ (The ICU Project) C:\Users\Katharina\Downloads\icudt50.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 05718872 _____ (Microsoft Corporation) C:\Users\Katharina\Downloads\vcredist2010_x64.exe
2014-06-21 14:07 - 2013-11-27 13:28 - 01629696 _____ (The ICU Project) C:\Users\Katharina\Downloads\icuin50.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 01505280 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\Katharina\Downloads\libeay32.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 01419776 _____ () C:\Users\Katharina\Downloads\exiv2.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 01374720 _____ () C:\Users\Katharina\Downloads\avformat-54.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00730112 _____ (ImageMagick Studio LLC) C:\Users\Katharina\Downloads\CORE_RL_wand_.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00530944 _____ () C:\Users\Katharina\Downloads\avfilter-3.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00466432 _____ () C:\Users\Katharina\Downloads\IccProfLib0.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00449536 _____ () C:\Users\Katharina\Downloads\CORE_RL_Magick++_.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00361472 _____ () C:\Users\Katharina\Downloads\swscale-2.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00354304 _____ (hxxp://hunspell.sourceforge.net/) C:\Users\Katharina\Downloads\libhunspell.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00347648 _____ () C:\Users\Katharina\Downloads\libwebp.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00325120 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\Katharina\Downloads\ssleay32.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00156672 _____ () C:\Users\Katharina\Downloads\libexpat.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00150528 _____ () C:\Users\Katharina\Downloads\swresample-0.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00105472 _____ () C:\Users\Katharina\Downloads\avdevice-54.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00086528 _____ () C:\Users\Katharina\Downloads\HE_3D2anaglyph.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00069120 _____ () C:\Users\Katharina\Downloads\zlib1.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00029696 _____ (TODO: <Firmenname>) C:\Users\Katharina\Downloads\ImapiBurner.dll
2014-06-21 14:06 - 2014-06-21 14:09 - 00000000 _____ () C:\Users\Katharina\Downloads\temp.txt
2014-06-21 14:06 - 2014-06-21 14:06 - 00001332 _____ () C:\Users\Katharina\Downloads\38-index-5.1.5.txt
2014-06-21 14:06 - 2014-04-03 09:09 - 07558656 _____ () C:\Users\Katharina\Downloads\dm-Fotowelt.exe
2014-06-21 14:06 - 2014-04-01 15:55 - 01532928 _____ () C:\Users\Katharina\Downloads\CEWE FOTOSCHAU.exe
2014-06-21 14:06 - 2014-04-01 15:55 - 00436736 _____ () C:\Users\Katharina\Downloads\CEWE FOTOIMPORTER.exe
2014-06-21 14:05 - 2014-06-21 14:05 - 01628432 _____ () C:\Users\Katharina\Downloads\setup_dm_Fotowelt.exe
2014-06-21 13:50 - 2014-06-21 13:50 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-21 13:50 - 2014-06-21 13:50 - 00002030 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-06-21 13:50 - 2014-06-21 13:50 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-06-21 13:48 - 2014-06-21 13:49 - 75151232 _____ (Adobe Systems Incorporated) C:\Users\Katharina\Downloads\AdbeRdr11007_de_DE.exe
2014-06-21 13:36 - 2014-06-21 13:36 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.0.lnk
2014-06-21 13:36 - 2014-06-21 13:36 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2014-06-21 13:36 - 2014-06-21 13:36 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\OpenOffice
2014-06-21 13:35 - 2014-06-21 13:36 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-06-21 13:27 - 2014-06-21 13:27 - 00961360 _____ (Chip Digital GmbH) C:\Users\Katharina\Downloads\OpenOffice - CHIP-Installer.exe
2014-06-21 13:24 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-06-21 13:24 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-06-21 13:24 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2014-06-21 13:24 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2014-06-21 13:24 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2014-06-21 13:24 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-06-21 13:24 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-06-21 13:24 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-06-21 13:24 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-06-21 13:24 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-06-21 13:24 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-06-21 13:24 - 2013-08-10 07:21 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-06-21 13:24 - 2013-08-10 07:21 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncInfo.dll
2014-06-21 13:24 - 2013-08-10 05:58 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-06-21 13:24 - 2013-08-03 08:40 - 01374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2014-06-21 13:24 - 2013-08-03 08:40 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll
2014-06-21 13:24 - 2013-08-03 08:40 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmon.ocx
2014-06-21 13:24 - 2013-08-03 07:14 - 00399360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2014-06-21 13:24 - 2013-08-03 07:13 - 01245696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2014-06-21 13:24 - 2013-08-03 07:13 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll
2014-06-21 13:24 - 2013-08-02 08:28 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2014-06-21 13:24 - 2013-08-02 07:08 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2014-06-21 13:24 - 2013-07-25 01:10 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2014-06-21 13:24 - 2013-07-25 01:06 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2014-06-21 13:24 - 2013-04-10 01:17 - 01125888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2014-06-21 13:24 - 2013-04-10 00:29 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2014-06-21 13:17 - 2014-04-30 00:32 - 01301504 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-21 13:17 - 2014-04-30 00:22 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-21 13:17 - 2013-10-10 13:53 - 00096600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-06-21 13:17 - 2013-10-10 11:21 - 01160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-06-21 13:17 - 2013-10-10 11:20 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-06-21 13:17 - 2013-09-04 05:11 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-06-21 13:16 - 2014-05-03 07:47 - 03246592 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-21 13:16 - 2014-05-03 05:34 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-06-21 13:16 - 2014-04-03 13:19 - 00328024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-06-21 13:16 - 2014-04-03 05:44 - 00619008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-06-21 13:16 - 2014-04-01 00:08 - 00387268 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-06-21 13:16 - 2014-03-28 10:23 - 19759104 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-06-21 13:16 - 2014-03-28 08:18 - 17562112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-06-21 13:16 - 2014-03-25 01:42 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-06-21 13:16 - 2014-03-25 00:56 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-06-21 13:16 - 2013-10-19 07:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-06-21 13:16 - 2013-10-19 06:04 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-06-21 13:16 - 2013-08-16 07:41 - 00058200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2014-06-21 13:16 - 2013-08-16 07:39 - 02371728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-06-21 13:16 - 2013-08-16 07:22 - 04917760 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-06-21 13:16 - 2013-08-16 07:21 - 01164288 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2014-06-21 13:16 - 2013-08-16 07:21 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2014-06-21 13:16 - 2013-08-16 07:21 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-06-21 13:16 - 2013-08-16 07:21 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2014-06-21 13:16 - 2013-08-16 07:21 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
2014-06-21 13:16 - 2013-08-16 07:21 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2014-06-21 13:16 - 2013-08-16 07:21 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcln.dll
2014-06-21 13:16 - 2013-08-16 07:20 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2014-06-21 13:16 - 2013-08-16 00:43 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-06-21 13:16 - 2013-08-16 00:43 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll
2014-06-21 13:16 - 2013-08-16 00:43 - 00083968 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-06-21 13:16 - 2013-08-16 00:42 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2014-06-21 13:16 - 2013-08-16 00:42 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupcln.dll
2014-06-21 13:16 - 2013-07-06 02:15 - 00652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2014-06-21 13:16 - 2013-07-04 04:13 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2014-06-21 13:15 - 2014-03-28 21:19 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-06-21 13:15 - 2014-03-24 00:11 - 00269592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-06-21 13:15 - 2013-12-09 02:45 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-06-21 13:15 - 2013-12-09 01:59 - 00600064 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-06-21 13:15 - 2013-10-09 03:33 - 00059416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-06-21 13:15 - 2013-10-09 00:30 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-06-21 13:15 - 2013-10-09 00:30 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-06-21 13:15 - 2013-10-09 00:30 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-06-21 13:15 - 2013-10-09 00:30 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-06-21 13:15 - 2013-10-09 00:28 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-06-21 13:15 - 2013-10-09 00:27 - 03279872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-06-21 13:15 - 2013-10-09 00:27 - 01622016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-06-21 13:15 - 2013-10-09 00:27 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-06-21 13:15 - 2013-10-09 00:27 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-06-21 13:15 - 2013-10-09 00:27 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-06-21 13:15 - 2013-10-09 00:27 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-06-21 13:15 - 2013-10-09 00:27 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-06-21 13:15 - 2013-10-05 08:10 - 00285016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-06-21 13:15 - 2013-10-02 04:50 - 00447320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-06-21 13:15 - 2013-09-28 07:48 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-06-21 13:15 - 2013-09-28 05:58 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-06-21 13:15 - 2013-09-19 09:32 - 01455448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-06-21 13:15 - 2013-09-14 00:36 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ubpm.dll
2014-06-21 13:15 - 2013-09-14 00:33 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-06-21 13:15 - 2013-08-30 07:43 - 00061784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2014-06-21 13:15 - 2013-08-30 07:20 - 01173504 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2014-06-21 13:15 - 2013-08-30 07:19 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-06-21 13:15 - 2013-08-30 07:18 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-06-21 13:15 - 2013-08-30 01:48 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2014-06-21 13:15 - 2013-08-30 01:48 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-06-21 13:15 - 2013-08-30 01:47 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-06-21 13:15 - 2013-08-21 08:39 - 00465240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-06-21 13:15 - 2013-08-16 07:21 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-06-21 13:15 - 2013-08-16 07:21 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-06-21 13:15 - 2013-08-16 00:43 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-06-21 13:15 - 2013-08-10 08:30 - 00151896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2014-06-21 13:15 - 2013-07-25 01:10 - 10799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-06-21 13:15 - 2013-07-25 01:07 - 13661696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-06-21 13:15 - 2013-07-06 00:02 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbcir.sys
2014-06-21 13:15 - 2013-07-06 00:01 - 00210560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2014-06-21 13:15 - 2013-07-02 00:14 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbprint.sys
2014-06-21 13:15 - 2013-06-22 07:45 - 00785624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2014-06-21 13:15 - 2013-06-22 07:45 - 00054488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys
2014-06-21 13:14 - 2014-05-24 04:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-21 13:14 - 2014-05-24 04:47 - 02239488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-21 13:14 - 2014-05-24 04:47 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-21 13:14 - 2014-05-24 04:47 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-06-21 13:14 - 2014-05-24 04:47 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 19290112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 15368704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 03958784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 02650112 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-21 13:14 - 2014-05-24 04:45 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-21 13:14 - 2014-05-24 04:45 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-21 13:14 - 2014-05-24 04:45 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-21 13:14 - 2014-05-24 03:26 - 14365696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-21 13:14 - 2014-05-24 03:26 - 01766400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-21 13:14 - 2014-05-24 03:26 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-21 13:14 - 2014-05-24 03:26 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-21 13:14 - 2014-05-24 03:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-21 13:14 - 2014-05-24 03:26 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-21 13:14 - 2014-05-24 03:26 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-06-21 13:14 - 2014-05-24 03:25 - 13731328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-21 13:14 - 2014-05-24 03:25 - 02862080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-21 13:14 - 2014-05-24 03:25 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-21 13:14 - 2014-05-24 03:25 - 01440768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-21 13:14 - 2014-05-24 03:25 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-06-21 13:14 - 2014-05-24 03:25 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-21 13:14 - 2014-05-24 03:25 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-21 13:14 - 2014-05-24 03:25 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-06-21 13:14 - 2014-05-24 03:25 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-21 13:14 - 2014-05-24 03:25 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-21 13:14 - 2014-05-24 03:25 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-21 13:14 - 2014-05-24 03:09 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-06-21 13:14 - 2014-05-24 03:03 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-06-21 13:14 - 2014-05-24 00:37 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-06-21 13:14 - 2014-02-08 06:34 - 04036608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-06-21 13:14 - 2013-10-02 01:37 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-06-21 13:14 - 2013-10-02 01:26 - 01890816 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-06-21 13:14 - 2013-07-09 10:04 - 00120144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-06-21 13:14 - 2013-07-09 08:18 - 00439488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-06-21 13:14 - 2013-07-09 06:25 - 00385768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-06-21 13:14 - 2013-07-09 05:57 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-06-21 13:14 - 2013-07-09 00:46 - 00543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-06-21 13:14 - 2013-07-09 00:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-06-21 13:14 - 2013-07-09 00:46 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanadvui.dll
