| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 8.1: USB-Stick erstellt noch nur Verknüpfungen - DatensicherungWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
14.07.2014, 21:21
| #16 |
 |  Windows 8.1: USB-Stick erstellt noch nur Verknüpfungen - Datensicherung Hat alles soweit funktioniert. Anbei das logfile... FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2014 01
Ran by SYSTEM on MININT-U2DAUKI on 14-07-2014 22:18:04
Running from D:\
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2872720 2012-10-03] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17111056 2013-10-25] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2013-10-25] (Lenovo(beijing) Limited)
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [418280 2012-07-25] (Autodesk, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [903384 2013-07-24] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [332BigDog] => C:\Program Files (x86)\USB Camera2\VM332STI.EXE [548864 2012-03-20] (Vimicro)
HKLM-x32\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-01-30] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1632216 2012-07-23] (Autodesk, Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [191016 2014-05-14] (Geek Software GmbH)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\Kai\...\Run: [icq] => C:\Users\Kai\AppData\Roaming\ICQM\icq.exe [26935144 2013-02-19] (ICQ)
HKU\Kai\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\Kai\...\Run: [Akamai NetSession Interface] => C:\Users\Kai\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\Kai\...\Run: [Epson Stylus SX235] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
HKU\Kai\...\Run: [Spotify Web Helper] => C:\Users\Kai\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-06-30] (Spotify Ltd)
HKU\Kai\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\Kai\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\Kai\...\Run: [Mozilla] => wscript.exe //B "C:\Users\Kai\AppData\Roaming\Mozilla.vbs"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [166568 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: AutoCAD Digital Signatures Icon Overlay Handler -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
==================== Services (Whitelisted) =================
S2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG)
S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
S2 btwdins; c:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [976600 2013-08-19] (Broadcom Corporation.)
S2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1529856 2011-03-04] (Cisco Systems, Inc.)
S2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2011-10-03] (Firebird Project)
S3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3764224 2011-10-03] (Firebird Project)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
S3 LSCWinService; c:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [30184 2013-08-08] ()
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1716264 2014-04-30] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-04-30] (pdfforge GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-06-03] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-27] (Avira Operations GmbH & Co. KG)
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 CVPNDRVA; C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-13 17:09 - 2014-07-13 17:09 - 01249118 _____ () C:\Users\Kai\Downloads\Projektplan_Wochentage_GO-1001-free.xlsx
2014-07-13 17:07 - 2014-07-13 17:07 - 00058608 _____ () C:\Users\Kai\Downloads\projektmanagement.xlsx
2014-07-13 13:53 - 2014-07-13 13:54 - 00049006 _____ () C:\Users\Kai\Desktop\FRST.txt
2014-07-13 13:53 - 2014-07-13 13:53 - 00000000 ____D () C:\Users\Kai\Desktop\FRST-OlderVersion
2014-07-13 13:50 - 2014-07-13 13:50 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-13 13:50 - 2014-07-13 13:50 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-13 13:50 - 2014-07-13 13:50 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-13 13:50 - 2014-07-13 13:50 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-13 13:50 - 2014-07-13 13:50 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-13 13:50 - 2014-07-13 13:50 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-13 13:41 - 2014-07-13 13:41 - 00918952 _____ (Oracle Corporation) C:\Users\Kai\Downloads\jxpiinstall.exe
2014-07-12 17:50 - 2014-07-12 17:50 - 00000000 ____D () C:\Users\Kai\Downloads\FRST-OlderVersion
2014-07-12 17:46 - 2014-07-12 17:46 - 00854390 _____ () C:\Users\Kai\Desktop\SecurityCheck.exe
2014-07-12 15:57 - 2014-07-12 15:57 - 02347384 _____ (ESET) C:\Users\Kai\Desktop\esetsmartinstaller_deu.exe
2014-07-11 16:59 - 2014-07-11 16:59 - 00000715 _____ () C:\Users\Kai\Desktop\JRT.txt
2014-07-11 16:51 - 2014-07-11 16:51 - 01016261 _____ (Thisisu) C:\Users\Kai\Desktop\JRT.exe
2014-07-11 16:51 - 2014-07-11 16:51 - 00000000 ____D () C:\Windows\ERUNT
2014-07-11 16:50 - 2014-07-11 16:50 - 00002684 _____ () C:\Users\Kai\Desktop\AdwCleaner[S0].txt
2014-07-11 16:48 - 2010-08-30 07:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-11 16:47 - 2014-07-11 16:48 - 00000000 ____D () C:\AdwCleaner
2014-07-11 16:47 - 2014-07-11 16:47 - 01348263 _____ () C:\Users\Kai\Downloads\adwcleaner_3.215.exe
2014-07-11 16:46 - 2014-07-11 16:46 - 00001921 _____ () C:\Users\Kai\Desktop\mbam.txt
2014-07-11 16:29 - 2014-07-11 16:45 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2014-07-11 16:28 - 2014-07-11 16:28 - 00000919 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-11 16:28 - 2014-07-11 16:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-11 16:28 - 2014-07-11 16:28 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-07-11 16:28 - 2014-05-12 06:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys
2014-07-11 16:28 - 2014-05-12 06:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mwac.sys
2014-07-11 16:28 - 2014-05-12 06:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2014-07-11 16:27 - 2014-07-11 16:27 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Kai\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-11 16:20 - 2014-07-11 16:20 - 00003048 _____ () C:\Windows\System32\Tasks\PandaUSBVaccine
2014-07-11 16:20 - 2014-07-11 16:20 - 00000000 ____D () C:\ProgramData\Panda Security
2014-07-11 16:20 - 2014-07-11 16:20 - 00000000 ____D () C:\Program Files\Panda USB Vaccine
2014-07-11 16:17 - 2014-07-11 16:17 - 00848856 _____ (Panda Security ) C:\Users\Kai\Downloads\USBVaccineSetup.exe
2014-07-09 15:48 - 2014-04-14 04:29 - 01018880 _____ (Microsoft Corporation) C:\Windows\System32\termsrv.dll
2014-07-09 14:35 - 2014-06-16 23:26 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 14:35 - 2014-06-16 23:24 - 00834048 _____ (Microsoft Corporation) C:\Windows\System32\osk.exe
