MoltoBene | 26.11.2013 21:43 | Hallo,
habe FRST ausgeführt.
Das Log-File findest Du am Ende des Beitrags.
Nur noch kurz als "Zwischeninfo":
Während der Installation von PowerTab Editor scheint etwas mit dem Namen "Outobox" mit-installiert worden zu sein.
Der FRST-Log zeigt es in "One Month Created Files and Folders":
C:\Program Files (x86)\outobox
... und auch in "Internet (Whitelisted)":
BHO-x32: outobox - {30f06672-0e95-41a9-80cb-dee386af99ad} - C:\Program Files (x86)\outobox\outoboxBHO.dll
Könnte es sich dabei tatsächlich um eine Variante des Schädlings BrowseFox.F handeln?
Ein Check auf VirusTotal ergibt jedenfalls widersprüchliche Ergebnisse:
42x unbedenklich, aber AVG sagt: MalSign.Outobox.C42
DrWeb sagt: Adware.Plugin.100
ESET-NOD32 sagt: a variant of Win32/BrowseFox.F
TrendMicro-HouseCall: TROJ_GEN.F47V1122 Auch finden sich im Log Einträge mit chinesischen Schriftzeichen(!?), bspw. der letzte Eintrag in "One Month Modified Files and Folders". Sie machen mich doppelt stutzig, weil es sich stets um den Ordner "C:\Windows\SysWOW64" handelt.
Würde mich freuen, wenn Du mir sagen könntest, wie ich weitermachen kann und auch, ob Du die beiden genannten Punkte (Outobox/chinesische Einträge) für problematisch hältst(?).
Hier noch das Log-File des FRST-Scans:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-11-2013 01
Ran by [Nutzer] (ATTENTION: The logged in user is not administrator) on VIDEO-PC on 26-11-2013 19:37:36
Running from C:\Users\[Nutzer]\Desktop\Threat - System Care Antivirus\05 - Farbar's Recovery Scan Tool
Windows Vista (TM) Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Emsisoft GmbH) C:\Program Files (x86)\Online Armor\oaui.exe
(Spotify Ltd) C:\Users\[Nutzer]\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Emsisoft GmbH) C:\Program Files (x86)\Online Armor\oahlp.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
(Matrox Graphics Inc.) C:\Program Files (x86)\Matrox Graphics\PowerDesk\Matrox.PDesk.Startup.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Spotify Ltd) C:\Users\[Nutzer]\AppData\Roaming\Spotify\spotify.exe
() C:\Users\[Nutzer]\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\[Nutzer]\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\[Nutzer]\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\[Nutzer]\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Users\[Nutzer]\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\[Nutzer]\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\[Nutzer]\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\[Nutzer]\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10134560 2010-03-17] (Realtek
Semiconductor)
HKLM\...\Run: [@OnlineArmor GUI] - C:\Program Files (x86)\Online Armor\oaui.exe [2415104 2012-10-02]
(Emsisoft GmbH)
HKLM-x32\...\RunOnce: [InnoSetupRegFile.0000000001] - "C:\Windows\is-93086.exe" /REG [1544704 2012-10-04] ()
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] - "C:\Program Files (x86)\Malwarebytes' Anti-
Malware\mbamgui.exe" /install /silent [766536 2012-09-29] (Malwarebytes Corporation)
HKLM-x32\...\RunOnce: [InnoSetupRegFile.0000000002] - "C:\Windows\is-QSNKT.exe" /REG [1544704 2013-01-26] ()
HKLM-x32\...\RunOnce: [InnoSetupRegFile.0000000003] - "C:\Windows\is-41LQ8.exe" /REG [1544704 2013-06-05] ()
HKLM-x32\...\Runonce: [InstallShieldSetup2] - C:\PROGRA~2\INSTAL~1\{72AD9~1\setup.exe -rebootC:\PROGRA~2
\INSTAL~1\{72AD9~1\reboot.ini [x]
HKLM-x32\...\RunOnce: [InnoSetupRegFile.0000000004] - "C:\Windows\is-1V0T0.exe" /REG [1544704 2013-08-14] ()
HKLM-x32\...\RunOnce: [InnoSetupRegFile.0000000005] - "C:\Windows\is-9HLPF.exe" /REG [1544704 2013-09-14] ()
HKCU\...\Run: [Google Update] - C:\Users\[Nutzer]\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-
08-14] (Google Inc.)
HKCU\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE [6604568 2013-11-
20] (SUPERAntiSpyware)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\[Nutzer]\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
[1168896 2013-11-15] (Spotify Ltd)
HKCU\...\Run: [Spotify] - C:\Users\[Nutzer]\AppData\Roaming\Spotify\spotify.exe [5955072 2013-11-15] (Spotify
Ltd)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application
Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple
Inc.)
