Trojaner-Board
Seite 7 von 11 « Erste 56 7 89 Letzte »
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Hilfe! Trojaner Generic Befall (https://www.trojaner-board.de/137513-hilfe-trojaner-generic-befall.html)

lisei 06.07.2013 17:57
hallo schrauber,
vielleicht hab ich auch bei Punkt 4 falsch ausgewählt!

Bevor doing any Major Change to your System, you shold always do a registery backup and/or a System restore Point . This way if you Encounter any unforessen Problems you can restore your System to an earlier Point or restore your registery to a time bevor the repairs.
zu Auswahl stand:

Registry Backeup
Backup gedrückt!
Restore wäre auch zu Auswahl!
System Restore
Create oder Backeup zur Auswahl!
oder hätte ich erst bei System ein punkt auswählen müssen?
kenne mich nicht mehr aus!
versuch es morgen nochmal!
muss jetzt dringend wo hin!
gruß lisa

schrauber 06.07.2013 17:59
Lass das alles weg und mach wie oben beschrieben.

lisei 06.07.2013 17:59
lass die Steps weg ? versteh jetzt garnichts mehr?
versuch es morgen nochmal! Punkt 4 überzucker ich nicht wie zuvor beschrieben.....
lisa

schrauber 06.07.2013 18:01
Du sollst diese Steps weg lassen, und am Schluss, ganze rechts der Tab, dort steht Starten. Dann kommt ein neues Fenster wo Du alle Boxen anhakst und startest.

lisei 07.07.2013 08:56
Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.07.07.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
lisa :: LISA-LISA [Administrator]

07.07.2013 09:47:12
mbam-log-2013-07-07 (09-47-12).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 278242
Laufzeit: 8 Minute(n), 6 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
guten morgen,
hab alles geloschen, neu installiert, scann mit malewarebyts gemacht, bin auf den vorletzten punkt vor settings hab es so gemacht wie du beschrieben....hacken überall
gesetzt und gestartet! jetzt läuft die sache!ich hoffe das war alles richtig!
lisa

schrauber 07.07.2013 09:23
Jap genau. Jetzt laufen lassen und erst wieder posten wenns durch ist. Dann brauch ich ein frischs FRST Log. Und:

Wie läuft der Rechner?

lisei 07.07.2013 09:32
der rechner läuft einigermassen wieder!

schrauber 07.07.2013 10:04
bitte genauer wenn möglich :)

lisei 07.07.2013 10:30
das programm ist abgeschlossen, windows ist beendet worden, windows neu gestartet
3 versuche anmeldung ok dann bleibt der bildschirm hängen es geht garnichts mehr!
Bin jetzt im abgesicherten modus mit netzwerkunterstützung!

schrauber 07.07.2013 10:33
Oh mann :)

poste mal ein frisches FRST Logfile.

lisei 07.07.2013 10:34

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-07-2013 02
Ran by lisa (administrator) on 07-07-2013 11:32:33
Running from C:\Users\lisa\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Safe Mode (with Networking)

==================== Processes (Whitelisted) =================

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) \\?\C:\Windows\system32\wbem\WMIADAP.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-03-11] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [Easy-PrintToolBox] C:\Program Files (x86)\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon [398944 2006-10-17] (CANON INC.)
HKLM\...\Run: [BDAgent] "C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe" [1091200 2013-06-14] (Bitdefender)
HKCU\...\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1104824 2012-11-12] (Samsung)
HKCU\...\Run: [HijackThis startup scan] G:\HijackThis.exe /startupscan [x]
HKCU\...\Run: [Google Update] "C:\Users\lisa\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-09-30] (Google Inc.)
MountPoints2: F - F:\AutoRun.exe
MountPoints2: G - G:\AutoRun.exe
MountPoints2: {1c5eb3cd-c4af-11e0-9a98-101f740a9c70} - F:\AutoRun.exe
MountPoints2: {1c5eb3e1-c4af-11e0-9a98-101f740a9c70} - F:\AutoRun.exe
MountPoints2: {1c5eb3ea-c4af-11e0-9a98-101f740a9c70} - F:\AutoRun.exe
MountPoints2: {1c5eb3fb-c4af-11e0-9a98-101f740a9c70} - G:\AutoRun.exe
MountPoints2: {2c9f57af-c764-11e0-9691-806e6f6e6963} - G:\AutoRun.exe
MountPoints2: {6af6a92d-e8fb-11e0-9dae-101f740a9c70} - G:\AutoRun.exe
MountPoints2: {869dbc6a-c764-11e0-99af-101f740a9c70} - G:\AutoRun.exe
MountPoints2: {cca738f2-58af-11e2-a74f-101f740a9c70} - G:\HTC_Sync_Manager_PC.exe
MountPoints2: {cca7392f-58af-11e2-a74f-101f740a9c70} - G:\setup.exe -a
MountPoints2: {f40ffb3a-bae1-11e2-8b31-101f740a9c70} - G:\HTC_Sync_Manager_PC.exe
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [336384 2011-04-01] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup [651264 2012-04-17] ()
HKLM-x32\...\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [103992 2011-05-23] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [574008 2011-07-11] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-11-02] (Apple Inc.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\2.0.189\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Refresh.lnk
ShortcutTarget: Refresh.lnk -> C:\Program Files (x86)\Tango Skin Pack\Tools\Refresh.cmd (No File)
Startup: C:\Users\lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
ShortcutTarget: Facebook Messenger.lnk -> C:\Users\lisa\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)
Startup: C:\Users\lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKLM - {840CBA39-00BA-4137-9607-C2B1076209F6} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 - {840CBA39-00BA-4137-9607-C2B1076209F6} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKCU - {4F0EDE64-5B3B-4425-8598-3C26DF5FF8BF} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKCU - {840CBA39-00BA-4137-9607-C2B1076209F6} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL =
BHO: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -  No File
BHO-x32: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\hkgxigbt.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @VideoDownloadConverter_4z.com/Plugin - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\lisa\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\lisa\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\lisa\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\hkgxigbt.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\hkgxigbt.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\hkgxigbt.default\searchplugins\toggle.xml
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] C:\Program Files\Bitdefender\Bitdefender 2012\bdtbext\
FF Extension: No Name - C:\Program Files\Bitdefender\Bitdefender 2012\bdtbext\
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] C:\Program Files\Bitdefender\Bitdefender 2012\bdtbext\
FF Extension: No Name - C:\Program Files\Bitdefender\Bitdefender 2012\bdtbext\

Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\lisa\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\lisa\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\lisa\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Nero Kwik Media Helper) - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility for IJ) - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (Facebook Desktop) - C:\Users\lisa\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Website Logon) - C:\Users\lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe\1.0_0
CHR Extension: (Ashampoo DE) - C:\Users\lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkjoiggkbepedjmjjbhhecjiimlckcga\2.3.19.11_0

==================== Services (Whitelisted) =================

S2 AAV UpdateService; C:\Program Files (x86)\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-04-01] (Advanced Micro Devices, Inc.)
S2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [344928 2011-01-28] ()
S2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [99936 2006-11-10] ()
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [224096 2011-08-13] ()
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\2.0.189\McCHSvc.exe [227232 2010-09-02] (McAfee, Inc.)
S2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [120728 2012-10-02] ()
S2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
S3 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [75384 2013-06-14] (Bitdefender)
S2 StarMoney Business 5.0 OnlineUpdate; C:\Program Files (x86)\StarMoney Business 5.0\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
S2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 Update Server; C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe [466736 2011-11-04] (BitDefender)
S2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe [67904 2013-06-14] (Bitdefender)
S2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe [1957912 2013-06-14] (Bitdefender)

==================== Drivers (Whitelisted) ====================

S3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
S0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [705552 2013-06-14] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2013-06-14] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [587024 2013-06-14] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93160 2013-06-14] (BitDefender LLC)
S0 bdfsfltr; C:\Windows\System32\DRIVERS\bdfsfltr.sys [442088 2012-02-07] (BitDefender)
S1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-23] (BitDefender LLC)
S3 bdsandbox; C:\Windows\system32\drivers\bdsandbox.sys [79952 2012-02-07] (BitDefender SRL)
S1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [103944 2010-01-19] (BitDefender)
R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2011-08-13] (Bytemobile, Inc.)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [212992 2011-08-13] (Huawei Technologies Co., Ltd.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2011-08-13] (Bytemobile, Inc.)
R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2011-08-13] (Bytemobile, Inc.)
S0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [329800 2011-11-04] (BitDefender S.R.L.)
S3 CpqDfw; system32\drivers\CpqDfw.sys [x]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-07 11:16 - 2013-07-07 11:16 - 00003288 ____N C:\bootsqm.dat
2013-07-07 09:26 - 2013-07-07 09:27 - 03517580 ____A C:\Users\lisa\Downloads\tweaking.com_windows_repair_aio.zip
2013-07-07 09:24 - 2013-07-07 09:24 - 00356399 ____A (Farbar) C:\Users\lisa\Downloads\FSS(1).exe
2013-07-06 13:28 - 2013-07-06 13:28 - 00000207 ____A C:\Windows\tweaking.com-regbackup-LISA-LISA-Microsoft-Windows-7-Home-Premium-(64-Bit).dat
2013-07-06 13:27 - 2013-07-06 13:27 - 00000000 ____D C:\RegBackup
2013-07-06 12:31 - 2013-07-07 10:51 - 00181064 ____A (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-07-06 11:47 - 2013-07-07 09:33 - 00000000 ____D C:\Users\lisa\Downloads\tweaking.com_windows_repair_aio
2013-07-06 10:38 - 2013-07-07 09:25 - 00002203 ____A C:\Users\lisa\Downloads\FSS.txt
2013-07-06 10:28 - 2013-07-06 10:28 - 00002443 ____A C:\Users\lisa\Desktop\RKreport[0]_S_07062013_102842.txt
2013-07-06 10:18 - 2013-07-06 10:18 - 00002603 ____A C:\Users\lisa\Desktop\RKreport[0]_D_07062013_101813.txt
2013-07-06 10:18 - 2013-07-06 10:18 - 00002443 ____A C:\Users\lisa\Desktop\RKreport[0]_S_07062013_101800.txt
2013-07-06 10:16 - 2013-07-06 10:16 - 00914944 ____A C:\Users\lisa\Downloads\RogueKiller_8.6.2.exe
2013-07-05 21:00 - 2013-07-05 21:00 - 00000000 ____D C:\Qoobox
2013-07-05 21:00 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2013-07-05 21:00 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2013-07-05 21:00 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-07-05 21:00 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-07-05 21:00 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-07-05 21:00 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2013-07-05 21:00 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2013-07-05 21:00 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2013-07-05 20:59 - 2013-07-06 14:24 - 00000000 ____D C:\Windows\erdnt
2013-07-05 20:59 - 2013-07-05 20:59 - 01820782 ____A (Swearware) C:\Users\lisa\Downloads\Nicht bestätigt 957803.crdownload
2013-07-04 14:13 - 2013-07-06 14:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-04 14:06 - 2013-07-04 14:08 - 00003195 ____A C:\Windows\IE10_main.log
2013-07-04 14:05 - 2013-07-04 14:05 - 00861184 ____A (Microsoft Corporation) C:\Users\lisa\Downloads\IE10-Windows6.1-de-de.exe
2013-07-04 12:59 - 2013-07-04 12:59 - 00347424 ____A (Microsoft Corporation) C:\Users\lisa\Downloads\MicrosoftFixit.IEPerformance.MATSKB.Run.exe
2013-07-03 21:44 - 2013-07-03 21:44 - 00000000 ____D C:\Program Files (x86)\ESET
2013-07-03 21:43 - 2013-07-03 21:44 - 02347384 ____A (ESET) C:\Users\lisa\Downloads\esetsmartinstaller_enu.exe
2013-07-03 19:13 - 2013-07-03 19:13 - 00000000 ____D C:\FRST
2013-07-03 19:04 - 2013-07-03 19:04 - 01934082 ____A (Farbar) C:\Users\lisa\Downloads\FRST64.exe