2014-06-21 13:14 - 2013-07-09 00:45 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-06-21 13:14 - 2013-07-06 02:16 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-06-21 13:14 - 2013-07-03 02:23 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2014-06-21 13:14 - 2013-07-03 02:22 - 02839552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-06-21 13:14 - 2013-07-03 02:11 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2014-06-21 13:14 - 2013-07-03 02:10 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-06-21 13:14 - 2013-07-01 00:30 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\openfiles.exe
2014-06-21 13:14 - 2013-07-01 00:29 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\openfiles.exe
2014-06-21 13:14 - 2013-06-29 08:15 - 00195416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-06-21 13:14 - 2013-06-29 08:15 - 00125784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-06-21 13:14 - 2013-06-26 05:01 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2014-06-21 13:14 - 2013-06-26 04:59 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HdAudio.sys
2014-06-21 13:14 - 2013-06-25 00:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2014-06-21 13:14 - 2013-06-25 00:54 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2014-06-21 13:14 - 2013-06-25 00:54 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-06-21 13:14 - 2013-06-19 07:36 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-06-21 13:14 - 2013-06-19 07:36 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-06-21 13:14 - 2013-06-19 00:38 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-06-21 13:14 - 2013-06-19 00:38 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-06-21 13:14 - 2013-06-12 01:43 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2014-06-21 13:14 - 2013-06-12 01:26 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2014-06-21 13:14 - 2013-06-10 21:16 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-06-21 13:14 - 2013-06-10 21:15 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-06-21 13:14 - 2013-06-10 21:10 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-06-21 13:14 - 2013-06-10 21:10 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-06-21 13:14 - 2013-06-06 10:03 - 00119040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-06-21 13:14 - 2013-05-24 01:02 - 01314816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-06-21 13:14 - 2013-05-24 00:25 - 00694272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-06-21 13:13 - 2014-04-12 11:27 - 00172888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-06-21 13:13 - 2014-04-12 11:10 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2014-06-21 13:13 - 2014-04-12 11:09 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2014-06-21 13:13 - 2014-04-12 11:09 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-06-21 13:13 - 2014-04-12 11:09 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2014-06-21 13:13 - 2014-04-12 11:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2014-06-21 13:13 - 2014-04-12 11:08 - 01281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-06-21 13:13 - 2014-04-12 11:08 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-06-21 13:13 - 2014-04-12 11:08 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2014-06-21 13:13 - 2014-04-12 11:08 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2014-06-21 13:13 - 2014-04-12 11:07 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2014-06-21 13:13 - 2014-04-12 09:23 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2014-06-21 13:13 - 2014-04-12 09:23 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-06-21 13:13 - 2014-04-12 09:23 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2014-06-21 13:13 - 2014-04-12 09:23 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll
2014-06-21 13:13 - 2014-04-12 09:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2014-06-21 13:13 - 2014-04-12 09:22 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-06-21 13:13 - 2014-04-12 09:22 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2014-06-21 13:13 - 2014-04-12 08:58 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\workerdd.dll
2014-06-21 13:13 - 2014-03-11 05:32 - 06987096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-06-21 13:13 - 2014-03-11 05:25 - 00100184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2014-06-21 13:13 - 2014-03-11 02:41 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2014-06-21 13:13 - 2014-03-11 02:41 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-06-21 13:13 - 2014-03-11 02:41 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dimsroam.dll
2014-06-21 13:13 - 2014-03-11 02:39 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2014-06-21 13:13 - 2014-03-11 02:38 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-06-21 13:13 - 2014-03-11 02:38 - 00684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2014-06-21 13:13 - 2014-03-11 02:38 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-06-21 13:13 - 2014-03-11 02:38 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2014-06-21 13:13 - 2014-03-11 02:38 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2014-06-21 13:13 - 2014-03-11 02:38 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dimsroam.dll
2014-06-21 13:13 - 2014-03-11 02:38 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2014-06-21 13:13 - 2014-03-10 05:05 - 00668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-06-21 13:13 - 2014-03-10 03:27 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2014-06-21 13:13 - 2014-03-04 01:07 - 00570216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-06-21 13:13 - 2013-12-05 01:43 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-06-21 13:13 - 2013-12-05 01:37 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-06-21 13:13 - 2013-10-31 07:56 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2014-06-21 13:13 - 2013-10-31 07:56 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2014-06-21 13:13 - 2013-10-31 06:01 - 00550400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2014-06-21 13:13 - 2013-10-31 05:42 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2014-06-21 13:13 - 2013-10-13 22:49 - 00100696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys
2014-06-21 13:13 - 2013-08-27 07:21 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-06-21 13:13 - 2013-08-27 07:19 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-06-21 13:13 - 2013-08-27 00:29 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-06-21 13:13 - 2013-08-27 00:28 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-06-21 13:13 - 2013-07-20 00:13 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-06-21 13:13 - 2013-07-20 00:13 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-06-21 13:13 - 2013-07-13 08:18 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-06-21 13:13 - 2013-07-13 08:16 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2014-06-21 13:13 - 2013-07-13 08:15 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2014-06-21 13:13 - 2013-07-13 08:15 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2014-06-21 13:13 - 2013-07-13 06:24 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-06-21 13:13 - 2013-07-13 06:23 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2014-06-21 13:13 - 2013-07-13 06:23 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2014-06-21 13:13 - 2013-07-01 03:42 - 00623448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-06-21 13:13 - 2013-07-01 03:42 - 00498008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-06-21 13:13 - 2013-07-01 03:42 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-06-21 13:13 - 2013-07-01 03:42 - 00021848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-06-21 13:13 - 2013-06-29 05:07 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-06-21 13:13 - 2013-06-29 05:06 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-06-21 13:13 - 2013-05-27 01:17 - 00035328 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2014-06-21 13:13 - 2013-05-27 00:59 - 00046080 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2014-06-21 13:13 - 2013-05-25 05:15 - 00362496 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2014-06-21 13:13 - 2013-05-25 04:32 - 00300032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2014-06-21 13:12 - 2014-04-03 13:22 - 02233176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-21 13:12 - 2014-03-28 10:23 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-06-21 13:12 - 2014-03-07 02:47 - 01419264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-21 13:12 - 2014-03-07 02:08 - 01845760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-21 13:12 - 2014-02-06 01:41 - 00595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-06-21 13:12 - 2014-02-06 01:37 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-06-21 13:12 - 2014-01-31 02:48 - 01339392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-06-21 13:12 - 2014-01-31 02:06 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-06-21 13:12 - 2014-01-13 01:30 - 02238976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-06-21 13:12 - 2014-01-13 01:30 - 02032640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-06-21 13:12 - 2013-11-23 08:43 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-06-21 13:12 - 2013-11-23 07:05 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-06-21 13:12 - 2013-11-20 02:15 - 03842560 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-06-21 13:12 - 2013-11-20 01:57 - 03288576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-06-21 13:12 - 2013-10-10 11:32 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2014-06-21 13:12 - 2013-10-10 11:30 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2014-06-21 13:12 - 2013-10-10 11:30 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-06-21 13:12 - 2013-10-10 11:24 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2014-06-21 13:12 - 2013-10-10 11:23 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2014-06-21 13:12 - 2013-10-10 11:22 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2014-06-21 13:12 - 2013-10-10 11:22 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-06-21 13:12 - 2013-10-02 01:37 - 02035712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-06-21 13:12 - 2013-10-02 01:26 - 02304512 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-06-21 13:12 - 2013-09-28 05:35 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2014-06-21 13:12 - 2013-08-23 09:22 - 02062848 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-06-21 13:12 - 2013-08-23 03:44 - 01711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-06-21 13:12 - 2013-08-07 07:15 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssdisai.dll
2014-06-21 13:12 - 2013-08-02 08:28 - 10116608 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-06-21 13:12 - 2013-08-02 07:08 - 08858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-06-21 13:12 - 2013-07-02 03:41 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-06-21 13:12 - 2013-07-02 03:41 - 00213336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2014-06-21 13:12 - 2013-03-22 05:49 - 02382336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2014-06-21 13:12 - 2013-03-22 00:47 - 02851840 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2014-06-21 13:11 - 2014-03-01 11:47 - 01258496 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-06-21 13:11 - 2014-03-01 11:47 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-06-21 13:11 - 2014-03-01 10:07 - 01075200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-06-21 13:11 - 2014-03-01 08:59 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-06-21 13:11 - 2014-02-27 01:18 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-06-21 13:11 - 2014-02-27 01:18 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-06-21 13:11 - 2014-02-27 01:18 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-06-21 13:11 - 2014-02-15 06:15 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-06-21 13:11 - 2013-11-26 01:17 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-06-21 13:11 - 2013-11-01 07:38 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-06-21 13:11 - 2013-11-01 05:49 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-06-21 13:11 - 2013-06-29 05:08 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2014-06-21 13:05 - 2014-06-24 16:46 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-21 12:54 - 2014-06-30 20:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-21 12:54 - 2014-06-21 12:55 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Mozilla
2014-06-21 12:54 - 2014-06-21 12:55 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Mozilla
2014-06-21 12:54 - 2014-06-21 12:54 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-21 12:54 - 2014-06-21 12:54 - 00001162 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-21 12:53 - 2014-06-21 12:53 - 29677544 _____ (Mozilla) C:\Users\Katharina\Downloads\Firefox_Setup_de30.0.exe
2014-06-21 12:50 - 2014-06-21 12:49 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2014-06-21 12:49 - 2014-06-21 12:49 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Avira

