wahrscheinlich wieder Viren und Co.

Tina666 · 05.08.2013, 20:18

Tut mir leid.
Rest folgt. Mozilla geht z. Zt. total sch.....

Results of screen317's Security Check version 0.99.71
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Avira Free Antivirus
ESET Online Scanner v3
Avira successfully updated!
`````````Anti-malware/Other Utilities Check:`````````
Norton Ghost
Malwarebytes Anti-Malware Version 1.75.0.1300
CCleaner
Java 7 Update 25
Adobe Flash Player 11.7.700.224
Adobe Reader 10.1.7 Adobe Reader out of Date!
Mozilla Firefox (22.0)
Google Chrome 28.0.1500.72
Google Chrome 28.0.1500.95
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C::
````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-08-2013
Ran by Hartmann (administrator) on 05-08-2013 20:42:24
Running from C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Temporary Internet Files\Content.IE5\ZFXRE0LV
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\sched.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
() C:\WINDOWS\Gtwatch.exe
(Symantec Corporation) C:\Programme\Norton Ghost\Agent\VProTray.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
(Google Inc.) C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Common Group) C:\WINDOWS\twain_32\A12U16KD\WATCH.exe
(Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe
(Malwarebytes Corporation) C:\Bereinigung\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Bereinigung\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Malwarebytes Corporation) C:\Bereinigung\Malwarebytes' Anti-Malware\mbamgui.exe
(Symantec Corporation) C:\Programme\Norton Ghost\Agent\VProSvc.exe
(Microsoft Corporation) c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avshadow.exe
(Symantec) C:\Programme\Norton Ghost\Shared\Drivers\SymSnapService.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(FILOU Software GmbH) C:\Programme\FILOU-NC12\NC12.EXE
(Microsoft Corporation) C:\Programme\internet explorer\iexplore.exe
(Microsoft Corporation) C:\Programme\internet explorer\iexplore.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Programme\internet explorer\iexplore.exe
(Farbar) C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Temporary Internet Files\Content.IE5\ZFXRE0LV\FRST[1].exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDCPL] - C:\Windows\RTHDCPL.EXE [20053608 2011-06-24] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Gtwatch] - C:\WINDOWS\Gtwatch.exe [32768 2001-09-21] ()
HKLM\...\Run: [Adobe ARM] - C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Norton Ghost 15.0] - C:\Programme\Norton Ghost\Agent\VProTray.exe [2598760 2010-03-03] (Symantec Corporation)
HKLM\...\Run: [QuickTime Task] - C:\Programme\QuickTime\qttask.exe [286720 2007-06-29] (Apple Inc.)
HKLM\...\Run: [avgnt] - C:\Programme\Avira\AntiVir Desktop\avgnt.exe [345144 2013-06-24] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [DWQueuedReporting] - C:\PROGRA~1\GEMEIN~1\MICROS~1\DW\dwtrig20.exe [434080 2011-07-27] (Microsoft Corporation)
Winlogon\Notify\AtiExtEvent: Ati2evxx.dll (ATI Technologies Inc.)
Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation)
HKCU\...\Run: [swg] - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-02-23] (Google Inc.)
HKCU\...\Winlogon: [Shell] explorer.exe,C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\skype.dat <==== ATTENTION 
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Watch.lnk
ShortcutTarget: Watch.lnk -> C:\WINDOWS\twain_32\A12U16KD\WATCH.exe (Common Group)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Wirtschaft: Wirtschaftsnachrichten von t-online.de/wirtschaft
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {131B38B1-CC5B-4A32-9914-62E0ED1FC19C} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^DE&apn_uid=461F79FA-6540-4A67-92E9-7A3DF4C511BE&apn_sauid=5C35D8E7-5E82-4FF2-A735-F2D028B2C37C
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -&Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ipp - No CLSID Value - 
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value - 
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL (Skype Technologies)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Programme\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Programme\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Programme\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\google-und-download-suche.xml
FF SearchPlugin: C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\webde-suche.xml
FF Extension: No Name - C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com
FF Extension: No Name - C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com
FF Extension: No Name - C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\Extensions\foxmarks@kei.com
FF Extension: Zula Games - C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\Extensions\zulagames@ZulaGames.com
FF Extension: Microsoft .NET Framework Assistant - C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: Yahoo! Toolbar - C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF Extension: toolbar - C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\Extensions\toolbar@web.de.xpi
FF Extension: trtv3 - C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\Extensions\trtv3@trtv.com.xpi
FF Extension: No Name - C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Anti-Banner - C:\Programme\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2
FF Extension: Modul zur Link-Untersuchung - C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2
FF Extension: No Name - C:\Programme\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF Extension: Default - C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Programme\Avira\AntiVir Desktop\sched.exe [84024 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Programme\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-24] (Avira Operations GmbH & Co. KG)
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2008-12-01] ()
S3 GenericMount Helper Service; C:\Programme\Norton Ghost\Shared\Drivers\GenericMountHelper.exe [1574408 2010-02-12] (Symantec)
S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2009-11-23] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2009-11-23] (Google Inc.)
S3 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2012-08-22] (Google)
S3 IDriverT; c:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation)
R2 MBAMScheduler; C:\Bereinigung\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Bereinigung\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [117144 2013-07-03] (Mozilla Foundation)
R2 MSSQL$SQLEXPRESS; c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [40999448 2008-07-11] (Microsoft Corporation)
S4 MSSQLServerADHelper100; c:\Programme\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [47128 2008-07-11] (Microsoft Corporation)
R2 Norton Ghost; C:\Programme\Norton Ghost\Agent\VProSvc.exe [4590432 2010-03-03] (Symantec Corporation)
S3 odserv; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE [440696 2011-07-20] (Microsoft Corporation)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation)
S2 SkypeUpdate; C:\Programme\Skype\Updater\Updater.exe [160944 2012-07-13] (Skype Technologies)
S3 Sony PC Companion; C:\Programme\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S4 SQLAgent$SQLEXPRESS; c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [369688 2008-07-11] (Microsoft Corporation)
S4 SQLBrowser; c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe [258072 2008-07-10] (Microsoft Corporation)
R2 SQLWriter; c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe [98840 2008-07-10] (Microsoft Corporation)
R3 Symantec SymSnap VSS Provider; C:\WINDOWS\system32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation)
R3 SymSnapService; C:\Programme\Norton Ghost\Shared\Drivers\SymSnapService.exe [1964528 2010-02-11] (Symantec)
S3 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-11-03] (Microsoft Corporation)
S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [x]
R2 JavaQuickStarterService; "C:\Programme\Java\jre7\bin\jqs.exe" -service -config "C:\Programme\Java\jre7\lib\deploy\jqs\jqs.conf" [x]