2013-07-03 18:19 - 2013-07-03 18:19 - 00793536 ____A C:\Users\lisa\Downloads\ZipOpenerSetup (1).exe
2013-07-03 17:46 - 2013-07-03 17:46 - 00000579 ____A C:\Users\lisa\Desktop\TFC - Verknüpfung.lnk
2013-07-03 15:41 - 2013-07-03 15:44 - 00014593 ____A C:\Users\lisa\Documents\Stattliches Hochbauamt  Kostenangebot Hochstaufen Kaserne  03.07.2013.xlsx
2013-07-03 13:16 - 2013-07-03 17:13 - 00000328 ____A C:\Windows\Tasks\HPCeeScheduleForlisa.job
2013-07-02 21:28 - 2013-07-02 21:29 - 00002352 ____A C:\Users\lisa\Desktop\Google Chrome.lnk
2013-07-02 20:37 - 2013-07-06 14:24 - 00000000 ____D C:\Users\lisa\Desktop\RK_Quarantine
2013-07-02 18:38 - 2013-07-02 18:38 - 00793536 ____A C:\Users\lisa\Downloads\ZipOpenerSetup.exe
2013-07-02 15:37 - 2013-07-07 10:53 - 00010814 ____A C:\Windows\PFRO.log
2013-07-02 15:23 - 2013-07-02 15:23 - 00000320 ____A C:\Users\lisa\Desktop\SecurityCheck - Verknüpfung.lnk
2013-07-02 10:25 - 2013-07-02 11:36 - 00001081 ____A C:\Users\lisa\Desktop\Continue Download Helper Installation.lnk
2013-07-02 08:50 - 2013-07-07 11:17 - 00001456 ____A C:\Windows\setupact.log
2013-07-02 08:50 - 2013-07-02 15:40 - 00000000 ____D C:\users\TEMP.lisa-lisa.002
2013-07-02 08:50 - 2013-07-02 08:50 - 00000000 ____A C:\Windows\setuperr.log
2013-07-02 08:03 - 2013-07-02 08:03 - 00000000 ____D C:\Users\TEMP.lisa-lisa.000\AppData\Roaming\Bitdefender
2013-07-02 08:02 - 2013-07-02 08:02 - 00000000 ____D C:\Users\TEMP.lisa-lisa.000\AppData\Local\VirtualStore
2013-07-02 08:01 - 2013-07-02 18:36 - 00000000 ____D C:\users\TEMP.lisa-lisa.000
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Vorlagen
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Startmenü
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Netzwerkumgebung
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Lokale Einstellungen
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Eigene Dateien
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Druckumgebung
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Documents\Eigene Musik
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Documents\Eigene Bilder
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\AppData\Local\Verlauf
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\AppData\Local\Anwendungsdaten
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Anwendungsdaten
2013-07-02 08:01 - 2012-02-26 21:28 - 00000000 ____D C:\Users\TEMP.lisa-lisa.000\AppData\Roaming\Macromedia
2013-07-02 08:01 - 2011-08-18 13:48 - 00000000 ____D C:\Users\TEMP.lisa-lisa.000\AppData\Local\Microsoft Help
2013-07-01 21:13 - 2013-07-01 21:13 - 00000000 ____D C:\Windows\ERUNT
2013-07-01 16:27 - 2013-07-01 16:27 - 00040844 ____A C:\Users\lisa\Documents\Addition.txt
2013-07-01 10:46 - 2013-07-01 10:46 - 00297313 ____A C:\Users\lisa\Documents\Malwarebytes Anti-Malware 1.pptx
2013-07-01 08:54 - 2013-07-01 08:54 - 00000000 ____D C:\Users\TEMP.lisa-lisa.001\AppData\Roaming\Bitdefender
2013-07-01 08:52 - 2013-07-02 18:36 - 00000000 ____D C:\users\TEMP.lisa-lisa.001
2013-07-01 08:52 - 2013-07-01 08:52 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.001\Vorlagen
2013-07-01 08:52 - 2013-07-01 08:52 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.001\Startmenü
2013-07-01 08:52 - 2013-07-01 08:52 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.001\Netzwerkumgebung
2013-07-01 08:52 - 2013-07-01 08:52 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.001\Lokale Einstellungen
2013-07-01 08:52 - 2013-07-01 08:52 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.001\Eigene Dateien
2013-07-01 08:52 - 2013-07-01 08:52 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.001\Druckumgebung
2013-07-01 08:52 - 2013-07-01 08:52 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.001\Documents\Eigene Musik
2013-07-01 08:52 - 2013-07-01 08:52 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.001\Documents\Eigene Bilder
2013-07-01 08:52 - 2012-02-26 21:28 - 00000000 ____D C:\Users\TEMP.lisa-lisa.001\AppData\Roaming\Macromedia
2013-06-30 19:49 - 2013-07-02 18:36 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
2013-06-30 19:38 - 2013-06-30 19:44 - 00029898 ____A C:\Users\lisa\Documents\cc_20130630_190551.reg
2013-06-30 19:32 - 2013-06-30 19:35 - 28181408 ____A (TuneUp Software) C:\Users\lisa\Downloads\TuneUpUtilities2013_de-DE (2).exe
2013-06-30 18:58 - 2013-06-30 19:04 - 00005852 ____A C:\Users\lisa\Documents\cc_20130630_185817.reg
2013-06-30 17:41 - 2013-07-02 18:37 - 00000000 ___AD C:\Program Files (x86)\FromDocToPDF_65EI
2013-06-30 17:41 - 2013-07-02 18:36 - 00000000 ____D C:\JRT
2013-06-30 16:18 - 2013-06-30 16:18 - 00000000 ____D C:\ProgramData\bdch
2013-06-18 14:40 - 2013-06-18 14:40 - 00602112 ____A (OldTimer Tools) C:\Users\lisa\Downloads\OTL.exe
2013-06-17 21:23 - 2013-06-17 21:24 - 28211040 ____A (TuneUp Software) C:\Users\lisa\Downloads\TuneUpUtilities2013_de-DE.exe
2013-06-17 18:53 - 2013-07-07 10:52 - 00928168 ____A C:\Windows\WindowsUpdate.log
2013-06-17 18:42 - 2013-06-17 18:42 - 00000176 ____A C:\Users\lisa\Documents\cc_20130617_184239.reg
2013-06-17 16:40 - 2013-06-17 16:42 - 00000429 ____A C:\Windows\System32\avgrep.txt
2013-06-17 13:23 - 2013-06-17 13:24 - 00130010 ____A C:\Users\lisa\Documents\cc_20130617_132325.reg
2013-06-17 11:50 - 2013-06-17 11:50 - 00000822 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-06-17 11:44 - 2013-06-17 11:45 - 00000634 ____A C:\Users\lisa\Desktop\ccsetup402 - Verknüpfung.lnk
2013-06-17 11:38 - 2013-07-02 18:37 - 00000000 ____D C:\Program Files\CCleaner
2013-06-17 09:13 - 2013-07-01 21:23 - 00000000 ____D C:\users\TEMP.lisa-lisa
2013-06-16 21:28 - 2013-07-07 09:40 - 00001069 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-06-16 21:05 - 2013-07-07 09:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-16 20:49 - 2013-06-16 20:54 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\lisa\Downloads\mbam-setup-1.75.0.1300 (1).exe
2013-06-16 20:43 - 2013-06-16 20:50 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\lisa\Downloads\mbam-setup-1.75.0.1300.exe