2014-07-09 14:35 - 2014-06-06 15:20 - 04190720 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2014-07-09 14:35 - 2014-05-30 04:03 - 00563200 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2014-07-09 14:35 - 2014-05-29 13:02 - 00565576 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2014-07-09 14:35 - 2014-05-29 08:55 - 00735232 _____ (Microsoft Corporation) C:\Windows\System32\adtschema.dll
2014-07-09 14:35 - 2014-05-29 07:40 - 00735232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-07-09 14:35 - 2014-05-29 07:37 - 00436224 _____ (Microsoft Corporation) C:\Windows\System32\certcli.dll
2014-07-09 14:35 - 2014-05-29 06:34 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-07-09 14:35 - 2014-05-29 06:27 - 01417216 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2014-07-09 14:34 - 2014-06-19 02:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-07-09 14:34 - 2014-06-19 01:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-07-09 14:34 - 2014-06-19 01:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 14:34 - 2014-06-19 01:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2014-07-09 14:34 - 2014-06-19 00:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-07-09 14:34 - 2014-06-19 00:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-07-09 14:34 - 2014-06-19 00:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2014-07-09 14:34 - 2014-06-19 00:46 - 00250880 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2014-07-09 14:34 - 2014-06-19 00:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-07-09 14:34 - 2014-06-19 00:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-07-09 14:34 - 2014-06-19 00:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 14:34 - 2014-06-19 00:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-07-09 14:34 - 2014-06-19 00:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 14:34 - 2014-06-18 23:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 14:34 - 2014-06-18 23:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-07-09 14:34 - 2014-06-18 23:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 14:34 - 2014-06-18 23:57 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 14:34 - 2014-06-18 23:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 14:34 - 2014-06-18 23:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-07-09 14:34 - 2014-06-18 23:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 14:34 - 2014-06-18 23:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 14:34 - 2014-06-18 23:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 14:34 - 2014-06-18 23:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-07-09 14:34 - 2014-06-18 23:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-07-09 14:34 - 2014-06-18 23:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 14:34 - 2014-06-18 23:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 14:34 - 2014-06-18 23:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 14:34 - 2014-06-06 14:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\System32\qedit.dll
2014-07-09 14:34 - 2014-06-06 13:18 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 14:34 - 2014-05-31 11:07 - 00054776 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2014-07-09 14:34 - 2014-05-31 11:06 - 00555736 _____ (Microsoft Corporation) C:\Windows\System32\twinapi.appcore.dll
2014-07-09 14:34 - 2014-05-31 04:40 - 13287936 _____ (Microsoft Corporation) C:\Windows\System32\twinui.dll
2014-07-09 14:34 - 2014-05-31 04:30 - 11792384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-07-09 14:34 - 2014-05-31 04:12 - 00249344 _____ (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 14:34 - 2014-05-31 04:06 - 00093696 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2014-07-09 14:34 - 2014-05-31 04:03 - 00827392 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2014-07-09 14:34 - 2014-05-31 04:01 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 14:34 - 2014-05-31 03:56 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-07-09 14:34 - 2014-05-31 03:54 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-07-09 14:34 - 2014-05-31 03:48 - 03463680 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2014-07-09 14:34 - 2014-05-31 03:37 - 01054208 _____ (Microsoft Corporation) C:\Windows\System32\twinui.appcore.dll
2014-07-09 14:34 - 2014-05-31 03:36 - 00923136 _____ (Microsoft Corporation) C:\Windows\System32\WSShared.dll
2014-07-09 14:34 - 2014-05-31 03:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-07-09 14:34 - 2014-05-31 03:32 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-07-09 13:03 - 2014-07-13 11:34 - 00000000 ____D () C:\Users\Kai\Downloads\mrfanta_remo_2
2014-07-08 19:04 - 2014-07-13 13:54 - 00000000 ____D () C:\FRST
2014-07-08 19:03 - 2014-07-13 13:53 - 02086912 _____ (Farbar) C:\Users\Kai\Desktop\FRST64.exe
2014-07-08 15:26 - 2014-07-08 15:26 - 00002533 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-07-08 15:26 - 2014-07-08 15:26 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-05 23:34 - 2014-07-05 23:34 - 00000000 ____D () C:\Users\Kai\Documents\PDF Architect 2
2014-07-05 23:34 - 2014-07-05 23:34 - 00000000 ____D () C:\Program Files (x86)\PDF Architect 2
2014-07-05 23:33 - 2014-07-05 23:34 - 00000000 ____D () C:\Program Files\PDFCreator
2014-07-05 23:33 - 2014-07-05 23:33 - 00000000 ____D () C:\ProgramData\PDF Architect 2
2014-07-05 23:33 - 2014-04-25 16:44 - 00137000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMAPI32.OCX
2014-07-05 23:33 - 2014-04-25 16:44 - 00110264 _____ (pdfforge GmbH) C:\Windows\System32\pdfcmon.dll
2014-07-05 23:33 - 2014-04-25 16:44 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPIDE.DLL
2014-07-05 23:33 - 1998-07-06 17:56 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6DE.DLL
2014-07-05 23:33 - 1998-07-06 17:55 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCC2DE.DLL
2014-06-22 10:28 - 2014-06-22 14:15 - 00000000 ____D () C:\Users\Kai\Desktop\Navi Kartenupdate Mai 2014
2014-06-20 14:46 - 2014-06-20 14:46 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-18 16:42 - 2014-07-08 17:18 - 00000000 ____D () C:\Users\Kai\AppData\Roaming\DropboxMaster
2014-06-18 16:07 - 2014-07-12 11:25 - 00000000 ____D () C:\Users\Kai\AppData\Local\Adobe
==================== One Month Modified Files and Folders =======
2014-07-14 21:16 - 2014-02-03 14:31 - 01180718 _____ () C:\Windows\WindowsUpdate.log
2014-07-14 21:16 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-14 21:06 - 2014-01-30 22:53 - 00002195 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-14 21:06 - 2013-10-25 19:33 - 08603160 _____ () C:\Users\Public\CAFADEBUG.log
2014-07-14 20:55 - 2014-04-26 10:32 - 00440760 _____ () C:\Windows\System32\perfh014.dat
2014-07-14 20:55 - 2014-04-26 10:32 - 00076914 _____ () C:\Windows\System32\perfc014.dat