HKLM-x32\...\Run: [Matrox PowerDesk] - C:\Program Files (x86)\Matrox
Graphics\PowerDesk\Matrox.PDesk.Startup.exe [889352 2012-10-23] (Matrox Graphics Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-04] (Avira
Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco
AnyConnect Secure Mobility Client\vpnui.exe [703888 2013-03-26] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Startup:
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x70AE3D3940C3CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q=
{searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q=
{searchTerms}&src=IE-SearchBox&Form=IE8SRC
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7
\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7
\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: outobox - {30f06672-0e95-41a9-80cb-dee386af99ad} - C:\Program Files (x86)\outobox\outoboxBHO.dll
(outobox)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)
\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)
\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common
Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common
Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common
Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common
Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common
Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common
Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\[Nutzer]\AppData\Roaming\Mozilla\Firefox\Profiles\sum0togv.default
FF Homepage: https://www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle
Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @ilok.com/iLokHelper,version=3.1.0.7 - C:\Program Files (x86)\PACE Anti-
Piracy\iLok\NPPaceILok.dll ( PACE Anti-Piracy, Inc)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
(Oracle Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation
Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems
Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\[Nutzer]
\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\[Nutzer]
\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: BYTubeD - Bulk YouTube video Downloader - C:\Users\[Nutzer]
\AppData\Roaming\Mozilla\Firefox\Profiles\sum0togv.default\Extensions\bytubed@cs213.cse.iitk.ac.in
FF Extension: adblockpopups - C:\Users\[Nutzer]
\AppData\Roaming\Mozilla\Firefox\Profiles\sum0togv.default\Extensions\adblockpopups@jessehakanen.net.xpi
FF Extension: dta - C:\Users\[Nutzer]
\AppData\Roaming\Mozilla\Firefox\Profiles\sum0togv.default\Extensions\{DDC359D1-844A-42a7-9AA1-
88A850A938A8}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] -
C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows
Presentation Foundation\DotNetAssistantExtension\
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "https://www.google.de/"
CHR Plugin: (Shockwave Flash) - C:\Users\[Nutzer]\AppData\Local\Google\Chrome\Application\21.0.1180.79
\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\[Nutzer]\AppData\Local\Google\Chrome\Application\31.0.1650.57
\gcswf32.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\[Nutzer]\AppData\Local\Google\Chrome\Application\31.0.1650.57
\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\[Nutzer]\AppData\Local\Google\Chrome\Application\31.0.1650.57
\pdf.dll ()
CHR Plugin: (Google Update) - C:\Users\[Nutzer]\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No
File
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation
Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (ProxTube) - C:\Users\[Nutzer]\AppData\Local\Google\Chrome\User
Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.2.4_0
CHR Extension: (YouTube) - C:\Users\[Nutzer]\AppData\Local\Google\Chrome\User
Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (outobox) - C:\Users\[Nutzer]\AppData\Local\Google\Chrome\User
Data\Default\Extensions\fjpdnoojnohifgekbkmnfbiobhcbedka\1.0.0_0
CHR Extension: (AdBlock) - C:\Users\[Nutzer]\AppData\Local\Google\Chrome\User
Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.14_0
CHR Extension: (New Tab Behavior) - C:\Users\[Nutzer]\AppData\Local\Google\Chrome\User
Data\Default\Extensions\gjgjmlflcoalihhlikncfkoclobaemeg\1.0.1_0
CHR Extension: (FlashBlock) - C:\Users\[Nutzer]\AppData\Local\Google\Chrome\User
Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl\0.9.31_0
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\[Nutzer]
\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak\1.0_0
CHR Extension: (Tiny MP3 Player - MP3 Link Music Player) - C:\Users\[Nutzer]\AppData\Local\Google\Chrome\User
Data\Default\Extensions\klphnalhafkamjdgcmpmijohkkokajbg\1.3_0
CHR Extension: (Stop Autoplay for YouTube.) - C:\Users\[Nutzer]\AppData\Local\Google\Chrome\User
Data\Default\Extensions\lgdfnbpkmkkdhgidgcpdkgpdlfjcgnnh\0.11.5.24_0
CHR Extension: (Google Wallet) - C:\Users\[Nutzer]\AppData\Local\Google\Chrome\User
Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Better Pop Up Blocker) - C:\Users\[Nutzer]\AppData\Local\Google\Chrome\User
Data\Default\Extensions\nmpeeekfhbmikbdhlpjbfmnpgcbeggic\2.1.6_0
CHR HKLM-x32\...\Chrome\Extension: [fjpdnoojnohifgekbkmnfbiobhcbedka] - C:\Program Files (x86)
\outobox\fjpdnoojnohifgekbkmnfbiobhcbedka.crx
==================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-04] (Avira
Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-04] (Avira
Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-04] (Avira
Operations GmbH & Co. KG)
R2 hasplms; C:\Windows\system32\hasplms.exe [4889032 2011-12-30] (SafeNet Inc.)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2012-12-12]
(Nero AG)
R2 iphlpsvc; C:\Windows\System32\svchost.exe [27648 2008-01-21] (Microsoft Corporation)
R2 lmhosts; C:\Windows\system32\svchost.exe [27648 2008-01-21] (Microsoft Corporation)
R2 Matrox.Pdesk3.ServicesHost; C:\Program Files (x86)\Matrox Graphics\PowerDesk\Matrox.PDesk.Services.exe
[3867656 2012-10-23] (Matrox Graphics Inc)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27648 2008-01-21] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27648 2008-01-21] (Microsoft Corporation)
R2 OAcat; C:\Program Files (x86)\Online Armor\OAcat.exe [216072 2012-10-02] (Emsisoft GmbH)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [93048 2007-01-25] (CACE Technologies)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1326176 2012-07-25] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [681056 2012-07-25] (Secunia)
R2 SvcOnlineArmor; C:\Program Files (x86)\Online Armor\oasrv.exe [4463864 2012-10-02] (Emsisoft GmbH)
R2 Update outobox; C:\Program Files (x86)\outobox\updateoutobox.exe [66840 2013-11-12] ()
R2 Util outobox; C:\Program Files (x86)\outobox\bin\utiloutobox.exe [66840 2013-11-23] ()
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u
https://activation.paceap.com/InitiateActivation [x]
S3 RpcLocator; %SystemRoot%\system32\locator.exe [x]
==================== Drivers (Whitelisted) ====================
S3 acsint; C:\Windows\System32\DRIVERS\acsint64.sys [49104 2013-03-26] (Cisco Systems, Inc.)