==================== One Month Modified Files and Folders =======

2014-07-02 20:25 - 2014-07-02 19:37 - 00013487 _____ () C:\Users\Katharina\Downloads\FRST.txt
2014-07-02 20:25 - 2014-07-02 19:37 - 00000000 ____D () C:\FRST
2014-07-02 20:01 - 2014-07-02 18:59 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-02 20:00 - 2014-06-21 19:34 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3349096550-3144467483-3537340833-1002
2014-07-02 20:00 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-02 19:59 - 2014-02-13 00:09 - 00754172 _____ () C:\WINDOWS\system32\perfh007.dat
2014-07-02 19:59 - 2014-02-13 00:09 - 00156362 _____ () C:\WINDOWS\system32\perfc007.dat
2014-07-02 19:59 - 2012-07-26 09:28 - 01748838 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-02 19:55 - 2012-07-26 09:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-02 19:54 - 2014-07-02 19:53 - 00000000 ____D () C:\AdwCleaner
2014-07-02 19:54 - 2014-02-12 16:15 - 00002560 _____ () C:\WINDOWS\system32\VfService.trf
2014-07-02 19:54 - 2013-03-25 23:02 - 00142688 _____ () C:\WINDOWS\PFRO.log
2014-07-02 19:54 - 2012-07-26 07:26 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-02 19:52 - 2014-07-02 19:52 - 01346519 _____ () C:\Users\Katharina\Downloads\adwcleaner_3.214.exe
2014-07-02 19:38 - 2014-07-02 19:38 - 00019179 _____ () C:\Users\Katharina\Downloads\Addition.txt
2014-07-02 19:36 - 2014-07-02 19:36 - 02083840 _____ (Farbar) C:\Users\Katharina\Downloads\FRST64.exe
2014-07-02 19:31 - 2014-02-12 15:28 - 01459353 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-02 19:22 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\rescache
2014-07-02 18:58 - 2014-07-02 18:58 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-02 18:58 - 2014-07-02 18:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-02 18:58 - 2014-07-02 18:58 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-02 18:58 - 2014-07-02 18:57 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Katharina\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-02 11:37 - 2014-06-21 19:13 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\vlc
2014-07-01 21:00 - 2014-06-24 17:24 - 00115712 ___SH () C:\Users\Katharina\Desktop\Thumbs.db
2014-07-01 18:42 - 2014-07-01 18:30 - 00017536 _____ () C:\Users\Katharina\Desktop\Menüpläne.odt
2014-07-01 09:39 - 2014-07-01 09:39 - 00001046 _____ () C:\Users\Public\Desktop\PDFCreator.lnk
2014-07-01 09:39 - 2014-07-01 09:39 - 00000000 ____D () C:\ProgramData\PDF Architect 2
2014-07-01 09:39 - 2014-07-01 09:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2014-07-01 09:39 - 2014-07-01 09:38 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-07-01 09:37 - 2014-07-01 09:37 - 27843432 _____ (pdfforge ) C:\Users\Katharina\Downloads\PDFCreator-1_7_3_setup.exe
2014-07-01 09:16 - 2014-07-01 09:16 - 07873675 _____ (7-PDF, Germany - Th. Hodes ) C:\Users\Katharina\Downloads\7PDF_10_0_0_1840_CB-DL-Manager [1].exe
2014-07-01 09:15 - 2014-07-01 09:15 - 00788832 _____ ( ) C:\Users\Katharina\Downloads\7PDF_10_0_0_1840_CB-DL-Manager.exe
2014-07-01 09:14 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2014-07-01 09:04 - 2014-07-01 09:04 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-06-30 20:56 - 2014-06-30 20:56 - 00000000 ____D () C:\Users\Katharina\dwhelper
2014-06-30 20:56 - 2014-06-21 19:26 - 00000000 ____D () C:\Users\Katharina
2014-06-30 20:48 - 2012-07-26 09:21 - 00027033 _____ () C:\WINDOWS\setupact.log
2014-06-30 20:42 - 2014-06-30 20:42 - 00001329 _____ () C:\Users\Katharina\Desktop\Easy Audio Cutter.lnk
2014-06-30 20:42 - 2014-06-30 20:42 - 00001313 _____ () C:\Users\Katharina\Desktop\Free CD Ripper.lnk
2014-06-30 20:42 - 2014-06-30 20:42 - 00001311 _____ () C:\Users\Katharina\Desktop\Free Mp3 Wma Converter.lnk
2014-06-30 20:42 - 2014-06-30 20:42 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\FreeAudioPack
2014-06-30 20:42 - 2014-06-30 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Audio Pack
2014-06-30 20:42 - 2014-06-30 20:42 - 00000000 ____D () C:\Program Files (x86)\Free mp3 Wma Converter
2014-06-30 20:42 - 2014-06-21 12:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-30 20:40 - 2014-06-30 20:40 - 00961360 _____ (Chip Digital GmbH) C:\Users\Katharina\Downloads\Free Mp3 Wma Converter - CHIP-Installer.exe
2014-06-30 20:32 - 2014-06-30 20:32 - 00001163 _____ () C:\Users\Katharina\Desktop\Amazon Music.lnk
2014-06-30 20:31 - 2014-06-30 20:31 - 38534920 _____ (Amazon) C:\Users\Katharina\Downloads\AmazonMusicInstaller.exe
2014-06-30 20:27 - 2014-06-30 20:26 - 09659608 _____ () C:\Users\Katharina\Downloads\AmazonMusicImporterInstaller-2.1.0._V337128703_.exe
2014-06-30 20:27 - 2014-06-29 09:34 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Adobe
2014-06-30 20:27 - 2014-06-21 19:26 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Adobe
2014-06-30 17:25 - 2014-06-30 17:25 - 00015074 _____ () C:\Users\Katharina\Documents\Saisonkalender_Obst_Gemüse.odt
2014-06-30 16:28 - 2014-06-30 16:28 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-06-30 15:58 - 2014-06-30 15:58 - 00013441 _____ () C:\Users\Katharina\Documents\Unbenannt 1.odt
2014-06-27 20:26 - 2014-06-27 20:26 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Macromedia
2014-06-26 21:02 - 2014-06-26 21:02 - 00955246 _____ () C:\Users\Katharina\Desktop\Hochzeitstag 26082014.MVM
2014-06-26 20:59 - 2014-06-26 20:59 - 00000000 ____D () C:\Users\Katharina\AppData\Local\CrashDumps
2014-06-26 20:50 - 2014-06-26 13:32 - 00023040 ___SH () C:\Users\Katharina\Downloads\Thumbs.db
2014-06-26 20:43 - 2014-06-26 20:43 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\WebApp
2014-06-26 20:40 - 2014-06-26 20:40 - 00000000 ____D () C:\Users\Katharina\Documents\Lenovo
2014-06-26 20:40 - 2014-06-26 20:40 - 00000000 ____D () C:\Users\Katharina\Documents\CyberLink
2014-06-26 20:40 - 2014-06-26 20:40 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Lenovo
2014-06-26 20:40 - 2014-06-26 20:40 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\CyberLink
2014-06-26 20:40 - 2014-02-12 16:15 - 00000000 ____D () C:\ProgramData\Lenovo
2014-06-26 20:40 - 2014-02-12 16:08 - 00000000 ____D () C:\ProgramData\CyberLink
2014-06-26 13:31 - 2014-06-26 13:30 - 00000000 ____D () C:\ProgramData\MAGIX
2014-06-26 13:31 - 2014-06-26 13:27 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\MAGIX
2014-06-26 13:30 - 2014-06-26 13:30 - 00001051 _____ () C:\Users\Public\Desktop\MAGIX Slideshow Maker 2.lnk
2014-06-26 13:30 - 2014-06-26 13:30 - 00000000 ____D () C:\Users\Katharina\Documents\MAGIX
2014-06-26 13:30 - 2014-06-26 13:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2014-06-26 13:30 - 2014-06-26 13:30 - 00000000 ____D () C:\Program Files (x86)\MAGIX
2014-06-26 13:25 - 2014-06-26 13:25 - 00961360 _____ (Chip Digital GmbH) C:\Users\Katharina\Downloads\Vollversion Magix Slideshow Maker - CHIP-Installer.exe
2014-06-26 13:10 - 2014-06-26 13:09 - 00000000 ____D () C:\Users\Katharina\AppData\Local\AquaSoft
2014-06-26 13:09 - 2014-06-26 13:09 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\AquaSoft
2014-06-25 17:13 - 2014-06-24 16:39 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\CrashDumps
2014-06-25 08:21 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-06-24 17:24 - 2014-06-24 17:24 - 00144345 _____ () C:\Users\Katharina\Desktop\klarna agb.odt
2014-06-24 16:46 - 2014-06-21 13:05 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-24 16:41 - 2014-06-24 16:41 - 00307760 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-06-24 16:40 - 2014-06-24 16:40 - 00000000 ____D () C:\sources
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\WinStore
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\Com
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\Com
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-06-24 16:40 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-06-24 16:40 - 2012-07-26 09:52 - 00000000 ____D () C:\Program Files\Windows Journal
2014-06-24 16:40 - 2012-07-26 09:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\winrm
2014-06-24 16:40 - 2012-07-26 09:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-06-24 16:40 - 2012-07-26 09:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-06-24 16:40 - 2012-07-26 09:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\slmgr
2014-06-24 16:40 - 2012-07-26 09:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2014-06-24 16:40 - 2012-07-26 09:51 - 00000000 ____D () C:\WINDOWS\system32\winrm
2014-06-24 16:40 - 2012-07-26 09:51 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-06-24 16:40 - 2012-07-26 09:51 - 00000000 ____D () C:\WINDOWS\system32\slmgr
2014-06-24 16:40 - 2012-07-26 09:51 - 00000000 ____D () C:\WINDOWS\system32\Printing_Admin_Scripts
2014-06-24 16:40 - 2012-07-26 07:38 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2014-06-24 16:40 - 2012-07-26 07:38 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-06-24 16:40 - 2012-07-26 07:38 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-06-24 16:40 - 2012-07-26 07:38 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-06-24 16:40 - 2012-07-26 07:38 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-06-22 13:09 - 2014-06-22 13:05 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-06-22 13:09 - 2014-06-21 19:26 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Packages
2014-06-22 13:09 - 2013-03-25 23:03 - 00000000 ____D () C:\ProgramData\PRICache
2014-06-22 13:05 - 2012-07-26 10:12 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-06-22 13:05 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-22 13:05 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-22 13:05 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-06-22 13:05 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-06-22 13:04 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-06-22 12:08 - 2014-06-22 12:08 - 00564824 _____ (Duplex Secure Ltd.) C:\WINDOWS\system32\Drivers\sptd.sys
2014-06-22 12:02 - 2014-06-22 12:02 - 00961360 _____ (Chip Digital GmbH) C:\Users\Katharina\Downloads\DiaShow Ultimate - CHIP-Installer.exe
2014-06-22 11:40 - 2014-06-22 11:38 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-22 11:38 - 2012-07-26 07:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-06-21 19:48 - 2014-06-21 19:45 - 00000000 ____D () C:\ProgramData\Avira
2014-06-21 19:48 - 2014-06-21 19:45 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-06-21 19:45 - 2014-06-21 19:45 - 00001148 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-06-21 19:45 - 2014-06-21 19:45 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-21 19:41 - 2012-07-26 10:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-06-21 19:37 - 2014-06-21 19:37 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Nitro
2014-06-21 19:35 - 2014-02-12 16:17 - 00000000 ____D () C:\ProgramData\Energy Manager
2014-06-21 19:30 - 2014-06-21 19:30 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Katharina\Downloads\avira_de_av___ws.exe
2014-06-21 19:28 - 2014-06-21 19:28 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Intel Corporation
2014-06-21 19:27 - 2014-06-21 19:27 - 00000000 ____D () C:\Users\Katharina\Documents\Bluetooth Folder
2014-06-21 19:27 - 2014-06-21 19:27 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Atheros
2014-06-21 19:27 - 2014-06-21 19:27 - 00000000 ____D () C:\Users\Katharina\AppData\Local\BMExplorer
2014-06-21 19:27 - 2014-06-21 19:27 - 00000000 ____D () C:\ProgramData\Atheros
2014-06-21 19:27 - 2014-06-21 19:26 - 00001133 _____ () C:\Users\Katharina\Desktop\Cyberlink Power2Go.lnk
2014-06-21 19:26 - 2014-06-21 19:26 - 00001453 _____ () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-21 19:26 - 2014-06-21 19:26 - 00000139 _____ () C:\Users\Public\Desktop\eBay.url
2014-06-21 19:26 - 2014-06-21 19:26 - 00000020 ___SH () C:\Users\Katharina\ntuser.ini
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Vorlagen
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Startmenü
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Netzwerkumgebung
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Lokale Einstellungen
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Eigene Dateien
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Druckumgebung
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Documents\Eigene Musik
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Documents\Eigene Bilder
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\AppData\Local\Verlauf
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\AppData\Local\Anwendungsdaten
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Anwendungsdaten
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Macromedia
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 ____D () C:\Users\Katharina\AppData\Local\VirtualStore
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 ____D () C:\ProgramData\eBay
2014-06-21 19:26 - 2014-02-13 01:25 - 00094656 _____ () C:\WINDOWS\modules.log
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Programme
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-06-21 19:16 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows NT
2014-06-21 19:16 - 2012-07-26 07:37 - 00000000 ___HD () C:\Users\Default
2014-06-21 19:13 - 2014-06-21 19:13 - 00000882 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-06-21 19:13 - 2014-06-21 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-06-21 19:13 - 2014-06-21 19:13 - 00000000 ____D () C:\Program Files\VideoLAN
2014-06-21 19:11 - 2014-06-21 19:11 - 25055851 _____ () C:\Users\Katharina\Downloads\vlc-2.1.4-win64.exe
2014-06-21 14:11 - 2014-02-12 16:02 - 00000000 ____D () C:\Program Files (x86)\Lenovo DE
2014-06-21 14:10 - 2014-06-21 14:09 - 00000000 ____D () C:\ProgramData\tmp
2014-06-21 14:10 - 2014-06-21 14:09 - 00000000 ____D () C:\ProgramData\hps
2014-06-21 14:09 - 2014-06-21 14:09 - 00547393 _____ () C:\Users\Katharina\Downloads\uninstall.exe
2014-06-21 14:09 - 2014-06-21 14:09 - 00000818 _____ () C:\Users\Public\Desktop\CEWE FOTOSCHAU.lnk
2014-06-21 14:09 - 2014-06-21 14:09 - 00000803 _____ () C:\Users\Public\Desktop\dm-Fotowelt.lnk
2014-06-21 14:09 - 2014-06-21 14:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dm-Fotowelt
2014-06-21 14:09 - 2014-06-21 14:07 - 00000000 ____D () C:\Users\Katharina\Downloads\Resources
2014-06-21 14:09 - 2014-06-21 14:06 - 00000000 _____ () C:\Users\Katharina\Downloads\temp.txt
2014-06-21 14:07 - 2014-06-21 14:07 - 00000000 ____D () C:\Users\Katharina\Downloads\printsupport
2014-06-21 14:07 - 2014-06-21 14:07 - 00000000 ____D () C:\Users\Katharina\Downloads\platforms
2014-06-21 14:07 - 2014-06-21 14:07 - 00000000 ____D () C:\Users\Katharina\Downloads\orderprocessors
2014-06-21 14:07 - 2014-06-21 14:07 - 00000000 ____D () C:\Users\Katharina\Downloads\imageformats
2014-06-21 14:06 - 2014-06-21 14:06 - 00001332 _____ () C:\Users\Katharina\Downloads\38-index-5.1.5.txt
2014-06-21 14:05 - 2014-06-21 14:05 - 01628432 _____ () C:\Users\Katharina\Downloads\setup_dm_Fotowelt.exe
2014-06-21 13:50 - 2014-06-21 13:50 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-21 13:50 - 2014-06-21 13:50 - 00002030 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-06-21 13:50 - 2014-06-21 13:50 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-06-21 13:49 - 2014-06-21 13:48 - 75151232 _____ (Adobe Systems Incorporated) C:\Users\Katharina\Downloads\AdbeRdr11007_de_DE.exe
2014-06-21 13:36 - 2014-06-21 13:36 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.0.lnk
2014-06-21 13:36 - 2014-06-21 13:36 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2014-06-21 13:36 - 2014-06-21 13:36 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\OpenOffice
2014-06-21 13:36 - 2014-06-21 13:35 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-06-21 13:27 - 2014-06-21 13:27 - 00961360 _____ (Chip Digital GmbH) C:\Users\Katharina\Downloads\OpenOffice - CHIP-Installer.exe
2014-06-21 12:55 - 2014-06-21 12:54 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Mozilla
2014-06-21 12:55 - 2014-06-21 12:54 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Mozilla
2014-06-21 12:54 - 2014-06-21 12:54 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-21 12:54 - 2014-06-21 12:54 - 00001162 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-21 12:53 - 2014-06-21 12:53 - 29677544 _____ (Mozilla) C:\Users\Katharina\Downloads\Firefox_Setup_de30.0.exe
2014-06-21 12:49 - 2014-06-21 12:50 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2014-06-21 12:49 - 2014-06-21 12:49 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Avira
2014-06-21 12:48 - 2014-06-21 19:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

Some content of TEMP:
====================
C:\Users\Katharina\AppData\Local\Temp\avgnt.exe
C:\Users\Katharina\AppData\Local\Temp\installhelper.dll
C:\Users\Katharina\AppData\Local\Temp\Quarantine.exe
C:\Users\Katharina\AppData\Local\Temp\SRAssetsHelper.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-01 09:27

==================== End Of Log ============================
         
--- --- ---


Alt 02.07.2014, 19:41   #6
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
http://www.searchnu.com/410 Mozilla Firefox - Standard

http://www.searchnu.com/410 Mozilla Firefox



OK...

Schritt 1

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Schritt 2



Bitte starte FRST erneut, markiere auch die checkbox und drücke auf Scan.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?
__________________
--> http://www.searchnu.com/410 Mozilla Firefox

Alt 03.07.2014, 19:46   #7
wurschthans
 
http://www.searchnu.com/410 Mozilla Firefox - Standard

http://www.searchnu.com/410 Mozilla Firefox



Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=8c9ce0a8e6293a41941be3a8fdc1b998
# engine=19007
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-07-03 06:18:10
# local_time=2014-07-03 08:18:10 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 16467 3207925 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 790655 12171730 0 0
# scanned=209822
# found=11
# cleaned=0
# scan_time=2709
sh=2714DB0A06F74A4282CDDC307EA1599670422E09 ft=1 fh=dbe7f66a91f8fadc vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\KATHAR~1\AppData\Local\Temp\OCS\ocs_v71b.exe.vir"
sh=8BE4C277A62F2400C3B0A20F39297D310774E2AC ft=1 fh=d69c639933d87dfe vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\KATHAR~1\AppData\Local\Temp\OCS\Downloads\fc14996dfa99adfc7baae624196888c5\c7b8b56c50c2c2cf92ab80aa948a1e7d\Setup21_FreeConverter.exe.vir"
sh=B9A96D9AE94C4B42CA5499933F6DF218B3903768 ft=1 fh=966b3592656dc188 vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Avira\AntiVir Desktop\offercast_avirav7_.exe"
sh=D5C0EBA99844D9D26694E4239140549C8B4FCF04 ft=1 fh=e6733903589b0a67 vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="C:\ProgramData\Avira\My Avira\Temp\antivirus.exe"
sh=D5C0EBA99844D9D26694E4239140549C8B4FCF04 ft=1 fh=e6733903589b0a67 vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="C:\Users\All Users\Avira\My Avira\Temp\antivirus.exe"
sh=D6411857B6D431BD5658A9B9E22E219B5D817133 ft=1 fh=26d539758799cf25 vn="Variante von Win32/InstallCore.PK evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Katharina\Downloads\7PDF_10_0_0_1840_CB-DL-Manager.exe"
sh=557880450DBDBBA5046DF63090785BF9136131B5 ft=1 fh=093f412e27c6c71c vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Katharina\Downloads\DiaShow Ultimate - CHIP-Installer.exe"
sh=6F476484C57973984D637EFAF9B044A66D0AB282 ft=1 fh=29390eb317be4add vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Katharina\Downloads\Free Mp3 Wma Converter - CHIP-Installer.exe"
sh=C821B2CE1B4A0EDDFFC2604DF580497A2F9246A5 ft=1 fh=65ee98e397292ef4 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Katharina\Downloads\OpenOffice - CHIP-Installer.exe"
sh=E2C028A886AA7352539DEE32CBB38770C529A76E ft=1 fh=d2aeb2930bcba9f7 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Katharina\Downloads\PDFCreator-1_7_3_setup.exe"
sh=0CE8D76BB7C0EF5012D2034F8A7491B9583D7DAF ft=1 fh=a751899a89494c79 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Katharina\Downloads\Vollversion Magix Slideshow Maker - CHIP-Installer.exe"
         