2014-07-14 20:55 - 2013-09-30 05:14 - 02291150 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-07-14 20:55 - 2013-09-30 04:56 - 00765582 _____ () C:\Windows\System32\perfh007.dat
2014-07-14 20:55 - 2013-09-30 04:56 - 00159366 _____ () C:\Windows\System32\perfc007.dat
2014-07-14 20:52 - 2014-02-06 09:26 - 00042294 _____ () C:\Windows\setupact.log
2014-07-14 20:52 - 2013-12-27 21:58 - 00000000 ____D () C:\Users\Kai\AppData\Roaming\ClassicShell
2014-07-14 20:52 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\System32\config\BBI
2014-07-14 20:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\System32\sru
2014-07-14 13:36 - 2013-05-19 17:55 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-14 11:23 - 2013-02-19 19:09 - 00003592 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-911507187-88452296-729338988-1001
2014-07-14 10:38 - 2014-02-15 17:44 - 00016154 _____ () C:\Windows\PFRO.log
2014-07-13 17:21 - 2014-03-07 18:35 - 00000000 ____D () C:\Users\Kai\Desktop\Masterarbeit
2014-07-13 17:09 - 2014-07-13 17:09 - 01249118 _____ () C:\Users\Kai\Downloads\Projektplan_Wochentage_GO-1001-free.xlsx
2014-07-13 17:07 - 2014-07-13 17:07 - 00058608 _____ () C:\Users\Kai\Downloads\projektmanagement.xlsx
2014-07-13 14:21 - 2014-04-16 15:55 - 00000000 ____D () C:\Users\Kai\Desktop\Norwegisch
2014-07-13 13:54 - 2014-07-13 13:53 - 00049006 _____ () C:\Users\Kai\Desktop\FRST.txt
2014-07-13 13:54 - 2014-07-08 19:04 - 00000000 ____D () C:\FRST
2014-07-13 13:53 - 2014-07-13 13:53 - 00000000 ____D () C:\Users\Kai\Desktop\FRST-OlderVersion
2014-07-13 13:53 - 2014-07-08 19:03 - 02086912 _____ (Farbar) C:\Users\Kai\Desktop\FRST64.exe
2014-07-13 13:50 - 2014-07-13 13:50 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-13 13:50 - 2014-07-13 13:50 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-13 13:50 - 2014-07-13 13:50 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-13 13:50 - 2014-07-13 13:50 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-13 13:50 - 2014-07-13 13:50 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-13 13:50 - 2014-07-13 13:50 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-13 13:41 - 2014-07-13 13:41 - 00918952 _____ (Oracle Corporation) C:\Users\Kai\Downloads\jxpiinstall.exe
2014-07-13 11:36 - 2013-02-28 17:38 - 00000000 ____D () C:\Users\Kai\AppData\Roaming\Skype
2014-07-13 11:34 - 2014-07-09 13:03 - 00000000 ____D () C:\Users\Kai\Downloads\mrfanta_remo_2
2014-07-12 19:45 - 2013-02-20 17:11 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-12 17:50 - 2014-07-12 17:50 - 00000000 ____D () C:\Users\Kai\Downloads\FRST-OlderVersion
2014-07-12 17:46 - 2014-07-12 17:46 - 00854390 _____ () C:\Users\Kai\Desktop\SecurityCheck.exe
2014-07-12 15:57 - 2014-07-12 15:57 - 02347384 _____ (ESET) C:\Users\Kai\Desktop\esetsmartinstaller_deu.exe
2014-07-12 14:49 - 2013-06-16 20:24 - 00000000 ____D () C:\Users\Kai\AppData\Local\PokerStars.NET
2014-07-12 11:25 - 2014-06-18 16:07 - 00000000 ____D () C:\Users\Kai\AppData\Local\Adobe
2014-07-11 16:59 - 2014-07-11 16:59 - 00000715 _____ () C:\Users\Kai\Desktop\JRT.txt
2014-07-11 16:59 - 2012-07-26 08:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-07-11 16:51 - 2014-07-11 16:51 - 01016261 _____ (Thisisu) C:\Users\Kai\Desktop\JRT.exe
2014-07-11 16:51 - 2014-07-11 16:51 - 00000000 ____D () C:\Windows\ERUNT
2014-07-11 16:50 - 2014-07-11 16:50 - 00002684 _____ () C:\Users\Kai\Desktop\AdwCleaner[S0].txt
2014-07-11 16:48 - 2014-07-11 16:47 - 00000000 ____D () C:\AdwCleaner
2014-07-11 16:47 - 2014-07-11 16:47 - 01348263 _____ () C:\Users\Kai\Downloads\adwcleaner_3.215.exe
2014-07-11 16:46 - 2014-07-11 16:46 - 00001921 _____ () C:\Users\Kai\Desktop\mbam.txt
2014-07-11 16:45 - 2014-07-11 16:29 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2014-07-11 16:28 - 2014-07-11 16:28 - 00000919 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-11 16:28 - 2014-07-11 16:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-11 16:28 - 2014-07-11 16:28 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-07-11 16:27 - 2014-07-11 16:27 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Kai\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-11 16:20 - 2014-07-11 16:20 - 00003048 _____ () C:\Windows\System32\Tasks\PandaUSBVaccine
2014-07-11 16:20 - 2014-07-11 16:20 - 00000000 ____D () C:\ProgramData\Panda Security
2014-07-11 16:20 - 2014-07-11 16:20 - 00000000 ____D () C:\Program Files\Panda USB Vaccine
2014-07-11 16:17 - 2014-07-11 16:17 - 00848856 _____ (Panda Security ) C:\Users\Kai\Downloads\USBVaccineSetup.exe
2014-07-11 10:36 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-07-10 20:35 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2014-07-10 19:06 - 2013-07-26 15:42 - 00000000 ____D () C:\Windows\System32\MRT
2014-07-10 18:48 - 2013-02-19 20:41 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-07-10 18:48 - 2013-02-19 20:40 - 00000000 ____D () C:\ProgramData\Adobe
2014-07-10 18:47 - 2013-02-19 19:04 - 00000000 ____D () C:\Users\Kai\AppData\Roaming\Adobe
2014-07-10 18:44 - 2013-08-22 15:44 - 05051368 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-07-09 20:11 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ToastData
2014-07-09 20:11 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\WinStore
2014-07-09 15:49 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\System32\config\ELAM
2014-07-09 15:49 - 2013-02-19 23:17 - 96441528 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-07-09 15:47 - 2013-09-30 04:59 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-08 18:04 - 2013-02-19 21:38 - 00000000 ___RD () C:\Users\Kai\Dropbox
2014-07-08 17:36 - 2013-05-19 17:55 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-08 17:19 - 2013-02-19 21:36 - 00000000 ____D () C:\Users\Kai\AppData\Roaming\Dropbox
2014-07-08 17:18 - 2014-06-18 16:42 - 00000000 ____D () C:\Users\Kai\AppData\Roaming\DropboxMaster
2014-07-08 15:26 - 2014-07-08 15:26 - 00002533 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-07-08 15:26 - 2014-07-08 15:26 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-08 15:26 - 2013-02-22 17:20 - 00000000 ____D () C:\ProgramData\Skype
2014-07-05 23:35 - 2013-02-19 20:12 - 00000000 ____D () C:\Users\Kai\Desktop\Programme
2014-07-05 23:34 - 2014-07-05 23:34 - 00000000 ____D () C:\Users\Kai\Documents\PDF Architect 2
2014-07-05 23:34 - 2014-07-05 23:34 - 00000000 ____D () C:\Program Files (x86)\PDF Architect 2
2014-07-05 23:34 - 2014-07-05 23:33 - 00000000 ____D () C:\Program Files\PDFCreator
2014-07-05 23:33 - 2014-07-05 23:33 - 00000000 ____D () C:\ProgramData\PDF Architect 2
2014-07-04 20:15 - 2013-02-21 12:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-04 20:15 - 2013-02-19 20:27 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-04 20:15 - 2013-02-19 20:27 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-03 20:31 - 2013-06-28 16:09 - 00000000 ____D () C:\Users\Kai\AppData\Roaming\Spotify