S3 acsmux; C:\Windows\System32\DRIVERS\acsmux64.sys [73168 2013-03-26] (Cisco Systems, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-08-05] (Avira Operations GmbH & Co. KG)
S1 Beep; No ImagePath
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [321536 2011-09-28] (SafeNet Inc.)
S4 Htcdrmthuns; C:\Windows\SysWow64\drivers\AsInsHelp64.sys [11832 2008-01-04] ()
S3 iLokDrvr; C:\Windows\System32\DRIVERS\iLokDrvr.sys [25808 2013-04-11] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15680 2006-10-31] ()
S3 NPF; C:\Windows\System32\drivers\npf.sys [40208 2007-01-25] (CACE Technologies)
R1 OADevice; C:\Windows\SysWow64\Drivers\OADriver.sys [61632 2012-10-02] ()
R1 oahlpXX; C:\Windows\syswow64\drivers\oahlp64.sys [62016 2012-10-02] ()
R1 OAmon; C:\Windows\SysWOW64\Drivers\OAmon.sys [40520 2012-10-02] (Emsisoft)
R3 OAnet; C:\Windows\System32\DRIVERS\oanet.sys [32920 2012-02-10] (Emsisoft)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and
SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and
SUPERAntiSpyware.com)
R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [59184 2011-11-17] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [572336 2011-11-17] (Paragon)
R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [352816 2011-11-17] (Paragon)
S3 VLAN; C:\Windows\System32\DRIVERS\RtVLAN60.sys [29472 2010-01-14] (Windows (R) Codename Longhorn DDK
provider)
S3 ATICDSDr; \??\C:\Users\Admin\AppData\Local\Temp\ATICDSDr.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-26 17:20 - 2013-11-26 17:20 - 00010511 _____ C:\ComboFix.txt
2013-11-26 17:20 - 2013-11-26 17:20 - 00000979 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\Internet Explorer.lnk
2013-11-26 17:20 - 2013-11-26 17:20 - 00000949 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\Internet Explorer (64-bit).lnk
2013-11-26 17:20 - 2013-11-26 17:20 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\Accessories
2013-11-24 20:03 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-11-24 20:03 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-11-24 20:03 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-11-24 20:03 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-11-24 20:03 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-11-24 20:03 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-11-24 20:03 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-11-24 20:03 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-11-24 20:02 - 2013-11-26 17:20 - 00000000 ____D C:\Qoobox
2013-11-24 20:02 - 2013-11-26 17:18 - 00000000 ____D C:\Windows\erdnt
2013-11-24 20:02 - 2013-11-26 17:05 - 00000000 ____D C:\32788R22FWJFW
2013-11-24 20:02 - 2013-11-24 20:02 - 00000000 ___RD C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\Administrative Tools
2013-11-24 19:50 - 2013-11-24 19:51 - 00000000 ____D C:\AdwCleaner
2013-11-24 19:08 - 2013-11-24 19:40 - 00000000 _____ C:\Users\[Nutzer]\Desktop\Threat-temp.txt
2013-11-24 19:02 - 2013-11-24 19:02 - 00000074 _____ C:\Users\[Nutzer]\Desktop\Threat-Thread.txt
2013-11-24 17:56 - 2013-11-24 17:56 - 00000000 ____D C:\FRST
2013-11-24 17:47 - 2013-11-26 19:35 - 00000000 ____D C:\Users\[Nutzer]\Desktop\Threat - System Care Antivirus
2013-11-24 17:29 - 2013-11-24 17:29 - 105952601 _____ C:\Windows\SysWOW64\䣠쟏輼¾
2013-11-23 15:14 - 2013-11-23 15:14 - 00000000 ____D C:\Users\[Nutzer]\Screensaver
2013-11-22 13:21 - 2013-11-22 13:21 - 00000000 ____D C:\Users\[Nutzer]
\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Power Tab Software
2013-11-22 13:21 - 2013-11-22 13:21 - 00000000 ____D C:\Program Files (x86)\Power Tab Software
2013-11-22 13:18 - 2003-08-20 06:06 - 02512896 _____ C:\Users\[Nutzer]\Downloads\PTEditor17.msi
2013-11-22 13:18 - 2003-08-20 06:05 - 00000041 _____ C:\Users\[Nutzer]\Downloads\Setup.Ini
2013-11-22 13:18 - 2002-01-05 07:46 - 00065536 _____ (Microsoft Corporation) C:\Users\[Nutzer]
\Downloads\Setup.Exe
2013-11-22 13:18 - 2001-09-25 15:05 - 01707856 _____ (Microsoft Corporation) C:\Users\[Nutzer]
\Downloads\InstMsiA.Exe
2013-11-22 13:18 - 2001-09-11 18:04 - 01821008 _____ (Microsoft Corporation) C:\Users\[Nutzer]
\Downloads\InstMsiW.Exe
2013-11-22 13:16 - 2013-11-23 14:08 - 00000000 ____D C:\Program Files (x86)\outobox
2013-11-22 13:15 - 2013-11-22 13:15 - 00422350 _____ C:\Users\Admin\AppData\Local\dd_vcredistMSI789D.txt
2013-11-22 13:14 - 2013-11-22 13:15 - 00014322 _____ C:\Users\Admin\AppData\Local\dd_vcredistUI789D.txt
2013-11-22 13:10 - 2013-11-22 13:17 - 05917258 _____ C:\Users\[Nutzer]\Downloads\powertab.zip
2013-11-22 13:09 - 2013-11-22 13:09 - 00923784 _____ (CNET Download.com) C:\Users\[Nutzer]\Downloads\cbsidlm
-cbsi145-Power_Tab_Editor-ORG-10502034.exe
2013-11-22 12:28 - 2013-11-22 12:28 - 00494192 _____ () C:\Users\[Nutzer]\Downloads\Winfy.exe
2013-11-17 17:56 - 2013-11-17 17:56 - 00000001 _____ C:\Users\Admin\AppData\Local\llftool.4.30.agreement
2013-11-17 17:55 - 2013-11-17 17:55 - 02043392 _____ C:\Users\[Nutzer]\Downloads\HDDLLF.4.30.exe
2013-11-17 17:55 - 2013-11-17 17:55 - 00000001 _____ C:\Users\[Nutzer]\AppData\Local\llftool.4.30.agreement
2013-11-17 17:53 - 2013-11-17 17:53 - 00098304 _____ (Hewlett-Packard Company) C:\Users\[Nutzer]
\Downloads\HPUSBFW_v2.2.3.exe
2013-11-16 11:11 - 2013-11-16 11:11 - 104513208 _____ C:\Windows\SysWOW64\ⰳ䒺輼ª
2013-11-15 08:57 - 2013-11-15 10:31 - 00033333 _____ C:\Users\[Nutzer]\temp.aup