==================== Drivers (Whitelisted) ====================

R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.)
S3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [2300928 2004-12-01] (Realtek Semiconductor Corp.)
S3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
S1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [35840 2004-10-21] (Advanced Micro Devices)
R2 Aspi32; C:\Windows\System32\drivers\aspi32.sys [16512 2006-09-02] (Adaptec)
R3 ati2mtag; C:\Windows\System32\DRIVERS\ati2mtag.sys [3452928 2008-12-02] (ATI Technologies Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-02-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-02-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-06] (Avira Operations GmbH & Co. KG)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 Cdr4_xp; C:\Windows\System32\Drivers\Cdr4_xp.sys [2432 2006-07-24] (Sonic Solutions)
R1 Cdralw2k; C:\Windows\System32\Drivers\Cdralw2k.sys [2560 2006-07-24] (Sonic Solutions)
R3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [57840 2010-02-12] (Symantec Corporation)
R3 GT680x; C:\Windows\System32\Drivers\gt680x.sys [18120 2001-11-08] (   )
R2 Hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [676864 2004-07-14] (Aladdin Knowledge Systems)
R2 Haspnt; C:\WINDOWS\system32\drivers\Haspnt.sys [47616 2006-09-02] (Aladdin Knowledge Systems)
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] (Windows (R) Server 2003 DDK provider)
R3 L1c; C:\Windows\System32\DRIVERS\l1c51x86.sys [65136 2011-03-22] (Atheros Communications, Inc.)
S3 MA-620; C:\Windows\System32\DRIVERS\MA-620.sys [27136 2003-03-25] (Mobile Action Tech. Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S3 MSIRCOMM; C:\Windows\System32\DRIVERS\MSIRCOMM.sys [22016 2008-04-13] (Microsoft Corporation)
S3 MVDCODEC; C:\Windows\System32\DRIVERS\ativmdcd.sys [9472 2001-08-17] ()
S3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-13] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R0 nvatabus; C:\Windows\System32\DRIVERS\nvatabus.sys [87936 2004-12-07] (NVIDIA Corporation)
S3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [33408 2004-11-24] (NVIDIA Corporation)
S3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [12928 2004-11-24] (NVIDIA Corporation)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [618112 2008-02-13] (PixArt Imaging Inc.)
R1 PCLEPCI; C:\WINDOWS\system32\drivers\pclepci.sys [14165 2005-02-09] (Pinnacle Systems GmbH)
S3 PMUSB2G; C:\Windows\System32\Drivers\PMUSB.sys [17408 2009-01-04] (PassMark Software)
R0 Pnp680r; C:\Windows\System32\DRIVERS\pnp680r.sys [76976 2002-05-31] (Silicon Image, Inc)
S3 pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [16472 2012-01-18] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [11104 2012-01-18] ()
R3 Rasirda; C:\Windows\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
S4 RsFx0102; C:\Windows\System32\DRIVERS\RsFx0102.sys [242712 2008-07-10] (Microsoft Corporation)
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [89256 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [15016 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [120744 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [114216 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [25512 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [110632 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [115752 2008-05-16] (MCCI Corporation)
R0 Si3114r5; C:\Windows\System32\DRIVERS\Si3114r5.sys [211496 2008-11-25] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\DRIVERS\SiWinAcc.sys [17064 2008-11-25] (Silicon Image, Inc.)
R0 SiRemFil; C:\Windows\System32\DRIVERS\SiRemFil.sys [12200 2008-11-25] (Silicon Image, Inc.)
S3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [11136 2008-04-13] (Microsoft Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
S3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [15232 2008-04-13] (Microsoft Corporation)
R2 symlcbrd; C:\WINDOWS\system32\drivers\symlcbrd.sys [4608 2006-09-02] (Symantec Corporation)
S3 VProEventMonitor; C:\Windows\System32\DRIVERS\vproeventmonitor.sys [15096 2009-09-21] (Symantec Corporation)
R3 WmBEnum; C:\Windows\System32\drivers\WmBEnum.sys [10144 2003-05-14] (Logitech Inc.)
S3 WmFilter; C:\Windows\System32\drivers\WmFilter.sys [21216 2003-05-14] (Logitech Inc.)
S3 WmVirHid; C:\Windows\System32\drivers\WmVirHid.sys [5728 2003-05-14] (Logitech Inc.)
R3 WmXlCore; C:\Windows\System32\drivers\WmXlCore.sys [44288 2003-05-14] (Logitech Inc.)
S3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-13] (Microsoft Corporation)
S3 yukonwxp; C:\Windows\System32\DRIVERS\yk51x86.sys [285952 2007-12-06] (Marvell)
S3 AVFSFilter; system32\DRIVERS\avfsfilter.sys [x]
S3 btaudio; system32\drivers\btaudio.sys [x]
S3 BTDriver; system32\DRIVERS\btport.sys [x]
S3 BTKRNL; system32\DRIVERS\btkrnl.sys [x]
S3 BTWDNDIS; system32\DRIVERS\btwdndis.sys [x]
S3 BTWUSB; System32\Drivers\btwusb.sys [x]
S2 Ca533av; System32\Drivers\Ca533av.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 FTD2XX; System32\Drivers\FTD2XX.sys [x]
S3 GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [x]
S4 IntelIde; No ImagePath
S3 LHidUsbK; System32\Drivers\LHidUsbK.Sys [x]
S3 LMouKE; system32\DRIVERS\LMouKE.Sys [x]
U3 TlntSvr; 
S3 USBCamera; System32\Drivers\Bulk533.sys [x]
U2 V2iMount; 
U3 Winsock - Google Desktop Search Backup Before First Install; No ImagePath
U3 Winsock - Google Desktop Search Backup Before Last Install; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-05 20:43 - 2013-08-05 20:44 - 00005771 _____ c:\temp\log1
2013-08-05 20:42 - 2013-08-05 20:43 - 00021179 _____ c:\temp\frstlog
2013-08-05 20:42 - 2013-08-05 20:42 - 00000305 _____ c:\temp\users00
2013-08-05 20:42 - 2013-08-05 20:42 - 00000003 _____ c:\temp\others
2013-08-05 20:22 - 2013-08-05 20:22 - 00000000 ____D c:\temp\RarSFX1
2013-08-05 20:15 - 2013-08-05 20:41 - 00016384 ____T c:\temp\~DF20FD.tmp
2013-08-05 20:15 - 2013-08-05 20:15 - 00016384 ____T c:\temp\~DFEDD5.tmp
2013-08-05 19:48 - 2013-08-05 19:48 - 00568821 _____ c:\temp\q+lIFSER.pdf.part
2013-08-05 19:48 - 2013-08-05 19:48 - 00255288 _____ c:\temp\QQa+6bQz.pdf.part
2013-08-05 19:00 - 2013-08-05 19:00 - 00016384 _____ c:\temp\~DF275.tmp
2013-08-05 18:30 - 2013-08-05 18:30 - 00016384 ____T c:\temp\Perflib_Perfdata_e54.dat
2013-08-05 17:28 - 2013-08-05 17:28 - 00016384 ____T c:\temp\Perflib_Perfdata_ae8.dat
2013-08-05 17:26 - 2013-08-05 17:26 - 00016384 ____T c:\temp\Perflib_Perfdata_9d8.dat
2013-08-05 17:26 - 2013-08-05 17:26 - 00016384 ____T c:\temp\Perflib_Perfdata_680.dat
2013-08-05 17:26 - 2013-08-05 17:26 - 00016384 ____T c:\temp\Perflib_Perfdata_394.dat
2013-08-05 17:25 - 2013-08-05 17:25 - 00000000 ____D c:\temp\WPDNSE
2013-08-05 09:21 - 2013-08-05 09:21 - 00016384 ____T c:\temp\Perflib_Perfdata_434.dat
2013-08-05 09:20 - 2013-08-05 09:20 - 00016384 ____T c:\temp\Perflib_Perfdata_994.dat
2013-08-04 23:37 - 2013-08-04 23:37 - 00016384 ____T c:\temp\Perflib_Perfdata_8c4.dat
2013-08-04 23:05 - 2013-08-04 23:05 - 00016384 ____T c:\temp\Perflib_Perfdata_cf8.dat
2013-08-04 19:52 - 2013-08-04 19:52 - 00016384 ____T c:\temp\Perflib_Perfdata_cbc.dat
2013-08-04 19:47 - 2013-08-04 19:47 - 00000000 ____D c:\temp\WER6abb.dir00
2013-08-04 19:46 - 2013-08-04 19:46 - 00000000 ____D c:\temp\WER5625.dir00
2013-08-04 19:46 - 2013-08-04 19:46 - 00000000 ____D c:\temp\WER372c.dir00
2013-08-04 19:46 - 2013-08-04 19:46 - 00000000 ____D c:\temp\WER1fe0.dir00
2013-08-04 12:10 - 2013-08-04 21:57 - 00682962 _____ C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\model.fnp
2013-08-04 11:31 - 2013-08-04 11:38 - 00061158 _____ C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\m-rad.fnp
2013-08-03 21:22 - 2013-08-03 21:22 - 00003939 _____ c:\temp\GimmeSetup(20130803212201ACC).log
2013-08-03 21:21 - 2013-08-03 21:22 - 00003544 _____ c:\temp\SetupExe(20130803212159ACC).log
2013-08-03 15:18 - 2013-08-03 15:48 - 00064301 _____ C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\blat1 filou.fnp
2013-08-03 11:05 - 2013-08-03 11:05 - 00016384 ____T c:\temp\Perflib_Perfdata_89c.dat
2013-08-02 19:53 - 2013-08-02 19:54 - 00003939 _____ c:\temp\GimmeSetup(20130802195346E08).log
2013-08-02 19:53 - 2013-08-02 19:53 - 00003544 _____ c:\temp\SetupExe(20130802195344E08).log
2013-08-02 19:33 - 2013-08-02 19:33 - 00000000 _____ c:\temp\geIconCacheLock
2013-08-02 19:33 - 2013-08-02 19:33 - 00000000 _____ c:\temp\geColladaModelCacheLock
2013-08-02 18:30 - 2013-08-02 18:30 - 00016384 ____T c:\temp\Perflib_Perfdata_c4c.dat
2013-08-02 14:58 - 2013-08-02 14:58 - 00112298 _____ C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\test-01.fnp
2013-08-02 14:04 - 2013-08-02 14:04 - 00003939 _____ c:\temp\GimmeSetup(20130802140405FFC).log
2013-08-02 14:04 - 2013-08-02 14:04 - 00003544 _____ c:\temp\SetupExe(20130802140404FFC).log
2013-08-02 13:09 - 2013-08-02 13:09 - 00003938 _____ c:\temp\GimmeSetup(20130802130925260).log
2013-08-02 13:09 - 2013-08-02 13:09 - 00003541 _____ c:\temp\SetupExe(20130802130923260).log
2013-08-02 12:28 - 2013-08-02 12:28 - 00000000 ____D C:\Programme\ESET
2013-08-02 11:15 - 2013-08-02 11:15 - 00016384 ____T c:\temp\Perflib_Perfdata_a24.dat
2013-08-02 02:20 - 2013-08-02 13:24 - 00054156 ____H C:\WINDOWS\QTFont.qfn
2013-08-02 02:20 - 2013-08-02 02:20 - 00001409 _____ C:\WINDOWS\QTFont.for
2013-08-01 23:06 - 2013-08-01 23:06 - 00016384 ____T c:\temp\Perflib_Perfdata_c5c.dat
2013-08-01 22:37 - 2013-08-01 22:37 - 00016384 ____T c:\temp\Perflib_Perfdata_704.dat
2013-08-01 22:32 - 2013-08-01 22:32 - 00016384 ____T c:\temp\Perflib_Perfdata_878.dat
2013-08-01 22:28 - 2013-08-01 22:28 - 10285040 _____ (Malwarebytes Corporation                                    ) c:\temp\ZPBg+2uy.exe.part
2013-08-01 22:19 - 2013-08-01 22:20 - 00000000 ____D c:\temp\plugtmp-3
2013-08-01 21:19 - 2013-08-01 21:19 - 00016384 ____T c:\temp\Perflib_Perfdata_d80.dat
2013-08-01 20:48 - 2013-08-01 20:49 - 00003353 _____ c:\temp\tmpA9.tmp
2013-08-01 20:48 - 2013-08-01 20:48 - 00000000 _____ c:\temp\tmpA8.tmp
2013-08-01 18:30 - 2013-08-01 18:30 - 00016384 ____T c:\temp\Perflib_Perfdata_518.dat
2013-08-01 18:17 - 2013-08-01 18:17 - 00078749 _____ c:\temp\Projekt_115_test_3.TP_MODEL-QTECH8.DEMO
2013-08-01 18:14 - 2013-08-04 04:46 - 01926417 _____ c:\temp\NewPostFile.DEMO
2013-08-01 18:01 - 2013-08-04 07:46 - 00000615 _____ C:\Dokumente und Einstellungen\All Users\Desktop\FILOU-NC12.lnk
2013-08-01 18:01 - 2013-08-04 07:46 - 00000000 ____D C:\Programme\FILOU-NC12
2013-08-01 18:01 - 2009-09-07 10:51 - 00389120 _____ (WinMain Software (hxxp://www.winmain.com)) C:\WINDOWS\system32\cmax20.ocx
2013-08-01 18:01 - 2009-09-03 13:25 - 00389120 _____ (FILOU Software GmbH) C:\WINDOWS\system32\NCGraph3.ocx
2013-08-01 18:01 - 1999-02-19 07:54 - 00040960 _____ (<none>) C:\WINDOWS\system32\SSubTmr6.dll
2013-08-01 18:01 - 1998-06-23 23:00 - 00103744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSCOMM32.OCX
2013-08-01 14:58 - 2013-08-01 14:58 - 00016384 ____T c:\temp\Perflib_Perfdata_b18.dat
2013-08-01 14:56 - 2013-08-01 14:56 - 00016384 ____T c:\temp\Perflib_Perfdata_8dc.dat
2013-08-01 14:52 - 2013-08-01 14:54 - 00028996 _____ C:\AdwCleaner[S2].txt
2013-08-01 14:50 - 2013-08-04 23:40 - 00000306 _____ c:\temp\JavaDeployReg.log
2013-08-01 14:43 - 2013-08-01 14:43 - 00016384 ____T c:\temp\Perflib_Perfdata_dd0.dat
2013-08-01 01:25 - 2013-08-05 18:00 - 00030170 _____ c:\temp\dd_clwireg.txt
2013-07-31 22:52 - 2013-07-31 22:52 - 00025525 _____ C:\ComboFix.txt
2013-07-31 22:48 - 2013-08-05 18:00 - 00001385 _____ c:\temp\dw.log
2013-07-31 22:47 - 2013-07-31 22:47 - 00016384 ____T c:\temp\Perflib_Perfdata_da4.dat
2013-07-31 22:46 - 2013-08-05 17:28 - 00000409 _____ c:\temp\WGANotify.settings
2013-07-31 22:44 - 2013-08-05 17:30 - 00012366 _____ c:\temp\jusched.log
2013-07-31 22:44 - 2013-08-05 17:26 - 00012618 _____ c:\temp\AdobeARM.log
2013-07-31 22:44 - 2013-07-31 22:44 - 00028759 _____ c:\temp\Spanish.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00028419 _____ c:\temp\Italian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00028183 _____ c:\temp\French.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026912 _____ c:\temp\Portuguese.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026669 _____ c:\temp\German.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026582 _____ c:\temp\Russian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026549 _____ c:\temp\Hungarian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026202 _____ c:\temp\Dutch.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026159 _____ c:\temp\Slovak.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026023 _____ c:\temp\Portuguese(Brazil).bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00025980 _____ c:\temp\Lithuanian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00025631 _____ c:\temp\Greek.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00025202 _____ c:\temp\Japanese.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00024950 _____ c:\temp\Polish.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00024855 _____ c:\temp\Croatian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00024769 _____ c:\temp\Czech.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00024503 _____ c:\temp\SWEDISH.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00024330 _____ c:\temp\Slovenian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00023326 _____ c:\temp\Finnish.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00023225 _____ c:\temp\Danish.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00022830 _____ c:\temp\Turkish.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00022808 _____ c:\temp\English.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00022406 _____ c:\temp\Norwegian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00022395 _____ c:\temp\Thai.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00021543 _____ c:\temp\Arabic.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00020917 _____ c:\temp\Korean.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00019937 _____ c:\temp\Hebrew.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00017584 _____ c:\temp\TradChin.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00017030 _____ c:\temp\SimChin.bin
2013-07-31 22:13 - 2013-07-31 22:14 - 00000000 ____D c:\temp\plugtmp-2
2013-07-31 18:30 - 2013-07-31 18:30 - 00016384 ____T c:\temp\Perflib_Perfdata_19c4.dat
2013-07-31 18:18 - 2013-07-31 18:18 - 00000000 ____D C:\FRST
2013-07-31 11:30 - 2013-07-31 11:30 - 00016384 ____T c:\temp\Perflib_Perfdata_8f0.dat
2013-07-31 11:29 - 2013-07-31 11:29 - 00016384 ____T c:\temp\Perflib_Perfdata_cc0.dat
2013-07-31 04:37 - 2013-08-04 06:41 - 00005207 _____ C:\WINDOWS\ncvsolid.ini
2013-07-30 23:32 - 2013-07-30 23:32 - 00000000 ____D c:\temp\plugtmp-1
2013-07-27 17:31 - 2013-07-27 17:31 - 23924396 _____ C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\Cimatron E10.0 x32 x64 Setup + Key.rar
2013-07-27 17:30 - 2013-08-05 17:30 - 00001162 _____ C:\WINDOWS\Tasks\Torntv 2-updater.job
2013-07-27 17:30 - 2013-08-05 17:30 - 00001156 _____ C:\WINDOWS\Tasks\Torntv 2-codedownloader.job
2013-07-27 17:30 - 2013-08-05 17:30 - 00001066 _____ C:\WINDOWS\Tasks\Torntv 2-enabler.job
2013-07-27 17:30 - 2013-07-27 17:31 - 00000000 ____D C:\Programme\Torntv 2
2013-07-27 17:29 - 2013-07-31 22:38 - 00000000 ____D c:\temp\nsb2D.tmp
2013-07-27 07:05 - 2013-07-29 12:05 - 00001906 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
2013-07-26 11:05 - 2013-07-26 11:05 - 00000000 ____D c:\temp\mt_ffx
2013-07-26 11:04 - 2013-08-01 22:58 - 00000000 ____D C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Web Cake
2013-07-26 11:04 - 2013-07-31 22:38 - 00000000 ____D c:\temp\B638892A-BAB0-7891-BC5B-A7A34DE01197
2013-07-26 11:04 - 2013-07-26 11:04 - 00000000 ____D C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\zulagames
2013-07-26 10:30 - 2013-08-04 06:42 - 00003738 _____ C:\WINDOWS\ncverify.INI
2013-07-18 16:57 - 2013-07-31 22:38 - 00000000 ____D c:\temp\WERbee9.dir00
2013-07-18 16:57 - 2013-07-31 22:38 - 00000000 ____D c:\temp\WER5681.dir00
2013-07-18 16:56 - 2013-07-31 22:38 - 00000000 ____D c:\temp\WER9fde.dir00
2013-07-18 16:56 - 2013-07-31 22:38 - 00000000 ____D c:\temp\WER2ca9.dir00
2013-07-18 16:56 - 2013-07-31 22:38 - 00000000 ____D c:\temp\WER2366.dir00
2013-07-12 18:00 - 2013-07-12 18:04 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-07-10 18:48 - 2013-07-10 18:48 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904_WM11$
2013-07-10 18:48 - 2013-07-10 18:48 - 00000000 ____D c:\temp\KB2835393_10.0.30319
2013-07-10 18:47 - 2013-07-10 18:48 - 00125219 _____ C:\WINDOWS\KB2834904.log
2013-07-10 18:45 - 2013-08-05 18:00 - 00000000 ____D c:\temp\NDP1.1sp1-KB2833941-X86
2013-07-10 18:45 - 2013-07-10 18:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$
2013-07-10 18:44 - 2013-07-10 18:45 - 00125004 _____ C:\WINDOWS\KB2834886.log
2013-07-10 18:44 - 2013-07-10 18:44 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850851$
2013-07-10 18:43 - 2013-07-10 18:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845187$
2013-07-10 18:22 - 2013-07-10 18:23 - 00128314 _____ C:\WINDOWS\KB2846071-IE8.log
2013-07-10 18:17 - 2013-07-10 18:17 - 00000000 ____D c:\temp\KB2832407_10.0.30319
2013-07-10 18:05 - 2013-07-10 18:05 - 00000000 ____D c:\temp\KB2840628_10.0.30319
2013-07-10 17:30 - 2013-07-10 18:44 - 00130926 _____ C:\WINDOWS\KB2850851.log
2013-07-10 17:30 - 2013-07-10 18:43 - 00129702 _____ C:\WINDOWS\KB2845187.log
2013-07-09 19:25 - 2013-07-31 22:38 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 1 für 21409500[2].zip
2013-07-09 19:25 - 2013-07-31 22:38 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 1 für 21405500[1].zip
166