2014-07-03 20:22 - 2013-06-28 16:09 - 00000000 ____D () C:\Users\Kai\AppData\Local\Spotify
2014-07-03 19:37 - 2013-02-20 00:53 - 00000000 ____D () C:\ProgramData\firebird
2014-07-03 19:36 - 2013-02-20 00:53 - 00001440 _____ () C:\Users\Kai\AppData\Local\FriloWebInfo.html
2014-07-03 19:36 - 2013-02-20 00:51 - 00000000 ____D () C:\Users\Kai\AppData\Local\5a4cf8ca-080e-48f6-b512-229638b7ce10
2014-07-03 17:51 - 2013-03-28 23:04 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avgntflt.sys
2014-06-26 21:55 - 2013-08-22 16:38 - 00703968 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-26 21:55 - 2013-08-22 16:38 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-22 14:15 - 2014-06-22 10:28 - 00000000 ____D () C:\Users\Kai\Desktop\Navi Kartenupdate Mai 2014
2014-06-21 12:34 - 2013-11-30 11:16 - 00000000 ____D () C:\Users\Kai\Desktop\Projektarbeit
2014-06-20 22:37 - 2013-02-19 20:27 - 00004094 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-20 22:37 - 2013-02-19 20:27 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-20 14:46 - 2014-06-20 14:46 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-19 09:44 - 2013-06-16 20:24 - 00000000 ____D () C:\Program Files\PokerStars.NET
2014-06-19 02:39 - 2014-07-09 14:34 - 23464448 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-06-19 01:48 - 2014-07-09 14:34 - 02768384 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-06-19 01:16 - 2014-07-09 14:34 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-19 01:09 - 2014-07-09 14:34 - 00452608 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2014-06-19 00:51 - 2014-07-09 14:34 - 05721088 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-06-19 00:50 - 2014-07-09 14:34 - 00085504 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-06-19 00:48 - 2014-07-09 14:34 - 00292864 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2014-06-19 00:46 - 2014-07-09 14:34 - 00250880 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2014-06-19 00:39 - 2014-07-09 14:34 - 00608768 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-06-19 00:33 - 2014-07-09 14:34 - 00631808 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-06-19 00:32 - 2014-07-09 14:34 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-19 00:27 - 2014-07-09 14:34 - 02040832 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-06-19 00:12 - 2014-07-09 14:34 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-18 23:59 - 2014-07-09 14:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-18 23:58 - 2014-07-09 14:34 - 02266112 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-06-18 23:58 - 2014-07-09 14:34 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-18 23:57 - 2014-07-09 14:34 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-18 23:52 - 2014-07-09 14:34 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-18 23:51 - 2014-07-09 14:34 - 13527040 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-06-18 23:49 - 2014-07-09 14:34 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-18 23:45 - 2014-07-09 14:34 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-18 23:35 - 2014-07-09 14:34 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-18 23:34 - 2014-07-09 14:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-06-18 23:15 - 2014-07-09 14:34 - 00846336 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-06-18 23:13 - 2014-07-09 14:34 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-18 23:09 - 2014-07-09 14:34 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-18 23:07 - 2014-07-09 14:34 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-18 16:42 - 2013-02-19 21:38 - 00001060 _____ () C:\Users\Kai\Desktop\Dropbox.lnk
2014-06-16 23:26 - 2014-07-09 14:35 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-06-16 23:24 - 2014-07-09 14:35 - 00834048 _____ (Microsoft Corporation) C:\Windows\System32\osk.exe
2014-06-16 12:05 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\LiveKernelReports
Some content of TEMP:
====================
C:\Users\Kai\AppData\Local\Temp\AskSLib.dll
C:\Users\Kai\AppData\Local\Temp\avgnt.exe
C:\Users\Kai\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvwj_k5.dll
C:\Users\Kai\AppData\Local\Temp\guninst.exe
C:\Users\Kai\AppData\Local\Temp\Quarantine.exe
C:\Users\Kai\AppData\Local\Temp\SkypeSetup.exe
==================== Known DLLs (Whitelisted) ================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== Restore Points =========================
Restore point made on: 2014-06-23 20:27:33
Restore point made on: 2014-07-01 20:24:02
Restore point made on: 2014-07-02 21:51:44
Restore point made on: 2014-07-05 23:34:13
Restore point made on: 2014-07-08 07:11:55
Restore point made on: 2014-07-08 15:56:00
Restore point made on: 2014-07-08 15:56:03
Restore point made on: 2014-07-08 17:01:54
Restore point made on: 2014-07-08 17:01:58
Restore point made on: 2014-07-08 17:12:30
Restore point made on: 2014-07-08 17:12:33
Restore point made on: 2014-07-08 17:12:36
Restore point made on: 2014-07-08 17:12:39
Restore point made on: 2014-07-08 17:12:42
Restore point made on: 2014-07-08 17:12:44
Restore point made on: 2014-07-11 16:59:45
Restore point made on: 2014-07-13 13:49:52
==================== Memory info ===========================
Percentage of memory in use: 11%
Total physical RAM: 8057.77 MB
Available physical RAM: 7162.44 MB
Total Pagefile: 8057.77 MB
Available Pagefile: 7184.79 MB
Total Virtual: 131072 MB
Available Virtual: 131071.89 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:237.96 GB) (Free:81.21 GB) NTFS
Drive d: (STORE N GO) (Removable) (Total:3.72 GB) (Free:3.72 GB) FAT32
Drive f: (Wiederherstellung) (Fixed) (Total:0.29 GB) (Free:0.02 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.5 GB) (Free:0.5 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 4 GB) (Disk ID: FA42806B)
Partition 1: (Not Active) - (Size=4 GB) - (Type=0C)
LastRegBack: 2014-07-14 11:23
==================== End Of Log ============================
--- --- --- --- --- --- |
|
15.07.2014, 19:36
| #17 |
| /// the machine /// TB-Ausbilder    | Windows 8.1: USB-Stick erstellt noch nur Verknüpfungen - Datensicherung Drücke bitte die
__________________ + R Taste und schreibe notepad in das Ausführen Fenster.Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKU\Kai\...\Run: [Mozilla] => wscript.exe //B "C:\Users\Kai\AppData\Roaming\Mozilla.vbs"
C:\Users\Kai\AppData\Roaming\Mozilla.vbs
C:\Users\Kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla.vbs
Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.
__________________ |
|
15.07.2014, 19:48
| #18 |
| | Windows 8.1: USB-Stick erstellt noch nur Verknüpfungen - Datensicherung Anbei das Fixlog...