2013-11-15 08:57 - 2013-11-15 08:57 - 00000000 ____D C:\Users\[Nutzer]\temp_data
2013-11-12 11:48 - 2013-11-15 13:33 - 00000355 _____ C:\Users\[Nutzer]\Desktop\temp.txt
2013-11-07 16:17 - 2013-11-07 16:17 - 00000000 ____D C:\Users\[Nutzer]\Documents\Adobe
2013-11-06 11:48 - 2013-11-06 11:48 - 00091888 _____ C:\Users\[Nutzer]\Documents\R-nr.79743.xlsx
2013-11-01 18:57 - 2013-11-01 20:14 - 00034304 ____H C:\Users\[Nutzer]\Desktop\~WRL3437.tmp
2013-11-01 18:57 - 2013-11-01 20:14 - 00034304 ____H C:\Users\[Nutzer]\Desktop\~WRL2974.tmp
2013-11-01 18:57 - 2013-11-01 20:14 - 00034304 ____H C:\Users\[Nutzer]\Desktop\~WRL2463.tmp
2013-11-01 18:57 - 2013-11-01 20:14 - 00033792 ____H C:\Users\[Nutzer]\Desktop\~WRL2263.tmp
2013-11-01 18:57 - 2013-11-01 20:12 - 00033792 ____H C:\Users\[Nutzer]\Desktop\~WRL3739.tmp
2013-11-01 18:57 - 2013-11-01 20:12 - 00033792 ____H C:\Users\[Nutzer]\Desktop\~WRL1742.tmp
2013-11-01 18:57 - 2013-11-01 20:12 - 00033792 ____H C:\Users\[Nutzer]\Desktop\~WRL0566.tmp
2013-11-01 18:57 - 2013-11-01 20:11 - 00033792 ____H C:\Users\[Nutzer]\Desktop\~WRL1319.tmp
2013-11-01 18:57 - 2013-11-01 20:11 - 00033792 ____H C:\Users\[Nutzer]\Desktop\~WRL0622.tmp
2013-11-01 18:57 - 2013-11-01 20:10 - 00033792 ____H C:\Users\[Nutzer]\Desktop\~WRL2703.tmp
2013-10-30 19:28 - 2013-11-26 19:09 - 00000000 ____D C:\Users\[Nutzer]\AppData\Roaming\Spotify
2013-10-30 19:28 - 2013-11-26 18:54 - 00000000 ____D C:\Users\[Nutzer]\AppData\Local\Spotify
2013-10-30 19:28 - 2013-10-30 19:40 - 00001721 _____ C:\Users\[Nutzer]\Desktop\Spotify.lnk
2013-10-30 19:28 - 2013-10-30 19:40 - 00001707 _____ C:\Users\[Nutzer]
\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2013-10-30 19:28 - 2013-10-30 19:28 - 27576432 _____ (Spotify Ltd) C:\Users\[Nutzer]\Downloads\Spotify
Installer.exe
2013-10-28 18:22 - 2013-11-24 19:00 - 00000000 ____D C:\Users\[Nutzer]\Documents\FIFA 14
2013-10-28 18:21 - 2013-10-28 18:21 - 00001077 _____ C:\Users\Public\Desktop\FIFA 14.lnk
2013-10-28 17:50 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\XAudio2_7.dll
2013-10-28 17:50 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32
\XAudio2_7.dll
2013-10-28 17:50 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32
\XAPOFX1_5.dll
2013-10-28 17:50 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\XAPOFX1_5.dll
2013-10-28 17:49 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\xactengine3_7.dll
2013-10-28 17:49 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32
\xactengine3_7.dll
2013-10-28 17:49 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32
\D3DCompiler_43.dll
2013-10-28 17:49 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2013-10-28 17:49 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32
\d3dcsx_43.dll
2013-10-28 17:49 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\d3dcsx_43.dll
2013-10-28 17:49 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32
\d3dx10_43.dll
2013-10-28 17:49 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\d3dx10_43.dll
2013-10-28 17:49 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32
\d3dx11_43.dll
2013-10-28 17:49 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\d3dx11_43.dll
2013-10-28 17:49 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32
\XAudio2_6.dll
2013-10-28 17:49 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\XAudio2_6.dll
2013-10-28 17:49 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\xactengine3_6.dll
2013-10-28 17:49 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32
\xactengine3_6.dll
2013-10-28 17:49 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32
\XAPOFX1_4.dll
2013-10-28 17:49 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\XAPOFX1_4.dll
2013-10-28 17:49 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32
\X3DAudio1_7.dll
2013-10-28 17:49 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\X3DAudio1_7.dll
2013-10-28 17:49 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32
\XAudio2_5.dll
2013-10-28 17:49 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\XAudio2_5.dll
2013-10-28 17:49 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\xactengine3_5.dll
2013-10-28 17:49 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32
\xactengine3_5.dll
2013-10-28 17:49 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32
\XAPOFX1_3.dll
2013-10-28 17:49 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\XAPOFX1_3.dll
2013-10-28 17:49 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32
\d3dcsx_42.dll
2013-10-28 17:49 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\d3dcsx_42.dll
2013-10-28 17:49 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32
\D3DCompiler_42.dll
2013-10-28 17:49 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2013-10-28 17:49 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\D3DCompiler_42.dll
2013-10-28 17:49 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2013-10-28 17:49 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32
\d3dx10_42.dll
2013-10-28 17:49 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\d3dx10_42.dll
2013-10-28 17:49 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32
\d3dx11_42.dll
2013-10-28 17:49 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\d3dx11_42.dll
2013-10-28 17:49 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32
\XAudio2_4.dll