==================== One Month Modified Files and Folders =======

2013-08-05 20:44 - 2013-08-05 20:43 - 00005771 _____ c:\temp\log1
2013-08-05 20:43 - 2013-08-05 20:42 - 00021179 _____ c:\temp\frstlog
2013-08-05 20:42 - 2013-08-05 20:42 - 00000305 _____ c:\temp\users00
2013-08-05 20:42 - 2013-08-05 20:42 - 00000003 _____ c:\temp\others
2013-08-05 20:41 - 2013-08-05 20:15 - 00016384 ____T c:\temp\~DF20FD.tmp
2013-08-05 20:39 - 2012-04-10 02:36 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-08-05 20:22 - 2013-08-05 20:22 - 00000000 ____D c:\temp\RarSFX1
2013-08-05 20:22 - 2012-10-11 22:50 - 00000000 ____D C:\Bereinigung
2013-08-05 20:15 - 2013-08-05 20:15 - 00016384 ____T c:\temp\~DFEDD5.tmp
2013-08-05 20:04 - 2009-11-23 03:27 - 00001094 ____C C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-05 19:48 - 2013-08-05 19:48 - 00568821 _____ c:\temp\q+lIFSER.pdf.part
2013-08-05 19:48 - 2013-08-05 19:48 - 00255288 _____ c:\temp\QQa+6bQz.pdf.part
2013-08-05 19:26 - 2006-09-02 15:35 - 01617323 ____C C:\WINDOWS\WindowsUpdate.log
2013-08-05 19:18 - 2006-09-02 17:22 - 00000116 ____C C:\WINDOWS\NeroDigital.ini
2013-08-05 19:00 - 2013-08-05 19:00 - 00016384 _____ c:\temp\~DF275.tmp
2013-08-05 18:31 - 2006-09-02 17:22 - 00000000 ____D C:\WINDOWS\repair
2013-08-05 18:30 - 2013-08-05 18:30 - 00016384 ____T c:\temp\Perflib_Perfdata_e54.dat
2013-08-05 18:30 - 2006-09-02 15:33 - 00000000 ____D C:\WINDOWS\Registration
2013-08-05 18:00 - 2013-08-01 01:25 - 00030170 _____ c:\temp\dd_clwireg.txt
2013-08-05 18:00 - 2013-07-31 22:48 - 00001385 _____ c:\temp\dw.log
2013-08-05 18:00 - 2013-07-10 18:45 - 00000000 ____D c:\temp\NDP1.1sp1-KB2833941-X86
2013-08-05 17:53 - 2006-09-02 16:29 - 00000259 ____C C:\WINDOWS\wiadebug.log
2013-08-05 17:30 - 2013-07-31 22:44 - 00012366 _____ c:\temp\jusched.log
2013-08-05 17:30 - 2013-07-27 17:30 - 00001162 _____ C:\WINDOWS\Tasks\Torntv 2-updater.job
2013-08-05 17:30 - 2013-07-27 17:30 - 00001156 _____ C:\WINDOWS\Tasks\Torntv 2-codedownloader.job
2013-08-05 17:30 - 2013-07-27 17:30 - 00001066 _____ C:\WINDOWS\Tasks\Torntv 2-enabler.job
2013-08-05 17:28 - 2013-08-05 17:28 - 00016384 ____T c:\temp\Perflib_Perfdata_ae8.dat
2013-08-05 17:28 - 2013-07-31 22:46 - 00000409 _____ c:\temp\WGANotify.settings
2013-08-05 17:28 - 2004-08-04 14:00 - 00012682 ____C C:\WINDOWS\system32\wpa.dbl
2013-08-05 17:26 - 2013-08-05 17:26 - 00016384 ____T c:\temp\Perflib_Perfdata_9d8.dat
2013-08-05 17:26 - 2013-08-05 17:26 - 00016384 ____T c:\temp\Perflib_Perfdata_680.dat
2013-08-05 17:26 - 2013-08-05 17:26 - 00016384 ____T c:\temp\Perflib_Perfdata_394.dat
2013-08-05 17:26 - 2013-07-31 22:44 - 00012618 _____ c:\temp\AdobeARM.log
2013-08-05 17:26 - 2006-09-02 16:29 - 00000000 ____C C:\WINDOWS\wiaservc.log
2013-08-05 17:25 - 2013-08-05 17:25 - 00000000 ____D c:\temp\WPDNSE
2013-08-05 17:25 - 2009-11-23 03:27 - 00001090 ____C C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-05 17:25 - 2008-12-01 22:11 - 00069112 ____C C:\WINDOWS\system32\ativvaxx.cap
2013-08-05 17:25 - 2006-09-02 15:38 - 00000006 ___HC C:\WINDOWS\Tasks\SA.DAT
2013-08-05 10:47 - 2006-09-02 15:38 - 00032392 _____ C:\WINDOWS\SchedLgU.Txt
2013-08-05 10:46 - 2006-09-02 15:39 - 00000190 __SHC C:\Dokumente und Einstellungen\Hartmann\ntuser.ini
2013-08-05 10:46 - 2006-09-02 15:39 - 00000000 ____D C:\Dokumente und Einstellungen\Hartmann
2013-08-05 09:21 - 2013-08-05 09:21 - 00016384 ____T c:\temp\Perflib_Perfdata_434.dat
2013-08-05 09:20 - 2013-08-05 09:20 - 00016384 ____T c:\temp\Perflib_Perfdata_994.dat
2013-08-04 23:40 - 2013-08-01 14:50 - 00000306 _____ c:\temp\JavaDeployReg.log
2013-08-04 23:40 - 2013-04-29 23:38 - 00000000 ____D c:\temp\hsperfdata_Hartmann
2013-08-04 23:37 - 2013-08-04 23:37 - 00016384 ____T c:\temp\Perflib_Perfdata_8c4.dat
2013-08-04 23:05 - 2013-08-04 23:05 - 00016384 ____T c:\temp\Perflib_Perfdata_cf8.dat
2013-08-04 22:54 - 2006-09-05 00:54 - 00000000 ____D C:\Boxer Klub
2013-08-04 21:57 - 2013-08-04 12:10 - 00682962 _____ C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\model.fnp
2013-08-04 19:52 - 2013-08-04 19:52 - 00016384 ____T c:\temp\Perflib_Perfdata_cbc.dat
2013-08-04 19:47 - 2013-08-04 19:47 - 00000000 ____D c:\temp\WER6abb.dir00
2013-08-04 19:46 - 2013-08-04 19:46 - 00000000 ____D c:\temp\WER5625.dir00
2013-08-04 19:46 - 2013-08-04 19:46 - 00000000 ____D c:\temp\WER372c.dir00
2013-08-04 19:46 - 2013-08-04 19:46 - 00000000 ____D c:\temp\WER1fe0.dir00
2013-08-04 11:38 - 2013-08-04 11:31 - 00061158 _____ C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\m-rad.fnp
2013-08-04 07:46 - 2013-08-01 18:01 - 00000615 _____ C:\Dokumente und Einstellungen\All Users\Desktop\FILOU-NC12.lnk
2013-08-04 07:46 - 2013-08-01 18:01 - 00000000 ____D C:\Programme\FILOU-NC12
2013-08-04 07:03 - 2007-06-14 23:52 - 06619136 ____C C:\WINDOWS\outlook.pst
2013-08-04 07:03 - 2004-08-04 14:00 - 00001738 ____C C:\WINDOWS\win.ini
2013-08-04 06:42 - 2013-07-26 10:30 - 00003738 _____ C:\WINDOWS\ncverify.INI
2013-08-04 06:41 - 2013-07-31 04:37 - 00005207 _____ C:\WINDOWS\ncvsolid.ini
2013-08-04 04:46 - 2013-08-01 18:14 - 01926417 _____ c:\temp\NewPostFile.DEMO
2013-08-03 21:23 - 2006-09-02 16:18 - 00000000 ____D C:\Privat
2013-08-03 21:22 - 2013-08-03 21:22 - 00003939 _____ c:\temp\GimmeSetup(20130803212201ACC).log
2013-08-03 21:22 - 2013-08-03 21:21 - 00003544 _____ c:\temp\SetupExe(20130803212159ACC).log
2013-08-03 15:48 - 2013-08-03 15:18 - 00064301 _____ C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\blat1 filou.fnp
2013-08-03 11:05 - 2013-08-03 11:05 - 00016384 ____T c:\temp\Perflib_Perfdata_89c.dat
2013-08-03 03:12 - 2006-09-02 18:25 - 00004096 ___SH C:\VSNAP.IDX
2013-08-02 19:54 - 2013-08-02 19:53 - 00003939 _____ c:\temp\GimmeSetup(20130802195346E08).log
2013-08-02 19:53 - 2013-08-02 19:53 - 00003544 _____ c:\temp\SetupExe(20130802195344E08).log
2013-08-02 19:33 - 2013-08-02 19:33 - 00000000 _____ c:\temp\geIconCacheLock
2013-08-02 19:33 - 2013-08-02 19:33 - 00000000 _____ c:\temp\geColladaModelCacheLock
2013-08-02 18:53 - 2007-03-28 23:42 - 00000000 ____D C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\BVS Solitaire Collection
2013-08-02 18:30 - 2013-08-02 18:30 - 00016384 ____T c:\temp\Perflib_Perfdata_c4c.dat
2013-08-02 14:58 - 2013-08-02 14:58 - 00112298 _____ C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\test-01.fnp
2013-08-02 14:04 - 2013-08-02 14:04 - 00003939 _____ c:\temp\GimmeSetup(20130802140405FFC).log
2013-08-02 14:04 - 2013-08-02 14:04 - 00003544 _____ c:\temp\SetupExe(20130802140404FFC).log
2013-08-02 13:24 - 2013-08-02 02:20 - 00054156 ____H C:\WINDOWS\QTFont.qfn
2013-08-02 13:09 - 2013-08-02 13:09 - 00003938 _____ c:\temp\GimmeSetup(20130802130925260).log
2013-08-02 13:09 - 2013-08-02 13:09 - 00003541 _____ c:\temp\SetupExe(20130802130923260).log
2013-08-02 12:28 - 2013-08-02 12:28 - 00000000 ____D C:\Programme\ESET
2013-08-02 12:28 - 2006-09-02 16:27 - 00000000 ___RD C:\Programme
2013-08-02 11:15 - 2013-08-02 11:15 - 00016384 ____T c:\temp\Perflib_Perfdata_a24.dat
2013-08-02 02:20 - 2013-08-02 02:20 - 00001409 _____ C:\WINDOWS\QTFont.for
2013-08-01 23:06 - 2013-08-01 23:06 - 00016384 ____T c:\temp\Perflib_Perfdata_c5c.dat
2013-08-01 23:03 - 2007-01-10 19:00 - 00000000 ____D C:\WINDOWS\ie7updates
2013-08-01 22:58 - 2013-07-26 11:04 - 00000000 ____D C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Web Cake
2013-08-01 22:37 - 2013-08-01 22:37 - 00016384 ____T c:\temp\Perflib_Perfdata_704.dat
2013-08-01 22:35 - 2013-02-08 22:29 - 00000773 _____ C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-01 22:32 - 2013-08-01 22:32 - 00016384 ____T c:\temp\Perflib_Perfdata_878.dat
2013-08-01 22:28 - 2013-08-01 22:28 - 10285040 _____ (Malwarebytes Corporation                                    ) c:\temp\ZPBg+2uy.exe.part
2013-08-01 22:20 - 2013-08-01 22:19 - 00000000 ____D c:\temp\plugtmp-3
2013-08-01 21:56 - 2006-09-05 00:54 - 00000000 ____D C:\Filme
2013-08-01 21:19 - 2013-08-01 21:19 - 00016384 ____T c:\temp\Perflib_Perfdata_d80.dat
2013-08-01 20:49 - 2013-08-01 20:48 - 00003353 _____ c:\temp\tmpA9.tmp
2013-08-01 20:48 - 2013-08-01 20:48 - 00000000 _____ c:\temp\tmpA8.tmp
2013-08-01 20:37 - 2010-08-05 14:37 - 00000000 ____D C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\FreeVideoConverter
2013-08-01 19:16 - 2013-02-11 00:31 - 00000000 ____D c:\temp\Google Toolbar
2013-08-01 18:30 - 2013-08-01 18:30 - 00016384 ____T c:\temp\Perflib_Perfdata_518.dat
2013-08-01 18:17 - 2013-08-01 18:17 - 00078749 _____ c:\temp\Projekt_115_test_3.TP_MODEL-QTECH8.DEMO
2013-08-01 14:58 - 2013-08-01 14:58 - 00016384 ____T c:\temp\Perflib_Perfdata_b18.dat
2013-08-01 14:56 - 2013-08-01 14:56 - 00016384 ____T c:\temp\Perflib_Perfdata_8dc.dat
2013-08-01 14:54 - 2013-08-01 14:52 - 00028996 _____ C:\AdwCleaner[S2].txt
2013-08-01 14:52 - 2013-02-23 11:53 - 00000908 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk
2013-08-01 14:52 - 2012-01-18 20:19 - 00000886 _____ C:\Dokumente und Einstellungen\Hartmann\Startmenü\Programme\WEB.DE.lnk
2013-08-01 14:52 - 2009-07-07 17:32 - 00000760 _____ C:\Dokumente und Einstellungen\Hartmann\Startmenü\Programme\Internet Explorer.lnk
2013-08-01 14:52 - 2008-05-30 13:35 - 00000715 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
2013-08-01 14:52 - 2006-09-02 15:39 - 00000000 ___RD C:\Dokumente und Einstellungen\Hartmann\Startmenü\Programme
2013-08-01 14:45 - 2013-02-22 23:27 - 00000000 ____D c:\temp\APNScripts
2013-08-01 14:43 - 2013-08-01 14:43 - 00016384 ____T c:\temp\Perflib_Perfdata_dd0.dat
2013-07-31 22:52 - 2013-07-31 22:52 - 00025525 _____ C:\ComboFix.txt
2013-07-31 22:52 - 2012-11-17 14:15 - 00000000 ____D C:\Qoobox
2013-07-31 22:47 - 2013-07-31 22:47 - 00016384 ____T c:\temp\Perflib_Perfdata_da4.dat
2013-07-31 22:45 - 2004-08-04 14:00 - 00000243 _____ C:\WINDOWS\system.ini
2013-07-31 22:44 - 2013-07-31 22:44 - 00028759 _____ c:\temp\Spanish.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00028419 _____ c:\temp\Italian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00028183 _____ c:\temp\French.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026912 _____ c:\temp\Portuguese.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026669 _____ c:\temp\German.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026582 _____ c:\temp\Russian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026549 _____ c:\temp\Hungarian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026202 _____ c:\temp\Dutch.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026159 _____ c:\temp\Slovak.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026023 _____ c:\temp\Portuguese(Brazil).bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00025980 _____ c:\temp\Lithuanian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00025631 _____ c:\temp\Greek.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00025202 _____ c:\temp\Japanese.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00024950 _____ c:\temp\Polish.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00024855 _____ c:\temp\Croatian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00024769 _____ c:\temp\Czech.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00024503 _____ c:\temp\SWEDISH.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00024330 _____ c:\temp\Slovenian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00023326 _____ c:\temp\Finnish.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00023225 _____ c:\temp\Danish.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00022830 _____ c:\temp\Turkish.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00022808 _____ c:\temp\English.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00022406 _____ c:\temp\Norwegian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00022395 _____ c:\temp\Thai.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00021543 _____ c:\temp\Arabic.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00020917 _____ c:\temp\Korean.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00019937 _____ c:\temp\Hebrew.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00017584 _____ c:\temp\TradChin.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00017030 _____ c:\temp\SimChin.bin
2013-07-31 22:41 - 2006-09-02 17:26 - 63176704 _____ C:\WINDOWS\system32\config\software.bak
2013-07-31 22:41 - 2006-09-02 17:26 - 08388608 _____ C:\WINDOWS\system32\config\system.bak
2013-07-31 22:41 - 2006-09-02 17:26 - 00311296 _____ C:\WINDOWS\system32\config\default.bak
2013-07-31 22:41 - 2006-09-02 16:26 - 00262144 _____ C:\WINDOWS\system32\config\SECURITY.bak
2013-07-31 22:41 - 2006-09-02 16:26 - 00028672 _____ C:\WINDOWS\system32\config\SAM.bak
2013-07-31 22:40 - 2009-10-10 13:25 - 00008192 ____H C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2013-07-31 22:40 - 2008-12-15 15:37 - 00000000 ____D C:\WINDOWS\erdnt
2013-07-31 22:38 - 2013-07-27 17:29 - 00000000 ____D c:\temp\nsb2D.tmp
2013-07-31 22:38 - 2013-07-26 11:04 - 00000000 ____D c:\temp\B638892A-BAB0-7891-BC5B-A7A34DE01197
2013-07-31 22:38 - 2013-07-18 16:57 - 00000000 ____D c:\temp\WERbee9.dir00
2013-07-31 22:38 - 2013-07-18 16:57 - 00000000 ____D c:\temp\WER5681.dir00
2013-07-31 22:38 - 2013-07-18 16:56 - 00000000 ____D c:\temp\WER9fde.dir00
2013-07-31 22:38 - 2013-07-18 16:56 - 00000000 ____D c:\temp\WER2ca9.dir00
2013-07-31 22:38 - 2013-07-18 16:56 - 00000000 ____D c:\temp\WER2366.dir00
2013-07-31 22:38 - 2013-07-09 19:25 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 1 für 21409500[2].zip
2013-07-31 22:38 - 2013-07-09 19:25 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 1 für 21405500[1].zip
2013-07-31 22:38 - 2013-07-05 04:44 - 00000000 ____D c:\temp\WERe655.dir00
2013-07-31 22:38 - 2013-06-29 16:21 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 1 für 29307500[1].zip
2013-07-31 22:38 - 2013-06-29 15:55 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 3 für 29306000[1].zip
2013-07-31 22:38 - 2013-06-29 15:49 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 2 für 29306000[1].zip
2013-07-31 22:38 - 2013-06-29 15:43 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 1 für 29306000[1].zip
2013-07-31 22:38 - 2013-06-29 04:08 - 00000000 ____D c:\temp\nsl14A
2013-07-31 22:38 - 2013-06-26 17:43 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 1 für 21612000[1].zip
2013-07-31 22:38 - 2013-06-26 17:20 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 1 für 23111090[2].zip
2013-07-31 22:38 - 2013-06-26 17:18 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 1 für 23111016[1].zip
2013-07-31 22:38 - 2013-06-20 17:32 - 00000000 ____D c:\temp\WER8702.dir00
2013-07-31 22:38 - 2013-06-20 17:31 - 00000000 ____D c:\temp\WERf690.dir00
2013-07-31 22:38 - 2013-06-20 17:30 - 00000000 ____D c:\temp\WER3cc8.dir00
2013-07-31 22:38 - 2013-06-20 17:30 - 00000000 ____D c:\temp\WER2a84.dir00
2013-07-31 22:38 - 2013-06-13 20:09 - 00000000 ____D c:\temp\DownloadMngPhone
2013-07-31 22:38 - 2013-06-12 22:07 - 00000000 ____D c:\temp\3920-1-2013-6-12-20-7-51-46
2013-07-31 22:38 - 2013-05-20 14:07 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 1 für 28314000[1].zip
2013-07-31 22:38 - 2013-05-11 18:03 - 00000000 ____D c:\temp\WER2fc6.dir00
2013-07-31 22:38 - 2013-05-11 18:03 - 00000000 ____D c:\temp\WER0037.dir00
2013-07-31 22:38 - 2013-05-01 16:41 - 00000000 ____D c:\temp\WERe632.dir00
2013-07-31 22:38 - 2013-05-01 16:40 - 00000000 ____D c:\temp\WER60aa.dir00
2013-07-31 22:38 - 2013-05-01 16:40 - 00000000 ____D c:\temp\WER5030.dir00
2013-07-31 22:38 - 2013-05-01 16:39 - 00000000 ____D c:\temp\WER922e.dir00
2013-07-31 22:38 - 2013-05-01 16:39 - 00000000 ____D c:\temp\WER6ea2.dir00
2013-07-31 22:38 - 2013-04-26 20:50 - 00000000 ____D c:\temp\scoped_dir_3712_3940
2013-07-31 22:38 - 2013-04-26 20:30 - 00000000 ____D c:\temp\RarSFX0
2013-07-31 22:38 - 2013-04-26 16:14 - 00000000 ____D c:\temp\WERaa2d.dir00
2013-07-31 22:38 - 2013-04-26 16:14 - 00000000 ____D c:\temp\WER8e09.dir00
2013-07-31 22:38 - 2013-04-26 16:14 - 00000000 ____D c:\temp\WER710a.dir00
2013-07-31 22:38 - 2013-04-12 17:43 - 00000000 ____D c:\temp\Temporäres Verzeichnis 1 für Bedienungsanleitung Bahn-Tix für DB-Automaten - Version 13.02.2012.pdf.zip
2013-07-31 22:38 - 2013-04-10 03:20 - 00000000 ____D c:\temp\WER7437.dir00
2013-07-31 22:38 - 2013-03-25 18:06 - 00000000 ____D c:\temp\nsfB
2013-07-31 22:38 - 2013-03-06 21:00 - 00000000 ____D c:\temp\CRX_75DAF8CB7768
2013-07-31 22:38 - 2013-02-22 16:17 - 00000000 ____D c:\temp\APN-Stub
2013-07-31 22:38 - 2013-02-08 19:00 - 00000000 ____D c:\temp\NDP1.1sp1-KB2742597-X86
2013-07-31 22:14 - 2013-07-31 22:13 - 00000000 ____D c:\temp\plugtmp-2
2013-07-31 18:30 - 2013-07-31 18:30 - 00016384 ____T c:\temp\Perflib_Perfdata_19c4.dat
2013-07-31 18:18 - 2013-07-31 18:18 - 00000000 ____D C:\FRST
2013-07-31 11:30 - 2013-07-31 11:30 - 00016384 ____T c:\temp\Perflib_Perfdata_8f0.dat
2013-07-31 11:29 - 2013-07-31 11:29 - 00016384 ____T c:\temp\Perflib_Perfdata_cc0.dat
2013-07-30 23:32 - 2013-07-30 23:32 - 00000000 ____D c:\temp\plugtmp-1
2013-07-29 12:05 - 2013-07-27 07:05 - 00001906 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
2013-07-27 21:55 - 2006-09-02 17:56 - 00000520 ____C C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\spider.sav
2013-07-27 17:31 - 2013-07-27 17:31 - 23924396 _____ C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\Cimatron E10.0 x32 x64 Setup + Key.rar
2013-07-27 17:31 - 2013-07-27 17:30 - 00000000 ____D C:\Programme\Torntv 2
2013-07-27 09:54 - 2013-02-10 23:07 - 00000000 ____D c:\temp\msohtmlclip1
2013-07-26 11:05 - 2013-07-26 11:05 - 00000000 ____D c:\temp\mt_ffx
2013-07-26 11:04 - 2013-07-26 11:04 - 00000000 ____D C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\zulagames
2013-07-26 07:39 - 2006-09-02 16:27 - 00216856 ____C C:\WINDOWS\system32\FNTCACHE.DAT
2013-07-23 00:30 - 2006-09-05 00:53 - 00000000 ____D C:\Bilder
2013-07-21 15:00 - 2007-08-18 01:38 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\FreePDF
2013-07-21 14:53 - 2013-06-07 00:28 - 00000000 ____D C:\Müchen 16. + 06.Juni
2013-07-21 14:53 - 2013-03-18 17:12 - 00000000 ____D C:\Projekt 10a
2013-07-21 14:53 - 2012-04-05 22:25 - 00000000 ____D C:\HP BK
2013-07-21 14:53 - 2010-08-22 17:20 - 00000000 ____D C:\Tests
2013-07-21 14:53 - 2007-08-10 00:37 - 00007680 __SHC C:\WINDOWS\Thumbs.db
2013-07-20 21:04 - 2009-01-26 23:59 - 00000030 ____C C:\WINDOWS\Iedit_.INI
2013-07-19 04:15 - 2007-06-13 19:34 - 00000767 ____C C:\WINDOWS\CAD-Symbols.ini
2013-07-18 19:59 - 2007-06-13 19:55 - 00000064 ____C C:\WINDOWS\StvStepW.INI
2013-07-16 14:16 - 2006-09-02 16:28 - 01396008 ____C C:\WINDOWS\system32\PerfStringBackup.INI
2013-07-12 18:04 - 2013-07-12 18:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-07-10 19:51 - 2006-09-02 16:45 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-07-10 19:04 - 2009-01-04 21:39 - 00000000 ____D C:\Programme\Microsoft Silverlight
2013-07-10 18:48 - 2013-07-10 18:48 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904_WM11$
2013-07-10 18:48 - 2013-07-10 18:48 - 00000000 ____D c:\temp\KB2835393_10.0.30319
2013-07-10 18:48 - 2013-07-10 18:47 - 00125219 _____ C:\WINDOWS\KB2834904.log
2013-07-10 18:48 - 2012-04-12 06:36 - 00717379 _____ C:\WINDOWS\setupapi.log
2013-07-10 18:48 - 2006-09-02 16:28 - 02914674 ____C C:\WINDOWS\FaxSetup.log
2013-07-10 18:48 - 2006-09-02 16:28 - 01403138 ____C C:\WINDOWS\ocgen.log
2013-07-10 18:48 - 2006-09-02 16:28 - 01108568 ____C C:\WINDOWS\tsoc.log
2013-07-10 18:48 - 2006-09-02 16:28 - 00959526 ____C C:\WINDOWS\comsetup.log
2013-07-10 18:48 - 2006-09-02 16:28 - 00580260 ____C C:\WINDOWS\ntdtcsetup.log
2013-07-10 18:48 - 2006-09-02 16:28 - 00461223 ____C C:\WINDOWS\iis6.log
2013-07-10 18:48 - 2006-09-02 16:28 - 00159250 ____C C:\WINDOWS\ocmsn.log
2013-07-10 18:48 - 2006-09-02 16:28 - 00145398 ____C C:\WINDOWS\msgsocm.log
2013-07-10 18:48 - 2006-09-02 16:28 - 00001374 _____ C:\WINDOWS\imsins.log
2013-07-10 18:45 - 2013-07-10 18:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$
2013-07-10 18:45 - 2013-07-10 18:44 - 00125004 _____ C:\WINDOWS\KB2834886.log
2013-07-10 18:45 - 2006-09-02 16:28 - 00001374 _____ C:\WINDOWS\imsins.BAK
2013-07-10 18:44 - 2013-07-10 18:44 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850851$
2013-07-10 18:44 - 2013-07-10 17:30 - 00130926 _____ C:\WINDOWS\KB2850851.log
2013-07-10 18:43 - 2013-07-10 18:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845187$
2013-07-10 18:43 - 2013-07-10 17:30 - 00129702 _____ C:\WINDOWS\KB2845187.log
2013-07-10 18:23 - 2013-07-10 18:22 - 00128314 _____ C:\WINDOWS\KB2846071-IE8.log
2013-07-10 18:23 - 2009-07-07 17:29 - 00000000 ____D C:\WINDOWS\ie8updates
2013-07-10 18:23 - 2006-09-02 16:39 - 00702571 ____C C:\WINDOWS\updspapi.log
2013-07-10 18:17 - 2013-07-10 18:17 - 00000000 ____D c:\temp\KB2832407_10.0.30319
2013-07-10 18:05 - 2013-07-10 18:05 - 00000000 ____D c:\temp\KB2840628_10.0.30319
2013-07-10 18:00 - 2007-06-24 00:59 - 00000000 ____D C:\WINDOWS\system32\XPSViewer

