| |
| |||||||
Log-Analyse und Auswertung: BKA-TrojanerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
05.08.2013, 17:22
| #16 |
 |  BKA-TrojanerCode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 30-07-2013 04
Ran by Karo at 2013-08-05 16:16:55 Run:4
Running from C:\Dokumente und Einstellungen\Karo\Desktop
Boot Mode: Normal
==============================================
C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\regmonstd.lnk => Moved successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\rolhj.js => Moved successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\tr2v.js => Moved successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value was restored successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon => Key deleted successfully.
HKLM\Software\Classes\CLSID\{750fdf0e-2a26-11d1-a3ea-080036587f03}\InprocServer32\\Default => Value was restored successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
"C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\phxzbypky" => File/Directory not found.
"C:\Temp\qljehgsaovfkesavc.dll" => File/Directory not found.
HKU\Administrator\Software\Microsoft\Windows\CurrentVersion\Run\\ctfmon32.exe => Value not found.
==== End of Fixlog ====
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-07-2013 04 (ATTENTION: ====> FRST version is 6 days old and could be outdated)
Ran by Karo (administrator) on 05-08-2013 16:18:39
Running from C:\Dokumente und Einstellungen\Karo\Desktop
Microsoft Windows XP Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Could not list processes ===============
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDCPL] - C:\Windows\RTHDCPL.EXE [16062464 2006-12-19] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SkyTel] - C:\Windows\SkyTel.EXE [2879488 2006-05-16] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] - C:\Windows\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [avgnt] - C:\Programme\Avira\AntiVir Desktop\avgnt.exe [281768 2010-12-13] (Avira GmbH)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [249064 2010-10-29] (Sun Microsystems, Inc.)
HKLM\...\Run: [AppleSyncNotifier] - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.)
HKLM\...\Run: [LWS] - C:\Programme\Logitech\LWS\Webcam Software\LWS.exe [165208 2010-05-07] (Logitech Inc.)
HKLM\...\Run: [HP Software Update] - C:\Programme\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM\...\Run: [APSDaemon] - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Programme\iTunes\iTunesHelper.exe [421736 2011-11-13] (Apple Inc.)
HKLM\...\Run: [KiesTrayAgent] - C:\Programme\Samsung\Kies\KiesTrayAgent.exe [309688 2012-12-03] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [Adobe ARM] - C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-10] (Adobe Systems Incorporated)
HKCU\...\Run: [StartCCC] - C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [90112 2006-11-10] ()
HKCU\...\Run: [swg] - "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [x]
HKCU\...\Run: [Logitech Vid HD] - C:\Programme\Logitech\Vid\vid.exe [6061400 2010-05-11] (Logitech Inc.)
HKCU\...\Run: [MSMSGS] - C:\Programme\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKCU\...\Run: [NTRedirect] - C:\WINDOWS\system32\rundll32.exe [33792 2008-04-14] (Microsoft Corporation)
HKU\Administrator\...\Run: [] - [x]
HKU\Administrator\...\Run: [StartCCC] - C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [ 2006-11-10] ()
HKU\Administrator\...\Run: [swg] - "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [x]
HKU\Administrator\...\Run: [MSMSGS] - C:\Programme\Messenger\msmsgs.exe [ 2008-04-14] (Microsoft Corporation)
HKU\Administrator\...\Run: [ctfmon32.exe] - C:\DOKUME~1\ALLUSE~1\ANWEND~1\rundll32.exe C:\DOKUME~1\ALLUSE~1\ANWEND~1\jhlor.dat,XFG00 [x] <===== ATTENTION
HKU\Administrator\...\RunOnce: [FlashPlayerUpdate] - C:\WINDOWS\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe -update activex [x]
HKU\Default User\...\RunOnce: [nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N [x]
HKU\Default User\...\RunOnce: [_nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N [x]
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\REALTEK 11n USB Wireless LAN Utility.lnk
ShortcutTarget: REALTEK 11n USB Wireless LAN Utility.lnk -> C:\Programme\Realtek\11n USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Windows Search.lnk
ShortcutTarget: Windows Search.lnk -> C:\Programme\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
Startup: C:\Dokumente und Einstellungen\Karo\Startmenü\Programme\Autostart\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {65759893-8694-43BC-876A-6699814FD7C9} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=827316&p={searchTerms}
SearchScopes: HKCU - {C8AAC839-E6AB-418F-8444-2AFA890364E6} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=DVS2&o=1586&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^AAA&apn_dtid=^YYYYYY^YY^DE&apn_uid=59755d13-de52-4e86-869b-39980b806c89&apn_sauid=7A519D86-4CC2-4414-A0B5-FA937669223B
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: LyricXeeker - {17E58097-6CA5-448B-830F-2A19678248FB} - C:\Programme\LyriXeeker\125.dll (LyriXeeker Tech)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKCU -No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1296499764250
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ipp - No CLSID Value -
Handler: msdaipp - No CLSID Value -
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL (Skype Technologies)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Programme\Avira\AntiVir Desktop\sched.exe [136360 2011-05-08] (Avira GmbH)
R2 AntiVirService; C:\Programme\Avira\AntiVir Desktop\avguard.exe [269480 2011-06-28] (Avira GmbH)
R3 hpqcxs08; C:\Programme\HP\Digital Imaging\bin\hpqcxs08.dll [253568 2009-11-18] (Hewlett-Packard Co.)
R2 hpqddsvc; C:\Programme\HP\Digital Imaging\bin\hpqddsvc.dll [137344 2009-11-18] (Hewlett-Packard Co.)
R3 iPod Service; C:\Programme\iPod\bin\iPodService.exe [821608 2011-11-13] (Apple Inc.)
R2 LVPrcSrv; C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcSrv.exe [162648 2010-05-07] (Logitech Inc.)
R2 Skype C2C Service; C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
S2 SkypeUpdate; C:\Programme\Skype\Updater\Updater.exe [161384 2013-02-28] (Skype Technologies)
S3 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2009-02-04] (Microsoft Corporation)
S4 HidServ; %SystemRoot%\System32\hidserv.dll [x]
R2 JavaQuickStarterService; "C:\Programme\Java\jre6\bin\jqs.exe" -service -config "C:\Programme\Java\jre6\lib\deploy\jqs\jqs.conf" [x]
S2 winmgmt; C:\DOKUME~1\Erilk\5085948.dll [x]
==================== Drivers (Whitelisted) ====================
R2 AegisP; C:\Windows\System32\DRIVERS\AegisP.sys [21361 2011-01-31] (Cisco Systems, Inc.)
R3 AR5416; C:\Windows\System32\DRIVERS\athw.sys [1606368 2011-01-31] (Atheros Communications, Inc.)
R1 avgio; C:\Programme\Avira\AntiVir Desktop\avgio.sys [11608 2010-06-17] (Avira GmbH)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [66616 2011-06-28] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [138192 2011-06-28] (Avira GmbH)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 CompFilter; C:\Windows\System32\DRIVERS\lvbusflt.sys [20704 2010-05-14] (Logitech Inc.)
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] (Windows (R) Server 2003 DDK provider)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49920 2008-10-29] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2008-10-29] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2008-10-29] (HP)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25824 2010-05-07] ()
S3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-14] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
S3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [11136 2008-04-14] (Microsoft Corporation)
S3 sscebus; C:\Windows\System32\DRIVERS\sscebus.sys [98560 2012-06-27] (MCCI Corporation)
S3 sscemdfl; C:\Windows\System32\DRIVERS\sscemdfl.sys [14848 2012-06-27] (MCCI Corporation)
S3 sscemdm; C:\Windows\System32\DRIVERS\sscemdm.sys [123648 2012-06-27] (MCCI Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2010-06-17] (Avira GmbH)
S3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [15232 2008-04-14] (Microsoft Corporation)
S3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-14] (Microsoft Corporation)
S4 IntelIde; No ImagePath
S3 USBAAPL; System32\Drivers\usbaapl.sys [x]
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-05 16:20 - 2013-08-05 16:21 - 00013366 _____ C:\Temp\log3
2013-08-05 16:20 - 2013-08-05 16:21 - 00004890 _____ C:\Temp\log1
2013-08-05 16:19 - 2013-08-05 16:19 - 00000003 _____ C:\Temp\others
2013-08-05 16:18 - 2013-08-05 16:20 - 00011073 _____ C:\Temp\frstlog
2013-08-05 16:18 - 2013-08-05 16:18 - 00000303 _____ C:\Temp\users00
2013-08-05 16:14 - 2013-08-05 16:14 - 00000072 _____ C:\Temp\upeA1F.tmp
2013-08-05 16:12 - 2013-08-05 16:18 - 00016384 ____T C:\Temp\~DF6396.tmp
2013-08-05 16:12 - 2013-08-05 16:12 - 00032768 _____ C:\Temp\~DF8DE4.tmp
2013-08-05 16:12 - 2013-08-05 16:12 - 00032768 _____ C:\Temp\~DF83ED.tmp
2013-08-05 16:12 - 2013-08-05 16:12 - 00016384 _____ C:\Temp\~DF8914.tmp
2013-08-05 16:12 - 2013-08-05 16:12 - 00001313 ____T C:\Temp\MARA1A.tmp
2013-08-05 16:12 - 2013-08-05 16:12 - 00001285 ____T C:\Temp\MARA1B.tmp
2013-08-05 16:12 - 2013-08-05 16:12 - 00000512 ____T C:\Temp\~DF8E2D.tmp
2013-08-05 16:12 - 2013-08-05 16:12 - 00000512 ____T C:\Temp\~DF8A24.tmp
2013-08-05 16:12 - 2013-08-05 16:12 - 00000512 ____T C:\Temp\~DF8543.tmp
2013-08-05 16:12 - 2013-08-05 16:12 - 00000000 ____T C:\Temp\~DF84D5.tmp
2013-08-05 16:12 - 2013-08-05 16:12 - 00000000 ____D C:\Temp\sv9cc.tmp
2013-08-05 16:12 - 2013-08-05 16:12 - 00000000 _____ C:\Temp\upe77D.tmp
2013-08-05 16:11 - 2013-08-05 16:11 - 00000000 _____ C:\Temp\upe15.tmp
2013-08-05 16:10 - 2013-08-05 16:10 - 00000000 ____D C:\Temp\WPDNSE
2013-08-05 16:10 - 2013-08-05 16:10 - 00000000 _____ C:\Temp\uprE.tmp
2013-08-05 16:01 - 2013-08-05 16:01 - 00028832 _____ C:\Temp\java_install.log
2013-08-05 16:01 - 2011-02-02 22:40 - 00157472 _____ (Sun Microsystems, Inc.) C:\WINDOWS\system32\javaws.exe
2013-08-05 16:01 - 2011-02-02 22:40 - 00145184 _____ (Sun Microsystems, Inc.) C:\WINDOWS\system32\javaw.exe
2013-08-05 16:01 - 2011-02-02 22:40 - 00145184 _____ (Sun Microsystems, Inc.) C:\WINDOWS\system32\java.exe
2013-08-05 16:00 - 2013-08-05 16:00 - 00077824 _____ C:\Temp\f69ce.mst
2013-08-05 15:55 - 2013-08-05 15:55 - 00448512 _____ (OldTimer Tools) C:\Dokumente und Einstellungen\Karo\Desktop\TFC.exe
2013-08-05 15:53 - 2013-08-05 15:53 - 00392032 _____ (Softonic ) C:\Dokumente und Einstellungen\Karo\Desktop\SoftonicDownloader_fuer_temp-file-cleaner.exe
2013-08-05 15:46 - 2013-08-05 15:46 - 00001313 ____T C:\Temp\MARA18.tmp
2013-08-05 15:46 - 2013-08-05 15:46 - 00001285 ____T C:\Temp\MARA19.tmp
2013-08-05 15:45 - 2013-08-05 15:45 - 00000281 _____ C:\Temp\uprD.tmp
2013-08-05 15:45 - 2013-08-05 15:45 - 00000072 _____ C:\Temp\upe14.tmp
2013-08-04 16:56 - 2013-08-04 16:56 - 00001313 ____T C:\Temp\MARA16.tmp
2013-08-04 16:56 - 2013-08-04 16:56 - 00001285 ____T C:\Temp\MARA17.tmp
2013-08-04 16:55 - 2013-08-04 16:55 - 00000281 _____ C:\Temp\uprC.tmp
2013-08-04 16:55 - 2013-08-04 16:55 - 00000072 _____ C:\Temp\upe13.tmp
2013-08-03 12:18 - 2013-08-03 12:18 - 00000000 ____D C:\Temp\RarSFX0
2013-08-03 12:14 - 2013-08-03 12:15 - 00891098 _____ C:\Dokumente und Einstellungen\Karo\Desktop\SecurityCheck.exe
2013-08-03 03:33 - 2013-08-03 03:33 - 00001313 ____T C:\Temp\MARA14.tmp
2013-08-03 03:33 - 2013-08-03 03:33 - 00001285 ____T C:\Temp\MARA15.tmp
2013-08-03 03:32 - 2013-08-03 03:32 - 00000073 _____ C:\Temp\upe12.tmp
2013-08-03 03:31 - 2013-08-03 03:32 - 00000281 _____ C:\Temp\uprB.tmp
2013-08-02 23:57 - 2013-08-02 23:57 - 03126311 _____ C:\Temp\NOD377B.tmp
2013-08-02 23:57 - 2013-08-02 23:57 - 00000333 _____ C:\Temp\NOD3B87.tmp
2013-08-02 23:34 - 2013-08-02 23:34 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\ESET
2013-08-02 23:33 - 2013-08-02 23:33 - 00264880 _____ (ESET) C:\Temp\InstHelper.exe
2013-08-02 22:44 - 2013-08-02 22:44 - 00001313 ____T C:\Temp\MARA12.tmp
2013-08-02 22:44 - 2013-08-02 22:44 - 00001285 ____T C:\Temp\MARA13.tmp
2013-08-02 22:43 - 2013-08-02 22:43 - 00000281 _____ C:\Temp\uprA.tmp
2013-08-02 22:43 - 2013-08-02 22:43 - 00000073 _____ C:\Temp\upe11.tmp
2013-08-02 14:01 - 2013-08-02 14:01 - 00062770 _____ C:\Dokumente und Einstellungen\Karo\Desktop\FRST2.txt
2013-08-02 14:00 - 2013-08-02 14:00 - 00029310 _____ C:\Dokumente und Einstellungen\Karo\Desktop\Addition2.txt
2013-08-02 13:18 - 2013-08-02 13:18 - 00000073 _____ C:\Temp\upeA12.tmp
2013-08-02 13:16 - 2013-08-02 13:16 - 00001313 ____T C:\Temp\MARA10.tmp
2013-08-02 13:16 - 2013-08-02 13:16 - 00001285 ____T C:\Temp\MARA11.tmp
2013-08-02 13:16 - 2013-08-02 13:16 - 00000000 _____ C:\Temp\upeF.tmp
2013-08-02 13:15 - 2013-08-02 13:15 - 00000000 _____ C:\Temp\upr9.tmp
2013-08-02 13:15 - 2013-08-02 13:15 - 00000000 _____ C:\Temp\upeE.tmp
2013-08-02 13:12 - 2013-08-02 13:12 - 00017176 _____ C:\AdwCleaner[S1].txt
2013-08-02 13:10 - 2013-08-02 13:10 - 00666633 _____ C:\Dokumente und Einstellungen\Karo\Desktop\adwcleaner06.exe
2013-08-02 12:50 - 2013-08-02 12:50 - 00001313 ____T C:\Temp\MARA0E.tmp
2013-08-02 12:50 - 2013-08-02 12:50 - 00001285 ____T C:\Temp\MARA0F.tmp
2013-08-02 12:49 - 2013-08-02 12:49 - 00000073 _____ C:\Temp\upeD.tmp
2013-08-02 12:48 - 2013-08-02 12:49 - 00000281 _____ C:\Temp\upr8.tmp
2013-08-01 19:54 - 2013-08-01 19:54 - 00001313 ____T C:\Temp\MARA0C.tmp
2013-08-01 19:54 - 2013-08-01 19:54 - 00001285 ____T C:\Temp\MARA0D.tmp
2013-08-01 19:54 - 2013-08-01 19:54 - 00000073 _____ C:\Temp\upeC.tmp
2013-08-01 19:53 - 2013-08-01 19:53 - 00000281 _____ C:\Temp\upr7.tmp
2013-08-01 19:06 - 2013-08-01 19:08 - 00000213 _____ C:\Dokumente und Einstellungen\Karo\Eigene Dateien\Fixlist.txt
2013-08-01 19:01 - 2013-08-01 19:01 - 00001313 ____T C:\Temp\MARA0A.tmp
2013-08-01 19:01 - 2013-08-01 19:01 - 00001285 ____T C:\Temp\MARA0B.tmp
2013-08-01 19:00 - 2013-08-01 19:00 - 00000281 _____ C:\Temp\upr6.tmp
2013-08-01 19:00 - 2013-08-01 19:00 - 00000073 _____ C:\Temp\upe47.tmp
2013-07-31 15:28 - 2013-08-03 12:31 - 00029321 _____ C:\Dokumente und Einstellungen\Karo\Desktop\Addition.txt
2013-07-31 15:22 - 2013-07-31 15:22 - 00000073 _____ C:\Temp\upeB.tmp
2013-07-31 15:21 - 2013-07-31 15:22 - 00000281 _____ C:\Temp\upr5.tmp
2013-07-31 15:17 - 2013-07-31 15:17 - 01781589 _____ (Farbar) C:\Dokumente und Einstellungen\Karo\Desktop\FRST64.exe
2013-07-31 15:16 - 2013-07-31 15:16 - 01222064 _____ (Farbar) C:\Dokumente und Einstellungen\Karo\Desktop\FRST.exe
2013-07-31 15:16 - 2013-07-31 15:16 - 00000000 ____D C:\FRST
2013-07-31 15:00 - 2013-07-31 15:00 - 00000281 _____ C:\Temp\uprA13.tmp
2013-07-31 15:00 - 2013-07-31 15:00 - 00000073 _____ C:\Temp\upeA14.tmp
2013-07-31 14:50 - 2013-07-31 14:50 - 00001313 ____T C:\Temp\MARA08.tmp
2013-07-31 14:50 - 2013-07-31 14:50 - 00001285 ____T C:\Temp\MARA09.tmp
2013-07-31 14:49 - 2013-07-31 14:49 - 00000281 _____ C:\Temp\upr4.tmp
2013-07-31 14:49 - 2013-07-31 14:49 - 00000073 _____ C:\Temp\upeA.tmp
2013-07-31 14:32 - 2013-07-31 14:36 - 00000000 ____D C:\Temp\B5EC8CB8-BAB0-7891-93B8-0638EA6B0C45
2013-07-31 14:32 - 2013-07-31 14:32 - 00000281 _____ C:\Temp\uprF.tmp
2013-07-31 14:32 - 2013-07-31 14:32 - 00000073 _____ C:\Temp\upe10.tmp
2013-07-31 14:32 - 2013-07-31 14:32 - 00000000 ____D C:\Temp\tmp1985
2013-07-31 14:32 - 2013-07-31 14:32 - 00000000 ____D C:\Temp\ish135531
2013-07-31 14:32 - 2013-07-31 14:32 - 00000000 ____D C:\Programme\LyriXeeker
2013-07-31 14:31 - 2013-07-31 14:31 - 00000281 _____ C:\Temp\upr3.tmp
2013-07-31 14:31 - 2013-07-31 14:31 - 00000073 _____ C:\Temp\upe9.tmp
2013-07-31 13:56 - 2013-07-31 13:56 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Qtrax
2013-07-31 13:52 - 2013-07-31 13:59 - 00000000 ____D C:\Temp\CFC193DF-BAB0-7891-BDCD-EA1E26220A59
2013-07-31 13:52 - 2013-07-31 13:52 - 00000281 _____ C:\Temp\uprA12.tmp
2013-07-31 13:52 - 2013-07-31 13:52 - 00000073 _____ C:\Temp\upeA13.tmp
2013-07-31 13:52 - 2013-07-31 13:52 - 00000000 ____D C:\Temp\tmp6241
2013-07-31 13:52 - 2013-07-31 13:52 - 00000000 ____D C:\Temp\ish18754078
2013-07-31 08:45 - 2013-07-31 08:47 - 00004392 _____ C:\Temp\HPWUCl084.log
2013-07-31 08:42 - 2013-07-31 08:42 - 00001313 ____T C:\Temp\MARA06.tmp
2013-07-31 08:42 - 2013-07-31 08:42 - 00001285 ____T C:\Temp\MARA07.tmp
2013-07-31 08:41 - 2013-07-31 08:41 - 00000073 _____ C:\Temp\upe8.tmp
2013-07-31 08:40 - 2013-07-31 08:41 - 00000272 _____ C:\Temp\upr2.tmp
2013-07-30 19:00 - 2013-07-30 19:00 - 00001313 ____T C:\Temp\MARA04.tmp
2013-07-30 19:00 - 2013-07-30 19:00 - 00001285 ____T C:\Temp\MARA05.tmp
2013-07-30 18:59 - 2013-07-30 18:59 - 00000073 _____ C:\Temp\upe7.tmp
2013-07-30 18:58 - 2013-07-30 18:59 - 00000272 _____ C:\Temp\upr1.tmp
2013-07-30 15:10 - 2013-08-05 16:14 - 00000346 _____ C:\WINDOWS\Tasks\LyricXeeker Update.job
2013-07-30 15:10 - 2013-07-31 14:33 - 00000735 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Open It!.lnk
2013-07-30 15:10 - 2013-07-30 15:14 - 00000000 ____D C:\Temp\1EA55D3C-BAB0-7891-9DA9-F386E4DCBD17
2013-07-30 15:10 - 2013-07-30 15:10 - 00000272 _____ C:\Temp\uprA07.tmp
2013-07-30 15:10 - 2013-07-30 15:10 - 00000073 _____ C:\Temp\upeA08.tmp
2013-07-30 15:10 - 2013-07-30 15:10 - 00000000 ____D C:\Temp\tmp1978
2013-07-30 15:10 - 2013-07-30 15:10 - 00000000 ____D C:\Temp\{2F822836-52C6-427A-8690-91732CB6F143}
2013-07-30 15:10 - 2013-07-30 15:10 - 00000000 ____D C:\Programme\OpenIt
2013-07-30 15:10 - 2013-07-30 15:10 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\DigitalSite
2013-07-30 15:09 - 2013-07-31 14:32 - 00000000 ____D C:\Temp\is357113909
2013-07-30 15:09 - 2013-07-30 15:09 - 00717160 _____ C:\Dokumente und Einstellungen\Karo\Eigene Dateien\ZipOpenerSetup.exe
2013-07-30 15:09 - 2013-07-30 15:09 - 00000000 ____D C:\Temp\ish6262156
2013-07-30 13:30 - 2013-07-30 13:30 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\Windows Search
2013-07-30 13:27 - 2013-07-30 13:27 - 00001313 ____T C:\Temp\MARA02.tmp
2013-07-30 13:27 - 2013-07-30 13:27 - 00001285 ____T C:\Temp\MARA03.tmp
2013-07-30 11:59 - 2013-07-30 11:59 - 00001313 ____T C:\Temp\MAR9FE.tmp
2013-07-30 11:59 - 2013-07-30 11:59 - 00001285 ____T C:\Temp\MAR9FF.tmp
2013-07-30 11:55 - 2013-07-30 11:55 - 00001313 ____T C:\Temp\MARA00.tmp
2013-07-30 11:55 - 2013-07-30 11:55 - 00001285 ____T C:\Temp\MARA01.tmp
2013-07-30 11:22 - 2013-07-30 11:22 - 00001313 ____T C:\Temp\MAR9FC.tmp
2013-07-30 11:22 - 2013-07-30 11:22 - 00001285 ____T C:\Temp\MAR9FD.tmp
2013-07-29 19:07 - 2013-07-29 19:07 - 00001313 ____T C:\Temp\MAR9FA.tmp
2013-07-29 19:07 - 2013-07-29 19:07 - 00001285 ____T C:\Temp\MAR9FB.tmp
2013-07-29 19:06 - 2013-07-29 19:06 - 00000000 ____D C:\Temp\svkah.tmp
2013-07-29 19:05 - 2013-07-29 19:05 - 00049152 _____ C:\Temp\~DF3474.tmp
2013-07-29 15:17 - 2013-07-29 15:17 - 00001313 ____T C:\Temp\MAR9F8.tmp
2013-07-29 15:17 - 2013-07-29 15:17 - 00001285 ____T C:\Temp\MAR9F9.tmp
2013-07-29 15:15 - 2013-07-29 15:15 - 00049152 _____ C:\Temp\~DF3F36.tmp
2013-07-29 12:01 - 2013-07-29 12:01 - 00001313 ____T C:\Temp\MAR9F6.tmp
2013-07-29 12:01 - 2013-07-29 12:01 - 00001285 ____T C:\Temp\MAR9F7.tmp
2013-07-29 12:00 - 2013-07-29 12:00 - 00049152 _____ C:\Temp\~DFEE53.tmp
2013-07-27 08:55 - 2013-07-27 08:55 - 00001313 ____T C:\Temp\MAR9F3.tmp
2013-07-27 08:55 - 2013-07-27 08:55 - 00001285 ____T C:\Temp\MAR9F5.tmp
2013-07-27 08:53 - 2013-07-27 08:53 - 00049152 _____ C:\Temp\~DF27CC.tmp
2013-07-27 02:41 - 2013-07-27 02:41 - 00001313 ____T C:\Temp\MAR9F2.tmp
2013-07-27 02:41 - 2013-07-27 02:41 - 00001285 ____T C:\Temp\MAR9F4.tmp
2013-07-27 02:39 - 2013-07-27 02:39 - 00049152 _____ C:\Temp\~DFD3.tmp
2013-07-27 02:36 - 2013-07-27 02:36 - 00016384 ____T C:\Temp\~DF2345.tmp
2013-07-27 02:35 - 2013-07-27 02:35 - 00016384 ____T C:\Temp\~DF9B0D.tmp
2013-07-27 02:35 - 2013-07-27 02:35 - 00000000 ____D C:\Temp\WER104a.dir00
2013-07-27 02:35 - 2013-07-27 02:35 - 00000000 ____D C:\Temp\WER1022.dir00
2013-07-27 02:34 - 2013-07-27 02:34 - 00016384 ____T C:\Temp\~DF2B6.tmp
2013-07-27 02:33 - 2013-07-27 02:33 - 00016384 ____T C:\Temp\~DF652B.tmp
2013-07-27 02:33 - 2013-07-27 02:33 - 00016384 ____T C:\Temp\~DF24D8.tmp
2013-07-27 02:32 - 2013-07-27 02:32 - 00000000 ____T C:\Temp\~DF998F.tmp
2013-07-27 02:30 - 2013-07-27 02:30 - 00000000 ____T C:\Temp\~DF7A36.tmp
2013-07-27 02:29 - 2013-07-27 02:29 - 18655396 _____ C:\Temp\fla9F3.tmp
2013-07-27 02:29 - 2013-07-27 02:29 - 00000000 ____T C:\Temp\~DF1194.tmp
2013-07-27 02:03 - 2013-07-27 02:28 - 00016384 ____T C:\Temp\~DF237.tmp
2013-07-27 02:03 - 2013-07-27 02:03 - 00001313 ____T C:\Temp\MAR9F0.tmp
2013-07-27 02:03 - 2013-07-27 02:03 - 00001285 ____T C:\Temp\MAR9F1.tmp
2013-07-27 02:03 - 2013-07-27 02:03 - 00000000 ____T C:\Temp\~DFBE36.tmp
2013-07-27 02:02 - 2013-07-27 02:02 - 00049152 _____ C:\Temp\~DF2A07.tmp
2013-07-27 02:02 - 2013-07-27 02:02 - 00016384 ____T C:\Temp\Perflib_Perfdata_fe8.dat
2013-07-26 14:58 - 2013-07-26 14:58 - 00000000 ____T C:\Temp\~DFC07F.tmp
2013-07-26 14:58 - 2013-07-26 14:58 - 00000000 ____T C:\Temp\~DFB5B8.tmp
2013-07-26 14:48 - 2013-07-26 14:48 - 00001313 ____T C:\Temp\MAR9EE.tmp
2013-07-26 14:48 - 2013-07-26 14:48 - 00001285 ____T C:\Temp\MAR9EF.tmp
2013-07-26 14:47 - 2013-07-26 14:47 - 00016384 ____T C:\Temp\Perflib_Perfdata_7c0.dat
2013-07-26 14:46 - 2013-07-26 14:46 - 00049152 _____ C:\Temp\~DF209D.tmp
2013-07-25 21:06 - 2013-07-25 21:06 - 00001313 ____T C:\Temp\MAR9EC.tmp
2013-07-25 21:06 - 2013-07-25 21:06 - 00001285 ____T C:\Temp\MAR9ED.tmp
2013-07-25 21:04 - 2013-07-25 21:04 - 00049152 _____ C:\Temp\~DF22E4.tmp
2013-07-25 12:43 - 2013-08-05 15:59 - 00001714 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader X.lnk
2013-07-25 12:42 - 2013-07-25 12:42 - 00000000 ____D C:\Programme\Adobe
2013-07-25 12:35 - 2013-07-25 12:35 - 00001313 ____T C:\Temp\MAR9EA.tmp
2013-07-25 12:35 - 2013-07-25 12:35 - 00001285 ____T C:\Temp\MAR9EB.tmp
2013-07-25 12:33 - 2013-07-25 12:33 - 00049152 _____ C:\Temp\~DF7DC4.tmp
2013-07-25 00:26 - 2013-07-25 00:26 - 00001313 ____T C:\Temp\MAR9E7.tmp
2013-07-25 00:26 - 2013-07-25 00:26 - 00001285 ____T C:\Temp\MAR9E9.tmp
2013-07-25 00:24 - 2013-07-25 00:24 - 00049152 _____ C:\Temp\~DFD00C.tmp
2013-07-24 14:05 - 2013-07-24 14:05 - 00001313 ____T C:\Temp\MAR9E6.tmp
2013-07-24 14:05 - 2013-07-24 14:05 - 00001285 ____T C:\Temp\MAR9E8.tmp
2013-07-24 14:03 - 2013-07-24 14:03 - 00049152 _____ C:\Temp\~DFF7C6.tmp
2013-07-23 23:21 - 2013-07-23 23:23 - 00004392 _____ C:\Temp\HPWUCl083.log
2013-07-23 23:19 - 2013-07-23 23:19 - 00001313 ____T C:\Temp\MAR9E4.tmp
2013-07-23 23:19 - 2013-07-23 23:19 - 00001285 ____T C:\Temp\MAR9E5.tmp
2013-07-23 23:17 - 2013-07-23 23:17 - 00049152 _____ C:\Temp\~DF6ACC.tmp
2013-07-23 15:02 - 2013-07-23 15:02 - 00001313 ____T C:\Temp\MAR9E2.tmp
2013-07-23 15:02 - 2013-07-23 15:02 - 00001285 ____T C:\Temp\MAR9E3.tmp
2013-07-23 15:00 - 2013-07-23 15:00 - 00049152 _____ C:\Temp\~DFDDC5.tmp
2013-07-23 12:34 - 2013-07-23 12:34 - 00001313 ____T C:\Temp\MAR9E0.tmp
2013-07-23 12:34 - 2013-07-23 12:34 - 00001285 ____T C:\Temp\MAR9E1.tmp
2013-07-23 12:32 - 2013-07-23 12:32 - 00049152 _____ C:\Temp\~DFE25E.tmp
2013-07-23 00:49 - 2013-07-23 00:49 - 00001313 ____T C:\Temp\MAR9DE.tmp
2013-07-23 00:49 - 2013-07-23 00:49 - 00001285 ____T C:\Temp\MAR9DF.tmp
2013-07-23 00:47 - 2013-07-23 00:47 - 00049152 _____ C:\Temp\~DF1E6A.tmp
2013-07-22 14:31 - 2013-07-22 14:31 - 00001313 ____T C:\Temp\MAR9DC.tmp
2013-07-22 14:31 - 2013-07-22 14:31 - 00001285 ____T C:\Temp\MAR9DD.tmp
2013-07-22 14:29 - 2013-07-22 14:29 - 00049152 _____ C:\Temp\~DFE12A.tmp
2013-07-21 22:19 - 2013-07-21 22:39 - 00016384 ____T C:\Temp\~DFF32C.tmp
2013-07-21 22:19 - 2013-07-21 22:19 - 00000000 ____T C:\Temp\~DFEACA.tmp
2013-07-21 16:38 - 2013-07-21 16:38 - 00001313 ____T C:\Temp\MAR9DA.tmp
2013-07-21 16:38 - 2013-07-21 16:38 - 00001285 ____T C:\Temp\MAR9DB.tmp
2013-07-21 16:37 - 2013-07-21 16:37 - 00016384 ____T C:\Temp\Perflib_Perfdata_9cc.dat
2013-07-21 16:36 - 2013-07-21 16:36 - 00049152 _____ C:\Temp\~DF8E7.tmp
2013-07-21 16:29 - 2013-07-21 16:30 - 00016384 ____T C:\Temp\~DFF9F2.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00057344 ____T C:\Temp\~DF41EB.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00000000 ____T C:\Temp\~DFCB8A.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00000000 ____T C:\Temp\~DFBA2C.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00000000 ____T C:\Temp\~DF8322.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00000000 ____T C:\Temp\~DF521.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00000000 ____T C:\Temp\~DF2964.tmp
2013-07-21 16:28 - 2013-07-21 16:33 - 00016384 ____T C:\Temp\~DFFB26.tmp
2013-07-21 16:28 - 2013-07-21 16:32 - 00016384 ____T C:\Temp\~DFE8E2.tmp
2013-07-21 16:28 - 2013-07-21 16:30 - 00016384 ____T C:\Temp\~DF9676.tmp
2013-07-21 16:28 - 2013-07-21 16:29 - 00016384 ____T C:\Temp\~DF8474.tmp
2013-07-21 16:28 - 2013-07-21 16:28 - 00000000 ____T C:\Temp\~DF2D5C.tmp
2013-07-21 16:23 - 2013-07-21 16:27 - 00016384 ____T C:\Temp\~DFD4C7.tmp
2013-07-21 16:23 - 2013-07-21 16:23 - 00016384 ____T C:\Temp\~DFC7E7.tmp
2013-07-21 14:04 - 2013-07-21 14:04 - 00001313 ____T C:\Temp\MAR9D8.tmp
2013-07-21 14:04 - 2013-07-21 14:04 - 00001285 ____T C:\Temp\MAR9D9.tmp
2013-07-21 14:03 - 2013-07-21 14:03 - 00049152 _____ C:\Temp\~DFE92F.tmp
2013-07-20 16:09 - 2013-07-20 16:09 - 00001313 ____T C:\Temp\MAR9D6.tmp
2013-07-20 16:09 - 2013-07-20 16:09 - 00001285 ____T C:\Temp\MAR9D7.tmp
2013-07-20 16:08 - 2013-07-20 16:08 - 00049152 _____ C:\Temp\~DFEB37.tmp
2013-07-20 14:17 - 2013-07-20 14:17 - 00001313 ____T C:\Temp\MAR9D3.tmp
2013-07-20 14:17 - 2013-07-20 14:17 - 00001285 ____T C:\Temp\MAR9D5.tmp
2013-07-20 14:15 - 2013-07-20 14:15 - 00049152 _____ C:\Temp\~DF576E.tmp
2013-07-19 02:24 - 2013-07-19 02:24 - 00001313 ____T C:\Temp\MAR9D2.tmp
2013-07-19 02:24 - 2013-07-19 02:24 - 00001285 ____T C:\Temp\MAR9D4.tmp
2013-07-19 02:22 - 2013-07-19 02:22 - 00049152 _____ C:\Temp\~DFC222.tmp
2013-07-17 19:00 - 2013-07-17 19:00 - 00001313 ____T C:\Temp\MAR9D0.tmp
2013-07-17 19:00 - 2013-07-17 19:00 - 00001285 ____T C:\Temp\MAR9D1.tmp
2013-07-17 18:58 - 2013-07-17 18:58 - 00049152 _____ C:\Temp\~DFD784.tmp
2013-07-16 20:35 - 2013-07-16 20:35 - 00047416 ____T C:\Temp\DIOADD.tmp
2013-07-16 20:34 - 2013-07-16 20:34 - 00047416 ____T C:\Temp\DIOA20.tmp
2013-07-16 20:34 - 2013-07-16 20:34 - 00047416 ____T C:\Temp\DIO9EB.tmp
2013-07-16 19:00 - 2013-07-16 19:02 - 00004392 _____ C:\Temp\HPWUCl082.log
2013-07-16 18:57 - 2013-07-16 18:57 - 00001313 ____T C:\Temp\MAR9CE.tmp
2013-07-16 18:57 - 2013-07-16 18:57 - 00001285 ____T C:\Temp\MAR9CF.tmp
2013-07-16 18:55 - 2013-07-16 18:55 - 00049152 _____ C:\Temp\~DF9742.tmp
2013-07-15 18:15 - 2013-07-15 18:15 - 00001313 ____T C:\Temp\MAR9CC.tmp
2013-07-15 18:15 - 2013-07-15 18:15 - 00001285 ____T C:\Temp\MAR9CD.tmp
2013-07-15 18:13 - 2013-07-15 18:13 - 00049152 _____ C:\Temp\~DFF71D.tmp
2013-07-15 04:54 - 2013-07-15 04:54 - 00001313 ____T C:\Temp\MAR9CA.tmp
2013-07-15 04:54 - 2013-07-15 04:54 - 00001285 ____T C:\Temp\MAR9CB.tmp
2013-07-15 04:51 - 2013-07-15 04:51 - 00049152 _____ C:\Temp\~DFE7C.tmp
2013-07-14 15:28 - 2013-07-14 15:28 - 00001313 ____T C:\Temp\MAR9C8.tmp
2013-07-14 15:28 - 2013-07-14 15:28 - 00001285 ____T C:\Temp\MAR9C9.tmp
2013-07-14 15:26 - 2013-07-14 15:26 - 00049152 _____ C:\Temp\~DF3C5A.tmp
2013-07-14 07:45 - 2013-07-14 07:45 - 00001313 ____T C:\Temp\MAR9C6.tmp
2013-07-14 07:45 - 2013-07-14 07:45 - 00001285 ____T C:\Temp\MAR9C7.tmp
2013-07-14 07:43 - 2013-07-14 07:43 - 00049152 _____ C:\Temp\~DF2D8.tmp
2013-07-14 00:09 - 2013-07-14 00:09 - 00001313 ____T C:\Temp\MAR9C4.tmp
2013-07-14 00:09 - 2013-07-14 00:09 - 00001285 ____T C:\Temp\MAR9C5.tmp
2013-07-14 00:08 - 2013-07-14 00:08 - 00049152 _____ C:\Temp\~DF298.tmp
2013-07-13 15:12 - 2013-07-13 15:12 - 00001313 ____T C:\Temp\MAR9C2.tmp
2013-07-13 15:12 - 2013-07-13 15:12 - 00001285 ____T C:\Temp\MAR9C3.tmp
2013-07-13 15:11 - 2013-07-13 15:11 - 00049152 _____ C:\Temp\~DF30AC.tmp
2013-07-13 11:11 - 2013-07-13 11:11 - 00001313 ____T C:\Temp\MAR9C0.tmp
2013-07-13 11:11 - 2013-07-13 11:11 - 00001285 ____T C:\Temp\MAR9C1.tmp
2013-07-13 11:09 - 2013-07-13 11:09 - 00049152 _____ C:\Temp\~DF2A1C.tmp
2013-07-13 11:07 - 2013-07-13 11:07 - 00000000 ____T C:\Temp\~DF607C.tmp
2013-07-13 11:03 - 2013-07-13 11:05 - 00016384 ____T C:\Temp\~DFBC83.tmp
2013-07-13 11:03 - 2013-07-13 11:03 - 00000000 ____T C:\Temp\~DFB452.tmp
2013-07-13 11:01 - 2013-07-13 11:01 - 00001313 ____T C:\Temp\MAR9BE.tmp
2013-07-13 11:01 - 2013-07-13 11:01 - 00001285 ____T C:\Temp\MAR9BF.tmp
2013-07-13 11:00 - 2013-07-13 11:00 - 00016384 ____T C:\Temp\Perflib_Perfdata_98c.dat
2013-07-13 10:59 - 2013-07-13 10:59 - 00049152 _____ C:\Temp\~DFB9C4.tmp
2013-07-12 15:09 - 2013-07-12 15:09 - 00001313 ____T C:\Temp\MAR9BC.tmp
2013-07-12 15:09 - 2013-07-12 15:09 - 00001285 ____T C:\Temp\MAR9BD.tmp
2013-07-12 15:07 - 2013-07-12 15:07 - 00049152 _____ C:\Temp\~DFAA2F.tmp
2013-07-11 21:41 - 2013-07-11 21:41 - 00123763 _____ C:\WINDOWS\KB2834904.log
2013-07-11 21:41 - 2013-07-11 21:41 - 00123541 _____ C:\WINDOWS\KB2834886.log
2013-07-11 21:41 - 2013-07-11 21:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850851$
2013-07-11 21:41 - 2013-07-11 21:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904_WM11$
2013-07-11 21:41 - 2013-07-11 21:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$
2013-07-11 21:40 - 2013-07-11 21:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845187$
2013-07-11 21:30 - 2013-07-11 21:31 - 00128951 _____ C:\WINDOWS\KB2846071-IE8.log
2013-07-11 19:03 - 2013-07-11 21:41 - 00128560 _____ C:\WINDOWS\KB2850851.log
2013-07-11 19:03 - 2013-07-11 21:40 - 00127298 _____ C:\WINDOWS\KB2845187.log
2013-07-11 18:58 - 2013-07-11 18:58 - 00001313 ____T C:\Temp\MAR9BA.tmp
2013-07-11 18:58 - 2013-07-11 18:58 - 00001285 ____T C:\Temp\MAR9BB.tmp
2013-07-11 18:56 - 2013-07-11 18:56 - 00049152 _____ C:\Temp\~DF3661.tmp
2013-07-10 19:56 - 2013-07-10 19:56 - 00001313 ____T C:\Temp\MAR9B8.tmp
2013-07-10 19:56 - 2013-07-10 19:56 - 00001285 ____T C:\Temp\MAR9B9.tmp
2013-07-10 19:54 - 2013-07-10 19:54 - 00049152 _____ C:\Temp\~DF9409.tmp
2013-07-10 18:23 - 2013-07-10 18:23 - 00001313 ____T C:\Temp\MAR9B6.tmp
2013-07-10 18:23 - 2013-07-10 18:23 - 00001285 ____T C:\Temp\MAR9B7.tmp
2013-07-10 18:21 - 2013-07-10 18:21 - 00049152 _____ C:\Temp\~DF13FD.tmp
2013-07-09 22:24 - 2013-07-09 22:24 - 00001313 ____T C:\Temp\MAR9B4.tmp
2013-07-09 22:24 - 2013-07-09 22:24 - 00001285 ____T C:\Temp\MAR9B5.tmp
2013-07-09 22:22 - 2013-07-09 22:22 - 00049152 _____ C:\Temp\~DF2052.tmp
2013-07-09 22:18 - 2013-07-09 22:18 - 04518624 _____ C:\Temp\fla9FA.tmp
2013-07-09 22:18 - 2013-07-09 22:18 - 01339208 _____ C:\Temp\fla9F8.tmp
2013-07-09 22:18 - 2013-07-09 22:18 - 01084901 _____ C:\Temp\fla9F9.tmp
2013-07-09 22:18 - 2013-07-09 22:18 - 00523260 _____ C:\Temp\fla9F7.tmp
2013-07-09 22:18 - 2013-07-09 22:18 - 00016384 ____T C:\Temp\~DFB514.tmp
2013-07-09 22:12 - 2013-07-09 22:12 - 00020480 ____T C:\Temp\~DF5F.tmp
2013-07-09 22:12 - 2013-07-09 22:12 - 00000000 ____T C:\Temp\~DFFF9A.tmp
2013-07-09 21:05 - 2013-07-09 22:11 - 00016384 ____T C:\Temp\~DF4AEB.tmp
2013-07-09 20:16 - 2013-07-09 20:16 - 00016384 ____T C:\Temp\~DF64D7.tmp
2013-07-09 19:38 - 2013-07-09 19:38 - 00001313 ____T C:\Temp\MAR9B2.tmp
2013-07-09 19:38 - 2013-07-09 19:38 - 00001285 ____T C:\Temp\MAR9B3.tmp
2013-07-09 19:36 - 2013-07-09 19:36 - 00049152 _____ C:\Temp\~DFBCB6.tmp
2013-07-09 19:36 - 2013-07-09 19:36 - 00016384 ____T C:\Temp\Perflib_Perfdata_1ac.dat
2013-07-08 21:22 - 2013-07-08 21:24 - 00002190 _____ C:\Temp\HPWUCl081.log