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014
Ran by Katharina (administrator) on WICHTLZWERG on 03-07-2014 20:29:50
Running from C:\Users\Katharina\Downloads
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
() C:\Users\Katharina\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-07-04] (IDT, Inc.)
HKLM\...\Run: [DolbyTrayApp] => c:\program files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778864 2013-08-30] (Synaptics Incorporated)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15794160 2014-02-12] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80368 2014-02-12] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960 2013-05-14] (Vimicro)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-18] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [183376 2014-05-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132224 2013-02-28] ( (Atheros Communications))
HKU\S-1-5-21-3349096550-3144467483-3537340833-1002\...\Run: [Amazon Music] => C:\Users\Katharina\AppData\Local\Amazon Music\Amazon Music Helper.exe [3162944 2014-06-24] ()
HKU\S-1-5-21-3349096550-3144467483-3537340833-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Amazon Music] => C:\Users\Katharina\AppData\Local\Amazon Music\Amazon Music Helper.exe [3162944 2014-06-24] ()
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [245872 2013-05-24] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [201576 2013-05-24] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: SugarSyncBackedUp -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncPending -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncRoot -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: SugarSyncShared -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = 
SearchScopes: HKLM - {14810DE1-195E-4F23-B623-860FE40A0752} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {14810DE1-195E-4F23-B623-860FE40A0752} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
SearchScopes: HKCU - {14810DE1-195E-4F23-B623-860FE40A0752} URL = 
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\ekrrck2g.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\ekrrck2g.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-06-21]
FF Extension: Ghostery - C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\ekrrck2g.default\Extensions\firefox@ghostery.com.xpi [2014-06-21]
FF Extension: Adblock Plus - C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\ekrrck2g.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-21]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227968 2013-02-28] (Qualcomm Atheros Commnucations)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [123984 2014-05-14] (Avira Operations GmbH & Co. KG)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-17] (Intel Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [337920 2013-07-04] (IDT, Inc.) [File not signed]
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-02-12] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-02-28] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-05-27] (Avira Operations GmbH & Co. KG)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-02-28] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [100184 2013-04-09] (Intel Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-30] (Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2014-06-22] (Duplex Secure Ltd.)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1064704 2013-05-31] (Vimicro Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-03 19:29 - 2014-07-03 19:29 - 02347384 _____ (ESET) C:\Users\Katharina\Downloads\esetsmartinstaller_deu.exe
2014-07-02 19:53 - 2014-07-02 19:54 - 00000000 ____D () C:\AdwCleaner
2014-07-02 19:52 - 2014-07-02 19:52 - 01346519 _____ () C:\Users\Katharina\Downloads\adwcleaner_3.214.exe
2014-07-02 19:38 - 2014-07-02 19:38 - 00019179 _____ () C:\Users\Katharina\Downloads\Addition.txt
2014-07-02 19:37 - 2014-07-03 20:30 - 00013472 _____ () C:\Users\Katharina\Downloads\FRST.txt
2014-07-02 19:37 - 2014-07-03 20:29 - 00000000 ____D () C:\FRST
2014-07-02 19:36 - 2014-07-02 19:36 - 02083840 _____ (Farbar) C:\Users\Katharina\Downloads\FRST64.exe
2014-07-02 18:59 - 2014-07-02 20:01 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-02 18:58 - 2014-07-02 18:58 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-02 18:58 - 2014-07-02 18:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-02 18:58 - 2014-07-02 18:58 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-02 18:58 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-02 18:58 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-07-02 18:58 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-07-02 18:57 - 2014-07-02 18:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Katharina\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-01 18:30 - 2014-07-01 18:42 - 00017536 _____ () C:\Users\Katharina\Desktop\Menüpläne.odt
2014-07-01 09:39 - 2014-07-01 09:39 - 00001046 _____ () C:\Users\Public\Desktop\PDFCreator.lnk
2014-07-01 09:39 - 2014-07-01 09:39 - 00000000 ____D () C:\ProgramData\PDF Architect 2
2014-07-01 09:39 - 2014-07-01 09:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2014-07-01 09:38 - 2014-07-01 09:39 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-07-01 09:38 - 2014-04-25 17:44 - 00137000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMAPI32.OCX
2014-07-01 09:38 - 2014-04-25 17:44 - 00110264 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll
2014-07-01 09:38 - 2014-04-25 17:44 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPIDE.DLL
2014-07-01 09:38 - 1998-07-06 18:56 - 00125712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6DE.DLL
2014-07-01 09:38 - 1998-07-06 18:55 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCMCDE.DLL
2014-07-01 09:38 - 1998-07-06 18:55 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCC2DE.DLL
2014-07-01 09:37 - 2014-07-01 09:37 - 27843432 _____ (pdfforge ) C:\Users\Katharina\Downloads\PDFCreator-1_7_3_setup.exe
2014-07-01 09:17 - 2013-09-01 12:59 - 01103872 _____ () C:\WINDOWS\SysWOW64\CBLCtlsU.ocx
2014-07-01 09:17 - 2013-07-13 12:15 - 00805376 _____ () C:\WINDOWS\SysWOW64\EditCtlsU.ocx
2014-07-01 09:17 - 2013-07-12 22:57 - 00539648 _____ () C:\WINDOWS\SysWOW64\LblCtlsU.ocx
2014-07-01 09:17 - 2013-04-05 13:55 - 00476160 _____ () C:\WINDOWS\SysWOW64\TabStripCtlU.ocx
2014-07-01 09:17 - 2013-03-28 23:13 - 00645632 _____ () C:\WINDOWS\SysWOW64\BtnCtlsU.ocx
2014-07-01 09:17 - 2013-03-03 14:37 - 01061888 _____ () C:\WINDOWS\SysWOW64\ExLvwU.ocx
2014-07-01 09:16 - 2014-07-01 09:16 - 07873675 _____ (7-PDF, Germany - Th. Hodes ) C:\Users\Katharina\Downloads\7PDF_10_0_0_1840_CB-DL-Manager [1].exe
2014-07-01 09:15 - 2014-07-01 09:15 - 00788832 _____ ( ) C:\Users\Katharina\Downloads\7PDF_10_0_0_1840_CB-DL-Manager.exe
2014-07-01 09:04 - 2014-07-01 09:04 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-06-30 20:56 - 2014-06-30 20:56 - 00000000 ____D () C:\Users\Katharina\dwhelper
2014-06-30 20:42 - 2014-06-30 20:42 - 00001329 _____ () C:\Users\Katharina\Desktop\Easy Audio Cutter.lnk
2014-06-30 20:42 - 2014-06-30 20:42 - 00001313 _____ () C:\Users\Katharina\Desktop\Free CD Ripper.lnk
2014-06-30 20:42 - 2014-06-30 20:42 - 00001311 _____ () C:\Users\Katharina\Desktop\Free Mp3 Wma Converter.lnk
2014-06-30 20:42 - 2014-06-30 20:42 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\FreeAudioPack
2014-06-30 20:42 - 2014-06-30 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Audio Pack
2014-06-30 20:42 - 2014-06-30 20:42 - 00000000 ____D () C:\Program Files (x86)\Free mp3 Wma Converter
2014-06-30 20:42 - 2014-04-25 17:44 - 01070152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCTL.OCX
2014-06-30 20:42 - 2011-09-29 14:20 - 02084864 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\AudDesign.dll
2014-06-30 20:42 - 2011-09-29 14:20 - 01986560 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\AudFile.dll
2014-06-30 20:42 - 2011-09-29 14:20 - 01212416 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\AudioInfos.dll
2014-06-30 20:42 - 2011-09-29 14:20 - 00484352 _____ () C:\WINDOWS\SysWOW64\lame_enc.dll
2014-06-30 20:42 - 2011-09-29 14:20 - 00479232 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\AudioVisu.dll
2014-06-30 20:42 - 2011-09-29 14:20 - 00458752 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\AudPlayer.dll
2014-06-30 20:42 - 2011-09-29 14:20 - 00454656 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\AudioRecord.dll
2014-06-30 20:42 - 2011-09-29 14:20 - 00417792 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\AudDisplay.dll
2014-06-30 20:42 - 2011-09-29 14:20 - 00348160 _____ (NCT Company Ltd.) C:\WINDOWS\SysWOW64\WMAFile.dll
2014-06-30 20:42 - 2011-09-29 14:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr70.dll
2014-06-30 20:42 - 2011-09-29 14:20 - 00164144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COMCT232.OCX
2014-06-30 20:42 - 2011-09-29 14:20 - 00116296 _____ () C:\WINDOWS\SysWOW64\NCTWMAProfiles.prx
2014-06-30 20:42 - 2011-09-29 14:19 - 00662288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCT2.OCX
2014-06-30 20:42 - 2011-09-29 14:19 - 00224016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TABCTL32.OCX
2014-06-30 20:42 - 2011-09-29 14:19 - 00152848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COMDLG32.OCX
2014-06-30 20:42 - 2011-09-29 14:19 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCMCFR.DLL
2014-06-30 20:42 - 2011-09-29 14:19 - 00119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6FR.DLL
2014-06-30 20:42 - 2011-09-29 14:19 - 00115920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinet.OCX
2014-06-30 20:42 - 2011-09-29 14:19 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6STKIT.DLL
2014-06-30 20:42 - 2011-09-29 14:19 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Mscc2fr.dll
2014-06-30 20:42 - 2011-09-29 14:19 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMDLGFR.DLL
2014-06-30 20:42 - 2011-09-29 14:19 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TABCTFR.DLL
2014-06-30 20:42 - 2011-09-29 14:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetfr.DLL
2014-06-30 20:40 - 2014-06-30 20:40 - 00961360 _____ (Chip Digital GmbH) C:\Users\Katharina\Downloads\Free Mp3 Wma Converter - CHIP-Installer.exe
2014-06-30 20:32 - 2014-06-30 20:32 - 00001163 _____ () C:\Users\Katharina\Desktop\Amazon Music.lnk
2014-06-30 20:31 - 2014-06-30 20:31 - 38534920 _____ (Amazon) C:\Users\Katharina\Downloads\AmazonMusicInstaller.exe
2014-06-30 20:26 - 2014-06-30 20:27 - 09659608 _____ () C:\Users\Katharina\Downloads\AmazonMusicImporterInstaller-2.1.0._V337128703_.exe
2014-06-30 17:25 - 2014-06-30 17:25 - 00015074 _____ () C:\Users\Katharina\Documents\Saisonkalender_Obst_Gemüse.odt
2014-06-30 16:28 - 2014-06-30 16:28 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-06-30 15:58 - 2014-06-30 15:58 - 00013441 _____ () C:\Users\Katharina\Documents\Unbenannt 1.odt
2014-06-29 09:34 - 2014-06-30 20:27 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Adobe
2014-06-27 20:26 - 2014-06-27 20:26 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Macromedia
2014-06-26 21:02 - 2014-06-26 21:02 - 00955246 _____ () C:\Users\Katharina\Desktop\Hochzeitstag 26082014.MVM
2014-06-26 20:59 - 2014-06-26 20:59 - 00000000 ____D () C:\Users\Katharina\AppData\Local\CrashDumps
2014-06-26 20:43 - 2014-06-26 20:43 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\WebApp
2014-06-26 20:40 - 2014-06-26 20:40 - 00000000 ____D () C:\Users\Katharina\Documents\Lenovo
2014-06-26 20:40 - 2014-06-26 20:40 - 00000000 ____D () C:\Users\Katharina\Documents\CyberLink
2014-06-26 20:40 - 2014-06-26 20:40 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Lenovo
2014-06-26 20:40 - 2014-06-26 20:40 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\CyberLink
2014-06-26 13:32 - 2014-06-26 20:50 - 00023040 ___SH () C:\Users\Katharina\Downloads\Thumbs.db
2014-06-26 13:30 - 2014-06-26 13:31 - 00000000 ____D () C:\ProgramData\MAGIX
2014-06-26 13:30 - 2014-06-26 13:30 - 00001051 _____ () C:\Users\Public\Desktop\MAGIX Slideshow Maker 2.lnk
2014-06-26 13:30 - 2014-06-26 13:30 - 00000000 ____D () C:\Users\Katharina\Documents\MAGIX
2014-06-26 13:30 - 2014-06-26 13:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2014-06-26 13:30 - 2014-06-26 13:30 - 00000000 ____D () C:\Program Files (x86)\MAGIX
2014-06-26 13:27 - 2014-06-26 13:31 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\MAGIX
2014-06-26 13:25 - 2014-06-26 13:25 - 00961360 _____ (Chip Digital GmbH) C:\Users\Katharina\Downloads\Vollversion Magix Slideshow Maker - CHIP-Installer.exe
2014-06-26 13:09 - 2014-06-26 13:10 - 00000000 ____D () C:\Users\Katharina\AppData\Local\AquaSoft
2014-06-26 13:09 - 2014-06-26 13:09 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\AquaSoft
2014-06-24 17:24 - 2014-07-01 21:00 - 00115712 ___SH () C:\Users\Katharina\Desktop\Thumbs.db
2014-06-24 17:24 - 2014-06-24 17:24 - 00144345 _____ () C:\Users\Katharina\Desktop\klarna agb.odt
2014-06-24 16:41 - 2014-06-24 16:41 - 00307760 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-06-24 16:40 - 2014-06-24 16:40 - 00000000 ____D () C:\sources
2014-06-24 16:39 - 2014-06-25 17:13 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\CrashDumps
2014-06-22 22:33 - 2014-04-19 11:39 - 00628024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationUI.exe
2014-06-22 22:33 - 2014-04-19 10:45 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-06-22 22:33 - 2014-04-19 10:45 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-22 22:33 - 2014-04-19 08:57 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-06-22 22:33 - 2014-04-19 08:57 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-22 13:08 - 2014-05-31 07:16 - 00703992 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-06-22 13:08 - 2014-05-31 07:16 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-22 13:05 - 2014-06-22 13:09 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-06-22 12:08 - 2014-06-22 12:08 - 00564824 _____ (Duplex Secure Ltd.) C:\WINDOWS\system32\Drivers\sptd.sys
2014-06-22 12:02 - 2014-06-22 12:02 - 00961360 _____ (Chip Digital GmbH) C:\Users\Katharina\Downloads\DiaShow Ultimate - CHIP-Installer.exe
2014-06-22 11:38 - 2014-06-22 11:40 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-22 11:38 - 2014-06-01 17:17 - 95414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-06-21 19:48 - 2014-07-03 15:42 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2014-06-21 19:48 - 2014-05-27 17:12 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2014-06-21 19:48 - 2014-05-27 17:12 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2014-06-21 19:45 - 2014-06-21 19:48 - 00000000 ____D () C:\ProgramData\Avira
2014-06-21 19:45 - 2014-06-21 19:48 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-06-21 19:45 - 2014-06-21 19:45 - 00001148 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-06-21 19:45 - 2014-06-21 19:45 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-21 19:45 - 2014-06-21 12:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-06-21 19:37 - 2014-06-21 19:37 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Nitro
2014-06-21 19:34 - 2014-07-03 15:59 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3349096550-3144467483-3537340833-1002
2014-06-21 19:30 - 2014-06-21 19:30 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Katharina\Downloads\avira_de_av___ws.exe
2014-06-21 19:28 - 2014-06-21 19:28 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Intel Corporation
2014-06-21 19:27 - 2014-06-21 19:27 - 00000000 ____D () C:\Users\Katharina\Documents\Bluetooth Folder
2014-06-21 19:27 - 2014-06-21 19:27 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Atheros
2014-06-21 19:27 - 2014-06-21 19:27 - 00000000 ____D () C:\Users\Katharina\AppData\Local\BMExplorer
2014-06-21 19:27 - 2014-06-21 19:27 - 00000000 ____D () C:\ProgramData\Atheros
2014-06-21 19:26 - 2014-06-30 20:56 - 00000000 ____D () C:\Users\Katharina
2014-06-21 19:26 - 2014-06-30 20:27 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Adobe
2014-06-21 19:26 - 2014-06-22 13:09 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Packages
2014-06-21 19:26 - 2014-06-21 19:27 - 00001133 _____ () C:\Users\Katharina\Desktop\Cyberlink Power2Go.lnk
2014-06-21 19:26 - 2014-06-21 19:26 - 00001453 _____ () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-21 19:26 - 2014-06-21 19:26 - 00000139 _____ () C:\Users\Public\Desktop\eBay.url
2014-06-21 19:26 - 2014-06-21 19:26 - 00000020 ___SH () C:\Users\Katharina\ntuser.ini
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Vorlagen
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Startmenü
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Netzwerkumgebung
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Lokale Einstellungen
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Eigene Dateien
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Druckumgebung
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Documents\Eigene Musik
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Documents\Eigene Bilder
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\AppData\Local\Verlauf
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\AppData\Local\Anwendungsdaten
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Anwendungsdaten
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Macromedia
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 ____D () C:\Users\Katharina\AppData\Local\VirtualStore
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 ____D () C:\ProgramData\eBay
2014-06-21 19:26 - 2014-02-13 00:19 - 00000000 ___RD () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-06-21 19:26 - 2014-02-13 00:16 - 00000000 ___RD () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-21 19:26 - 2014-02-12 16:10 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-06-21 19:26 - 2013-02-04 08:18 - 00000189 _____ () C:\Users\Katharina\Desktop\Lenovo Telephony Start Now.url
2014-06-21 19:26 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-21 19:26 - 2012-07-26 10:13 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Programme
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-06-21 19:13 - 2014-07-02 11:37 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\vlc
2014-06-21 19:13 - 2014-06-21 19:13 - 00000882 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-06-21 19:13 - 2014-06-21 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-06-21 19:13 - 2014-06-21 19:13 - 00000000 ____D () C:\Program Files\VideoLAN