__________________Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-07-2014 01
Ran by SYSTEM at 2014-07-15 20:46:42 Run:2
Running from D:\
Boot Mode: Recovery
==============================================
Content of fixlist:
*****************
HKU\Kai\...\Run: [Mozilla] => wscript.exe //B "C:\Users\Kai\AppData\Roaming\Mozilla.vbs"
C:\Users\Kai\AppData\Roaming\Mozilla.vbs
C:\Users\Kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla.vbs
*****************
HKU\Kai\Software\Microsoft\Windows\CurrentVersion\Run\\Mozilla => value deleted successfully.
"C:\Users\Kai\AppData\Roaming\Mozilla.vbs" => File/Directory not found.
"C:\Users\Kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla.vbs" => File/Directory not found.
==== End of Fixlog ====
|
|
16.07.2014, 17:30
| #19 |
| /// the machine /// TB-Ausbilder | Windows 8.1: USB-Stick erstellt noch nur Verknüpfungen - Datensicherung Jetzt bitte nochmal ein FRST Log aus dem normalen Modus. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.07.2014, 22:54
| #20 |
| | Windows 8.1: USB-Stick erstellt noch nur Verknüpfungen - Datensicherung hi, hier wieder das neueste logfile FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-07-2014
Ran by Kai (administrator) on KAIBOOK on 16-07-2014 23:40:01
Running from C:\Users\Kai\Desktop
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Panda Security) C:\Program Files\Panda USB Vaccine\USBVaccine.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Akamai Technologies, Inc.) C:\Users\Kai\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Kai\AppData\Local\Akamai\netsession_win.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\APSDaemon.exe
(Vimicro) C:\Program Files (x86)\USB Camera2\VM332STI.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17200_none_fa7026dd9b04586e\TiWorker.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2872720 2012-10-03] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17111056 2013-10-25] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2013-10-25] (Lenovo(beijing) Limited)
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [418280 2012-07-25] (Autodesk, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [903384 2013-07-24] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [332BigDog] => C:\Program Files (x86)\USB Camera2\VM332STI.EXE [548864 2012-03-20] (Vimicro)
HKLM-x32\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-01-30] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1632216 2012-07-23] (Autodesk, Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [191016 2014-05-14] (Geek Software GmbH)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\SYSTEM32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\.DEFAULT\...\Run: [EPSON3F89D0 (Epson Stylus Photo PX830)] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHOE.EXE [283232 2013-11-03] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-911507187-88452296-729338988-1001\...\Run: [icq] => C:\Users\Kai\AppData\Roaming\ICQM\icq.exe [26935144 2013-02-19] (ICQ)
HKU\S-1-5-21-911507187-88452296-729338988-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\S-1-5-21-911507187-88452296-729338988-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Kai\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-911507187-88452296-729338988-1001\...\Run: [Epson Stylus SX235] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-911507187-88452296-729338988-1001\...\Run: [Spotify Web Helper] => C:\Users\Kai\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-06-30] (Spotify Ltd)
HKU\S-1-5-21-911507187-88452296-729338988-1001\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-911507187-88452296-729338988-1001\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [166568 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe ()
ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: AutoCAD Digital Signatures Icon Overlay Handler -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2D295118CC0ECE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Kai\AppData\Roaming\Mozilla\Firefox\Profiles\bsgnj6ka.default-1401110946098
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.15.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.15.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\Kai\AppData\Roaming\Mozilla\Firefox\Profiles\bsgnj6ka.default-1401110946098\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-26]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-03-02]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR HomePage:
CHR StartupUrls: "https://www.google.de/"
CHR Extension: (Google Docs) - C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-30]
CHR Extension: (Google Drive) - C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-30]
CHR Extension: (YouTube) - C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-30]
CHR Extension: (Google-Suche) - C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-30]
CHR Extension: (Google Wallet) - C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-30]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-01-30]
CHR Extension: (Google Mail) - C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-30]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-02-07]
==================== Services (Whitelisted) =================
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
R2 btwdins; c:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [976600 2013-08-19] (Broadcom Corporation.)
R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1529856 2011-03-04] (Cisco Systems, Inc.)
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2011-10-03] (Firebird Project) [File not signed]
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3764224 2011-10-03] (Firebird Project) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
S3 LSCWinService; c:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [30184 2013-08-08] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1716264 2014-04-30] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-04-30] (pdfforge GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-06-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-27] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 CVPNDRVA; C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
S3 Netaapl; C:\Windows\system32\DRIVERS\netaapl64.sys [23040 2013-07-25] (Apple Inc.) [File not signed]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S1 vflt; C:\Windows\system32\DRIVERS\vfilter.sys [21504 2010-09-02] (Shrew Soft Inc) [File not signed]
S3 vnet; C:\Windows\system32\DRIVERS\virtualnet.sys [17408 2010-09-02] (Shrew Soft Inc) [File not signed]
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-16 23:40 - 2014-07-16 23:40 - 00022416 _____ () C:\Users\Kai\Desktop\FRST.txt
2014-07-16 17:04 - 2014-07-16 17:04 - 00000000 _____ () C:\Recovery.txt
2014-07-16 13:28 - 2014-07-15 21:12 - 00303104 _____ () C:\Users\Kai\Downloads\Zeitplan.mpp
2014-07-13 18:09 - 2014-07-13 18:09 - 01249118 _____ () C:\Users\Kai\Downloads\Projektplan_Wochentage_GO-1001-free.xlsx
2014-07-13 18:07 - 2014-07-13 18:07 - 00058608 _____ () C:\Users\Kai\Downloads\projektmanagement.xlsx
2014-07-13 14:53 - 2014-07-13 14:53 - 00000000 ____D () C:\Users\Kai\Desktop\FRST-OlderVersion