2013-07-08 21:19 - 2013-07-08 21:19 - 00001313 ____T C:\Temp\MAR9B0.tmp
2013-07-08 21:19 - 2013-07-08 21:19 - 00001285 ____T C:\Temp\MAR9B1.tmp
2013-07-08 21:17 - 2013-07-08 21:17 - 00049152 _____ C:\Temp\~DF4F03.tmp
2013-07-07 16:39 - 2013-07-07 16:39 - 00001313 ____T C:\Temp\MAR9AE.tmp
2013-07-07 16:39 - 2013-07-07 16:39 - 00001285 ____T C:\Temp\MAR9AF.tmp
2013-07-07 16:37 - 2013-07-07 16:37 - 00049152 _____ C:\Temp\~DFF32A.tmp
2013-07-06 05:58 - 2013-07-06 05:58 - 00001313 ____T C:\Temp\MAR9AC.tmp
2013-07-06 05:58 - 2013-07-06 05:58 - 00001285 ____T C:\Temp\MAR9AD.tmp
2013-07-06 05:57 - 2013-07-06 05:57 - 00049152 _____ C:\Temp\~DFE5E7.tmp
==================== One Month Modified Files and Folders =======
2013-08-05 16:21 - 2013-08-05 16:20 - 00004890 _____ C:\Temp\log1
2013-08-05 16:20 - 2013-08-05 16:18 - 00011073 _____ C:\Temp\frstlog
2013-08-05 16:19 - 2013-08-05 16:19 - 00000003 _____ C:\Temp\others
2013-08-05 16:18 - 2013-08-05 16:18 - 00000303 _____ C:\Temp\users00
2013-08-05 16:18 - 2013-08-05 16:12 - 00016384 ____T C:\Temp\~DF6396.tmp
2013-08-05 16:17 - 2011-01-31 21:45 - 00000434 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{2F660A0B-21EB-4224-A64D-9FCAFC9DDFD5}.job
2013-08-05 16:15 - 2011-01-31 23:43 - 01475139 _____ C:\Temp\jusched.log
2013-08-05 16:14 - 2013-08-05 16:14 - 00000072 _____ C:\Temp\upeA1F.tmp
2013-08-05 16:14 - 2013-07-30 15:10 - 00000346 _____ C:\WINDOWS\Tasks\LyricXeeker Update.job
2013-08-05 16:12 - 2013-08-05 16:12 - 00032768 _____ C:\Temp\~DF8DE4.tmp
2013-08-05 16:12 - 2013-08-05 16:12 - 00032768 _____ C:\Temp\~DF83ED.tmp
2013-08-05 16:12 - 2013-08-05 16:12 - 00016384 _____ C:\Temp\~DF8914.tmp
2013-08-05 16:12 - 2013-08-05 16:12 - 00001313 ____T C:\Temp\MARA1A.tmp
2013-08-05 16:12 - 2013-08-05 16:12 - 00001285 ____T C:\Temp\MARA1B.tmp
2013-08-05 16:12 - 2013-08-05 16:12 - 00000512 ____T C:\Temp\~DF8E2D.tmp
2013-08-05 16:12 - 2013-08-05 16:12 - 00000512 ____T C:\Temp\~DF8A24.tmp
2013-08-05 16:12 - 2013-08-05 16:12 - 00000512 ____T C:\Temp\~DF8543.tmp
2013-08-05 16:12 - 2013-08-05 16:12 - 00000000 ____T C:\Temp\~DF84D5.tmp
2013-08-05 16:12 - 2013-08-05 16:12 - 00000000 ____D C:\Temp\sv9cc.tmp
2013-08-05 16:12 - 2013-08-05 16:12 - 00000000 _____ C:\Temp\upe77D.tmp
2013-08-05 16:12 - 2011-04-30 12:06 - 00159355 _____ C:\Temp\lws.man.xml
2013-08-05 16:12 - 2011-04-30 12:06 - 00000128 _____ C:\Temp\lws.man.xml.sig
2013-08-05 16:12 - 2011-02-02 16:26 - 00400184 _____ C:\Temp\hpqddusr.log
2013-08-05 16:12 - 2004-08-04 13:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2013-08-05 16:11 - 2013-08-05 16:11 - 00000000 _____ C:\Temp\upe15.tmp
2013-08-05 16:11 - 2011-02-01 20:50 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat
2013-08-05 16:11 - 2011-01-31 23:37 - 00000000 _____ C:\WINDOWS\RTacDbg.txt
2013-08-05 16:10 - 2013-08-05 16:10 - 00000000 ____D C:\Temp\WPDNSE
2013-08-05 16:10 - 2013-08-05 16:10 - 00000000 _____ C:\Temp\uprE.tmp
2013-08-05 16:10 - 2011-04-29 20:01 - 00000000 ____D C:\WINDOWS\system32\logishrd
2013-08-05 16:10 - 2011-02-02 16:20 - 00753446 _____ C:\Temp\AdobeARM.log
2013-08-05 16:10 - 2011-02-02 15:48 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-08-05 16:10 - 2011-02-02 15:48 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-08-05 16:10 - 2011-01-31 20:43 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-08-05 16:09 - 2011-02-02 00:25 - 00000190 ___SH C:\Dokumente und Einstellungen\Karo\ntuser.ini
2013-08-05 16:09 - 2011-01-31 20:43 - 00032504 _____ C:\WINDOWS\SchedLgU.Txt
2013-08-05 16:09 - 2011-01-31 20:36 - 01568534 _____ C:\WINDOWS\WindowsUpdate.log
2013-08-05 16:01 - 2013-08-05 16:01 - 00028832 _____ C:\Temp\java_install.log
2013-08-05 16:01 - 2011-02-06 21:17 - 00000000 ____D C:\Temp\hsperfdata_Karo
2013-08-05 16:01 - 2011-01-31 23:43 - 00012444 _____ C:\Temp\AUCHECK_PARSER.txt
2013-08-05 16:01 - 2011-01-31 23:43 - 00008352 _____ C:\Temp\java_install_reg.log
2013-08-05 16:01 - 2011-01-31 23:43 - 00000777 _____ C:\Temp\JAUReg.log
2013-08-05 16:01 - 2011-01-31 23:43 - 00000000 ____D C:\Programme\Java
2013-08-05 16:00 - 2013-08-05 16:00 - 00077824 _____ C:\Temp\f69ce.mst
2013-08-05 15:59 - 2013-07-25 12:43 - 00001714 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader X.lnk
2013-08-05 15:55 - 2013-08-05 15:55 - 00448512 _____ (OldTimer Tools) C:\Dokumente und Einstellungen\Karo\Desktop\TFC.exe
2013-08-05 15:53 - 2013-08-05 15:53 - 00392032 _____ (Softonic ) C:\Dokumente und Einstellungen\Karo\Desktop\SoftonicDownloader_fuer_temp-file-cleaner.exe
2013-08-05 15:46 - 2013-08-05 15:46 - 00001313 ____T C:\Temp\MARA18.tmp
2013-08-05 15:46 - 2013-08-05 15:46 - 00001285 ____T C:\Temp\MARA19.tmp
2013-08-05 15:45 - 2013-08-05 15:45 - 00000281 _____ C:\Temp\uprD.tmp
2013-08-05 15:45 - 2013-08-05 15:45 - 00000072 _____ C:\Temp\upe14.tmp
2013-08-04 16:56 - 2013-08-04 16:56 - 00001313 ____T C:\Temp\MARA16.tmp
2013-08-04 16:56 - 2013-08-04 16:56 - 00001285 ____T C:\Temp\MARA17.tmp
2013-08-04 16:55 - 2013-08-04 16:55 - 00000281 _____ C:\Temp\uprC.tmp
2013-08-04 16:55 - 2013-08-04 16:55 - 00000072 _____ C:\Temp\upe13.tmp
2013-08-03 12:39 - 2012-10-16 21:22 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-08-03 12:31 - 2013-07-31 15:28 - 00029321 _____ C:\Dokumente und Einstellungen\Karo\Desktop\Addition.txt
2013-08-03 12:18 - 2013-08-03 12:18 - 00000000 ____D C:\Temp\RarSFX0
2013-08-03 12:15 - 2013-08-03 12:14 - 00891098 _____ C:\Dokumente und Einstellungen\Karo\Desktop\SecurityCheck.exe
2013-08-03 12:12 - 2011-01-31 20:24 - 00000000 ____D C:\Programme
2013-08-03 10:42 - 2012-12-09 23:37 - 00001018 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-299502267-1682526488-1547161642-1003UA.job
2013-08-03 03:33 - 2013-08-03 03:33 - 00001313 ____T C:\Temp\MARA14.tmp
2013-08-03 03:33 - 2013-08-03 03:33 - 00001285 ____T C:\Temp\MARA15.tmp
2013-08-03 03:32 - 2013-08-03 03:32 - 00000073 _____ C:\Temp\upe12.tmp
2013-08-03 03:32 - 2013-08-03 03:31 - 00000281 _____ C:\Temp\uprB.tmp
2013-08-03 03:28 - 2011-02-02 00:25 - 00000000 ____D C:\Dokumente und Einstellungen\Karo
2013-08-02 23:57 - 2013-08-02 23:57 - 03126311 _____ C:\Temp\NOD377B.tmp
2013-08-02 23:57 - 2013-08-02 23:57 - 00000333 _____ C:\Temp\NOD3B87.tmp
2013-08-02 23:56 - 2011-02-02 15:08 - 00326440 _____ C:\WINDOWS\setupapi.log
2013-08-02 23:52 - 2011-03-02 22:16 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2013-08-02 23:52 - 2011-02-09 19:14 - 00887392 _____ C:\WINDOWS\iis6.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00822944 _____ C:\WINDOWS\FaxSetup.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00421396 _____ C:\WINDOWS\ocgen.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00376963 _____ C:\WINDOWS\tsoc.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00273411 _____ C:\WINDOWS\comsetup.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00250696 _____ C:\WINDOWS\msmqinst.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00165939 _____ C:\WINDOWS\ntdtcsetup.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00144548 _____ C:\WINDOWS\netfxocm.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00056819 _____ C:\WINDOWS\MedCtrOC.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00045613 _____ C:\WINDOWS\ocmsn.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00041363 _____ C:\WINDOWS\tabletoc.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00041267 _____ C:\WINDOWS\msgsocm.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00001891 _____ C:\WINDOWS\imsins.log
2013-08-02 23:46 - 2011-02-02 15:09 - 00000000 ____D C:\Temp\MSNL
2013-08-02 23:34 - 2013-08-02 23:34 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\ESET
2013-08-02 23:33 - 2013-08-02 23:33 - 00264880 _____ (ESET) C:\Temp\InstHelper.exe
2013-08-02 22:54 - 2011-02-01 20:50 - 00047112 _____ C:\Temp\AUCHECK_CORE.txt
2013-08-02 22:44 - 2013-08-02 22:44 - 00001313 ____T C:\Temp\MARA12.tmp
2013-08-02 22:44 - 2013-08-02 22:44 - 00001285 ____T C:\Temp\MARA13.tmp
2013-08-02 22:43 - 2013-08-02 22:43 - 00000281 _____ C:\Temp\uprA.tmp
2013-08-02 22:43 - 2013-08-02 22:43 - 00000073 _____ C:\Temp\upe11.tmp
2013-08-02 14:01 - 2013-08-02 14:01 - 00062770 _____ C:\Dokumente und Einstellungen\Karo\Desktop\FRST2.txt
2013-08-02 14:00 - 2013-08-02 14:00 - 00029310 _____ C:\Dokumente und Einstellungen\Karo\Desktop\Addition2.txt
2013-08-02 13:18 - 2013-08-02 13:18 - 00000073 _____ C:\Temp\upeA12.tmp
2013-08-02 13:16 - 2013-08-02 13:16 - 00001313 ____T C:\Temp\MARA10.tmp
2013-08-02 13:16 - 2013-08-02 13:16 - 00001285 ____T C:\Temp\MARA11.tmp
2013-08-02 13:16 - 2013-08-02 13:16 - 00000000 _____ C:\Temp\upeF.tmp
2013-08-02 13:15 - 2013-08-02 13:15 - 00000000 _____ C:\Temp\upr9.tmp
2013-08-02 13:15 - 2013-08-02 13:15 - 00000000 _____ C:\Temp\upeE.tmp
2013-08-02 13:12 - 2013-08-02 13:12 - 00017176 _____ C:\AdwCleaner[S1].txt
2013-08-02 13:12 - 2012-12-19 21:32 - 00000000 ____D C:\Programme\Gemeinsame Dateien\DVDVideoSoft
2013-08-02 13:12 - 2011-02-02 00:25 - 00000000 ___RD C:\Dokumente und Einstellungen\Karo\Startmenü\Programme
2013-08-02 13:10 - 2013-08-02 13:10 - 00666633 _____ C:\Dokumente und Einstellungen\Karo\Desktop\adwcleaner06.exe
2013-08-02 12:50 - 2013-08-02 12:50 - 00001313 ____T C:\Temp\MARA0E.tmp
2013-08-02 12:50 - 2013-08-02 12:50 - 00001285 ____T C:\Temp\MARA0F.tmp
2013-08-02 12:49 - 2013-08-02 12:49 - 00000073 _____ C:\Temp\upeD.tmp
2013-08-02 12:49 - 2013-08-02 12:48 - 00000281 _____ C:\Temp\upr8.tmp
2013-08-01 19:54 - 2013-08-01 19:54 - 00001313 ____T C:\Temp\MARA0C.tmp
2013-08-01 19:54 - 2013-08-01 19:54 - 00001285 ____T C:\Temp\MARA0D.tmp
2013-08-01 19:54 - 2013-08-01 19:54 - 00000073 _____ C:\Temp\upeC.tmp
2013-08-01 19:53 - 2013-08-01 19:53 - 00000281 _____ C:\Temp\upr7.tmp
2013-08-01 19:08 - 2013-08-01 19:06 - 00000213 _____ C:\Dokumente und Einstellungen\Karo\Eigene Dateien\Fixlist.txt
2013-08-01 19:01 - 2013-08-01 19:01 - 00001313 ____T C:\Temp\MARA0A.tmp
2013-08-01 19:01 - 2013-08-01 19:01 - 00001285 ____T C:\Temp\MARA0B.tmp
2013-08-01 19:00 - 2013-08-01 19:00 - 00000281 _____ C:\Temp\upr6.tmp
2013-08-01 19:00 - 2013-08-01 19:00 - 00000073 _____ C:\Temp\upe47.tmp
2013-07-31 15:22 - 2013-07-31 15:22 - 00000073 _____ C:\Temp\upeB.tmp
2013-07-31 15:22 - 2013-07-31 15:21 - 00000281 _____ C:\Temp\upr5.tmp
2013-07-31 15:17 - 2013-07-31 15:17 - 01781589 _____ (Farbar) C:\Dokumente und Einstellungen\Karo\Desktop\FRST64.exe
2013-07-31 15:16 - 2013-07-31 15:16 - 01222064 _____ (Farbar) C:\Dokumente und Einstellungen\Karo\Desktop\FRST.exe
2013-07-31 15:16 - 2013-07-31 15:16 - 00000000 ____D C:\FRST
2013-07-31 15:00 - 2013-07-31 15:00 - 00000281 _____ C:\Temp\uprA13.tmp
2013-07-31 15:00 - 2013-07-31 15:00 - 00000073 _____ C:\Temp\upeA14.tmp
2013-07-31 14:50 - 2013-07-31 14:50 - 00001313 ____T C:\Temp\MARA08.tmp
2013-07-31 14:50 - 2013-07-31 14:50 - 00001285 ____T C:\Temp\MARA09.tmp
2013-07-31 14:49 - 2013-07-31 14:49 - 00000281 _____ C:\Temp\upr4.tmp
2013-07-31 14:49 - 2013-07-31 14:49 - 00000073 _____ C:\Temp\upeA.tmp
2013-07-31 14:37 - 2011-02-02 00:25 - 00000000 ___RD C:\Dokumente und Einstellungen\Karo\Eigene Dateien\Eigene Musik
2013-07-31 14:36 - 2013-07-31 14:32 - 00000000 ____D C:\Temp\B5EC8CB8-BAB0-7891-93B8-0638EA6B0C45
2013-07-31 14:33 - 2013-07-30 15:10 - 00000735 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Open It!.lnk
2013-07-31 14:32 - 2013-07-31 14:32 - 00000281 _____ C:\Temp\uprF.tmp
2013-07-31 14:32 - 2013-07-31 14:32 - 00000073 _____ C:\Temp\upe10.tmp
2013-07-31 14:32 - 2013-07-31 14:32 - 00000000 ____D C:\Temp\tmp1985
2013-07-31 14:32 - 2013-07-31 14:32 - 00000000 ____D C:\Temp\ish135531
2013-07-31 14:32 - 2013-07-31 14:32 - 00000000 ____D C:\Programme\LyriXeeker
2013-07-31 14:32 - 2013-07-30 15:09 - 00000000 ____D C:\Temp\is357113909
2013-07-31 14:31 - 2013-07-31 14:31 - 00000281 _____ C:\Temp\upr3.tmp
2013-07-31 14:31 - 2013-07-31 14:31 - 00000073 _____ C:\Temp\upe9.tmp
2013-07-31 13:59 - 2013-07-31 13:52 - 00000000 ____D C:\Temp\CFC193DF-BAB0-7891-BDCD-EA1E26220A59
2013-07-31 13:56 - 2013-07-31 13:56 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Qtrax
2013-07-31 13:52 - 2013-07-31 13:52 - 00000281 _____ C:\Temp\uprA12.tmp
2013-07-31 13:52 - 2013-07-31 13:52 - 00000073 _____ C:\Temp\upeA13.tmp
2013-07-31 13:52 - 2013-07-31 13:52 - 00000000 ____D C:\Temp\tmp6241
2013-07-31 13:52 - 2013-07-31 13:52 - 00000000 ____D C:\Temp\ish18754078
2013-07-31 08:47 - 2013-07-31 08:45 - 00004392 _____ C:\Temp\HPWUCl084.log
2013-07-31 08:42 - 2013-07-31 08:42 - 00001313 ____T C:\Temp\MARA06.tmp
2013-07-31 08:42 - 2013-07-31 08:42 - 00001285 ____T C:\Temp\MARA07.tmp
2013-07-31 08:41 - 2013-07-31 08:41 - 00000073 _____ C:\Temp\upe8.tmp
2013-07-31 08:41 - 2013-07-31 08:40 - 00000272 _____ C:\Temp\upr2.tmp
2013-07-30 19:00 - 2013-07-30 19:00 - 00001313 ____T C:\Temp\MARA04.tmp
2013-07-30 19:00 - 2013-07-30 19:00 - 00001285 ____T C:\Temp\MARA05.tmp
2013-07-30 18:59 - 2013-07-30 18:59 - 00000073 _____ C:\Temp\upe7.tmp
2013-07-30 18:59 - 2013-07-30 18:58 - 00000272 _____ C:\Temp\upr1.tmp
2013-07-30 15:14 - 2013-07-30 15:10 - 00000000 ____D C:\Temp\1EA55D3C-BAB0-7891-9DA9-F386E4DCBD17
2013-07-30 15:10 - 2013-07-30 15:10 - 00000272 _____ C:\Temp\uprA07.tmp
2013-07-30 15:10 - 2013-07-30 15:10 - 00000073 _____ C:\Temp\upeA08.tmp
2013-07-30 15:10 - 2013-07-30 15:10 - 00000000 ____D C:\Temp\tmp1978
2013-07-30 15:10 - 2013-07-30 15:10 - 00000000 ____D C:\Temp\{2F822836-52C6-427A-8690-91732CB6F143}
2013-07-30 15:10 - 2013-07-30 15:10 - 00000000 ____D C:\Programme\OpenIt
2013-07-30 15:10 - 2013-07-30 15:10 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\DigitalSite
2013-07-30 15:09 - 2013-07-30 15:09 - 00717160 _____ C:\Dokumente und Einstellungen\Karo\Eigene Dateien\ZipOpenerSetup.exe
2013-07-30 15:09 - 2013-07-30 15:09 - 00000000 ____D C:\Temp\ish6262156
2013-07-30 13:41 - 2011-02-08 15:22 - 00000276 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2013-07-30 13:30 - 2013-07-30 13:30 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\Windows Search
2013-07-30 13:27 - 2013-07-30 13:27 - 00001313 ____T C:\Temp\MARA02.tmp
2013-07-30 13:27 - 2013-07-30 13:27 - 00001285 ____T C:\Temp\MARA03.tmp
2013-07-30 12:35 - 2013-04-14 20:54 - 00000000 ____D C:\Temp\nsd92C.tmp
2013-07-30 12:12 - 2011-02-01 23:38 - 00000000 ____D C:\Dokumente und Einstellungen\Erilk
2013-07-30 12:11 - 2011-01-31 20:44 - 00000190 ___SH C:\Dokumente und Einstellungen\Administrator\ntuser.ini
2013-07-30 11:59 - 2013-07-30 11:59 - 00001313 ____T C:\Temp\MAR9FE.tmp
2013-07-30 11:59 - 2013-07-30 11:59 - 00001285 ____T C:\Temp\MAR9FF.tmp
2013-07-30 11:55 - 2013-07-30 11:55 - 00001313 ____T C:\Temp\MARA00.tmp
2013-07-30 11:55 - 2013-07-30 11:55 - 00001285 ____T C:\Temp\MARA01.tmp
2013-07-30 11:22 - 2013-07-30 11:22 - 00001313 ____T C:\Temp\MAR9FC.tmp
2013-07-30 11:22 - 2013-07-30 11:22 - 00001285 ____T C:\Temp\MAR9FD.tmp
2013-07-30 00:04 - 2011-02-02 13:10 - 00000000 ____D C:\Temp\hsperfdata_Erilk
2013-07-29 22:42 - 2012-12-09 23:37 - 00000996 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-299502267-1682526488-1547161642-1003Core.job
2013-07-29 19:07 - 2013-07-29 19:07 - 00001313 ____T C:\Temp\MAR9FA.tmp
2013-07-29 19:07 - 2013-07-29 19:07 - 00001285 ____T C:\Temp\MAR9FB.tmp
2013-07-29 19:06 - 2013-07-29 19:06 - 00000000 ____D C:\Temp\svkah.tmp
2013-07-29 19:05 - 2013-07-29 19:05 - 00049152 _____ C:\Temp\~DF3474.tmp
2013-07-29 15:17 - 2013-07-29 15:17 - 00001313 ____T C:\Temp\MAR9F8.tmp
2013-07-29 15:17 - 2013-07-29 15:17 - 00001285 ____T C:\Temp\MAR9F9.tmp
2013-07-29 15:15 - 2013-07-29 15:15 - 00049152 _____ C:\Temp\~DF3F36.tmp
2013-07-29 12:01 - 2013-07-29 12:01 - 00001313 ____T C:\Temp\MAR9F6.tmp
2013-07-29 12:01 - 2013-07-29 12:01 - 00001285 ____T C:\Temp\MAR9F7.tmp
2013-07-29 12:00 - 2013-07-29 12:00 - 00049152 _____ C:\Temp\~DFEE53.tmp
2013-07-27 08:55 - 2013-07-27 08:55 - 00001313 ____T C:\Temp\MAR9F3.tmp
2013-07-27 08:55 - 2013-07-27 08:55 - 00001285 ____T C:\Temp\MAR9F5.tmp
2013-07-27 08:53 - 2013-07-27 08:53 - 00049152 _____ C:\Temp\~DF27CC.tmp
2013-07-27 02:41 - 2013-07-27 02:41 - 00001313 ____T C:\Temp\MAR9F2.tmp
2013-07-27 02:41 - 2013-07-27 02:41 - 00001285 ____T C:\Temp\MAR9F4.tmp
2013-07-27 02:39 - 2013-07-27 02:39 - 00049152 _____ C:\Temp\~DFD3.tmp
2013-07-27 02:36 - 2013-07-27 02:36 - 00016384 ____T C:\Temp\~DF2345.tmp
2013-07-27 02:35 - 2013-07-27 02:35 - 00016384 ____T C:\Temp\~DF9B0D.tmp
2013-07-27 02:35 - 2013-07-27 02:35 - 00000000 ____D C:\Temp\WER104a.dir00
2013-07-27 02:35 - 2013-07-27 02:35 - 00000000 ____D C:\Temp\WER1022.dir00
2013-07-27 02:34 - 2013-07-27 02:34 - 00016384 ____T C:\Temp\~DF2B6.tmp
2013-07-27 02:33 - 2013-07-27 02:33 - 00016384 ____T C:\Temp\~DF652B.tmp
2013-07-27 02:33 - 2013-07-27 02:33 - 00016384 ____T C:\Temp\~DF24D8.tmp
2013-07-27 02:32 - 2013-07-27 02:32 - 00000000 ____T C:\Temp\~DF998F.tmp
2013-07-27 02:30 - 2013-07-27 02:30 - 00000000 ____T C:\Temp\~DF7A36.tmp
2013-07-27 02:29 - 2013-07-27 02:29 - 18655396 _____ C:\Temp\fla9F3.tmp
2013-07-27 02:29 - 2013-07-27 02:29 - 00000000 ____T C:\Temp\~DF1194.tmp
2013-07-27 02:28 - 2013-07-27 02:03 - 00016384 ____T C:\Temp\~DF237.tmp
2013-07-27 02:03 - 2013-07-27 02:03 - 00001313 ____T C:\Temp\MAR9F0.tmp
2013-07-27 02:03 - 2013-07-27 02:03 - 00001285 ____T C:\Temp\MAR9F1.tmp
2013-07-27 02:03 - 2013-07-27 02:03 - 00000000 ____T C:\Temp\~DFBE36.tmp
2013-07-27 02:02 - 2013-07-27 02:02 - 00049152 _____ C:\Temp\~DF2A07.tmp
2013-07-27 02:02 - 2013-07-27 02:02 - 00016384 ____T C:\Temp\Perflib_Perfdata_fe8.dat
2013-07-26 14:58 - 2013-07-26 14:58 - 00000000 ____T C:\Temp\~DFC07F.tmp
2013-07-26 14:58 - 2013-07-26 14:58 - 00000000 ____T C:\Temp\~DFB5B8.tmp
2013-07-26 14:48 - 2013-07-26 14:48 - 00001313 ____T C:\Temp\MAR9EE.tmp
2013-07-26 14:48 - 2013-07-26 14:48 - 00001285 ____T C:\Temp\MAR9EF.tmp
2013-07-26 14:47 - 2013-07-26 14:47 - 00016384 ____T C:\Temp\Perflib_Perfdata_7c0.dat
2013-07-26 14:46 - 2013-07-26 14:46 - 00049152 _____ C:\Temp\~DF209D.tmp
2013-07-25 21:06 - 2013-07-25 21:06 - 00001313 ____T C:\Temp\MAR9EC.tmp
2013-07-25 21:06 - 2013-07-25 21:06 - 00001285 ____T C:\Temp\MAR9ED.tmp
2013-07-25 21:04 - 2013-07-25 21:04 - 00049152 _____ C:\Temp\~DF22E4.tmp
2013-07-25 12:42 - 2013-07-25 12:42 - 00000000 ____D C:\Programme\Adobe
2013-07-25 12:42 - 2011-02-02 15:33 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Adobe
2013-07-25 12:35 - 2013-07-25 12:35 - 00001313 ____T C:\Temp\MAR9EA.tmp
2013-07-25 12:35 - 2013-07-25 12:35 - 00001285 ____T C:\Temp\MAR9EB.tmp
2013-07-25 12:33 - 2013-07-25 12:33 - 00049152 _____ C:\Temp\~DF7DC4.tmp
2013-07-25 00:26 - 2013-07-25 00:26 - 00001313 ____T C:\Temp\MAR9E7.tmp
2013-07-25 00:26 - 2013-07-25 00:26 - 00001285 ____T C:\Temp\MAR9E9.tmp
2013-07-25 00:24 - 2013-07-25 00:24 - 00049152 _____ C:\Temp\~DFD00C.tmp
2013-07-24 14:05 - 2013-07-24 14:05 - 00001313 ____T C:\Temp\MAR9E6.tmp
2013-07-24 14:05 - 2013-07-24 14:05 - 00001285 ____T C:\Temp\MAR9E8.tmp
2013-07-24 14:03 - 2013-07-24 14:03 - 00049152 _____ C:\Temp\~DFF7C6.tmp
2013-07-23 23:23 - 2013-07-23 23:21 - 00004392 _____ C:\Temp\HPWUCl083.log
2013-07-23 23:19 - 2013-07-23 23:19 - 00001313 ____T C:\Temp\MAR9E4.tmp
2013-07-23 23:19 - 2013-07-23 23:19 - 00001285 ____T C:\Temp\MAR9E5.tmp
2013-07-23 23:17 - 2013-07-23 23:17 - 00049152 _____ C:\Temp\~DF6ACC.tmp
2013-07-23 15:02 - 2013-07-23 15:02 - 00001313 ____T C:\Temp\MAR9E2.tmp
2013-07-23 15:02 - 2013-07-23 15:02 - 00001285 ____T C:\Temp\MAR9E3.tmp
2013-07-23 15:00 - 2013-07-23 15:00 - 00049152 _____ C:\Temp\~DFDDC5.tmp
2013-07-23 12:34 - 2013-07-23 12:34 - 00001313 ____T C:\Temp\MAR9E0.tmp
2013-07-23 12:34 - 2013-07-23 12:34 - 00001285 ____T C:\Temp\MAR9E1.tmp
2013-07-23 12:32 - 2013-07-23 12:32 - 00049152 _____ C:\Temp\~DFE25E.tmp
2013-07-23 00:49 - 2013-07-23 00:49 - 00001313 ____T C:\Temp\MAR9DE.tmp
2013-07-23 00:49 - 2013-07-23 00:49 - 00001285 ____T C:\Temp\MAR9DF.tmp
2013-07-23 00:47 - 2013-07-23 00:47 - 00049152 _____ C:\Temp\~DF1E6A.tmp
2013-07-22 14:31 - 2013-07-22 14:31 - 00001313 ____T C:\Temp\MAR9DC.tmp
2013-07-22 14:31 - 2013-07-22 14:31 - 00001285 ____T C:\Temp\MAR9DD.tmp
2013-07-22 14:29 - 2013-07-22 14:29 - 00049152 _____ C:\Temp\~DFE12A.tmp
2013-07-21 22:39 - 2013-07-21 22:19 - 00016384 ____T C:\Temp\~DFF32C.tmp
2013-07-21 22:19 - 2013-07-21 22:19 - 00000000 ____T C:\Temp\~DFEACA.tmp
2013-07-21 16:38 - 2013-07-21 16:38 - 00001313 ____T C:\Temp\MAR9DA.tmp
2013-07-21 16:38 - 2013-07-21 16:38 - 00001285 ____T C:\Temp\MAR9DB.tmp
2013-07-21 16:37 - 2013-07-21 16:37 - 00016384 ____T C:\Temp\Perflib_Perfdata_9cc.dat
2013-07-21 16:36 - 2013-07-21 16:36 - 00049152 _____ C:\Temp\~DF8E7.tmp
2013-07-21 16:33 - 2013-07-21 16:28 - 00016384 ____T C:\Temp\~DFFB26.tmp
2013-07-21 16:32 - 2013-07-21 16:28 - 00016384 ____T C:\Temp\~DFE8E2.tmp
2013-07-21 16:30 - 2013-07-21 16:29 - 00016384 ____T C:\Temp\~DFF9F2.tmp
2013-07-21 16:30 - 2013-07-21 16:28 - 00016384 ____T C:\Temp\~DF9676.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00057344 ____T C:\Temp\~DF41EB.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00000000 ____T C:\Temp\~DFCB8A.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00000000 ____T C:\Temp\~DFBA2C.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00000000 ____T C:\Temp\~DF8322.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00000000 ____T C:\Temp\~DF521.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00000000 ____T C:\Temp\~DF2964.tmp
2013-07-21 16:29 - 2013-07-21 16:28 - 00016384 ____T C:\Temp\~DF8474.tmp
2013-07-21 16:28 - 2013-07-21 16:28 - 00000000 ____T C:\Temp\~DF2D5C.tmp
2013-07-21 16:27 - 2013-07-21 16:23 - 00016384 ____T C:\Temp\~DFD4C7.tmp
2013-07-21 16:23 - 2013-07-21 16:23 - 00016384 ____T C:\Temp\~DFC7E7.tmp
2013-07-21 14:04 - 2013-07-21 14:04 - 00001313 ____T C:\Temp\MAR9D8.tmp
2013-07-21 14:04 - 2013-07-21 14:04 - 00001285 ____T C:\Temp\MAR9D9.tmp
2013-07-21 14:03 - 2013-07-21 14:03 - 00049152 _____ C:\Temp\~DFE92F.tmp
2013-07-20 16:09 - 2013-07-20 16:09 - 00001313 ____T C:\Temp\MAR9D6.tmp
2013-07-20 16:09 - 2013-07-20 16:09 - 00001285 ____T C:\Temp\MAR9D7.tmp
2013-07-20 16:08 - 2013-07-20 16:08 - 00049152 _____ C:\Temp\~DFEB37.tmp
2013-07-20 14:17 - 2013-07-20 14:17 - 00001313 ____T C:\Temp\MAR9D3.tmp
2013-07-20 14:17 - 2013-07-20 14:17 - 00001285 ____T C:\Temp\MAR9D5.tmp
2013-07-20 14:15 - 2013-07-20 14:15 - 00049152 _____ C:\Temp\~DF576E.tmp
2013-07-19 02:24 - 2013-07-19 02:24 - 00001313 ____T C:\Temp\MAR9D2.tmp
2013-07-19 02:24 - 2013-07-19 02:24 - 00001285 ____T C:\Temp\MAR9D4.tmp
2013-07-19 02:22 - 2013-07-19 02:22 - 00049152 _____ C:\Temp\~DFC222.tmp
2013-07-17 19:00 - 2013-07-17 19:00 - 00001313 ____T C:\Temp\MAR9D0.tmp
2013-07-17 19:00 - 2013-07-17 19:00 - 00001285 ____T C:\Temp\MAR9D1.tmp
2013-07-17 18:58 - 2013-07-17 18:58 - 00049152 _____ C:\Temp\~DFD784.tmp
2013-07-16 20:47 - 2013-03-17 20:41 - 00000637 _____ C:\Temp\IOConnection.txt
2013-07-16 20:35 - 2013-07-16 20:35 - 00047416 ____T C:\Temp\DIOADD.tmp
2013-07-16 20:34 - 2013-07-16 20:34 - 00047416 ____T C:\Temp\DIOA20.tmp
2013-07-16 20:34 - 2013-07-16 20:34 - 00047416 ____T C:\Temp\DIO9EB.tmp
2013-07-16 19:02 - 2013-07-16 19:00 - 00004392 _____ C:\Temp\HPWUCl082.log
2013-07-16 18:57 - 2013-07-16 18:57 - 00001313 ____T C:\Temp\MAR9CE.tmp
2013-07-16 18:57 - 2013-07-16 18:57 - 00001285 ____T C:\Temp\MAR9CF.tmp
2013-07-16 18:55 - 2013-07-16 18:55 - 00049152 _____ C:\Temp\~DF9742.tmp
2013-07-15 18:15 - 2013-07-15 18:15 - 00001313 ____T C:\Temp\MAR9CC.tmp
2013-07-15 18:15 - 2013-07-15 18:15 - 00001285 ____T C:\Temp\MAR9CD.tmp
2013-07-15 18:13 - 2013-07-15 18:13 - 00049152 _____ C:\Temp\~DFF71D.tmp
2013-07-15 04:54 - 2013-07-15 04:54 - 00001313 ____T C:\Temp\MAR9CA.tmp
2013-07-15 04:54 - 2013-07-15 04:54 - 00001285 ____T C:\Temp\MAR9CB.tmp
2013-07-15 04:51 - 2013-07-15 04:51 - 00049152 _____ C:\Temp\~DFE7C.tmp
2013-07-14 15:28 - 2013-07-14 15:28 - 00001313 ____T C:\Temp\MAR9C8.tmp
2013-07-14 15:28 - 2013-07-14 15:28 - 00001285 ____T C:\Temp\MAR9C9.tmp
2013-07-14 15:26 - 2013-07-14 15:26 - 00049152 _____ C:\Temp\~DF3C5A.tmp
2013-07-14 07:45 - 2013-07-14 07:45 - 00001313 ____T C:\Temp\MAR9C6.tmp
2013-07-14 07:45 - 2013-07-14 07:45 - 00001285 ____T C:\Temp\MAR9C7.tmp
2013-07-14 07:43 - 2013-07-14 07:43 - 00049152 _____ C:\Temp\~DF2D8.tmp
2013-07-14 00:09 - 2013-07-14 00:09 - 00001313 ____T C:\Temp\MAR9C4.tmp
2013-07-14 00:09 - 2013-07-14 00:09 - 00001285 ____T C:\Temp\MAR9C5.tmp
2013-07-14 00:08 - 2013-07-14 00:08 - 00049152 _____ C:\Temp\~DF298.tmp
2013-07-13 15:12 - 2013-07-13 15:12 - 00001313 ____T C:\Temp\MAR9C2.tmp
2013-07-13 15:12 - 2013-07-13 15:12 - 00001285 ____T C:\Temp\MAR9C3.tmp
2013-07-13 15:11 - 2013-07-13 15:11 - 00049152 _____ C:\Temp\~DF30AC.tmp
2013-07-13 11:11 - 2013-07-13 11:11 - 00001313 ____T C:\Temp\MAR9C0.tmp
2013-07-13 11:11 - 2013-07-13 11:11 - 00001285 ____T C:\Temp\MAR9C1.tmp
2013-07-13 11:09 - 2013-07-13 11:09 - 00049152 _____ C:\Temp\~DF2A1C.tmp
2013-07-13 11:07 - 2013-07-13 11:07 - 00000000 ____T C:\Temp\~DF607C.tmp
2013-07-13 11:05 - 2013-07-13 11:03 - 00016384 ____T C:\Temp\~DFBC83.tmp
2013-07-13 11:03 - 2013-07-13 11:03 - 00000000 ____T C:\Temp\~DFB452.tmp
2013-07-13 11:01 - 2013-07-13 11:01 - 00001313 ____T C:\Temp\MAR9BE.tmp
2013-07-13 11:01 - 2013-07-13 11:01 - 00001285 ____T C:\Temp\MAR9BF.tmp
2013-07-13 11:00 - 2013-07-13 11:00 - 00016384 ____T C:\Temp\Perflib_Perfdata_98c.dat
2013-07-13 10:59 - 2013-07-13 10:59 - 00049152 _____ C:\Temp\~DFB9C4.tmp
2013-07-12 15:41 - 2011-01-31 21:24 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-07-12 15:16 - 2011-02-14 19:01 - 00000649 _____ C:\Temp\AdobeARM_NotLocked.log
2013-07-12 15:09 - 2013-07-12 15:09 - 00001313 ____T C:\Temp\MAR9BC.tmp
2013-07-12 15:09 - 2013-07-12 15:09 - 00001285 ____T C:\Temp\MAR9BD.tmp
2013-07-12 15:07 - 2013-07-12 15:07 - 00049152 _____ C:\Temp\~DFAA2F.tmp
2013-07-12 15:06 - 2012-09-26 20:13 - 00000000 ____D C:\Programme\Microsoft Silverlight
2013-07-12 15:06 - 2011-01-31 20:22 - 00121336 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-07-11 21:41 - 2013-07-11 21:41 - 00123763 _____ C:\WINDOWS\KB2834904.log
2013-07-11 21:41 - 2013-07-11 21:41 - 00123541 _____ C:\WINDOWS\KB2834886.log
2013-07-11 21:41 - 2013-07-11 21:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850851$
2013-07-11 21:41 - 2013-07-11 21:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904_WM11$
2013-07-11 21:41 - 2013-07-11 21:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$
2013-07-11 21:41 - 2013-07-11 19:03 - 00128560 _____ C:\WINDOWS\KB2850851.log
2013-07-11 21:41 - 2011-02-09 19:14 - 00001374 _____ C:\WINDOWS\imsins.BAK
2013-07-11 21:40 - 2013-07-11 21:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845187$
2013-07-11 21:40 - 2013-07-11 19:03 - 00127298 _____ C:\WINDOWS\KB2845187.log
2013-07-11 21:40 - 2011-01-31 20:24 - 01034830 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-07-11 21:32 - 2011-01-31 21:33 - 75699896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-07-11 21:31 - 2013-07-11 21:30 - 00128951 _____ C:\WINDOWS\KB2846071-IE8.log
2013-07-11 21:31 - 2011-02-09 19:14 - 00067906 _____ C:\WINDOWS\updspapi.log
2013-07-11 21:31 - 2011-01-31 21:35 - 00000000 ____D C:\WINDOWS\ie8updates
2013-07-11 21:23 - 2011-01-31 21:25 - 00000000 ____D C:\WINDOWS\system32\XPSViewer
2013-07-11 18:58 - 2013-07-11 18:58 - 00001313 ____T C:\Temp\MAR9BA.tmp
2013-07-11 18:58 - 2013-07-11 18:58 - 00001285 ____T C:\Temp\MAR9BB.tmp
2013-07-11 18:56 - 2013-07-11 18:56 - 00049152 _____ C:\Temp\~DF3661.tmp
2013-07-10 19:56 - 2013-07-10 19:56 - 00001313 ____T C:\Temp\MAR9B8.tmp
2013-07-10 19:56 - 2013-07-10 19:56 - 00001285 ____T C:\Temp\MAR9B9.tmp
2013-07-10 19:54 - 2013-07-10 19:54 - 00049152 _____ C:\Temp\~DF9409.tmp
2013-07-10 18:23 - 2013-07-10 18:23 - 00001313 ____T C:\Temp\MAR9B6.tmp
2013-07-10 18:23 - 2013-07-10 18:23 - 00001285 ____T C:\Temp\MAR9B7.tmp
2013-07-10 18:21 - 2013-07-10 18:21 - 00049152 _____ C:\Temp\~DF13FD.tmp
2013-07-09 22:24 - 2013-07-09 22:24 - 00001313 ____T C:\Temp\MAR9B4.tmp
2013-07-09 22:24 - 2013-07-09 22:24 - 00001285 ____T C:\Temp\MAR9B5.tmp
2013-07-09 22:22 - 2013-07-09 22:22 - 00049152 _____ C:\Temp\~DF2052.tmp
2013-07-09 22:18 - 2013-07-09 22:18 - 04518624 _____ C:\Temp\fla9FA.tmp
2013-07-09 22:18 - 2013-07-09 22:18 - 01339208 _____ C:\Temp\fla9F8.tmp
2013-07-09 22:18 - 2013-07-09 22:18 - 01084901 _____ C:\Temp\fla9F9.tmp
2013-07-09 22:18 - 2013-07-09 22:18 - 00523260 _____ C:\Temp\fla9F7.tmp
2013-07-09 22:18 - 2013-07-09 22:18 - 00016384 ____T C:\Temp\~DFB514.tmp
2013-07-09 22:12 - 2013-07-09 22:12 - 00020480 ____T C:\Temp\~DF5F.tmp
2013-07-09 22:12 - 2013-07-09 22:12 - 00000000 ____T C:\Temp\~DFFF9A.tmp
2013-07-09 22:11 - 2013-07-09 21:05 - 00016384 ____T C:\Temp\~DF4AEB.tmp
2013-07-09 20:16 - 2013-07-09 20:16 - 00016384 ____T C:\Temp\~DF64D7.tmp
2013-07-09 19:38 - 2013-07-09 19:38 - 00001313 ____T C:\Temp\MAR9B2.tmp
2013-07-09 19:38 - 2013-07-09 19:38 - 00001285 ____T C:\Temp\MAR9B3.tmp
2013-07-09 19:36 - 2013-07-09 19:36 - 00049152 _____ C:\Temp\~DFBCB6.tmp
2013-07-09 19:36 - 2013-07-09 19:36 - 00016384 ____T C:\Temp\Perflib_Perfdata_1ac.dat
2013-07-08 21:24 - 2013-07-08 21:22 - 00002190 _____ C:\Temp\HPWUCl081.log
2013-07-08 21:19 - 2013-07-08 21:19 - 00001313 ____T C:\Temp\MAR9B0.tmp
2013-07-08 21:19 - 2013-07-08 21:19 - 00001285 ____T C:\Temp\MAR9B1.tmp
2013-07-08 21:17 - 2013-07-08 21:17 - 00049152 _____ C:\Temp\~DF4F03.tmp
2013-07-07 16:39 - 2013-07-07 16:39 - 00001313 ____T C:\Temp\MAR9AE.tmp
2013-07-07 16:39 - 2013-07-07 16:39 - 00001285 ____T C:\Temp\MAR9AF.tmp
2013-07-07 16:37 - 2013-07-07 16:37 - 00049152 _____ C:\Temp\~DFF32A.tmp
2013-07-06 05:58 - 2013-07-06 05:58 - 00001313 ____T C:\Temp\MAR9AC.tmp
2013-07-06 05:58 - 2013-07-06 05:58 - 00001285 ____T C:\Temp\MAR9AD.tmp
2013-07-06 05:57 - 2013-07-06 05:57 - 00049152 _____ C:\Temp\~DFE5E7.tmp
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2008-04-14 06:52] - [2008-04-14 06:52] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e
C:\Windows\System32\winlogon.exe
[2008-04-14 06:53] - [2008-04-14 06:53] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a
C:\Windows\System32\svchost.exe
[2008-04-14 06:53] - [2008-04-14 06:53] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366
C:\Windows\System32\services.exe
[2008-04-14 06:53] - [2009-02-09 13:21] - 0111104 ____A (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc
C:\Windows\System32\User32.dll
[2008-04-14 06:52] - [2008-04-14 06:52] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd
C:\Windows\System32\userinit.exe
[2008-04-14 06:53] - [2008-04-14 06:53] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106
C:\Windows\System32\Drivers\volsnap.sys
[2008-04-14 06:22] - [2008-04-14 06:22] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d
==================== End Of Log ============================
--- --- --- |
|
06.08.2013, 16:00
| #17 |
| /// the machine /// TB-Ausbilder    | BKA-Trojaner Bitte ne neue Version von FRST laden und nochmal scannen lassen
__________________
__________________ |
|
06.08.2013, 16:52
| #18 |
| | BKA-TrojanerFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-08-2013
Ran by Karo (administrator) on 06-08-2013 15:48:38
Running from C:\Dokumente und Einstellungen\Karo\Desktop
Microsoft Windows XP Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Could not list processes ===============
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDCPL] - C:\Windows\RTHDCPL.EXE [16062464 2006-12-19] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SkyTel] - C:\Windows\SkyTel.EXE [2879488 2006-05-16] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] - C:\Windows\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [avgnt] - C:\Programme\Avira\AntiVir Desktop\avgnt.exe [281768 2010-12-13] (Avira GmbH)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [249064 2010-10-29] (Sun Microsystems, Inc.)