2013-10-28 17:49 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\XAudio2_4.dll
2013-10-28 17:49 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\xactengine3_4.dll
2013-10-28 17:49 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32
\xactengine3_4.dll
2013-10-28 17:49 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32
\X3DAudio1_6.dll
2013-10-28 17:49 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\X3DAudio1_6.dll
2013-10-28 17:49 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2013-10-28 17:49 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2013-10-28 17:49 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32
\D3DCompiler_41.dll
2013-10-28 17:49 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\D3DCompiler_41.dll
2013-10-28 17:49 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32
\d3dx10_41.dll
2013-10-28 17:49 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\d3dx10_41.dll
2013-10-28 17:49 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32
\XAudio2_3.dll
2013-10-28 17:49 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\XAudio2_3.dll
2013-10-28 17:49 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\xactengine3_3.dll
2013-10-28 17:49 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32
\xactengine3_3.dll
2013-10-28 17:49 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32
\XAPOFX1_2.dll
2013-10-28 17:49 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\XAPOFX1_2.dll
2013-10-28 17:49 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32
\X3DAudio1_5.dll
2013-10-28 17:49 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\X3DAudio1_5.dll
2013-10-28 17:49 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2013-10-28 17:49 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2013-10-28 17:49 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32
\D3DCompiler_40.dll
2013-10-28 17:49 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\D3DCompiler_40.dll
2013-10-28 17:49 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32
\d3dx10_40.dll
2013-10-28 17:49 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\d3dx10_40.dll
2013-10-28 17:49 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\xactengine3_2.dll
2013-10-28 17:49 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32
\xactengine3_2.dll
2013-10-28 17:49 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32
\XAPOFX1_1.dll
2013-10-28 17:49 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\XAPOFX1_1.dll
2013-10-28 17:49 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32
\XAudio2_2.dll
2013-10-28 17:49 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\XAudio2_2.dll
2013-10-28 17:49 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\d3dx10_39.dll
2013-10-28 17:49 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2013-10-28 17:49 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2013-10-28 17:49 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32
\D3DCompiler_39.dll
2013-10-28 17:49 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\D3DCompiler_39.dll
2013-10-28 17:49 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32
\d3dx10_39.dll
2013-10-28 17:49 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32
\XAudio2_1.dll
2013-10-28 17:49 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\XAudio2_1.dll
2013-10-28 17:49 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\xactengine3_1.dll
2013-10-28 17:49 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32
\xactengine3_1.dll
2013-10-28 17:49 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32
\XAPOFX1_0.dll
2013-10-28 17:49 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\XAPOFX1_0.dll
2013-10-28 17:49 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\X3DAudio1_4.dll
2013-10-28 17:49 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32
\X3DAudio1_4.dll
2013-10-28 17:49 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2013-10-28 17:49 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2013-10-28 17:49 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32
\D3DCompiler_38.dll
2013-10-28 17:49 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\D3DCompiler_38.dll
2013-10-28 17:49 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32
\d3dx10_38.dll
2013-10-28 17:49 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\d3dx10_38.dll
2013-10-28 17:49 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32
\XAudio2_0.dll
2013-10-28 17:49 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\XAudio2_0.dll
2013-10-28 17:49 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\xactengine3_0.dll
2013-10-28 17:49 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32
\xactengine3_0.dll
2013-10-28 17:49 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32
\X3DAudio1_3.dll
2013-10-28 17:49 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\X3DAudio1_3.dll
2013-10-28 17:49 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2013-10-28 17:49 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2013-10-28 17:49 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32
\D3DCompiler_37.dll
2013-10-28 17:49 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\D3DCompiler_37.dll
2013-10-28 17:49 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32
\d3dx10_37.dll
2013-10-28 17:49 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\d3dx10_37.dll