2014-07-13 14:50 - 2014-07-13 14:50 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-07-13 14:50 - 2014-07-13 14:50 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-07-13 14:50 - 2014-07-13 14:50 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-07-13 14:50 - 2014-07-13 14:50 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-07-13 14:50 - 2014-07-13 14:50 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-13 14:50 - 2014-07-13 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-13 14:50 - 2014-07-13 14:50 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-13 14:41 - 2014-07-13 14:41 - 00918952 _____ (Oracle Corporation) C:\Users\Kai\Downloads\jxpiinstall.exe
2014-07-12 18:50 - 2014-07-12 18:50 - 00000000 ____D () C:\Users\Kai\Downloads\FRST-OlderVersion
2014-07-12 18:46 - 2014-07-12 18:46 - 00854390 _____ () C:\Users\Kai\Desktop\SecurityCheck.exe
2014-07-12 16:57 - 2014-07-12 16:57 - 02347384 _____ (ESET) C:\Users\Kai\Desktop\esetsmartinstaller_deu.exe
2014-07-11 17:59 - 2014-07-11 17:59 - 00000715 _____ () C:\Users\Kai\Desktop\JRT.txt
2014-07-11 17:51 - 2014-07-11 17:51 - 01016261 _____ (Thisisu) C:\Users\Kai\Desktop\JRT.exe
2014-07-11 17:51 - 2014-07-11 17:51 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-11 17:50 - 2014-07-11 17:50 - 00002684 _____ () C:\Users\Kai\Desktop\AdwCleaner[S0].txt
2014-07-11 17:48 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-07-11 17:47 - 2014-07-11 17:48 - 00000000 ____D () C:\AdwCleaner
2014-07-11 17:47 - 2014-07-11 17:47 - 01348263 _____ () C:\Users\Kai\Downloads\adwcleaner_3.215.exe
2014-07-11 17:46 - 2014-07-11 17:46 - 00001921 _____ () C:\Users\Kai\Desktop\mbam.txt
2014-07-11 17:29 - 2014-07-11 17:45 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-11 17:28 - 2014-07-11 17:28 - 00000919 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-11 17:28 - 2014-07-11 17:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-11 17:28 - 2014-07-11 17:28 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-07-11 17:28 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-11 17:28 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-07-11 17:28 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-07-11 17:27 - 2014-07-11 17:27 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Kai\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-11 17:20 - 2014-07-11 17:20 - 00003048 _____ () C:\WINDOWS\System32\Tasks\PandaUSBVaccine
2014-07-11 17:20 - 2014-07-11 17:20 - 00000000 ____D () C:\ProgramData\Panda Security
2014-07-11 17:20 - 2014-07-11 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2014-07-11 17:20 - 2014-07-11 17:20 - 00000000 ____D () C:\Program Files\Panda USB Vaccine
2014-07-11 17:17 - 2014-07-11 17:17 - 00848856 _____ (Panda Security ) C:\Users\Kai\Downloads\USBVaccineSetup.exe
2014-07-09 16:48 - 2014-04-14 05:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-07-09 15:35 - 2014-06-17 00:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-07-09 15:35 - 2014-06-17 00:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-09 15:35 - 2014-06-06 16:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-07-09 15:35 - 2014-05-30 05:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-09 15:35 - 2014-05-29 14:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-07-09 15:35 - 2014-05-29 09:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-07-09 15:35 - 2014-05-29 08:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-07-09 15:35 - 2014-05-29 08:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-07-09 15:35 - 2014-05-29 07:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-07-09 15:35 - 2014-05-29 07:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-09 15:34 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-09 15:34 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-09 15:34 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-09 15:34 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-09 15:34 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-09 15:34 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-09 15:34 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-09 15:34 - 2014-06-19 01:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-09 15:34 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-09 15:34 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-09 15:34 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-09 15:34 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-09 15:34 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-09 15:34 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-09 15:34 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-09 15:34 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-09 15:34 - 2014-06-19 00:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-09 15:34 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-09 15:34 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-09 15:34 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-09 15:34 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-09 15:34 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-09 15:34 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-09 15:34 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-09 15:34 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-09 15:34 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-09 15:34 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-09 15:34 - 2014-06-06 15:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-09 15:34 - 2014-06-06 14:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-07-09 15:34 - 2014-05-31 12:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-07-09 15:34 - 2014-05-31 12:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-07-09 15:34 - 2014-05-31 05:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-07-09 15:34 - 2014-05-31 05:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-07-09 15:34 - 2014-05-31 05:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 15:34 - 2014-05-31 05:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-07-09 15:34 - 2014-05-31 05:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-07-09 15:34 - 2014-05-31 05:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 15:34 - 2014-05-31 04:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-07-09 15:34 - 2014-05-31 04:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-07-09 15:34 - 2014-05-31 04:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-07-09 15:34 - 2014-05-31 04:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-07-09 15:34 - 2014-05-31 04:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-09 15:34 - 2014-05-31 04:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-07-09 15:34 - 2014-05-31 04:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-07-08 20:04 - 2014-07-16 23:40 - 00000000 ____D () C:\FRST
2014-07-08 20:03 - 2014-07-13 14:53 - 02086912 _____ (Farbar) C:\Users\Kai\Desktop\FRST64.exe
2014-07-08 16:26 - 2014-07-08 16:26 - 00002533 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-07-08 16:26 - 2014-07-08 16:26 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-08 16:26 - 2014-07-08 16:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-07-06 00:34 - 2014-07-06 00:34 - 00000000 ____D () C:\Users\Kai\Documents\PDF Architect 2
2014-07-06 00:34 - 2014-07-06 00:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 2
2014-07-06 00:34 - 2014-07-06 00:34 - 00000000 ____D () C:\Program Files (x86)\PDF Architect 2
2014-07-06 00:33 - 2014-07-06 00:34 - 00000000 ____D () C:\Program Files\PDFCreator
2014-07-06 00:33 - 2014-07-06 00:33 - 00000000 ____D () C:\ProgramData\PDF Architect 2
2014-07-06 00:33 - 2014-04-25 17:44 - 00137000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMAPI32.OCX
2014-07-06 00:33 - 2014-04-25 17:44 - 00110264 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll
2014-07-06 00:33 - 2014-04-25 17:44 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPIDE.DLL
2014-07-06 00:33 - 1998-07-06 18:56 - 00125712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6DE.DLL
2014-07-06 00:33 - 1998-07-06 18:55 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCC2DE.DLL
2014-06-22 11:28 - 2014-06-22 15:15 - 00000000 ____D () C:\Users\Kai\Desktop\Navi Kartenupdate Mai 2014
2014-06-20 15:46 - 2014-06-20 15:46 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-18 17:42 - 2014-07-08 18:18 - 00000000 ____D () C:\Users\Kai\AppData\Roaming\DropboxMaster
2014-06-18 17:07 - 2014-07-12 12:25 - 00000000 ____D () C:\Users\Kai\AppData\Local\Adobe
==================== One Month Modified Files and Folders =======
2014-07-16 23:40 - 2014-07-16 23:40 - 00022416 _____ () C:\Users\Kai\Desktop\FRST.txt
2014-07-16 23:40 - 2014-07-08 20:04 - 00000000 ____D () C:\FRST
2014-07-16 23:39 - 2014-02-03 15:31 - 01195759 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-16 23:38 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-16 17:04 - 2014-07-16 17:04 - 00000000 _____ () C:\Recovery.txt
2014-07-16 16:22 - 2014-01-30 23:53 - 00002195 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-16 16:20 - 2014-05-28 17:34 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2014-07-16 16:20 - 2014-05-28 17:34 - 00000000 ____D () C:\WINDOWS\system32\NV
2014-07-16 16:01 - 2013-10-25 20:33 - 08751172 _____ () C:\Users\Public\CAFADEBUG.log
2014-07-16 16:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-16 15:49 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-07-16 15:38 - 2013-12-27 22:58 - 00000000 ____D () C:\Users\Kai\AppData\Roaming\ClassicShell
2014-07-16 14:42 - 2014-04-26 11:32 - 00440760 _____ () C:\WINDOWS\system32\perfh014.dat
2014-07-16 14:42 - 2014-04-26 11:32 - 00076914 _____ () C:\WINDOWS\system32\perfc014.dat
2014-07-16 14:42 - 2013-09-30 06:14 - 02291150 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-16 14:42 - 2013-09-30 05:56 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-07-16 14:42 - 2013-09-30 05:56 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-07-16 14:41 - 2013-02-19 20:09 - 00003590 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-911507187-88452296-729338988-1001
2014-07-16 14:36 - 2013-05-19 18:55 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-16 13:30 - 2013-02-28 18:38 - 00000000 ____D () C:\Users\Kai\AppData\Roaming\Skype
2014-07-15 21:12 - 2014-07-16 13:28 - 00303104 _____ () C:\Users\Kai\Downloads\Zeitplan.mpp
2014-07-15 20:45 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-15 16:58 - 2013-06-16 21:24 - 00000000 ____D () C:\Users\Kai\AppData\Local\PokerStars.NET
2014-07-15 15:51 - 2013-05-07 21:30 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2014-07-14 21:52 - 2014-02-06 10:26 - 00042294 _____ () C:\WINDOWS\setupact.log
2014-07-14 11:38 - 2014-02-15 18:44 - 00016154 _____ () C:\WINDOWS\PFRO.log
2014-07-13 18:21 - 2014-03-07 19:35 - 00000000 ____D () C:\Users\Kai\Desktop\Masterarbeit
2014-07-13 18:09 - 2014-07-13 18:09 - 01249118 _____ () C:\Users\Kai\Downloads\Projektplan_Wochentage_GO-1001-free.xlsx
2014-07-13 18:07 - 2014-07-13 18:07 - 00058608 _____ () C:\Users\Kai\Downloads\projektmanagement.xlsx
2014-07-13 15:21 - 2014-04-16 16:55 - 00000000 ____D () C:\Users\Kai\Desktop\Norwegisch
2014-07-13 14:53 - 2014-07-13 14:53 - 00000000 ____D () C:\Users\Kai\Desktop\FRST-OlderVersion
2014-07-13 14:53 - 2014-07-08 20:03 - 02086912 _____ (Farbar) C:\Users\Kai\Desktop\FRST64.exe
2014-07-13 14:50 - 2014-07-13 14:50 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-07-13 14:50 - 2014-07-13 14:50 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-07-13 14:50 - 2014-07-13 14:50 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-07-13 14:50 - 2014-07-13 14:50 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-07-13 14:50 - 2014-07-13 14:50 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-13 14:50 - 2014-07-13 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-13 14:50 - 2014-07-13 14:50 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-13 14:41 - 2014-07-13 14:41 - 00918952 _____ (Oracle Corporation) C:\Users\Kai\Downloads\jxpiinstall.exe
2014-07-12 20:45 - 2013-02-20 18:11 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-12 18:50 - 2014-07-12 18:50 - 00000000 ____D () C:\Users\Kai\Downloads\FRST-OlderVersion
2014-07-12 18:46 - 2014-07-12 18:46 - 00854390 _____ () C:\Users\Kai\Desktop\SecurityCheck.exe
2014-07-12 16:57 - 2014-07-12 16:57 - 02347384 _____ (ESET) C:\Users\Kai\Desktop\esetsmartinstaller_deu.exe
2014-07-12 12:25 - 2014-06-18 17:07 - 00000000 ____D () C:\Users\Kai\AppData\Local\Adobe
2014-07-11 17:59 - 2014-07-11 17:59 - 00000715 _____ () C:\Users\Kai\Desktop\JRT.txt
2014-07-11 17:59 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-11 17:51 - 2014-07-11 17:51 - 01016261 _____ (Thisisu) C:\Users\Kai\Desktop\JRT.exe
2014-07-11 17:51 - 2014-07-11 17:51 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-11 17:50 - 2014-07-11 17:50 - 00002684 _____ () C:\Users\Kai\Desktop\AdwCleaner[S0].txt
2014-07-11 17:48 - 2014-07-11 17:47 - 00000000 ____D () C:\AdwCleaner
2014-07-11 17:47 - 2014-07-11 17:47 - 01348263 _____ () C:\Users\Kai\Downloads\adwcleaner_3.215.exe
2014-07-11 17:46 - 2014-07-11 17:46 - 00001921 _____ () C:\Users\Kai\Desktop\mbam.txt
2014-07-11 17:45 - 2014-07-11 17:29 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-11 17:28 - 2014-07-11 17:28 - 00000919 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-11 17:28 - 2014-07-11 17:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-11 17:28 - 2014-07-11 17:28 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-07-11 17:27 - 2014-07-11 17:27 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Kai\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-11 17:20 - 2014-07-11 17:20 - 00003048 _____ () C:\WINDOWS\System32\Tasks\PandaUSBVaccine
2014-07-11 17:20 - 2014-07-11 17:20 - 00000000 ____D () C:\ProgramData\Panda Security
2014-07-11 17:20 - 2014-07-11 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2014-07-11 17:20 - 2014-07-11 17:20 - 00000000 ____D () C:\Program Files\Panda USB Vaccine
2014-07-11 17:17 - 2014-07-11 17:17 - 00848856 _____ (Panda Security ) C:\Users\Kai\Downloads\USBVaccineSetup.exe
2014-07-10 21:35 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-07-10 20:06 - 2013-07-26 16:42 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-10 19:48 - 2013-02-19 21:41 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-07-10 19:48 - 2013-02-19 21:40 - 00000000 ____D () C:\ProgramData\Adobe
2014-07-10 19:47 - 2013-02-19 20:04 - 00000000 ____D () C:\Users\Kai\AppData\Roaming\Adobe
2014-07-10 19:44 - 2013-08-22 16:44 - 05051368 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-09 21:11 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-07-09 21:11 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-09 21:11 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-09 21:11 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-07-09 16:49 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-09 16:49 - 2013-02-20 00:17 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-09 16:47 - 2013-09-30 05:59 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-08 19:04 - 2013-02-19 22:38 - 00000000 ___RD () C:\Users\Kai\Dropbox
2014-07-08 18:36 - 2013-05-19 18:55 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-07-08 18:19 - 2013-02-19 22:36 - 00000000 ____D () C:\Users\Kai\AppData\Roaming\Dropbox