2013-06-16 20:09 - 2013-07-02 18:38 - 00000000 ____D C:\Users\lisa\AppData\Roaming\Systweak
2013-06-16 12:54 - 2013-06-16 12:56 - 03758488 ____A (Systweak Inc                                                ) C:\Users\lisa\Downloads\rcpsetup_3335_ggde.exe
2013-06-16 10:00 - 2013-06-17 14:53 - 00000000 ____D C:\Windows\pss
2013-06-15 22:39 - 2013-06-15 22:40 - 00393048 ____A (Softonic                                        ) C:\Users\lisa\Downloads\SoftonicDownloader_fuer_hijackthis.exe
2013-06-15 22:03 - 2013-06-15 22:18 - 22562672 ____A C:\Users\lisa\Downloads\TuneUpUtilities2013_de-DE (1).exe
2013-06-15 21:53 - 2013-06-17 21:22 - 00002243 ____A C:\Windows\epplauncher.mif
2013-06-15 21:16 - 2013-06-15 21:36 - 28181408 ____A (TuneUp Software) C:\Users\lisa\Downloads\TuneUpUtilities2013_de-DE(2).exe
2013-06-15 21:00 - 2013-06-15 21:38 - 13503464 ____A (Microsoft Corporation) C:\Users\lisa\Downloads\mseinstall.exe
2013-06-15 19:15 - 2013-06-15 19:19 - 00000000 ____D C:\Program Files (x86)\GUM8868.tmp
2013-06-15 19:15 - 2013-06-15 19:15 - 04167680 ____A C:\Program Files (x86)\GUT8869.tmp
2013-06-15 19:02 - 2013-06-15 19:06 - 00781800 ____A (Google Inc.) C:\Users\lisa\Downloads\ChromeSetup.exe
2013-06-14 08:07 - 2013-07-03 16:44 - 00000000 ____D C:\ProgramData\AVG2013
2013-06-14 07:54 - 2013-06-14 07:54 - 00000000 ____D C:\Users\lisa\AppData\Local\MFAData
2013-06-12 16:38 - 2013-07-03 15:55 - 00012808 ____A C:\Users\lisa\Documents\Staatliches Hochbauamt Traunstein 4. AZ 11.06.2013 Seite 2.xlsx
2013-06-12 15:38 - 2013-07-01 20:24 - 00013299 ____A C:\Users\lisa\Documents\Stattliches Hochbauamt  4.AZ  11.06.2013.xlsx
2013-06-12 10:22 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 10:22 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 10:22 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-12 10:22 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-12 10:22 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-12 10:22 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-12 10:22 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 10:22 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 10:22 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-12 10:22 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-12 10:22 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-12 10:22 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-12 10:22 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-12 10:21 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-12 10:21 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-12 10:21 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 10:21 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 10:21 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 10:21 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 10:21 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 10:21 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 10:20 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-12 10:20 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-12 10:20 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-12 10:20 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-12 10:20 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-12 10:20 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-12 10:20 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-12 10:20 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-12 10:20 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-12 10:20 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-12 10:19 - 2013-06-12 10:19 - 00127984 ____A C:\Users\lisa\Downloads\windowsupdate.diagcab
2013-06-12 09:39 - 2011-07-08 13:37 - 00014119 ____A C:\Windows\SysWOW64\RaCoInst.dat
2013-06-12 09:39 - 2011-07-08 13:37 - 00014119 ____A C:\Windows\System32\RaCoInst.dat
2013-06-12 08:37 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 08:37 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 08:37 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 08:37 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 08:37 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 08:36 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 08:36 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 08:36 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 08:36 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 08:36 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 08:36 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 08:36 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 08:36 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 08:36 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 08:36 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 08:36 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-12 08:36 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-12 08:36 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-12 08:36 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-10 18:37 - 2013-06-10 19:05 - 00012437 ____A C:\Users\lisa\Documents\Grieche Lilly Ellenberger Schlussrechnung 01.06..2013 pdf 3.xlsx
2013-06-10 17:16 - 2013-06-10 19:04 - 00012641 ____A C:\Users\lisa\Documents\Grieche Lilly Ellenberger Schlussrechnung 01.06..2013 pdf 2.xlsx
2013-06-10 17:10 - 2013-06-10 17:10 - 00014227 ____A C:\Users\lisa\Documents\Grieche Lilly Ellenberger Schlussrechnung 01.06..2013 pdf 1.xlsx
2013-06-10 16:18 - 2013-06-10 19:30 - 00013431 ____A C:\Users\lisa\Documents\Grieche Lilly Ellenberger Angebot18.02.2013 pdf 1.xlsx
2013-06-10 12:59 - 2013-07-02 18:37 - 00000000 ____D C:\Program Files\iTunes
2013-06-10 12:59 - 2013-07-02 18:37 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-10 12:59 - 2013-06-14 14:00 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-10 12:59 - 2013-06-10 12:59 - 00001743 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-10 12:59 - 2013-06-10 12:59 - 00000000 ____D C:\Program Files\iPod
2013-06-10 10:07 - 2013-07-02 18:37 - 00000000 ____D C:\Program Files (x86)\Video Download Converter