HKLM\...\Run: [AppleSyncNotifier] - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.)
HKLM\...\Run: [LWS] - C:\Programme\Logitech\LWS\Webcam Software\LWS.exe [165208 2010-05-07] (Logitech Inc.)
HKLM\...\Run: [HP Software Update] - C:\Programme\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM\...\Run: [APSDaemon] - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Programme\iTunes\iTunesHelper.exe [421736 2011-11-13] (Apple Inc.)
HKLM\...\Run: [KiesTrayAgent] - C:\Programme\Samsung\Kies\KiesTrayAgent.exe [309688 2012-12-03] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [Adobe ARM] - C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-10] (Adobe Systems Incorporated)
HKCU\...\Run: [StartCCC] - C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [90112 2006-11-10] ()
HKCU\...\Run: [swg] - "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [x]
HKCU\...\Run: [Logitech Vid HD] - C:\Programme\Logitech\Vid\vid.exe [6061400 2010-05-11] (Logitech Inc.)
HKCU\...\Run: [MSMSGS] - C:\Programme\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKCU\...\Run: [NTRedirect] - C:\WINDOWS\system32\rundll32.exe "C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\BabSolution\Shared\NTRedirect.dll",Run [x]
HKU\Administrator\...\Run: [] - [x]
HKU\Administrator\...\Run: [StartCCC] - C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [ 2006-11-10] ()
HKU\Administrator\...\Run: [swg] - "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [x]
HKU\Administrator\...\Run: [MSMSGS] - C:\Programme\Messenger\msmsgs.exe [ 2008-04-14] (Microsoft Corporation)
HKU\Administrator\...\Run: [ctfmon32.exe] - C:\DOKUME~1\ALLUSE~1\ANWEND~1\rundll32.exe C:\DOKUME~1\ALLUSE~1\ANWEND~1\jhlor.dat,XFG00 [x] <===== ATTENTION
HKU\Administrator\...\RunOnce: [FlashPlayerUpdate] - C:\WINDOWS\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe -update activex [x]
HKU\Default User\...\RunOnce: [nltide_3] - C:\Windows\System32\advpack.dll [ 2009-03-08] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [_nltide_3] - C:\Windows\System32\advpack.dll [ 2009-03-08] (Microsoft Corporation)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\REALTEK 11n USB Wireless LAN Utility.lnk
ShortcutTarget: REALTEK 11n USB Wireless LAN Utility.lnk -> C:\Programme\Realtek\11n USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Windows Search.lnk
ShortcutTarget: Windows Search.lnk -> C:\Programme\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
Startup: C:\Dokumente und Einstellungen\Karo\Startmenü\Programme\Autostart\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {65759893-8694-43BC-876A-6699814FD7C9} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=827316&p={searchTerms}
SearchScopes: HKCU - {C8AAC839-E6AB-418F-8444-2AFA890364E6} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=DVS2&o=1586&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^AAA&apn_dtid=^YYYYYY^YY^DE&apn_uid=59755d13-de52-4e86-869b-39980b806c89&apn_sauid=7A519D86-4CC2-4414-A0B5-FA937669223B
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: LyricXeeker - {17E58097-6CA5-448B-830F-2A19678248FB} - C:\Programme\LyriXeeker\125.dll (LyriXeeker Tech)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKCU -No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1296499764250
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ipp - No CLSID Value -
Handler: msdaipp - No CLSID Value -
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL (Skype Technologies)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Programme\Avira\AntiVir Desktop\sched.exe [136360 2011-05-08] (Avira GmbH)
R2 AntiVirService; C:\Programme\Avira\AntiVir Desktop\avguard.exe [269480 2011-06-28] (Avira GmbH)
R3 hpqcxs08; C:\Programme\HP\Digital Imaging\bin\hpqcxs08.dll [253568 2009-11-18] (Hewlett-Packard Co.)
R2 hpqddsvc; C:\Programme\HP\Digital Imaging\bin\hpqddsvc.dll [137344 2009-11-18] (Hewlett-Packard Co.)
R3 iPod Service; C:\Programme\iPod\bin\iPodService.exe [821608 2011-11-13] (Apple Inc.)
R2 LVPrcSrv; C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcSrv.exe [162648 2010-05-07] (Logitech Inc.)
R2 Skype C2C Service; C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
S2 SkypeUpdate; C:\Programme\Skype\Updater\Updater.exe [161384 2013-02-28] (Skype Technologies)
S3 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2009-02-04] (Microsoft Corporation)
S4 HidServ; %SystemRoot%\System32\hidserv.dll [x]
R2 JavaQuickStarterService; "C:\Programme\Java\jre6\bin\jqs.exe" -service -config "C:\Programme\Java\jre6\lib\deploy\jqs\jqs.conf" [x]
S2 winmgmt; C:\DOKUME~1\Erilk\5085948.dll [x]
==================== Drivers (Whitelisted) ====================
R2 AegisP; C:\Windows\System32\DRIVERS\AegisP.sys [21361 2011-01-31] (Cisco Systems, Inc.)
R3 AR5416; C:\Windows\System32\DRIVERS\athw.sys [1606368 2011-01-31] (Atheros Communications, Inc.)
R1 avgio; C:\Programme\Avira\AntiVir Desktop\avgio.sys [11608 2010-06-17] (Avira GmbH)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [66616 2011-06-28] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [138192 2011-06-28] (Avira GmbH)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 CompFilter; C:\Windows\System32\DRIVERS\lvbusflt.sys [20704 2010-05-14] (Logitech Inc.)
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] (Windows (R) Server 2003 DDK provider)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49920 2008-10-29] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2008-10-29] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2008-10-29] (HP)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25824 2010-05-07] ()
S3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-14] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
S3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [11136 2008-04-14] (Microsoft Corporation)
S3 sscebus; C:\Windows\System32\DRIVERS\sscebus.sys [98560 2012-06-27] (MCCI Corporation)
S3 sscemdfl; C:\Windows\System32\DRIVERS\sscemdfl.sys [14848 2012-06-27] (MCCI Corporation)
S3 sscemdm; C:\Windows\System32\DRIVERS\sscemdm.sys [123648 2012-06-27] (MCCI Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2010-06-17] (Avira GmbH)
S3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [15232 2008-04-14] (Microsoft Corporation)
S3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-14] (Microsoft Corporation)
S4 IntelIde; No ImagePath
S3 USBAAPL; System32\Drivers\usbaapl.sys [x]
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-06 15:50 - 2013-08-06 15:50 - 00013366 _____ C:\Temp\log3
2013-08-06 15:50 - 2013-08-06 15:50 - 00004890 _____ C:\Temp\log1
2013-08-06 15:49 - 2013-08-06 15:49 - 00000003 _____ C:\Temp\others
2013-08-06 15:48 - 2013-08-06 15:50 - 00011137 _____ C:\Temp\frstlog
2013-08-06 15:48 - 2013-08-06 15:48 - 00000303 _____ C:\Temp\users00
2013-08-06 15:45 - 2013-08-06 15:45 - 00032768 _____ C:\Temp\~DF5AC4.tmp
2013-08-06 15:45 - 2013-08-06 15:45 - 00032768 _____ C:\Temp\~DF2EAD.tmp
2013-08-06 15:45 - 2013-08-06 15:45 - 00016384 _____ C:\Temp\~DF588C.tmp
2013-08-06 15:45 - 2013-08-06 15:45 - 00000512 ____T C:\Temp\~DF5AD2.tmp
2013-08-06 15:45 - 2013-08-06 15:45 - 00000512 ____T C:\Temp\~DF5987.tmp
2013-08-06 15:45 - 2013-08-06 15:45 - 00000512 ____T C:\Temp\~DF3061.tmp
2013-08-06 15:44 - 2013-08-06 15:45 - 00016384 ____T C:\Temp\~DFDE91.tmp
2013-08-06 15:44 - 2013-08-06 15:44 - 00000000 ____T C:\Temp\~DFD487.tmp
2013-08-06 15:38 - 2013-08-06 15:38 - 00001313 ____T C:\Temp\MARA20.tmp
2013-08-06 15:38 - 2013-08-06 15:38 - 00001285 ____T C:\Temp\MARA21.tmp
2013-08-06 15:38 - 2013-08-06 15:38 - 00000000 ____D C:\Temp\sv4g2.tmp
2013-08-06 15:37 - 2013-08-06 15:37 - 00000281 _____ C:\Temp\upr12.tmp
2013-08-06 15:37 - 2013-08-06 15:37 - 00000072 _____ C:\Temp\upe18.tmp
2013-08-06 15:37 - 2013-08-06 15:37 - 00000000 ____D C:\Temp\WPDNSE
2013-08-05 20:43 - 2013-08-05 20:43 - 00000072 _____ C:\Temp\upeA22.tmp
2013-08-05 20:41 - 2013-08-05 20:41 - 00001313 ____T C:\Temp\MARA1E.tmp
2013-08-05 20:41 - 2013-08-05 20:41 - 00001285 ____T C:\Temp\MARA1F.tmp
2013-08-05 20:41 - 2013-08-05 20:41 - 00000000 _____ C:\Temp\upe8FC.tmp
2013-08-05 20:40 - 2013-08-05 20:40 - 00000000 _____ C:\Temp\upe17.tmp
2013-08-05 20:39 - 2013-08-05 20:39 - 00000000 _____ C:\Temp\upr11.tmp
2013-08-05 17:19 - 2013-08-05 17:19 - 00001313 ____T C:\Temp\MARA1C.tmp
2013-08-05 17:19 - 2013-08-05 17:19 - 00001285 ____T C:\Temp\MARA1D.tmp
2013-08-05 17:18 - 2013-08-05 17:18 - 00000281 _____ C:\Temp\upr10.tmp
2013-08-05 17:18 - 2013-08-05 17:18 - 00000072 _____ C:\Temp\upe16.tmp
2013-08-05 16:14 - 2013-08-05 16:14 - 00000072 _____ C:\Temp\upeA1F.tmp
2013-08-05 16:12 - 2013-08-05 16:12 - 00001313 ____T C:\Temp\MARA1A.tmp
2013-08-05 16:12 - 2013-08-05 16:12 - 00001285 ____T C:\Temp\MARA1B.tmp
2013-08-05 16:12 - 2013-08-05 16:12 - 00000000 _____ C:\Temp\upe77D.tmp
2013-08-05 16:11 - 2013-08-05 16:11 - 00000000 _____ C:\Temp\upe15.tmp
2013-08-05 16:10 - 2013-08-05 16:10 - 00000000 _____ C:\Temp\uprE.tmp
2013-08-05 16:01 - 2013-08-05 16:01 - 00028832 _____ C:\Temp\java_install.log
2013-08-05 16:01 - 2011-02-02 22:40 - 00157472 _____ (Sun Microsystems, Inc.) C:\WINDOWS\system32\javaws.exe
2013-08-05 16:01 - 2011-02-02 22:40 - 00145184 _____ (Sun Microsystems, Inc.) C:\WINDOWS\system32\javaw.exe
2013-08-05 16:01 - 2011-02-02 22:40 - 00145184 _____ (Sun Microsystems, Inc.) C:\WINDOWS\system32\java.exe
2013-08-05 16:00 - 2013-08-05 16:00 - 00077824 _____ C:\Temp\f69ce.mst
2013-08-05 15:55 - 2013-08-05 15:55 - 00448512 _____ (OldTimer Tools) C:\Dokumente und Einstellungen\Karo\Desktop\TFC.exe
2013-08-05 15:53 - 2013-08-05 15:53 - 00392032 _____ (Softonic ) C:\Dokumente und Einstellungen\Karo\Desktop\SoftonicDownloader_fuer_temp-file-cleaner.exe
2013-08-05 15:46 - 2013-08-05 15:46 - 00001313 ____T C:\Temp\MARA18.tmp
2013-08-05 15:46 - 2013-08-05 15:46 - 00001285 ____T C:\Temp\MARA19.tmp
2013-08-05 15:45 - 2013-08-05 15:45 - 00000281 _____ C:\Temp\uprD.tmp
2013-08-05 15:45 - 2013-08-05 15:45 - 00000072 _____ C:\Temp\upe14.tmp
2013-08-04 16:56 - 2013-08-04 16:56 - 00001313 ____T C:\Temp\MARA16.tmp
2013-08-04 16:56 - 2013-08-04 16:56 - 00001285 ____T C:\Temp\MARA17.tmp
2013-08-04 16:55 - 2013-08-04 16:55 - 00000281 _____ C:\Temp\uprC.tmp
2013-08-04 16:55 - 2013-08-04 16:55 - 00000072 _____ C:\Temp\upe13.tmp
2013-08-03 12:18 - 2013-08-03 12:18 - 00000000 ____D C:\Temp\RarSFX0
2013-08-03 12:14 - 2013-08-03 12:15 - 00891098 _____ C:\Dokumente und Einstellungen\Karo\Desktop\SecurityCheck.exe
2013-08-03 03:33 - 2013-08-03 03:33 - 00001313 ____T C:\Temp\MARA14.tmp
2013-08-03 03:33 - 2013-08-03 03:33 - 00001285 ____T C:\Temp\MARA15.tmp
2013-08-03 03:32 - 2013-08-03 03:32 - 00000073 _____ C:\Temp\upe12.tmp
2013-08-03 03:31 - 2013-08-03 03:32 - 00000281 _____ C:\Temp\uprB.tmp
2013-08-02 23:57 - 2013-08-02 23:57 - 03126311 _____ C:\Temp\NOD377B.tmp
2013-08-02 23:57 - 2013-08-02 23:57 - 00000333 _____ C:\Temp\NOD3B87.tmp
2013-08-02 23:34 - 2013-08-02 23:34 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\ESET
2013-08-02 23:33 - 2013-08-02 23:33 - 00264880 _____ (ESET) C:\Temp\InstHelper.exe
2013-08-02 22:44 - 2013-08-02 22:44 - 00001313 ____T C:\Temp\MARA12.tmp
2013-08-02 22:44 - 2013-08-02 22:44 - 00001285 ____T C:\Temp\MARA13.tmp
2013-08-02 22:43 - 2013-08-02 22:43 - 00000281 _____ C:\Temp\uprA.tmp
2013-08-02 22:43 - 2013-08-02 22:43 - 00000073 _____ C:\Temp\upe11.tmp
2013-08-02 14:01 - 2013-08-02 14:01 - 00062770 _____ C:\Dokumente und Einstellungen\Karo\Desktop\FRST2.txt
2013-08-02 14:00 - 2013-08-02 14:00 - 00029310 _____ C:\Dokumente und Einstellungen\Karo\Desktop\Addition2.txt
2013-08-02 13:18 - 2013-08-02 13:18 - 00000073 _____ C:\Temp\upeA12.tmp
2013-08-02 13:16 - 2013-08-02 13:16 - 00001313 ____T C:\Temp\MARA10.tmp
2013-08-02 13:16 - 2013-08-02 13:16 - 00001285 ____T C:\Temp\MARA11.tmp
2013-08-02 13:16 - 2013-08-02 13:16 - 00000000 _____ C:\Temp\upeF.tmp
2013-08-02 13:15 - 2013-08-02 13:15 - 00000000 _____ C:\Temp\upr9.tmp
2013-08-02 13:15 - 2013-08-02 13:15 - 00000000 _____ C:\Temp\upeE.tmp
2013-08-02 13:12 - 2013-08-02 13:12 - 00017176 _____ C:\AdwCleaner[S1].txt
2013-08-02 13:10 - 2013-08-02 13:10 - 00666633 _____ C:\Dokumente und Einstellungen\Karo\Desktop\adwcleaner06.exe
2013-08-02 12:50 - 2013-08-02 12:50 - 00001313 ____T C:\Temp\MARA0E.tmp
2013-08-02 12:50 - 2013-08-02 12:50 - 00001285 ____T C:\Temp\MARA0F.tmp
2013-08-02 12:49 - 2013-08-02 12:49 - 00000073 _____ C:\Temp\upeD.tmp
2013-08-02 12:48 - 2013-08-02 12:49 - 00000281 _____ C:\Temp\upr8.tmp
2013-08-01 19:54 - 2013-08-01 19:54 - 00001313 ____T C:\Temp\MARA0C.tmp
2013-08-01 19:54 - 2013-08-01 19:54 - 00001285 ____T C:\Temp\MARA0D.tmp
2013-08-01 19:54 - 2013-08-01 19:54 - 00000073 _____ C:\Temp\upeC.tmp
2013-08-01 19:53 - 2013-08-01 19:53 - 00000281 _____ C:\Temp\upr7.tmp
2013-08-01 19:06 - 2013-08-01 19:08 - 00000213 _____ C:\Dokumente und Einstellungen\Karo\Eigene Dateien\Fixlist.txt
2013-08-01 19:01 - 2013-08-01 19:01 - 00001313 ____T C:\Temp\MARA0A.tmp
2013-08-01 19:01 - 2013-08-01 19:01 - 00001285 ____T C:\Temp\MARA0B.tmp
2013-08-01 19:00 - 2013-08-01 19:00 - 00000281 _____ C:\Temp\upr6.tmp
2013-08-01 19:00 - 2013-08-01 19:00 - 00000073 _____ C:\Temp\upe47.tmp
2013-07-31 15:28 - 2013-08-03 12:31 - 00029321 _____ C:\Dokumente und Einstellungen\Karo\Desktop\Addition.txt
2013-07-31 15:22 - 2013-07-31 15:22 - 00000073 _____ C:\Temp\upeB.tmp
2013-07-31 15:21 - 2013-07-31 15:22 - 00000281 _____ C:\Temp\upr5.tmp
2013-07-31 15:17 - 2013-07-31 15:17 - 01781589 _____ (Farbar) C:\Dokumente und Einstellungen\Karo\Desktop\FRST64.exe
2013-07-31 15:16 - 2013-08-06 15:48 - 01228808 _____ (Farbar) C:\Dokumente und Einstellungen\Karo\Desktop\FRST.exe
2013-07-31 15:16 - 2013-07-31 15:16 - 00000000 ____D C:\FRST
2013-07-31 15:00 - 2013-07-31 15:00 - 00000281 _____ C:\Temp\uprA13.tmp
2013-07-31 15:00 - 2013-07-31 15:00 - 00000073 _____ C:\Temp\upeA14.tmp
2013-07-31 14:50 - 2013-07-31 14:50 - 00001313 ____T C:\Temp\MARA08.tmp
2013-07-31 14:50 - 2013-07-31 14:50 - 00001285 ____T C:\Temp\MARA09.tmp
2013-07-31 14:49 - 2013-07-31 14:49 - 00000281 _____ C:\Temp\upr4.tmp
2013-07-31 14:49 - 2013-07-31 14:49 - 00000073 _____ C:\Temp\upeA.tmp
2013-07-31 14:32 - 2013-07-31 14:36 - 00000000 ____D C:\Temp\B5EC8CB8-BAB0-7891-93B8-0638EA6B0C45
2013-07-31 14:32 - 2013-07-31 14:32 - 00000281 _____ C:\Temp\uprF.tmp
2013-07-31 14:32 - 2013-07-31 14:32 - 00000073 _____ C:\Temp\upe10.tmp
2013-07-31 14:32 - 2013-07-31 14:32 - 00000000 ____D C:\Temp\tmp1985
2013-07-31 14:32 - 2013-07-31 14:32 - 00000000 ____D C:\Temp\ish135531
2013-07-31 14:32 - 2013-07-31 14:32 - 00000000 ____D C:\Programme\LyriXeeker
2013-07-31 14:31 - 2013-07-31 14:31 - 00000281 _____ C:\Temp\upr3.tmp
2013-07-31 14:31 - 2013-07-31 14:31 - 00000073 _____ C:\Temp\upe9.tmp
2013-07-31 13:56 - 2013-07-31 13:56 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Qtrax
2013-07-31 13:52 - 2013-07-31 13:59 - 00000000 ____D C:\Temp\CFC193DF-BAB0-7891-BDCD-EA1E26220A59
2013-07-31 13:52 - 2013-07-31 13:52 - 00000281 _____ C:\Temp\uprA12.tmp
2013-07-31 13:52 - 2013-07-31 13:52 - 00000073 _____ C:\Temp\upeA13.tmp
2013-07-31 13:52 - 2013-07-31 13:52 - 00000000 ____D C:\Temp\tmp6241
2013-07-31 13:52 - 2013-07-31 13:52 - 00000000 ____D C:\Temp\ish18754078
2013-07-31 08:45 - 2013-07-31 08:47 - 00004392 _____ C:\Temp\HPWUCl084.log
2013-07-31 08:42 - 2013-07-31 08:42 - 00001313 ____T C:\Temp\MARA06.tmp
2013-07-31 08:42 - 2013-07-31 08:42 - 00001285 ____T C:\Temp\MARA07.tmp
2013-07-31 08:41 - 2013-07-31 08:41 - 00000073 _____ C:\Temp\upe8.tmp
2013-07-31 08:40 - 2013-07-31 08:41 - 00000272 _____ C:\Temp\upr2.tmp
2013-07-30 19:00 - 2013-07-30 19:00 - 00001313 ____T C:\Temp\MARA04.tmp
2013-07-30 19:00 - 2013-07-30 19:00 - 00001285 ____T C:\Temp\MARA05.tmp
2013-07-30 18:59 - 2013-07-30 18:59 - 00000073 _____ C:\Temp\upe7.tmp
2013-07-30 18:58 - 2013-07-30 18:59 - 00000272 _____ C:\Temp\upr1.tmp
2013-07-30 15:10 - 2013-08-06 15:37 - 00000346 _____ C:\WINDOWS\Tasks\LyricXeeker Update.job
2013-07-30 15:10 - 2013-07-31 14:33 - 00000735 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Open It!.lnk
2013-07-30 15:10 - 2013-07-30 15:14 - 00000000 ____D C:\Temp\1EA55D3C-BAB0-7891-9DA9-F386E4DCBD17
2013-07-30 15:10 - 2013-07-30 15:10 - 00000272 _____ C:\Temp\uprA07.tmp
2013-07-30 15:10 - 2013-07-30 15:10 - 00000073 _____ C:\Temp\upeA08.tmp
2013-07-30 15:10 - 2013-07-30 15:10 - 00000000 ____D C:\Temp\tmp1978
2013-07-30 15:10 - 2013-07-30 15:10 - 00000000 ____D C:\Temp\{2F822836-52C6-427A-8690-91732CB6F143}
2013-07-30 15:10 - 2013-07-30 15:10 - 00000000 ____D C:\Programme\OpenIt
2013-07-30 15:10 - 2013-07-30 15:10 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\DigitalSite
2013-07-30 15:09 - 2013-07-31 14:32 - 00000000 ____D C:\Temp\is357113909
2013-07-30 15:09 - 2013-07-30 15:09 - 00717160 _____ C:\Dokumente und Einstellungen\Karo\Eigene Dateien\ZipOpenerSetup.exe
2013-07-30 15:09 - 2013-07-30 15:09 - 00000000 ____D C:\Temp\ish6262156
2013-07-30 13:30 - 2013-07-30 13:30 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\Windows Search
2013-07-30 13:27 - 2013-07-30 13:27 - 00001313 ____T C:\Temp\MARA02.tmp
2013-07-30 13:27 - 2013-07-30 13:27 - 00001285 ____T C:\Temp\MARA03.tmp
2013-07-30 11:59 - 2013-07-30 11:59 - 00001313 ____T C:\Temp\MAR9FE.tmp
2013-07-30 11:59 - 2013-07-30 11:59 - 00001285 ____T C:\Temp\MAR9FF.tmp
2013-07-30 11:55 - 2013-07-30 11:55 - 00001313 ____T C:\Temp\MARA00.tmp
2013-07-30 11:55 - 2013-07-30 11:55 - 00001285 ____T C:\Temp\MARA01.tmp
2013-07-30 11:22 - 2013-07-30 11:22 - 00001313 ____T C:\Temp\MAR9FC.tmp
2013-07-30 11:22 - 2013-07-30 11:22 - 00001285 ____T C:\Temp\MAR9FD.tmp
2013-07-29 19:07 - 2013-07-29 19:07 - 00001313 ____T C:\Temp\MAR9FA.tmp
2013-07-29 19:07 - 2013-07-29 19:07 - 00001285 ____T C:\Temp\MAR9FB.tmp
2013-07-29 19:06 - 2013-07-29 19:06 - 00000000 ____D C:\Temp\svkah.tmp
2013-07-29 19:05 - 2013-07-29 19:05 - 00049152 _____ C:\Temp\~DF3474.tmp
2013-07-29 15:17 - 2013-07-29 15:17 - 00001313 ____T C:\Temp\MAR9F8.tmp
2013-07-29 15:17 - 2013-07-29 15:17 - 00001285 ____T C:\Temp\MAR9F9.tmp
2013-07-29 15:15 - 2013-07-29 15:15 - 00049152 _____ C:\Temp\~DF3F36.tmp
2013-07-29 12:01 - 2013-07-29 12:01 - 00001313 ____T C:\Temp\MAR9F6.tmp
2013-07-29 12:01 - 2013-07-29 12:01 - 00001285 ____T C:\Temp\MAR9F7.tmp
2013-07-29 12:00 - 2013-07-29 12:00 - 00049152 _____ C:\Temp\~DFEE53.tmp
2013-07-27 08:55 - 2013-07-27 08:55 - 00001313 ____T C:\Temp\MAR9F3.tmp
2013-07-27 08:55 - 2013-07-27 08:55 - 00001285 ____T C:\Temp\MAR9F5.tmp
2013-07-27 08:53 - 2013-07-27 08:53 - 00049152 _____ C:\Temp\~DF27CC.tmp
2013-07-27 02:41 - 2013-07-27 02:41 - 00001313 ____T C:\Temp\MAR9F2.tmp
2013-07-27 02:41 - 2013-07-27 02:41 - 00001285 ____T C:\Temp\MAR9F4.tmp
2013-07-27 02:39 - 2013-07-27 02:39 - 00049152 _____ C:\Temp\~DFD3.tmp
2013-07-27 02:36 - 2013-07-27 02:36 - 00016384 ____T C:\Temp\~DF2345.tmp
2013-07-27 02:35 - 2013-07-27 02:35 - 00016384 ____T C:\Temp\~DF9B0D.tmp
2013-07-27 02:35 - 2013-07-27 02:35 - 00000000 ____D C:\Temp\WER104a.dir00
2013-07-27 02:35 - 2013-07-27 02:35 - 00000000 ____D C:\Temp\WER1022.dir00
2013-07-27 02:34 - 2013-07-27 02:34 - 00016384 ____T C:\Temp\~DF2B6.tmp
2013-07-27 02:33 - 2013-07-27 02:33 - 00016384 ____T C:\Temp\~DF652B.tmp
2013-07-27 02:33 - 2013-07-27 02:33 - 00016384 ____T C:\Temp\~DF24D8.tmp
2013-07-27 02:32 - 2013-07-27 02:32 - 00000000 ____T C:\Temp\~DF998F.tmp
2013-07-27 02:30 - 2013-07-27 02:30 - 00000000 ____T C:\Temp\~DF7A36.tmp
2013-07-27 02:29 - 2013-07-27 02:29 - 18655396 _____ C:\Temp\fla9F3.tmp
2013-07-27 02:29 - 2013-07-27 02:29 - 00000000 ____T C:\Temp\~DF1194.tmp
2013-07-27 02:03 - 2013-07-27 02:28 - 00016384 ____T C:\Temp\~DF237.tmp
2013-07-27 02:03 - 2013-07-27 02:03 - 00001313 ____T C:\Temp\MAR9F0.tmp
2013-07-27 02:03 - 2013-07-27 02:03 - 00001285 ____T C:\Temp\MAR9F1.tmp
2013-07-27 02:03 - 2013-07-27 02:03 - 00000000 ____T C:\Temp\~DFBE36.tmp
2013-07-27 02:02 - 2013-07-27 02:02 - 00049152 _____ C:\Temp\~DF2A07.tmp
2013-07-27 02:02 - 2013-07-27 02:02 - 00016384 ____T C:\Temp\Perflib_Perfdata_fe8.dat
2013-07-26 14:58 - 2013-07-26 14:58 - 00000000 ____T C:\Temp\~DFC07F.tmp
2013-07-26 14:58 - 2013-07-26 14:58 - 00000000 ____T C:\Temp\~DFB5B8.tmp
2013-07-26 14:48 - 2013-07-26 14:48 - 00001313 ____T C:\Temp\MAR9EE.tmp
2013-07-26 14:48 - 2013-07-26 14:48 - 00001285 ____T C:\Temp\MAR9EF.tmp
2013-07-26 14:47 - 2013-07-26 14:47 - 00016384 ____T C:\Temp\Perflib_Perfdata_7c0.dat
2013-07-26 14:46 - 2013-07-26 14:46 - 00049152 _____ C:\Temp\~DF209D.tmp
2013-07-25 21:06 - 2013-07-25 21:06 - 00001313 ____T C:\Temp\MAR9EC.tmp
2013-07-25 21:06 - 2013-07-25 21:06 - 00001285 ____T C:\Temp\MAR9ED.tmp
2013-07-25 21:04 - 2013-07-25 21:04 - 00049152 _____ C:\Temp\~DF22E4.tmp
2013-07-25 12:43 - 2013-08-05 15:59 - 00001714 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader X.lnk
2013-07-25 12:42 - 2013-07-25 12:42 - 00000000 ____D C:\Programme\Adobe
2013-07-25 12:35 - 2013-07-25 12:35 - 00001313 ____T C:\Temp\MAR9EA.tmp
2013-07-25 12:35 - 2013-07-25 12:35 - 00001285 ____T C:\Temp\MAR9EB.tmp
2013-07-25 12:33 - 2013-07-25 12:33 - 00049152 _____ C:\Temp\~DF7DC4.tmp
2013-07-25 00:26 - 2013-07-25 00:26 - 00001313 ____T C:\Temp\MAR9E7.tmp
2013-07-25 00:26 - 2013-07-25 00:26 - 00001285 ____T C:\Temp\MAR9E9.tmp
2013-07-25 00:24 - 2013-07-25 00:24 - 00049152 _____ C:\Temp\~DFD00C.tmp
2013-07-24 14:05 - 2013-07-24 14:05 - 00001313 ____T C:\Temp\MAR9E6.tmp
2013-07-24 14:05 - 2013-07-24 14:05 - 00001285 ____T C:\Temp\MAR9E8.tmp
2013-07-24 14:03 - 2013-07-24 14:03 - 00049152 _____ C:\Temp\~DFF7C6.tmp
2013-07-23 23:21 - 2013-07-23 23:23 - 00004392 _____ C:\Temp\HPWUCl083.log
2013-07-23 23:19 - 2013-07-23 23:19 - 00001313 ____T C:\Temp\MAR9E4.tmp
2013-07-23 23:19 - 2013-07-23 23:19 - 00001285 ____T C:\Temp\MAR9E5.tmp
2013-07-23 23:17 - 2013-07-23 23:17 - 00049152 _____ C:\Temp\~DF6ACC.tmp
2013-07-23 15:02 - 2013-07-23 15:02 - 00001313 ____T C:\Temp\MAR9E2.tmp
2013-07-23 15:02 - 2013-07-23 15:02 - 00001285 ____T C:\Temp\MAR9E3.tmp
2013-07-23 15:00 - 2013-07-23 15:00 - 00049152 _____ C:\Temp\~DFDDC5.tmp
2013-07-23 12:34 - 2013-07-23 12:34 - 00001313 ____T C:\Temp\MAR9E0.tmp
2013-07-23 12:34 - 2013-07-23 12:34 - 00001285 ____T C:\Temp\MAR9E1.tmp
2013-07-23 12:32 - 2013-07-23 12:32 - 00049152 _____ C:\Temp\~DFE25E.tmp
2013-07-23 00:49 - 2013-07-23 00:49 - 00001313 ____T C:\Temp\MAR9DE.tmp
2013-07-23 00:49 - 2013-07-23 00:49 - 00001285 ____T C:\Temp\MAR9DF.tmp
2013-07-23 00:47 - 2013-07-23 00:47 - 00049152 _____ C:\Temp\~DF1E6A.tmp
2013-07-22 14:31 - 2013-07-22 14:31 - 00001313 ____T C:\Temp\MAR9DC.tmp
2013-07-22 14:31 - 2013-07-22 14:31 - 00001285 ____T C:\Temp\MAR9DD.tmp
2013-07-22 14:29 - 2013-07-22 14:29 - 00049152 _____ C:\Temp\~DFE12A.tmp
2013-07-21 22:19 - 2013-07-21 22:39 - 00016384 ____T C:\Temp\~DFF32C.tmp
2013-07-21 22:19 - 2013-07-21 22:19 - 00000000 ____T C:\Temp\~DFEACA.tmp
2013-07-21 16:38 - 2013-07-21 16:38 - 00001313 ____T C:\Temp\MAR9DA.tmp
2013-07-21 16:38 - 2013-07-21 16:38 - 00001285 ____T C:\Temp\MAR9DB.tmp
2013-07-21 16:37 - 2013-07-21 16:37 - 00016384 ____T C:\Temp\Perflib_Perfdata_9cc.dat
2013-07-21 16:36 - 2013-07-21 16:36 - 00049152 _____ C:\Temp\~DF8E7.tmp
2013-07-21 16:29 - 2013-07-21 16:30 - 00016384 ____T C:\Temp\~DFF9F2.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00057344 ____T C:\Temp\~DF41EB.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00000000 ____T C:\Temp\~DFCB8A.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00000000 ____T C:\Temp\~DFBA2C.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00000000 ____T C:\Temp\~DF8322.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00000000 ____T C:\Temp\~DF521.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00000000 ____T C:\Temp\~DF2964.tmp
2013-07-21 16:28 - 2013-07-21 16:33 - 00016384 ____T C:\Temp\~DFFB26.tmp
2013-07-21 16:28 - 2013-07-21 16:32 - 00016384 ____T C:\Temp\~DFE8E2.tmp
2013-07-21 16:28 - 2013-07-21 16:30 - 00016384 ____T C:\Temp\~DF9676.tmp
2013-07-21 16:28 - 2013-07-21 16:29 - 00016384 ____T C:\Temp\~DF8474.tmp
2013-07-21 16:28 - 2013-07-21 16:28 - 00000000 ____T C:\Temp\~DF2D5C.tmp
2013-07-21 16:23 - 2013-07-21 16:27 - 00016384 ____T C:\Temp\~DFD4C7.tmp
2013-07-21 16:23 - 2013-07-21 16:23 - 00016384 ____T C:\Temp\~DFC7E7.tmp
2013-07-21 14:04 - 2013-07-21 14:04 - 00001313 ____T C:\Temp\MAR9D8.tmp
2013-07-21 14:04 - 2013-07-21 14:04 - 00001285 ____T C:\Temp\MAR9D9.tmp
2013-07-21 14:03 - 2013-07-21 14:03 - 00049152 _____ C:\Temp\~DFE92F.tmp
2013-07-20 16:09 - 2013-07-20 16:09 - 00001313 ____T C:\Temp\MAR9D6.tmp
2013-07-20 16:09 - 2013-07-20 16:09 - 00001285 ____T C:\Temp\MAR9D7.tmp
2013-07-20 16:08 - 2013-07-20 16:08 - 00049152 _____ C:\Temp\~DFEB37.tmp
2013-07-20 14:17 - 2013-07-20 14:17 - 00001313 ____T C:\Temp\MAR9D3.tmp
2013-07-20 14:17 - 2013-07-20 14:17 - 00001285 ____T C:\Temp\MAR9D5.tmp
2013-07-20 14:15 - 2013-07-20 14:15 - 00049152 _____ C:\Temp\~DF576E.tmp
2013-07-19 02:24 - 2013-07-19 02:24 - 00001313 ____T C:\Temp\MAR9D2.tmp
2013-07-19 02:24 - 2013-07-19 02:24 - 00001285 ____T C:\Temp\MAR9D4.tmp
2013-07-19 02:22 - 2013-07-19 02:22 - 00049152 _____ C:\Temp\~DFC222.tmp
2013-07-17 19:00 - 2013-07-17 19:00 - 00001313 ____T C:\Temp\MAR9D0.tmp
2013-07-17 19:00 - 2013-07-17 19:00 - 00001285 ____T C:\Temp\MAR9D1.tmp
2013-07-17 18:58 - 2013-07-17 18:58 - 00049152 _____ C:\Temp\~DFD784.tmp
2013-07-16 20:35 - 2013-07-16 20:35 - 00047416 ____T C:\Temp\DIOADD.tmp
2013-07-16 20:34 - 2013-07-16 20:34 - 00047416 ____T C:\Temp\DIOA20.tmp
2013-07-16 20:34 - 2013-07-16 20:34 - 00047416 ____T C:\Temp\DIO9EB.tmp
2013-07-16 19:00 - 2013-07-16 19:02 - 00004392 _____ C:\Temp\HPWUCl082.log
2013-07-16 18:57 - 2013-07-16 18:57 - 00001313 ____T C:\Temp\MAR9CE.tmp
2013-07-16 18:57 - 2013-07-16 18:57 - 00001285 ____T C:\Temp\MAR9CF.tmp
2013-07-16 18:55 - 2013-07-16 18:55 - 00049152 _____ C:\Temp\~DF9742.tmp
2013-07-15 18:15 - 2013-07-15 18:15 - 00001313 ____T C:\Temp\MAR9CC.tmp
2013-07-15 18:15 - 2013-07-15 18:15 - 00001285 ____T C:\Temp\MAR9CD.tmp
2013-07-15 18:13 - 2013-07-15 18:13 - 00049152 _____ C:\Temp\~DFF71D.tmp
2013-07-15 04:54 - 2013-07-15 04:54 - 00001313 ____T C:\Temp\MAR9CA.tmp
2013-07-15 04:54 - 2013-07-15 04:54 - 00001285 ____T C:\Temp\MAR9CB.tmp
2013-07-15 04:51 - 2013-07-15 04:51 - 00049152 _____ C:\Temp\~DFE7C.tmp
2013-07-14 15:28 - 2013-07-14 15:28 - 00001313 ____T C:\Temp\MAR9C8.tmp
2013-07-14 15:28 - 2013-07-14 15:28 - 00001285 ____T C:\Temp\MAR9C9.tmp
2013-07-14 15:26 - 2013-07-14 15:26 - 00049152 _____ C:\Temp\~DF3C5A.tmp
2013-07-14 07:45 - 2013-07-14 07:45 - 00001313 ____T C:\Temp\MAR9C6.tmp
2013-07-14 07:45 - 2013-07-14 07:45 - 00001285 ____T C:\Temp\MAR9C7.tmp
2013-07-14 07:43 - 2013-07-14 07:43 - 00049152 _____ C:\Temp\~DF2D8.tmp
2013-07-14 00:09 - 2013-07-14 00:09 - 00001313 ____T C:\Temp\MAR9C4.tmp
2013-07-14 00:09 - 2013-07-14 00:09 - 00001285 ____T C:\Temp\MAR9C5.tmp
2013-07-14 00:08 - 2013-07-14 00:08 - 00049152 _____ C:\Temp\~DF298.tmp
2013-07-13 15:12 - 2013-07-13 15:12 - 00001313 ____T C:\Temp\MAR9C2.tmp
2013-07-13 15:12 - 2013-07-13 15:12 - 00001285 ____T C:\Temp\MAR9C3.tmp
2013-07-13 15:11 - 2013-07-13 15:11 - 00049152 _____ C:\Temp\~DF30AC.tmp
2013-07-13 11:11 - 2013-07-13 11:11 - 00001313 ____T C:\Temp\MAR9C0.tmp
2013-07-13 11:11 - 2013-07-13 11:11 - 00001285 ____T C:\Temp\MAR9C1.tmp
2013-07-13 11:09 - 2013-07-13 11:09 - 00049152 _____ C:\Temp\~DF2A1C.tmp
2013-07-13 11:07 - 2013-07-13 11:07 - 00000000 ____T C:\Temp\~DF607C.tmp
2013-07-13 11:03 - 2013-07-13 11:05 - 00016384 ____T C:\Temp\~DFBC83.tmp
2013-07-13 11:03 - 2013-07-13 11:03 - 00000000 ____T C:\Temp\~DFB452.tmp
2013-07-13 11:01 - 2013-07-13 11:01 - 00001313 ____T C:\Temp\MAR9BE.tmp
2013-07-13 11:01 - 2013-07-13 11:01 - 00001285 ____T C:\Temp\MAR9BF.tmp
2013-07-13 11:00 - 2013-07-13 11:00 - 00016384 ____T C:\Temp\Perflib_Perfdata_98c.dat
2013-07-13 10:59 - 2013-07-13 10:59 - 00049152 _____ C:\Temp\~DFB9C4.tmp
2013-07-12 15:09 - 2013-07-12 15:09 - 00001313 ____T C:\Temp\MAR9BC.tmp
2013-07-12 15:09 - 2013-07-12 15:09 - 00001285 ____T C:\Temp\MAR9BD.tmp
2013-07-12 15:07 - 2013-07-12 15:07 - 00049152 _____ C:\Temp\~DFAA2F.tmp
2013-07-11 21:41 - 2013-07-11 21:41 - 00123763 _____ C:\WINDOWS\KB2834904.log
2013-07-11 21:41 - 2013-07-11 21:41 - 00123541 _____ C:\WINDOWS\KB2834886.log
2013-07-11 21:41 - 2013-07-11 21:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850851$
2013-07-11 21:41 - 2013-07-11 21:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904_WM11$
2013-07-11 21:41 - 2013-07-11 21:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$
2013-07-11 21:40 - 2013-07-11 21:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845187$
2013-07-11 21:30 - 2013-07-11 21:31 - 00128951 _____ C:\WINDOWS\KB2846071-IE8.log
2013-07-11 19:03 - 2013-07-11 21:41 - 00128560 _____ C:\WINDOWS\KB2850851.log
2013-07-11 19:03 - 2013-07-11 21:40 - 00127298 _____ C:\WINDOWS\KB2845187.log
2013-07-11 18:58 - 2013-07-11 18:58 - 00001313 ____T C:\Temp\MAR9BA.tmp
2013-07-11 18:58 - 2013-07-11 18:58 - 00001285 ____T C:\Temp\MAR9BB.tmp
2013-07-11 18:56 - 2013-07-11 18:56 - 00049152 _____ C:\Temp\~DF3661.tmp
2013-07-10 19:56 - 2013-07-10 19:56 - 00001313 ____T C:\Temp\MAR9B8.tmp
2013-07-10 19:56 - 2013-07-10 19:56 - 00001285 ____T C:\Temp\MAR9B9.tmp
2013-07-10 19:54 - 2013-07-10 19:54 - 00049152 _____ C:\Temp\~DF9409.tmp
2013-07-10 18:23 - 2013-07-10 18:23 - 00001313 ____T C:\Temp\MAR9B6.tmp
2013-07-10 18:23 - 2013-07-10 18:23 - 00001285 ____T C:\Temp\MAR9B7.tmp
2013-07-10 18:21 - 2013-07-10 18:21 - 00049152 _____ C:\Temp\~DF13FD.tmp
2013-07-09 22:24 - 2013-07-09 22:24 - 00001313 ____T C:\Temp\MAR9B4.tmp
2013-07-09 22:24 - 2013-07-09 22:24 - 00001285 ____T C:\Temp\MAR9B5.tmp
2013-07-09 22:22 - 2013-07-09 22:22 - 00049152 _____ C:\Temp\~DF2052.tmp
2013-07-09 22:18 - 2013-07-09 22:18 - 04518624 _____ C:\Temp\fla9FA.tmp
2013-07-09 22:18 - 2013-07-09 22:18 - 01339208 _____ C:\Temp\fla9F8.tmp
2013-07-09 22:18 - 2013-07-09 22:18 - 01084901 _____ C:\Temp\fla9F9.tmp
2013-07-09 22:18 - 2013-07-09 22:18 - 00523260 _____ C:\Temp\fla9F7.tmp
2013-07-09 22:18 - 2013-07-09 22:18 - 00016384 ____T C:\Temp\~DFB514.tmp
2013-07-09 22:12 - 2013-07-09 22:12 - 00020480 ____T C:\Temp\~DF5F.tmp
2013-07-09 22:12 - 2013-07-09 22:12 - 00000000 ____T C:\Temp\~DFFF9A.tmp
2013-07-09 21:05 - 2013-07-09 22:11 - 00016384 ____T C:\Temp\~DF4AEB.tmp
2013-07-09 20:16 - 2013-07-09 20:16 - 00016384 ____T C:\Temp\~DF64D7.tmp
2013-07-09 19:38 - 2013-07-09 19:38 - 00001313 ____T C:\Temp\MAR9B2.tmp
2013-07-09 19:38 - 2013-07-09 19:38 - 00001285 ____T C:\Temp\MAR9B3.tmp
2013-07-09 19:36 - 2013-07-09 19:36 - 00049152 _____ C:\Temp\~DFBCB6.tmp
2013-07-09 19:36 - 2013-07-09 19:36 - 00016384 ____T C:\Temp\Perflib_Perfdata_1ac.dat
2013-07-08 21:22 - 2013-07-08 21:24 - 00002190 _____ C:\Temp\HPWUCl081.log
2013-07-08 21:19 - 2013-07-08 21:19 - 00001313 ____T C:\Temp\MAR9B0.tmp
2013-07-08 21:19 - 2013-07-08 21:19 - 00001285 ____T C:\Temp\MAR9B1.tmp
2013-07-08 21:17 - 2013-07-08 21:17 - 00049152 _____ C:\Temp\~DF4F03.tmp
2013-07-07 16:39 - 2013-07-07 16:39 - 00001313 ____T C:\Temp\MAR9AE.tmp
2013-07-07 16:39 - 2013-07-07 16:39 - 00001285 ____T C:\Temp\MAR9AF.tmp
2013-07-07 16:37 - 2013-07-07 16:37 - 00049152 _____ C:\Temp\~DFF32A.tmp
==================== One Month Modified Files and Folders =======
2013-08-06 15:50 - 2013-08-06 15:50 - 00004890 _____ C:\Temp\log1
2013-08-06 15:50 - 2013-08-06 15:48 - 00011137 _____ C:\Temp\frstlog
2013-08-06 15:49 - 2013-08-06 15:49 - 00000003 _____ C:\Temp\others
2013-08-06 15:48 - 2013-08-06 15:48 - 00000303 _____ C:\Temp\users00
2013-08-06 15:48 - 2013-07-31 15:16 - 01228808 _____ (Farbar) C:\Dokumente und Einstellungen\Karo\Desktop\FRST.exe
2013-08-06 15:47 - 2011-01-31 21:45 - 00000434 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{2F660A0B-21EB-4224-A64D-9FCAFC9DDFD5}.job
2013-08-06 15:45 - 2013-08-06 15:45 - 00032768 _____ C:\Temp\~DF5AC4.tmp
2013-08-06 15:45 - 2013-08-06 15:45 - 00032768 _____ C:\Temp\~DF2EAD.tmp
2013-08-06 15:45 - 2013-08-06 15:45 - 00016384 _____ C:\Temp\~DF588C.tmp