2014-06-21 19:11 - 2014-06-21 19:11 - 25055851 _____ () C:\Users\Katharina\Downloads\vlc-2.1.4-win64.exe
2014-06-21 14:09 - 2014-06-21 14:10 - 00000000 ____D () C:\ProgramData\tmp
2014-06-21 14:09 - 2014-06-21 14:10 - 00000000 ____D () C:\ProgramData\hps
2014-06-21 14:09 - 2014-06-21 14:09 - 00547393 _____ () C:\Users\Katharina\Downloads\uninstall.exe
2014-06-21 14:09 - 2014-06-21 14:09 - 00000818 _____ () C:\Users\Public\Desktop\CEWE FOTOSCHAU.lnk
2014-06-21 14:09 - 2014-06-21 14:09 - 00000803 _____ () C:\Users\Public\Desktop\dm-Fotowelt.lnk
2014-06-21 14:09 - 2014-06-21 14:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dm-Fotowelt
2014-06-21 14:07 - 2014-06-21 14:09 - 00000000 ____D () C:\Users\Katharina\Downloads\Resources
2014-06-21 14:07 - 2014-06-21 14:07 - 00000000 ____D () C:\Users\Katharina\Downloads\printsupport
2014-06-21 14:07 - 2014-06-21 14:07 - 00000000 ____D () C:\Users\Katharina\Downloads\platforms
2014-06-21 14:07 - 2014-06-21 14:07 - 00000000 ____D () C:\Users\Katharina\Downloads\orderprocessors
2014-06-21 14:07 - 2014-06-21 14:07 - 00000000 ____D () C:\Users\Katharina\Downloads\imageformats
2014-06-21 14:07 - 2014-04-03 09:09 - 01100288 _____ () C:\Users\Katharina\Downloads\CWTemplates.dll
2014-06-21 14:07 - 2014-04-03 09:09 - 00932864 _____ () C:\Users\Katharina\Downloads\CWAPM.dll
2014-06-21 14:07 - 2014-04-03 09:09 - 00578048 _____ () C:\Users\Katharina\Downloads\CWModelBase.dll
2014-06-21 14:07 - 2014-04-03 09:09 - 00572416 _____ () C:\Users\Katharina\Downloads\CWStartScreen.dll
2014-06-21 14:07 - 2014-04-03 09:09 - 00509952 _____ () C:\Users\Katharina\Downloads\CWCustomer.dll
2014-06-21 14:07 - 2014-04-03 09:09 - 00451584 _____ () C:\Users\Katharina\Downloads\CWPriceListDialog.dll
2014-06-21 14:07 - 2014-04-03 09:09 - 00396800 _____ () C:\Users\Katharina\Downloads\CWCalendar.dll
2014-06-21 14:07 - 2014-04-03 09:09 - 00352256 _____ () C:\Users\Katharina\Downloads\CWNetworkingXTCI.dll
2014-06-21 14:07 - 2014-04-03 09:09 - 00089600 _____ () C:\Users\Katharina\Downloads\CWRegionOfInterest.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 01309696 _____ () C:\Users\Katharina\Downloads\CWGUIWidgets.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 01226752 _____ () C:\Users\Katharina\Downloads\CWFoto.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00849920 _____ () C:\Users\Katharina\Downloads\CWCore.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00710144 _____ () C:\Users\Katharina\Downloads\CWImageProcessing.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00664064 _____ () C:\Users\Katharina\Downloads\CWProductProperties.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00458752 _____ () C:\Users\Katharina\Downloads\CWXML.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00422912 _____ () C:\Users\Katharina\Downloads\CWImageLoader.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00350208 _____ () C:\Users\Katharina\Downloads\CWImageProcessingGUI.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00220672 _____ () C:\Users\Katharina\Downloads\CWNetworking.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00209408 _____ () C:\Users\Katharina\Downloads\CWFotoschauDLL.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00204288 _____ () C:\Users\Katharina\Downloads\CWAssistant.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00192512 _____ () C:\Users\Katharina\Downloads\CWVideoAnalysis.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00168960 _____ () C:\Users\Katharina\Downloads\CWGeoLocation.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00122368 _____ () C:\Users\Katharina\Downloads\CWProductBase.dll
2014-06-21 14:07 - 2014-04-01 15:56 - 00019968 _____ () C:\Users\Katharina\Downloads\facedetection.exe
2014-06-21 14:07 - 2014-03-07 10:32 - 02340352 _____ (Smaller Animals Software, Inc.) C:\Users\Katharina\Downloads\_ISource50.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 21603328 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5WebKit.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 05216256 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Widgets.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 04941312 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Gui.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 04687360 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Core.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 03280384 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5V8.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 02407424 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Quick.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 01936896 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Qml.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 01242112 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Script.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 01035264 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Network.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 01018368 _____ (FotoNation Inc.) C:\Users\Katharina\Downloads\Face.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 00677376 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Multimedia.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 00352256 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5OpenGL.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 00269312 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5PrintSupport.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 00255488 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Svg.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 00226816 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5WebKitWidgets.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 00199680 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Xml.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 00198656 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Sql.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 00180736 _____ (FotoNation Inc.) C:\Users\Katharina\Downloads\RedEye.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 00173568 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5Sensors.dll
2014-06-21 14:07 - 2014-03-07 09:37 - 00099328 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\Katharina\Downloads\Qt5MultimediaWidgets.dll
2014-06-21 14:07 - 2013-11-27 13:29 - 06205952 _____ () C:\Users\Katharina\Downloads\avcodec-54.dll
2014-06-21 14:07 - 2013-11-27 13:29 - 01368576 _____ (ImageMagick Studio) C:\Users\Katharina\Downloads\CORE_RL_magick_.dll
2014-06-21 14:07 - 2013-11-27 13:29 - 01286144 _____ (The ICU Project) C:\Users\Katharina\Downloads\icuuc50.dll
2014-06-21 14:07 - 2013-11-27 13:29 - 00307712 _____ () C:\Users\Katharina\Downloads\avutil-52.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 20785664 _____ (The ICU Project) C:\Users\Katharina\Downloads\icudt50.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 05718872 _____ (Microsoft Corporation) C:\Users\Katharina\Downloads\vcredist2010_x64.exe
2014-06-21 14:07 - 2013-11-27 13:28 - 01629696 _____ (The ICU Project) C:\Users\Katharina\Downloads\icuin50.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 01505280 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\Katharina\Downloads\libeay32.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 01419776 _____ () C:\Users\Katharina\Downloads\exiv2.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 01374720 _____ () C:\Users\Katharina\Downloads\avformat-54.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00730112 _____ (ImageMagick Studio LLC) C:\Users\Katharina\Downloads\CORE_RL_wand_.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00530944 _____ () C:\Users\Katharina\Downloads\avfilter-3.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00466432 _____ () C:\Users\Katharina\Downloads\IccProfLib0.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00449536 _____ () C:\Users\Katharina\Downloads\CORE_RL_Magick++_.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00361472 _____ () C:\Users\Katharina\Downloads\swscale-2.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00354304 _____ (hxxp://hunspell.sourceforge.net/) C:\Users\Katharina\Downloads\libhunspell.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00347648 _____ () C:\Users\Katharina\Downloads\libwebp.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00325120 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\Katharina\Downloads\ssleay32.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00156672 _____ () C:\Users\Katharina\Downloads\libexpat.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00150528 _____ () C:\Users\Katharina\Downloads\swresample-0.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00105472 _____ () C:\Users\Katharina\Downloads\avdevice-54.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00086528 _____ () C:\Users\Katharina\Downloads\HE_3D2anaglyph.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00069120 _____ () C:\Users\Katharina\Downloads\zlib1.dll
2014-06-21 14:07 - 2013-11-27 13:28 - 00029696 _____ (TODO: <Firmenname>) C:\Users\Katharina\Downloads\ImapiBurner.dll
2014-06-21 14:06 - 2014-06-21 14:09 - 00000000 _____ () C:\Users\Katharina\Downloads\temp.txt
2014-06-21 14:06 - 2014-06-21 14:06 - 00001332 _____ () C:\Users\Katharina\Downloads\38-index-5.1.5.txt
2014-06-21 14:06 - 2014-04-03 09:09 - 07558656 _____ () C:\Users\Katharina\Downloads\dm-Fotowelt.exe
2014-06-21 14:06 - 2014-04-01 15:55 - 01532928 _____ () C:\Users\Katharina\Downloads\CEWE FOTOSCHAU.exe
2014-06-21 14:06 - 2014-04-01 15:55 - 00436736 _____ () C:\Users\Katharina\Downloads\CEWE FOTOIMPORTER.exe
2014-06-21 14:05 - 2014-06-21 14:05 - 01628432 _____ () C:\Users\Katharina\Downloads\setup_dm_Fotowelt.exe
2014-06-21 13:50 - 2014-06-21 13:50 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-21 13:50 - 2014-06-21 13:50 - 00002030 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-06-21 13:50 - 2014-06-21 13:50 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-06-21 13:48 - 2014-06-21 13:49 - 75151232 _____ (Adobe Systems Incorporated) C:\Users\Katharina\Downloads\AdbeRdr11007_de_DE.exe
2014-06-21 13:36 - 2014-06-21 13:36 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.0.lnk
2014-06-21 13:36 - 2014-06-21 13:36 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2014-06-21 13:36 - 2014-06-21 13:36 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\OpenOffice
2014-06-21 13:35 - 2014-06-21 13:36 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-06-21 13:27 - 2014-06-21 13:27 - 00961360 _____ (Chip Digital GmbH) C:\Users\Katharina\Downloads\OpenOffice - CHIP-Installer.exe
2014-06-21 13:24 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-06-21 13:24 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-06-21 13:24 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2014-06-21 13:24 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2014-06-21 13:24 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2014-06-21 13:24 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-06-21 13:24 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-06-21 13:24 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-06-21 13:24 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-06-21 13:24 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-06-21 13:24 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-06-21 13:24 - 2013-08-10 07:21 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-06-21 13:24 - 2013-08-10 07:21 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncInfo.dll
2014-06-21 13:24 - 2013-08-10 05:58 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-06-21 13:24 - 2013-08-03 08:40 - 01374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2014-06-21 13:24 - 2013-08-03 08:40 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll
2014-06-21 13:24 - 2013-08-03 08:40 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmon.ocx
2014-06-21 13:24 - 2013-08-03 07:14 - 00399360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2014-06-21 13:24 - 2013-08-03 07:13 - 01245696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2014-06-21 13:24 - 2013-08-03 07:13 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll
2014-06-21 13:24 - 2013-08-02 08:28 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2014-06-21 13:24 - 2013-08-02 07:08 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2014-06-21 13:24 - 2013-07-25 01:10 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2014-06-21 13:24 - 2013-07-25 01:06 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2014-06-21 13:24 - 2013-04-10 01:17 - 01125888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2014-06-21 13:24 - 2013-04-10 00:29 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2014-06-21 13:17 - 2014-04-30 00:32 - 01301504 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-21 13:17 - 2014-04-30 00:22 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-21 13:17 - 2013-10-10 13:53 - 00096600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-06-21 13:17 - 2013-10-10 11:21 - 01160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-06-21 13:17 - 2013-10-10 11:20 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-06-21 13:17 - 2013-09-04 05:11 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-06-21 13:16 - 2014-05-03 07:47 - 03246592 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-21 13:16 - 2014-05-03 05:34 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-06-21 13:16 - 2014-04-03 13:19 - 00328024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-06-21 13:16 - 2014-04-03 05:44 - 00619008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-06-21 13:16 - 2014-04-01 00:08 - 00387268 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-06-21 13:16 - 2014-03-28 10:23 - 19759104 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-06-21 13:16 - 2014-03-28 08:18 - 17562112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-06-21 13:16 - 2014-03-25 01:42 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-06-21 13:16 - 2014-03-25 00:56 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-06-21 13:16 - 2013-10-19 07:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-06-21 13:16 - 2013-10-19 06:04 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-06-21 13:16 - 2013-08-16 07:41 - 00058200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2014-06-21 13:16 - 2013-08-16 07:39 - 02371728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-06-21 13:16 - 2013-08-16 07:22 - 04917760 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-06-21 13:16 - 2013-08-16 07:21 - 01164288 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2014-06-21 13:16 - 2013-08-16 07:21 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2014-06-21 13:16 - 2013-08-16 07:21 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-06-21 13:16 - 2013-08-16 07:21 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2014-06-21 13:16 - 2013-08-16 07:21 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
2014-06-21 13:16 - 2013-08-16 07:21 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2014-06-21 13:16 - 2013-08-16 07:21 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcln.dll
2014-06-21 13:16 - 2013-08-16 07:20 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2014-06-21 13:16 - 2013-08-16 00:43 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-06-21 13:16 - 2013-08-16 00:43 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll
2014-06-21 13:16 - 2013-08-16 00:43 - 00083968 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-06-21 13:16 - 2013-08-16 00:42 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2014-06-21 13:16 - 2013-08-16 00:42 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupcln.dll
2014-06-21 13:16 - 2013-07-06 02:15 - 00652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2014-06-21 13:16 - 2013-07-04 04:13 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2014-06-21 13:15 - 2014-03-28 21:19 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-06-21 13:15 - 2014-03-24 00:11 - 00269592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-06-21 13:15 - 2013-12-09 02:45 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-06-21 13:15 - 2013-12-09 01:59 - 00600064 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-06-21 13:15 - 2013-10-09 03:33 - 00059416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-06-21 13:15 - 2013-10-09 00:30 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-06-21 13:15 - 2013-10-09 00:30 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-06-21 13:15 - 2013-10-09 00:30 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-06-21 13:15 - 2013-10-09 00:30 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-06-21 13:15 - 2013-10-09 00:28 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-06-21 13:15 - 2013-10-09 00:27 - 03279872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-06-21 13:15 - 2013-10-09 00:27 - 01622016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-06-21 13:15 - 2013-10-09 00:27 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-06-21 13:15 - 2013-10-09 00:27 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-06-21 13:15 - 2013-10-09 00:27 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-06-21 13:15 - 2013-10-09 00:27 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-06-21 13:15 - 2013-10-09 00:27 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-06-21 13:15 - 2013-10-05 08:10 - 00285016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-06-21 13:15 - 2013-10-02 04:50 - 00447320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-06-21 13:15 - 2013-09-28 07:48 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-06-21 13:15 - 2013-09-28 05:58 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-06-21 13:15 - 2013-09-19 09:32 - 01455448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-06-21 13:15 - 2013-09-14 00:36 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ubpm.dll