==================== One Month Modified Files and Folders =======

2013-07-07 11:20 - 2013-01-07 20:02 - 00000000 ____D C:\Users\lisa\AppData\Local\Htc
2013-07-07 11:18 - 2011-12-25 11:53 - 00001102 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-07 11:18 - 2011-08-11 13:17 - 00000376 ____A C:\Users\lisa\AppData\Roamingprivacy.xml
2013-07-07 11:17 - 2013-07-02 08:50 - 00001456 ____A C:\Windows\setupact.log
2013-07-07 11:17 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-07 11:16 - 2013-07-07 11:16 - 00003288 ____N C:\bootsqm.dat
2013-07-07 10:58 - 2011-05-08 01:56 - 05815822 ____A C:\Windows\System32\perfh007.dat
2013-07-07 10:58 - 2011-05-08 01:56 - 01787254 ____A C:\Windows\System32\perfc007.dat
2013-07-07 10:58 - 2009-07-14 07:13 - 00006256 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-07 10:55 - 2011-08-09 19:41 - 00069888 ____A C:\Users\lisa\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-07 10:53 - 2013-07-02 15:37 - 00010814 ____A C:\Windows\PFRO.log
2013-07-07 10:53 - 2009-07-14 06:45 - 00312288 ____A C:\Windows\System32\FNTCACHE.DAT
2013-07-07 10:52 - 2013-06-17 18:53 - 00928168 ____A C:\Windows\WindowsUpdate.log
2013-07-07 10:51 - 2013-07-06 12:31 - 00181064 ____A (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-07-07 10:43 - 2009-07-14 04:34 - 00000439 ____A C:\Windows\win.ini
2013-07-07 10:39 - 2011-08-13 11:38 - 00000000 ____D C:\Users\lisa\AppData\Local\CrashDumps
2013-07-07 10:37 - 2011-09-30 21:55 - 00001116 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2416322015-1569237049-636745652-1002UA.job
2013-07-07 10:34 - 2012-04-08 12:26 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-07 10:30 - 2011-12-25 11:53 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-07 09:40 - 2013-06-16 21:28 - 00001069 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-07-07 09:40 - 2013-06-16 21:05 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-07 09:33 - 2013-07-06 11:47 - 00000000 ____D C:\Users\lisa\Downloads\tweaking.com_windows_repair_aio
2013-07-07 09:27 - 2013-07-07 09:26 - 03517580 ____A C:\Users\lisa\Downloads\tweaking.com_windows_repair_aio.zip
2013-07-07 09:25 - 2013-07-06 10:38 - 00002203 ____A C:\Users\lisa\Downloads\FSS.txt
2013-07-07 09:24 - 2013-07-07 09:24 - 00356399 ____A (Farbar) C:\Users\lisa\Downloads\FSS(1).exe
2013-07-07 09:15 - 2009-07-14 06:45 - 00031856 ____A C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-07 09:15 - 2009-07-14 06:45 - 00031856 ____A C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-06 18:12 - 2011-11-30 01:16 - 00000000 ____D C:\Program Files (x86)\StarMoney Business 5.0
2013-07-06 14:32 - 2012-12-05 09:29 - 00000344 ____A C:\Windows\Tasks\HPCeeScheduleForLISA-LISA$.job
2013-07-06 14:24 - 2013-07-05 20:59 - 00000000 ____D C:\Windows\erdnt
2013-07-06 14:24 - 2013-07-04 14:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-06 14:24 - 2013-07-02 20:37 - 00000000 ____D C:\Users\lisa\Desktop\RK_Quarantine
2013-07-06 14:24 - 2012-08-05 13:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-06 14:24 - 2012-04-02 22:50 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-07-06 14:24 - 2011-08-17 13:22 - 00000000 ____D C:\Users\lisa\AppData\Local\Microsoft Help
2013-07-06 14:24 - 2011-08-17 13:21 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-06 14:24 - 2011-08-09 19:28 - 00000000 ____D C:\users\lisa
2013-07-06 14:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-07-06 13:28 - 2013-07-06 13:28 - 00000207 ____A C:\Windows\tweaking.com-regbackup-LISA-LISA-Microsoft-Windows-7-Home-Premium-(64-Bit).dat
2013-07-06 13:27 - 2013-07-06 13:27 - 00000000 ____D C:\RegBackup
2013-07-06 13:02 - 2011-08-10 09:06 - 00605552 ____A (Microsoft Corporation) C:\Windows\System32\winload.exe
2013-07-06 13:02 - 2011-08-10 09:06 - 00518672 ____A (Microsoft Corporation) C:\Windows\System32\winresume.exe
2013-07-06 10:49 - 2012-12-27 16:01 - 00000000 ____D C:\Users\lisa\AppData\Local\Recovery Toolbox for Excel
2013-07-06 10:28 - 2013-07-06 10:28 - 00002443 ____A C:\Users\lisa\Desktop\RKreport[0]_S_07062013_102842.txt
2013-07-06 10:18 - 2013-07-06 10:18 - 00002603 ____A C:\Users\lisa\Desktop\RKreport[0]_D_07062013_101813.txt
2013-07-06 10:18 - 2013-07-06 10:18 - 00002443 ____A C:\Users\lisa\Desktop\RKreport[0]_S_07062013_101800.txt
2013-07-06 10:16 - 2013-07-06 10:16 - 00914944 ____A C:\Users\lisa\Downloads\RogueKiller_8.6.2.exe
2013-07-06 00:55 - 2013-04-24 23:45 - 00000902 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2416322015-1569237049-636745652-1002Core.job
2013-07-05 21:00 - 2013-07-05 21:00 - 00000000 ____D C:\Qoobox
2013-07-05 20:59 - 2013-07-05 20:59 - 01820782 ____A (Swearware) C:\Users\lisa\Downloads\Nicht bestätigt 957803.crdownload
2013-07-05 05:37 - 2011-09-30 21:55 - 00001064 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2416322015-1569237049-636745652-1002Core.job
2013-07-04 14:08 - 2013-07-04 14:06 - 00003195 ____A C:\Windows\IE10_main.log
2013-07-04 14:05 - 2013-07-04 14:05 - 00861184 ____A (Microsoft Corporation) C:\Users\lisa\Downloads\IE10-Windows6.1-de-de.exe
2013-07-04 12:59 - 2013-07-04 12:59 - 00347424 ____A (Microsoft Corporation) C:\Users\lisa\Downloads\MicrosoftFixit.IEPerformance.MATSKB.Run.exe
2013-07-03 21:44 - 2013-07-03 21:44 - 00000000 ____D C:\Program Files (x86)\ESET
2013-07-03 21:44 - 2013-07-03 21:43 - 02347384 ____A (ESET) C:\Users\lisa\Downloads\esetsmartinstaller_enu.exe
2013-07-03 19:13 - 2013-07-03 19:13 - 00000000 ____D C:\FRST
2013-07-03 19:04 - 2013-07-03 19:04 - 01934082 ____A (Farbar) C:\Users\lisa\Downloads\FRST64.exe
2013-07-03 18:19 - 2013-07-03 18:19 - 00793536 ____A C:\Users\lisa\Downloads\ZipOpenerSetup (1).exe