2013-08-06 15:45 - 2013-08-06 15:45 - 00000512 ____T C:\Temp\~DF5AD2.tmp
2013-08-06 15:45 - 2013-08-06 15:45 - 00000512 ____T C:\Temp\~DF5987.tmp
2013-08-06 15:45 - 2013-08-06 15:45 - 00000512 ____T C:\Temp\~DF3061.tmp
2013-08-06 15:45 - 2013-08-06 15:44 - 00016384 ____T C:\Temp\~DFDE91.tmp
2013-08-06 15:44 - 2013-08-06 15:44 - 00000000 ____T C:\Temp\~DFD487.tmp
2013-08-06 15:42 - 2011-01-31 23:43 - 01475941 _____ C:\Temp\jusched.log
2013-08-06 15:39 - 2012-10-16 21:22 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-08-06 15:39 - 2011-04-30 12:06 - 00159355 _____ C:\Temp\lws.man.xml
2013-08-06 15:39 - 2011-04-30 12:06 - 00000128 _____ C:\Temp\lws.man.xml.sig
2013-08-06 15:38 - 2013-08-06 15:38 - 00001313 ____T C:\Temp\MARA20.tmp
2013-08-06 15:38 - 2013-08-06 15:38 - 00001285 ____T C:\Temp\MARA21.tmp
2013-08-06 15:38 - 2013-08-06 15:38 - 00000000 ____D C:\Temp\sv4g2.tmp
2013-08-06 15:38 - 2011-02-02 16:26 - 00401108 _____ C:\Temp\hpqddusr.log
2013-08-06 15:37 - 2013-08-06 15:37 - 00000281 _____ C:\Temp\upr12.tmp
2013-08-06 15:37 - 2013-08-06 15:37 - 00000072 _____ C:\Temp\upe18.tmp
2013-08-06 15:37 - 2013-08-06 15:37 - 00000000 ____D C:\Temp\WPDNSE
2013-08-06 15:37 - 2013-07-30 15:10 - 00000346 _____ C:\WINDOWS\Tasks\LyricXeeker Update.job
2013-08-06 15:37 - 2011-02-02 16:20 - 00755807 _____ C:\Temp\AdobeARM.log
2013-08-06 15:37 - 2011-02-01 20:50 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat
2013-08-06 15:37 - 2011-01-31 23:37 - 00000000 _____ C:\WINDOWS\RTacDbg.txt
2013-08-06 15:35 - 2011-04-29 20:01 - 00000000 ____D C:\WINDOWS\system32\logishrd
2013-08-06 15:35 - 2011-02-02 15:48 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-08-06 15:35 - 2011-02-02 15:48 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-08-06 15:34 - 2011-01-31 20:43 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-08-05 21:04 - 2011-02-02 00:25 - 00000190 ___SH C:\Dokumente und Einstellungen\Karo\ntuser.ini
2013-08-05 21:04 - 2011-01-31 20:43 - 00032504 _____ C:\WINDOWS\SchedLgU.Txt
2013-08-05 21:04 - 2011-01-31 20:36 - 01570521 _____ C:\WINDOWS\WindowsUpdate.log
2013-08-05 20:43 - 2013-08-05 20:43 - 00000072 _____ C:\Temp\upeA22.tmp
2013-08-05 20:41 - 2013-08-05 20:41 - 00001313 ____T C:\Temp\MARA1E.tmp
2013-08-05 20:41 - 2013-08-05 20:41 - 00001285 ____T C:\Temp\MARA1F.tmp
2013-08-05 20:41 - 2013-08-05 20:41 - 00000000 _____ C:\Temp\upe8FC.tmp
2013-08-05 20:40 - 2013-08-05 20:40 - 00000000 _____ C:\Temp\upe17.tmp
2013-08-05 20:39 - 2013-08-05 20:39 - 00000000 _____ C:\Temp\upr11.tmp
2013-08-05 17:19 - 2013-08-05 17:19 - 00001313 ____T C:\Temp\MARA1C.tmp
2013-08-05 17:19 - 2013-08-05 17:19 - 00001285 ____T C:\Temp\MARA1D.tmp
2013-08-05 17:18 - 2013-08-05 17:18 - 00000281 _____ C:\Temp\upr10.tmp
2013-08-05 17:18 - 2013-08-05 17:18 - 00000072 _____ C:\Temp\upe16.tmp
2013-08-05 17:06 - 2011-02-02 00:25 - 00000000 ____D C:\Dokumente und Einstellungen\Karo
2013-08-05 16:42 - 2012-12-09 23:37 - 00001018 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-299502267-1682526488-1547161642-1003UA.job
2013-08-05 16:14 - 2013-08-05 16:14 - 00000072 _____ C:\Temp\upeA1F.tmp
2013-08-05 16:12 - 2013-08-05 16:12 - 00001313 ____T C:\Temp\MARA1A.tmp
2013-08-05 16:12 - 2013-08-05 16:12 - 00001285 ____T C:\Temp\MARA1B.tmp
2013-08-05 16:12 - 2013-08-05 16:12 - 00000000 _____ C:\Temp\upe77D.tmp
2013-08-05 16:12 - 2004-08-04 13:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2013-08-05 16:11 - 2013-08-05 16:11 - 00000000 _____ C:\Temp\upe15.tmp
2013-08-05 16:10 - 2013-08-05 16:10 - 00000000 _____ C:\Temp\uprE.tmp
2013-08-05 16:01 - 2013-08-05 16:01 - 00028832 _____ C:\Temp\java_install.log
2013-08-05 16:01 - 2011-02-06 21:17 - 00000000 ____D C:\Temp\hsperfdata_Karo
2013-08-05 16:01 - 2011-01-31 23:43 - 00012444 _____ C:\Temp\AUCHECK_PARSER.txt
2013-08-05 16:01 - 2011-01-31 23:43 - 00008352 _____ C:\Temp\java_install_reg.log
2013-08-05 16:01 - 2011-01-31 23:43 - 00000777 _____ C:\Temp\JAUReg.log
2013-08-05 16:01 - 2011-01-31 23:43 - 00000000 ____D C:\Programme\Java
2013-08-05 16:00 - 2013-08-05 16:00 - 00077824 _____ C:\Temp\f69ce.mst
2013-08-05 15:59 - 2013-07-25 12:43 - 00001714 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader X.lnk
2013-08-05 15:55 - 2013-08-05 15:55 - 00448512 _____ (OldTimer Tools) C:\Dokumente und Einstellungen\Karo\Desktop\TFC.exe
2013-08-05 15:53 - 2013-08-05 15:53 - 00392032 _____ (Softonic ) C:\Dokumente und Einstellungen\Karo\Desktop\SoftonicDownloader_fuer_temp-file-cleaner.exe
2013-08-05 15:46 - 2013-08-05 15:46 - 00001313 ____T C:\Temp\MARA18.tmp
2013-08-05 15:46 - 2013-08-05 15:46 - 00001285 ____T C:\Temp\MARA19.tmp
2013-08-05 15:45 - 2013-08-05 15:45 - 00000281 _____ C:\Temp\uprD.tmp
2013-08-05 15:45 - 2013-08-05 15:45 - 00000072 _____ C:\Temp\upe14.tmp
2013-08-04 16:56 - 2013-08-04 16:56 - 00001313 ____T C:\Temp\MARA16.tmp
2013-08-04 16:56 - 2013-08-04 16:56 - 00001285 ____T C:\Temp\MARA17.tmp
2013-08-04 16:55 - 2013-08-04 16:55 - 00000281 _____ C:\Temp\uprC.tmp
2013-08-04 16:55 - 2013-08-04 16:55 - 00000072 _____ C:\Temp\upe13.tmp
2013-08-03 12:31 - 2013-07-31 15:28 - 00029321 _____ C:\Dokumente und Einstellungen\Karo\Desktop\Addition.txt
2013-08-03 12:18 - 2013-08-03 12:18 - 00000000 ____D C:\Temp\RarSFX0
2013-08-03 12:15 - 2013-08-03 12:14 - 00891098 _____ C:\Dokumente und Einstellungen\Karo\Desktop\SecurityCheck.exe
2013-08-03 12:12 - 2011-01-31 20:24 - 00000000 ____D C:\Programme
2013-08-03 03:33 - 2013-08-03 03:33 - 00001313 ____T C:\Temp\MARA14.tmp
2013-08-03 03:33 - 2013-08-03 03:33 - 00001285 ____T C:\Temp\MARA15.tmp
2013-08-03 03:32 - 2013-08-03 03:32 - 00000073 _____ C:\Temp\upe12.tmp
2013-08-03 03:32 - 2013-08-03 03:31 - 00000281 _____ C:\Temp\uprB.tmp
2013-08-02 23:57 - 2013-08-02 23:57 - 03126311 _____ C:\Temp\NOD377B.tmp
2013-08-02 23:57 - 2013-08-02 23:57 - 00000333 _____ C:\Temp\NOD3B87.tmp
2013-08-02 23:56 - 2011-02-02 15:08 - 00326440 _____ C:\WINDOWS\setupapi.log
2013-08-02 23:52 - 2011-03-02 22:16 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2013-08-02 23:52 - 2011-02-09 19:14 - 00887392 _____ C:\WINDOWS\iis6.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00822944 _____ C:\WINDOWS\FaxSetup.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00421396 _____ C:\WINDOWS\ocgen.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00376963 _____ C:\WINDOWS\tsoc.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00273411 _____ C:\WINDOWS\comsetup.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00250696 _____ C:\WINDOWS\msmqinst.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00165939 _____ C:\WINDOWS\ntdtcsetup.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00144548 _____ C:\WINDOWS\netfxocm.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00056819 _____ C:\WINDOWS\MedCtrOC.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00045613 _____ C:\WINDOWS\ocmsn.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00041363 _____ C:\WINDOWS\tabletoc.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00041267 _____ C:\WINDOWS\msgsocm.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00001891 _____ C:\WINDOWS\imsins.log
2013-08-02 23:46 - 2011-02-02 15:09 - 00000000 ____D C:\Temp\MSNL
2013-08-02 23:34 - 2013-08-02 23:34 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\ESET
2013-08-02 23:33 - 2013-08-02 23:33 - 00264880 _____ (ESET) C:\Temp\InstHelper.exe
2013-08-02 22:54 - 2011-02-01 20:50 - 00047112 _____ C:\Temp\AUCHECK_CORE.txt
2013-08-02 22:44 - 2013-08-02 22:44 - 00001313 ____T C:\Temp\MARA12.tmp
2013-08-02 22:44 - 2013-08-02 22:44 - 00001285 ____T C:\Temp\MARA13.tmp
2013-08-02 22:43 - 2013-08-02 22:43 - 00000281 _____ C:\Temp\uprA.tmp
2013-08-02 22:43 - 2013-08-02 22:43 - 00000073 _____ C:\Temp\upe11.tmp
2013-08-02 14:01 - 2013-08-02 14:01 - 00062770 _____ C:\Dokumente und Einstellungen\Karo\Desktop\FRST2.txt
2013-08-02 14:00 - 2013-08-02 14:00 - 00029310 _____ C:\Dokumente und Einstellungen\Karo\Desktop\Addition2.txt
2013-08-02 13:18 - 2013-08-02 13:18 - 00000073 _____ C:\Temp\upeA12.tmp
2013-08-02 13:16 - 2013-08-02 13:16 - 00001313 ____T C:\Temp\MARA10.tmp
2013-08-02 13:16 - 2013-08-02 13:16 - 00001285 ____T C:\Temp\MARA11.tmp
2013-08-02 13:16 - 2013-08-02 13:16 - 00000000 _____ C:\Temp\upeF.tmp
2013-08-02 13:15 - 2013-08-02 13:15 - 00000000 _____ C:\Temp\upr9.tmp
2013-08-02 13:15 - 2013-08-02 13:15 - 00000000 _____ C:\Temp\upeE.tmp
2013-08-02 13:12 - 2013-08-02 13:12 - 00017176 _____ C:\AdwCleaner[S1].txt
2013-08-02 13:12 - 2012-12-19 21:32 - 00000000 ____D C:\Programme\Gemeinsame Dateien\DVDVideoSoft
2013-08-02 13:12 - 2011-02-02 00:25 - 00000000 ___RD C:\Dokumente und Einstellungen\Karo\Startmenü\Programme
2013-08-02 13:10 - 2013-08-02 13:10 - 00666633 _____ C:\Dokumente und Einstellungen\Karo\Desktop\adwcleaner06.exe
2013-08-02 12:50 - 2013-08-02 12:50 - 00001313 ____T C:\Temp\MARA0E.tmp
2013-08-02 12:50 - 2013-08-02 12:50 - 00001285 ____T C:\Temp\MARA0F.tmp
2013-08-02 12:49 - 2013-08-02 12:49 - 00000073 _____ C:\Temp\upeD.tmp
2013-08-02 12:49 - 2013-08-02 12:48 - 00000281 _____ C:\Temp\upr8.tmp
2013-08-01 19:54 - 2013-08-01 19:54 - 00001313 ____T C:\Temp\MARA0C.tmp
2013-08-01 19:54 - 2013-08-01 19:54 - 00001285 ____T C:\Temp\MARA0D.tmp
2013-08-01 19:54 - 2013-08-01 19:54 - 00000073 _____ C:\Temp\upeC.tmp
2013-08-01 19:53 - 2013-08-01 19:53 - 00000281 _____ C:\Temp\upr7.tmp
2013-08-01 19:08 - 2013-08-01 19:06 - 00000213 _____ C:\Dokumente und Einstellungen\Karo\Eigene Dateien\Fixlist.txt
2013-08-01 19:01 - 2013-08-01 19:01 - 00001313 ____T C:\Temp\MARA0A.tmp
2013-08-01 19:01 - 2013-08-01 19:01 - 00001285 ____T C:\Temp\MARA0B.tmp
2013-08-01 19:00 - 2013-08-01 19:00 - 00000281 _____ C:\Temp\upr6.tmp
2013-08-01 19:00 - 2013-08-01 19:00 - 00000073 _____ C:\Temp\upe47.tmp
2013-07-31 15:22 - 2013-07-31 15:22 - 00000073 _____ C:\Temp\upeB.tmp
2013-07-31 15:22 - 2013-07-31 15:21 - 00000281 _____ C:\Temp\upr5.tmp
2013-07-31 15:17 - 2013-07-31 15:17 - 01781589 _____ (Farbar) C:\Dokumente und Einstellungen\Karo\Desktop\FRST64.exe
2013-07-31 15:16 - 2013-07-31 15:16 - 00000000 ____D C:\FRST
2013-07-31 15:00 - 2013-07-31 15:00 - 00000281 _____ C:\Temp\uprA13.tmp
2013-07-31 15:00 - 2013-07-31 15:00 - 00000073 _____ C:\Temp\upeA14.tmp
2013-07-31 14:50 - 2013-07-31 14:50 - 00001313 ____T C:\Temp\MARA08.tmp
2013-07-31 14:50 - 2013-07-31 14:50 - 00001285 ____T C:\Temp\MARA09.tmp
2013-07-31 14:49 - 2013-07-31 14:49 - 00000281 _____ C:\Temp\upr4.tmp
2013-07-31 14:49 - 2013-07-31 14:49 - 00000073 _____ C:\Temp\upeA.tmp
2013-07-31 14:37 - 2011-02-02 00:25 - 00000000 ___RD C:\Dokumente und Einstellungen\Karo\Eigene Dateien\Eigene Musik
2013-07-31 14:36 - 2013-07-31 14:32 - 00000000 ____D C:\Temp\B5EC8CB8-BAB0-7891-93B8-0638EA6B0C45
2013-07-31 14:33 - 2013-07-30 15:10 - 00000735 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Open It!.lnk
2013-07-31 14:32 - 2013-07-31 14:32 - 00000281 _____ C:\Temp\uprF.tmp
2013-07-31 14:32 - 2013-07-31 14:32 - 00000073 _____ C:\Temp\upe10.tmp
2013-07-31 14:32 - 2013-07-31 14:32 - 00000000 ____D C:\Temp\tmp1985
2013-07-31 14:32 - 2013-07-31 14:32 - 00000000 ____D C:\Temp\ish135531
2013-07-31 14:32 - 2013-07-31 14:32 - 00000000 ____D C:\Programme\LyriXeeker
2013-07-31 14:32 - 2013-07-30 15:09 - 00000000 ____D C:\Temp\is357113909
2013-07-31 14:31 - 2013-07-31 14:31 - 00000281 _____ C:\Temp\upr3.tmp
2013-07-31 14:31 - 2013-07-31 14:31 - 00000073 _____ C:\Temp\upe9.tmp
2013-07-31 13:59 - 2013-07-31 13:52 - 00000000 ____D C:\Temp\CFC193DF-BAB0-7891-BDCD-EA1E26220A59
2013-07-31 13:56 - 2013-07-31 13:56 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Qtrax
2013-07-31 13:52 - 2013-07-31 13:52 - 00000281 _____ C:\Temp\uprA12.tmp
2013-07-31 13:52 - 2013-07-31 13:52 - 00000073 _____ C:\Temp\upeA13.tmp
2013-07-31 13:52 - 2013-07-31 13:52 - 00000000 ____D C:\Temp\tmp6241
2013-07-31 13:52 - 2013-07-31 13:52 - 00000000 ____D C:\Temp\ish18754078
2013-07-31 08:47 - 2013-07-31 08:45 - 00004392 _____ C:\Temp\HPWUCl084.log
2013-07-31 08:42 - 2013-07-31 08:42 - 00001313 ____T C:\Temp\MARA06.tmp
2013-07-31 08:42 - 2013-07-31 08:42 - 00001285 ____T C:\Temp\MARA07.tmp
2013-07-31 08:41 - 2013-07-31 08:41 - 00000073 _____ C:\Temp\upe8.tmp
2013-07-31 08:41 - 2013-07-31 08:40 - 00000272 _____ C:\Temp\upr2.tmp
2013-07-30 19:00 - 2013-07-30 19:00 - 00001313 ____T C:\Temp\MARA04.tmp
2013-07-30 19:00 - 2013-07-30 19:00 - 00001285 ____T C:\Temp\MARA05.tmp
2013-07-30 18:59 - 2013-07-30 18:59 - 00000073 _____ C:\Temp\upe7.tmp
2013-07-30 18:59 - 2013-07-30 18:58 - 00000272 _____ C:\Temp\upr1.tmp
2013-07-30 15:14 - 2013-07-30 15:10 - 00000000 ____D C:\Temp\1EA55D3C-BAB0-7891-9DA9-F386E4DCBD17
2013-07-30 15:10 - 2013-07-30 15:10 - 00000272 _____ C:\Temp\uprA07.tmp
2013-07-30 15:10 - 2013-07-30 15:10 - 00000073 _____ C:\Temp\upeA08.tmp
2013-07-30 15:10 - 2013-07-30 15:10 - 00000000 ____D C:\Temp\tmp1978
2013-07-30 15:10 - 2013-07-30 15:10 - 00000000 ____D C:\Temp\{2F822836-52C6-427A-8690-91732CB6F143}
2013-07-30 15:10 - 2013-07-30 15:10 - 00000000 ____D C:\Programme\OpenIt
2013-07-30 15:10 - 2013-07-30 15:10 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\DigitalSite
2013-07-30 15:09 - 2013-07-30 15:09 - 00717160 _____ C:\Dokumente und Einstellungen\Karo\Eigene Dateien\ZipOpenerSetup.exe
2013-07-30 15:09 - 2013-07-30 15:09 - 00000000 ____D C:\Temp\ish6262156
2013-07-30 13:41 - 2011-02-08 15:22 - 00000276 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2013-07-30 13:30 - 2013-07-30 13:30 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\Windows Search
2013-07-30 13:27 - 2013-07-30 13:27 - 00001313 ____T C:\Temp\MARA02.tmp
2013-07-30 13:27 - 2013-07-30 13:27 - 00001285 ____T C:\Temp\MARA03.tmp
2013-07-30 12:35 - 2013-04-14 20:54 - 00000000 ____D C:\Temp\nsd92C.tmp
2013-07-30 12:12 - 2011-02-01 23:38 - 00000000 ____D C:\Dokumente und Einstellungen\Erilk
2013-07-30 12:11 - 2011-01-31 20:44 - 00000190 ___SH C:\Dokumente und Einstellungen\Administrator\ntuser.ini
2013-07-30 11:59 - 2013-07-30 11:59 - 00001313 ____T C:\Temp\MAR9FE.tmp
2013-07-30 11:59 - 2013-07-30 11:59 - 00001285 ____T C:\Temp\MAR9FF.tmp
2013-07-30 11:55 - 2013-07-30 11:55 - 00001313 ____T C:\Temp\MARA00.tmp
2013-07-30 11:55 - 2013-07-30 11:55 - 00001285 ____T C:\Temp\MARA01.tmp
2013-07-30 11:22 - 2013-07-30 11:22 - 00001313 ____T C:\Temp\MAR9FC.tmp
2013-07-30 11:22 - 2013-07-30 11:22 - 00001285 ____T C:\Temp\MAR9FD.tmp
2013-07-30 00:04 - 2011-02-02 13:10 - 00000000 ____D C:\Temp\hsperfdata_Erilk
2013-07-29 22:42 - 2012-12-09 23:37 - 00000996 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-299502267-1682526488-1547161642-1003Core.job
2013-07-29 19:07 - 2013-07-29 19:07 - 00001313 ____T C:\Temp\MAR9FA.tmp
2013-07-29 19:07 - 2013-07-29 19:07 - 00001285 ____T C:\Temp\MAR9FB.tmp
2013-07-29 19:06 - 2013-07-29 19:06 - 00000000 ____D C:\Temp\svkah.tmp
2013-07-29 19:05 - 2013-07-29 19:05 - 00049152 _____ C:\Temp\~DF3474.tmp
2013-07-29 15:17 - 2013-07-29 15:17 - 00001313 ____T C:\Temp\MAR9F8.tmp
2013-07-29 15:17 - 2013-07-29 15:17 - 00001285 ____T C:\Temp\MAR9F9.tmp
2013-07-29 15:15 - 2013-07-29 15:15 - 00049152 _____ C:\Temp\~DF3F36.tmp
2013-07-29 12:01 - 2013-07-29 12:01 - 00001313 ____T C:\Temp\MAR9F6.tmp
2013-07-29 12:01 - 2013-07-29 12:01 - 00001285 ____T C:\Temp\MAR9F7.tmp
2013-07-29 12:00 - 2013-07-29 12:00 - 00049152 _____ C:\Temp\~DFEE53.tmp
2013-07-27 08:55 - 2013-07-27 08:55 - 00001313 ____T C:\Temp\MAR9F3.tmp
2013-07-27 08:55 - 2013-07-27 08:55 - 00001285 ____T C:\Temp\MAR9F5.tmp
2013-07-27 08:53 - 2013-07-27 08:53 - 00049152 _____ C:\Temp\~DF27CC.tmp
2013-07-27 02:41 - 2013-07-27 02:41 - 00001313 ____T C:\Temp\MAR9F2.tmp
2013-07-27 02:41 - 2013-07-27 02:41 - 00001285 ____T C:\Temp\MAR9F4.tmp
2013-07-27 02:39 - 2013-07-27 02:39 - 00049152 _____ C:\Temp\~DFD3.tmp
2013-07-27 02:36 - 2013-07-27 02:36 - 00016384 ____T C:\Temp\~DF2345.tmp
2013-07-27 02:35 - 2013-07-27 02:35 - 00016384 ____T C:\Temp\~DF9B0D.tmp
2013-07-27 02:35 - 2013-07-27 02:35 - 00000000 ____D C:\Temp\WER104a.dir00
2013-07-27 02:35 - 2013-07-27 02:35 - 00000000 ____D C:\Temp\WER1022.dir00
2013-07-27 02:34 - 2013-07-27 02:34 - 00016384 ____T C:\Temp\~DF2B6.tmp
2013-07-27 02:33 - 2013-07-27 02:33 - 00016384 ____T C:\Temp\~DF652B.tmp
2013-07-27 02:33 - 2013-07-27 02:33 - 00016384 ____T C:\Temp\~DF24D8.tmp
2013-07-27 02:32 - 2013-07-27 02:32 - 00000000 ____T C:\Temp\~DF998F.tmp
2013-07-27 02:30 - 2013-07-27 02:30 - 00000000 ____T C:\Temp\~DF7A36.tmp
2013-07-27 02:29 - 2013-07-27 02:29 - 18655396 _____ C:\Temp\fla9F3.tmp
2013-07-27 02:29 - 2013-07-27 02:29 - 00000000 ____T C:\Temp\~DF1194.tmp
2013-07-27 02:28 - 2013-07-27 02:03 - 00016384 ____T C:\Temp\~DF237.tmp
2013-07-27 02:03 - 2013-07-27 02:03 - 00001313 ____T C:\Temp\MAR9F0.tmp
2013-07-27 02:03 - 2013-07-27 02:03 - 00001285 ____T C:\Temp\MAR9F1.tmp
2013-07-27 02:03 - 2013-07-27 02:03 - 00000000 ____T C:\Temp\~DFBE36.tmp
2013-07-27 02:02 - 2013-07-27 02:02 - 00049152 _____ C:\Temp\~DF2A07.tmp
2013-07-27 02:02 - 2013-07-27 02:02 - 00016384 ____T C:\Temp\Perflib_Perfdata_fe8.dat
2013-07-26 14:58 - 2013-07-26 14:58 - 00000000 ____T C:\Temp\~DFC07F.tmp
2013-07-26 14:58 - 2013-07-26 14:58 - 00000000 ____T C:\Temp\~DFB5B8.tmp
2013-07-26 14:48 - 2013-07-26 14:48 - 00001313 ____T C:\Temp\MAR9EE.tmp
2013-07-26 14:48 - 2013-07-26 14:48 - 00001285 ____T C:\Temp\MAR9EF.tmp
2013-07-26 14:47 - 2013-07-26 14:47 - 00016384 ____T C:\Temp\Perflib_Perfdata_7c0.dat
2013-07-26 14:46 - 2013-07-26 14:46 - 00049152 _____ C:\Temp\~DF209D.tmp
2013-07-25 21:06 - 2013-07-25 21:06 - 00001313 ____T C:\Temp\MAR9EC.tmp
2013-07-25 21:06 - 2013-07-25 21:06 - 00001285 ____T C:\Temp\MAR9ED.tmp
2013-07-25 21:04 - 2013-07-25 21:04 - 00049152 _____ C:\Temp\~DF22E4.tmp
2013-07-25 12:42 - 2013-07-25 12:42 - 00000000 ____D C:\Programme\Adobe
2013-07-25 12:42 - 2011-02-02 15:33 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Adobe
2013-07-25 12:35 - 2013-07-25 12:35 - 00001313 ____T C:\Temp\MAR9EA.tmp
2013-07-25 12:35 - 2013-07-25 12:35 - 00001285 ____T C:\Temp\MAR9EB.tmp
2013-07-25 12:33 - 2013-07-25 12:33 - 00049152 _____ C:\Temp\~DF7DC4.tmp
2013-07-25 00:26 - 2013-07-25 00:26 - 00001313 ____T C:\Temp\MAR9E7.tmp
2013-07-25 00:26 - 2013-07-25 00:26 - 00001285 ____T C:\Temp\MAR9E9.tmp
2013-07-25 00:24 - 2013-07-25 00:24 - 00049152 _____ C:\Temp\~DFD00C.tmp
2013-07-24 14:05 - 2013-07-24 14:05 - 00001313 ____T C:\Temp\MAR9E6.tmp
2013-07-24 14:05 - 2013-07-24 14:05 - 00001285 ____T C:\Temp\MAR9E8.tmp
2013-07-24 14:03 - 2013-07-24 14:03 - 00049152 _____ C:\Temp\~DFF7C6.tmp
2013-07-23 23:23 - 2013-07-23 23:21 - 00004392 _____ C:\Temp\HPWUCl083.log
2013-07-23 23:19 - 2013-07-23 23:19 - 00001313 ____T C:\Temp\MAR9E4.tmp
2013-07-23 23:19 - 2013-07-23 23:19 - 00001285 ____T C:\Temp\MAR9E5.tmp
2013-07-23 23:17 - 2013-07-23 23:17 - 00049152 _____ C:\Temp\~DF6ACC.tmp
2013-07-23 15:02 - 2013-07-23 15:02 - 00001313 ____T C:\Temp\MAR9E2.tmp
2013-07-23 15:02 - 2013-07-23 15:02 - 00001285 ____T C:\Temp\MAR9E3.tmp
2013-07-23 15:00 - 2013-07-23 15:00 - 00049152 _____ C:\Temp\~DFDDC5.tmp
2013-07-23 12:34 - 2013-07-23 12:34 - 00001313 ____T C:\Temp\MAR9E0.tmp
2013-07-23 12:34 - 2013-07-23 12:34 - 00001285 ____T C:\Temp\MAR9E1.tmp
2013-07-23 12:32 - 2013-07-23 12:32 - 00049152 _____ C:\Temp\~DFE25E.tmp
2013-07-23 00:49 - 2013-07-23 00:49 - 00001313 ____T C:\Temp\MAR9DE.tmp
2013-07-23 00:49 - 2013-07-23 00:49 - 00001285 ____T C:\Temp\MAR9DF.tmp
2013-07-23 00:47 - 2013-07-23 00:47 - 00049152 _____ C:\Temp\~DF1E6A.tmp
2013-07-22 14:31 - 2013-07-22 14:31 - 00001313 ____T C:\Temp\MAR9DC.tmp
2013-07-22 14:31 - 2013-07-22 14:31 - 00001285 ____T C:\Temp\MAR9DD.tmp
2013-07-22 14:29 - 2013-07-22 14:29 - 00049152 _____ C:\Temp\~DFE12A.tmp
2013-07-21 22:39 - 2013-07-21 22:19 - 00016384 ____T C:\Temp\~DFF32C.tmp
2013-07-21 22:19 - 2013-07-21 22:19 - 00000000 ____T C:\Temp\~DFEACA.tmp
2013-07-21 16:38 - 2013-07-21 16:38 - 00001313 ____T C:\Temp\MAR9DA.tmp
2013-07-21 16:38 - 2013-07-21 16:38 - 00001285 ____T C:\Temp\MAR9DB.tmp
2013-07-21 16:37 - 2013-07-21 16:37 - 00016384 ____T C:\Temp\Perflib_Perfdata_9cc.dat
2013-07-21 16:36 - 2013-07-21 16:36 - 00049152 _____ C:\Temp\~DF8E7.tmp
2013-07-21 16:33 - 2013-07-21 16:28 - 00016384 ____T C:\Temp\~DFFB26.tmp
2013-07-21 16:32 - 2013-07-21 16:28 - 00016384 ____T C:\Temp\~DFE8E2.tmp
2013-07-21 16:30 - 2013-07-21 16:29 - 00016384 ____T C:\Temp\~DFF9F2.tmp
2013-07-21 16:30 - 2013-07-21 16:28 - 00016384 ____T C:\Temp\~DF9676.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00057344 ____T C:\Temp\~DF41EB.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00000000 ____T C:\Temp\~DFCB8A.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00000000 ____T C:\Temp\~DFBA2C.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00000000 ____T C:\Temp\~DF8322.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00000000 ____T C:\Temp\~DF521.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00000000 ____T C:\Temp\~DF2964.tmp
2013-07-21 16:29 - 2013-07-21 16:28 - 00016384 ____T C:\Temp\~DF8474.tmp
2013-07-21 16:28 - 2013-07-21 16:28 - 00000000 ____T C:\Temp\~DF2D5C.tmp
2013-07-21 16:27 - 2013-07-21 16:23 - 00016384 ____T C:\Temp\~DFD4C7.tmp
2013-07-21 16:23 - 2013-07-21 16:23 - 00016384 ____T C:\Temp\~DFC7E7.tmp
2013-07-21 14:04 - 2013-07-21 14:04 - 00001313 ____T C:\Temp\MAR9D8.tmp
2013-07-21 14:04 - 2013-07-21 14:04 - 00001285 ____T C:\Temp\MAR9D9.tmp
2013-07-21 14:03 - 2013-07-21 14:03 - 00049152 _____ C:\Temp\~DFE92F.tmp
2013-07-20 16:09 - 2013-07-20 16:09 - 00001313 ____T C:\Temp\MAR9D6.tmp
2013-07-20 16:09 - 2013-07-20 16:09 - 00001285 ____T C:\Temp\MAR9D7.tmp
2013-07-20 16:08 - 2013-07-20 16:08 - 00049152 _____ C:\Temp\~DFEB37.tmp
2013-07-20 14:17 - 2013-07-20 14:17 - 00001313 ____T C:\Temp\MAR9D3.tmp
2013-07-20 14:17 - 2013-07-20 14:17 - 00001285 ____T C:\Temp\MAR9D5.tmp
2013-07-20 14:15 - 2013-07-20 14:15 - 00049152 _____ C:\Temp\~DF576E.tmp
2013-07-19 02:24 - 2013-07-19 02:24 - 00001313 ____T C:\Temp\MAR9D2.tmp
2013-07-19 02:24 - 2013-07-19 02:24 - 00001285 ____T C:\Temp\MAR9D4.tmp
2013-07-19 02:22 - 2013-07-19 02:22 - 00049152 _____ C:\Temp\~DFC222.tmp
2013-07-17 19:00 - 2013-07-17 19:00 - 00001313 ____T C:\Temp\MAR9D0.tmp
2013-07-17 19:00 - 2013-07-17 19:00 - 00001285 ____T C:\Temp\MAR9D1.tmp
2013-07-17 18:58 - 2013-07-17 18:58 - 00049152 _____ C:\Temp\~DFD784.tmp
2013-07-16 20:47 - 2013-03-17 20:41 - 00000637 _____ C:\Temp\IOConnection.txt
2013-07-16 20:35 - 2013-07-16 20:35 - 00047416 ____T C:\Temp\DIOADD.tmp
2013-07-16 20:34 - 2013-07-16 20:34 - 00047416 ____T C:\Temp\DIOA20.tmp
2013-07-16 20:34 - 2013-07-16 20:34 - 00047416 ____T C:\Temp\DIO9EB.tmp
2013-07-16 19:02 - 2013-07-16 19:00 - 00004392 _____ C:\Temp\HPWUCl082.log
2013-07-16 18:57 - 2013-07-16 18:57 - 00001313 ____T C:\Temp\MAR9CE.tmp
2013-07-16 18:57 - 2013-07-16 18:57 - 00001285 ____T C:\Temp\MAR9CF.tmp
2013-07-16 18:55 - 2013-07-16 18:55 - 00049152 _____ C:\Temp\~DF9742.tmp
2013-07-15 18:15 - 2013-07-15 18:15 - 00001313 ____T C:\Temp\MAR9CC.tmp
2013-07-15 18:15 - 2013-07-15 18:15 - 00001285 ____T C:\Temp\MAR9CD.tmp
2013-07-15 18:13 - 2013-07-15 18:13 - 00049152 _____ C:\Temp\~DFF71D.tmp
2013-07-15 04:54 - 2013-07-15 04:54 - 00001313 ____T C:\Temp\MAR9CA.tmp
2013-07-15 04:54 - 2013-07-15 04:54 - 00001285 ____T C:\Temp\MAR9CB.tmp
2013-07-15 04:51 - 2013-07-15 04:51 - 00049152 _____ C:\Temp\~DFE7C.tmp
2013-07-14 15:28 - 2013-07-14 15:28 - 00001313 ____T C:\Temp\MAR9C8.tmp
2013-07-14 15:28 - 2013-07-14 15:28 - 00001285 ____T C:\Temp\MAR9C9.tmp
2013-07-14 15:26 - 2013-07-14 15:26 - 00049152 _____ C:\Temp\~DF3C5A.tmp
2013-07-14 07:45 - 2013-07-14 07:45 - 00001313 ____T C:\Temp\MAR9C6.tmp
2013-07-14 07:45 - 2013-07-14 07:45 - 00001285 ____T C:\Temp\MAR9C7.tmp
2013-07-14 07:43 - 2013-07-14 07:43 - 00049152 _____ C:\Temp\~DF2D8.tmp
2013-07-14 00:09 - 2013-07-14 00:09 - 00001313 ____T C:\Temp\MAR9C4.tmp
2013-07-14 00:09 - 2013-07-14 00:09 - 00001285 ____T C:\Temp\MAR9C5.tmp
2013-07-14 00:08 - 2013-07-14 00:08 - 00049152 _____ C:\Temp\~DF298.tmp
2013-07-13 15:12 - 2013-07-13 15:12 - 00001313 ____T C:\Temp\MAR9C2.tmp
2013-07-13 15:12 - 2013-07-13 15:12 - 00001285 ____T C:\Temp\MAR9C3.tmp
2013-07-13 15:11 - 2013-07-13 15:11 - 00049152 _____ C:\Temp\~DF30AC.tmp
2013-07-13 11:11 - 2013-07-13 11:11 - 00001313 ____T C:\Temp\MAR9C0.tmp
2013-07-13 11:11 - 2013-07-13 11:11 - 00001285 ____T C:\Temp\MAR9C1.tmp
2013-07-13 11:09 - 2013-07-13 11:09 - 00049152 _____ C:\Temp\~DF2A1C.tmp
2013-07-13 11:07 - 2013-07-13 11:07 - 00000000 ____T C:\Temp\~DF607C.tmp
2013-07-13 11:05 - 2013-07-13 11:03 - 00016384 ____T C:\Temp\~DFBC83.tmp
2013-07-13 11:03 - 2013-07-13 11:03 - 00000000 ____T C:\Temp\~DFB452.tmp
2013-07-13 11:01 - 2013-07-13 11:01 - 00001313 ____T C:\Temp\MAR9BE.tmp
2013-07-13 11:01 - 2013-07-13 11:01 - 00001285 ____T C:\Temp\MAR9BF.tmp
2013-07-13 11:00 - 2013-07-13 11:00 - 00016384 ____T C:\Temp\Perflib_Perfdata_98c.dat
2013-07-13 10:59 - 2013-07-13 10:59 - 00049152 _____ C:\Temp\~DFB9C4.tmp
2013-07-12 15:41 - 2011-01-31 21:24 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-07-12 15:16 - 2011-02-14 19:01 - 00000649 _____ C:\Temp\AdobeARM_NotLocked.log
2013-07-12 15:09 - 2013-07-12 15:09 - 00001313 ____T C:\Temp\MAR9BC.tmp
2013-07-12 15:09 - 2013-07-12 15:09 - 00001285 ____T C:\Temp\MAR9BD.tmp
2013-07-12 15:07 - 2013-07-12 15:07 - 00049152 _____ C:\Temp\~DFAA2F.tmp
2013-07-12 15:06 - 2012-09-26 20:13 - 00000000 ____D C:\Programme\Microsoft Silverlight
2013-07-12 15:06 - 2011-01-31 20:22 - 00121336 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-07-11 21:41 - 2013-07-11 21:41 - 00123763 _____ C:\WINDOWS\KB2834904.log
2013-07-11 21:41 - 2013-07-11 21:41 - 00123541 _____ C:\WINDOWS\KB2834886.log
2013-07-11 21:41 - 2013-07-11 21:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850851$
2013-07-11 21:41 - 2013-07-11 21:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904_WM11$
2013-07-11 21:41 - 2013-07-11 21:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$
2013-07-11 21:41 - 2013-07-11 19:03 - 00128560 _____ C:\WINDOWS\KB2850851.log
2013-07-11 21:41 - 2011-02-09 19:14 - 00001374 _____ C:\WINDOWS\imsins.BAK
2013-07-11 21:40 - 2013-07-11 21:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845187$
2013-07-11 21:40 - 2013-07-11 19:03 - 00127298 _____ C:\WINDOWS\KB2845187.log
2013-07-11 21:40 - 2011-01-31 20:24 - 01034830 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-07-11 21:32 - 2011-01-31 21:33 - 75699896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-07-11 21:31 - 2013-07-11 21:30 - 00128951 _____ C:\WINDOWS\KB2846071-IE8.log
2013-07-11 21:31 - 2011-02-09 19:14 - 00067906 _____ C:\WINDOWS\updspapi.log
2013-07-11 21:31 - 2011-01-31 21:35 - 00000000 ____D C:\WINDOWS\ie8updates
2013-07-11 21:23 - 2011-01-31 21:25 - 00000000 ____D C:\WINDOWS\system32\XPSViewer
2013-07-11 18:58 - 2013-07-11 18:58 - 00001313 ____T C:\Temp\MAR9BA.tmp
2013-07-11 18:58 - 2013-07-11 18:58 - 00001285 ____T C:\Temp\MAR9BB.tmp
2013-07-11 18:56 - 2013-07-11 18:56 - 00049152 _____ C:\Temp\~DF3661.tmp
2013-07-10 19:56 - 2013-07-10 19:56 - 00001313 ____T C:\Temp\MAR9B8.tmp
2013-07-10 19:56 - 2013-07-10 19:56 - 00001285 ____T C:\Temp\MAR9B9.tmp
2013-07-10 19:54 - 2013-07-10 19:54 - 00049152 _____ C:\Temp\~DF9409.tmp
2013-07-10 18:23 - 2013-07-10 18:23 - 00001313 ____T C:\Temp\MAR9B6.tmp
2013-07-10 18:23 - 2013-07-10 18:23 - 00001285 ____T C:\Temp\MAR9B7.tmp
2013-07-10 18:21 - 2013-07-10 18:21 - 00049152 _____ C:\Temp\~DF13FD.tmp
2013-07-09 22:24 - 2013-07-09 22:24 - 00001313 ____T C:\Temp\MAR9B4.tmp
2013-07-09 22:24 - 2013-07-09 22:24 - 00001285 ____T C:\Temp\MAR9B5.tmp
2013-07-09 22:22 - 2013-07-09 22:22 - 00049152 _____ C:\Temp\~DF2052.tmp
2013-07-09 22:18 - 2013-07-09 22:18 - 04518624 _____ C:\Temp\fla9FA.tmp
2013-07-09 22:18 - 2013-07-09 22:18 - 01339208 _____ C:\Temp\fla9F8.tmp
2013-07-09 22:18 - 2013-07-09 22:18 - 01084901 _____ C:\Temp\fla9F9.tmp
2013-07-09 22:18 - 2013-07-09 22:18 - 00523260 _____ C:\Temp\fla9F7.tmp
2013-07-09 22:18 - 2013-07-09 22:18 - 00016384 ____T C:\Temp\~DFB514.tmp
2013-07-09 22:12 - 2013-07-09 22:12 - 00020480 ____T C:\Temp\~DF5F.tmp
2013-07-09 22:12 - 2013-07-09 22:12 - 00000000 ____T C:\Temp\~DFFF9A.tmp
2013-07-09 22:11 - 2013-07-09 21:05 - 00016384 ____T C:\Temp\~DF4AEB.tmp
2013-07-09 20:16 - 2013-07-09 20:16 - 00016384 ____T C:\Temp\~DF64D7.tmp
2013-07-09 19:38 - 2013-07-09 19:38 - 00001313 ____T C:\Temp\MAR9B2.tmp
2013-07-09 19:38 - 2013-07-09 19:38 - 00001285 ____T C:\Temp\MAR9B3.tmp
2013-07-09 19:36 - 2013-07-09 19:36 - 00049152 _____ C:\Temp\~DFBCB6.tmp
2013-07-09 19:36 - 2013-07-09 19:36 - 00016384 ____T C:\Temp\Perflib_Perfdata_1ac.dat
2013-07-08 21:24 - 2013-07-08 21:22 - 00002190 _____ C:\Temp\HPWUCl081.log
2013-07-08 21:19 - 2013-07-08 21:19 - 00001313 ____T C:\Temp\MAR9B0.tmp
2013-07-08 21:19 - 2013-07-08 21:19 - 00001285 ____T C:\Temp\MAR9B1.tmp
2013-07-08 21:17 - 2013-07-08 21:17 - 00049152 _____ C:\Temp\~DF4F03.tmp
2013-07-07 16:39 - 2013-07-07 16:39 - 00001313 ____T C:\Temp\MAR9AE.tmp
2013-07-07 16:39 - 2013-07-07 16:39 - 00001285 ____T C:\Temp\MAR9AF.tmp
2013-07-07 16:37 - 2013-07-07 16:37 - 00049152 _____ C:\Temp\~DFF32A.tmp
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2008-04-14 06:52] - [2008-04-14 06:52] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e
C:\Windows\System32\winlogon.exe
[2008-04-14 06:53] - [2008-04-14 06:53] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a
C:\Windows\System32\svchost.exe
[2008-04-14 06:53] - [2008-04-14 06:53] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366
C:\Windows\System32\services.exe
[2008-04-14 06:53] - [2009-02-09 13:21] - 0111104 ____A (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc
C:\Windows\System32\User32.dll
[2008-04-14 06:52] - [2008-04-14 06:52] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd
C:\Windows\System32\userinit.exe
[2008-04-14 06:53] - [2008-04-14 06:53] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106
C:\Windows\System32\Drivers\volsnap.sys
[2008-04-14 06:22] - [2008-04-14 06:22] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d
==================== End Of Log ============================
|
|
06.08.2013, 18:09
| #19 |
| /// the machine /// TB-Ausbilder | BKA-Trojaner Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKCU\...\Run: [NTRedirect] - C:\WINDOWS\system32\rundll32.exe "C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\BabSolution\Shared\NTRedirect.dll",Run [x]
HKU\Administrator\...\Run: [] - [x]
C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\BabSolution
HKU\Administrator\...\Run: [ctfmon32.exe] - C:\DOKUME~1\ALLUSE~1\ANWEND~1\rundll32.exe C:\DOKUME~1\ALLUSE~1\ANWEND~1\jhlor.dat,XFG00 [x] <===== ATTENTION
C:\DOKUME~1\ALLUSE~1\ANWEND~1\jhlor.dat
SearchScopes: HKCU - {C8AAC839-E6AB-418F-8444-2AFA890364E6} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=DVS2&o=1586&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^AAA&apn_dtid=^YYYYYY^YY^DE&apn_uid=59755d13-de52-4e86-869b-39980b806c89&apn_sauid=7A519D86-4CC2-4414-A0B5-FA937669223B
BHO: LyricXeeker - {17E58097-6CA5-448B-830F-2A19678248FB} - C:\Programme\LyriXeeker\125.dll (LyriXeeker Tech)
S2 winmgmt; C:\DOKUME~1\Erilk\5085948.dll [x]
C:\DOKUME~1\Erilk\5085948.dll
C:\Temp\*.*
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.08.2013, 20:38
| #20 |
| | BKA-TrojanerFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-08-2013
Ran by Karo (administrator) on 06-08-2013 21:34:07
Running from C:\Dokumente und Einstellungen\Karo\Desktop
Microsoft Windows XP Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Could not list processes ===============
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDCPL] - C:\Windows\RTHDCPL.EXE [16062464 2006-12-19] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SkyTel] - C:\Windows\SkyTel.EXE [2879488 2006-05-16] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] - C:\Windows\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [avgnt] - C:\Programme\Avira\AntiVir Desktop\avgnt.exe [281768 2010-12-13] (Avira GmbH)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [249064 2010-10-29] (Sun Microsystems, Inc.)