2013-10-28 17:49 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32
\xactengine2_10.dll
2013-10-28 17:49 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\xactengine2_10.dll
2013-10-28 17:49 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32
\X3DAudio1_2.dll
2013-10-28 17:49 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\X3DAudio1_2.dll
2013-10-28 17:49 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2013-10-28 17:49 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2013-10-28 17:49 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32
\D3DCompiler_36.dll
2013-10-28 17:49 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\D3DCompiler_36.dll
2013-10-28 17:49 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32
\d3dx10_36.dll
2013-10-28 17:49 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\d3dx10_36.dll
2013-10-28 17:49 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32
\xactengine2_9.dll
2013-10-28 17:49 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\xactengine2_9.dll
2013-10-28 17:49 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2013-10-28 17:49 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2013-10-28 17:49 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32
\D3DCompiler_35.dll
2013-10-28 17:49 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\D3DCompiler_35.dll
2013-10-28 17:49 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32
\d3dx10_35.dll
2013-10-28 17:49 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\d3dx10_35.dll
2013-10-28 17:49 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32
\xactengine2_8.dll
2013-10-28 17:49 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\xactengine2_8.dll
2013-10-28 17:48 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2013-10-28 17:48 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2013-10-28 17:48 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32
\D3DCompiler_34.dll
2013-10-28 17:48 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\D3DCompiler_34.dll
2013-10-28 17:48 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32
\d3dx10_34.dll
2013-10-28 17:48 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\d3dx10_34.dll
2013-10-28 17:48 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32
\xactengine2_7.dll
2013-10-28 17:48 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\xactengine2_7.dll
2013-10-28 17:48 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32
\xinput1_3.dll
2013-10-28 17:48 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\xinput1_3.dll
2013-10-28 17:48 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32
\d3dx10_33.dll
2013-10-28 17:48 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\d3dx10_33.dll
2013-10-28 17:48 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2013-10-28 17:48 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2013-10-28 17:48 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32
\D3DCompiler_33.dll
2013-10-28 17:48 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\D3DCompiler_33.dll
2013-10-28 17:48 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32
\x3daudio1_1.dll
2013-10-28 17:48 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\x3daudio1_1.dll
2013-10-28 17:48 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32
\xactengine2_6.dll
2013-10-28 17:48 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\xactengine2_6.dll
2013-10-28 17:48 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\xactengine2_5.dll
2013-10-28 17:48 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32
\xactengine2_5.dll
2013-10-28 17:48 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2013-10-28 17:48 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2013-10-28 17:48 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2013-10-28 17:48 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2013-10-28 17:48 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2013-10-28 17:48 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2013-10-28 17:48 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\xactengine2_4.dll
2013-10-28 17:48 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32
\xactengine2_4.dll
2013-10-28 17:48 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32
\xinput1_2.dll
2013-10-28 17:48 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32
\xactengine2_3.dll
2013-10-28 17:48 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\xactengine2_3.dll
2013-10-28 17:48 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\xinput1_2.dll
2013-10-28 17:48 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\xactengine2_2.dll
2013-10-28 17:48 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32
\xactengine2_2.dll
2013-10-28 17:48 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2013-10-28 17:48 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2013-10-28 17:48 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32
\xactengine2_1.dll
2013-10-28 17:48 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\xactengine2_1.dll
2013-10-28 17:48 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32
\xinput1_1.dll
2013-10-28 17:48 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\xinput1_1.dll