2013-07-03 17:46 - 2013-07-03 17:46 - 00000579 ____A C:\Users\lisa\Desktop\TFC - Verknüpfung.lnk
2013-07-03 17:38 - 2011-05-07 16:21 - 00000000 ____D C:\Program Files (x86)\HP Games
2013-07-03 17:13 - 2013-07-03 13:16 - 00000328 ____A C:\Windows\Tasks\HPCeeScheduleForlisa.job
2013-07-03 17:10 - 2011-12-25 11:54 - 00000000 ____D C:\Program Files\Google
2013-07-03 17:10 - 2011-12-25 11:50 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-03 17:05 - 2012-04-08 00:16 - 00000000 ____D C:\Program Files (x86)\Skin Pack
2013-07-03 17:05 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Cursors
2013-07-03 16:54 - 2011-09-30 21:55 - 00000000 ____D C:\Users\lisa\AppData\Local\Google
2013-07-03 16:44 - 2013-06-14 08:07 - 00000000 ____D C:\ProgramData\AVG2013
2013-07-03 15:55 - 2013-06-12 16:38 - 00012808 ____A C:\Users\lisa\Documents\Staatliches Hochbauamt Traunstein 4. AZ 11.06.2013 Seite 2.xlsx
2013-07-03 15:44 - 2013-07-03 15:41 - 00014593 ____A C:\Users\lisa\Documents\Stattliches Hochbauamt  Kostenangebot Hochstaufen Kaserne  03.07.2013.xlsx
2013-07-02 21:29 - 2013-07-02 21:28 - 00002352 ____A C:\Users\lisa\Desktop\Google Chrome.lnk
2013-07-02 18:38 - 2013-07-02 18:38 - 00793536 ____A C:\Users\lisa\Downloads\ZipOpenerSetup.exe
2013-07-02 18:38 - 2013-06-16 20:09 - 00000000 ____D C:\Users\lisa\AppData\Roaming\Systweak
2013-07-02 18:38 - 2012-04-08 00:18 - 00000000 ____D C:\Windows\Neon Skin Pack
2013-07-02 18:38 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-07-02 18:38 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Portable Devices
2013-07-02 18:38 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-02 18:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\servicing
2013-07-02 18:37 - 2013-06-30 17:41 - 00000000 ___AD C:\Program Files (x86)\FromDocToPDF_65EI
2013-07-02 18:37 - 2013-06-17 11:38 - 00000000 ____D C:\Program Files\CCleaner
2013-07-02 18:37 - 2013-06-10 12:59 - 00000000 ____D C:\Program Files\iTunes
2013-07-02 18:37 - 2013-06-10 12:59 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-07-02 18:37 - 2013-06-10 10:07 - 00000000 ____D C:\Program Files (x86)\Video Download Converter
2013-07-02 18:37 - 2013-05-31 13:39 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-07-02 18:37 - 2013-01-05 16:52 - 00000000 ____D C:\Program Files (x86)\Steuersparer 2013
2013-07-02 18:37 - 2012-12-27 16:01 - 00000000 ____D C:\Program Files (x86)\Recovery Toolbox for Excel
2013-07-02 18:37 - 2012-11-15 21:11 - 00000000 ____D C:\Program Files (x86)\Microsoft Games
2013-07-02 18:37 - 2012-07-24 19:56 - 00000000 ____D C:\Program Files (x86)\Portrait Professional 10 Test
2013-07-02 18:37 - 2012-07-24 18:25 - 00000000 ____D C:\Program Files (x86)\PhotoScape
2013-07-02 18:37 - 2012-07-17 10:53 - 00000000 ____D C:\Program Files (x86)\iThmb Converter
2013-07-02 18:37 - 2012-05-30 09:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor
2013-07-02 18:37 - 2012-05-21 14:19 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-02 18:37 - 2012-05-13 13:04 - 00000000 ____D C:\Program Files (x86)\Origin
2013-07-02 18:37 - 2012-04-15 18:36 - 00000000 ____D C:\Program Files (x86)\VideoPerformer
2013-07-02 18:37 - 2012-04-07 20:51 - 00000000 ____D C:\Program Files (x86)\YouTube Song Downloader
2013-07-02 18:37 - 2012-04-07 20:51 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2013-07-02 18:37 - 2012-04-02 22:50 - 00000000 ____D C:\Program Files (x86)\McAfee Security Scan
2013-07-02 18:37 - 2011-12-25 12:20 - 00000000 ____D C:\Program Files (x86)\IrfanView
2013-07-02 18:37 - 2011-12-24 19:57 - 00000000 ____D C:\Program Files\Paint.NET
2013-07-02 18:37 - 2011-12-03 22:38 - 00000000 ____D C:\Program Files\Bonjour
2013-07-02 18:37 - 2011-09-08 21:52 - 00000000 ____D C:\Program Files (x86)\Safari
2013-07-02 18:37 - 2011-08-17 13:50 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2013-07-02 18:37 - 2011-08-13 10:28 - 00000000 ____D C:\ProgramData\DatacardService
2013-07-02 18:37 - 2011-07-10 18:20 - 00000000 ____D C:\Program Files (x86)\HP SimplePass 2011
2013-07-02 18:37 - 2011-07-10 18:19 - 00000000 ____D C:\Program Files\Common Files\AuthenTec
2013-07-02 18:36 - 2013-07-02 08:01 - 00000000 ____D C:\users\TEMP.lisa-lisa.000
2013-07-02 18:36 - 2013-07-01 08:52 - 00000000 ____D C:\users\TEMP.lisa-lisa.001
2013-07-02 18:36 - 2013-06-30 19:49 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
2013-07-02 18:36 - 2013-06-30 17:41 - 00000000 ____D C:\JRT
2013-07-02 18:36 - 2013-01-21 21:12 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-07-02 18:36 - 2013-01-14 16:04 - 00000000 ____D C:\Program Files (x86)\AAVUpdateManager
2013-07-02 18:36 - 2013-01-06 18:03 - 00000000 ____D C:\KronosFaktura
2013-07-02 18:36 - 2012-07-13 14:54 - 00000000 ____D C:\Program Files (x86)\Dream Aquarium
2013-07-02 18:36 - 2012-05-27 14:05 - 00000000 ____D C:\Program Files (x86)\Desktop Media
2013-07-02 18:36 - 2012-05-21 11:52 - 00000000 ____D C:\Program Files (x86)\CD-LabelPrint
2013-07-02 18:36 - 2012-04-15 18:36 - 00000000 ____D C:\Program Files (x86)\AC3File
2013-07-02 18:36 - 2011-12-03 22:38 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-07-02 18:36 - 2011-08-20 11:10 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-07-02 15:40 - 2013-07-02 08:50 - 00000000 ____D C:\users\TEMP.lisa-lisa.002
2013-07-02 15:23 - 2013-07-02 15:23 - 00000320 ____A C:\Users\lisa\Desktop\SecurityCheck - Verknüpfung.lnk
2013-07-02 11:36 - 2013-07-02 10:25 - 00001081 ____A C:\Users\lisa\Desktop\Continue Download Helper Installation.lnk
2013-07-02 11:25 - 2009-07-14 07:08 - 00032640 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-02 08:50 - 2013-07-02 08:50 - 00000000 ____A C:\Windows\setuperr.log