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2004-08-04 14:00] - [2008-04-14 04:22] - 1036800 ____N (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e 

C:\Windows\System32\winlogon.exe
[2004-08-04 14:00] - [2008-04-14 04:23] - 0513024 ____N (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a 

C:\Windows\System32\svchost.exe
[2004-08-04 14:00] - [2008-04-14 04:23] - 0014336 ____N (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366 

C:\Windows\System32\services.exe
[2008-06-11 18:50] - [2009-02-09 13:21] - 0111104 ____N (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc 

C:\Windows\System32\User32.dll
[2004-08-04 14:00] - [2008-04-14 04:22] - 0580096 ____N (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd 

C:\Windows\System32\userinit.exe
[2008-06-11 18:50] - [2008-04-14 04:23] - 0026624 ____C (Microsoft Corporation) 788f95312e26389d596c0fa55834e106 

C:\Windows\System32\Drivers\volsnap.sys
[2008-06-11 18:50] - [2008-04-14 03:52] - 0053760 ___AC (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d 


==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-08-2013
Ran by Hartmann (administrator) on 05-08-2013 20:42:24
Running from C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Temporary Internet Files\Content.IE5\ZFXRE0LV
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\sched.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
() C:\WINDOWS\Gtwatch.exe
(Symantec Corporation) C:\Programme\Norton Ghost\Agent\VProTray.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
(Google Inc.) C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Common Group) C:\WINDOWS\twain_32\A12U16KD\WATCH.exe
(Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe
(Malwarebytes Corporation) C:\Bereinigung\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Bereinigung\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Malwarebytes Corporation) C:\Bereinigung\Malwarebytes' Anti-Malware\mbamgui.exe
(Symantec Corporation) C:\Programme\Norton Ghost\Agent\VProSvc.exe
(Microsoft Corporation) c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avshadow.exe
(Symantec) C:\Programme\Norton Ghost\Shared\Drivers\SymSnapService.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(FILOU Software GmbH) C:\Programme\FILOU-NC12\NC12.EXE
(Microsoft Corporation) C:\Programme\internet explorer\iexplore.exe
(Microsoft Corporation) C:\Programme\internet explorer\iexplore.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Programme\internet explorer\iexplore.exe
(Farbar) C:\Dokumente und Einstellungen\Hartmann\Lokale Einstellungen\Temporary Internet Files\Content.IE5\ZFXRE0LV\FRST[1].exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDCPL] - C:\Windows\RTHDCPL.EXE [20053608 2011-06-24] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Gtwatch] - C:\WINDOWS\Gtwatch.exe [32768 2001-09-21] ()
HKLM\...\Run: [Adobe ARM] - C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Norton Ghost 15.0] - C:\Programme\Norton Ghost\Agent\VProTray.exe [2598760 2010-03-03] (Symantec Corporation)
HKLM\...\Run: [QuickTime Task] - C:\Programme\QuickTime\qttask.exe [286720 2007-06-29] (Apple Inc.)
HKLM\...\Run: [avgnt] - C:\Programme\Avira\AntiVir Desktop\avgnt.exe [345144 2013-06-24] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [DWQueuedReporting] - C:\PROGRA~1\GEMEIN~1\MICROS~1\DW\dwtrig20.exe [434080 2011-07-27] (Microsoft Corporation)
Winlogon\Notify\AtiExtEvent: Ati2evxx.dll (ATI Technologies Inc.)
Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation)
HKCU\...\Run: [swg] - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-02-23] (Google Inc.)
HKCU\...\Winlogon: [Shell] explorer.exe,C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\skype.dat <==== ATTENTION 
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Watch.lnk
ShortcutTarget: Watch.lnk -> C:\WINDOWS\twain_32\A12U16KD\WATCH.exe (Common Group)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Wirtschaft: Wirtschaftsnachrichten von t-online.de/wirtschaft
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {131B38B1-CC5B-4A32-9914-62E0ED1FC19C} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^DE&apn_uid=461F79FA-6540-4A67-92E9-7A3DF4C511BE&apn_sauid=5C35D8E7-5E82-4FF2-A735-F2D028B2C37C
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -&Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ipp - No CLSID Value - 
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value - 
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL (Skype Technologies)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Programme\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Programme\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Programme\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\google-und-download-suche.xml
FF SearchPlugin: C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\webde-suche.xml
FF Extension: No Name - C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com
FF Extension: No Name - C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com
FF Extension: No Name - C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\Extensions\foxmarks@kei.com
FF Extension: Zula Games - C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\Extensions\zulagames@ZulaGames.com
FF Extension: Microsoft .NET Framework Assistant - C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: Yahoo! Toolbar - C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF Extension: toolbar - C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\Extensions\toolbar@web.de.xpi
FF Extension: trtv3 - C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\Extensions\trtv3@trtv.com.xpi
FF Extension: No Name - C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Anti-Banner - C:\Programme\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2
FF Extension: Modul zur Link-Untersuchung - C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2
FF Extension: No Name - C:\Programme\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF Extension: Default - C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Programme\Avira\AntiVir Desktop\sched.exe [84024 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Programme\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-24] (Avira Operations GmbH & Co. KG)
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2008-12-01] ()
S3 GenericMount Helper Service; C:\Programme\Norton Ghost\Shared\Drivers\GenericMountHelper.exe [1574408 2010-02-12] (Symantec)
S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2009-11-23] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2009-11-23] (Google Inc.)
S3 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2012-08-22] (Google)
S3 IDriverT; c:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation)
R2 MBAMScheduler; C:\Bereinigung\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Bereinigung\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [117144 2013-07-03] (Mozilla Foundation)
R2 MSSQL$SQLEXPRESS; c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [40999448 2008-07-11] (Microsoft Corporation)
S4 MSSQLServerADHelper100; c:\Programme\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [47128 2008-07-11] (Microsoft Corporation)
R2 Norton Ghost; C:\Programme\Norton Ghost\Agent\VProSvc.exe [4590432 2010-03-03] (Symantec Corporation)
S3 odserv; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE [440696 2011-07-20] (Microsoft Corporation)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation)
S2 SkypeUpdate; C:\Programme\Skype\Updater\Updater.exe [160944 2012-07-13] (Skype Technologies)
S3 Sony PC Companion; C:\Programme\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S4 SQLAgent$SQLEXPRESS; c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [369688 2008-07-11] (Microsoft Corporation)
S4 SQLBrowser; c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe [258072 2008-07-10] (Microsoft Corporation)
R2 SQLWriter; c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe [98840 2008-07-10] (Microsoft Corporation)
R3 Symantec SymSnap VSS Provider; C:\WINDOWS\system32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation)
R3 SymSnapService; C:\Programme\Norton Ghost\Shared\Drivers\SymSnapService.exe [1964528 2010-02-11] (Symantec)
S3 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-11-03] (Microsoft Corporation)
S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [x]
R2 JavaQuickStarterService; "C:\Programme\Java\jre7\bin\jqs.exe" -service -config "C:\Programme\Java\jre7\lib\deploy\jqs\jqs.conf" [x]