HKLM\...\Run: [AppleSyncNotifier] - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.)
HKLM\...\Run: [LWS] - C:\Programme\Logitech\LWS\Webcam Software\LWS.exe [165208 2010-05-07] (Logitech Inc.)
HKLM\...\Run: [HP Software Update] - C:\Programme\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM\...\Run: [APSDaemon] - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Programme\iTunes\iTunesHelper.exe [421736 2011-11-13] (Apple Inc.)
HKLM\...\Run: [KiesTrayAgent] - C:\Programme\Samsung\Kies\KiesTrayAgent.exe [309688 2012-12-03] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [Adobe ARM] - C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-10] (Adobe Systems Incorporated)
HKCU\...\Run: [StartCCC] - C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [90112 2006-11-10] ()
HKCU\...\Run: [swg] - "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [x]
HKCU\...\Run: [Logitech Vid HD] - C:\Programme\Logitech\Vid\vid.exe [6061400 2010-05-11] (Logitech Inc.)
HKCU\...\Run: [MSMSGS] - C:\Programme\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKCU\...\Run: [NTRedirect] - C:\WINDOWS\system32\rundll32.exe "C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\BabSolution\Shared\NTRedirect.dll",Run [x]
HKU\Administrator\...\Run: [] - [x]
HKU\Administrator\...\Run: [StartCCC] - C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [ 2006-11-10] ()
HKU\Administrator\...\Run: [swg] - "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [x]
HKU\Administrator\...\Run: [MSMSGS] - C:\Programme\Messenger\msmsgs.exe [ 2008-04-14] (Microsoft Corporation)
HKU\Administrator\...\Run: [ctfmon32.exe] - C:\DOKUME~1\ALLUSE~1\ANWEND~1\rundll32.exe C:\DOKUME~1\ALLUSE~1\ANWEND~1\jhlor.dat,XFG00 [x] <===== ATTENTION
HKU\Administrator\...\RunOnce: [FlashPlayerUpdate] - C:\WINDOWS\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe -update activex [x]
HKU\Default User\...\RunOnce: [nltide_3] - C:\Windows\System32\advpack.dll [ 2009-03-08] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [_nltide_3] - C:\Windows\System32\advpack.dll [ 2009-03-08] (Microsoft Corporation)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\REALTEK 11n USB Wireless LAN Utility.lnk
ShortcutTarget: REALTEK 11n USB Wireless LAN Utility.lnk -> C:\Programme\Realtek\11n USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Windows Search.lnk
ShortcutTarget: Windows Search.lnk -> C:\Programme\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
Startup: C:\Dokumente und Einstellungen\Karo\Startmenü\Programme\Autostart\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {65759893-8694-43BC-876A-6699814FD7C9} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=827316&p={searchTerms}
SearchScopes: HKCU - {C8AAC839-E6AB-418F-8444-2AFA890364E6} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=DVS2&o=1586&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^AAA&apn_dtid=^YYYYYY^YY^DE&apn_uid=59755d13-de52-4e86-869b-39980b806c89&apn_sauid=7A519D86-4CC2-4414-A0B5-FA937669223B
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: LyricXeeker - {17E58097-6CA5-448B-830F-2A19678248FB} - C:\Programme\LyriXeeker\125.dll (LyriXeeker Tech)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKCU -No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1296499764250
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ipp - No CLSID Value -
Handler: msdaipp - No CLSID Value -
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL (Skype Technologies)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Programme\Avira\AntiVir Desktop\sched.exe [136360 2011-05-08] (Avira GmbH)
R2 AntiVirService; C:\Programme\Avira\AntiVir Desktop\avguard.exe [269480 2011-06-28] (Avira GmbH)
R3 hpqcxs08; C:\Programme\HP\Digital Imaging\bin\hpqcxs08.dll [253568 2009-11-18] (Hewlett-Packard Co.)
R2 hpqddsvc; C:\Programme\HP\Digital Imaging\bin\hpqddsvc.dll [137344 2009-11-18] (Hewlett-Packard Co.)
R3 iPod Service; C:\Programme\iPod\bin\iPodService.exe [821608 2011-11-13] (Apple Inc.)
R2 LVPrcSrv; C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcSrv.exe [162648 2010-05-07] (Logitech Inc.)
R2 Skype C2C Service; C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
S2 SkypeUpdate; C:\Programme\Skype\Updater\Updater.exe [161384 2013-02-28] (Skype Technologies)
S3 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2009-02-04] (Microsoft Corporation)
S4 HidServ; %SystemRoot%\System32\hidserv.dll [x]
R2 JavaQuickStarterService; "C:\Programme\Java\jre6\bin\jqs.exe" -service -config "C:\Programme\Java\jre6\lib\deploy\jqs\jqs.conf" [x]
S2 winmgmt; C:\DOKUME~1\Erilk\5085948.dll [x]
==================== Drivers (Whitelisted) ====================
R2 AegisP; C:\Windows\System32\DRIVERS\AegisP.sys [21361 2011-01-31] (Cisco Systems, Inc.)
R3 AR5416; C:\Windows\System32\DRIVERS\athw.sys [1606368 2011-01-31] (Atheros Communications, Inc.)
R1 avgio; C:\Programme\Avira\AntiVir Desktop\avgio.sys [11608 2010-06-17] (Avira GmbH)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [66616 2011-06-28] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [138192 2011-06-28] (Avira GmbH)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 CompFilter; C:\Windows\System32\DRIVERS\lvbusflt.sys [20704 2010-05-14] (Logitech Inc.)
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] (Windows (R) Server 2003 DDK provider)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49920 2008-10-29] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2008-10-29] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2008-10-29] (HP)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25824 2010-05-07] ()
S3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-14] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
S3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [11136 2008-04-14] (Microsoft Corporation)
S3 sscebus; C:\Windows\System32\DRIVERS\sscebus.sys [98560 2012-06-27] (MCCI Corporation)
S3 sscemdfl; C:\Windows\System32\DRIVERS\sscemdfl.sys [14848 2012-06-27] (MCCI Corporation)
S3 sscemdm; C:\Windows\System32\DRIVERS\sscemdm.sys [123648 2012-06-27] (MCCI Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2010-06-17] (Avira GmbH)
S3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [15232 2008-04-14] (Microsoft Corporation)
S3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-14] (Microsoft Corporation)
S4 IntelIde; No ImagePath
S3 USBAAPL; System32\Drivers\usbaapl.sys [x]
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-06 21:35 - 2013-08-06 21:36 - 00014089 _____ C:\Temp\log3
2013-08-06 21:35 - 2013-08-06 21:36 - 00005377 _____ C:\Temp\log1
2013-08-06 21:34 - 2013-08-06 21:35 - 00011137 _____ C:\Temp\frstlog
2013-08-06 21:34 - 2013-08-06 21:34 - 00000303 _____ C:\Temp\users00
2013-08-06 21:34 - 2013-08-06 21:34 - 00000003 _____ C:\Temp\others
2013-08-06 21:31 - 2013-08-06 21:31 - 00000962 _____ C:\Dokumente und Einstellungen\Karo\Desktop\Fixlist.txt
2013-08-06 21:22 - 2013-08-06 21:27 - 00016384 ____T C:\Temp\~DFCCF7.tmp
2013-08-06 21:22 - 2013-08-06 21:22 - 00032768 _____ C:\Temp\~DF3897.tmp
2013-08-06 21:22 - 2013-08-06 21:22 - 00032768 _____ C:\Temp\~DF370D.tmp
2013-08-06 21:22 - 2013-08-06 21:22 - 00016384 _____ C:\Temp\~DF3776.tmp
2013-08-06 21:22 - 2013-08-06 21:22 - 00000512 ____T C:\Temp\~DF38A5.tmp
2013-08-06 21:22 - 2013-08-06 21:22 - 00000512 ____T C:\Temp\~DF3789.tmp
2013-08-06 21:22 - 2013-08-06 21:22 - 00000512 ____T C:\Temp\~DF371B.tmp
2013-08-06 21:22 - 2013-08-06 21:22 - 00000000 ____T C:\Temp\~DFC487.tmp
2013-08-06 21:19 - 2013-08-06 21:19 - 00001313 ____T C:\Temp\MARA22.tmp
2013-08-06 21:19 - 2013-08-06 21:19 - 00001285 ____T C:\Temp\MARA23.tmp
2013-08-06 21:19 - 2013-08-06 21:19 - 00000000 ____D C:\Temp\svkgh.tmp
2013-08-06 21:18 - 2013-08-06 21:18 - 00000281 _____ C:\Temp\upr13.tmp
2013-08-06 21:18 - 2013-08-06 21:18 - 00000072 _____ C:\Temp\upe19.tmp
2013-08-06 21:18 - 2013-08-06 21:18 - 00000000 ____D C:\Temp\WPDNSE
2013-08-06 15:38 - 2013-08-06 15:38 - 00001313 ____T C:\Temp\MARA20.tmp
2013-08-06 15:38 - 2013-08-06 15:38 - 00001285 ____T C:\Temp\MARA21.tmp
2013-08-06 15:37 - 2013-08-06 15:37 - 00000281 _____ C:\Temp\upr12.tmp
2013-08-06 15:37 - 2013-08-06 15:37 - 00000072 _____ C:\Temp\upe18.tmp
2013-08-05 20:43 - 2013-08-05 20:43 - 00000072 _____ C:\Temp\upeA22.tmp
2013-08-05 20:41 - 2013-08-05 20:41 - 00001313 ____T C:\Temp\MARA1E.tmp
2013-08-05 20:41 - 2013-08-05 20:41 - 00001285 ____T C:\Temp\MARA1F.tmp
2013-08-05 20:41 - 2013-08-05 20:41 - 00000000 _____ C:\Temp\upe8FC.tmp
2013-08-05 20:40 - 2013-08-05 20:40 - 00000000 _____ C:\Temp\upe17.tmp
2013-08-05 20:39 - 2013-08-05 20:39 - 00000000 _____ C:\Temp\upr11.tmp
2013-08-05 17:19 - 2013-08-05 17:19 - 00001313 ____T C:\Temp\MARA1C.tmp
2013-08-05 17:19 - 2013-08-05 17:19 - 00001285 ____T C:\Temp\MARA1D.tmp
2013-08-05 17:18 - 2013-08-05 17:18 - 00000281 _____ C:\Temp\upr10.tmp
2013-08-05 17:18 - 2013-08-05 17:18 - 00000072 _____ C:\Temp\upe16.tmp
2013-08-05 16:14 - 2013-08-05 16:14 - 00000072 _____ C:\Temp\upeA1F.tmp
2013-08-05 16:12 - 2013-08-05 16:12 - 00001313 ____T C:\Temp\MARA1A.tmp
2013-08-05 16:12 - 2013-08-05 16:12 - 00001285 ____T C:\Temp\MARA1B.tmp
2013-08-05 16:12 - 2013-08-05 16:12 - 00000000 _____ C:\Temp\upe77D.tmp
2013-08-05 16:11 - 2013-08-05 16:11 - 00000000 _____ C:\Temp\upe15.tmp
2013-08-05 16:10 - 2013-08-05 16:10 - 00000000 _____ C:\Temp\uprE.tmp
2013-08-05 16:01 - 2013-08-05 16:01 - 00028832 _____ C:\Temp\java_install.log
2013-08-05 16:01 - 2011-02-02 22:40 - 00157472 _____ (Sun Microsystems, Inc.) C:\WINDOWS\system32\javaws.exe
2013-08-05 16:01 - 2011-02-02 22:40 - 00145184 _____ (Sun Microsystems, Inc.) C:\WINDOWS\system32\javaw.exe
2013-08-05 16:01 - 2011-02-02 22:40 - 00145184 _____ (Sun Microsystems, Inc.) C:\WINDOWS\system32\java.exe
2013-08-05 16:00 - 2013-08-05 16:00 - 00077824 _____ C:\Temp\f69ce.mst
2013-08-05 15:55 - 2013-08-05 15:55 - 00448512 _____ (OldTimer Tools) C:\Dokumente und Einstellungen\Karo\Desktop\TFC.exe
2013-08-05 15:53 - 2013-08-05 15:53 - 00392032 _____ (Softonic ) C:\Dokumente und Einstellungen\Karo\Desktop\SoftonicDownloader_fuer_temp-file-cleaner.exe
2013-08-05 15:46 - 2013-08-05 15:46 - 00001313 ____T C:\Temp\MARA18.tmp
2013-08-05 15:46 - 2013-08-05 15:46 - 00001285 ____T C:\Temp\MARA19.tmp
2013-08-05 15:45 - 2013-08-05 15:45 - 00000281 _____ C:\Temp\uprD.tmp
2013-08-05 15:45 - 2013-08-05 15:45 - 00000072 _____ C:\Temp\upe14.tmp
2013-08-04 16:56 - 2013-08-04 16:56 - 00001313 ____T C:\Temp\MARA16.tmp
2013-08-04 16:56 - 2013-08-04 16:56 - 00001285 ____T C:\Temp\MARA17.tmp
2013-08-04 16:55 - 2013-08-04 16:55 - 00000281 _____ C:\Temp\uprC.tmp
2013-08-04 16:55 - 2013-08-04 16:55 - 00000072 _____ C:\Temp\upe13.tmp
2013-08-03 12:18 - 2013-08-03 12:18 - 00000000 ____D C:\Temp\RarSFX0
2013-08-03 12:14 - 2013-08-03 12:15 - 00891098 _____ C:\Dokumente und Einstellungen\Karo\Desktop\SecurityCheck.exe
2013-08-03 03:33 - 2013-08-03 03:33 - 00001313 ____T C:\Temp\MARA14.tmp
2013-08-03 03:33 - 2013-08-03 03:33 - 00001285 ____T C:\Temp\MARA15.tmp
2013-08-03 03:32 - 2013-08-03 03:32 - 00000073 _____ C:\Temp\upe12.tmp
2013-08-03 03:31 - 2013-08-03 03:32 - 00000281 _____ C:\Temp\uprB.tmp
2013-08-02 23:57 - 2013-08-02 23:57 - 03126311 _____ C:\Temp\NOD377B.tmp
2013-08-02 23:57 - 2013-08-02 23:57 - 00000333 _____ C:\Temp\NOD3B87.tmp
2013-08-02 23:34 - 2013-08-02 23:34 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\ESET
2013-08-02 23:33 - 2013-08-02 23:33 - 00264880 _____ (ESET) C:\Temp\InstHelper.exe
2013-08-02 22:44 - 2013-08-02 22:44 - 00001313 ____T C:\Temp\MARA12.tmp
2013-08-02 22:44 - 2013-08-02 22:44 - 00001285 ____T C:\Temp\MARA13.tmp
2013-08-02 22:43 - 2013-08-02 22:43 - 00000281 _____ C:\Temp\uprA.tmp
2013-08-02 22:43 - 2013-08-02 22:43 - 00000073 _____ C:\Temp\upe11.tmp
2013-08-02 14:01 - 2013-08-02 14:01 - 00062770 _____ C:\Dokumente und Einstellungen\Karo\Desktop\FRST2.txt
2013-08-02 14:00 - 2013-08-02 14:00 - 00029310 _____ C:\Dokumente und Einstellungen\Karo\Desktop\Addition2.txt
2013-08-02 13:18 - 2013-08-02 13:18 - 00000073 _____ C:\Temp\upeA12.tmp
2013-08-02 13:16 - 2013-08-02 13:16 - 00001313 ____T C:\Temp\MARA10.tmp
2013-08-02 13:16 - 2013-08-02 13:16 - 00001285 ____T C:\Temp\MARA11.tmp
2013-08-02 13:16 - 2013-08-02 13:16 - 00000000 _____ C:\Temp\upeF.tmp
2013-08-02 13:15 - 2013-08-02 13:15 - 00000000 _____ C:\Temp\upr9.tmp
2013-08-02 13:15 - 2013-08-02 13:15 - 00000000 _____ C:\Temp\upeE.tmp
2013-08-02 13:12 - 2013-08-02 13:12 - 00017176 _____ C:\AdwCleaner[S1].txt
2013-08-02 13:10 - 2013-08-02 13:10 - 00666633 _____ C:\Dokumente und Einstellungen\Karo\Desktop\adwcleaner06.exe
2013-08-02 12:50 - 2013-08-02 12:50 - 00001313 ____T C:\Temp\MARA0E.tmp
2013-08-02 12:50 - 2013-08-02 12:50 - 00001285 ____T C:\Temp\MARA0F.tmp
2013-08-02 12:49 - 2013-08-02 12:49 - 00000073 _____ C:\Temp\upeD.tmp
2013-08-02 12:48 - 2013-08-02 12:49 - 00000281 _____ C:\Temp\upr8.tmp
2013-08-01 19:54 - 2013-08-01 19:54 - 00001313 ____T C:\Temp\MARA0C.tmp
2013-08-01 19:54 - 2013-08-01 19:54 - 00001285 ____T C:\Temp\MARA0D.tmp
2013-08-01 19:54 - 2013-08-01 19:54 - 00000073 _____ C:\Temp\upeC.tmp
2013-08-01 19:53 - 2013-08-01 19:53 - 00000281 _____ C:\Temp\upr7.tmp
2013-08-01 19:06 - 2013-08-01 19:08 - 00000213 _____ C:\Dokumente und Einstellungen\Karo\Eigene Dateien\Fixlist.txt
2013-08-01 19:01 - 2013-08-01 19:01 - 00001313 ____T C:\Temp\MARA0A.tmp
2013-08-01 19:01 - 2013-08-01 19:01 - 00001285 ____T C:\Temp\MARA0B.tmp
2013-08-01 19:00 - 2013-08-01 19:00 - 00000281 _____ C:\Temp\upr6.tmp
2013-08-01 19:00 - 2013-08-01 19:00 - 00000073 _____ C:\Temp\upe47.tmp
2013-07-31 15:28 - 2013-08-03 12:31 - 00029321 _____ C:\Dokumente und Einstellungen\Karo\Desktop\Addition.txt
2013-07-31 15:22 - 2013-07-31 15:22 - 00000073 _____ C:\Temp\upeB.tmp
2013-07-31 15:21 - 2013-07-31 15:22 - 00000281 _____ C:\Temp\upr5.tmp
2013-07-31 15:17 - 2013-07-31 15:17 - 01781589 _____ (Farbar) C:\Dokumente und Einstellungen\Karo\Desktop\FRST64.exe
2013-07-31 15:16 - 2013-08-06 15:48 - 01228808 _____ (Farbar) C:\Dokumente und Einstellungen\Karo\Desktop\FRST.exe
2013-07-31 15:16 - 2013-07-31 15:16 - 00000000 ____D C:\FRST
2013-07-31 15:00 - 2013-07-31 15:00 - 00000281 _____ C:\Temp\uprA13.tmp
2013-07-31 15:00 - 2013-07-31 15:00 - 00000073 _____ C:\Temp\upeA14.tmp
2013-07-31 14:50 - 2013-07-31 14:50 - 00001313 ____T C:\Temp\MARA08.tmp
2013-07-31 14:50 - 2013-07-31 14:50 - 00001285 ____T C:\Temp\MARA09.tmp
2013-07-31 14:49 - 2013-07-31 14:49 - 00000281 _____ C:\Temp\upr4.tmp
2013-07-31 14:49 - 2013-07-31 14:49 - 00000073 _____ C:\Temp\upeA.tmp
2013-07-31 14:32 - 2013-07-31 14:36 - 00000000 ____D C:\Temp\B5EC8CB8-BAB0-7891-93B8-0638EA6B0C45
2013-07-31 14:32 - 2013-07-31 14:32 - 00000281 _____ C:\Temp\uprF.tmp
2013-07-31 14:32 - 2013-07-31 14:32 - 00000073 _____ C:\Temp\upe10.tmp
2013-07-31 14:32 - 2013-07-31 14:32 - 00000000 ____D C:\Temp\tmp1985
2013-07-31 14:32 - 2013-07-31 14:32 - 00000000 ____D C:\Temp\ish135531
2013-07-31 14:32 - 2013-07-31 14:32 - 00000000 ____D C:\Programme\LyriXeeker
2013-07-31 14:31 - 2013-07-31 14:31 - 00000281 _____ C:\Temp\upr3.tmp
2013-07-31 14:31 - 2013-07-31 14:31 - 00000073 _____ C:\Temp\upe9.tmp
2013-07-31 13:56 - 2013-07-31 13:56 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Qtrax
2013-07-31 13:52 - 2013-07-31 13:59 - 00000000 ____D C:\Temp\CFC193DF-BAB0-7891-BDCD-EA1E26220A59
2013-07-31 13:52 - 2013-07-31 13:52 - 00000281 _____ C:\Temp\uprA12.tmp
2013-07-31 13:52 - 2013-07-31 13:52 - 00000073 _____ C:\Temp\upeA13.tmp
2013-07-31 13:52 - 2013-07-31 13:52 - 00000000 ____D C:\Temp\tmp6241
2013-07-31 13:52 - 2013-07-31 13:52 - 00000000 ____D C:\Temp\ish18754078
2013-07-31 08:45 - 2013-07-31 08:47 - 00004392 _____ C:\Temp\HPWUCl084.log
2013-07-31 08:42 - 2013-07-31 08:42 - 00001313 ____T C:\Temp\MARA06.tmp
2013-07-31 08:42 - 2013-07-31 08:42 - 00001285 ____T C:\Temp\MARA07.tmp
2013-07-31 08:41 - 2013-07-31 08:41 - 00000073 _____ C:\Temp\upe8.tmp
2013-07-31 08:40 - 2013-07-31 08:41 - 00000272 _____ C:\Temp\upr2.tmp
2013-07-30 19:00 - 2013-07-30 19:00 - 00001313 ____T C:\Temp\MARA04.tmp
2013-07-30 19:00 - 2013-07-30 19:00 - 00001285 ____T C:\Temp\MARA05.tmp
2013-07-30 18:59 - 2013-07-30 18:59 - 00000073 _____ C:\Temp\upe7.tmp
2013-07-30 18:58 - 2013-07-30 18:59 - 00000272 _____ C:\Temp\upr1.tmp
2013-07-30 15:10 - 2013-08-06 21:18 - 00000346 _____ C:\WINDOWS\Tasks\LyricXeeker Update.job
2013-07-30 15:10 - 2013-07-31 14:33 - 00000735 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Open It!.lnk
2013-07-30 15:10 - 2013-07-30 15:14 - 00000000 ____D C:\Temp\1EA55D3C-BAB0-7891-9DA9-F386E4DCBD17
2013-07-30 15:10 - 2013-07-30 15:10 - 00000272 _____ C:\Temp\uprA07.tmp
2013-07-30 15:10 - 2013-07-30 15:10 - 00000073 _____ C:\Temp\upeA08.tmp
2013-07-30 15:10 - 2013-07-30 15:10 - 00000000 ____D C:\Temp\tmp1978
2013-07-30 15:10 - 2013-07-30 15:10 - 00000000 ____D C:\Temp\{2F822836-52C6-427A-8690-91732CB6F143}
2013-07-30 15:10 - 2013-07-30 15:10 - 00000000 ____D C:\Programme\OpenIt
2013-07-30 15:10 - 2013-07-30 15:10 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\DigitalSite
2013-07-30 15:09 - 2013-07-31 14:32 - 00000000 ____D C:\Temp\is357113909
2013-07-30 15:09 - 2013-07-30 15:09 - 00717160 _____ C:\Dokumente und Einstellungen\Karo\Eigene Dateien\ZipOpenerSetup.exe
2013-07-30 15:09 - 2013-07-30 15:09 - 00000000 ____D C:\Temp\ish6262156
2013-07-30 13:30 - 2013-07-30 13:30 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\Windows Search
2013-07-30 13:27 - 2013-07-30 13:27 - 00001313 ____T C:\Temp\MARA02.tmp
2013-07-30 13:27 - 2013-07-30 13:27 - 00001285 ____T C:\Temp\MARA03.tmp
2013-07-30 11:59 - 2013-07-30 11:59 - 00001313 ____T C:\Temp\MAR9FE.tmp
2013-07-30 11:59 - 2013-07-30 11:59 - 00001285 ____T C:\Temp\MAR9FF.tmp
2013-07-30 11:55 - 2013-07-30 11:55 - 00001313 ____T C:\Temp\MARA00.tmp
2013-07-30 11:55 - 2013-07-30 11:55 - 00001285 ____T C:\Temp\MARA01.tmp
2013-07-30 11:22 - 2013-07-30 11:22 - 00001313 ____T C:\Temp\MAR9FC.tmp
2013-07-30 11:22 - 2013-07-30 11:22 - 00001285 ____T C:\Temp\MAR9FD.tmp
2013-07-29 19:07 - 2013-07-29 19:07 - 00001313 ____T C:\Temp\MAR9FA.tmp
2013-07-29 19:07 - 2013-07-29 19:07 - 00001285 ____T C:\Temp\MAR9FB.tmp
2013-07-29 19:06 - 2013-07-29 19:06 - 00000000 ____D C:\Temp\svkah.tmp
2013-07-29 19:05 - 2013-07-29 19:05 - 00049152 _____ C:\Temp\~DF3474.tmp
2013-07-29 15:17 - 2013-07-29 15:17 - 00001313 ____T C:\Temp\MAR9F8.tmp
2013-07-29 15:17 - 2013-07-29 15:17 - 00001285 ____T C:\Temp\MAR9F9.tmp
2013-07-29 15:15 - 2013-07-29 15:15 - 00049152 _____ C:\Temp\~DF3F36.tmp
2013-07-29 12:01 - 2013-07-29 12:01 - 00001313 ____T C:\Temp\MAR9F6.tmp
2013-07-29 12:01 - 2013-07-29 12:01 - 00001285 ____T C:\Temp\MAR9F7.tmp
2013-07-29 12:00 - 2013-07-29 12:00 - 00049152 _____ C:\Temp\~DFEE53.tmp
2013-07-27 08:55 - 2013-07-27 08:55 - 00001313 ____T C:\Temp\MAR9F3.tmp
2013-07-27 08:55 - 2013-07-27 08:55 - 00001285 ____T C:\Temp\MAR9F5.tmp
2013-07-27 08:53 - 2013-07-27 08:53 - 00049152 _____ C:\Temp\~DF27CC.tmp
2013-07-27 02:41 - 2013-07-27 02:41 - 00001313 ____T C:\Temp\MAR9F2.tmp
2013-07-27 02:41 - 2013-07-27 02:41 - 00001285 ____T C:\Temp\MAR9F4.tmp
2013-07-27 02:39 - 2013-07-27 02:39 - 00049152 _____ C:\Temp\~DFD3.tmp
2013-07-27 02:36 - 2013-07-27 02:36 - 00016384 ____T C:\Temp\~DF2345.tmp
2013-07-27 02:35 - 2013-07-27 02:35 - 00016384 ____T C:\Temp\~DF9B0D.tmp
2013-07-27 02:35 - 2013-07-27 02:35 - 00000000 ____D C:\Temp\WER104a.dir00
2013-07-27 02:35 - 2013-07-27 02:35 - 00000000 ____D C:\Temp\WER1022.dir00
2013-07-27 02:34 - 2013-07-27 02:34 - 00016384 ____T C:\Temp\~DF2B6.tmp
2013-07-27 02:33 - 2013-07-27 02:33 - 00016384 ____T C:\Temp\~DF652B.tmp
2013-07-27 02:33 - 2013-07-27 02:33 - 00016384 ____T C:\Temp\~DF24D8.tmp
2013-07-27 02:32 - 2013-07-27 02:32 - 00000000 ____T C:\Temp\~DF998F.tmp
2013-07-27 02:30 - 2013-07-27 02:30 - 00000000 ____T C:\Temp\~DF7A36.tmp
2013-07-27 02:29 - 2013-07-27 02:29 - 18655396 _____ C:\Temp\fla9F3.tmp
2013-07-27 02:29 - 2013-07-27 02:29 - 00000000 ____T C:\Temp\~DF1194.tmp
2013-07-27 02:03 - 2013-07-27 02:28 - 00016384 ____T C:\Temp\~DF237.tmp
2013-07-27 02:03 - 2013-07-27 02:03 - 00001313 ____T C:\Temp\MAR9F0.tmp
2013-07-27 02:03 - 2013-07-27 02:03 - 00001285 ____T C:\Temp\MAR9F1.tmp
2013-07-27 02:03 - 2013-07-27 02:03 - 00000000 ____T C:\Temp\~DFBE36.tmp
2013-07-27 02:02 - 2013-07-27 02:02 - 00049152 _____ C:\Temp\~DF2A07.tmp
2013-07-27 02:02 - 2013-07-27 02:02 - 00016384 ____T C:\Temp\Perflib_Perfdata_fe8.dat
2013-07-26 14:58 - 2013-07-26 14:58 - 00000000 ____T C:\Temp\~DFC07F.tmp
2013-07-26 14:58 - 2013-07-26 14:58 - 00000000 ____T C:\Temp\~DFB5B8.tmp
2013-07-26 14:48 - 2013-07-26 14:48 - 00001313 ____T C:\Temp\MAR9EE.tmp
2013-07-26 14:48 - 2013-07-26 14:48 - 00001285 ____T C:\Temp\MAR9EF.tmp
2013-07-26 14:47 - 2013-07-26 14:47 - 00016384 ____T C:\Temp\Perflib_Perfdata_7c0.dat
2013-07-26 14:46 - 2013-07-26 14:46 - 00049152 _____ C:\Temp\~DF209D.tmp
2013-07-25 21:06 - 2013-07-25 21:06 - 00001313 ____T C:\Temp\MAR9EC.tmp
2013-07-25 21:06 - 2013-07-25 21:06 - 00001285 ____T C:\Temp\MAR9ED.tmp
2013-07-25 21:04 - 2013-07-25 21:04 - 00049152 _____ C:\Temp\~DF22E4.tmp
2013-07-25 12:43 - 2013-08-05 15:59 - 00001714 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader X.lnk
2013-07-25 12:42 - 2013-07-25 12:42 - 00000000 ____D C:\Programme\Adobe
2013-07-25 12:35 - 2013-07-25 12:35 - 00001313 ____T C:\Temp\MAR9EA.tmp
2013-07-25 12:35 - 2013-07-25 12:35 - 00001285 ____T C:\Temp\MAR9EB.tmp
2013-07-25 12:33 - 2013-07-25 12:33 - 00049152 _____ C:\Temp\~DF7DC4.tmp
2013-07-25 00:26 - 2013-07-25 00:26 - 00001313 ____T C:\Temp\MAR9E7.tmp
2013-07-25 00:26 - 2013-07-25 00:26 - 00001285 ____T C:\Temp\MAR9E9.tmp
2013-07-25 00:24 - 2013-07-25 00:24 - 00049152 _____ C:\Temp\~DFD00C.tmp
2013-07-24 14:05 - 2013-07-24 14:05 - 00001313 ____T C:\Temp\MAR9E6.tmp
2013-07-24 14:05 - 2013-07-24 14:05 - 00001285 ____T C:\Temp\MAR9E8.tmp
2013-07-24 14:03 - 2013-07-24 14:03 - 00049152 _____ C:\Temp\~DFF7C6.tmp
2013-07-23 23:21 - 2013-07-23 23:23 - 00004392 _____ C:\Temp\HPWUCl083.log
2013-07-23 23:19 - 2013-07-23 23:19 - 00001313 ____T C:\Temp\MAR9E4.tmp
2013-07-23 23:19 - 2013-07-23 23:19 - 00001285 ____T C:\Temp\MAR9E5.tmp
2013-07-23 23:17 - 2013-07-23 23:17 - 00049152 _____ C:\Temp\~DF6ACC.tmp
2013-07-23 15:02 - 2013-07-23 15:02 - 00001313 ____T C:\Temp\MAR9E2.tmp
2013-07-23 15:02 - 2013-07-23 15:02 - 00001285 ____T C:\Temp\MAR9E3.tmp
2013-07-23 15:00 - 2013-07-23 15:00 - 00049152 _____ C:\Temp\~DFDDC5.tmp
2013-07-23 12:34 - 2013-07-23 12:34 - 00001313 ____T C:\Temp\MAR9E0.tmp
2013-07-23 12:34 - 2013-07-23 12:34 - 00001285 ____T C:\Temp\MAR9E1.tmp
2013-07-23 12:32 - 2013-07-23 12:32 - 00049152 _____ C:\Temp\~DFE25E.tmp
2013-07-23 00:49 - 2013-07-23 00:49 - 00001313 ____T C:\Temp\MAR9DE.tmp
2013-07-23 00:49 - 2013-07-23 00:49 - 00001285 ____T C:\Temp\MAR9DF.tmp
2013-07-23 00:47 - 2013-07-23 00:47 - 00049152 _____ C:\Temp\~DF1E6A.tmp
2013-07-22 14:31 - 2013-07-22 14:31 - 00001313 ____T C:\Temp\MAR9DC.tmp
2013-07-22 14:31 - 2013-07-22 14:31 - 00001285 ____T C:\Temp\MAR9DD.tmp
2013-07-22 14:29 - 2013-07-22 14:29 - 00049152 _____ C:\Temp\~DFE12A.tmp
2013-07-21 22:19 - 2013-07-21 22:39 - 00016384 ____T C:\Temp\~DFF32C.tmp
2013-07-21 22:19 - 2013-07-21 22:19 - 00000000 ____T C:\Temp\~DFEACA.tmp
2013-07-21 16:38 - 2013-07-21 16:38 - 00001313 ____T C:\Temp\MAR9DA.tmp
2013-07-21 16:38 - 2013-07-21 16:38 - 00001285 ____T C:\Temp\MAR9DB.tmp
2013-07-21 16:37 - 2013-07-21 16:37 - 00016384 ____T C:\Temp\Perflib_Perfdata_9cc.dat
2013-07-21 16:36 - 2013-07-21 16:36 - 00049152 _____ C:\Temp\~DF8E7.tmp
2013-07-21 16:29 - 2013-07-21 16:30 - 00016384 ____T C:\Temp\~DFF9F2.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00057344 ____T C:\Temp\~DF41EB.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00000000 ____T C:\Temp\~DFCB8A.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00000000 ____T C:\Temp\~DFBA2C.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00000000 ____T C:\Temp\~DF8322.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00000000 ____T C:\Temp\~DF521.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00000000 ____T C:\Temp\~DF2964.tmp
2013-07-21 16:28 - 2013-07-21 16:33 - 00016384 ____T C:\Temp\~DFFB26.tmp
2013-07-21 16:28 - 2013-07-21 16:32 - 00016384 ____T C:\Temp\~DFE8E2.tmp
2013-07-21 16:28 - 2013-07-21 16:30 - 00016384 ____T C:\Temp\~DF9676.tmp
2013-07-21 16:28 - 2013-07-21 16:29 - 00016384 ____T C:\Temp\~DF8474.tmp
2013-07-21 16:28 - 2013-07-21 16:28 - 00000000 ____T C:\Temp\~DF2D5C.tmp
2013-07-21 16:23 - 2013-07-21 16:27 - 00016384 ____T C:\Temp\~DFD4C7.tmp
2013-07-21 16:23 - 2013-07-21 16:23 - 00016384 ____T C:\Temp\~DFC7E7.tmp
2013-07-21 14:04 - 2013-07-21 14:04 - 00001313 ____T C:\Temp\MAR9D8.tmp
2013-07-21 14:04 - 2013-07-21 14:04 - 00001285 ____T C:\Temp\MAR9D9.tmp
2013-07-21 14:03 - 2013-07-21 14:03 - 00049152 _____ C:\Temp\~DFE92F.tmp
2013-07-20 16:09 - 2013-07-20 16:09 - 00001313 ____T C:\Temp\MAR9D6.tmp
2013-07-20 16:09 - 2013-07-20 16:09 - 00001285 ____T C:\Temp\MAR9D7.tmp
2013-07-20 16:08 - 2013-07-20 16:08 - 00049152 _____ C:\Temp\~DFEB37.tmp
2013-07-20 14:17 - 2013-07-20 14:17 - 00001313 ____T C:\Temp\MAR9D3.tmp
2013-07-20 14:17 - 2013-07-20 14:17 - 00001285 ____T C:\Temp\MAR9D5.tmp
2013-07-20 14:15 - 2013-07-20 14:15 - 00049152 _____ C:\Temp\~DF576E.tmp
2013-07-19 02:24 - 2013-07-19 02:24 - 00001313 ____T C:\Temp\MAR9D2.tmp
2013-07-19 02:24 - 2013-07-19 02:24 - 00001285 ____T C:\Temp\MAR9D4.tmp
2013-07-19 02:22 - 2013-07-19 02:22 - 00049152 _____ C:\Temp\~DFC222.tmp
2013-07-17 19:00 - 2013-07-17 19:00 - 00001313 ____T C:\Temp\MAR9D0.tmp
2013-07-17 19:00 - 2013-07-17 19:00 - 00001285 ____T C:\Temp\MAR9D1.tmp
2013-07-17 18:58 - 2013-07-17 18:58 - 00049152 _____ C:\Temp\~DFD784.tmp
2013-07-16 20:35 - 2013-07-16 20:35 - 00047416 ____T C:\Temp\DIOADD.tmp
2013-07-16 20:34 - 2013-07-16 20:34 - 00047416 ____T C:\Temp\DIOA20.tmp
2013-07-16 20:34 - 2013-07-16 20:34 - 00047416 ____T C:\Temp\DIO9EB.tmp
2013-07-16 19:00 - 2013-07-16 19:02 - 00004392 _____ C:\Temp\HPWUCl082.log
2013-07-16 18:57 - 2013-07-16 18:57 - 00001313 ____T C:\Temp\MAR9CE.tmp
2013-07-16 18:57 - 2013-07-16 18:57 - 00001285 ____T C:\Temp\MAR9CF.tmp
2013-07-16 18:55 - 2013-07-16 18:55 - 00049152 _____ C:\Temp\~DF9742.tmp
2013-07-15 18:15 - 2013-07-15 18:15 - 00001313 ____T C:\Temp\MAR9CC.tmp
2013-07-15 18:15 - 2013-07-15 18:15 - 00001285 ____T C:\Temp\MAR9CD.tmp
2013-07-15 18:13 - 2013-07-15 18:13 - 00049152 _____ C:\Temp\~DFF71D.tmp
2013-07-15 04:54 - 2013-07-15 04:54 - 00001313 ____T C:\Temp\MAR9CA.tmp
2013-07-15 04:54 - 2013-07-15 04:54 - 00001285 ____T C:\Temp\MAR9CB.tmp
2013-07-15 04:51 - 2013-07-15 04:51 - 00049152 _____ C:\Temp\~DFE7C.tmp
2013-07-14 15:28 - 2013-07-14 15:28 - 00001313 ____T C:\Temp\MAR9C8.tmp
2013-07-14 15:28 - 2013-07-14 15:28 - 00001285 ____T C:\Temp\MAR9C9.tmp
2013-07-14 15:26 - 2013-07-14 15:26 - 00049152 _____ C:\Temp\~DF3C5A.tmp
2013-07-14 07:45 - 2013-07-14 07:45 - 00001313 ____T C:\Temp\MAR9C6.tmp
2013-07-14 07:45 - 2013-07-14 07:45 - 00001285 ____T C:\Temp\MAR9C7.tmp
2013-07-14 07:43 - 2013-07-14 07:43 - 00049152 _____ C:\Temp\~DF2D8.tmp
2013-07-14 00:09 - 2013-07-14 00:09 - 00001313 ____T C:\Temp\MAR9C4.tmp
2013-07-14 00:09 - 2013-07-14 00:09 - 00001285 ____T C:\Temp\MAR9C5.tmp
2013-07-14 00:08 - 2013-07-14 00:08 - 00049152 _____ C:\Temp\~DF298.tmp
2013-07-13 15:12 - 2013-07-13 15:12 - 00001313 ____T C:\Temp\MAR9C2.tmp
2013-07-13 15:12 - 2013-07-13 15:12 - 00001285 ____T C:\Temp\MAR9C3.tmp
2013-07-13 15:11 - 2013-07-13 15:11 - 00049152 _____ C:\Temp\~DF30AC.tmp
2013-07-13 11:11 - 2013-07-13 11:11 - 00001313 ____T C:\Temp\MAR9C0.tmp
2013-07-13 11:11 - 2013-07-13 11:11 - 00001285 ____T C:\Temp\MAR9C1.tmp
2013-07-13 11:09 - 2013-07-13 11:09 - 00049152 _____ C:\Temp\~DF2A1C.tmp
2013-07-13 11:07 - 2013-07-13 11:07 - 00000000 ____T C:\Temp\~DF607C.tmp
2013-07-13 11:03 - 2013-07-13 11:05 - 00016384 ____T C:\Temp\~DFBC83.tmp
2013-07-13 11:03 - 2013-07-13 11:03 - 00000000 ____T C:\Temp\~DFB452.tmp
2013-07-13 11:01 - 2013-07-13 11:01 - 00001313 ____T C:\Temp\MAR9BE.tmp
2013-07-13 11:01 - 2013-07-13 11:01 - 00001285 ____T C:\Temp\MAR9BF.tmp
2013-07-13 11:00 - 2013-07-13 11:00 - 00016384 ____T C:\Temp\Perflib_Perfdata_98c.dat
2013-07-13 10:59 - 2013-07-13 10:59 - 00049152 _____ C:\Temp\~DFB9C4.tmp
2013-07-12 15:09 - 2013-07-12 15:09 - 00001313 ____T C:\Temp\MAR9BC.tmp
2013-07-12 15:09 - 2013-07-12 15:09 - 00001285 ____T C:\Temp\MAR9BD.tmp
2013-07-12 15:07 - 2013-07-12 15:07 - 00049152 _____ C:\Temp\~DFAA2F.tmp
2013-07-11 21:41 - 2013-07-11 21:41 - 00123763 _____ C:\WINDOWS\KB2834904.log
2013-07-11 21:41 - 2013-07-11 21:41 - 00123541 _____ C:\WINDOWS\KB2834886.log
2013-07-11 21:41 - 2013-07-11 21:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850851$
2013-07-11 21:41 - 2013-07-11 21:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904_WM11$
2013-07-11 21:41 - 2013-07-11 21:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$
2013-07-11 21:40 - 2013-07-11 21:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845187$
2013-07-11 21:30 - 2013-07-11 21:31 - 00128951 _____ C:\WINDOWS\KB2846071-IE8.log
2013-07-11 19:03 - 2013-07-11 21:41 - 00128560 _____ C:\WINDOWS\KB2850851.log
2013-07-11 19:03 - 2013-07-11 21:40 - 00127298 _____ C:\WINDOWS\KB2845187.log
2013-07-11 18:58 - 2013-07-11 18:58 - 00001313 ____T C:\Temp\MAR9BA.tmp
2013-07-11 18:58 - 2013-07-11 18:58 - 00001285 ____T C:\Temp\MAR9BB.tmp
2013-07-11 18:56 - 2013-07-11 18:56 - 00049152 _____ C:\Temp\~DF3661.tmp
2013-07-10 19:56 - 2013-07-10 19:56 - 00001313 ____T C:\Temp\MAR9B8.tmp
2013-07-10 19:56 - 2013-07-10 19:56 - 00001285 ____T C:\Temp\MAR9B9.tmp
2013-07-10 19:54 - 2013-07-10 19:54 - 00049152 _____ C:\Temp\~DF9409.tmp
2013-07-10 18:23 - 2013-07-10 18:23 - 00001313 ____T C:\Temp\MAR9B6.tmp
2013-07-10 18:23 - 2013-07-10 18:23 - 00001285 ____T C:\Temp\MAR9B7.tmp
2013-07-10 18:21 - 2013-07-10 18:21 - 00049152 _____ C:\Temp\~DF13FD.tmp
2013-07-09 22:24 - 2013-07-09 22:24 - 00001313 ____T C:\Temp\MAR9B4.tmp
2013-07-09 22:24 - 2013-07-09 22:24 - 00001285 ____T C:\Temp\MAR9B5.tmp
2013-07-09 22:22 - 2013-07-09 22:22 - 00049152 _____ C:\Temp\~DF2052.tmp
2013-07-09 22:18 - 2013-07-09 22:18 - 04518624 _____ C:\Temp\fla9FA.tmp
2013-07-09 22:18 - 2013-07-09 22:18 - 01339208 _____ C:\Temp\fla9F8.tmp
2013-07-09 22:18 - 2013-07-09 22:18 - 01084901 _____ C:\Temp\fla9F9.tmp
2013-07-09 22:18 - 2013-07-09 22:18 - 00523260 _____ C:\Temp\fla9F7.tmp
2013-07-09 22:18 - 2013-07-09 22:18 - 00016384 ____T C:\Temp\~DFB514.tmp
2013-07-09 22:12 - 2013-07-09 22:12 - 00020480 ____T C:\Temp\~DF5F.tmp
2013-07-09 22:12 - 2013-07-09 22:12 - 00000000 ____T C:\Temp\~DFFF9A.tmp
2013-07-09 21:05 - 2013-07-09 22:11 - 00016384 ____T C:\Temp\~DF4AEB.tmp
2013-07-09 20:16 - 2013-07-09 20:16 - 00016384 ____T C:\Temp\~DF64D7.tmp
2013-07-09 19:38 - 2013-07-09 19:38 - 00001313 ____T C:\Temp\MAR9B2.tmp
2013-07-09 19:38 - 2013-07-09 19:38 - 00001285 ____T C:\Temp\MAR9B3.tmp
2013-07-09 19:36 - 2013-07-09 19:36 - 00049152 _____ C:\Temp\~DFBCB6.tmp
2013-07-09 19:36 - 2013-07-09 19:36 - 00016384 ____T C:\Temp\Perflib_Perfdata_1ac.dat
2013-07-08 21:22 - 2013-07-08 21:24 - 00002190 _____ C:\Temp\HPWUCl081.log
2013-07-08 21:19 - 2013-07-08 21:19 - 00001313 ____T C:\Temp\MAR9B0.tmp
2013-07-08 21:19 - 2013-07-08 21:19 - 00001285 ____T C:\Temp\MAR9B1.tmp
2013-07-08 21:17 - 2013-07-08 21:17 - 00049152 _____ C:\Temp\~DF4F03.tmp
2013-07-07 16:39 - 2013-07-07 16:39 - 00001313 ____T C:\Temp\MAR9AE.tmp