2013-07-02 08:03 - 2013-07-02 08:03 - 00000000 ____D C:\Users\TEMP.lisa-lisa.000\AppData\Roaming\Bitdefender
2013-07-02 08:02 - 2013-07-02 08:02 - 00000000 ____D C:\Users\TEMP.lisa-lisa.000\AppData\Local\VirtualStore
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Vorlagen
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Startmenü
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Netzwerkumgebung
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Lokale Einstellungen
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Eigene Dateien
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Druckumgebung
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Documents\Eigene Musik
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Documents\Eigene Bilder
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\AppData\Local\Verlauf
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\AppData\Local\Anwendungsdaten
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Anwendungsdaten
2013-07-01 21:23 - 2013-06-17 09:13 - 00000000 ____D C:\users\TEMP.lisa-lisa
2013-07-01 21:13 - 2013-07-01 21:13 - 00000000 ____D C:\Windows\ERUNT
2013-07-01 20:24 - 2013-06-12 15:38 - 00013299 ____A C:\Users\lisa\Documents\Stattliches Hochbauamt  4.AZ  11.06.2013.xlsx
2013-07-01 16:27 - 2013-07-01 16:27 - 00040844 ____A C:\Users\lisa\Documents\Addition.txt
2013-07-01 10:46 - 2013-07-01 10:46 - 00297313 ____A C:\Users\lisa\Documents\Malwarebytes Anti-Malware 1.pptx
2013-07-01 08:54 - 2013-07-01 08:54 - 00000000 ____D C:\Users\TEMP.lisa-lisa.001\AppData\Roaming\Bitdefender
2013-07-01 08:52 - 2013-07-01 08:52 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.001\Vorlagen
2013-07-01 08:52 - 2013-07-01 08:52 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.001\Startmenü
2013-07-01 08:52 - 2013-07-01 08:52 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.001\Netzwerkumgebung
2013-07-01 08:52 - 2013-07-01 08:52 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.001\Lokale Einstellungen
2013-07-01 08:52 - 2013-07-01 08:52 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.001\Eigene Dateien
2013-07-01 08:52 - 2013-07-01 08:52 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.001\Druckumgebung
2013-07-01 08:52 - 2013-07-01 08:52 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.001\Documents\Eigene Musik
2013-07-01 08:52 - 2013-07-01 08:52 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.001\Documents\Eigene Bilder
2013-06-30 19:44 - 2013-06-30 19:38 - 00029898 ____A C:\Users\lisa\Documents\cc_20130630_190551.reg
2013-06-30 19:35 - 2013-06-30 19:32 - 28181408 ____A (TuneUp Software) C:\Users\lisa\Downloads\TuneUpUtilities2013_de-DE (2).exe
2013-06-30 19:04 - 2013-06-30 18:58 - 00005852 ____A C:\Users\lisa\Documents\cc_20130630_185817.reg
2013-06-30 16:18 - 2013-06-30 16:18 - 00000000 ____D C:\ProgramData\bdch
2013-06-18 14:40 - 2013-06-18 14:40 - 00602112 ____A (OldTimer Tools) C:\Users\lisa\Downloads\OTL.exe
2013-06-17 21:24 - 2013-06-17 21:23 - 28211040 ____A (TuneUp Software) C:\Users\lisa\Downloads\TuneUpUtilities2013_de-DE.exe
2013-06-17 21:22 - 2013-06-15 21:53 - 00002243 ____A C:\Windows\epplauncher.mif
2013-06-17 18:42 - 2013-06-17 18:42 - 00000176 ____A C:\Users\lisa\Documents\cc_20130617_184239.reg
2013-06-17 16:42 - 2013-06-17 16:40 - 00000429 ____A C:\Windows\System32\avgrep.txt
2013-06-17 14:53 - 2013-06-16 10:00 - 00000000 ____D C:\Windows\pss
2013-06-17 13:24 - 2013-06-17 13:23 - 00130010 ____A C:\Users\lisa\Documents\cc_20130617_132325.reg
2013-06-17 13:18 - 2012-09-09 19:38 - 00000000 ____D C:\Users\lisa\Tracing
2013-06-17 12:40 - 2007-01-02 03:25 - 00000000 ____D C:\Windows\Panther
2013-06-17 11:50 - 2013-06-17 11:50 - 00000822 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-06-17 11:45 - 2013-06-17 11:44 - 00000634 ____A C:\Users\lisa\Desktop\ccsetup402 - Verknüpfung.lnk
2013-06-16 20:54 - 2013-06-16 20:49 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\lisa\Downloads\mbam-setup-1.75.0.1300 (1).exe
2013-06-16 20:50 - 2013-06-16 20:43 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\lisa\Downloads\mbam-setup-1.75.0.1300.exe
2013-06-16 17:40 - 2011-08-13 11:08 - 00000052 ____A C:\Windows\SysWOW64\DOErrors.log
2013-06-16 17:28 - 2011-05-07 16:19 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2013-06-16 17:22 - 2011-02-10 21:23 - 00000000 ____D C:\SWSetup
2013-06-16 16:05 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\NDF
2013-06-16 15:52 - 2011-10-05 20:41 - 00000119 ____A C:\Users\lisa\AppData\Roaming\default.rss
2013-06-16 13:15 - 2011-08-09 19:28 - 00000000 ____D C:\Users\lisa\AppData\Local\VirtualStore
2013-06-16 12:56 - 2013-06-16 12:54 - 03758488 ____A (Systweak Inc                                                ) C:\Users\lisa\Downloads\rcpsetup_3335_ggde.exe
2013-06-15 22:40 - 2013-06-15 22:39 - 00393048 ____A (Softonic                                        ) C:\Users\lisa\Downloads\SoftonicDownloader_fuer_hijackthis.exe
2013-06-15 22:18 - 2013-06-15 22:03 - 22562672 ____A C:\Users\lisa\Downloads\TuneUpUtilities2013_de-DE (1).exe
2013-06-15 22:07 - 2013-01-21 21:15 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-06-15 21:38 - 2013-06-15 21:00 - 13503464 ____A (Microsoft Corporation) C:\Users\lisa\Downloads\mseinstall.exe
2013-06-15 21:36 - 2013-06-15 21:16 - 28181408 ____A (TuneUp Software) C:\Users\lisa\Downloads\TuneUpUtilities2013_de-DE(2).exe
2013-06-15 19:19 - 2013-06-15 19:15 - 00000000 ____D C:\Program Files (x86)\GUM8868.tmp
2013-06-15 19:15 - 2013-06-15 19:15 - 04167680 ____A C:\Program Files (x86)\GUT8869.tmp
2013-06-15 19:06 - 2013-06-15 19:02 - 00781800 ____A (Google Inc.) C:\Users\lisa\Downloads\ChromeSetup.exe