2014-06-21 13:15 - 2013-09-14 00:33 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-06-21 13:15 - 2013-08-30 07:43 - 00061784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2014-06-21 13:15 - 2013-08-30 07:20 - 01173504 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2014-06-21 13:15 - 2013-08-30 07:19 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-06-21 13:15 - 2013-08-30 07:18 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-06-21 13:15 - 2013-08-30 01:48 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2014-06-21 13:15 - 2013-08-30 01:48 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-06-21 13:15 - 2013-08-30 01:47 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-06-21 13:15 - 2013-08-21 08:39 - 00465240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-06-21 13:15 - 2013-08-16 07:21 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-06-21 13:15 - 2013-08-16 07:21 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-06-21 13:15 - 2013-08-16 00:43 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-06-21 13:15 - 2013-08-10 08:30 - 00151896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2014-06-21 13:15 - 2013-07-25 01:10 - 10799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-06-21 13:15 - 2013-07-25 01:07 - 13661696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-06-21 13:15 - 2013-07-06 00:02 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbcir.sys
2014-06-21 13:15 - 2013-07-06 00:01 - 00210560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2014-06-21 13:15 - 2013-07-02 00:14 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbprint.sys
2014-06-21 13:15 - 2013-06-22 07:45 - 00785624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2014-06-21 13:15 - 2013-06-22 07:45 - 00054488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys
2014-06-21 13:14 - 2014-05-24 04:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-21 13:14 - 2014-05-24 04:47 - 02239488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-21 13:14 - 2014-05-24 04:47 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-21 13:14 - 2014-05-24 04:47 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-06-21 13:14 - 2014-05-24 04:47 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 19290112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 15368704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 03958784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 02650112 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-21 13:14 - 2014-05-24 04:46 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-21 13:14 - 2014-05-24 04:45 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-21 13:14 - 2014-05-24 04:45 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-21 13:14 - 2014-05-24 04:45 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-21 13:14 - 2014-05-24 03:26 - 14365696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-21 13:14 - 2014-05-24 03:26 - 01766400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-21 13:14 - 2014-05-24 03:26 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-21 13:14 - 2014-05-24 03:26 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-21 13:14 - 2014-05-24 03:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-21 13:14 - 2014-05-24 03:26 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-21 13:14 - 2014-05-24 03:26 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-06-21 13:14 - 2014-05-24 03:25 - 13731328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-21 13:14 - 2014-05-24 03:25 - 02862080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-21 13:14 - 2014-05-24 03:25 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-21 13:14 - 2014-05-24 03:25 - 01440768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-21 13:14 - 2014-05-24 03:25 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-06-21 13:14 - 2014-05-24 03:25 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-21 13:14 - 2014-05-24 03:25 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-21 13:14 - 2014-05-24 03:25 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-06-21 13:14 - 2014-05-24 03:25 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-21 13:14 - 2014-05-24 03:25 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-21 13:14 - 2014-05-24 03:25 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-21 13:14 - 2014-05-24 03:09 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-06-21 13:14 - 2014-05-24 03:03 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-06-21 13:14 - 2014-05-24 00:37 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-06-21 13:14 - 2014-02-08 06:34 - 04036608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-06-21 13:14 - 2013-10-02 01:37 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-06-21 13:14 - 2013-10-02 01:26 - 01890816 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-06-21 13:14 - 2013-07-09 10:04 - 00120144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-06-21 13:14 - 2013-07-09 08:18 - 00439488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-06-21 13:14 - 2013-07-09 06:25 - 00385768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-06-21 13:14 - 2013-07-09 05:57 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-06-21 13:14 - 2013-07-09 00:46 - 00543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-06-21 13:14 - 2013-07-09 00:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-06-21 13:14 - 2013-07-09 00:46 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanadvui.dll
2014-06-21 13:14 - 2013-07-09 00:45 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-06-21 13:14 - 2013-07-06 02:16 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-06-21 13:14 - 2013-07-03 02:23 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2014-06-21 13:14 - 2013-07-03 02:22 - 02839552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-06-21 13:14 - 2013-07-03 02:11 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2014-06-21 13:14 - 2013-07-03 02:10 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-06-21 13:14 - 2013-07-01 00:30 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\openfiles.exe
2014-06-21 13:14 - 2013-07-01 00:29 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\openfiles.exe
2014-06-21 13:14 - 2013-06-29 08:15 - 00195416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-06-21 13:14 - 2013-06-29 08:15 - 00125784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-06-21 13:14 - 2013-06-26 05:01 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2014-06-21 13:14 - 2013-06-26 04:59 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HdAudio.sys
2014-06-21 13:14 - 2013-06-25 00:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2014-06-21 13:14 - 2013-06-25 00:54 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2014-06-21 13:14 - 2013-06-25 00:54 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-06-21 13:14 - 2013-06-19 07:36 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-06-21 13:14 - 2013-06-19 07:36 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-06-21 13:14 - 2013-06-19 00:38 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-06-21 13:14 - 2013-06-19 00:38 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-06-21 13:14 - 2013-06-12 01:43 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2014-06-21 13:14 - 2013-06-12 01:26 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2014-06-21 13:14 - 2013-06-10 21:16 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-06-21 13:14 - 2013-06-10 21:15 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-06-21 13:14 - 2013-06-10 21:10 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-06-21 13:14 - 2013-06-10 21:10 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-06-21 13:14 - 2013-06-06 10:03 - 00119040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-06-21 13:14 - 2013-05-24 01:02 - 01314816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-06-21 13:14 - 2013-05-24 00:25 - 00694272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-06-21 13:13 - 2014-04-12 11:27 - 00172888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-06-21 13:13 - 2014-04-12 11:10 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2014-06-21 13:13 - 2014-04-12 11:09 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2014-06-21 13:13 - 2014-04-12 11:09 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-06-21 13:13 - 2014-04-12 11:09 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2014-06-21 13:13 - 2014-04-12 11:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2014-06-21 13:13 - 2014-04-12 11:08 - 01281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-06-21 13:13 - 2014-04-12 11:08 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-06-21 13:13 - 2014-04-12 11:08 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2014-06-21 13:13 - 2014-04-12 11:08 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2014-06-21 13:13 - 2014-04-12 11:07 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2014-06-21 13:13 - 2014-04-12 09:23 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2014-06-21 13:13 - 2014-04-12 09:23 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-06-21 13:13 - 2014-04-12 09:23 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2014-06-21 13:13 - 2014-04-12 09:23 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll
2014-06-21 13:13 - 2014-04-12 09:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2014-06-21 13:13 - 2014-04-12 09:22 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-06-21 13:13 - 2014-04-12 09:22 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2014-06-21 13:13 - 2014-04-12 08:58 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\workerdd.dll
2014-06-21 13:13 - 2014-03-11 05:32 - 06987096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-06-21 13:13 - 2014-03-11 05:25 - 00100184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2014-06-21 13:13 - 2014-03-11 02:41 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2014-06-21 13:13 - 2014-03-11 02:41 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-06-21 13:13 - 2014-03-11 02:41 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dimsroam.dll
2014-06-21 13:13 - 2014-03-11 02:39 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2014-06-21 13:13 - 2014-03-11 02:38 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-06-21 13:13 - 2014-03-11 02:38 - 00684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2014-06-21 13:13 - 2014-03-11 02:38 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-06-21 13:13 - 2014-03-11 02:38 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2014-06-21 13:13 - 2014-03-11 02:38 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2014-06-21 13:13 - 2014-03-11 02:38 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dimsroam.dll
2014-06-21 13:13 - 2014-03-11 02:38 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2014-06-21 13:13 - 2014-03-10 05:05 - 00668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-06-21 13:13 - 2014-03-10 03:27 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2014-06-21 13:13 - 2014-03-04 01:07 - 00570216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-06-21 13:13 - 2013-12-05 01:43 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-06-21 13:13 - 2013-12-05 01:37 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-06-21 13:13 - 2013-10-31 07:56 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2014-06-21 13:13 - 2013-10-31 07:56 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2014-06-21 13:13 - 2013-10-31 06:01 - 00550400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2014-06-21 13:13 - 2013-10-31 05:42 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2014-06-21 13:13 - 2013-10-13 22:49 - 00100696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys
2014-06-21 13:13 - 2013-08-27 07:21 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-06-21 13:13 - 2013-08-27 07:19 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-06-21 13:13 - 2013-08-27 00:29 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-06-21 13:13 - 2013-08-27 00:28 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-06-21 13:13 - 2013-07-20 00:13 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-06-21 13:13 - 2013-07-20 00:13 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-06-21 13:13 - 2013-07-13 08:18 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-06-21 13:13 - 2013-07-13 08:16 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2014-06-21 13:13 - 2013-07-13 08:15 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2014-06-21 13:13 - 2013-07-13 08:15 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2014-06-21 13:13 - 2013-07-13 06:24 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-06-21 13:13 - 2013-07-13 06:23 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2014-06-21 13:13 - 2013-07-13 06:23 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2014-06-21 13:13 - 2013-07-01 03:42 - 00623448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-06-21 13:13 - 2013-07-01 03:42 - 00498008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-06-21 13:13 - 2013-07-01 03:42 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-06-21 13:13 - 2013-07-01 03:42 - 00021848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-06-21 13:13 - 2013-06-29 05:07 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-06-21 13:13 - 2013-06-29 05:06 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-06-21 13:13 - 2013-05-27 01:17 - 00035328 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2014-06-21 13:13 - 2013-05-27 00:59 - 00046080 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2014-06-21 13:13 - 2013-05-25 05:15 - 00362496 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2014-06-21 13:13 - 2013-05-25 04:32 - 00300032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2014-06-21 13:12 - 2014-04-03 13:22 - 02233176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-21 13:12 - 2014-03-28 10:23 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-06-21 13:12 - 2014-03-07 02:47 - 01419264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-21 13:12 - 2014-03-07 02:08 - 01845760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-21 13:12 - 2014-02-06 01:41 - 00595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-06-21 13:12 - 2014-02-06 01:37 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-06-21 13:12 - 2014-01-31 02:48 - 01339392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-06-21 13:12 - 2014-01-31 02:06 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-06-21 13:12 - 2014-01-13 01:30 - 02238976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-06-21 13:12 - 2014-01-13 01:30 - 02032640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-06-21 13:12 - 2013-11-23 08:43 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-06-21 13:12 - 2013-11-23 07:05 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-06-21 13:12 - 2013-11-20 02:15 - 03842560 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-06-21 13:12 - 2013-11-20 01:57 - 03288576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-06-21 13:12 - 2013-10-10 11:32 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2014-06-21 13:12 - 2013-10-10 11:30 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2014-06-21 13:12 - 2013-10-10 11:30 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-06-21 13:12 - 2013-10-10 11:24 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2014-06-21 13:12 - 2013-10-10 11:23 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2014-06-21 13:12 - 2013-10-10 11:22 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2014-06-21 13:12 - 2013-10-10 11:22 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-06-21 13:12 - 2013-10-02 01:37 - 02035712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-06-21 13:12 - 2013-10-02 01:26 - 02304512 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-06-21 13:12 - 2013-09-28 05:35 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2014-06-21 13:12 - 2013-08-23 09:22 - 02062848 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-06-21 13:12 - 2013-08-23 03:44 - 01711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-06-21 13:12 - 2013-08-07 07:15 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssdisai.dll
2014-06-21 13:12 - 2013-08-02 08:28 - 10116608 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-06-21 13:12 - 2013-08-02 07:08 - 08858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-06-21 13:12 - 2013-07-02 03:41 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-06-21 13:12 - 2013-07-02 03:41 - 00213336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2014-06-21 13:12 - 2013-03-22 05:49 - 02382336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2014-06-21 13:12 - 2013-03-22 00:47 - 02851840 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2014-06-21 13:11 - 2014-03-01 11:47 - 01258496 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-06-21 13:11 - 2014-03-01 11:47 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-06-21 13:11 - 2014-03-01 10:07 - 01075200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-06-21 13:11 - 2014-03-01 08:59 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-06-21 13:11 - 2014-02-27 01:18 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-06-21 13:11 - 2014-02-27 01:18 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-06-21 13:11 - 2014-02-27 01:18 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-06-21 13:11 - 2014-02-15 06:15 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-06-21 13:11 - 2013-11-26 01:17 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-06-21 13:11 - 2013-11-01 07:38 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-06-21 13:11 - 2013-11-01 05:49 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-06-21 13:11 - 2013-06-29 05:08 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2014-06-21 13:05 - 2014-06-24 16:46 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-21 12:54 - 2014-06-30 20:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-21 12:54 - 2014-06-21 12:55 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Mozilla
2014-06-21 12:54 - 2014-06-21 12:55 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Mozilla
2014-06-21 12:54 - 2014-06-21 12:54 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-21 12:54 - 2014-06-21 12:54 - 00001162 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-21 12:53 - 2014-06-21 12:53 - 29677544 _____ (Mozilla) C:\Users\Katharina\Downloads\Firefox_Setup_de30.0.exe
2014-06-21 12:50 - 2014-06-21 12:49 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2014-06-21 12:49 - 2014-06-21 12:49 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Avira