2013-07-07 16:39 - 2013-07-07 16:39 - 00001285 ____T C:\Temp\MAR9AF.tmp
2013-07-07 16:37 - 2013-07-07 16:37 - 00049152 _____ C:\Temp\~DFF32A.tmp
==================== One Month Modified Files and Folders =======
2013-08-06 21:36 - 2013-08-06 21:35 - 00005377 _____ C:\Temp\log1
2013-08-06 21:35 - 2013-08-06 21:34 - 00011137 _____ C:\Temp\frstlog
2013-08-06 21:34 - 2013-08-06 21:34 - 00000303 _____ C:\Temp\users00
2013-08-06 21:34 - 2013-08-06 21:34 - 00000003 _____ C:\Temp\others
2013-08-06 21:32 - 2011-01-31 21:45 - 00000434 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{2F660A0B-21EB-4224-A64D-9FCAFC9DDFD5}.job
2013-08-06 21:31 - 2013-08-06 21:31 - 00000962 _____ C:\Dokumente und Einstellungen\Karo\Desktop\Fixlist.txt
2013-08-06 21:27 - 2013-08-06 21:22 - 00016384 ____T C:\Temp\~DFCCF7.tmp
2013-08-06 21:23 - 2011-01-31 23:43 - 01476342 _____ C:\Temp\jusched.log
2013-08-06 21:22 - 2013-08-06 21:22 - 00032768 _____ C:\Temp\~DF3897.tmp
2013-08-06 21:22 - 2013-08-06 21:22 - 00032768 _____ C:\Temp\~DF370D.tmp
2013-08-06 21:22 - 2013-08-06 21:22 - 00016384 _____ C:\Temp\~DF3776.tmp
2013-08-06 21:22 - 2013-08-06 21:22 - 00000512 ____T C:\Temp\~DF38A5.tmp
2013-08-06 21:22 - 2013-08-06 21:22 - 00000512 ____T C:\Temp\~DF3789.tmp
2013-08-06 21:22 - 2013-08-06 21:22 - 00000512 ____T C:\Temp\~DF371B.tmp
2013-08-06 21:22 - 2013-08-06 21:22 - 00000000 ____T C:\Temp\~DFC487.tmp
2013-08-06 21:20 - 2011-04-30 12:06 - 00159355 _____ C:\Temp\lws.man.xml
2013-08-06 21:20 - 2011-04-30 12:06 - 00000128 _____ C:\Temp\lws.man.xml.sig
2013-08-06 21:19 - 2013-08-06 21:19 - 00001313 ____T C:\Temp\MARA22.tmp
2013-08-06 21:19 - 2013-08-06 21:19 - 00001285 ____T C:\Temp\MARA23.tmp
2013-08-06 21:19 - 2013-08-06 21:19 - 00000000 ____D C:\Temp\svkgh.tmp
2013-08-06 21:19 - 2011-02-02 16:26 - 00401416 _____ C:\Temp\hpqddusr.log
2013-08-06 21:19 - 2011-02-01 20:50 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat
2013-08-06 21:19 - 2011-01-31 23:37 - 00000000 _____ C:\WINDOWS\RTacDbg.txt
2013-08-06 21:18 - 2013-08-06 21:18 - 00000281 _____ C:\Temp\upr13.tmp
2013-08-06 21:18 - 2013-08-06 21:18 - 00000072 _____ C:\Temp\upe19.tmp
2013-08-06 21:18 - 2013-08-06 21:18 - 00000000 ____D C:\Temp\WPDNSE
2013-08-06 21:18 - 2013-07-30 15:10 - 00000346 _____ C:\WINDOWS\Tasks\LyricXeeker Update.job
2013-08-06 21:18 - 2011-04-29 20:01 - 00000000 ____D C:\WINDOWS\system32\logishrd
2013-08-06 21:18 - 2011-02-02 16:20 - 00756594 _____ C:\Temp\AdobeARM.log
2013-08-06 21:18 - 2011-02-02 15:48 - 00000157 _____ C:\WINDOWS\wiadebug.log
2013-08-06 21:18 - 2011-02-02 15:48 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-08-06 21:18 - 2011-01-31 20:43 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-08-06 21:17 - 2011-01-31 20:43 - 00032504 _____ C:\WINDOWS\SchedLgU.Txt
2013-08-06 21:16 - 2011-01-31 20:36 - 01572126 _____ C:\WINDOWS\WindowsUpdate.log
2013-08-06 16:41 - 2011-02-02 00:25 - 00000190 ___SH C:\Dokumente und Einstellungen\Karo\ntuser.ini
2013-08-06 16:41 - 2011-02-02 00:25 - 00000000 ____D C:\Dokumente und Einstellungen\Karo
2013-08-06 16:39 - 2012-10-16 21:22 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-08-06 15:48 - 2013-07-31 15:16 - 01228808 _____ (Farbar) C:\Dokumente und Einstellungen\Karo\Desktop\FRST.exe
2013-08-06 15:38 - 2013-08-06 15:38 - 00001313 ____T C:\Temp\MARA20.tmp
2013-08-06 15:38 - 2013-08-06 15:38 - 00001285 ____T C:\Temp\MARA21.tmp
2013-08-06 15:37 - 2013-08-06 15:37 - 00000281 _____ C:\Temp\upr12.tmp
2013-08-06 15:37 - 2013-08-06 15:37 - 00000072 _____ C:\Temp\upe18.tmp
2013-08-05 20:43 - 2013-08-05 20:43 - 00000072 _____ C:\Temp\upeA22.tmp
2013-08-05 20:41 - 2013-08-05 20:41 - 00001313 ____T C:\Temp\MARA1E.tmp
2013-08-05 20:41 - 2013-08-05 20:41 - 00001285 ____T C:\Temp\MARA1F.tmp
2013-08-05 20:41 - 2013-08-05 20:41 - 00000000 _____ C:\Temp\upe8FC.tmp
2013-08-05 20:40 - 2013-08-05 20:40 - 00000000 _____ C:\Temp\upe17.tmp
2013-08-05 20:39 - 2013-08-05 20:39 - 00000000 _____ C:\Temp\upr11.tmp
2013-08-05 17:19 - 2013-08-05 17:19 - 00001313 ____T C:\Temp\MARA1C.tmp
2013-08-05 17:19 - 2013-08-05 17:19 - 00001285 ____T C:\Temp\MARA1D.tmp
2013-08-05 17:18 - 2013-08-05 17:18 - 00000281 _____ C:\Temp\upr10.tmp
2013-08-05 17:18 - 2013-08-05 17:18 - 00000072 _____ C:\Temp\upe16.tmp
2013-08-05 16:42 - 2012-12-09 23:37 - 00001018 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-299502267-1682526488-1547161642-1003UA.job
2013-08-05 16:14 - 2013-08-05 16:14 - 00000072 _____ C:\Temp\upeA1F.tmp
2013-08-05 16:12 - 2013-08-05 16:12 - 00001313 ____T C:\Temp\MARA1A.tmp
2013-08-05 16:12 - 2013-08-05 16:12 - 00001285 ____T C:\Temp\MARA1B.tmp
2013-08-05 16:12 - 2013-08-05 16:12 - 00000000 _____ C:\Temp\upe77D.tmp
2013-08-05 16:12 - 2004-08-04 13:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2013-08-05 16:11 - 2013-08-05 16:11 - 00000000 _____ C:\Temp\upe15.tmp
2013-08-05 16:10 - 2013-08-05 16:10 - 00000000 _____ C:\Temp\uprE.tmp
2013-08-05 16:01 - 2013-08-05 16:01 - 00028832 _____ C:\Temp\java_install.log
2013-08-05 16:01 - 2011-02-06 21:17 - 00000000 ____D C:\Temp\hsperfdata_Karo
2013-08-05 16:01 - 2011-01-31 23:43 - 00012444 _____ C:\Temp\AUCHECK_PARSER.txt
2013-08-05 16:01 - 2011-01-31 23:43 - 00008352 _____ C:\Temp\java_install_reg.log
2013-08-05 16:01 - 2011-01-31 23:43 - 00000777 _____ C:\Temp\JAUReg.log
2013-08-05 16:01 - 2011-01-31 23:43 - 00000000 ____D C:\Programme\Java
2013-08-05 16:00 - 2013-08-05 16:00 - 00077824 _____ C:\Temp\f69ce.mst
2013-08-05 15:59 - 2013-07-25 12:43 - 00001714 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader X.lnk
2013-08-05 15:55 - 2013-08-05 15:55 - 00448512 _____ (OldTimer Tools) C:\Dokumente und Einstellungen\Karo\Desktop\TFC.exe
2013-08-05 15:53 - 2013-08-05 15:53 - 00392032 _____ (Softonic ) C:\Dokumente und Einstellungen\Karo\Desktop\SoftonicDownloader_fuer_temp-file-cleaner.exe
2013-08-05 15:46 - 2013-08-05 15:46 - 00001313 ____T C:\Temp\MARA18.tmp
2013-08-05 15:46 - 2013-08-05 15:46 - 00001285 ____T C:\Temp\MARA19.tmp
2013-08-05 15:45 - 2013-08-05 15:45 - 00000281 _____ C:\Temp\uprD.tmp
2013-08-05 15:45 - 2013-08-05 15:45 - 00000072 _____ C:\Temp\upe14.tmp
2013-08-04 16:56 - 2013-08-04 16:56 - 00001313 ____T C:\Temp\MARA16.tmp
2013-08-04 16:56 - 2013-08-04 16:56 - 00001285 ____T C:\Temp\MARA17.tmp
2013-08-04 16:55 - 2013-08-04 16:55 - 00000281 _____ C:\Temp\uprC.tmp
2013-08-04 16:55 - 2013-08-04 16:55 - 00000072 _____ C:\Temp\upe13.tmp
2013-08-03 12:31 - 2013-07-31 15:28 - 00029321 _____ C:\Dokumente und Einstellungen\Karo\Desktop\Addition.txt
2013-08-03 12:18 - 2013-08-03 12:18 - 00000000 ____D C:\Temp\RarSFX0
2013-08-03 12:15 - 2013-08-03 12:14 - 00891098 _____ C:\Dokumente und Einstellungen\Karo\Desktop\SecurityCheck.exe
2013-08-03 12:12 - 2011-01-31 20:24 - 00000000 ____D C:\Programme
2013-08-03 03:33 - 2013-08-03 03:33 - 00001313 ____T C:\Temp\MARA14.tmp
2013-08-03 03:33 - 2013-08-03 03:33 - 00001285 ____T C:\Temp\MARA15.tmp
2013-08-03 03:32 - 2013-08-03 03:32 - 00000073 _____ C:\Temp\upe12.tmp
2013-08-03 03:32 - 2013-08-03 03:31 - 00000281 _____ C:\Temp\uprB.tmp
2013-08-02 23:57 - 2013-08-02 23:57 - 03126311 _____ C:\Temp\NOD377B.tmp
2013-08-02 23:57 - 2013-08-02 23:57 - 00000333 _____ C:\Temp\NOD3B87.tmp
2013-08-02 23:56 - 2011-02-02 15:08 - 00326440 _____ C:\WINDOWS\setupapi.log
2013-08-02 23:52 - 2011-03-02 22:16 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2013-08-02 23:52 - 2011-02-09 19:14 - 00887392 _____ C:\WINDOWS\iis6.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00822944 _____ C:\WINDOWS\FaxSetup.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00421396 _____ C:\WINDOWS\ocgen.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00376963 _____ C:\WINDOWS\tsoc.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00273411 _____ C:\WINDOWS\comsetup.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00250696 _____ C:\WINDOWS\msmqinst.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00165939 _____ C:\WINDOWS\ntdtcsetup.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00144548 _____ C:\WINDOWS\netfxocm.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00056819 _____ C:\WINDOWS\MedCtrOC.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00045613 _____ C:\WINDOWS\ocmsn.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00041363 _____ C:\WINDOWS\tabletoc.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00041267 _____ C:\WINDOWS\msgsocm.log
2013-08-02 23:52 - 2011-02-09 19:14 - 00001891 _____ C:\WINDOWS\imsins.log
2013-08-02 23:46 - 2011-02-02 15:09 - 00000000 ____D C:\Temp\MSNL
2013-08-02 23:34 - 2013-08-02 23:34 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\ESET
2013-08-02 23:33 - 2013-08-02 23:33 - 00264880 _____ (ESET) C:\Temp\InstHelper.exe
2013-08-02 22:54 - 2011-02-01 20:50 - 00047112 _____ C:\Temp\AUCHECK_CORE.txt
2013-08-02 22:44 - 2013-08-02 22:44 - 00001313 ____T C:\Temp\MARA12.tmp
2013-08-02 22:44 - 2013-08-02 22:44 - 00001285 ____T C:\Temp\MARA13.tmp
2013-08-02 22:43 - 2013-08-02 22:43 - 00000281 _____ C:\Temp\uprA.tmp
2013-08-02 22:43 - 2013-08-02 22:43 - 00000073 _____ C:\Temp\upe11.tmp
2013-08-02 14:01 - 2013-08-02 14:01 - 00062770 _____ C:\Dokumente und Einstellungen\Karo\Desktop\FRST2.txt
2013-08-02 14:00 - 2013-08-02 14:00 - 00029310 _____ C:\Dokumente und Einstellungen\Karo\Desktop\Addition2.txt
2013-08-02 13:18 - 2013-08-02 13:18 - 00000073 _____ C:\Temp\upeA12.tmp
2013-08-02 13:16 - 2013-08-02 13:16 - 00001313 ____T C:\Temp\MARA10.tmp
2013-08-02 13:16 - 2013-08-02 13:16 - 00001285 ____T C:\Temp\MARA11.tmp
2013-08-02 13:16 - 2013-08-02 13:16 - 00000000 _____ C:\Temp\upeF.tmp
2013-08-02 13:15 - 2013-08-02 13:15 - 00000000 _____ C:\Temp\upr9.tmp
2013-08-02 13:15 - 2013-08-02 13:15 - 00000000 _____ C:\Temp\upeE.tmp
2013-08-02 13:12 - 2013-08-02 13:12 - 00017176 _____ C:\AdwCleaner[S1].txt
2013-08-02 13:12 - 2012-12-19 21:32 - 00000000 ____D C:\Programme\Gemeinsame Dateien\DVDVideoSoft
2013-08-02 13:12 - 2011-02-02 00:25 - 00000000 ___RD C:\Dokumente und Einstellungen\Karo\Startmenü\Programme
2013-08-02 13:10 - 2013-08-02 13:10 - 00666633 _____ C:\Dokumente und Einstellungen\Karo\Desktop\adwcleaner06.exe
2013-08-02 12:50 - 2013-08-02 12:50 - 00001313 ____T C:\Temp\MARA0E.tmp
2013-08-02 12:50 - 2013-08-02 12:50 - 00001285 ____T C:\Temp\MARA0F.tmp
2013-08-02 12:49 - 2013-08-02 12:49 - 00000073 _____ C:\Temp\upeD.tmp
2013-08-02 12:49 - 2013-08-02 12:48 - 00000281 _____ C:\Temp\upr8.tmp
2013-08-01 19:54 - 2013-08-01 19:54 - 00001313 ____T C:\Temp\MARA0C.tmp
2013-08-01 19:54 - 2013-08-01 19:54 - 00001285 ____T C:\Temp\MARA0D.tmp
2013-08-01 19:54 - 2013-08-01 19:54 - 00000073 _____ C:\Temp\upeC.tmp
2013-08-01 19:53 - 2013-08-01 19:53 - 00000281 _____ C:\Temp\upr7.tmp
2013-08-01 19:08 - 2013-08-01 19:06 - 00000213 _____ C:\Dokumente und Einstellungen\Karo\Eigene Dateien\Fixlist.txt
2013-08-01 19:01 - 2013-08-01 19:01 - 00001313 ____T C:\Temp\MARA0A.tmp
2013-08-01 19:01 - 2013-08-01 19:01 - 00001285 ____T C:\Temp\MARA0B.tmp
2013-08-01 19:00 - 2013-08-01 19:00 - 00000281 _____ C:\Temp\upr6.tmp
2013-08-01 19:00 - 2013-08-01 19:00 - 00000073 _____ C:\Temp\upe47.tmp
2013-07-31 15:22 - 2013-07-31 15:22 - 00000073 _____ C:\Temp\upeB.tmp
2013-07-31 15:22 - 2013-07-31 15:21 - 00000281 _____ C:\Temp\upr5.tmp
2013-07-31 15:17 - 2013-07-31 15:17 - 01781589 _____ (Farbar) C:\Dokumente und Einstellungen\Karo\Desktop\FRST64.exe
2013-07-31 15:16 - 2013-07-31 15:16 - 00000000 ____D C:\FRST
2013-07-31 15:00 - 2013-07-31 15:00 - 00000281 _____ C:\Temp\uprA13.tmp
2013-07-31 15:00 - 2013-07-31 15:00 - 00000073 _____ C:\Temp\upeA14.tmp
2013-07-31 14:50 - 2013-07-31 14:50 - 00001313 ____T C:\Temp\MARA08.tmp
2013-07-31 14:50 - 2013-07-31 14:50 - 00001285 ____T C:\Temp\MARA09.tmp
2013-07-31 14:49 - 2013-07-31 14:49 - 00000281 _____ C:\Temp\upr4.tmp
2013-07-31 14:49 - 2013-07-31 14:49 - 00000073 _____ C:\Temp\upeA.tmp
2013-07-31 14:37 - 2011-02-02 00:25 - 00000000 ___RD C:\Dokumente und Einstellungen\Karo\Eigene Dateien\Eigene Musik
2013-07-31 14:36 - 2013-07-31 14:32 - 00000000 ____D C:\Temp\B5EC8CB8-BAB0-7891-93B8-0638EA6B0C45
2013-07-31 14:33 - 2013-07-30 15:10 - 00000735 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Open It!.lnk
2013-07-31 14:32 - 2013-07-31 14:32 - 00000281 _____ C:\Temp\uprF.tmp
2013-07-31 14:32 - 2013-07-31 14:32 - 00000073 _____ C:\Temp\upe10.tmp
2013-07-31 14:32 - 2013-07-31 14:32 - 00000000 ____D C:\Temp\tmp1985
2013-07-31 14:32 - 2013-07-31 14:32 - 00000000 ____D C:\Temp\ish135531
2013-07-31 14:32 - 2013-07-31 14:32 - 00000000 ____D C:\Programme\LyriXeeker
2013-07-31 14:32 - 2013-07-30 15:09 - 00000000 ____D C:\Temp\is357113909
2013-07-31 14:31 - 2013-07-31 14:31 - 00000281 _____ C:\Temp\upr3.tmp
2013-07-31 14:31 - 2013-07-31 14:31 - 00000073 _____ C:\Temp\upe9.tmp
2013-07-31 13:59 - 2013-07-31 13:52 - 00000000 ____D C:\Temp\CFC193DF-BAB0-7891-BDCD-EA1E26220A59
2013-07-31 13:56 - 2013-07-31 13:56 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Qtrax
2013-07-31 13:52 - 2013-07-31 13:52 - 00000281 _____ C:\Temp\uprA12.tmp
2013-07-31 13:52 - 2013-07-31 13:52 - 00000073 _____ C:\Temp\upeA13.tmp
2013-07-31 13:52 - 2013-07-31 13:52 - 00000000 ____D C:\Temp\tmp6241
2013-07-31 13:52 - 2013-07-31 13:52 - 00000000 ____D C:\Temp\ish18754078
2013-07-31 08:47 - 2013-07-31 08:45 - 00004392 _____ C:\Temp\HPWUCl084.log
2013-07-31 08:42 - 2013-07-31 08:42 - 00001313 ____T C:\Temp\MARA06.tmp
2013-07-31 08:42 - 2013-07-31 08:42 - 00001285 ____T C:\Temp\MARA07.tmp
2013-07-31 08:41 - 2013-07-31 08:41 - 00000073 _____ C:\Temp\upe8.tmp
2013-07-31 08:41 - 2013-07-31 08:40 - 00000272 _____ C:\Temp\upr2.tmp
2013-07-30 19:00 - 2013-07-30 19:00 - 00001313 ____T C:\Temp\MARA04.tmp
2013-07-30 19:00 - 2013-07-30 19:00 - 00001285 ____T C:\Temp\MARA05.tmp
2013-07-30 18:59 - 2013-07-30 18:59 - 00000073 _____ C:\Temp\upe7.tmp
2013-07-30 18:59 - 2013-07-30 18:58 - 00000272 _____ C:\Temp\upr1.tmp
2013-07-30 15:14 - 2013-07-30 15:10 - 00000000 ____D C:\Temp\1EA55D3C-BAB0-7891-9DA9-F386E4DCBD17
2013-07-30 15:10 - 2013-07-30 15:10 - 00000272 _____ C:\Temp\uprA07.tmp
2013-07-30 15:10 - 2013-07-30 15:10 - 00000073 _____ C:\Temp\upeA08.tmp
2013-07-30 15:10 - 2013-07-30 15:10 - 00000000 ____D C:\Temp\tmp1978
2013-07-30 15:10 - 2013-07-30 15:10 - 00000000 ____D C:\Temp\{2F822836-52C6-427A-8690-91732CB6F143}
2013-07-30 15:10 - 2013-07-30 15:10 - 00000000 ____D C:\Programme\OpenIt
2013-07-30 15:10 - 2013-07-30 15:10 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\DigitalSite
2013-07-30 15:09 - 2013-07-30 15:09 - 00717160 _____ C:\Dokumente und Einstellungen\Karo\Eigene Dateien\ZipOpenerSetup.exe
2013-07-30 15:09 - 2013-07-30 15:09 - 00000000 ____D C:\Temp\ish6262156
2013-07-30 13:41 - 2011-02-08 15:22 - 00000276 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2013-07-30 13:30 - 2013-07-30 13:30 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\Windows Search
2013-07-30 13:27 - 2013-07-30 13:27 - 00001313 ____T C:\Temp\MARA02.tmp
2013-07-30 13:27 - 2013-07-30 13:27 - 00001285 ____T C:\Temp\MARA03.tmp
2013-07-30 12:35 - 2013-04-14 20:54 - 00000000 ____D C:\Temp\nsd92C.tmp
2013-07-30 12:12 - 2011-02-01 23:38 - 00000000 ____D C:\Dokumente und Einstellungen\Erilk
2013-07-30 12:11 - 2011-01-31 20:44 - 00000190 ___SH C:\Dokumente und Einstellungen\Administrator\ntuser.ini
2013-07-30 11:59 - 2013-07-30 11:59 - 00001313 ____T C:\Temp\MAR9FE.tmp
2013-07-30 11:59 - 2013-07-30 11:59 - 00001285 ____T C:\Temp\MAR9FF.tmp
2013-07-30 11:55 - 2013-07-30 11:55 - 00001313 ____T C:\Temp\MARA00.tmp
2013-07-30 11:55 - 2013-07-30 11:55 - 00001285 ____T C:\Temp\MARA01.tmp
2013-07-30 11:22 - 2013-07-30 11:22 - 00001313 ____T C:\Temp\MAR9FC.tmp
2013-07-30 11:22 - 2013-07-30 11:22 - 00001285 ____T C:\Temp\MAR9FD.tmp
2013-07-30 00:04 - 2011-02-02 13:10 - 00000000 ____D C:\Temp\hsperfdata_Erilk
2013-07-29 22:42 - 2012-12-09 23:37 - 00000996 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-299502267-1682526488-1547161642-1003Core.job
2013-07-29 19:07 - 2013-07-29 19:07 - 00001313 ____T C:\Temp\MAR9FA.tmp
2013-07-29 19:07 - 2013-07-29 19:07 - 00001285 ____T C:\Temp\MAR9FB.tmp
2013-07-29 19:06 - 2013-07-29 19:06 - 00000000 ____D C:\Temp\svkah.tmp
2013-07-29 19:05 - 2013-07-29 19:05 - 00049152 _____ C:\Temp\~DF3474.tmp
2013-07-29 15:17 - 2013-07-29 15:17 - 00001313 ____T C:\Temp\MAR9F8.tmp
2013-07-29 15:17 - 2013-07-29 15:17 - 00001285 ____T C:\Temp\MAR9F9.tmp
2013-07-29 15:15 - 2013-07-29 15:15 - 00049152 _____ C:\Temp\~DF3F36.tmp
2013-07-29 12:01 - 2013-07-29 12:01 - 00001313 ____T C:\Temp\MAR9F6.tmp
2013-07-29 12:01 - 2013-07-29 12:01 - 00001285 ____T C:\Temp\MAR9F7.tmp
2013-07-29 12:00 - 2013-07-29 12:00 - 00049152 _____ C:\Temp\~DFEE53.tmp
2013-07-27 08:55 - 2013-07-27 08:55 - 00001313 ____T C:\Temp\MAR9F3.tmp
2013-07-27 08:55 - 2013-07-27 08:55 - 00001285 ____T C:\Temp\MAR9F5.tmp
2013-07-27 08:53 - 2013-07-27 08:53 - 00049152 _____ C:\Temp\~DF27CC.tmp
2013-07-27 02:41 - 2013-07-27 02:41 - 00001313 ____T C:\Temp\MAR9F2.tmp
2013-07-27 02:41 - 2013-07-27 02:41 - 00001285 ____T C:\Temp\MAR9F4.tmp
2013-07-27 02:39 - 2013-07-27 02:39 - 00049152 _____ C:\Temp\~DFD3.tmp
2013-07-27 02:36 - 2013-07-27 02:36 - 00016384 ____T C:\Temp\~DF2345.tmp
2013-07-27 02:35 - 2013-07-27 02:35 - 00016384 ____T C:\Temp\~DF9B0D.tmp
2013-07-27 02:35 - 2013-07-27 02:35 - 00000000 ____D C:\Temp\WER104a.dir00
2013-07-27 02:35 - 2013-07-27 02:35 - 00000000 ____D C:\Temp\WER1022.dir00
2013-07-27 02:34 - 2013-07-27 02:34 - 00016384 ____T C:\Temp\~DF2B6.tmp
2013-07-27 02:33 - 2013-07-27 02:33 - 00016384 ____T C:\Temp\~DF652B.tmp
2013-07-27 02:33 - 2013-07-27 02:33 - 00016384 ____T C:\Temp\~DF24D8.tmp
2013-07-27 02:32 - 2013-07-27 02:32 - 00000000 ____T C:\Temp\~DF998F.tmp
2013-07-27 02:30 - 2013-07-27 02:30 - 00000000 ____T C:\Temp\~DF7A36.tmp
2013-07-27 02:29 - 2013-07-27 02:29 - 18655396 _____ C:\Temp\fla9F3.tmp
2013-07-27 02:29 - 2013-07-27 02:29 - 00000000 ____T C:\Temp\~DF1194.tmp
2013-07-27 02:28 - 2013-07-27 02:03 - 00016384 ____T C:\Temp\~DF237.tmp
2013-07-27 02:03 - 2013-07-27 02:03 - 00001313 ____T C:\Temp\MAR9F0.tmp
2013-07-27 02:03 - 2013-07-27 02:03 - 00001285 ____T C:\Temp\MAR9F1.tmp
2013-07-27 02:03 - 2013-07-27 02:03 - 00000000 ____T C:\Temp\~DFBE36.tmp
2013-07-27 02:02 - 2013-07-27 02:02 - 00049152 _____ C:\Temp\~DF2A07.tmp
2013-07-27 02:02 - 2013-07-27 02:02 - 00016384 ____T C:\Temp\Perflib_Perfdata_fe8.dat
2013-07-26 14:58 - 2013-07-26 14:58 - 00000000 ____T C:\Temp\~DFC07F.tmp
2013-07-26 14:58 - 2013-07-26 14:58 - 00000000 ____T C:\Temp\~DFB5B8.tmp
2013-07-26 14:48 - 2013-07-26 14:48 - 00001313 ____T C:\Temp\MAR9EE.tmp
2013-07-26 14:48 - 2013-07-26 14:48 - 00001285 ____T C:\Temp\MAR9EF.tmp
2013-07-26 14:47 - 2013-07-26 14:47 - 00016384 ____T C:\Temp\Perflib_Perfdata_7c0.dat
2013-07-26 14:46 - 2013-07-26 14:46 - 00049152 _____ C:\Temp\~DF209D.tmp
2013-07-25 21:06 - 2013-07-25 21:06 - 00001313 ____T C:\Temp\MAR9EC.tmp
2013-07-25 21:06 - 2013-07-25 21:06 - 00001285 ____T C:\Temp\MAR9ED.tmp
2013-07-25 21:04 - 2013-07-25 21:04 - 00049152 _____ C:\Temp\~DF22E4.tmp
2013-07-25 12:42 - 2013-07-25 12:42 - 00000000 ____D C:\Programme\Adobe
2013-07-25 12:42 - 2011-02-02 15:33 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Adobe
2013-07-25 12:35 - 2013-07-25 12:35 - 00001313 ____T C:\Temp\MAR9EA.tmp
2013-07-25 12:35 - 2013-07-25 12:35 - 00001285 ____T C:\Temp\MAR9EB.tmp
2013-07-25 12:33 - 2013-07-25 12:33 - 00049152 _____ C:\Temp\~DF7DC4.tmp
2013-07-25 00:26 - 2013-07-25 00:26 - 00001313 ____T C:\Temp\MAR9E7.tmp
2013-07-25 00:26 - 2013-07-25 00:26 - 00001285 ____T C:\Temp\MAR9E9.tmp
2013-07-25 00:24 - 2013-07-25 00:24 - 00049152 _____ C:\Temp\~DFD00C.tmp
2013-07-24 14:05 - 2013-07-24 14:05 - 00001313 ____T C:\Temp\MAR9E6.tmp
2013-07-24 14:05 - 2013-07-24 14:05 - 00001285 ____T C:\Temp\MAR9E8.tmp
2013-07-24 14:03 - 2013-07-24 14:03 - 00049152 _____ C:\Temp\~DFF7C6.tmp
2013-07-23 23:23 - 2013-07-23 23:21 - 00004392 _____ C:\Temp\HPWUCl083.log
2013-07-23 23:19 - 2013-07-23 23:19 - 00001313 ____T C:\Temp\MAR9E4.tmp
2013-07-23 23:19 - 2013-07-23 23:19 - 00001285 ____T C:\Temp\MAR9E5.tmp
2013-07-23 23:17 - 2013-07-23 23:17 - 00049152 _____ C:\Temp\~DF6ACC.tmp
2013-07-23 15:02 - 2013-07-23 15:02 - 00001313 ____T C:\Temp\MAR9E2.tmp
2013-07-23 15:02 - 2013-07-23 15:02 - 00001285 ____T C:\Temp\MAR9E3.tmp
2013-07-23 15:00 - 2013-07-23 15:00 - 00049152 _____ C:\Temp\~DFDDC5.tmp
2013-07-23 12:34 - 2013-07-23 12:34 - 00001313 ____T C:\Temp\MAR9E0.tmp
2013-07-23 12:34 - 2013-07-23 12:34 - 00001285 ____T C:\Temp\MAR9E1.tmp
2013-07-23 12:32 - 2013-07-23 12:32 - 00049152 _____ C:\Temp\~DFE25E.tmp
2013-07-23 00:49 - 2013-07-23 00:49 - 00001313 ____T C:\Temp\MAR9DE.tmp
2013-07-23 00:49 - 2013-07-23 00:49 - 00001285 ____T C:\Temp\MAR9DF.tmp
2013-07-23 00:47 - 2013-07-23 00:47 - 00049152 _____ C:\Temp\~DF1E6A.tmp
2013-07-22 14:31 - 2013-07-22 14:31 - 00001313 ____T C:\Temp\MAR9DC.tmp
2013-07-22 14:31 - 2013-07-22 14:31 - 00001285 ____T C:\Temp\MAR9DD.tmp
2013-07-22 14:29 - 2013-07-22 14:29 - 00049152 _____ C:\Temp\~DFE12A.tmp
2013-07-21 22:39 - 2013-07-21 22:19 - 00016384 ____T C:\Temp\~DFF32C.tmp
2013-07-21 22:19 - 2013-07-21 22:19 - 00000000 ____T C:\Temp\~DFEACA.tmp
2013-07-21 16:38 - 2013-07-21 16:38 - 00001313 ____T C:\Temp\MAR9DA.tmp
2013-07-21 16:38 - 2013-07-21 16:38 - 00001285 ____T C:\Temp\MAR9DB.tmp
2013-07-21 16:37 - 2013-07-21 16:37 - 00016384 ____T C:\Temp\Perflib_Perfdata_9cc.dat
2013-07-21 16:36 - 2013-07-21 16:36 - 00049152 _____ C:\Temp\~DF8E7.tmp
2013-07-21 16:33 - 2013-07-21 16:28 - 00016384 ____T C:\Temp\~DFFB26.tmp
2013-07-21 16:32 - 2013-07-21 16:28 - 00016384 ____T C:\Temp\~DFE8E2.tmp
2013-07-21 16:30 - 2013-07-21 16:29 - 00016384 ____T C:\Temp\~DFF9F2.tmp
2013-07-21 16:30 - 2013-07-21 16:28 - 00016384 ____T C:\Temp\~DF9676.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00057344 ____T C:\Temp\~DF41EB.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00000000 ____T C:\Temp\~DFCB8A.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00000000 ____T C:\Temp\~DFBA2C.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00000000 ____T C:\Temp\~DF8322.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00000000 ____T C:\Temp\~DF521.tmp
2013-07-21 16:29 - 2013-07-21 16:29 - 00000000 ____T C:\Temp\~DF2964.tmp
2013-07-21 16:29 - 2013-07-21 16:28 - 00016384 ____T C:\Temp\~DF8474.tmp
2013-07-21 16:28 - 2013-07-21 16:28 - 00000000 ____T C:\Temp\~DF2D5C.tmp
2013-07-21 16:27 - 2013-07-21 16:23 - 00016384 ____T C:\Temp\~DFD4C7.tmp
2013-07-21 16:23 - 2013-07-21 16:23 - 00016384 ____T C:\Temp\~DFC7E7.tmp
2013-07-21 14:04 - 2013-07-21 14:04 - 00001313 ____T C:\Temp\MAR9D8.tmp
2013-07-21 14:04 - 2013-07-21 14:04 - 00001285 ____T C:\Temp\MAR9D9.tmp
2013-07-21 14:03 - 2013-07-21 14:03 - 00049152 _____ C:\Temp\~DFE92F.tmp
2013-07-20 16:09 - 2013-07-20 16:09 - 00001313 ____T C:\Temp\MAR9D6.tmp
2013-07-20 16:09 - 2013-07-20 16:09 - 00001285 ____T C:\Temp\MAR9D7.tmp
2013-07-20 16:08 - 2013-07-20 16:08 - 00049152 _____ C:\Temp\~DFEB37.tmp
2013-07-20 14:17 - 2013-07-20 14:17 - 00001313 ____T C:\Temp\MAR9D3.tmp
2013-07-20 14:17 - 2013-07-20 14:17 - 00001285 ____T C:\Temp\MAR9D5.tmp
2013-07-20 14:15 - 2013-07-20 14:15 - 00049152 _____ C:\Temp\~DF576E.tmp
2013-07-19 02:24 - 2013-07-19 02:24 - 00001313 ____T C:\Temp\MAR9D2.tmp
2013-07-19 02:24 - 2013-07-19 02:24 - 00001285 ____T C:\Temp\MAR9D4.tmp
2013-07-19 02:22 - 2013-07-19 02:22 - 00049152 _____ C:\Temp\~DFC222.tmp
2013-07-17 19:00 - 2013-07-17 19:00 - 00001313 ____T C:\Temp\MAR9D0.tmp
2013-07-17 19:00 - 2013-07-17 19:00 - 00001285 ____T C:\Temp\MAR9D1.tmp
2013-07-17 18:58 - 2013-07-17 18:58 - 00049152 _____ C:\Temp\~DFD784.tmp
2013-07-16 20:47 - 2013-03-17 20:41 - 00000637 _____ C:\Temp\IOConnection.txt
2013-07-16 20:35 - 2013-07-16 20:35 - 00047416 ____T C:\Temp\DIOADD.tmp
2013-07-16 20:34 - 2013-07-16 20:34 - 00047416 ____T C:\Temp\DIOA20.tmp
2013-07-16 20:34 - 2013-07-16 20:34 - 00047416 ____T C:\Temp\DIO9EB.tmp
2013-07-16 19:02 - 2013-07-16 19:00 - 00004392 _____ C:\Temp\HPWUCl082.log
2013-07-16 18:57 - 2013-07-16 18:57 - 00001313 ____T C:\Temp\MAR9CE.tmp
2013-07-16 18:57 - 2013-07-16 18:57 - 00001285 ____T C:\Temp\MAR9CF.tmp
2013-07-16 18:55 - 2013-07-16 18:55 - 00049152 _____ C:\Temp\~DF9742.tmp
2013-07-15 18:15 - 2013-07-15 18:15 - 00001313 ____T C:\Temp\MAR9CC.tmp
2013-07-15 18:15 - 2013-07-15 18:15 - 00001285 ____T C:\Temp\MAR9CD.tmp
2013-07-15 18:13 - 2013-07-15 18:13 - 00049152 _____ C:\Temp\~DFF71D.tmp
2013-07-15 04:54 - 2013-07-15 04:54 - 00001313 ____T C:\Temp\MAR9CA.tmp
2013-07-15 04:54 - 2013-07-15 04:54 - 00001285 ____T C:\Temp\MAR9CB.tmp
2013-07-15 04:51 - 2013-07-15 04:51 - 00049152 _____ C:\Temp\~DFE7C.tmp
2013-07-14 15:28 - 2013-07-14 15:28 - 00001313 ____T C:\Temp\MAR9C8.tmp
2013-07-14 15:28 - 2013-07-14 15:28 - 00001285 ____T C:\Temp\MAR9C9.tmp
2013-07-14 15:26 - 2013-07-14 15:26 - 00049152 _____ C:\Temp\~DF3C5A.tmp
2013-07-14 07:45 - 2013-07-14 07:45 - 00001313 ____T C:\Temp\MAR9C6.tmp
2013-07-14 07:45 - 2013-07-14 07:45 - 00001285 ____T C:\Temp\MAR9C7.tmp
2013-07-14 07:43 - 2013-07-14 07:43 - 00049152 _____ C:\Temp\~DF2D8.tmp
2013-07-14 00:09 - 2013-07-14 00:09 - 00001313 ____T C:\Temp\MAR9C4.tmp
2013-07-14 00:09 - 2013-07-14 00:09 - 00001285 ____T C:\Temp\MAR9C5.tmp
2013-07-14 00:08 - 2013-07-14 00:08 - 00049152 _____ C:\Temp\~DF298.tmp
2013-07-13 15:12 - 2013-07-13 15:12 - 00001313 ____T C:\Temp\MAR9C2.tmp
2013-07-13 15:12 - 2013-07-13 15:12 - 00001285 ____T C:\Temp\MAR9C3.tmp
2013-07-13 15:11 - 2013-07-13 15:11 - 00049152 _____ C:\Temp\~DF30AC.tmp
2013-07-13 11:11 - 2013-07-13 11:11 - 00001313 ____T C:\Temp\MAR9C0.tmp
2013-07-13 11:11 - 2013-07-13 11:11 - 00001285 ____T C:\Temp\MAR9C1.tmp
2013-07-13 11:09 - 2013-07-13 11:09 - 00049152 _____ C:\Temp\~DF2A1C.tmp
2013-07-13 11:07 - 2013-07-13 11:07 - 00000000 ____T C:\Temp\~DF607C.tmp
2013-07-13 11:05 - 2013-07-13 11:03 - 00016384 ____T C:\Temp\~DFBC83.tmp
2013-07-13 11:03 - 2013-07-13 11:03 - 00000000 ____T C:\Temp\~DFB452.tmp
2013-07-13 11:01 - 2013-07-13 11:01 - 00001313 ____T C:\Temp\MAR9BE.tmp
2013-07-13 11:01 - 2013-07-13 11:01 - 00001285 ____T C:\Temp\MAR9BF.tmp
2013-07-13 11:00 - 2013-07-13 11:00 - 00016384 ____T C:\Temp\Perflib_Perfdata_98c.dat
2013-07-13 10:59 - 2013-07-13 10:59 - 00049152 _____ C:\Temp\~DFB9C4.tmp
2013-07-12 15:41 - 2011-01-31 21:24 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-07-12 15:16 - 2011-02-14 19:01 - 00000649 _____ C:\Temp\AdobeARM_NotLocked.log
2013-07-12 15:09 - 2013-07-12 15:09 - 00001313 ____T C:\Temp\MAR9BC.tmp
2013-07-12 15:09 - 2013-07-12 15:09 - 00001285 ____T C:\Temp\MAR9BD.tmp
2013-07-12 15:07 - 2013-07-12 15:07 - 00049152 _____ C:\Temp\~DFAA2F.tmp
2013-07-12 15:06 - 2012-09-26 20:13 - 00000000 ____D C:\Programme\Microsoft Silverlight
2013-07-12 15:06 - 2011-01-31 20:22 - 00121336 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-07-11 21:41 - 2013-07-11 21:41 - 00123763 _____ C:\WINDOWS\KB2834904.log
2013-07-11 21:41 - 2013-07-11 21:41 - 00123541 _____ C:\WINDOWS\KB2834886.log
2013-07-11 21:41 - 2013-07-11 21:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850851$
2013-07-11 21:41 - 2013-07-11 21:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904_WM11$
2013-07-11 21:41 - 2013-07-11 21:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$
2013-07-11 21:41 - 2013-07-11 19:03 - 00128560 _____ C:\WINDOWS\KB2850851.log
2013-07-11 21:41 - 2011-02-09 19:14 - 00001374 _____ C:\WINDOWS\imsins.BAK
2013-07-11 21:40 - 2013-07-11 21:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845187$
2013-07-11 21:40 - 2013-07-11 19:03 - 00127298 _____ C:\WINDOWS\KB2845187.log
2013-07-11 21:40 - 2011-01-31 20:24 - 01034830 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-07-11 21:32 - 2011-01-31 21:33 - 75699896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-07-11 21:31 - 2013-07-11 21:30 - 00128951 _____ C:\WINDOWS\KB2846071-IE8.log
2013-07-11 21:31 - 2011-02-09 19:14 - 00067906 _____ C:\WINDOWS\updspapi.log
2013-07-11 21:31 - 2011-01-31 21:35 - 00000000 ____D C:\WINDOWS\ie8updates
2013-07-11 21:23 - 2011-01-31 21:25 - 00000000 ____D C:\WINDOWS\system32\XPSViewer
2013-07-11 18:58 - 2013-07-11 18:58 - 00001313 ____T C:\Temp\MAR9BA.tmp
2013-07-11 18:58 - 2013-07-11 18:58 - 00001285 ____T C:\Temp\MAR9BB.tmp
2013-07-11 18:56 - 2013-07-11 18:56 - 00049152 _____ C:\Temp\~DF3661.tmp
2013-07-10 19:56 - 2013-07-10 19:56 - 00001313 ____T C:\Temp\MAR9B8.tmp
2013-07-10 19:56 - 2013-07-10 19:56 - 00001285 ____T C:\Temp\MAR9B9.tmp
2013-07-10 19:54 - 2013-07-10 19:54 - 00049152 _____ C:\Temp\~DF9409.tmp
2013-07-10 18:23 - 2013-07-10 18:23 - 00001313 ____T C:\Temp\MAR9B6.tmp
2013-07-10 18:23 - 2013-07-10 18:23 - 00001285 ____T C:\Temp\MAR9B7.tmp
2013-07-10 18:21 - 2013-07-10 18:21 - 00049152 _____ C:\Temp\~DF13FD.tmp
2013-07-09 22:24 - 2013-07-09 22:24 - 00001313 ____T C:\Temp\MAR9B4.tmp
2013-07-09 22:24 - 2013-07-09 22:24 - 00001285 ____T C:\Temp\MAR9B5.tmp
2013-07-09 22:22 - 2013-07-09 22:22 - 00049152 _____ C:\Temp\~DF2052.tmp
2013-07-09 22:18 - 2013-07-09 22:18 - 04518624 _____ C:\Temp\fla9FA.tmp
2013-07-09 22:18 - 2013-07-09 22:18 - 01339208 _____ C:\Temp\fla9F8.tmp
2013-07-09 22:18 - 2013-07-09 22:18 - 01084901 _____ C:\Temp\fla9F9.tmp
2013-07-09 22:18 - 2013-07-09 22:18 - 00523260 _____ C:\Temp\fla9F7.tmp
2013-07-09 22:18 - 2013-07-09 22:18 - 00016384 ____T C:\Temp\~DFB514.tmp
2013-07-09 22:12 - 2013-07-09 22:12 - 00020480 ____T C:\Temp\~DF5F.tmp
2013-07-09 22:12 - 2013-07-09 22:12 - 00000000 ____T C:\Temp\~DFFF9A.tmp
2013-07-09 22:11 - 2013-07-09 21:05 - 00016384 ____T C:\Temp\~DF4AEB.tmp
2013-07-09 20:16 - 2013-07-09 20:16 - 00016384 ____T C:\Temp\~DF64D7.tmp
2013-07-09 19:38 - 2013-07-09 19:38 - 00001313 ____T C:\Temp\MAR9B2.tmp
2013-07-09 19:38 - 2013-07-09 19:38 - 00001285 ____T C:\Temp\MAR9B3.tmp
2013-07-09 19:36 - 2013-07-09 19:36 - 00049152 _____ C:\Temp\~DFBCB6.tmp
2013-07-09 19:36 - 2013-07-09 19:36 - 00016384 ____T C:\Temp\Perflib_Perfdata_1ac.dat
2013-07-08 21:24 - 2013-07-08 21:22 - 00002190 _____ C:\Temp\HPWUCl081.log
2013-07-08 21:19 - 2013-07-08 21:19 - 00001313 ____T C:\Temp\MAR9B0.tmp
2013-07-08 21:19 - 2013-07-08 21:19 - 00001285 ____T C:\Temp\MAR9B1.tmp
2013-07-08 21:17 - 2013-07-08 21:17 - 00049152 _____ C:\Temp\~DF4F03.tmp
2013-07-07 16:39 - 2013-07-07 16:39 - 00001313 ____T C:\Temp\MAR9AE.tmp
2013-07-07 16:39 - 2013-07-07 16:39 - 00001285 ____T C:\Temp\MAR9AF.tmp
2013-07-07 16:37 - 2013-07-07 16:37 - 00049152 _____ C:\Temp\~DFF32A.tmp
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2008-04-14 06:52] - [2008-04-14 06:52] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e
C:\Windows\System32\winlogon.exe
[2008-04-14 06:53] - [2008-04-14 06:53] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a
C:\Windows\System32\svchost.exe
[2008-04-14 06:53] - [2008-04-14 06:53] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366
C:\Windows\System32\services.exe
[2008-04-14 06:53] - [2009-02-09 13:21] - 0111104 ____A (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc
C:\Windows\System32\User32.dll
[2008-04-14 06:52] - [2008-04-14 06:52] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd
C:\Windows\System32\userinit.exe
[2008-04-14 06:53] - [2008-04-14 06:53] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106
C:\Windows\System32\Drivers\volsnap.sys
[2008-04-14 06:22] - [2008-04-14 06:22] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d
==================== End Of Log ============================
|
|
07.08.2013, 10:27
| #21 |
| /// the machine /// TB-Ausbilder | BKA-Trojaner meine Frage?