2013-06-15 18:17 - 2013-06-02 20:12 - 00000000 ____D C:\Program Files (x86)\MiPony
2013-06-15 11:36 - 2012-02-08 09:27 - 00000000 ____D C:\ProgramData\BDLogging
2013-06-14 16:28 - 2011-03-01 17:45 - 00093160 ____A (BitDefender LLC) C:\Windows\System32\Drivers\bdfndisf6.sys
2013-06-14 16:27 - 2012-03-01 20:22 - 00587024 ____A (BitDefender) C:\Windows\System32\Drivers\avckf.sys
2013-06-14 16:27 - 2012-02-07 14:51 - 00705552 ____A (BitDefender) C:\Windows\System32\Drivers\avc3.sys
2013-06-14 16:26 - 2011-07-15 16:12 - 00261056 ____A (BitDefender) C:\Windows\System32\Drivers\avchv.sys
2013-06-14 15:37 - 2012-11-14 11:46 - 00000000 ____D C:\Program Files (x86)\DC Software
2013-06-14 15:37 - 2011-08-09 19:31 - 00000000 ____D C:\Users\lisa\AppData\Local\Hewlett-Packard_Company
2013-06-14 15:37 - 2011-08-09 19:31 - 00000000 ____D C:\Users\lisa\AppData\Local\Hewlett-Packard
2013-06-14 15:37 - 2011-05-07 16:30 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-06-14 15:37 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-14 15:37 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2013-06-14 15:37 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-06-14 15:36 - 2012-02-24 16:54 - 00000000 ____D C:\Windows\System32\Macromed
2013-06-14 15:36 - 2011-05-07 16:20 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2013-06-14 15:36 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\System32\WinBioPlugIns
2013-06-14 15:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Speech
2013-06-14 14:41 - 2011-09-18 20:01 - 00001327 ____A C:\Windows\SysWOW64\logFile.xml
2013-06-14 14:32 - 2011-08-09 19:42 - 00000000 ____D C:\Users\lisa\AppData\Roaming\hpqlog
2013-06-14 14:00 - 2013-06-10 12:59 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-14 14:00 - 2011-07-10 18:08 - 00000000 ____D C:\Program Files\Validity Sensors
2013-06-14 13:59 - 2012-05-27 14:17 - 00000000 ____D C:\Users\lisa\AppData\Roaming\ArcSoft
2013-06-14 13:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system
2013-06-14 08:08 - 2013-01-21 21:15 - 00000000 ____D C:\Users\lisa\AppData\Roaming\TuneUp Software
2013-06-14 07:54 - 2013-06-14 07:54 - 00000000 ____D C:\Users\lisa\AppData\Local\MFAData
2013-06-13 10:35 - 2013-03-05 12:30 - 00013729 ____A C:\Users\lisa\Documents\Staatl. Hochbauamt Aufmaß 01 18.02.2013.xlsx
2013-06-12 18:37 - 2012-04-08 12:26 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 18:37 - 2011-08-18 08:20 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-12 12:01 - 2013-02-27 19:46 - 00011549 ____A C:\Users\lisa\Documents\Regiebericht Staatliches Hochbauamt 18.02.2013  R3.xlsx
2013-06-12 10:37 - 2011-11-04 15:06 - 00000000 ____A C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-06-12 10:22 - 2011-08-21 09:41 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-12 10:19 - 2013-06-12 10:19 - 00127984 ____A C:\Users\lisa\Downloads\windowsupdate.diagcab
2013-06-12 09:39 - 2011-07-10 18:09 - 00008045 ____A C:\Windows\System32\RaCoInst.log
2013-06-10 19:30 - 2013-06-10 16:18 - 00013431 ____A C:\Users\lisa\Documents\Grieche Lilly Ellenberger Angebot18.02.2013 pdf 1.xlsx
2013-06-10 19:05 - 2013-06-10 18:37 - 00012437 ____A C:\Users\lisa\Documents\Grieche Lilly Ellenberger Schlussrechnung 01.06..2013 pdf 3.xlsx
2013-06-10 19:04 - 2013-06-10 17:16 - 00012641 ____A C:\Users\lisa\Documents\Grieche Lilly Ellenberger Schlussrechnung 01.06..2013 pdf 2.xlsx
2013-06-10 17:10 - 2013-06-10 17:10 - 00014227 ____A C:\Users\lisa\Documents\Grieche Lilly Ellenberger Schlussrechnung 01.06..2013 pdf 1.xlsx
2013-06-10 12:59 - 2013-06-10 12:59 - 00001743 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-10 12:59 - 2013-06-10 12:59 - 00000000 ____D C:\Program Files\iPod
2013-06-08 16:08 - 2013-06-12 10:20 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-12 10:20 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-12 10:20 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-12 10:20 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-12 10:20 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 14:28 - 2013-06-12 10:21 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-12 10:20 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-12 10:20 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-12 10:20 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-12 10:20 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-12 10:20 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:13 - 2013-06-12 10:21 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-06 15:20

==================== End Of Log ============================
--- --- ---

schrauber 07.07.2013 10:37
Rechner ausschalten, 10 min warten, einschalten. Kommste normal rein?

lisei 07.07.2013 10:54
hallo jetzt hat es geklappt!

Bitdefender kann keine updates mehr machen?
er meldet immer einbruchsgefahr bei sparte firewall!
c/:prgramm (files86)motorola/motforwarddeamon/forwarddeamon exe. das programm versucht eine verbindung mit dem internet herzustellen.das programm verwendet das protokoll TCP 12000 durchgeführte aktion zugelassen! Is das normal?

schrauber 07.07.2013 11:22
Du musst doch wissen ob Du Motorola Software nutzt oder nicht :)

FRST log aus dem normalen Modus bitte. Haken bei Additional setzen,damit werden 2 Logfiles erstellt.

lisei 07.07.2013 11:24
motorola defy, nutze ich für meinen Mann! ok dann ist das in ordnung!
wieso bringt er mir dann so eine Meldung! muss ich dass im Firewall zulassen
oder? dann bringt er diese meldung nicht mehr!
lisa


Alle Zeitangaben in WEZ +1. Es ist jetzt 14:53 Uhr.
Seite 7 von 11 « Erste 56 7 89 Letzte »
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131