==================== Drivers (Whitelisted) ====================

R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.)
S3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [2300928 2004-12-01] (Realtek Semiconductor Corp.)
S3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
S1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [35840 2004-10-21] (Advanced Micro Devices)
R2 Aspi32; C:\Windows\System32\drivers\aspi32.sys [16512 2006-09-02] (Adaptec)
R3 ati2mtag; C:\Windows\System32\DRIVERS\ati2mtag.sys [3452928 2008-12-02] (ATI Technologies Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-02-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-02-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-06] (Avira Operations GmbH & Co. KG)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 Cdr4_xp; C:\Windows\System32\Drivers\Cdr4_xp.sys [2432 2006-07-24] (Sonic Solutions)
R1 Cdralw2k; C:\Windows\System32\Drivers\Cdralw2k.sys [2560 2006-07-24] (Sonic Solutions)
R3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [57840 2010-02-12] (Symantec Corporation)
R3 GT680x; C:\Windows\System32\Drivers\gt680x.sys [18120 2001-11-08] (   )
R2 Hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [676864 2004-07-14] (Aladdin Knowledge Systems)
R2 Haspnt; C:\WINDOWS\system32\drivers\Haspnt.sys [47616 2006-09-02] (Aladdin Knowledge Systems)
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] (Windows (R) Server 2003 DDK provider)
R3 L1c; C:\Windows\System32\DRIVERS\l1c51x86.sys [65136 2011-03-22] (Atheros Communications, Inc.)
S3 MA-620; C:\Windows\System32\DRIVERS\MA-620.sys [27136 2003-03-25] (Mobile Action Tech. Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S3 MSIRCOMM; C:\Windows\System32\DRIVERS\MSIRCOMM.sys [22016 2008-04-13] (Microsoft Corporation)
S3 MVDCODEC; C:\Windows\System32\DRIVERS\ativmdcd.sys [9472 2001-08-17] ()
S3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-13] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R0 nvatabus; C:\Windows\System32\DRIVERS\nvatabus.sys [87936 2004-12-07] (NVIDIA Corporation)
S3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [33408 2004-11-24] (NVIDIA Corporation)
S3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [12928 2004-11-24] (NVIDIA Corporation)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [618112 2008-02-13] (PixArt Imaging Inc.)
R1 PCLEPCI; C:\WINDOWS\system32\drivers\pclepci.sys [14165 2005-02-09] (Pinnacle Systems GmbH)
S3 PMUSB2G; C:\Windows\System32\Drivers\PMUSB.sys [17408 2009-01-04] (PassMark Software)
R0 Pnp680r; C:\Windows\System32\DRIVERS\pnp680r.sys [76976 2002-05-31] (Silicon Image, Inc)
S3 pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [16472 2012-01-18] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [11104 2012-01-18] ()
R3 Rasirda; C:\Windows\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
S4 RsFx0102; C:\Windows\System32\DRIVERS\RsFx0102.sys [242712 2008-07-10] (Microsoft Corporation)
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [89256 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [15016 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [120744 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [114216 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [25512 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [110632 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [115752 2008-05-16] (MCCI Corporation)
R0 Si3114r5; C:\Windows\System32\DRIVERS\Si3114r5.sys [211496 2008-11-25] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\DRIVERS\SiWinAcc.sys [17064 2008-11-25] (Silicon Image, Inc.)
R0 SiRemFil; C:\Windows\System32\DRIVERS\SiRemFil.sys [12200 2008-11-25] (Silicon Image, Inc.)
S3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [11136 2008-04-13] (Microsoft Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
S3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [15232 2008-04-13] (Microsoft Corporation)
R2 symlcbrd; C:\WINDOWS\system32\drivers\symlcbrd.sys [4608 2006-09-02] (Symantec Corporation)
S3 VProEventMonitor; C:\Windows\System32\DRIVERS\vproeventmonitor.sys [15096 2009-09-21] (Symantec Corporation)
R3 WmBEnum; C:\Windows\System32\drivers\WmBEnum.sys [10144 2003-05-14] (Logitech Inc.)
S3 WmFilter; C:\Windows\System32\drivers\WmFilter.sys [21216 2003-05-14] (Logitech Inc.)
S3 WmVirHid; C:\Windows\System32\drivers\WmVirHid.sys [5728 2003-05-14] (Logitech Inc.)
R3 WmXlCore; C:\Windows\System32\drivers\WmXlCore.sys [44288 2003-05-14] (Logitech Inc.)
S3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-13] (Microsoft Corporation)
S3 yukonwxp; C:\Windows\System32\DRIVERS\yk51x86.sys [285952 2007-12-06] (Marvell)
S3 AVFSFilter; system32\DRIVERS\avfsfilter.sys [x]
S3 btaudio; system32\drivers\btaudio.sys [x]
S3 BTDriver; system32\DRIVERS\btport.sys [x]
S3 BTKRNL; system32\DRIVERS\btkrnl.sys [x]
S3 BTWDNDIS; system32\DRIVERS\btwdndis.sys [x]
S3 BTWUSB; System32\Drivers\btwusb.sys [x]
S2 Ca533av; System32\Drivers\Ca533av.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 FTD2XX; System32\Drivers\FTD2XX.sys [x]
S3 GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [x]
S4 IntelIde; No ImagePath
S3 LHidUsbK; System32\Drivers\LHidUsbK.Sys [x]
S3 LMouKE; system32\DRIVERS\LMouKE.Sys [x]
U3 TlntSvr; 
S3 USBCamera; System32\Drivers\Bulk533.sys [x]
U2 V2iMount; 
U3 Winsock - Google Desktop Search Backup Before First Install; No ImagePath
U3 Winsock - Google Desktop Search Backup Before Last Install; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-05 20:43 - 2013-08-05 20:44 - 00005771 _____ c:\temp\log1
2013-08-05 20:42 - 2013-08-05 20:43 - 00021179 _____ c:\temp\frstlog
2013-08-05 20:42 - 2013-08-05 20:42 - 00000305 _____ c:\temp\users00
2013-08-05 20:42 - 2013-08-05 20:42 - 00000003 _____ c:\temp\others
2013-08-05 20:22 - 2013-08-05 20:22 - 00000000 ____D c:\temp\RarSFX1
2013-08-05 20:15 - 2013-08-05 20:41 - 00016384 ____T c:\temp\~DF20FD.tmp
2013-08-05 20:15 - 2013-08-05 20:15 - 00016384 ____T c:\temp\~DFEDD5.tmp
2013-08-05 19:48 - 2013-08-05 19:48 - 00568821 _____ c:\temp\q+lIFSER.pdf.part
2013-08-05 19:48 - 2013-08-05 19:48 - 00255288 _____ c:\temp\QQa+6bQz.pdf.part
2013-08-05 19:00 - 2013-08-05 19:00 - 00016384 _____ c:\temp\~DF275.tmp
2013-08-05 18:30 - 2013-08-05 18:30 - 00016384 ____T c:\temp\Perflib_Perfdata_e54.dat
2013-08-05 17:28 - 2013-08-05 17:28 - 00016384 ____T c:\temp\Perflib_Perfdata_ae8.dat
2013-08-05 17:26 - 2013-08-05 17:26 - 00016384 ____T c:\temp\Perflib_Perfdata_9d8.dat
2013-08-05 17:26 - 2013-08-05 17:26 - 00016384 ____T c:\temp\Perflib_Perfdata_680.dat
2013-08-05 17:26 - 2013-08-05 17:26 - 00016384 ____T c:\temp\Perflib_Perfdata_394.dat
2013-08-05 17:25 - 2013-08-05 17:25 - 00000000 ____D c:\temp\WPDNSE
2013-08-05 09:21 - 2013-08-05 09:21 - 00016384 ____T c:\temp\Perflib_Perfdata_434.dat
2013-08-05 09:20 - 2013-08-05 09:20 - 00016384 ____T c:\temp\Perflib_Perfdata_994.dat
2013-08-04 23:37 - 2013-08-04 23:37 - 00016384 ____T c:\temp\Perflib_Perfdata_8c4.dat
2013-08-04 23:05 - 2013-08-04 23:05 - 00016384 ____T c:\temp\Perflib_Perfdata_cf8.dat
2013-08-04 19:52 - 2013-08-04 19:52 - 00016384 ____T c:\temp\Perflib_Perfdata_cbc.dat
2013-08-04 19:47 - 2013-08-04 19:47 - 00000000 ____D c:\temp\WER6abb.dir00
2013-08-04 19:46 - 2013-08-04 19:46 - 00000000 ____D c:\temp\WER5625.dir00
2013-08-04 19:46 - 2013-08-04 19:46 - 00000000 ____D c:\temp\WER372c.dir00
2013-08-04 19:46 - 2013-08-04 19:46 - 00000000 ____D c:\temp\WER1fe0.dir00
2013-08-04 12:10 - 2013-08-04 21:57 - 00682962 _____ C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\model.fnp
2013-08-04 11:31 - 2013-08-04 11:38 - 00061158 _____ C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\m-rad.fnp
2013-08-03 21:22 - 2013-08-03 21:22 - 00003939 _____ c:\temp\GimmeSetup(20130803212201ACC).log
2013-08-03 21:21 - 2013-08-03 21:22 - 00003544 _____ c:\temp\SetupExe(20130803212159ACC).log
2013-08-03 15:18 - 2013-08-03 15:48 - 00064301 _____ C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\blat1 filou.fnp
2013-08-03 11:05 - 2013-08-03 11:05 - 00016384 ____T c:\temp\Perflib_Perfdata_89c.dat
2013-08-02 19:53 - 2013-08-02 19:54 - 00003939 _____ c:\temp\GimmeSetup(20130802195346E08).log
2013-08-02 19:53 - 2013-08-02 19:53 - 00003544 _____ c:\temp\SetupExe(20130802195344E08).log
2013-08-02 19:33 - 2013-08-02 19:33 - 00000000 _____ c:\temp\geIconCacheLock
2013-08-02 19:33 - 2013-08-02 19:33 - 00000000 _____ c:\temp\geColladaModelCacheLock
2013-08-02 18:30 - 2013-08-02 18:30 - 00016384 ____T c:\temp\Perflib_Perfdata_c4c.dat
2013-08-02 14:58 - 2013-08-02 14:58 - 00112298 _____ C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\test-01.fnp
2013-08-02 14:04 - 2013-08-02 14:04 - 00003939 _____ c:\temp\GimmeSetup(20130802140405FFC).log
2013-08-02 14:04 - 2013-08-02 14:04 - 00003544 _____ c:\temp\SetupExe(20130802140404FFC).log
2013-08-02 13:09 - 2013-08-02 13:09 - 00003938 _____ c:\temp\GimmeSetup(20130802130925260).log
2013-08-02 13:09 - 2013-08-02 13:09 - 00003541 _____ c:\temp\SetupExe(20130802130923260).log
2013-08-02 12:28 - 2013-08-02 12:28 - 00000000 ____D C:\Programme\ESET
2013-08-02 11:15 - 2013-08-02 11:15 - 00016384 ____T c:\temp\Perflib_Perfdata_a24.dat
2013-08-02 02:20 - 2013-08-02 13:24 - 00054156 ____H C:\WINDOWS\QTFont.qfn
2013-08-02 02:20 - 2013-08-02 02:20 - 00001409 _____ C:\WINDOWS\QTFont.for
2013-08-01 23:06 - 2013-08-01 23:06 - 00016384 ____T c:\temp\Perflib_Perfdata_c5c.dat
2013-08-01 22:37 - 2013-08-01 22:37 - 00016384 ____T c:\temp\Perflib_Perfdata_704.dat
2013-08-01 22:32 - 2013-08-01 22:32 - 00016384 ____T c:\temp\Perflib_Perfdata_878.dat
2013-08-01 22:28 - 2013-08-01 22:28 - 10285040 _____ (Malwarebytes Corporation                                    ) c:\temp\ZPBg+2uy.exe.part
2013-08-01 22:19 - 2013-08-01 22:20 - 00000000 ____D c:\temp\plugtmp-3
2013-08-01 21:19 - 2013-08-01 21:19 - 00016384 ____T c:\temp\Perflib_Perfdata_d80.dat
2013-08-01 20:48 - 2013-08-01 20:49 - 00003353 _____ c:\temp\tmpA9.tmp
2013-08-01 20:48 - 2013-08-01 20:48 - 00000000 _____ c:\temp\tmpA8.tmp
2013-08-01 18:30 - 2013-08-01 18:30 - 00016384 ____T c:\temp\Perflib_Perfdata_518.dat
2013-08-01 18:17 - 2013-08-01 18:17 - 00078749 _____ c:\temp\Projekt_115_test_3.TP_MODEL-QTECH8.DEMO
2013-08-01 18:14 - 2013-08-04 04:46 - 01926417 _____ c:\temp\NewPostFile.DEMO
2013-08-01 18:01 - 2013-08-04 07:46 - 00000615 _____ C:\Dokumente und Einstellungen\All Users\Desktop\FILOU-NC12.lnk
2013-08-01 18:01 - 2013-08-04 07:46 - 00000000 ____D C:\Programme\FILOU-NC12
2013-08-01 18:01 - 2009-09-07 10:51 - 00389120 _____ (WinMain Software (hxxp://www.winmain.com)) C:\WINDOWS\system32\cmax20.ocx
2013-08-01 18:01 - 2009-09-03 13:25 - 00389120 _____ (FILOU Software GmbH) C:\WINDOWS\system32\NCGraph3.ocx
2013-08-01 18:01 - 1999-02-19 07:54 - 00040960 _____ (<none>) C:\WINDOWS\system32\SSubTmr6.dll
2013-08-01 18:01 - 1998-06-23 23:00 - 00103744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSCOMM32.OCX
2013-08-01 14:58 - 2013-08-01 14:58 - 00016384 ____T c:\temp\Perflib_Perfdata_b18.dat
2013-08-01 14:56 - 2013-08-01 14:56 - 00016384 ____T c:\temp\Perflib_Perfdata_8dc.dat
2013-08-01 14:52 - 2013-08-01 14:54 - 00028996 _____ C:\AdwCleaner[S2].txt
2013-08-01 14:50 - 2013-08-04 23:40 - 00000306 _____ c:\temp\JavaDeployReg.log
2013-08-01 14:43 - 2013-08-01 14:43 - 00016384 ____T c:\temp\Perflib_Perfdata_dd0.dat
2013-08-01 01:25 - 2013-08-05 18:00 - 00030170 _____ c:\temp\dd_clwireg.txt
2013-07-31 22:52 - 2013-07-31 22:52 - 00025525 _____ C:\ComboFix.txt
2013-07-31 22:48 - 2013-08-05 18:00 - 00001385 _____ c:\temp\dw.log
2013-07-31 22:47 - 2013-07-31 22:47 - 00016384 ____T c:\temp\Perflib_Perfdata_da4.dat
2013-07-31 22:46 - 2013-08-05 17:28 - 00000409 _____ c:\temp\WGANotify.settings
2013-07-31 22:44 - 2013-08-05 17:30 - 00012366 _____ c:\temp\jusched.log
2013-07-31 22:44 - 2013-08-05 17:26 - 00012618 _____ c:\temp\AdobeARM.log
2013-07-31 22:44 - 2013-07-31 22:44 - 00028759 _____ c:\temp\Spanish.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00028419 _____ c:\temp\Italian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00028183 _____ c:\temp\French.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026912 _____ c:\temp\Portuguese.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026669 _____ c:\temp\German.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026582 _____ c:\temp\Russian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026549 _____ c:\temp\Hungarian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026202 _____ c:\temp\Dutch.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026159 _____ c:\temp\Slovak.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026023 _____ c:\temp\Portuguese(Brazil).bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00025980 _____ c:\temp\Lithuanian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00025631 _____ c:\temp\Greek.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00025202 _____ c:\temp\Japanese.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00024950 _____ c:\temp\Polish.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00024855 _____ c:\temp\Croatian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00024769 _____ c:\temp\Czech.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00024503 _____ c:\temp\SWEDISH.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00024330 _____ c:\temp\Slovenian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00023326 _____ c:\temp\Finnish.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00023225 _____ c:\temp\Danish.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00022830 _____ c:\temp\Turkish.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00022808 _____ c:\temp\English.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00022406 _____ c:\temp\Norwegian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00022395 _____ c:\temp\Thai.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00021543 _____ c:\temp\Arabic.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00020917 _____ c:\temp\Korean.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00019937 _____ c:\temp\Hebrew.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00017584 _____ c:\temp\TradChin.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00017030 _____ c:\temp\SimChin.bin
2013-07-31 22:13 - 2013-07-31 22:14 - 00000000 ____D c:\temp\plugtmp-2
2013-07-31 18:30 - 2013-07-31 18:30 - 00016384 ____T c:\temp\Perflib_Perfdata_19c4.dat
2013-07-31 18:18 - 2013-07-31 18:18 - 00000000 ____D C:\FRST
2013-07-31 11:30 - 2013-07-31 11:30 - 00016384 ____T c:\temp\Perflib_Perfdata_8f0.dat
2013-07-31 11:29 - 2013-07-31 11:29 - 00016384 ____T c:\temp\Perflib_Perfdata_cc0.dat
2013-07-31 04:37 - 2013-08-04 06:41 - 00005207 _____ C:\WINDOWS\ncvsolid.ini
2013-07-30 23:32 - 2013-07-30 23:32 - 00000000 ____D c:\temp\plugtmp-1
2013-07-27 17:31 - 2013-07-27 17:31 - 23924396 _____ C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\Cimatron E10.0 x32 x64 Setup + Key.rar
2013-07-27 17:30 - 2013-08-05 17:30 - 00001162 _____ C:\WINDOWS\Tasks\Torntv 2-updater.job
2013-07-27 17:30 - 2013-08-05 17:30 - 00001156 _____ C:\WINDOWS\Tasks\Torntv 2-codedownloader.job
2013-07-27 17:30 - 2013-08-05 17:30 - 00001066 _____ C:\WINDOWS\Tasks\Torntv 2-enabler.job
2013-07-27 17:30 - 2013-07-27 17:31 - 00000000 ____D C:\Programme\Torntv 2
2013-07-27 17:29 - 2013-07-31 22:38 - 00000000 ____D c:\temp\nsb2D.tmp
2013-07-27 07:05 - 2013-07-29 12:05 - 00001906 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
2013-07-26 11:05 - 2013-07-26 11:05 - 00000000 ____D c:\temp\mt_ffx
2013-07-26 11:04 - 2013-08-01 22:58 - 00000000 ____D C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Web Cake
2013-07-26 11:04 - 2013-07-31 22:38 - 00000000 ____D c:\temp\B638892A-BAB0-7891-BC5B-A7A34DE01197
2013-07-26 11:04 - 2013-07-26 11:04 - 00000000 ____D C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\zulagames
2013-07-26 10:30 - 2013-08-04 06:42 - 00003738 _____ C:\WINDOWS\ncverify.INI
2013-07-18 16:57 - 2013-07-31 22:38 - 00000000 ____D c:\temp\WERbee9.dir00
2013-07-18 16:57 - 2013-07-31 22:38 - 00000000 ____D c:\temp\WER5681.dir00
2013-07-18 16:56 - 2013-07-31 22:38 - 00000000 ____D c:\temp\WER9fde.dir00
2013-07-18 16:56 - 2013-07-31 22:38 - 00000000 ____D c:\temp\WER2ca9.dir00
2013-07-18 16:56 - 2013-07-31 22:38 - 00000000 ____D c:\temp\WER2366.dir00
2013-07-12 18:00 - 2013-07-12 18:04 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-07-10 18:48 - 2013-07-10 18:48 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904_WM11$
2013-07-10 18:48 - 2013-07-10 18:48 - 00000000 ____D c:\temp\KB2835393_10.0.30319
2013-07-10 18:47 - 2013-07-10 18:48 - 00125219 _____ C:\WINDOWS\KB2834904.log
2013-07-10 18:45 - 2013-08-05 18:00 - 00000000 ____D c:\temp\NDP1.1sp1-KB2833941-X86
2013-07-10 18:45 - 2013-07-10 18:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$
2013-07-10 18:44 - 2013-07-10 18:45 - 00125004 _____ C:\WINDOWS\KB2834886.log
2013-07-10 18:44 - 2013-07-10 18:44 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850851$
2013-07-10 18:43 - 2013-07-10 18:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845187$
2013-07-10 18:22 - 2013-07-10 18:23 - 00128314 _____ C:\WINDOWS\KB2846071-IE8.log
2013-07-10 18:17 - 2013-07-10 18:17 - 00000000 ____D c:\temp\KB2832407_10.0.30319
2013-07-10 18:05 - 2013-07-10 18:05 - 00000000 ____D c:\temp\KB2840628_10.0.30319
2013-07-10 17:30 - 2013-07-10 18:44 - 00130926 _____ C:\WINDOWS\KB2850851.log
2013-07-10 17:30 - 2013-07-10 18:43 - 00129702 _____ C:\WINDOWS\KB2845187.log
2013-07-09 19:25 - 2013-07-31 22:38 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 1 für 21409500[2].zip
2013-07-09 19:25 - 2013-07-31 22:38 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 1 für 21405500[1].zip
166