__________________ --> BKA-Trojaner |
|
07.08.2013, 21:07
| #22 |
| | BKA-Trojaner Hallo Schrauber, ich komme leider nach wie vor nicht auf meinen Benutzer. Es öffnet sich immernoch diese cmd.exe mit dem (schwarzen Fenster) wenn ich drauf gehe. Ich habe alle Scans von dem Nutzer meiner Freundin durchgeführt. Da ist glaube ich, alles soweit o.k....aber leider sind trotzdem nicht meine Dateien vorhanden die ich benötige. |
|
08.08.2013, 08:25
| #23 |
| /// the machine /// TB-Ausbilder | BKA-Trojaner Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKCU\...\Run: [NTRedirect] - C:\WINDOWS\system32\rundll32.exe "C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\BabSolution\Shared\NTRedirect.dll",Run [x]
HKU\Administrator\...\Run: [] - [x]
HKU\Administrator\...\Run: [ctfmon32.exe] - C:\DOKUME~1\ALLUSE~1\ANWEND~1\rundll32.exe C:\DOKUME~1\ALLUSE~1\ANWEND~1\jhlor.dat,XFG00 [x] <===== ATTENTION
C:\DOKUME~1\ALLUSE~1\ANWEND~1\rundll32.exe
C:\DOKUME~1\ALLUSE~1\ANWEND~1\jhlor.dat
C:\Temp\*.*
C:\Dokumente und Einstellungen\Karo\Qtrax
C:\WINDOWS\Tasks\LyricXeeker Update.job
2013-07-30 15:10 - 2013-07-31 14:33 - 00000735 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Open It!.lnk
2013-07-30 15:09 - 2013-07-30 15:09 - 00717160 _____ C:\Dokumente und Einstellungen\Karo\Eigene Dateien\ZipOpenerSetup.exe
2013-07-30 15:09 - 2013-07-30 15:09 - 00000000 ____D C:\Temp\ish6262156
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Versuch deinen Nutzer nochmal.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.08.2013, 15:00
| #24 |
| | BKA-TrojanerCode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 05-08-2013
Ran by Karo at 2013-08-09 15:37:10 Run:5
Running from C:\Dokumente und Einstellungen\Karo\Desktop
Boot Mode: Normal
==============================================
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\NTRedirect => Value deleted successfully.
HKU\Administrator\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value not found.
HKU\Administrator\Software\Microsoft\Windows\CurrentVersion\Run\\ctfmon32.exe => Value not found.
"C:\DOKUME~1\ALLUSE~1\ANWEND~1\rundll32.exe" => File/Directory not found.
"C:\DOKUME~1\ALLUSE~1\ANWEND~1\jhlor.dat" => File/Directory not found.
"C:\Temp\*.*" directory move:
Could not move "C:\Temp\*.*" directory. => Scheduled to move on reboot.
C:\Dokumente und Einstellungen\Karo\Qtrax => Moved successfully.
C:\WINDOWS\Tasks\LyricXeeker Update.job => Moved successfully.
C:\Dokumente und Einstellungen\All Users\Desktop\Open It!.lnk => Moved successfully.
C:\Dokumente und Einstellungen\Karo\Eigene Dateien\ZipOpenerSetup.exe => Moved successfully.
=========== Result of Scheduled Files to move ===========
"C:\Temp\*.*" => Directory could not move.
==== End of Fixlog ====
|
|
10.08.2013, 09:27
| #25 | |
| /// the machine /// TB-Ausbilder | BKA-Trojaner Ja das ist kein Problem. Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
10.08.2013, 10:50
| #26 |
| | BKA-TrojanerCode:
ATTFilter ComboFix 13-08-09.02 - Karo 10.08.2013 11:39:37.1.2 - x86
ausgeführt von:: c:\dokumente und einstellungen\Karo\Desktop\ComboFix.exe
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\All Users\Anwendungsdaten\2433f433
c:\dokumente und einstellungen\All Users\Anwendungsdaten\8495805.pad
c:\dokumente und einstellungen\All Users\Anwendungsdaten\rolhj.pad
c:\dokumente und einstellungen\All Users\Anwendungsdaten\tr2v.pad
c:\programme\LyriXeeker\125.dll
c:\windows\system32\AegisI5Installer.exe
D:\AUTORUN.INF
D:\install.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-07-10 bis 2013-08-10 ))))))))))))))))))))))))))))))
.
.
2013-08-02 21:34 . 2013-08-02 21:34 -------- d-----w- c:\dokumente und einstellungen\Karo\Lokale Einstellungen\Anwendungsdaten\ESET
2013-08-02 21:34 . 2013-08-02 21:34 -------- d-----w- c:\dokumente und einstellungen\Karo\Anwendungsdaten\ESET
2013-08-02 21:33 . 2013-08-02 21:33 -------- d-----w- c:\dokumente und einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\ESET
2013-07-31 13:16 . 2013-08-09 13:38 -------- d-----w- C:\FRST
2013-07-31 12:32 . 2013-08-10 09:44 -------- d-----w- c:\programme\LyriXeeker
2013-07-30 13:12 . 2013-07-30 13:12 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\BrowserDefender
2013-07-30 13:10 . 2013-07-30 13:10 -------- d-----w- c:\programme\OpenIt
2013-07-30 13:10 . 2013-07-30 13:10 -------- d-----w- c:\dokumente und einstellungen\Karo\Anwendungsdaten\DigitalSite
2013-07-30 11:30 . 2013-07-30 11:30 -------- d-----w- c:\dokumente und einstellungen\Karo\Anwendungsdaten\Windows Search
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-01 16:39 . 2012-10-16 19:22 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-07-01 16:39 . 2011-06-07 17:47 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-07 21:55 . 2008-04-14 04:25 385024 ------w- c:\windows\system32\html.iec
2013-06-07 21:48 . 2008-04-14 04:52 920064 ----a-w- c:\windows\system32\wininet.dll
2013-06-07 21:48 . 2008-04-14 04:53 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-06-07 21:48 . 2008-04-14 04:52 43520 ------w- c:\windows\system32\licmgr10.dll
2013-06-05 09:08 . 2008-04-14 04:23 1876864 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 07:22 . 2008-04-14 04:52 563712 ----a-w- c:\windows\system32\qedit.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"Logitech Vid HD"="c:\programme\Logitech\Vid\vid.exe" [2010-05-11 6061400]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-12-19 16062464]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2010-12-13 281768]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2010-10-29 249064]
"AppleSyncNotifier"="c:\programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"LWS"="c:\programme\Logitech\LWS\Webcam Software\LWS.exe" [2010-05-07 165208]
"HP Software Update"="c:\programme\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"APSDaemon"="c:\programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\programme\iTunes\iTunesHelper.exe" [2011-11-12 421736]
"KiesTrayAgent"="c:\programme\Samsung\Kies\KiesTrayAgent.exe" [2012-12-03 309688]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-10 958576]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2009-03-08 128512]
"_nltide_3"="advpack.dll" [2009-03-08 128512]
.
c:\dokumente und einstellungen\Administrator\Startmenü\Programme\Autostart\
CCC.lnk - c:\programme\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152]
OpenOffice.org 3.3.lnk - c:\programme\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\dokumente und einstellungen\Karo\Startmenü\Programme\Autostart\
OpenOffice.org 3.3.lnk - c:\programme\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
HP Digital Imaging Monitor.lnk - c:\programme\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
REALTEK 11n USB Wireless LAN Utility.lnk - c:\programme\Realtek\11n USB Wireless LAN Utility\RtWLan.exe /H [2011-1-31 933888]
Windows Search.lnk - c:\programme\Windows Desktop Search\WindowsSearch.exe /startup [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programme\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\Realtek\\11n USB Wireless LAN Utility\\RtWLan.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Programme\\HP\\HP Software Update\\hpwucli.exe"=
"c:\\Programme\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
"c:\\Programme\\Gemeinsame Dateien\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Programme\\iTunes\\iTunes.exe"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=
"c:\\Programme\\Logitech\\Vid\\Vid.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1542:TCP"= 1542:TCP:Realtek WPS TCP Prot
"1542:UDP"= 1542:UDP:Realtek WPS UDP Prot
"53:UDP"= 53:UDP:Realtek AP UDP Prot
.
R2 Skype C2C Service;Skype C2C Service;c:\dokumente und einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
R2 SkypeUpdate;Skype Updater;c:\programme\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 CompFilter;UVCCompositeFilter;c:\windows\system32\DRIVERS\lvbusflt.sys [2010-05-14 20704]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-09-20 83168]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2011-02-01 583552]
R3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);c:\windows\system32\DRIVERS\sscebus.sys [2012-06-27 98560]
R3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;c:\windows\system32\DRIVERS\sscemdfl.sys [2012-06-27 14848]
R3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;c:\windows\system32\DRIVERS\sscemdm.sys [2012-06-27 123648]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-09-20 181344]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [2011-05-08 136360]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2013-08-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-16 16:39]
.
2013-07-30 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programme\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]
.
2013-08-10 c:\windows\Tasks\User_Feed_Synchronization-{2F660A0B-21EB-4224-A64D-9FCAFC9DDFD5}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
TCP: DhcpNameServer = 192.168.2.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-swg - c:\programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
HKLM_ActiveSetup-ccc-core-static - msiexec
AddRemove-01_Simmental - c:\programme\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\programme\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\programme\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\programme\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - c:\programme\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-09_Hsp - c:\programme\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\programme\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\programme\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-20_NXP_Driver - c:\programme\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-24_flashusbdriver - c:\programme\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\programme\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-08-10 11:44
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Zeit der Fertigstellung: 2013-08-10 11:46:33
ComboFix-quarantined-files.txt 2013-08-10 09:46
.
Vor Suchlauf: 7 Verzeichnis(se), 12.541.059.072 Bytes frei
Nach Suchlauf: 10 Verzeichnis(se), 16.318.201.856 Bytes frei
.
WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - BED9E95AFD742B34AF09FCBEEB7724B0
72B8CE41AF0DE751C946802B3ED844B4
|
|
10.08.2013, 10:51
| #27 |
| /// the machine /// TB-Ausbilder | BKA-Trojaner Welcher Nutzer ist der, den Du nicht starten kannst?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.08.2013, 11:50
| #28 |
| |  BKA-Trojaner ERIK...und der Nutzer Karolin geht ab und an verdammt langsam und es öffnen sich immer 2-3 komische Fenster  |
|
11.08.2013, 16:24
| #29 |
| /// the machine /// TB-Ausbilder | BKA-Trojaner Combofix-Skript
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.08.2013, 12:35
| #30 |
| | BKA-TrojanerCode:
ATTFilter ComboFix 13-08-15.03 - Karo 16.08.2013 13:02:59.3.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.49.1031.18.1918.1253 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Karo\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\dokumente und einstellungen\Karo\Desktop\CFScript.txt
AV: AntiVir Desktop *Enabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\All Users\Anwendungsdaten\BrowserDefender
c:\dokumente und einstellungen\All Users\Anwendungsdaten\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl
c:\dokumente und einstellungen\All Users\Anwendungsdaten\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll
c:\dokumente und einstellungen\All Users\Anwendungsdaten\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
c:\dokumente und einstellungen\All Users\Anwendungsdaten\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings
c:\dokumente und einstellungen\All Users\Anwendungsdaten\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\dm
c:\dokumente und einstellungen\All Users\Anwendungsdaten\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\bprotector.js
c:\dokumente und einstellungen\All Users\Anwendungsdaten\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00
c:\dokumente und einstellungen\All Users\Anwendungsdaten\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01
c:\dokumente und einstellungen\All Users\Anwendungsdaten\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02
c:\dokumente und einstellungen\All Users\Anwendungsdaten\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03
c:\dokumente und einstellungen\All Users\Anwendungsdaten\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10
c:\dokumente und einstellungen\All Users\Anwendungsdaten\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11
c:\dokumente und einstellungen\All Users\Anwendungsdaten\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12
c:\dokumente und einstellungen\All Users\Anwendungsdaten\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13
c:\dokumente und einstellungen\All Users\Anwendungsdaten\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20
c:\dokumente und einstellungen\All Users\Anwendungsdaten\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21
c:\dokumente und einstellungen\All Users\Anwendungsdaten\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22
c:\dokumente und einstellungen\All Users\Anwendungsdaten\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23
c:\dokumente und einstellungen\All Users\Anwendungsdaten\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe
c:\programme\LyriXeeker
c:\programme\LyriXeeker\125.crx
c:\programme\LyriXeeker\125.dat
c:\programme\LyriXeeker\125.xpi
c:\programme\LyriXeeker\chrome.manifest
c:\programme\LyriXeeker\LyriXupdate.exe
c:\programme\LyriXeeker\sqlite3.dll
c:\programme\LyriXeeker\Uninstall.exe
c:\programme\OpenIt
c:\programme\OpenIt\Open It!\7z.dll
c:\programme\OpenIt\Open It!\libgcc_s_dw2-1.dll
c:\programme\OpenIt\Open It!\libstdc++-6.dll
c:\programme\OpenIt\Open It!\mingwm10.dll
c:\programme\OpenIt\Open It!\openit.exe
c:\programme\OpenIt\Open It!\QtCore4.dll
c:\programme\OpenIt\Open It!\QtGui4.dll
c:\programme\OpenIt\Open It!\uninstall.exe
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_BROWSERDEFENDERT
-------\Service_BrowserDefendert
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-07-16 bis 2013-08-16 ))))))))))))))))))))))))))))))
.
.
2013-08-15 22:52 . 2013-08-15 22:56 -------- d-----w- c:\windows\system32\MRT
2013-08-10 10:48 . 2012-11-29 14:06 31584 ----a-w- c:\windows\system32\TURegOpt.exe
2013-08-10 10:48 . 2013-08-10 10:48 -------- d-----w- c:\dokumente und einstellungen\Karo\Anwendungsdaten\TuneUp Software
2013-08-10 10:48 . 2013-08-10 10:48 -------- d-----w- c:\programme\TuneUp Utilities 2013
2013-08-10 10:46 . 2013-08-10 10:46 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Babylon
2013-08-10 10:46 . 2013-08-10 10:46 -------- d-----w- c:\dokumente und einstellungen\Karo\Anwendungsdaten\Babylon
2013-08-10 10:46 . 2013-08-10 10:46 -------- d-----w- c:\programme\Gemeinsame Dateien\DVDVideoSoft
2013-08-10 10:46 . 2013-08-10 10:47 -------- d-----w- c:\programme\DVDVideoSoft
2013-08-10 10:46 . 2013-08-10 10:46 -------- d-----w- c:\dokumente und einstellungen\Karo\Anwendungsdaten\OpenCandy
2013-08-10 10:44 . 2013-08-10 11:00 -------- d-----w- c:\dokumente und einstellungen\Karo\Anwendungsdaten\DVDVideoSoft
2013-08-02 21:34 . 2013-08-02 21:34 -------- d-----w- c:\dokumente und einstellungen\Karo\Lokale Einstellungen\Anwendungsdaten\ESET
2013-08-02 21:34 . 2013-08-02 21:34 -------- d-----w- c:\dokumente und einstellungen\Karo\Anwendungsdaten\ESET
2013-08-02 21:33 . 2013-08-02 21:33 -------- d-----w- c:\dokumente und einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\ESET
2013-07-31 13:16 . 2013-08-09 13:38 -------- d-----w- C:\FRST
2013-07-30 13:10 . 2013-07-30 13:10 -------- d-----w- c:\dokumente und einstellungen\Karo\Anwendungsdaten\DigitalSite
2013-07-30 11:30 . 2013-07-30 11:30 -------- d-----w- c:\dokumente und einstellungen\Karo\Anwendungsdaten\Windows Search
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-26 02:47 . 2008-04-14 04:52 920064 ----a-w- c:\windows\system32\wininet.dll
2013-07-26 02:47 . 2008-04-14 04:53 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-07-26 02:47 . 2008-04-14 04:52 43520 ------w- c:\windows\system32\licmgr10.dll
2013-07-25 15:52 . 2008-04-14 04:25 385024 ------w- c:\windows\system32\html.iec
2013-07-10 10:37 . 2008-04-14 04:52 406016 ----a-w- c:\windows\system32\usp10.dll
2013-07-04 07:33 . 2008-04-14 07:30 2031104 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-07-04 07:33 . 2008-04-14 04:29 2152448 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-01 16:39 . 2012-10-16 19:22 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-07-01 16:39 . 2011-06-07 17:47 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-05 09:08 . 2008-04-14 04:23 1876864 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 07:22 . 2008-04-14 04:52 563712 ----a-w- c:\windows\system32\qedit.dll
2013-05-28 01:59 . 2008-04-14 04:52 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2013-05-28 01:05 . 2008-05-05 06:25 7168 ----a-w- c:\windows\system32\xpsp4res.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-07-25 15:56 277512 ----a-w- c:\programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"Logitech Vid HD"="c:\programme\Logitech\Vid\vid.exe" [2010-05-11 6061400]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-12-19 16062464]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2010-12-13 281768]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2010-10-29 249064]
"AppleSyncNotifier"="c:\programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"LWS"="c:\programme\Logitech\LWS\Webcam Software\LWS.exe" [2010-05-07 165208]
"HP Software Update"="c:\programme\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"APSDaemon"="c:\programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\programme\iTunes\iTunesHelper.exe" [2011-11-12 421736]
"KiesTrayAgent"="c:\programme\Samsung\Kies\KiesTrayAgent.exe" [2012-12-03 309688]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-10 958576]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2009-03-08 128512]
"_nltide_3"="advpack.dll" [2009-03-08 128512]
.
c:\dokumente und einstellungen\Administrator\Startmenü\Programme\Autostart\
CCC.lnk - c:\programme\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152]
OpenOffice.org 3.3.lnk - c:\programme\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\dokumente und einstellungen\Karo\Startmenü\Programme\Autostart\
OpenOffice.org 3.3.lnk - c:\programme\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
HP Digital Imaging Monitor.lnk - c:\programme\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
REALTEK 11n USB Wireless LAN Utility.lnk - c:\programme\Realtek\11n USB Wireless LAN Utility\RtWLan.exe /H [2011-1-31 933888]
Windows Search.lnk - c:\programme\Windows Desktop Search\WindowsSearch.exe /startup [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programme\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\Realtek\\11n USB Wireless LAN Utility\\RtWLan.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Programme\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Programme\\HP\\HP Software Update\\hpwucli.exe"=
"c:\\Programme\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
"c:\\Programme\\Gemeinsame Dateien\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Programme\\iTunes\\iTunes.exe"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=
"c:\\Programme\\Logitech\\Vid\\Vid.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1542:TCP"= 1542:TCP:Realtek WPS TCP Prot
"1542:UDP"= 1542:UDP:Realtek WPS UDP Prot
"53:UDP"= 53:UDP:Realtek AP UDP Prot
.
R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [01.02.2011 20:53 136360]
R2 Skype C2C Service;Skype C2C Service;c:\dokumente und einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe [02.10.2012 13:13 3064000]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [29.11.2012 16:06 1723744]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\programme\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [16.11.2012 16:38 10088]
S2 SkypeUpdate;Skype Updater;c:\programme\Skype\Updater\Updater.exe [28.02.2013 18:45 161384]
S3 CompFilter;UVCCompositeFilter;c:\windows\system32\drivers\lvbusflt.sys [14.05.2010 23:58 20704]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [19.12.2012 20:13 83168]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192su.sys [31.01.2011 23:36 583552]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);c:\windows\system32\drivers\sscebus.sys [19.12.2012 20:13 98560]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;c:\windows\system32\drivers\sscemdfl.sys [19.12.2012 20:13 14848]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;c:\windows\system32\drivers\sscemdm.sys [19.12.2012 20:13 123648]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [19.12.2012 20:13 181344]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2013-08-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-16 16:39]
.
2013-07-30 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programme\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]
.
2013-08-16 c:\windows\Tasks\User_Feed_Synchronization-{2F660A0B-21EB-4224-A64D-9FCAFC9DDFD5}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
IE: Free YouTube to MP3 Converter - c:\programme\Gemeinsame Dateien\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
TCP: DhcpNameServer = 192.168.2.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-lyrix@lyrixeeker.co - c:\programme\LyriXeeker\uninstall.exe
AddRemove-OpenIt Open It! - c:\programme\OpenIt\Open It!\uninstall.exe
AddRemove-{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} - c:\dokumente und einstellungen\All Users\Anwendungsdaten\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-08-16 13:14
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
.
c:\temp\svfp0.tmp
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 1
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'explorer.exe'(3828)
c:\windows\system32\logishrd\LVPrcInj01.dll
c:\programme\Windows Desktop Search\deskbar.dll
c:\programme\Windows Desktop Search\de-de\dbres.dll.mui
c:\programme\Windows Desktop Search\dbres.dll
c:\programme\Windows Desktop Search\wordwheel.dll
c:\programme\Windows Desktop Search\de-de\msnlExtRes.dll.mui
c:\programme\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\programme\Avira\AntiVir Desktop\avguard.exe
c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
c:\programme\Java\jre6\bin\jqs.exe
c:\programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcSrv.exe
c:\programme\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\wscntfy.exe
c:\programme\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
c:\windows\RTHDCPL.EXE
c:\programme\Logitech\LWS\Webcam Software\CameraHelperShell.exe
c:\programme\Gemeinsame Dateien\Logishrd\LQCVFX\COCIManager.exe
c:\programme\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
c:\programme\Windows Desktop Search\WindowsSearch.exe
c:\programme\OpenOffice.org 3\program\soffice.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\programme\OpenOffice.org 3\program\soffice.bin
c:\programme\iPod\bin\iPodService.exe
c:\programme\HP\Digital Imaging\bin\hpqSTE08.exe
c:\programme\HP\Digital Imaging\bin\hpqbam08.exe
c:\programme\HP\Digital Imaging\bin\hpqgpc01.exe
c:\programme\Logitech\LWS\LU\LULnchr.exe
c:\programme\Logitech\LWS\LU\LogitechUpdate.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-08-16 13:18:38 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-08-16 11:18
ComboFix2.txt 2013-08-10 09:46
.
Vor Suchlauf: 8 Verzeichnis(se), 15.221.329.920 Bytes frei
Nach Suchlauf: 10 Verzeichnis(se), 15.183.712.256 Bytes frei
.
WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 70C16069173167A9BFF9A3EB1FC67353
72B8CE41AF0DE751C946802B3ED844B4
FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-08-2013 (ATTENTION: ====> FRST version is 11 days old and could be outdated)
Ran by Karo (administrator) on 16-08-2013 13:25:29
Running from C:\Dokumente und Einstellungen\Karo\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Avira GmbH) C:\Programme\Avira\AntiVir Desktop\sched.exe
(Avira GmbH) C:\Programme\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
(Sun Microsystems, Inc.) C:\Programme\Java\jre6\bin\jqs.exe
(Logitech Inc.) C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcSrv.exe
(Avira GmbH) C:\Programme\Avira\AntiVir Desktop\avshadow.exe
(Skype Technologies S.A.) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(TuneUp Software) C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(TuneUp Software) C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Avira GmbH) C:\Programme\Avira\AntiVir Desktop\avgnt.exe
(Sun Microsystems, Inc.) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
(Logitech Inc.) C:\Programme\Logitech\LWS\Webcam Software\LWS.exe
(Hewlett-Packard) C:\Programme\HP\HP Software Update\HPWuSchd2.exe
(Apple Inc.) C:\Programme\iTunes\iTunesHelper.exe
(Samsung Electronics Co., Ltd.) C:\Programme\Samsung\Kies\KiesTrayAgent.exe
() C:\Programme\Logitech\LWS\Webcam Software\CameraHelperShell.exe
() C:\Programme\Gemeinsame Dateien\Logishrd\LQCVFX\COCIManager.exe
(Logitech Inc.) C:\Programme\Logitech\Vid\vid.exe
(Hewlett-Packard Co.) C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
(Realtek Semiconductor Corp.) C:\Programme\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
(Microsoft Corporation) C:\Programme\Windows Desktop Search\WindowsSearch.exe
(OpenOffice.org) C:\Programme\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Programme\OpenOffice.org 3\program\soffice.bin
(Apple Inc.) C:\Programme\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Programme\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Programme\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Programme\HP\Digital Imaging\bin\hpqgpc01.exe
(Logitech, Inc.) C:\Programme\Logitech\LWS\LU\LULnchr.exe
(Logitech, Inc.) C:\Programme\Logitech\LWS\LU\LogitechUpdate.exe
(Microsoft Corporation) C:\Programme\internet explorer\iexplore.exe
(Microsoft Corporation) C:\Programme\internet explorer\iexplore.exe
(Hewlett-Packard Co.) C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDCPL] - C:\Windows\RTHDCPL.EXE [16062464 2006-12-19] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SkyTel] - C:\Windows\SkyTel.EXE [2879488 2006-05-16] (Realtek Semiconductor Corp.)
HKLM\...\Run: [avgnt] - C:\Programme\Avira\AntiVir Desktop\avgnt.exe [281768 2010-12-13] (Avira GmbH)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [249064 2010-10-29] (Sun Microsystems, Inc.)
HKLM\...\Run: [AppleSyncNotifier] - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.)
HKLM\...\Run: [LWS] - C:\Programme\Logitech\LWS\Webcam Software\LWS.exe [165208 2010-05-07] (Logitech Inc.)
HKLM\...\Run: [HP Software Update] - C:\Programme\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM\...\Run: [APSDaemon] - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Programme\iTunes\iTunesHelper.exe [421736 2011-11-13] (Apple Inc.)
HKLM\...\Run: [KiesTrayAgent] - C:\Programme\Samsung\Kies\KiesTrayAgent.exe [309688 2012-12-03] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [Adobe ARM] - C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-10] (Adobe Systems Incorporated)
HKCU\...\Run: [StartCCC] - C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [90112 2006-11-10] ()
HKCU\...\Run: [Logitech Vid HD] - C:\Programme\Logitech\Vid\vid.exe [6061400 2010-05-11] (Logitech Inc.)
HKU\Administrator\...\Run: [] - [x]
HKU\Administrator\...\Run: [StartCCC] - C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [ 2006-11-10] ()
HKU\Administrator\...\Run: [swg] - "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [x]
HKU\Administrator\...\Run: [MSMSGS] - C:\Programme\Messenger\msmsgs.exe [ 2008-04-14] (Microsoft Corporation)
HKU\Administrator\...\Run: [ctfmon32.exe] - C:\DOKUME~1\ALLUSE~1\ANWEND~1\rundll32.exe C:\DOKUME~1\ALLUSE~1\ANWEND~1\jhlor.dat,XFG00 [x] <===== ATTENTION
HKU\Administrator\...\RunOnce: [FlashPlayerUpdate] - C:\WINDOWS\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe -update activex [x]
HKU\Default User\...\RunOnce: [nltide_3] - C:\Windows\System32\advpack.dll [ 2009-03-08] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [_nltide_3] - C:\Windows\System32\advpack.dll [ 2009-03-08] (Microsoft Corporation)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\REALTEK 11n USB Wireless LAN Utility.lnk
ShortcutTarget: REALTEK 11n USB Wireless LAN Utility.lnk -> C:\Programme\Realtek\11n USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Windows Search.lnk
ShortcutTarget: Windows Search.lnk -> C:\Programme\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
Startup: C:\Dokumente und Einstellungen\Karo\Startmenü\Programme\Autostart\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=641300164415FC11&affID=121564&tt=070813_wt4&tsp=4970
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=641300164415FC11&affID=121564&tt=070813_wt4&tsp=4970
SearchScopes: HKCU - {65759893-8694-43BC-876A-6699814FD7C9} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=827316&p={searchTerms}
SearchScopes: HKCU - {C8AAC839-E6AB-418F-8444-2AFA890364E6} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=DVS2&o=1586&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^AAA&apn_dtid=^YYYYYY^YY^DE&apn_uid=59755d13-de52-4e86-869b-39980b806c89&apn_sauid=7A519D86-4CC2-4414-A0B5-FA937669223B
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKCU -No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1296499764250
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ipp - No CLSID Value -
Handler: msdaipp - No CLSID Value -
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL (Skype Technologies)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Programme\Avira\AntiVir Desktop\sched.exe [136360 2011-05-08] (Avira GmbH)
R2 AntiVirService; C:\Programme\Avira\AntiVir Desktop\avguard.exe [269480 2011-06-28] (Avira GmbH)
R3 hpqcxs08; C:\Programme\HP\Digital Imaging\bin\hpqcxs08.dll [253568 2009-11-18] (Hewlett-Packard Co.)
R2 hpqddsvc; C:\Programme\HP\Digital Imaging\bin\hpqddsvc.dll [137344 2009-11-18] (Hewlett-Packard Co.)
R3 iPod Service; C:\Programme\iPod\bin\iPodService.exe [821608 2011-11-13] (Apple Inc.)
R2 LVPrcSrv; C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcSrv.exe [162648 2010-05-07] (Logitech Inc.)
R2 Skype C2C Service; C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
S2 SkypeUpdate; C:\Programme\Skype\Updater\Updater.exe [161384 2013-02-28] (Skype Technologies)
R2 TuneUp.UtilitiesSvc; C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1723744 2012-11-29] (TuneUp Software)
S3 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2009-02-04] (Microsoft Corporation)
S4 HidServ; %SystemRoot%\System32\hidserv.dll [x]
R2 JavaQuickStarterService; "C:\Programme\Java\jre6\bin\jqs.exe" -service -config "C:\Programme\Java\jre6\lib\deploy\jqs\jqs.conf" [x]
==================== Drivers (Whitelisted) ====================
R2 AegisP; C:\Windows\System32\DRIVERS\AegisP.sys [21361 2011-01-31] (Cisco Systems, Inc.)
R3 AR5416; C:\Windows\System32\DRIVERS\athw.sys [1606368 2011-01-31] (Atheros Communications, Inc.)
R1 avgio; C:\Programme\Avira\AntiVir Desktop\avgio.sys [11608 2010-06-17] (Avira GmbH)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [66616 2011-06-28] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [138192 2011-06-28] (Avira GmbH)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 CompFilter; C:\Windows\System32\DRIVERS\lvbusflt.sys [20704 2010-05-14] (Logitech Inc.)