2014-07-08 18:18 - 2014-06-18 17:42 - 00000000 ____D () C:\Users\Kai\AppData\Roaming\DropboxMaster
2014-07-08 16:26 - 2014-07-08 16:26 - 00002533 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-07-08 16:26 - 2014-07-08 16:26 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-08 16:26 - 2014-07-08 16:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-07-08 16:26 - 2013-02-22 18:20 - 00000000 ____D () C:\ProgramData\Skype
2014-07-06 00:35 - 2013-02-19 21:12 - 00000000 ____D () C:\Users\Kai\Desktop\Programme
2014-07-06 00:34 - 2014-07-06 00:34 - 00000000 ____D () C:\Users\Kai\Documents\PDF Architect 2
2014-07-06 00:34 - 2014-07-06 00:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 2
2014-07-06 00:34 - 2014-07-06 00:34 - 00000000 ____D () C:\Program Files (x86)\PDF Architect 2
2014-07-06 00:34 - 2014-07-06 00:33 - 00000000 ____D () C:\Program Files\PDFCreator
2014-07-06 00:33 - 2014-07-06 00:33 - 00000000 ____D () C:\ProgramData\PDF Architect 2
2014-07-04 21:15 - 2013-02-21 13:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-04 21:15 - 2013-02-19 21:27 - 00001120 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-04 21:15 - 2013-02-19 21:27 - 00001116 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-03 21:31 - 2013-06-28 17:09 - 00000000 ____D () C:\Users\Kai\AppData\Roaming\Spotify
2014-07-03 21:22 - 2013-06-28 17:09 - 00000000 ____D () C:\Users\Kai\AppData\Local\Spotify
2014-07-03 20:37 - 2013-02-20 01:53 - 00000000 ____D () C:\ProgramData\firebird
2014-07-03 20:36 - 2013-02-20 01:53 - 00001440 _____ () C:\Users\Kai\AppData\Local\FriloWebInfo.html
2014-07-03 20:36 - 2013-02-20 01:51 - 00000000 ____D () C:\Users\Kai\AppData\Local\5a4cf8ca-080e-48f6-b512-229638b7ce10
2014-07-03 18:51 - 2013-03-29 00:04 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2014-06-26 22:55 - 2013-08-22 17:38 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-06-26 22:55 - 2013-08-22 17:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-22 15:15 - 2014-06-22 11:28 - 00000000 ____D () C:\Users\Kai\Desktop\Navi Kartenupdate Mai 2014
2014-06-21 13:34 - 2013-11-30 12:16 - 00000000 ____D () C:\Users\Kai\Desktop\Projektarbeit
2014-06-20 23:37 - 2013-02-19 21:27 - 00004094 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-20 23:37 - 2013-02-19 21:27 - 00003858 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-20 15:46 - 2014-06-20 15:46 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-19 10:44 - 2013-06-16 21:24 - 00000000 ____D () C:\Program Files\PokerStars.NET
2014-06-19 03:39 - 2014-07-09 15:34 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-19 02:48 - 2014-07-09 15:34 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-19 02:16 - 2014-07-09 15:34 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-19 02:09 - 2014-07-09 15:34 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-19 01:51 - 2014-07-09 15:34 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-19 01:50 - 2014-07-09 15:34 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-19 01:48 - 2014-07-09 15:34 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-19 01:46 - 2014-07-09 15:34 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-06-19 01:39 - 2014-07-09 15:34 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-19 01:33 - 2014-07-09 15:34 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-19 01:32 - 2014-07-09 15:34 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-19 01:27 - 2014-07-09 15:34 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-19 01:12 - 2014-07-09 15:34 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-19 00:59 - 2014-07-09 15:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-19 00:58 - 2014-07-09 15:34 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-19 00:58 - 2014-07-09 15:34 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-19 00:57 - 2014-07-09 15:34 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-06-19 00:52 - 2014-07-09 15:34 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-19 00:51 - 2014-07-09 15:34 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-19 00:49 - 2014-07-09 15:34 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-19 00:45 - 2014-07-09 15:34 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-19 00:35 - 2014-07-09 15:34 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-19 00:34 - 2014-07-09 15:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-19 00:15 - 2014-07-09 15:34 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-19 00:13 - 2014-07-09 15:34 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-19 00:09 - 2014-07-09 15:34 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-19 00:07 - 2014-07-09 15:34 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-06-18 17:42 - 2013-02-19 22:38 - 00001060 _____ () C:\Users\Kai\Desktop\Dropbox.lnk
2014-06-17 00:26 - 2014-07-09 15:35 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-06-17 00:24 - 2014-07-09 15:35 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-06-16 13:05 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
Some content of TEMP:
====================
C:\Users\Kai\AppData\Local\Temp\AskSLib.dll
C:\Users\Kai\AppData\Local\Temp\avgnt.exe
C:\Users\Kai\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvwj_k5.dll
C:\Users\Kai\AppData\Local\Temp\guninst.exe
C:\Users\Kai\AppData\Local\Temp\Quarantine.exe
C:\Users\Kai\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-14 22:29
==================== End Of Log ============================
So wie es aussieht werden auf den Sticks keine Verknüpfungen mehr erstellt. Allerdings wird die Größe der Ordner in der "Detail-Ansicht" überhaupt nicht mehr angezeigt. Ich hätte da noch eine weitere Frage. Wie sieht es in Zukunft mit Panda USB Vaccine aus? Es ist ja schon etwas ärgerlich, dass die autostart-Funktion nun dauerhaft blockiert wird und die Impfung auch nur funktioniert, sofern die Antivirensoftware während des Anschließens eines neuen Sticks deaktiviert ist. |
|
17.07.2014, 16:22
| #21 |
| /// the machine /// TB-Ausbilder | Windows 8.1: USB-Stick erstellt noch nur Verknüpfungen - Datensicherung Du kanst Panda behalte, wenn du mit obigen Punkten leben kanst. Autostart sollte eh immer aus sein, is sicherer. Sichere die Daten vom Stick die du brauchst und formatiere ihn einmal. Fertig  Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ --> Windows 8.1: USB-Stick erstellt noch nur Verknüpfungen - Datensicherung |
|
17.07.2014, 17:38
| #22 |
| | Windows 8.1: USB-Stick erstellt noch nur Verknüpfungen - Datensicherung Hey, habe alle abschließenden Schritte der Reihe nach durchgeführt und alles lief sauber ab. Bin echt happy, dass alles wieder reibungslos läuft. Grad auch einen der Sticks formatiert und derweil avira gegen avast ersetzt. Damit läuft es wesentlich reibungsloser im Zusammenspiel mit Panda. Hoffentlich bleibt das so...^^ Vielen Dank für alles! |
|
18.07.2014, 04:53
| #23 |
| /// the machine /// TB-Ausbilder | Windows 8.1: USB-Stick erstellt noch nur Verknüpfungen - Datensicherung Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows 8.1: USB-Stick erstellt noch nur Verknüpfungen - Datensicherung |
| anleitung, antivirenprogramm, antworten, automatisch, dateien, datensicherung, erkannt, erstellt, festplatte, formatieren, infektion, msil/kryptik.ny, programm, pup.optional.installcore.a, pup.optional.softonic.a, senden, trojaner, vbs/agent.net, win32/adware.yontoo.b, win32/downloadsponsor.a, windows |
Linear-Darstellung