==================== One Month Modified Files and Folders =======

2014-07-03 20:30 - 2014-07-02 19:37 - 00013472 _____ () C:\Users\Katharina\Downloads\FRST.txt
2014-07-03 20:29 - 2014-07-02 19:37 - 00000000 ____D () C:\FRST
2014-07-03 20:00 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-03 19:35 - 2014-02-12 15:28 - 01543904 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-03 19:29 - 2014-07-03 19:29 - 02347384 _____ (ESET) C:\Users\Katharina\Downloads\esetsmartinstaller_deu.exe
2014-07-03 18:59 - 2014-02-13 00:09 - 00754172 _____ () C:\WINDOWS\system32\perfh007.dat
2014-07-03 18:59 - 2014-02-13 00:09 - 00156362 _____ () C:\WINDOWS\system32\perfc007.dat
2014-07-03 18:59 - 2012-07-26 09:28 - 01748838 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-03 15:59 - 2014-06-21 19:34 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3349096550-3144467483-3537340833-1002
2014-07-03 15:42 - 2014-06-21 19:48 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2014-07-02 20:01 - 2014-07-02 18:59 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-02 19:55 - 2012-07-26 09:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-02 19:54 - 2014-07-02 19:53 - 00000000 ____D () C:\AdwCleaner
2014-07-02 19:54 - 2014-02-12 16:15 - 00002560 _____ () C:\WINDOWS\system32\VfService.trf
2014-07-02 19:54 - 2013-03-25 23:02 - 00142688 _____ () C:\WINDOWS\PFRO.log
2014-07-02 19:54 - 2012-07-26 07:26 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-02 19:52 - 2014-07-02 19:52 - 01346519 _____ () C:\Users\Katharina\Downloads\adwcleaner_3.214.exe
2014-07-02 19:38 - 2014-07-02 19:38 - 00019179 _____ () C:\Users\Katharina\Downloads\Addition.txt
2014-07-02 19:36 - 2014-07-02 19:36 - 02083840 _____ (Farbar) C:\Users\Katharina\Downloads\FRST64.exe
2014-07-02 19:22 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\rescache
2014-07-02 18:58 - 2014-07-02 18:58 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-02 18:58 - 2014-07-02 18:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-02 18:58 - 2014-07-02 18:58 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-02 18:58 - 2014-07-02 18:57 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Katharina\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-02 11:37 - 2014-06-21 19:13 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\vlc
2014-07-01 21:00 - 2014-06-24 17:24 - 00115712 ___SH () C:\Users\Katharina\Desktop\Thumbs.db
2014-07-01 18:42 - 2014-07-01 18:30 - 00017536 _____ () C:\Users\Katharina\Desktop\Menüpläne.odt
2014-07-01 09:39 - 2014-07-01 09:39 - 00001046 _____ () C:\Users\Public\Desktop\PDFCreator.lnk
2014-07-01 09:39 - 2014-07-01 09:39 - 00000000 ____D () C:\ProgramData\PDF Architect 2
2014-07-01 09:39 - 2014-07-01 09:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2014-07-01 09:39 - 2014-07-01 09:38 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-07-01 09:37 - 2014-07-01 09:37 - 27843432 _____ (pdfforge ) C:\Users\Katharina\Downloads\PDFCreator-1_7_3_setup.exe
2014-07-01 09:16 - 2014-07-01 09:16 - 07873675 _____ (7-PDF, Germany - Th. Hodes ) C:\Users\Katharina\Downloads\7PDF_10_0_0_1840_CB-DL-Manager [1].exe
2014-07-01 09:15 - 2014-07-01 09:15 - 00788832 _____ ( ) C:\Users\Katharina\Downloads\7PDF_10_0_0_1840_CB-DL-Manager.exe
2014-07-01 09:14 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2014-07-01 09:04 - 2014-07-01 09:04 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-06-30 20:56 - 2014-06-30 20:56 - 00000000 ____D () C:\Users\Katharina\dwhelper
2014-06-30 20:56 - 2014-06-21 19:26 - 00000000 ____D () C:\Users\Katharina
2014-06-30 20:48 - 2012-07-26 09:21 - 00027033 _____ () C:\WINDOWS\setupact.log
2014-06-30 20:42 - 2014-06-30 20:42 - 00001329 _____ () C:\Users\Katharina\Desktop\Easy Audio Cutter.lnk
2014-06-30 20:42 - 2014-06-30 20:42 - 00001313 _____ () C:\Users\Katharina\Desktop\Free CD Ripper.lnk
2014-06-30 20:42 - 2014-06-30 20:42 - 00001311 _____ () C:\Users\Katharina\Desktop\Free Mp3 Wma Converter.lnk
2014-06-30 20:42 - 2014-06-30 20:42 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\FreeAudioPack
2014-06-30 20:42 - 2014-06-30 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Audio Pack
2014-06-30 20:42 - 2014-06-30 20:42 - 00000000 ____D () C:\Program Files (x86)\Free mp3 Wma Converter
2014-06-30 20:42 - 2014-06-21 12:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-30 20:40 - 2014-06-30 20:40 - 00961360 _____ (Chip Digital GmbH) C:\Users\Katharina\Downloads\Free Mp3 Wma Converter - CHIP-Installer.exe
2014-06-30 20:32 - 2014-06-30 20:32 - 00001163 _____ () C:\Users\Katharina\Desktop\Amazon Music.lnk
2014-06-30 20:31 - 2014-06-30 20:31 - 38534920 _____ (Amazon) C:\Users\Katharina\Downloads\AmazonMusicInstaller.exe
2014-06-30 20:27 - 2014-06-30 20:26 - 09659608 _____ () C:\Users\Katharina\Downloads\AmazonMusicImporterInstaller-2.1.0._V337128703_.exe
2014-06-30 20:27 - 2014-06-29 09:34 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Adobe
2014-06-30 20:27 - 2014-06-21 19:26 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Adobe
2014-06-30 17:25 - 2014-06-30 17:25 - 00015074 _____ () C:\Users\Katharina\Documents\Saisonkalender_Obst_Gemüse.odt
2014-06-30 16:28 - 2014-06-30 16:28 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-06-30 15:58 - 2014-06-30 15:58 - 00013441 _____ () C:\Users\Katharina\Documents\Unbenannt 1.odt
2014-06-27 20:26 - 2014-06-27 20:26 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Macromedia
2014-06-26 21:02 - 2014-06-26 21:02 - 00955246 _____ () C:\Users\Katharina\Desktop\Hochzeitstag 26082014.MVM
2014-06-26 20:59 - 2014-06-26 20:59 - 00000000 ____D () C:\Users\Katharina\AppData\Local\CrashDumps
2014-06-26 20:50 - 2014-06-26 13:32 - 00023040 ___SH () C:\Users\Katharina\Downloads\Thumbs.db
2014-06-26 20:43 - 2014-06-26 20:43 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\WebApp
2014-06-26 20:40 - 2014-06-26 20:40 - 00000000 ____D () C:\Users\Katharina\Documents\Lenovo
2014-06-26 20:40 - 2014-06-26 20:40 - 00000000 ____D () C:\Users\Katharina\Documents\CyberLink
2014-06-26 20:40 - 2014-06-26 20:40 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Lenovo
2014-06-26 20:40 - 2014-06-26 20:40 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\CyberLink
2014-06-26 20:40 - 2014-02-12 16:15 - 00000000 ____D () C:\ProgramData\Lenovo
2014-06-26 20:40 - 2014-02-12 16:08 - 00000000 ____D () C:\ProgramData\CyberLink
2014-06-26 13:31 - 2014-06-26 13:30 - 00000000 ____D () C:\ProgramData\MAGIX
2014-06-26 13:31 - 2014-06-26 13:27 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\MAGIX
2014-06-26 13:30 - 2014-06-26 13:30 - 00001051 _____ () C:\Users\Public\Desktop\MAGIX Slideshow Maker 2.lnk
2014-06-26 13:30 - 2014-06-26 13:30 - 00000000 ____D () C:\Users\Katharina\Documents\MAGIX
2014-06-26 13:30 - 2014-06-26 13:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2014-06-26 13:30 - 2014-06-26 13:30 - 00000000 ____D () C:\Program Files (x86)\MAGIX
2014-06-26 13:25 - 2014-06-26 13:25 - 00961360 _____ (Chip Digital GmbH) C:\Users\Katharina\Downloads\Vollversion Magix Slideshow Maker - CHIP-Installer.exe
2014-06-26 13:10 - 2014-06-26 13:09 - 00000000 ____D () C:\Users\Katharina\AppData\Local\AquaSoft
2014-06-26 13:09 - 2014-06-26 13:09 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\AquaSoft
2014-06-25 17:13 - 2014-06-24 16:39 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\CrashDumps
2014-06-25 08:21 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-06-24 17:24 - 2014-06-24 17:24 - 00144345 _____ () C:\Users\Katharina\Desktop\klarna agb.odt
2014-06-24 16:46 - 2014-06-21 13:05 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-24 16:41 - 2014-06-24 16:41 - 00307760 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-06-24 16:40 - 2014-06-24 16:40 - 00000000 ____D () C:\sources
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\WinStore
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\Com
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\Com
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-06-24 16:40 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-06-24 16:40 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-06-24 16:40 - 2012-07-26 09:52 - 00000000 ____D () C:\Program Files\Windows Journal
2014-06-24 16:40 - 2012-07-26 09:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\winrm
2014-06-24 16:40 - 2012-07-26 09:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-06-24 16:40 - 2012-07-26 09:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-06-24 16:40 - 2012-07-26 09:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\slmgr
2014-06-24 16:40 - 2012-07-26 09:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2014-06-24 16:40 - 2012-07-26 09:51 - 00000000 ____D () C:\WINDOWS\system32\winrm
2014-06-24 16:40 - 2012-07-26 09:51 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-06-24 16:40 - 2012-07-26 09:51 - 00000000 ____D () C:\WINDOWS\system32\slmgr
2014-06-24 16:40 - 2012-07-26 09:51 - 00000000 ____D () C:\WINDOWS\system32\Printing_Admin_Scripts
2014-06-24 16:40 - 2012-07-26 07:38 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2014-06-24 16:40 - 2012-07-26 07:38 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-06-24 16:40 - 2012-07-26 07:38 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-06-24 16:40 - 2012-07-26 07:38 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-06-24 16:40 - 2012-07-26 07:38 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-06-22 13:09 - 2014-06-22 13:05 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-06-22 13:09 - 2014-06-21 19:26 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Packages
2014-06-22 13:09 - 2013-03-25 23:03 - 00000000 ____D () C:\ProgramData\PRICache
2014-06-22 13:05 - 2012-07-26 10:12 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-06-22 13:05 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-22 13:05 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-22 13:05 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-06-22 13:05 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-06-22 13:04 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-06-22 12:08 - 2014-06-22 12:08 - 00564824 _____ (Duplex Secure Ltd.) C:\WINDOWS\system32\Drivers\sptd.sys
2014-06-22 12:02 - 2014-06-22 12:02 - 00961360 _____ (Chip Digital GmbH) C:\Users\Katharina\Downloads\DiaShow Ultimate - CHIP-Installer.exe
2014-06-22 11:40 - 2014-06-22 11:38 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-22 11:38 - 2012-07-26 07:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-06-21 19:48 - 2014-06-21 19:45 - 00000000 ____D () C:\ProgramData\Avira
2014-06-21 19:48 - 2014-06-21 19:45 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-06-21 19:45 - 2014-06-21 19:45 - 00001148 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-06-21 19:45 - 2014-06-21 19:45 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-21 19:41 - 2012-07-26 10:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-06-21 19:37 - 2014-06-21 19:37 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Nitro
2014-06-21 19:35 - 2014-02-12 16:17 - 00000000 ____D () C:\ProgramData\Energy Manager
2014-06-21 19:30 - 2014-06-21 19:30 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Katharina\Downloads\avira_de_av___ws.exe
2014-06-21 19:28 - 2014-06-21 19:28 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Intel Corporation
2014-06-21 19:27 - 2014-06-21 19:27 - 00000000 ____D () C:\Users\Katharina\Documents\Bluetooth Folder
2014-06-21 19:27 - 2014-06-21 19:27 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Atheros
2014-06-21 19:27 - 2014-06-21 19:27 - 00000000 ____D () C:\Users\Katharina\AppData\Local\BMExplorer
2014-06-21 19:27 - 2014-06-21 19:27 - 00000000 ____D () C:\ProgramData\Atheros
2014-06-21 19:27 - 2014-06-21 19:26 - 00001133 _____ () C:\Users\Katharina\Desktop\Cyberlink Power2Go.lnk
2014-06-21 19:26 - 2014-06-21 19:26 - 00001453 _____ () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-21 19:26 - 2014-06-21 19:26 - 00000139 _____ () C:\Users\Public\Desktop\eBay.url
2014-06-21 19:26 - 2014-06-21 19:26 - 00000020 ___SH () C:\Users\Katharina\ntuser.ini
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Vorlagen
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Startmenü
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Netzwerkumgebung
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Lokale Einstellungen
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Eigene Dateien
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Druckumgebung
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Documents\Eigene Musik
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Documents\Eigene Bilder
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\AppData\Local\Verlauf
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\AppData\Local\Anwendungsdaten
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _SHDL () C:\Users\Katharina\Anwendungsdaten
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Macromedia
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 ____D () C:\Users\Katharina\AppData\Local\VirtualStore
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 ____D () C:\ProgramData\eBay
2014-06-21 19:26 - 2014-02-13 01:25 - 00094656 _____ () C:\WINDOWS\modules.log
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Programme
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-06-21 19:16 - 2014-06-21 19:16 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-06-21 19:16 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows NT
2014-06-21 19:16 - 2012-07-26 07:37 - 00000000 ___HD () C:\Users\Default
2014-06-21 19:13 - 2014-06-21 19:13 - 00000882 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-06-21 19:13 - 2014-06-21 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-06-21 19:13 - 2014-06-21 19:13 - 00000000 ____D () C:\Program Files\VideoLAN
2014-06-21 19:11 - 2014-06-21 19:11 - 25055851 _____ () C:\Users\Katharina\Downloads\vlc-2.1.4-win64.exe
2014-06-21 14:11 - 2014-02-12 16:02 - 00000000 ____D () C:\Program Files (x86)\Lenovo DE
2014-06-21 14:10 - 2014-06-21 14:09 - 00000000 ____D () C:\ProgramData\tmp
2014-06-21 14:10 - 2014-06-21 14:09 - 00000000 ____D () C:\ProgramData\hps
2014-06-21 14:09 - 2014-06-21 14:09 - 00547393 _____ () C:\Users\Katharina\Downloads\uninstall.exe
2014-06-21 14:09 - 2014-06-21 14:09 - 00000818 _____ () C:\Users\Public\Desktop\CEWE FOTOSCHAU.lnk
2014-06-21 14:09 - 2014-06-21 14:09 - 00000803 _____ () C:\Users\Public\Desktop\dm-Fotowelt.lnk
2014-06-21 14:09 - 2014-06-21 14:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dm-Fotowelt
2014-06-21 14:09 - 2014-06-21 14:07 - 00000000 ____D () C:\Users\Katharina\Downloads\Resources
2014-06-21 14:09 - 2014-06-21 14:06 - 00000000 _____ () C:\Users\Katharina\Downloads\temp.txt
2014-06-21 14:07 - 2014-06-21 14:07 - 00000000 ____D () C:\Users\Katharina\Downloads\printsupport
2014-06-21 14:07 - 2014-06-21 14:07 - 00000000 ____D () C:\Users\Katharina\Downloads\platforms
2014-06-21 14:07 - 2014-06-21 14:07 - 00000000 ____D () C:\Users\Katharina\Downloads\orderprocessors
2014-06-21 14:07 - 2014-06-21 14:07 - 00000000 ____D () C:\Users\Katharina\Downloads\imageformats
2014-06-21 14:06 - 2014-06-21 14:06 - 00001332 _____ () C:\Users\Katharina\Downloads\38-index-5.1.5.txt
2014-06-21 14:05 - 2014-06-21 14:05 - 01628432 _____ () C:\Users\Katharina\Downloads\setup_dm_Fotowelt.exe
2014-06-21 13:50 - 2014-06-21 13:50 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-21 13:50 - 2014-06-21 13:50 - 00002030 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-06-21 13:50 - 2014-06-21 13:50 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-06-21 13:49 - 2014-06-21 13:48 - 75151232 _____ (Adobe Systems Incorporated) C:\Users\Katharina\Downloads\AdbeRdr11007_de_DE.exe
2014-06-21 13:36 - 2014-06-21 13:36 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.0.lnk
2014-06-21 13:36 - 2014-06-21 13:36 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2014-06-21 13:36 - 2014-06-21 13:36 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\OpenOffice
2014-06-21 13:36 - 2014-06-21 13:35 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-06-21 13:27 - 2014-06-21 13:27 - 00961360 _____ (Chip Digital GmbH) C:\Users\Katharina\Downloads\OpenOffice - CHIP-Installer.exe
2014-06-21 12:55 - 2014-06-21 12:54 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Mozilla
2014-06-21 12:55 - 2014-06-21 12:54 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Mozilla
2014-06-21 12:54 - 2014-06-21 12:54 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-21 12:54 - 2014-06-21 12:54 - 00001162 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-21 12:53 - 2014-06-21 12:53 - 29677544 _____ (Mozilla) C:\Users\Katharina\Downloads\Firefox_Setup_de30.0.exe
2014-06-21 12:49 - 2014-06-21 12:50 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2014-06-21 12:49 - 2014-06-21 12:49 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Avira
2014-06-21 12:48 - 2014-06-21 19:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