==================== One Month Modified Files and Folders =======

2013-08-05 20:44 - 2013-08-05 20:43 - 00005771 _____ c:\temp\log1
2013-08-05 20:43 - 2013-08-05 20:42 - 00021179 _____ c:\temp\frstlog
2013-08-05 20:42 - 2013-08-05 20:42 - 00000305 _____ c:\temp\users00
2013-08-05 20:42 - 2013-08-05 20:42 - 00000003 _____ c:\temp\others
2013-08-05 20:41 - 2013-08-05 20:15 - 00016384 ____T c:\temp\~DF20FD.tmp
2013-08-05 20:39 - 2012-04-10 02:36 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-08-05 20:22 - 2013-08-05 20:22 - 00000000 ____D c:\temp\RarSFX1
2013-08-05 20:22 - 2012-10-11 22:50 - 00000000 ____D C:\Bereinigung
2013-08-05 20:15 - 2013-08-05 20:15 - 00016384 ____T c:\temp\~DFEDD5.tmp
2013-08-05 20:04 - 2009-11-23 03:27 - 00001094 ____C C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-05 19:48 - 2013-08-05 19:48 - 00568821 _____ c:\temp\q+lIFSER.pdf.part
2013-08-05 19:48 - 2013-08-05 19:48 - 00255288 _____ c:\temp\QQa+6bQz.pdf.part
2013-08-05 19:26 - 2006-09-02 15:35 - 01617323 ____C C:\WINDOWS\WindowsUpdate.log
2013-08-05 19:18 - 2006-09-02 17:22 - 00000116 ____C C:\WINDOWS\NeroDigital.ini
2013-08-05 19:00 - 2013-08-05 19:00 - 00016384 _____ c:\temp\~DF275.tmp
2013-08-05 18:31 - 2006-09-02 17:22 - 00000000 ____D C:\WINDOWS\repair
2013-08-05 18:30 - 2013-08-05 18:30 - 00016384 ____T c:\temp\Perflib_Perfdata_e54.dat
2013-08-05 18:30 - 2006-09-02 15:33 - 00000000 ____D C:\WINDOWS\Registration
2013-08-05 18:00 - 2013-08-01 01:25 - 00030170 _____ c:\temp\dd_clwireg.txt
2013-08-05 18:00 - 2013-07-31 22:48 - 00001385 _____ c:\temp\dw.log
2013-08-05 18:00 - 2013-07-10 18:45 - 00000000 ____D c:\temp\NDP1.1sp1-KB2833941-X86
2013-08-05 17:53 - 2006-09-02 16:29 - 00000259 ____C C:\WINDOWS\wiadebug.log
2013-08-05 17:30 - 2013-07-31 22:44 - 00012366 _____ c:\temp\jusched.log
2013-08-05 17:30 - 2013-07-27 17:30 - 00001162 _____ C:\WINDOWS\Tasks\Torntv 2-updater.job
2013-08-05 17:30 - 2013-07-27 17:30 - 00001156 _____ C:\WINDOWS\Tasks\Torntv 2-codedownloader.job
2013-08-05 17:30 - 2013-07-27 17:30 - 00001066 _____ C:\WINDOWS\Tasks\Torntv 2-enabler.job
2013-08-05 17:28 - 2013-08-05 17:28 - 00016384 ____T c:\temp\Perflib_Perfdata_ae8.dat
2013-08-05 17:28 - 2013-07-31 22:46 - 00000409 _____ c:\temp\WGANotify.settings
2013-08-05 17:28 - 2004-08-04 14:00 - 00012682 ____C C:\WINDOWS\system32\wpa.dbl
2013-08-05 17:26 - 2013-08-05 17:26 - 00016384 ____T c:\temp\Perflib_Perfdata_9d8.dat
2013-08-05 17:26 - 2013-08-05 17:26 - 00016384 ____T c:\temp\Perflib_Perfdata_680.dat
2013-08-05 17:26 - 2013-08-05 17:26 - 00016384 ____T c:\temp\Perflib_Perfdata_394.dat
2013-08-05 17:26 - 2013-07-31 22:44 - 00012618 _____ c:\temp\AdobeARM.log
2013-08-05 17:26 - 2006-09-02 16:29 - 00000000 ____C C:\WINDOWS\wiaservc.log
2013-08-05 17:25 - 2013-08-05 17:25 - 00000000 ____D c:\temp\WPDNSE
2013-08-05 17:25 - 2009-11-23 03:27 - 00001090 ____C C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-05 17:25 - 2008-12-01 22:11 - 00069112 ____C C:\WINDOWS\system32\ativvaxx.cap
2013-08-05 17:25 - 2006-09-02 15:38 - 00000006 ___HC C:\WINDOWS\Tasks\SA.DAT
2013-08-05 10:47 - 2006-09-02 15:38 - 00032392 _____ C:\WINDOWS\SchedLgU.Txt
2013-08-05 10:46 - 2006-09-02 15:39 - 00000190 __SHC C:\Dokumente und Einstellungen\Hartmann\ntuser.ini
2013-08-05 10:46 - 2006-09-02 15:39 - 00000000 ____D C:\Dokumente und Einstellungen\Hartmann
2013-08-05 09:21 - 2013-08-05 09:21 - 00016384 ____T c:\temp\Perflib_Perfdata_434.dat
2013-08-05 09:20 - 2013-08-05 09:20 - 00016384 ____T c:\temp\Perflib_Perfdata_994.dat
2013-08-04 23:40 - 2013-08-01 14:50 - 00000306 _____ c:\temp\JavaDeployReg.log
2013-08-04 23:40 - 2013-04-29 23:38 - 00000000 ____D c:\temp\hsperfdata_Hartmann
2013-08-04 23:37 - 2013-08-04 23:37 - 00016384 ____T c:\temp\Perflib_Perfdata_8c4.dat
2013-08-04 23:05 - 2013-08-04 23:05 - 00016384 ____T c:\temp\Perflib_Perfdata_cf8.dat
2013-08-04 22:54 - 2006-09-05 00:54 - 00000000 ____D C:\Boxer Klub
2013-08-04 21:57 - 2013-08-04 12:10 - 00682962 _____ C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\model.fnp
2013-08-04 19:52 - 2013-08-04 19:52 - 00016384 ____T c:\temp\Perflib_Perfdata_cbc.dat
2013-08-04 19:47 - 2013-08-04 19:47 - 00000000 ____D c:\temp\WER6abb.dir00
2013-08-04 19:46 - 2013-08-04 19:46 - 00000000 ____D c:\temp\WER5625.dir00
2013-08-04 19:46 - 2013-08-04 19:46 - 00000000 ____D c:\temp\WER372c.dir00
2013-08-04 19:46 - 2013-08-04 19:46 - 00000000 ____D c:\temp\WER1fe0.dir00
2013-08-04 11:38 - 2013-08-04 11:31 - 00061158 _____ C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\m-rad.fnp
2013-08-04 07:46 - 2013-08-01 18:01 - 00000615 _____ C:\Dokumente und Einstellungen\All Users\Desktop\FILOU-NC12.lnk
2013-08-04 07:46 - 2013-08-01 18:01 - 00000000 ____D C:\Programme\FILOU-NC12
2013-08-04 07:03 - 2007-06-14 23:52 - 06619136 ____C C:\WINDOWS\outlook.pst
2013-08-04 07:03 - 2004-08-04 14:00 - 00001738 ____C C:\WINDOWS\win.ini
2013-08-04 06:42 - 2013-07-26 10:30 - 00003738 _____ C:\WINDOWS\ncverify.INI
2013-08-04 06:41 - 2013-07-31 04:37 - 00005207 _____ C:\WINDOWS\ncvsolid.ini
2013-08-04 04:46 - 2013-08-01 18:14 - 01926417 _____ c:\temp\NewPostFile.DEMO
2013-08-03 21:23 - 2006-09-02 16:18 - 00000000 ____D C:\Privat
2013-08-03 21:22 - 2013-08-03 21:22 - 00003939 _____ c:\temp\GimmeSetup(20130803212201ACC).log
2013-08-03 21:22 - 2013-08-03 21:21 - 00003544 _____ c:\temp\SetupExe(20130803212159ACC).log
2013-08-03 15:48 - 2013-08-03 15:18 - 00064301 _____ C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\blat1 filou.fnp
2013-08-03 11:05 - 2013-08-03 11:05 - 00016384 ____T c:\temp\Perflib_Perfdata_89c.dat
2013-08-03 03:12 - 2006-09-02 18:25 - 00004096 ___SH C:\VSNAP.IDX
2013-08-02 19:54 - 2013-08-02 19:53 - 00003939 _____ c:\temp\GimmeSetup(20130802195346E08).log
2013-08-02 19:53 - 2013-08-02 19:53 - 00003544 _____ c:\temp\SetupExe(20130802195344E08).log
2013-08-02 19:33 - 2013-08-02 19:33 - 00000000 _____ c:\temp\geIconCacheLock
2013-08-02 19:33 - 2013-08-02 19:33 - 00000000 _____ c:\temp\geColladaModelCacheLock
2013-08-02 18:53 - 2007-03-28 23:42 - 00000000 ____D C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\BVS Solitaire Collection
2013-08-02 18:30 - 2013-08-02 18:30 - 00016384 ____T c:\temp\Perflib_Perfdata_c4c.dat
2013-08-02 14:58 - 2013-08-02 14:58 - 00112298 _____ C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\test-01.fnp
2013-08-02 14:04 - 2013-08-02 14:04 - 00003939 _____ c:\temp\GimmeSetup(20130802140405FFC).log
2013-08-02 14:04 - 2013-08-02 14:04 - 00003544 _____ c:\temp\SetupExe(20130802140404FFC).log
2013-08-02 13:24 - 2013-08-02 02:20 - 00054156 ____H C:\WINDOWS\QTFont.qfn
2013-08-02 13:09 - 2013-08-02 13:09 - 00003938 _____ c:\temp\GimmeSetup(20130802130925260).log
2013-08-02 13:09 - 2013-08-02 13:09 - 00003541 _____ c:\temp\SetupExe(20130802130923260).log
2013-08-02 12:28 - 2013-08-02 12:28 - 00000000 ____D C:\Programme\ESET
2013-08-02 12:28 - 2006-09-02 16:27 - 00000000 ___RD C:\Programme
2013-08-02 11:15 - 2013-08-02 11:15 - 00016384 ____T c:\temp\Perflib_Perfdata_a24.dat
2013-08-02 02:20 - 2013-08-02 02:20 - 00001409 _____ C:\WINDOWS\QTFont.for
2013-08-01 23:06 - 2013-08-01 23:06 - 00016384 ____T c:\temp\Perflib_Perfdata_c5c.dat
2013-08-01 23:03 - 2007-01-10 19:00 - 00000000 ____D C:\WINDOWS\ie7updates
2013-08-01 22:58 - 2013-07-26 11:04 - 00000000 ____D C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Web Cake
2013-08-01 22:37 - 2013-08-01 22:37 - 00016384 ____T c:\temp\Perflib_Perfdata_704.dat
2013-08-01 22:35 - 2013-02-08 22:29 - 00000773 _____ C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-01 22:32 - 2013-08-01 22:32 - 00016384 ____T c:\temp\Perflib_Perfdata_878.dat
2013-08-01 22:28 - 2013-08-01 22:28 - 10285040 _____ (Malwarebytes Corporation                                    ) c:\temp\ZPBg+2uy.exe.part
2013-08-01 22:20 - 2013-08-01 22:19 - 00000000 ____D c:\temp\plugtmp-3
2013-08-01 21:56 - 2006-09-05 00:54 - 00000000 ____D C:\Filme
2013-08-01 21:19 - 2013-08-01 21:19 - 00016384 ____T c:\temp\Perflib_Perfdata_d80.dat
2013-08-01 20:49 - 2013-08-01 20:48 - 00003353 _____ c:\temp\tmpA9.tmp
2013-08-01 20:48 - 2013-08-01 20:48 - 00000000 _____ c:\temp\tmpA8.tmp
2013-08-01 20:37 - 2010-08-05 14:37 - 00000000 ____D C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\FreeVideoConverter
2013-08-01 19:16 - 2013-02-11 00:31 - 00000000 ____D c:\temp\Google Toolbar
2013-08-01 18:30 - 2013-08-01 18:30 - 00016384 ____T c:\temp\Perflib_Perfdata_518.dat
2013-08-01 18:17 - 2013-08-01 18:17 - 00078749 _____ c:\temp\Projekt_115_test_3.TP_MODEL-QTECH8.DEMO
2013-08-01 14:58 - 2013-08-01 14:58 - 00016384 ____T c:\temp\Perflib_Perfdata_b18.dat
2013-08-01 14:56 - 2013-08-01 14:56 - 00016384 ____T c:\temp\Perflib_Perfdata_8dc.dat
2013-08-01 14:54 - 2013-08-01 14:52 - 00028996 _____ C:\AdwCleaner[S2].txt
2013-08-01 14:52 - 2013-02-23 11:53 - 00000908 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk
2013-08-01 14:52 - 2012-01-18 20:19 - 00000886 _____ C:\Dokumente und Einstellungen\Hartmann\Startmenü\Programme\WEB.DE.lnk
2013-08-01 14:52 - 2009-07-07 17:32 - 00000760 _____ C:\Dokumente und Einstellungen\Hartmann\Startmenü\Programme\Internet Explorer.lnk
2013-08-01 14:52 - 2008-05-30 13:35 - 00000715 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
2013-08-01 14:52 - 2006-09-02 15:39 - 00000000 ___RD C:\Dokumente und Einstellungen\Hartmann\Startmenü\Programme
2013-08-01 14:45 - 2013-02-22 23:27 - 00000000 ____D c:\temp\APNScripts
2013-08-01 14:43 - 2013-08-01 14:43 - 00016384 ____T c:\temp\Perflib_Perfdata_dd0.dat
2013-07-31 22:52 - 2013-07-31 22:52 - 00025525 _____ C:\ComboFix.txt
2013-07-31 22:52 - 2012-11-17 14:15 - 00000000 ____D C:\Qoobox
2013-07-31 22:47 - 2013-07-31 22:47 - 00016384 ____T c:\temp\Perflib_Perfdata_da4.dat
2013-07-31 22:45 - 2004-08-04 14:00 - 00000243 _____ C:\WINDOWS\system.ini
2013-07-31 22:44 - 2013-07-31 22:44 - 00028759 _____ c:\temp\Spanish.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00028419 _____ c:\temp\Italian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00028183 _____ c:\temp\French.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026912 _____ c:\temp\Portuguese.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026669 _____ c:\temp\German.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026582 _____ c:\temp\Russian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026549 _____ c:\temp\Hungarian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026202 _____ c:\temp\Dutch.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026159 _____ c:\temp\Slovak.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026023 _____ c:\temp\Portuguese(Brazil).bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00025980 _____ c:\temp\Lithuanian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00025631 _____ c:\temp\Greek.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00025202 _____ c:\temp\Japanese.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00024950 _____ c:\temp\Polish.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00024855 _____ c:\temp\Croatian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00024769 _____ c:\temp\Czech.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00024503 _____ c:\temp\SWEDISH.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00024330 _____ c:\temp\Slovenian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00023326 _____ c:\temp\Finnish.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00023225 _____ c:\temp\Danish.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00022830 _____ c:\temp\Turkish.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00022808 _____ c:\temp\English.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00022406 _____ c:\temp\Norwegian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00022395 _____ c:\temp\Thai.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00021543 _____ c:\temp\Arabic.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00020917 _____ c:\temp\Korean.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00019937 _____ c:\temp\Hebrew.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00017584 _____ c:\temp\TradChin.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00017030 _____ c:\temp\SimChin.bin