2013-10-28 17:48 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2013-10-28 17:48 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2013-10-28 17:48 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32
\xactengine2_0.dll
2013-10-28 17:48 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\xactengine2_0.dll
2013-10-28 17:48 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32
\x3daudio1_0.dll
2013-10-28 17:48 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64
\x3daudio1_0.dll
2013-10-28 17:48 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2013-10-28 17:48 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2013-10-28 17:48 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2013-10-28 17:48 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2013-10-28 17:48 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2013-10-28 17:48 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2013-10-28 17:48 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2013-10-28 17:48 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2013-10-28 17:48 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2013-10-28 17:48 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2013-10-28 08:44 - 2013-10-28 14:43 - 103734365 _____ C:\Windows\SysWOW64\⻳蠺輼¸
==================== One Month Modified Files and Folders =======
2013-11-26 19:35 - 2013-11-24 17:47 - 00000000 ____D C:\Users\[Nutzer]\Desktop\Threat - System Care Antivirus
2013-11-26 19:31 - 2006-11-02 16:21 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-
9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-26 19:31 - 2006-11-02 16:21 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-
9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-26 19:28 - 2012-08-14 13:58 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-
2107122012-3887617209-2813249809-1000UA.job
2013-11-26 19:09 - 2013-10-30 19:28 - 00000000 ____D C:\Users\[Nutzer]\AppData\Roaming\Spotify
2013-11-26 19:08 - 2012-08-14 22:22 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-
2107122012-3887617209-2813249809-1001UA.job
2013-11-26 18:59 - 2013-07-06 08:46 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-26 18:54 - 2013-10-30 19:28 - 00000000 ____D C:\Users\[Nutzer]\AppData\Local\Spotify
2013-11-26 18:23 - 2013-03-08 14:54 - 00000000 ____D C:\Users\[Nutzer]\AppData\Local\HTC MediaHub
2013-11-26 17:34 - 2008-01-21 02:53 - 01107755 _____ C:\Windows\WindowsUpdate.log
2013-11-26 17:31 - 2012-09-21 14:45 - 00000000 ____D C:\ProgramData\PACE
2013-11-26 17:31 - 2006-11-02 16:40 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-26 17:31 - 2006-11-02 16:39 - 00340806 _____ C:\Windows\PFRO.log
2013-11-26 17:30 - 2006-11-02 16:40 - 00032644 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-26 17:20 - 2013-11-26 17:20 - 00010511 _____ C:\ComboFix.txt
2013-11-26 17:20 - 2013-11-26 17:20 - 00000979 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\Internet Explorer.lnk
2013-11-26 17:20 - 2013-11-26 17:20 - 00000949 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\Internet Explorer (64-bit).lnk
2013-11-26 17:20 - 2013-11-26 17:20 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\Accessories
2013-11-26 17:20 - 2013-11-24 20:02 - 00000000 ____D C:\Qoobox
2013-11-26 17:20 - 2006-11-02 14:33 - 00000000 __RHD C:\Users\Default
2013-11-26 17:18 - 2013-11-24 20:02 - 00000000 ____D C:\Windows\erdnt
2013-11-26 17:18 - 2012-08-14 22:18 - 00000000 ___RD C:\Users\[Nutzer]
\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-26 17:17 - 2006-11-02 13:34 - 00000215 _____ C:\Windows\system.ini
2013-11-26 17:05 - 2013-11-24 20:02 - 00000000 ____D C:\32788R22FWJFW
2013-11-26 16:54 - 2013-10-07 08:09 - 00003091 _____ C:\Users\[Nutzer]\Desktop\Do It.txt
2013-11-26 16:31 - 2012-08-15 10:14 - 00000000 ____D C:\Users\[Nutzer]\AppData\Roaming\Dropbox
2013-11-24 20:02 - 2013-11-24 20:02 - 00000000 ___RD C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\Administrative Tools
2013-11-24 19:51 - 2013-11-24 19:50 - 00000000 ____D C:\AdwCleaner
2013-11-24 19:51 - 2012-08-13 17:37 - 00000000 ___RD C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\Startup
2013-11-24 19:47 - 2012-08-14 15:26 - 00000000 ____D C:\Program Files (x86)\Online Armor
2013-11-24 19:44 - 2006-11-02 16:21 - 04999632 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-24 19:40 - 2013-11-24 19:08 - 00000000 _____ C:\Users\[Nutzer]\Desktop\Threat-temp.txt
2013-11-24 19:02 - 2013-11-24 19:02 - 00000074 _____ C:\Users\[Nutzer]\Desktop\Threat-Thread.txt
2013-11-24 19:00 - 2013-10-28 18:22 - 00000000 ____D C:\Users\[Nutzer]\Documents\FIFA 14
2013-11-24 18:20 - 2012-11-06 18:50 - 00000000 ____D C:\Program Files (x86)\Origin
2013-11-24 18:12 - 2012-08-14 22:19 - 00000000 ____D C:\Users\[Nutzer]\AppData\Roaming\OnlineArmor
2013-11-24 17:59 - 2013-02-19 10:29 - 00000000 ____D C:\Users\[Nutzer]\Desktop\[Firma]
2013-11-24 17:56 - 2013-11-24 17:56 - 00000000 ____D C:\FRST
2013-11-24 17:29 - 2013-11-24 17:29 - 105952601 _____ C:\Windows\SysWOW64\䣠쟏輼¾
2013-11-23 15:16 - 2012-08-18 17:10 - 00111104 _____ C:\Users\[Nutzer]\AppData\Local\DCBC2A71-70D8-4DAN-EHR8
-E0D61DEA3FDF.ini
2013-11-23 15:14 - 2013-11-23 15:14 - 00000000 ____D C:\Users\[Nutzer]\Screensaver
2013-11-23 15:14 - 2012-08-14 22:16 - 00000000 ____D C:\Users\[Nutzer]
2013-11-23 14:08 - 2013-11-22 13:16 - 00000000 ____D C:\Program Files (x86)\outobox