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] (Windows (R) Server 2003 DDK provider)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49920 2008-10-29] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2008-10-29] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2008-10-29] (HP)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25824 2010-05-07] ()
S3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-14] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
S3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [11136 2008-04-14] (Microsoft Corporation)
S3 sscebus; C:\Windows\System32\DRIVERS\sscebus.sys [98560 2012-06-27] (MCCI Corporation)
S3 sscemdfl; C:\Windows\System32\DRIVERS\sscemdfl.sys [14848 2012-06-27] (MCCI Corporation)
S3 sscemdm; C:\Windows\System32\DRIVERS\sscemdm.sys [123648 2012-06-27] (MCCI Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2010-06-17] (Avira GmbH)
S3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [15232 2008-04-14] (Microsoft Corporation)
R3 TuneUpUtilitiesDrv; C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-11-16] (TuneUp Software)
S3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-14] (Microsoft Corporation)
R3 catchme; \??\C:\ComboFix\catchme.sys [x]
S4 IntelIde; No ImagePath
S3 USBAAPL; System32\Drivers\usbaapl.sys [x]
U3 mbr; \??\C:\Temp\mbr.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-16 13:25 - 2013-08-16 13:26 - 00007395 _____ C:\Temp\log1
2013-08-16 13:25 - 2013-08-16 13:25 - 00013965 _____ C:\Temp\frstlog
2013-08-16 13:25 - 2013-08-16 13:25 - 00000303 _____ C:\Temp\users00
2013-08-16 13:25 - 2013-08-16 13:25 - 00000003 _____ C:\Temp\others
2013-08-16 13:19 - 2013-08-16 13:22 - 00016384 ____T C:\Temp\~DF19E3.tmp
2013-08-16 13:19 - 2013-08-16 13:19 - 00032768 _____ C:\Temp\~DF18E6.tmp
2013-08-16 13:19 - 2013-08-16 13:19 - 00032768 _____ C:\Temp\~DF1642.tmp
2013-08-16 13:19 - 2013-08-16 13:19 - 00016384 _____ C:\Temp\~DF177D.tmp
2013-08-16 13:19 - 2013-08-16 13:19 - 00000512 ____T C:\Temp\~DF18F4.tmp
2013-08-16 13:19 - 2013-08-16 13:19 - 00000512 ____T C:\Temp\~DF179D.tmp
2013-08-16 13:19 - 2013-08-16 13:19 - 00000512 ____T C:\Temp\~DF16CA.tmp
2013-08-16 13:19 - 2013-08-16 13:19 - 00000000 ____T C:\Temp\~DFF970.tmp
2013-08-16 13:18 - 2013-08-16 13:18 - 00019213 _____ C:\ComboFix.txt
2013-08-16 13:18 - 2013-08-16 13:18 - 00000369 _____ C:\Temp\jusched.log
2013-08-16 13:18 - 2013-08-16 13:18 - 00000000 ____D C:\Temp\WPDNSE
2013-08-16 13:15 - 2013-08-16 13:15 - 00159355 _____ C:\Temp\lws.man.xml
2013-08-16 13:15 - 2013-08-16 13:15 - 00001313 ____T C:\Temp\MAR4.tmp
2013-08-16 13:15 - 2013-08-16 13:15 - 00001285 ____T C:\Temp\MAR5.tmp
2013-08-16 13:15 - 2013-08-16 13:15 - 00000308 _____ C:\Temp\hpqddusr.log
2013-08-16 13:15 - 2013-08-16 13:15 - 00000128 _____ C:\Temp\lws.man.xml.sig
2013-08-16 13:15 - 2013-08-16 13:15 - 00000000 ____D C:\Temp\svfp0.tmp
2013-08-16 13:15 - 2013-08-16 13:15 - 00000000 _____ C:\Temp\LuUpdater.log
2013-08-16 13:13 - 2013-08-16 13:13 - 00027753 _____ C:\Temp\Spanish.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00027410 _____ C:\Temp\Italian.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00027235 _____ C:\Temp\French.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00026260 _____ C:\Temp\Portuguese.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00026126 _____ C:\Temp\Russian.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00026080 _____ C:\Temp\Hungarian.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00025753 _____ C:\Temp\German.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00025747 _____ C:\Temp\Dutch.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00025082 _____ C:\Temp\Greek.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00025071 _____ C:\Temp\Portuguese(Brazil).bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00024312 _____ C:\Temp\Czech.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00024297 _____ C:\Temp\Japanese.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00024221 _____ C:\Temp\Polish.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00024082 _____ C:\Temp\SWEDISH.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00022857 _____ C:\Temp\Finnish.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00022783 _____ C:\Temp\Danish.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00022253 _____ C:\Temp\Turkish.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00021976 _____ C:\Temp\Thai.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00021964 _____ C:\Temp\Norwegian.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00021914 _____ C:\Temp\English.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00020972 _____ C:\Temp\Arabic.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00020135 _____ C:\Temp\Korean.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00019553 _____ C:\Temp\Hebrew.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00016949 _____ C:\Temp\TradChin.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00016408 _____ C:\Temp\SimChin.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00000781 _____ C:\Temp\AdobeARM.log
2013-08-16 13:11 - 2013-08-16 13:11 - 00008192 ____H C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2013-08-16 13:11 - 2013-08-16 13:11 - 00000000 ____H C:\WINDOWS\system32\config\system.tmp.LOG
2013-08-16 13:11 - 2013-08-16 13:11 - 00000000 ____H C:\WINDOWS\system32\config\software.tmp.LOG
2013-08-16 13:11 - 2013-08-16 13:11 - 00000000 ____H C:\WINDOWS\system32\config\SAM.tmp.LOG
2013-08-16 13:11 - 2013-08-16 13:11 - 00000000 ____H C:\WINDOWS\system32\config\default.tmp.LOG
2013-08-16 13:01 - 2013-08-16 13:01 - 00000000 _RSHD C:\cmdcons
2013-08-16 13:00 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2013-08-16 12:51 - 2013-08-16 12:51 - 00000227 _____ C:\Dokumente und Einstellungen\Karo\Desktop\CFSkript.txt
2013-08-16 12:45 - 2013-08-16 13:06 - 00000000 ____D C:\Temp\nsc7E.tmp
2013-08-16 12:45 - 2013-08-16 12:45 - 05104782 ____R (Swearware) C:\Dokumente und Einstellungen\Karo\Desktop\ComboFix.exe
2013-08-16 12:43 - 2013-08-16 12:43 - 00000752 _____ C:\Dokumente und Einstellungen\Karo\Desktop\Verknüpfung mit ComboFix.lnk
2013-08-16 00:56 - 2013-08-16 00:57 - 00011907 _____ C:\WINDOWS\KB2862772-IE8.log
2013-08-16 00:52 - 2013-08-16 00:56 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-08-16 00:51 - 2013-08-16 00:51 - 00005189 _____ C:\WINDOWS\KB2863058.log
2013-08-16 00:51 - 2013-08-16 00:51 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$
2013-08-16 00:51 - 2013-08-16 00:51 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2013-08-16 00:51 - 2013-08-16 00:51 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2013-08-16 00:51 - 2013-08-16 00:51 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$
2013-08-16 00:12 - 2013-08-16 00:51 - 00009070 _____ C:\WINDOWS\KB2850869.log
2013-08-16 00:11 - 2013-08-16 00:51 - 00010872 _____ C:\WINDOWS\KB2859537.log
2013-08-10 12:48 - 2013-08-10 12:48 - 00001711 _____ C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-08-10 12:48 - 2013-08-10 12:48 - 00001707 _____ C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities 2013.lnk
2013-08-10 12:48 - 2013-08-10 12:48 - 00000000 ____D C:\Programme\TuneUp Utilities 2013
2013-08-10 12:48 - 2013-08-10 12:48 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\TuneUp Software
2013-08-10 12:48 - 2012-11-29 16:06 - 00031584 _____ (TuneUp Software) C:\WINDOWS\system32\TURegOpt.exe
2013-08-10 12:47 - 2013-08-16 13:06 - 00000000 ____D C:\Temp\DVDVideoSoft
2013-08-10 12:47 - 2013-08-10 12:47 - 00001023 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Free YouTube to MP3 Converter.lnk
2013-08-10 12:47 - 2013-08-10 12:47 - 00000906 _____ C:\Dokumente und Einstellungen\All Users\Desktop\DVDVideoSoft Free Studio.lnk
2013-08-10 12:47 - 2013-08-10 12:47 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\DVDVideoSoftIEHelpers
2013-08-10 12:46 - 2013-08-10 12:47 - 00000000 ____D C:\Temp\8944214B-BAB0-7891-A63A-DE461084E7F1
2013-08-10 12:46 - 2013-08-10 12:47 - 00000000 ____D C:\Programme\DVDVideoSoft
2013-08-10 12:46 - 2013-08-10 12:47 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Startmenü\Programme\BrowserDefender
2013-08-10 12:46 - 2013-08-10 12:46 - 00000000 ____D C:\Programme\Gemeinsame Dateien\DVDVideoSoft
2013-08-10 12:46 - 2013-08-10 12:46 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\OpenCandy
2013-08-10 12:46 - 2013-08-10 12:46 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\Babylon
2013-08-10 12:44 - 2013-08-16 13:06 - 00000000 ____D C:\Temp\is-6BI3I.tmp
2013-08-10 12:44 - 2013-08-10 13:00 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\DVDVideoSoft
2013-08-10 12:44 - 2013-08-10 12:44 - 01211376 _____ (DVDVideoSoft Ltd. ) C:\Dokumente und Einstellungen\Karo\Desktop\FreeYouTubeToMP3Converter-3.12.9.725.exe
2013-08-10 11:37 - 2013-08-16 12:50 - 00000327 _____ C:\Boot.bak
2013-08-10 11:37 - 2004-08-03 23:00 - 00262448 __RSH C:\cmldr
2013-08-10 11:35 - 2011-06-26 08:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2013-08-10 11:35 - 2010-11-07 19:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2013-08-10 11:35 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2013-08-10 11:35 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2013-08-10 11:35 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2013-08-10 11:35 - 2000-08-31 02:00 - 00098816 _____ C:\WINDOWS\sed.exe
2013-08-10 11:35 - 2000-08-31 02:00 - 00080412 _____ C:\WINDOWS\grep.exe
2013-08-10 11:35 - 2000-08-31 02:00 - 00068096 _____ C:\WINDOWS\zip.exe
2013-08-10 11:33 - 2013-08-16 13:18 - 00000000 ____D C:\Qoobox
2013-08-10 11:32 - 2013-08-16 13:11 - 00000000 ____D C:\WINDOWS\erdnt
2013-08-10 11:32 - 2013-08-10 11:32 - 00000000 ___RD C:\Dokumente und Einstellungen\Karo\Startmenü\Programme\Verwaltung
2013-08-06 21:31 - 2013-08-09 15:36 - 00000856 _____ C:\Dokumente und Einstellungen\Karo\Desktop\Fixlist.txt
2013-08-05 16:01 - 2011-02-02 22:40 - 00157472 _____ (Sun Microsystems, Inc.) C:\WINDOWS\system32\javaws.exe
2013-08-05 16:01 - 2011-02-02 22:40 - 00145184 _____ (Sun Microsystems, Inc.) C:\WINDOWS\system32\javaw.exe
2013-08-05 16:01 - 2011-02-02 22:40 - 00145184 _____ (Sun Microsystems, Inc.) C:\WINDOWS\system32\java.exe
2013-08-05 15:55 - 2013-08-05 15:55 - 00448512 _____ (OldTimer Tools) C:\Dokumente und Einstellungen\Karo\Desktop\TFC.exe
2013-08-05 15:53 - 2013-08-05 15:53 - 00392032 _____ (Softonic ) C:\Dokumente und Einstellungen\Karo\Desktop\SoftonicDownloader_fuer_temp-file-cleaner.exe
2013-08-03 12:18 - 2013-08-03 12:18 - 00000000 ____D C:\Temp\RarSFX0
2013-08-03 12:14 - 2013-08-03 12:15 - 00891098 _____ C:\Dokumente und Einstellungen\Karo\Desktop\SecurityCheck.exe
2013-08-02 23:34 - 2013-08-02 23:34 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\ESET
2013-08-02 14:01 - 2013-08-02 14:01 - 00062770 _____ C:\Dokumente und Einstellungen\Karo\Desktop\FRST2.txt
2013-08-02 14:00 - 2013-08-02 14:00 - 00029310 _____ C:\Dokumente und Einstellungen\Karo\Desktop\Addition2.txt
2013-08-02 13:12 - 2013-08-02 13:12 - 00017176 _____ C:\AdwCleaner[S1].txt
2013-08-02 13:10 - 2013-08-02 13:10 - 00666633 _____ C:\Dokumente und Einstellungen\Karo\Desktop\adwcleaner06.exe
2013-08-01 19:06 - 2013-08-01 19:08 - 00000213 _____ C:\Dokumente und Einstellungen\Karo\Eigene Dateien\Fixlist.txt
2013-07-31 15:28 - 2013-08-03 12:31 - 00029321 _____ C:\Dokumente und Einstellungen\Karo\Desktop\Addition.txt
2013-07-31 15:17 - 2013-07-31 15:17 - 01781589 _____ (Farbar) C:\Dokumente und Einstellungen\Karo\Desktop\FRST64.exe
2013-07-31 15:16 - 2013-08-09 15:38 - 00000000 ____D C:\FRST
2013-07-31 15:16 - 2013-08-06 15:48 - 01228808 _____ (Farbar) C:\Dokumente und Einstellungen\Karo\Desktop\FRST.exe
2013-07-31 14:32 - 2013-08-10 11:43 - 00000000 ____D C:\Temp\ish135531
2013-07-31 14:32 - 2013-08-10 11:43 - 00000000 ____D C:\Temp\B5EC8CB8-BAB0-7891-93B8-0638EA6B0C45
2013-07-31 14:32 - 2013-07-31 14:32 - 00000000 ____D C:\Temp\tmp1985
2013-07-31 13:52 - 2013-08-10 11:43 - 00000000 ____D C:\Temp\ish18754078
2013-07-31 13:52 - 2013-07-31 13:59 - 00000000 ____D C:\Temp\CFC193DF-BAB0-7891-BDCD-EA1E26220A59
2013-07-31 13:52 - 2013-07-31 13:52 - 00000000 ____D C:\Temp\tmp6241
2013-07-30 15:10 - 2013-07-30 15:14 - 00000000 ____D C:\Temp\1EA55D3C-BAB0-7891-9DA9-F386E4DCBD17
2013-07-30 15:10 - 2013-07-30 15:10 - 00000000 ____D C:\Temp\tmp1978
2013-07-30 15:10 - 2013-07-30 15:10 - 00000000 ____D C:\Temp\{2F822836-52C6-427A-8690-91732CB6F143}
2013-07-30 15:10 - 2013-07-30 15:10 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\DigitalSite
2013-07-30 15:09 - 2013-08-10 11:43 - 00000000 ____D C:\Temp\ish6262156
2013-07-30 15:09 - 2013-08-10 11:43 - 00000000 ____D C:\Temp\is357113909
2013-07-30 13:30 - 2013-07-30 13:30 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\Windows Search
2013-07-29 19:06 - 2013-07-29 19:06 - 00000000 ____D C:\Temp\svkah.tmp
2013-07-27 02:35 - 2013-08-10 11:43 - 00000000 ____D C:\Temp\WER104a.dir00
2013-07-27 02:35 - 2013-08-10 11:43 - 00000000 ____D C:\Temp\WER1022.dir00
2013-07-25 12:43 - 2013-08-05 15:59 - 00001714 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader X.lnk
2013-07-25 12:42 - 2013-07-25 12:42 - 00000000 ____D C:\Programme\Adobe
143
==================== One Month Modified Files and Folders =======
2013-08-16 13:26 - 2013-08-16 13:25 - 00007395 _____ C:\Temp\log1
2013-08-16 13:25 - 2013-08-16 13:25 - 00013965 _____ C:\Temp\frstlog
2013-08-16 13:25 - 2013-08-16 13:25 - 00000303 _____ C:\Temp\users00
2013-08-16 13:25 - 2013-08-16 13:25 - 00000003 _____ C:\Temp\others
2013-08-16 13:22 - 2013-08-16 13:19 - 00016384 ____T C:\Temp\~DF19E3.tmp
2013-08-16 13:22 - 2011-01-31 21:45 - 00000434 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{2F660A0B-21EB-4224-A64D-9FCAFC9DDFD5}.job
2013-08-16 13:19 - 2013-08-16 13:19 - 00032768 _____ C:\Temp\~DF18E6.tmp
2013-08-16 13:19 - 2013-08-16 13:19 - 00032768 _____ C:\Temp\~DF1642.tmp
2013-08-16 13:19 - 2013-08-16 13:19 - 00016384 _____ C:\Temp\~DF177D.tmp
2013-08-16 13:19 - 2013-08-16 13:19 - 00000512 ____T C:\Temp\~DF18F4.tmp
2013-08-16 13:19 - 2013-08-16 13:19 - 00000512 ____T C:\Temp\~DF179D.tmp
2013-08-16 13:19 - 2013-08-16 13:19 - 00000512 ____T C:\Temp\~DF16CA.tmp
2013-08-16 13:19 - 2013-08-16 13:19 - 00000000 ____T C:\Temp\~DFF970.tmp
2013-08-16 13:18 - 2013-08-16 13:18 - 00019213 _____ C:\ComboFix.txt
2013-08-16 13:18 - 2013-08-16 13:18 - 00000369 _____ C:\Temp\jusched.log
2013-08-16 13:18 - 2013-08-16 13:18 - 00000000 ____D C:\Temp\WPDNSE
2013-08-16 13:18 - 2013-08-10 11:33 - 00000000 ____D C:\Qoobox
2013-08-16 13:18 - 2011-01-31 20:41 - 00000000 __SHD C:\Dokumente und Einstellungen\NetworkService
2013-08-16 13:15 - 2013-08-16 13:15 - 00159355 _____ C:\Temp\lws.man.xml
2013-08-16 13:15 - 2013-08-16 13:15 - 00001313 ____T C:\Temp\MAR4.tmp
2013-08-16 13:15 - 2013-08-16 13:15 - 00001285 ____T C:\Temp\MAR5.tmp
2013-08-16 13:15 - 2013-08-16 13:15 - 00000308 _____ C:\Temp\hpqddusr.log
2013-08-16 13:15 - 2013-08-16 13:15 - 00000128 _____ C:\Temp\lws.man.xml.sig
2013-08-16 13:15 - 2013-08-16 13:15 - 00000000 ____D C:\Temp\svfp0.tmp
2013-08-16 13:15 - 2013-08-16 13:15 - 00000000 _____ C:\Temp\LuUpdater.log
2013-08-16 13:15 - 2011-02-01 20:50 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat
2013-08-16 13:14 - 2011-01-31 23:37 - 00000000 _____ C:\WINDOWS\RTacDbg.txt
2013-08-16 13:14 - 2011-01-31 20:36 - 01760498 _____ C:\WINDOWS\WindowsUpdate.log
2013-08-16 13:13 - 2013-08-16 13:13 - 00027753 _____ C:\Temp\Spanish.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00027410 _____ C:\Temp\Italian.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00027235 _____ C:\Temp\French.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00026260 _____ C:\Temp\Portuguese.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00026126 _____ C:\Temp\Russian.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00026080 _____ C:\Temp\Hungarian.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00025753 _____ C:\Temp\German.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00025747 _____ C:\Temp\Dutch.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00025082 _____ C:\Temp\Greek.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00025071 _____ C:\Temp\Portuguese(Brazil).bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00024312 _____ C:\Temp\Czech.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00024297 _____ C:\Temp\Japanese.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00024221 _____ C:\Temp\Polish.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00024082 _____ C:\Temp\SWEDISH.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00022857 _____ C:\Temp\Finnish.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00022783 _____ C:\Temp\Danish.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00022253 _____ C:\Temp\Turkish.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00021976 _____ C:\Temp\Thai.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00021964 _____ C:\Temp\Norwegian.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00021914 _____ C:\Temp\English.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00020972 _____ C:\Temp\Arabic.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00020135 _____ C:\Temp\Korean.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00019553 _____ C:\Temp\Hebrew.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00016949 _____ C:\Temp\TradChin.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00016408 _____ C:\Temp\SimChin.bin
2013-08-16 13:13 - 2013-08-16 13:13 - 00000781 _____ C:\Temp\AdobeARM.log
2013-08-16 13:13 - 2011-04-29 20:01 - 00000000 ____D C:\WINDOWS\system32\logishrd
2013-08-16 13:13 - 2011-02-02 15:48 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-08-16 13:13 - 2011-02-02 15:48 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-08-16 13:13 - 2011-01-31 20:43 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-08-16 13:13 - 2004-08-04 13:00 - 00000227 _____ C:\WINDOWS\system.ini
2013-08-16 13:12 - 2011-01-31 21:17 - 27000832 _____ C:\WINDOWS\system32\config\software.bak
2013-08-16 13:12 - 2011-01-31 21:17 - 04718592 _____ C:\WINDOWS\system32\config\system.bak
2013-08-16 13:12 - 2011-01-31 21:17 - 00524288 _____ C:\WINDOWS\system32\config\default.bak
2013-08-16 13:12 - 2011-01-31 20:22 - 00262144 _____ C:\WINDOWS\system32\config\SECURITY.bak
2013-08-16 13:12 - 2011-01-31 20:22 - 00262144 _____ C:\WINDOWS\system32\config\SAM.bak
2013-08-16 13:11 - 2013-08-16 13:11 - 00008192 ____H C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2013-08-16 13:11 - 2013-08-16 13:11 - 00000000 ____H C:\WINDOWS\system32\config\system.tmp.LOG
2013-08-16 13:11 - 2013-08-16 13:11 - 00000000 ____H C:\WINDOWS\system32\config\software.tmp.LOG
2013-08-16 13:11 - 2013-08-16 13:11 - 00000000 ____H C:\WINDOWS\system32\config\SAM.tmp.LOG
2013-08-16 13:11 - 2013-08-16 13:11 - 00000000 ____H C:\WINDOWS\system32\config\default.tmp.LOG
2013-08-16 13:11 - 2013-08-10 11:32 - 00000000 ____D C:\WINDOWS\erdnt
2013-08-16 13:11 - 2012-12-19 21:34 - 00065536 _____ C:\WINDOWS\system32\config\TuneUp.evt
2013-08-16 13:11 - 2011-02-02 00:25 - 00000190 ___SH C:\Dokumente und Einstellungen\Karo\ntuser.ini
2013-08-16 13:11 - 2011-02-02 00:25 - 00000000 ____D C:\Dokumente und Einstellungen\Karo
2013-08-16 13:07 - 2011-01-31 20:24 - 00000000 ____D C:\Programme
2013-08-16 13:06 - 2013-08-16 12:45 - 00000000 ____D C:\Temp\nsc7E.tmp
2013-08-16 13:06 - 2013-08-10 12:47 - 00000000 ____D C:\Temp\DVDVideoSoft
2013-08-16 13:06 - 2013-08-10 12:44 - 00000000 ____D C:\Temp\is-6BI3I.tmp
2013-08-16 13:01 - 2013-08-16 13:01 - 00000000 _RSHD C:\cmdcons
2013-08-16 13:01 - 2011-01-31 21:17 - 00000327 __RSH C:\boot.ini
2013-08-16 12:51 - 2013-08-16 12:51 - 00000227 _____ C:\Dokumente und Einstellungen\Karo\Desktop\CFSkript.txt
2013-08-16 12:50 - 2013-08-10 11:37 - 00000327 _____ C:\Boot.bak
2013-08-16 12:49 - 2011-01-31 20:43 - 00032506 _____ C:\WINDOWS\SchedLgU.Txt
2013-08-16 12:45 - 2013-08-16 12:45 - 05104782 ____R (Swearware) C:\Dokumente und Einstellungen\Karo\Desktop\ComboFix.exe
2013-08-16 12:43 - 2013-08-16 12:43 - 00000752 _____ C:\Dokumente und Einstellungen\Karo\Desktop\Verknüpfung mit ComboFix.lnk
2013-08-16 12:43 - 2011-02-02 15:09 - 00000000 ____D C:\Temp\MSNL
2013-08-16 12:39 - 2012-10-16 21:22 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-08-16 12:32 - 2011-01-31 21:24 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-08-16 02:46 - 2011-02-06 21:17 - 00000000 ____D C:\Temp\hsperfdata_Karo
2013-08-16 00:57 - 2013-08-16 00:56 - 00011907 _____ C:\WINDOWS\KB2862772-IE8.log
2013-08-16 00:57 - 2011-02-09 19:14 - 00920597 _____ C:\WINDOWS\iis6.log
2013-08-16 00:57 - 2011-02-09 19:14 - 00853860 _____ C:\WINDOWS\FaxSetup.log
2013-08-16 00:57 - 2011-02-09 19:14 - 00437126 _____ C:\WINDOWS\ocgen.log
2013-08-16 00:57 - 2011-02-09 19:14 - 00391069 _____ C:\WINDOWS\tsoc.log
2013-08-16 00:57 - 2011-02-09 19:14 - 00283706 _____ C:\WINDOWS\comsetup.log
2013-08-16 00:57 - 2011-02-09 19:14 - 00260086 _____ C:\WINDOWS\msmqinst.log
2013-08-16 00:57 - 2011-02-09 19:14 - 00172174 _____ C:\WINDOWS\ntdtcsetup.log
2013-08-16 00:57 - 2011-02-09 19:14 - 00149963 _____ C:\WINDOWS\netfxocm.log
2013-08-16 00:57 - 2011-02-09 19:14 - 00071177 _____ C:\WINDOWS\updspapi.log
2013-08-16 00:57 - 2011-02-09 19:14 - 00058944 _____ C:\WINDOWS\MedCtrOC.log
2013-08-16 00:57 - 2011-02-09 19:14 - 00047323 _____ C:\WINDOWS\ocmsn.log
2013-08-16 00:57 - 2011-02-09 19:14 - 00042918 _____ C:\WINDOWS\tabletoc.log
2013-08-16 00:57 - 2011-02-09 19:14 - 00042812 _____ C:\WINDOWS\msgsocm.log
2013-08-16 00:57 - 2011-02-09 19:14 - 00001374 _____ C:\WINDOWS\imsins.log
2013-08-16 00:56 - 2013-08-16 00:52 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-08-16 00:56 - 2011-01-31 21:35 - 00000000 ____D C:\WINDOWS\ie8updates
2013-08-16 00:52 - 2011-01-31 21:33 - 75778376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-08-16 00:51 - 2013-08-16 00:51 - 00005189 _____ C:\WINDOWS\KB2863058.log
2013-08-16 00:51 - 2013-08-16 00:51 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$
2013-08-16 00:51 - 2013-08-16 00:51 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2013-08-16 00:51 - 2013-08-16 00:51 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2013-08-16 00:51 - 2013-08-16 00:51 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$
2013-08-16 00:51 - 2013-08-16 00:12 - 00009070 _____ C:\WINDOWS\KB2850869.log
2013-08-16 00:51 - 2013-08-16 00:11 - 00010872 _____ C:\WINDOWS\KB2859537.log
2013-08-16 00:51 - 2011-02-09 19:14 - 00001374 _____ C:\WINDOWS\imsins.BAK
2013-08-16 00:51 - 2011-01-31 21:41 - 00032870 _____ C:\WINDOWS\system32\TZLog.log
2013-08-16 00:49 - 2011-01-31 20:24 - 01034830 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-08-16 00:04 - 2004-08-04 13:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2013-08-11 01:47 - 2011-02-02 00:25 - 00000000 ___RD C:\Dokumente und Einstellungen\Karo\Eigene Dateien\Eigene Musik
2013-08-10 13:00 - 2013-08-10 12:44 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\DVDVideoSoft
2013-08-10 12:48 - 2013-08-10 12:48 - 00001711 _____ C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-08-10 12:48 - 2013-08-10 12:48 - 00001707 _____ C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities 2013.lnk
2013-08-10 12:48 - 2013-08-10 12:48 - 00000000 ____D C:\Programme\TuneUp Utilities 2013
2013-08-10 12:48 - 2013-08-10 12:48 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\TuneUp Software
2013-08-10 12:47 - 2013-08-10 12:47 - 00001023 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Free YouTube to MP3 Converter.lnk
2013-08-10 12:47 - 2013-08-10 12:47 - 00000906 _____ C:\Dokumente und Einstellungen\All Users\Desktop\DVDVideoSoft Free Studio.lnk
2013-08-10 12:47 - 2013-08-10 12:47 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\DVDVideoSoftIEHelpers
2013-08-10 12:47 - 2013-08-10 12:46 - 00000000 ____D C:\Temp\8944214B-BAB0-7891-A63A-DE461084E7F1
2013-08-10 12:47 - 2013-08-10 12:46 - 00000000 ____D C:\Programme\DVDVideoSoft
2013-08-10 12:47 - 2013-08-10 12:46 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Startmenü\Programme\BrowserDefender
2013-08-10 12:46 - 2013-08-10 12:46 - 00000000 ____D C:\Programme\Gemeinsame Dateien\DVDVideoSoft
2013-08-10 12:46 - 2013-08-10 12:46 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\OpenCandy
2013-08-10 12:46 - 2013-08-10 12:46 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\Babylon
2013-08-10 12:46 - 2011-02-02 00:25 - 00000000 ___RD C:\Dokumente und Einstellungen\Karo\Startmenü\Programme
2013-08-10 12:44 - 2013-08-10 12:44 - 01211376 _____ (DVDVideoSoft Ltd. ) C:\Dokumente und Einstellungen\Karo\Desktop\FreeYouTubeToMP3Converter-3.12.9.725.exe
2013-08-10 11:43 - 2013-07-31 14:32 - 00000000 ____D C:\Temp\ish135531
2013-08-10 11:43 - 2013-07-31 14:32 - 00000000 ____D C:\Temp\B5EC8CB8-BAB0-7891-93B8-0638EA6B0C45
2013-08-10 11:43 - 2013-07-31 13:52 - 00000000 ____D C:\Temp\ish18754078
2013-08-10 11:43 - 2013-07-30 15:09 - 00000000 ____D C:\Temp\ish6262156
2013-08-10 11:43 - 2013-07-30 15:09 - 00000000 ____D C:\Temp\is357113909
2013-08-10 11:43 - 2013-07-27 02:35 - 00000000 ____D C:\Temp\WER104a.dir00
2013-08-10 11:43 - 2013-07-27 02:35 - 00000000 ____D C:\Temp\WER1022.dir00
2013-08-10 11:43 - 2013-05-27 21:00 - 00000000 ____D C:\Temp\tmpb7e33b0a
2013-08-10 11:43 - 2013-05-26 20:10 - 00000000 ____D C:\Temp\tmp9dd21216
2013-08-10 11:43 - 2013-05-25 20:33 - 00000000 ____D C:\Temp\tmpb83eb886
2013-08-10 11:43 - 2013-05-25 00:15 - 00000000 ____D C:\Temp\tmpea9051a7
2013-08-10 11:43 - 2013-05-22 20:16 - 00000000 ____D C:\Temp\tmp95b2271e
2013-08-10 11:43 - 2013-05-20 17:52 - 00000000 ____D C:\Temp\tmpf68bbd41
2013-08-10 11:43 - 2013-05-17 06:18 - 00000000 ____D C:\Temp\tmp9bede2e7
2013-08-10 11:43 - 2013-05-16 23:57 - 00000000 ____D C:\Temp\tmpebd05d37
2013-08-10 11:43 - 2013-05-15 19:30 - 00000000 ____D C:\Temp\tmp40c9c6e8
2013-08-10 11:43 - 2013-05-14 18:55 - 00000000 ____D C:\Temp\tmp2faf446c
2013-08-10 11:43 - 2013-04-14 20:56 - 00000000 ____D C:\Temp\99CAA8DB-BAB0-7891-800A-77CCC61BCCEB
2013-08-10 11:43 - 2013-04-14 20:54 - 00000000 ____D C:\Temp\nsd92C.tmp
2013-08-10 11:43 - 2013-01-20 12:13 - 00000000 ____D C:\Temp\84A.tmp
2013-08-10 11:43 - 2013-01-04 01:02 - 00000000 ____D C:\Temp\res
2013-08-10 11:43 - 2012-12-19 20:21 - 00000000 ____D C:\Temp\a00b69d3-feda-476c-946e-8608d96bfe39
2013-08-10 11:43 - 2012-12-19 20:21 - 00000000 ____D C:\Temp\68dcf78f-8c83-43a0-83ef-e71ac98ac477
2013-08-10 11:43 - 2012-12-19 20:21 - 00000000 ____D C:\Temp\4b4395bc-4234-4ead-8d0f-a8cfc7b298ec
2013-08-10 11:43 - 2012-12-19 20:15 - 00000000 ____D C:\Temp\c3d576a3-923f-483e-9285-c1487497175a
2013-08-10 11:43 - 2012-12-19 20:15 - 00000000 ____D C:\Temp\3d083b50-7f3e-4293-bc13-1f4d16bd927c
2013-08-10 11:43 - 2012-12-19 20:15 - 00000000 ____D C:\Temp\22775de3-904c-421e-8a03-b7b6cac921fa
2013-08-10 11:43 - 2012-12-19 20:11 - 00000000 ____D C:\Temp\KiesTemporary
2013-08-10 11:43 - 2012-11-25 12:35 - 00000000 ____D C:\Temp\ct2625848
2013-08-10 11:43 - 2012-08-29 14:48 - 00000000 ____D C:\Temp\WER2c85.dir00
2013-08-10 11:43 - 2012-08-29 14:48 - 00000000 ____D C:\Temp\WER23bc.dir00
2013-08-10 11:43 - 2012-08-29 14:47 - 00000000 ____D C:\Temp\WERe12e.dir00
2013-08-10 11:43 - 2012-08-29 14:47 - 00000000 ____D C:\Temp\WERd800.dir00
2013-08-10 11:43 - 2012-08-29 14:47 - 00000000 ____D C:\Temp\WERcf32.dir00
2013-08-10 11:43 - 2012-07-16 19:46 - 00000000 ____D C:\Temp\WER122c.dir00
2013-08-10 11:43 - 2012-04-06 11:05 - 00000000 ____D C:\Temp\WER5162.dir00
2013-08-10 11:43 - 2012-03-30 15:08 - 00000000 ____D C:\Temp\WER5fed.dir00
2013-08-10 11:43 - 2012-03-30 15:07 - 00000000 ____D C:\Temp\WER4d47.dir00
2013-08-10 11:43 - 2011-12-11 14:30 - 00000000 ____D C:\Temp\43235A2A-BAB0-7891-99B7-7E488FB7B1D2
2013-08-10 11:43 - 2011-11-14 06:53 - 00000000 ____D C:\Temp\487.dir
2013-08-10 11:43 - 2011-06-29 13:37 - 00000000 ____D C:\Temp\APN-Stub
2013-08-10 11:43 - 2011-06-15 16:00 - 00000000 ____D C:\Temp\7zS58F2
2013-08-10 11:43 - 2011-06-08 19:41 - 00000000 ____D C:\Temp\7zS5B78
2013-08-10 11:43 - 2011-06-08 16:59 - 00000000 ____D C:\Temp\7zS1219
2013-08-10 11:43 - 2011-06-08 16:54 - 00000000 ____D C:\Temp\7zS3452
2013-08-10 11:43 - 2011-06-08 16:41 - 00000000 ____D C:\Temp\7zS6D2C
2013-08-10 11:43 - 2011-06-07 19:47 - 00000000 ____D C:\Temp\23D.dir
2013-08-10 11:43 - 2011-05-16 20:39 - 00000000 ____D C:\Temp\lu
2013-08-10 11:43 - 2011-04-29 20:05 - 00000000 ____D C:\Temp\de-de
2013-08-10 11:43 - 2011-03-16 17:32 - 00000000 ____D C:\Temp\C9.dir
2013-08-10 11:43 - 2011-03-14 13:13 - 00000000 ____D C:\Temp\{65FC407F-93C2-4A72-9DFC-29D3CB364B7E}
2013-08-10 11:43 - 2011-02-22 18:10 - 00000000 ___HD C:\Temp\Temporäres Verzeichnis 1 für SharePod397.zip
2013-08-10 11:43 - 2011-02-16 10:15 - 00000000 ____D C:\Temp\4A.dir
2013-08-10 11:43 - 2011-02-10 18:47 - 00000000 ____D C:\Temp\HPDiagnosticAlert
2013-08-10 11:43 - 2011-02-10 18:47 - 00000000 ____D C:\Temp\7zS31FC
2013-08-10 11:43 - 2011-02-02 16:29 - 00000000 ____D C:\Temp\7zS5E15
2013-08-10 11:43 - 2011-02-02 16:17 - 00000000 ____D C:\Temp\7zS11F3
2013-08-10 11:43 - 2011-02-02 15:49 - 00000000 ____D C:\Temp\7zS7932
2013-08-10 11:43 - 2011-02-02 15:45 - 00000000 ____D C:\Temp\7zS090A
2013-08-10 11:43 - 2011-02-02 01:56 - 00000000 ____D C:\Temp\ToolbarUpdater_1296604584
2013-08-10 11:43 - 2011-02-02 01:05 - 00000000 ____D C:\Temp\Google Toolbar
2013-08-10 11:43 - 2011-02-01 20:37 - 00000000 ____D C:\Temp\{46937E47-A407-404B-A547-A51A1A576832}
2013-08-10 11:32 - 2013-08-10 11:32 - 00000000 ___RD C:\Dokumente und Einstellungen\Karo\Startmenü\Programme\Verwaltung
2013-08-09 15:38 - 2013-07-31 15:16 - 00000000 ____D C:\FRST
2013-08-09 15:36 - 2013-08-06 21:31 - 00000856 _____ C:\Dokumente und Einstellungen\Karo\Desktop\Fixlist.txt
2013-08-09 15:12 - 2011-02-02 00:25 - 00000000 ___RD C:\Dokumente und Einstellungen\Karo\Eigene Dateien\Eigene Bilder
2013-08-06 15:48 - 2013-07-31 15:16 - 01228808 _____ (Farbar) C:\Dokumente und Einstellungen\Karo\Desktop\FRST.exe
2013-08-05 16:01 - 2011-01-31 23:43 - 00000000 ____D C:\Programme\Java
2013-08-05 15:59 - 2013-07-25 12:43 - 00001714 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader X.lnk
2013-08-05 15:55 - 2013-08-05 15:55 - 00448512 _____ (OldTimer Tools) C:\Dokumente und Einstellungen\Karo\Desktop\TFC.exe
2013-08-05 15:53 - 2013-08-05 15:53 - 00392032 _____ (Softonic ) C:\Dokumente und Einstellungen\Karo\Desktop\SoftonicDownloader_fuer_temp-file-cleaner.exe
2013-08-03 12:31 - 2013-07-31 15:28 - 00029321 _____ C:\Dokumente und Einstellungen\Karo\Desktop\Addition.txt
2013-08-03 12:18 - 2013-08-03 12:18 - 00000000 ____D C:\Temp\RarSFX0
2013-08-03 12:15 - 2013-08-03 12:14 - 00891098 _____ C:\Dokumente und Einstellungen\Karo\Desktop\SecurityCheck.exe
2013-08-02 23:56 - 2011-02-02 15:08 - 00326440 _____ C:\WINDOWS\setupapi.log
2013-08-02 23:52 - 2011-03-02 22:16 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2013-08-02 23:34 - 2013-08-02 23:34 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\ESET
2013-08-02 14:01 - 2013-08-02 14:01 - 00062770 _____ C:\Dokumente und Einstellungen\Karo\Desktop\FRST2.txt
2013-08-02 14:00 - 2013-08-02 14:00 - 00029310 _____ C:\Dokumente und Einstellungen\Karo\Desktop\Addition2.txt
2013-08-02 13:12 - 2013-08-02 13:12 - 00017176 _____ C:\AdwCleaner[S1].txt
2013-08-02 13:10 - 2013-08-02 13:10 - 00666633 _____ C:\Dokumente und Einstellungen\Karo\Desktop\adwcleaner06.exe
2013-08-01 19:08 - 2013-08-01 19:06 - 00000213 _____ C:\Dokumente und Einstellungen\Karo\Eigene Dateien\Fixlist.txt
2013-07-31 15:17 - 2013-07-31 15:17 - 01781589 _____ (Farbar) C:\Dokumente und Einstellungen\Karo\Desktop\FRST64.exe
2013-07-31 14:32 - 2013-07-31 14:32 - 00000000 ____D C:\Temp\tmp1985
2013-07-31 13:59 - 2013-07-31 13:52 - 00000000 ____D C:\Temp\CFC193DF-BAB0-7891-BDCD-EA1E26220A59
2013-07-31 13:52 - 2013-07-31 13:52 - 00000000 ____D C:\Temp\tmp6241
2013-07-30 15:14 - 2013-07-30 15:10 - 00000000 ____D C:\Temp\1EA55D3C-BAB0-7891-9DA9-F386E4DCBD17
2013-07-30 15:10 - 2013-07-30 15:10 - 00000000 ____D C:\Temp\tmp1978
2013-07-30 15:10 - 2013-07-30 15:10 - 00000000 ____D C:\Temp\{2F822836-52C6-427A-8690-91732CB6F143}
2013-07-30 15:10 - 2013-07-30 15:10 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\DigitalSite
2013-07-30 13:41 - 2011-02-08 15:22 - 00000276 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2013-07-30 13:30 - 2013-07-30 13:30 - 00000000 ____D C:\Dokumente und Einstellungen\Karo\Anwendungsdaten\Windows Search
2013-07-30 12:12 - 2011-02-01 23:38 - 00000000 ____D C:\Dokumente und Einstellungen\Erilk
2013-07-30 12:11 - 2011-01-31 20:44 - 00000190 ___SH C:\Dokumente und Einstellungen\Administrator\ntuser.ini
2013-07-30 00:04 - 2011-02-02 13:10 - 00000000 ____D C:\Temp\hsperfdata_Erilk
2013-07-29 19:06 - 2013-07-29 19:06 - 00000000 ____D C:\Temp\svkah.tmp
2013-07-26 04:47 - 2012-06-14 18:38 - 00522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2013-07-26 04:47 - 2011-01-31 21:35 - 02005504 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll
2013-07-26 04:47 - 2011-01-31 21:35 - 00630272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll
2013-07-26 04:47 - 2011-01-31 21:35 - 00247808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll
2013-07-26 04:47 - 2011-01-31 21:35 - 00055296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2013-07-26 04:47 - 2011-01-31 21:35 - 00012800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll
2013-07-26 04:47 - 2011-01-31 20:35 - 00759296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\vgx.dll
2013-07-26 04:47 - 2009-03-08 05:32 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-07-26 04:47 - 2009-03-08 05:32 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2013-07-26 04:47 - 2009-03-08 05:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2013-07-26 04:47 - 2008-04-14 06:53 - 01469440 ____N (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-07-26 04:47 - 2008-04-14 06:53 - 01469440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetcpl.cpl
2013-07-26 04:47 - 2008-04-14 06:52 - 06017536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2013-07-26 04:47 - 2008-04-14 06:52 - 06017536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-07-26 04:47 - 2008-04-14 06:52 - 01215488 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\urlmon.dll
2013-07-26 04:47 - 2008-04-14 06:52 - 01215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-07-26 04:47 - 2008-04-14 06:52 - 00920064 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wininet.dll
2013-07-26 04:47 - 2008-04-14 06:52 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-07-26 04:47 - 2008-04-14 06:52 - 00611840 ____N (Microsoft Corporation) C:\WINDOWS\system32\mstime.dll
2013-07-26 04:47 - 2008-04-14 06:52 - 00611840 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstime.dll
2013-07-26 04:47 - 2008-04-14 06:52 - 00206848 ____N (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2013-07-26 04:47 - 2008-04-14 06:52 - 00206848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\occache.dll
2013-07-26 04:47 - 2008-04-14 06:52 - 00184320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iepeers.dll
2013-07-26 04:47 - 2008-04-14 06:52 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2013-07-26 04:47 - 2008-04-14 06:52 - 00105984 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\url.dll
2013-07-26 04:47 - 2008-04-14 06:52 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2013-07-26 04:47 - 2008-04-14 06:52 - 00067072 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtmled.dll
2013-07-26 04:47 - 2008-04-14 06:52 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2013-07-26 04:47 - 2008-04-14 06:52 - 00043520 ____N (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2013-07-26 04:47 - 2008-04-14 06:52 - 00043520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\licmgr10.dll
2013-07-26 04:47 - 2008-04-14 06:52 - 00025600 ____N (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2013-07-26 04:47 - 2008-04-14 06:52 - 00025600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsproxy.dll
2013-07-26 04:46 - 2011-01-31 21:35 - 11113472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll
2013-07-26 04:46 - 2011-01-31 21:35 - 00743424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll
2013-07-26 04:46 - 2009-03-08 05:39 - 11113472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-07-26 04:46 - 2008-04-14 06:52 - 00387584 ____N (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2013-07-26 04:46 - 2008-04-14 06:52 - 00387584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedkcs32.dll
2013-07-25 21:23 - 2008-04-14 06:52 - 00174592 ____N (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-07-25 21:23 - 2008-04-14 06:52 - 00174592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ie4uinit.exe
2013-07-25 17:52 - 2008-04-14 06:25 - 00385024 ____N (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2013-07-25 12:42 - 2013-07-25 12:42 - 00000000 ____D C:\Programme\Adobe
2013-07-25 12:42 - 2011-02-02 15:33 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Adobe
2013-07-17 02:46 - 2008-04-14 06:53 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzchange.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2008-04-14 06:52] - [2008-04-14 06:52] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e
C:\Windows\System32\winlogon.exe
[2008-04-14 06:53] - [2008-04-14 06:53] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a
C:\Windows\System32\svchost.exe
[2008-04-14 06:53] - [2008-04-14 06:53] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366
C:\Windows\System32\services.exe
[2008-04-14 06:53] - [2009-02-09 13:21] - 0111104 ____A (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc
C:\Windows\System32\User32.dll
[2008-04-14 06:52] - [2008-04-14 06:52] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd
C:\Windows\System32\userinit.exe
[2008-04-14 06:53] - [2008-04-14 06:53] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106
C:\Windows\System32\Drivers\volsnap.sys
[2008-04-14 06:22] - [2008-04-14 06:22] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d
==================== End Of Log ============================
--- --- --- --- --- --- ...Hallo Schrauber, war die letzten Tage nicht anwesend...von daher konnte ich an meinem Rechner nichts machen. Ich hoffe dass wir das Problem jetzt mal in Griff bekommen!!! Ansonsten muss ich halt ein neues System auflegen. Weiß nur nicht wie! CD- Roms habe ich alle und zweiten Laptop kann ich auch ran beschaffen. Wäre bloß schön, wenn ich meine Dateien wieder bekomme auf einen seperaten Usb stick zBsp... Habe auch schon probiert über C: Karolin etc. auf meine Programme zu gelangen...da wurde mir der Zugriff aber verweigert  Gruß |
|
| Themen zu BKA-Trojaner |
| abend, ander, benutzer, dateien, desktop, eingefangen, falsch, fenster, folge, folgendes, freundin, funde, gefangen, gestern, interne, internet, konnte, leer, miteinander, nicht mehr, rescue, schwarzes, troja, trojaner, zugreifen |
WARNUNG für die MITLESER: 
Linear-Darstellung