2013-07-31 22:41 - 2006-09-02 17:26 - 63176704 _____ C:\WINDOWS\system32\config\software.bak
2013-07-31 22:41 - 2006-09-02 17:26 - 08388608 _____ C:\WINDOWS\system32\config\system.bak
2013-07-31 22:41 - 2006-09-02 17:26 - 00311296 _____ C:\WINDOWS\system32\config\default.bak
2013-07-31 22:41 - 2006-09-02 16:26 - 00262144 _____ C:\WINDOWS\system32\config\SECURITY.bak
2013-07-31 22:41 - 2006-09-02 16:26 - 00028672 _____ C:\WINDOWS\system32\config\SAM.bak
2013-07-31 22:40 - 2009-10-10 13:25 - 00008192 ____H C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2013-07-31 22:40 - 2008-12-15 15:37 - 00000000 ____D C:\WINDOWS\erdnt
2013-07-31 22:38 - 2013-07-27 17:29 - 00000000 ____D c:\temp\nsb2D.tmp
2013-07-31 22:38 - 2013-07-26 11:04 - 00000000 ____D c:\temp\B638892A-BAB0-7891-BC5B-A7A34DE01197
2013-07-31 22:38 - 2013-07-18 16:57 - 00000000 ____D c:\temp\WERbee9.dir00
2013-07-31 22:38 - 2013-07-18 16:57 - 00000000 ____D c:\temp\WER5681.dir00
2013-07-31 22:38 - 2013-07-18 16:56 - 00000000 ____D c:\temp\WER9fde.dir00
2013-07-31 22:38 - 2013-07-18 16:56 - 00000000 ____D c:\temp\WER2ca9.dir00
2013-07-31 22:38 - 2013-07-18 16:56 - 00000000 ____D c:\temp\WER2366.dir00
2013-07-31 22:38 - 2013-07-09 19:25 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 1 für 21409500[2].zip
2013-07-31 22:38 - 2013-07-09 19:25 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 1 für 21405500[1].zip
2013-07-31 22:38 - 2013-07-05 04:44 - 00000000 ____D c:\temp\WERe655.dir00
2013-07-31 22:38 - 2013-06-29 16:21 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 1 für 29307500[1].zip
2013-07-31 22:38 - 2013-06-29 15:55 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 3 für 29306000[1].zip
2013-07-31 22:38 - 2013-06-29 15:49 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 2 für 29306000[1].zip
2013-07-31 22:38 - 2013-06-29 15:43 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 1 für 29306000[1].zip
2013-07-31 22:38 - 2013-06-29 04:08 - 00000000 ____D c:\temp\nsl14A
2013-07-31 22:38 - 2013-06-26 17:43 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 1 für 21612000[1].zip
2013-07-31 22:38 - 2013-06-26 17:20 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 1 für 23111090[2].zip
2013-07-31 22:38 - 2013-06-26 17:18 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 1 für 23111016[1].zip
2013-07-31 22:38 - 2013-06-20 17:32 - 00000000 ____D c:\temp\WER8702.dir00
2013-07-31 22:38 - 2013-06-20 17:31 - 00000000 ____D c:\temp\WERf690.dir00
2013-07-31 22:38 - 2013-06-20 17:30 - 00000000 ____D c:\temp\WER3cc8.dir00
2013-07-31 22:38 - 2013-06-20 17:30 - 00000000 ____D c:\temp\WER2a84.dir00
2013-07-31 22:38 - 2013-06-13 20:09 - 00000000 ____D c:\temp\DownloadMngPhone
2013-07-31 22:38 - 2013-06-12 22:07 - 00000000 ____D c:\temp\3920-1-2013-6-12-20-7-51-46
2013-07-31 22:38 - 2013-05-20 14:07 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 1 für 28314000[1].zip
2013-07-31 22:38 - 2013-05-11 18:03 - 00000000 ____D c:\temp\WER2fc6.dir00
2013-07-31 22:38 - 2013-05-11 18:03 - 00000000 ____D c:\temp\WER0037.dir00
2013-07-31 22:38 - 2013-05-01 16:41 - 00000000 ____D c:\temp\WERe632.dir00
2013-07-31 22:38 - 2013-05-01 16:40 - 00000000 ____D c:\temp\WER60aa.dir00
2013-07-31 22:38 - 2013-05-01 16:40 - 00000000 ____D c:\temp\WER5030.dir00
2013-07-31 22:38 - 2013-05-01 16:39 - 00000000 ____D c:\temp\WER922e.dir00
2013-07-31 22:38 - 2013-05-01 16:39 - 00000000 ____D c:\temp\WER6ea2.dir00
2013-07-31 22:38 - 2013-04-26 20:50 - 00000000 ____D c:\temp\scoped_dir_3712_3940
2013-07-31 22:38 - 2013-04-26 20:30 - 00000000 ____D c:\temp\RarSFX0
2013-07-31 22:38 - 2013-04-26 16:14 - 00000000 ____D c:\temp\WERaa2d.dir00
2013-07-31 22:38 - 2013-04-26 16:14 - 00000000 ____D c:\temp\WER8e09.dir00
2013-07-31 22:38 - 2013-04-26 16:14 - 00000000 ____D c:\temp\WER710a.dir00
2013-07-31 22:38 - 2013-04-12 17:43 - 00000000 ____D c:\temp\Temporäres Verzeichnis 1 für Bedienungsanleitung Bahn-Tix für DB-Automaten - Version 13.02.2012.pdf.zip
2013-07-31 22:38 - 2013-04-10 03:20 - 00000000 ____D c:\temp\WER7437.dir00
2013-07-31 22:38 - 2013-03-25 18:06 - 00000000 ____D c:\temp\nsfB
2013-07-31 22:38 - 2013-03-06 21:00 - 00000000 ____D c:\temp\CRX_75DAF8CB7768
2013-07-31 22:38 - 2013-02-22 16:17 - 00000000 ____D c:\temp\APN-Stub
2013-07-31 22:38 - 2013-02-08 19:00 - 00000000 ____D c:\temp\NDP1.1sp1-KB2742597-X86
2013-07-31 22:14 - 2013-07-31 22:13 - 00000000 ____D c:\temp\plugtmp-2
2013-07-31 18:30 - 2013-07-31 18:30 - 00016384 ____T c:\temp\Perflib_Perfdata_19c4.dat
2013-07-31 18:18 - 2013-07-31 18:18 - 00000000 ____D C:\FRST
2013-07-31 11:30 - 2013-07-31 11:30 - 00016384 ____T c:\temp\Perflib_Perfdata_8f0.dat
2013-07-31 11:29 - 2013-07-31 11:29 - 00016384 ____T c:\temp\Perflib_Perfdata_cc0.dat
2013-07-30 23:32 - 2013-07-30 23:32 - 00000000 ____D c:\temp\plugtmp-1
2013-07-29 12:05 - 2013-07-27 07:05 - 00001906 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
2013-07-27 21:55 - 2006-09-02 17:56 - 00000520 ____C C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\spider.sav
2013-07-27 17:31 - 2013-07-27 17:31 - 23924396 _____ C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\Cimatron E10.0 x32 x64 Setup + Key.rar
2013-07-27 17:31 - 2013-07-27 17:30 - 00000000 ____D C:\Programme\Torntv 2
2013-07-27 09:54 - 2013-02-10 23:07 - 00000000 ____D c:\temp\msohtmlclip1
2013-07-26 11:05 - 2013-07-26 11:05 - 00000000 ____D c:\temp\mt_ffx
2013-07-26 11:04 - 2013-07-26 11:04 - 00000000 ____D C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\zulagames
2013-07-26 07:39 - 2006-09-02 16:27 - 00216856 ____C C:\WINDOWS\system32\FNTCACHE.DAT
2013-07-23 00:30 - 2006-09-05 00:53 - 00000000 ____D C:\Bilder
2013-07-21 15:00 - 2007-08-18 01:38 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\FreePDF
2013-07-21 14:53 - 2013-06-07 00:28 - 00000000 ____D C:\Müchen 16. + 06.Juni
2013-07-21 14:53 - 2013-03-18 17:12 - 00000000 ____D C:\Projekt 10a
2013-07-21 14:53 - 2012-04-05 22:25 - 00000000 ____D C:\HP BK
2013-07-21 14:53 - 2010-08-22 17:20 - 00000000 ____D C:\Tests
2013-07-21 14:53 - 2007-08-10 00:37 - 00007680 __SHC C:\WINDOWS\Thumbs.db
2013-07-20 21:04 - 2009-01-26 23:59 - 00000030 ____C C:\WINDOWS\Iedit_.INI
2013-07-19 04:15 - 2007-06-13 19:34 - 00000767 ____C C:\WINDOWS\CAD-Symbols.ini
2013-07-18 19:59 - 2007-06-13 19:55 - 00000064 ____C C:\WINDOWS\StvStepW.INI
2013-07-16 14:16 - 2006-09-02 16:28 - 01396008 ____C C:\WINDOWS\system32\PerfStringBackup.INI
2013-07-12 18:04 - 2013-07-12 18:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-07-10 19:51 - 2006-09-02 16:45 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-07-10 19:04 - 2009-01-04 21:39 - 00000000 ____D C:\Programme\Microsoft Silverlight
2013-07-10 18:48 - 2013-07-10 18:48 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904_WM11$
2013-07-10 18:48 - 2013-07-10 18:48 - 00000000 ____D c:\temp\KB2835393_10.0.30319
2013-07-10 18:48 - 2013-07-10 18:47 - 00125219 _____ C:\WINDOWS\KB2834904.log
2013-07-10 18:48 - 2012-04-12 06:36 - 00717379 _____ C:\WINDOWS\setupapi.log
2013-07-10 18:48 - 2006-09-02 16:28 - 02914674 ____C C:\WINDOWS\FaxSetup.log
2013-07-10 18:48 - 2006-09-02 16:28 - 01403138 ____C C:\WINDOWS\ocgen.log
2013-07-10 18:48 - 2006-09-02 16:28 - 01108568 ____C C:\WINDOWS\tsoc.log
2013-07-10 18:48 - 2006-09-02 16:28 - 00959526 ____C C:\WINDOWS\comsetup.log
2013-07-10 18:48 - 2006-09-02 16:28 - 00580260 ____C C:\WINDOWS\ntdtcsetup.log
2013-07-10 18:48 - 2006-09-02 16:28 - 00461223 ____C C:\WINDOWS\iis6.log
2013-07-10 18:48 - 2006-09-02 16:28 - 00159250 ____C C:\WINDOWS\ocmsn.log
2013-07-10 18:48 - 2006-09-02 16:28 - 00145398 ____C C:\WINDOWS\msgsocm.log
2013-07-10 18:48 - 2006-09-02 16:28 - 00001374 _____ C:\WINDOWS\imsins.log
2013-07-10 18:45 - 2013-07-10 18:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$
2013-07-10 18:45 - 2013-07-10 18:44 - 00125004 _____ C:\WINDOWS\KB2834886.log
2013-07-10 18:45 - 2006-09-02 16:28 - 00001374 _____ C:\WINDOWS\imsins.BAK
2013-07-10 18:44 - 2013-07-10 18:44 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850851$
2013-07-10 18:44 - 2013-07-10 17:30 - 00130926 _____ C:\WINDOWS\KB2850851.log
2013-07-10 18:43 - 2013-07-10 18:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845187$
2013-07-10 18:43 - 2013-07-10 17:30 - 00129702 _____ C:\WINDOWS\KB2845187.log
2013-07-10 18:23 - 2013-07-10 18:22 - 00128314 _____ C:\WINDOWS\KB2846071-IE8.log
2013-07-10 18:23 - 2009-07-07 17:29 - 00000000 ____D C:\WINDOWS\ie8updates
2013-07-10 18:23 - 2006-09-02 16:39 - 00702571 ____C C:\WINDOWS\updspapi.log
2013-07-10 18:17 - 2013-07-10 18:17 - 00000000 ____D c:\temp\KB2832407_10.0.30319
2013-07-10 18:05 - 2013-07-10 18:05 - 00000000 ____D c:\temp\KB2840628_10.0.30319
2013-07-10 18:00 - 2007-06-24 00:59 - 00000000 ____D C:\WINDOWS\system32\XPSViewer

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2004-08-04 14:00] - [2008-04-14 04:22] - 1036800 ____N (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e 

C:\Windows\System32\winlogon.exe
[2004-08-04 14:00] - [2008-04-14 04:23] - 0513024 ____N (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a 

C:\Windows\System32\svchost.exe
[2004-08-04 14:00] - [2008-04-14 04:23] - 0014336 ____N (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366 

C:\Windows\System32\services.exe
[2008-06-11 18:50] - [2009-02-09 13:21] - 0111104 ____N (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc 

C:\Windows\System32\User32.dll
[2004-08-04 14:00] - [2008-04-14 04:22] - 0580096 ____N (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd 

C:\Windows\System32\userinit.exe
[2008-06-11 18:50] - [2008-04-14 04:23] - 0026624 ____C (Microsoft Corporation) 788f95312e26389d596c0fa55834e106 

C:\Windows\System32\Drivers\volsnap.sys
[2008-06-11 18:50] - [2008-04-14 03:52] - 0053760 ___AC (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d 


==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Sorry für die Doppelposts.