2013-11-22 16:37 - 2012-08-14 22:18 - 00093296 _____ C:\Users\[Nutzer]\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-22 14:36 - 2012-11-30 14:25 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-11-22 13:36 - 2012-08-13 17:37 - 00093296 _____ C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-22 13:21 - 2013-11-22 13:21 - 00000000 ____D C:\Users\[Nutzer]
\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Power Tab Software
2013-11-22 13:21 - 2013-11-22 13:21 - 00000000 ____D C:\Program Files (x86)\Power Tab Software
2013-11-22 13:21 - 2006-11-02 14:33 - 00000000 ____D C:\Windows\Help
2013-11-22 13:17 - 2013-11-22 13:10 - 05917258 _____ C:\Users\[Nutzer]\Downloads\powertab.zip
2013-11-22 13:15 - 2013-11-22 13:15 - 00422350 _____ C:\Users\Admin\AppData\Local\dd_vcredistMSI789D.txt
2013-11-22 13:15 - 2013-11-22 13:14 - 00014322 _____ C:\Users\Admin\AppData\Local\dd_vcredistUI789D.txt
2013-11-22 13:09 - 2013-11-22 13:09 - 00923784 _____ (CNET Download.com) C:\Users\[Nutzer]\Downloads\cbsidlm
-cbsi145-Power_Tab_Editor-ORG-10502034.exe
2013-11-22 12:54 - 2012-08-15 09:22 - 00000000 ____D C:\Users\[Nutzer]\Desktop\privat
2013-11-22 12:28 - 2013-11-22 12:28 - 00494192 _____ () C:\Users\[Nutzer]\Downloads\Winfy.exe
2013-11-22 11:39 - 2008-01-21 11:47 - 01418806 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-22 11:39 - 2008-01-21 11:46 - 00618204 _____ C:\Windows\system32\perfh007.dat
2013-11-22 11:39 - 2008-01-21 11:46 - 00122636 _____ C:\Windows\system32\perfc007.dat
2013-11-22 10:29 - 2012-08-14 13:58 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-
2107122012-3887617209-2813249809-1000Core.job
2013-11-22 09:20 - 2012-08-18 17:14 - 00000000 ____D C:\Users\[Nutzer]\AppData\Roaming\vlc
2013-11-22 09:02 - 2013-01-26 12:23 - 00000000 ____D C:\Users\[Nutzer]\AppData\Local\JDownloader 2.0
2013-11-21 21:08 - 2012-08-14 22:22 - 00001076 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-
2107122012-3887617209-2813249809-1001Core.job
2013-11-17 17:56 - 2013-11-17 17:56 - 00000001 _____ C:\Users\Admin\AppData\Local\llftool.4.30.agreement
2013-11-17 17:55 - 2013-11-17 17:55 - 02043392 _____ C:\Users\[Nutzer]\Downloads\HDDLLF.4.30.exe
2013-11-17 17:55 - 2013-11-17 17:55 - 00000001 _____ C:\Users\[Nutzer]\AppData\Local\llftool.4.30.agreement
2013-11-17 17:53 - 2013-11-17 17:53 - 00098304 _____ (Hewlett-Packard Company) C:\Users\[Nutzer]
\Downloads\HPUSBFW_v2.2.3.exe
2013-11-17 16:20 - 2012-08-16 14:13 - 00000000 ____D C:\Users\[Nutzer]\AppData\Roaming\Adobe
2013-11-17 16:20 - 2012-08-16 14:03 - 00000000 ____D C:\ProgramData\Adobe
2013-11-17 16:18 - 2012-08-13 17:36 - 00000000 ____D C:\Users\Admin
2013-11-16 11:11 - 2013-11-16 11:11 - 104513208 _____ C:\Windows\SysWOW64\ⰳ䒺輼ª
2013-11-15 13:33 - 2013-11-12 11:48 - 00000355 _____ C:\Users\[Nutzer]\Desktop\temp.txt
2013-11-15 10:32 - 2012-09-04 22:13 - 00000000 ____D C:\Users\[Nutzer]\AppData\Roaming\Audacity
2013-11-15 10:31 - 2013-11-15 08:57 - 00033333 _____ C:\Users\[Nutzer]\temp.aup
2013-11-15 08:57 - 2013-11-15 08:57 - 00000000 ____D C:\Users\[Nutzer]\temp_data
2013-11-14 22:58 - 2013-09-22 18:20 - 00000000 ____D C:\Users\[Nutzer]\Desktop\for Kindle
2013-11-07 16:17 - 2013-11-07 16:17 - 00000000 ____D C:\Users\[Nutzer]\Documents\Adobe
2013-11-06 17:16 - 2012-08-14 20:46 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-11-06 11:48 - 2013-11-06 11:48 - 00091888 _____ C:\Users\[Nutzer]\Documents\R-nr.79743.xlsx
2013-11-04 14:40 - 2012-08-16 08:49 - 00000925 _____ C:\Users\[Nutzer]\Desktop\Dropbox.lnk
2013-11-04 14:40 - 2012-08-16 08:48 - 00000000 ____D C:\Users\[Nutzer]
\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-11-01 20:14 - 2013-11-01 18:57 - 00034304 ____H C:\Users\[Nutzer]\Desktop\~WRL3437.tmp
2013-11-01 20:14 - 2013-11-01 18:57 - 00034304 ____H C:\Users\[Nutzer]\Desktop\~WRL2974.tmp
2013-11-01 20:14 - 2013-11-01 18:57 - 00034304 ____H C:\Users\[Nutzer]\Desktop\~WRL2463.tmp
2013-11-01 20:14 - 2013-11-01 18:57 - 00033792 ____H C:\Users\[Nutzer]\Desktop\~WRL2263.tmp
2013-11-01 20:12 - 2013-11-01 18:57 - 00033792 ____H C:\Users\[Nutzer]\Desktop\~WRL3739.tmp
2013-11-01 20:12 - 2013-11-01 18:57 - 00033792 ____H C:\Users\[Nutzer]\Desktop\~WRL1742.tmp
2013-11-01 20:12 - 2013-11-01 18:57 - 00033792 ____H C:\Users\[Nutzer]\Desktop\~WRL0566.tmp
2013-11-01 20:11 - 2013-11-01 18:57 - 00033792 ____H C:\Users\[Nutzer]\Desktop\~WRL1319.tmp
2013-11-01 20:11 - 2013-11-01 18:57 - 00033792 ____H C:\Users\[Nutzer]\Desktop\~WRL0622.tmp
2013-11-01 20:10 - 2013-11-01 18:57 - 00033792 ____H C:\Users\[Nutzer]\Desktop\~WRL2703.tmp
2013-10-30 19:40 - 2013-10-30 19:28 - 00001721 _____ C:\Users\[Nutzer]\Desktop\Spotify.lnk
2013-10-30 19:40 - 2013-10-30 19:28 - 00001707 _____ C:\Users\[Nutzer]
\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2013-10-30 19:28 - 2013-10-30 19:28 - 27576432 _____ (Spotify Ltd) C:\Users\[Nutzer]\Downloads\Spotify
Installer.exe
2013-10-28 18:48 - 2012-08-15 07:42 - 00000000 ____D C:\Users\[Nutzer]\Documents\FIFA 12
2013-10-28 18:22 - 2012-08-14 20:45 - 00000000 ____D C:\ProgramData\Origin
2013-10-28 18:21 - 2013-10-28 18:21 - 00001077 _____ C:\Users\Public\Desktop\FIFA 14.lnk
2013-10-28 18:20 - 2012-08-14 22:54 - 00044405 _____ C:\Windows\DirectX.log
2013-10-28 14:43 - 2013-10-28 08:44 - 103734365 _____ C:\Windows\SysWOW64\⻳蠺輼¸
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================ --- --- ---
--- --- ---
--- --- ---
Gruß
Molto |