Some content of TEMP:
====================
C:\Users\Katharina\AppData\Local\Temp\avgnt.exe
C:\Users\Katharina\AppData\Local\Temp\installhelper.dll
C:\Users\Katharina\AppData\Local\Temp\Quarantine.exe
C:\Users\Katharina\AppData\Local\Temp\SRAssetsHelper.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-01 09:27

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 03.07.2014, 19:47   #8
wurschthans
 
http://www.searchnu.com/410 Mozilla Firefox - Standard

http://www.searchnu.com/410 Mozilla Firefox



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-07-2014
Ran by Katharina at 2014-07-03 20:30:33
Running from C:\Users\Katharina\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.1.1245.72250 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.1.1245.72250 - Alcor Micro Corp.) Hidden
Amazon Music (HKCU\...\Amazon Amazon Music) (Version: 3.0.5.567 - Amazon Services LLC)
Avira (HKLM-x32\...\{68e29fba-92b1-4f6f-a604-1d8679da3a9f}) (Version: 1.1.13.24161 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.13.24161 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.5.450 - Avira)
Benutzerhandbuch (x32 Version: 1.0.0.15 - Lenovo) Hidden
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.1.5 - CEWE Stiftung u Co. KGaA)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.28 - Lenovo)
Energy Manager (x32 Version: 1.0.0.28 - Lenovo) Hidden
Free Mp3 Wma Converter V 2.2 (HKLM-x32\...\Free Mp3 Wma Converter_is1) (Version: 2.2.0.0 - Koyote Soft)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6486.0 - IDT)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1010 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.10.1372 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3257 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.6.0.1033 - Intel Corporation) Hidden
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.13.531.1 - Vimicro)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5108.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5108.52 - CyberLink Corp.) Hidden
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3423 - CyberLink Corp.) Hidden
MAGIX Slideshow Maker 2 (HKLM-x32\...\MAGIX_MSI_Slideshow_Maker_2) (Version: 2.0.0.8 - MAGIX AG)
MAGIX Slideshow Maker 2 (x32 Version: 2.0.0.8 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
NVIDIA GeForce Experience 1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.70 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.124.810 - NVIDIA Corporation) Hidden
NVIDIA Optimus 4.11.9 (Version: 4.11.9 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Systemsteuerung 311.70 (Version: 311.70 - NVIDIA Corporation) Hidden
NVIDIA Update 4.11.9 (Version: 4.11.9 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 4.11.9 - NVIDIA Corporation) Hidden
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.222 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.16 - Qualcomm Atheros Communications Inc.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.7 - Synaptics Incorporated)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)

==================== Restore Points  =========================

21-06-2014 11:18:46 Removed Nitro Pro 8
23-06-2014 14:08:27 Sprachpaketdeinstallation
01-07-2014 07:39:33 Installed PDF Architect 2 View Module

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {6891AE89-DA1D-45C2-84F4-1D38FBC9E6CC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-06-01] (Microsoft Corporation)
Task: {7C6E816E-BA3A-4A20-A555-55C832FACDF8} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {7F6A6D6B-1DE9-4E2E-90D2-6EDA9C42B748} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {C8959E4F-A5D3-4AEF-84AB-A31B10D64CF6} - System32\Tasks\OFFICE2013ACT => C:\ProgramData\Microsoft\Windows\OFFICEICON.vbs [2012-03-08] ()
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask

==================== Loaded Modules (whitelisted) =============

2014-02-12 16:15 - 2014-02-12 16:15 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2014-02-12 16:15 - 2014-02-12 16:15 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2014-02-13 00:12 - 2013-07-02 21:43 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-02-28 19:05 - 2013-02-28 19:05 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-02-28 19:02 - 2013-02-28 19:02 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-02-28 19:06 - 2013-02-28 19:06 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2014-06-30 20:32 - 2014-06-24 23:24 - 03162944 _____ () C:\Users\Katharina\AppData\Local\Amazon Music\Amazon Music Helper.exe
2014-05-14 14:27 - 2014-05-14 14:27 - 00137296 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-05-14 14:27 - 2014-05-14 14:27 - 00065616 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-02-12 15:50 - 2013-05-17 01:06 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-06-21 12:48 - 2014-05-14 14:27 - 00049744 _____ () C:\Users\Katharina\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-06-21 12:54 - 2014-06-06 06:38 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:nlsPreferences

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/03/2014 08:27:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (07/03/2014 08:19:35 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (07/03/2014 07:30:01 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (07/03/2014 07:29:51 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (07/03/2014 07:29:40 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (07/03/2014 07:29:40 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (07/03/2014 04:10:37 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/02/2014 10:33:48 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/01/2014 10:36:54 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (06/30/2014 11:39:19 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005


System errors:
=============
Error: (07/03/2014 04:38:20 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 88) (User: NT-AUTORITÄT)
Description: 9\_TZ.THM22014-07-03T14:38:20.388008300Z383

Error: (06/30/2014 08:53:58 PM) (Source: DCOM) (EventID: 10010) (User: WICHTLZWERG)
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}

Error: (06/30/2014 08:53:10 PM) (Source: DCOM) (EventID: 10010) (User: WICHTLZWERG)
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}

Error: (06/30/2014 08:52:12 PM) (Source: DCOM) (EventID: 10010) (User: WICHTLZWERG)
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}

Error: (06/27/2014 04:07:51 PM) (Source: DCOM) (EventID: 10010) (User: WICHTLZWERG)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (06/27/2014 04:07:51 PM) (Source: DCOM) (EventID: 10010) (User: WICHTLZWERG)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (06/25/2014 05:13:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/24/2014 04:44:47 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT-AUTORITÄT)
Description: Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x80080005

Error: (06/24/2014 04:44:47 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (06/24/2014 04:39:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (07/03/2014 08:27:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\Katharina\Downloads\esetsmartinstaller_deu.exe

Error: (07/03/2014 08:19:35 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (07/03/2014 07:30:01 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\Katharina\Downloads\esetsmartinstaller_deu.exe

Error: (07/03/2014 07:29:51 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\Katharina\Downloads\esetsmartinstaller_deu.exe

Error: (07/03/2014 07:29:40 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\Katharina\Downloads\esetsmartinstaller_deu.exe

Error: (07/03/2014 07:29:40 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\Katharina\Downloads\esetsmartinstaller_deu.exe

Error: (07/03/2014 04:10:37 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/02/2014 10:33:48 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/01/2014 10:36:54 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (06/30/2014 11:39:19 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005


==================== Memory info =========================== 

Percentage of memory in use: 25%
Total physical RAM: 8104.27 MB
Available physical RAM: 6055.8 MB
Total Pagefile: 9320.27 MB
Available Pagefile: 7001.71 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:425.8 GB) (Free:379.49 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.06 GB) NTFS
Drive e: () (Fixed) (Total:465.76 GB) (Free:397.27 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 237A1541)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 5605878D)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 03.07.2014, 20:02   #9
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
http://www.searchnu.com/410 Mozilla Firefox - Standard

http://www.searchnu.com/410 Mozilla Firefox



Hi,

das Zeug im Downloadverzeichnis
Code:
ATTFilter
C:\Users\Katharina\Downloads\7PDF_10_0_0_1840_CB-DL-Manager.exe
C:\Users\Katharina\Downloads\DiaShow Ultimate - CHIP-Installer.exe
C:\Users\Katharina\Downloads\Free Mp3 Wma Converter - CHIP-Installer.exe
C:\Users\Katharina\Downloads\OpenOffice - CHIP-Installer.exe
C:\Users\Katharina\Downloads\PDFCreator-1_7_3_setup.exe
C:\Users\Katharina\Downloads\Vollversion Magix Slideshow Maker - CHIP-Installer.exe
         
manuell löschen.

Schau genauer wo Du was runterlädst...(siehe Tipps)


Cleanup:

Alle Logs gepostet? Ja! Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.




>>clean<<
Wir haben es geschafft!
Die Logs sehen für mich im Moment sauber aus.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.
Es bleibt mir nur noch, Dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen.

Wie kann ich mich in Zukunft besser schützen?

Tipps, Dos & Don'ts

Updates & Software
Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.

Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.



Firewall, Antivirus & Co.
  • Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.
  • Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. (Updatefunktion aktivieren!)
    Meine Empfehlungen:
    Kaspersky Antivirus
    Emsisoft Anti-Malware
    avast Free Antivirus
  • Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

    Optional:
  • NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.


Cracks, Downloads & Co.


Neben unbemerkten Drive-by Installationen wird Malware aber auch oft mehr oder weniger aktiv vom Benutzer selbst installiert.
Der Besuch dubioser Websites kann bereits Risiken bergen. Auch wenn der Virenscanner im Moment darin keine Bedrohung erkennt, muss das nichts bedeuten.
Illegale Cracks, Keygens und Serials sind ein ausgesprochen einfacher und beliebter Weg um Malware zu verbreiten.
Bei Dateien aus Peer-to-Peer- und Filesharingprogrammen oder von Filehostern kann man nie sicher sein, ob auch wirklich drin ist, was drauf steht. (Trojanisches Pferd^^)
  • Auch virustotal.com ist Dein Freund! Lade dubiose oder unbekannte Dateien hoch, bevor Du diese startest oder installierst.

Oft wird auch versucht, den Benutzer mit mehr oder weniger trickreichen Methoden zu verleiten, eine für ihn verhängnisvolle Handlung selbst auszuführen (Überbegriff Social Engineering).
  • Surfe daher mit Vorsicht und klicke mit Verstand.
  • Sei skeptisch bei unerwarteten E-Mails, insbesondere wenn sie Anhänge enthalten. Auch wenn sie auf den ersten Blick authentisch wirken, persönliche Daten von Dir enthalten oder vermeintlich von einem bekannten Absender stammen: Lieber nochmals in Ruhe überdenken oder nachfragen, anstatt einfach mal Links oder ausführbare Anhänge öffnen oder irgendwo Deine Daten eingeben.
  • Auch in sozialen Netzwerken oder über Instant Messaging Systeme können schädliche Links oder Dateien die Runde machen. Erhältst Du von einem Deiner Freunde eine Nachricht, die merkwürdig ist oder so sensationell interessant, dass man einfach draufklicken muss, dann hat bei ihm/ihr wahrscheinlich Neugier über Verstand gesiegt und Du solltest nicht denselben Fehler machen.

Nervige Adware (Werbung) und unnötige Toolbars werden auch meist durch den Benutzer selbst mitinstalliert.
  • Lade Software in erster Priorität immer direkt vom Hersteller herunter. Viele Softwareportale (z.B. Softonic) packen noch unnützes Zeug mit in die Installation. Alternativ dazu wähle ein sauberes Portal wie Filepony oder heise.
  • Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
  • Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
  • Erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
  • Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 04.07.2014, 19:42   #10
wurschthans
 
http://www.searchnu.com/410 Mozilla Firefox - Standard

http://www.searchnu.com/410 Mozilla Firefox



Hi Jürgen,

Danke für deine Hilfe bislang, allerdings stehe ich grad bissl auf dem Schlauch. Downloadverzeichnis? Wo finde ich das genau, ist das der normale Downloadordner, muss ich über den Explorer gehen?

Vielen Dank für Deine Hilfe.

Katharina

Alt 04.07.2014, 19:55   #11
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
http://www.searchnu.com/410 Mozilla Firefox - Standard

http://www.searchnu.com/410 Mozilla Firefox



Ja, Dein Download-Ordner ist gemeint...
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Antwort

Themen zu http://www.searchnu.com/410 Mozilla Firefox
chip.de, firefox, hoffe, installier, mozilla, mozilla firefox, runtergeladen, seitdem, seite, software, startseite, unerwünschtes, vermutlich, win32/bundled.toolbar.ask.d, win32/downloadsponsor.a, win32/installcore.pk, win32/installmonetizer.aq, win32/toolbar.searchsuite




Ähnliche Themen: http://www.searchnu.com/410 Mozilla Firefox


  1. Möglicher Trojaner -Öffnen von Mozilla FireFox immer wieder "http://istart.webssearches.com"
    Plagegeister aller Art und deren Bekämpfung - 02.05.2014 (12)
  2. Beim Öffnen von Mozilla FireFox immer wieder "http://istart.webssearches.com"
    Plagegeister aller Art und deren Bekämpfung - 25.04.2014 (9)
  3. Möglicher Trojaner -Öffnen von Mozilla FireFox immer wieder "http://istart.webssearches.com"
    Log-Analyse und Auswertung - 03.04.2014 (10)
  4. Windows7: Mozilla firefox öfnet immer http://arl16.ezpowerads.com Fenster
    Log-Analyse und Auswertung - 20.09.2013 (7)
  5. Windows Vista, Firefox, "http://www.searchnu.com/406?tag=newtab"
    Plagegeister aller Art und deren Bekämpfung - 26.03.2013 (17)
  6. http://www.searchnu.com/413 Trojaner
    Plagegeister aller Art und deren Bekämpfung - 08.03.2013 (20)
  7. Firefox Startseite http://www.searchnu.com/406 lässt sich nicht mehr ändern!
    Log-Analyse und Auswertung - 29.11.2012 (13)
  8. http://www.searchnu.com/413
    Plagegeister aller Art und deren Bekämpfung - 17.10.2012 (1)
  9. http://www.searchnu.com/410 - wie wegkriegen?
    Plagegeister aller Art und deren Bekämpfung - 06.09.2012 (1)
  10. Trojaner Searchnu - http://www.searchnu.com/413?tag=newtab
    Log-Analyse und Auswertung - 30.08.2012 (29)
  11. Beim starten von Mozilla erscheint folgende Seite: http://www.searchnu.com/410.
    Log-Analyse und Auswertung - 23.07.2012 (1)
  12. Trojaner http://www.searchnu.com/406
    Log-Analyse und Auswertung - 01.05.2012 (12)
  13. http://www.searchnu.com/410
    Log-Analyse und Auswertung - 24.04.2012 (7)
  14. Problem mit http://www.searchnu.com/413?tag=newtab
    Plagegeister aller Art und deren Bekämpfung - 20.04.2012 (1)
  15. Startseite http://www.searchnu.com/410
    Log-Analyse und Auswertung - 15.04.2012 (18)
  16. http://w w w. searchnu . com /413 Toolbar, Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 11.04.2012 (2)
  17. http://www.searchnu.com/414 <Startseite
    Log-Analyse und Auswertung - 26.03.2012 (1)

Zum Thema http://www.searchnu.com/410 Mozilla Firefox - Hallo, habe mir auf chip.de eine Software runtergeladen und vermutlich irgendwas unerwünschtes mitinstalliert. Seitdem habe ich o.g. Startseite auf meinem Browser. Ich hoffe ihr könnt mir diesbezüglich helfen LG Katharina - http://www.searchnu.com/410 Mozilla Firefox...
Archiv
Du betrachtest: http://www.searchnu.com/410 Mozilla Firefox auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.