Mozilla hat null reagiert, habe immer wieder auf Antworten gedrückt, und auf einmal waren es mehrere.

Tina

PS Anfangs läuft Mozilla einigermaßen, aber nach ein paar Miuten/Mausklicks wird es immer schlimmer.

schrauber · 06.08.2013, 16:11

Firefox deinstallieren, keine Daten behalten, neu installieren.

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.

Adobe reader updaten. Noch Probleme?

Tina666 · 06.08.2013, 17:56

Zitat:

Zitat von schrauber

Firefox deinstallieren, keine Daten behalten, neu installieren.

Was meinst Du mit keine Daten behalten?
Sind dann meine ganzen Lesezeichen auch weg?

Tina

schrauber · 06.08.2013, 19:57

Ja. aber Lesezeichen kannste vorher exportieren und sichern. Aber sonst nix.

Tina666 · 07.08.2013, 23:16

Auf die Idee, Mozilla neu zu installieren hätte ich ja auch selber drauf kommen können. Hat aber ncihts gebracht, läuft immer noch mit Problemen. Angangs ganz ok, aber mit jedem Klick oder Text immer ruckhafter, bis sich dann fast gar ncihts mehr tut.

Das TCT wollte ich gestern machen, ging nicht.
kam diese Meldung gleich am Anfang:

You MUST be logged on as an administrator to use this utility.

While cleaning the temp files all open applications will be closed and the desktop will disappear.

When finished, if any files need to be removed by a reboot you will be asked to reboot.
Otherwise the desktop will be restored.

Habe dann dennoch auf STart gedrückt, aber es passierte nichts.

schrauber · 08.08.2013, 11:34

Sehr komisch. Und das pasiert nur bei Firefo, nicht bei anderen Browsern?

Poste bitte ein frisches FRST log.

Tina666 · 08.08.2013, 18:34

Ja, nur bei FF.

IE läuft.
FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-08-2013 (ATTENTION: ====> FRST version is 7 days old and could be outdated)
Ran by Hartmann (administrator) on 08-08-2013 19:31:27
Running from C:\Bereinigung
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avguard.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
() C:\WINDOWS\Gtwatch.exe
(Symantec Corporation) C:\Programme\Norton Ghost\Agent\VProTray.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe
(Oracle Corporation) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
(Google Inc.) C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Malwarebytes Corporation) C:\Bereinigung\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Common Group) C:\WINDOWS\twain_32\A12U16KD\WATCH.exe
(Malwarebytes Corporation) C:\Bereinigung\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Malwarebytes Corporation) C:\Bereinigung\Malwarebytes' Anti-Malware\mbamgui.exe
(Symantec Corporation) C:\Programme\Norton Ghost\Agent\VProSvc.exe
(Microsoft Corporation) c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avshadow.exe
(Symantec) C:\Programme\Norton Ghost\Shared\Drivers\SymSnapService.exe
(Microsoft Corporation) C:\Programme\internet explorer\iexplore.exe
(Microsoft Corporation) C:\Programme\internet explorer\iexplore.exe
(Microsoft Corporation) C:\Programme\internet explorer\iexplore.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDCPL] - C:\Windows\RTHDCPL.EXE [20053608 2011-06-24] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Gtwatch] - C:\WINDOWS\Gtwatch.exe [32768 2001-09-21] ()
HKLM\...\Run: [Adobe ARM] - C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Norton Ghost 15.0] - C:\Programme\Norton Ghost\Agent\VProTray.exe [2598760 2010-03-03] (Symantec Corporation)
HKLM\...\Run: [QuickTime Task] - C:\Programme\QuickTime\qttask.exe [286720 2007-06-29] (Apple Inc.)
HKLM\...\Run: [avgnt] - C:\Programme\Avira\AntiVir Desktop\avgnt.exe [345144 2013-06-24] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [DWQueuedReporting] - C:\PROGRA~1\GEMEIN~1\MICROS~1\DW\dwtrig20.exe [434080 2011-07-27] (Microsoft Corporation)
Winlogon\Notify\AtiExtEvent: Ati2evxx.dll (ATI Technologies Inc.)
Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation)
HKCU\...\Run: [swg] - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-02-23] (Google Inc.)
HKCU\...\RunOnce: [FlashPlayerUpdate] - C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe -update activex [814472 2013-06-11] (Adobe Systems Incorporated)
HKCU\...\Winlogon: [Shell] explorer.exe,C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\skype.dat <==== ATTENTION 
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Watch.lnk
ShortcutTarget: Watch.lnk -> C:\WINDOWS\twain_32\A12U16KD\WATCH.exe (Common Group)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Wirtschaft: Wirtschaftsnachrichten von t-online.de/wirtschaft
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {131B38B1-CC5B-4A32-9914-62E0ED1FC19C} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^DE&apn_uid=461F79FA-6540-4A67-92E9-7A3DF4C511BE&apn_sauid=5C35D8E7-5E82-4FF2-A735-F2D028B2C37C
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -&Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ipp - No CLSID Value - 
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value - 
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL (Skype Technologies)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Programme\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Programme\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Programme\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\google-und-download-suche.xml
FF SearchPlugin: C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\searchplugins\webde-suche.xml
FF Extension: No Name - C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com
FF Extension: No Name - C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com
FF Extension: No Name - C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\Extensions\foxmarks@kei.com
FF Extension: Zula Games - C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\Extensions\zulagames@ZulaGames.com
FF Extension: Microsoft .NET Framework Assistant - C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: Yahoo! Toolbar - C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF Extension: toolbar - C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\Extensions\toolbar@web.de.xpi
FF Extension: trtv3 - C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\Extensions\trtv3@trtv.com.xpi
FF Extension: No Name - C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Anti-Banner - C:\Programme\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2
FF Extension: Modul zur Link-Untersuchung - C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2
FF Extension: No Name - C:\Programme\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF Extension: Default - C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Programme\Avira\AntiVir Desktop\sched.exe [84024 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Programme\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-24] (Avira Operations GmbH & Co. KG)
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2008-12-01] ()
S3 GenericMount Helper Service; C:\Programme\Norton Ghost\Shared\Drivers\GenericMountHelper.exe [1574408 2010-02-12] (Symantec)
S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2009-11-23] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2009-11-23] (Google Inc.)
S3 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2012-08-22] (Google)
S3 IDriverT; c:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation)
R2 MBAMScheduler; C:\Bereinigung\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Bereinigung\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [117656 2013-07-31] (Mozilla Foundation)
R2 MSSQL$SQLEXPRESS; c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [40999448 2008-07-11] (Microsoft Corporation)
S4 MSSQLServerADHelper100; c:\Programme\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [47128 2008-07-11] (Microsoft Corporation)
R2 Norton Ghost; C:\Programme\Norton Ghost\Agent\VProSvc.exe [4590432 2010-03-03] (Symantec Corporation)
S3 odserv; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE [440696 2011-07-20] (Microsoft Corporation)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation)
S2 SkypeUpdate; C:\Programme\Skype\Updater\Updater.exe [160944 2012-07-13] (Skype Technologies)
S3 Sony PC Companion; C:\Programme\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S4 SQLAgent$SQLEXPRESS; c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [369688 2008-07-11] (Microsoft Corporation)
S4 SQLBrowser; c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe [258072 2008-07-10] (Microsoft Corporation)
R2 SQLWriter; c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe [98840 2008-07-10] (Microsoft Corporation)
R3 Symantec SymSnap VSS Provider; C:\WINDOWS\system32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation)
R3 SymSnapService; C:\Programme\Norton Ghost\Shared\Drivers\SymSnapService.exe [1964528 2010-02-11] (Symantec)
S3 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-11-03] (Microsoft Corporation)
S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [x]
R2 JavaQuickStarterService; "C:\Programme\Java\jre7\bin\jqs.exe" -service -config "C:\Programme\Java\jre7\lib\deploy\jqs\jqs.conf" [x]

==================== Drivers (Whitelisted) ====================

R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.)
S3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [2300928 2004-12-01] (Realtek Semiconductor Corp.)
S3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
S1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [35840 2004-10-21] (Advanced Micro Devices)
R2 Aspi32; C:\Windows\System32\drivers\aspi32.sys [16512 2006-09-02] (Adaptec)
R3 ati2mtag; C:\Windows\System32\DRIVERS\ati2mtag.sys [3452928 2008-12-02] (ATI Technologies Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-02-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-02-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-06] (Avira Operations GmbH & Co. KG)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 Cdr4_xp; C:\Windows\System32\Drivers\Cdr4_xp.sys [2432 2006-07-24] (Sonic Solutions)
R1 Cdralw2k; C:\Windows\System32\Drivers\Cdralw2k.sys [2560 2006-07-24] (Sonic Solutions)
R3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [57840 2010-02-12] (Symantec Corporation)
S3 GT680x; C:\Windows\System32\Drivers\gt680x.sys [18120 2001-11-08] (   )
R2 Hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [676864 2004-07-14] (Aladdin Knowledge Systems)
R2 Haspnt; C:\WINDOWS\system32\drivers\Haspnt.sys [47616 2006-09-02] (Aladdin Knowledge Systems)
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] (Windows (R) Server 2003 DDK provider)
R3 L1c; C:\Windows\System32\DRIVERS\l1c51x86.sys [65136 2011-03-22] (Atheros Communications, Inc.)
S3 MA-620; C:\Windows\System32\DRIVERS\MA-620.sys [27136 2003-03-25] (Mobile Action Tech. Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S3 MSIRCOMM; C:\Windows\System32\DRIVERS\MSIRCOMM.sys [22016 2008-04-13] (Microsoft Corporation)
S3 MVDCODEC; C:\Windows\System32\DRIVERS\ativmdcd.sys [9472 2001-08-17] ()
S3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-13] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R0 nvatabus; C:\Windows\System32\DRIVERS\nvatabus.sys [87936 2004-12-07] (NVIDIA Corporation)
S3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [33408 2004-11-24] (NVIDIA Corporation)
S3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [12928 2004-11-24] (NVIDIA Corporation)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [618112 2008-02-13] (PixArt Imaging Inc.)
R1 PCLEPCI; C:\WINDOWS\system32\drivers\pclepci.sys [14165 2005-02-09] (Pinnacle Systems GmbH)
S3 PMUSB2G; C:\Windows\System32\Drivers\PMUSB.sys [17408 2009-01-04] (PassMark Software)
R0 Pnp680r; C:\Windows\System32\DRIVERS\pnp680r.sys [76976 2002-05-31] (Silicon Image, Inc)
S3 pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [16472 2012-01-18] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [11104 2012-01-18] ()
R3 Rasirda; C:\Windows\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
S4 RsFx0102; C:\Windows\System32\DRIVERS\RsFx0102.sys [242712 2008-07-10] (Microsoft Corporation)
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [89256 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [15016 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [120744 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [114216 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [25512 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [110632 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [115752 2008-05-16] (MCCI Corporation)
R0 Si3114r5; C:\Windows\System32\DRIVERS\Si3114r5.sys [211496 2008-11-25] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\DRIVERS\SiWinAcc.sys [17064 2008-11-25] (Silicon Image, Inc.)
R0 SiRemFil; C:\Windows\System32\DRIVERS\SiRemFil.sys [12200 2008-11-25] (Silicon Image, Inc.)
S3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [11136 2008-04-13] (Microsoft Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
S3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [15232 2008-04-13] (Microsoft Corporation)
R2 symlcbrd; C:\WINDOWS\system32\drivers\symlcbrd.sys [4608 2006-09-02] (Symantec Corporation)
S3 VProEventMonitor; C:\Windows\System32\DRIVERS\vproeventmonitor.sys [15096 2009-09-21] (Symantec Corporation)
R3 WmBEnum; C:\Windows\System32\drivers\WmBEnum.sys [10144 2003-05-14] (Logitech Inc.)
S3 WmFilter; C:\Windows\System32\drivers\WmFilter.sys [21216 2003-05-14] (Logitech Inc.)
S3 WmVirHid; C:\Windows\System32\drivers\WmVirHid.sys [5728 2003-05-14] (Logitech Inc.)
R3 WmXlCore; C:\Windows\System32\drivers\WmXlCore.sys [44288 2003-05-14] (Logitech Inc.)
S3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-13] (Microsoft Corporation)
S3 yukonwxp; C:\Windows\System32\DRIVERS\yk51x86.sys [285952 2007-12-06] (Marvell)
S3 AVFSFilter; system32\DRIVERS\avfsfilter.sys [x]
S3 btaudio; system32\drivers\btaudio.sys [x]
S3 BTDriver; system32\DRIVERS\btport.sys [x]
S3 BTKRNL; system32\DRIVERS\btkrnl.sys [x]
S3 BTWDNDIS; system32\DRIVERS\btwdndis.sys [x]
S3 BTWUSB; System32\Drivers\btwusb.sys [x]
S2 Ca533av; System32\Drivers\Ca533av.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 FTD2XX; System32\Drivers\FTD2XX.sys [x]
S3 GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [x]
S4 IntelIde; No ImagePath
S3 LHidUsbK; System32\Drivers\LHidUsbK.Sys [x]
S3 LMouKE; system32\DRIVERS\LMouKE.Sys [x]
U3 TlntSvr; 
S3 USBCamera; System32\Drivers\Bulk533.sys [x]
U2 V2iMount; 
U3 Winsock - Google Desktop Search Backup Before First Install; No ImagePath
U3 Winsock - Google Desktop Search Backup Before Last Install; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-08 19:31 - 2013-08-08 19:32 - 00015285 _____ c:\temp\log3
2013-08-08 19:31 - 2013-08-08 19:32 - 00007104 _____ c:\temp\log1
2013-08-08 19:31 - 2013-08-08 19:31 - 00021167 _____ c:\temp\frstlog
2013-08-08 19:31 - 2013-08-08 19:31 - 00000305 _____ c:\temp\users00
2013-08-08 19:31 - 2013-08-08 19:31 - 00000003 _____ c:\temp\others
2013-08-08 14:37 - 2013-08-08 14:39 - 00040960 ____T c:\temp\~DF3C9E.tmp
2013-08-08 00:17 - 2013-08-08 00:25 - 00049152 ____T c:\temp\~DFFD53.tmp
2013-08-08 00:17 - 2013-08-08 00:17 - 00016384 ____T c:\temp\~DFF03B.tmp
2013-08-07 19:46 - 2013-08-07 19:46 - 00003940 _____ c:\temp\GimmeSetup(201308071946041308).log
2013-08-07 19:46 - 2013-08-07 19:46 - 00003545 _____ c:\temp\SetupExe(201308071946011308).log
2013-08-07 18:30 - 2013-08-07 18:30 - 00016384 ____T c:\temp\Perflib_Perfdata_17a0.dat
2013-08-07 16:27 - 2013-08-07 16:27 - 00016384 ____T c:\temp\Perflib_Perfdata_190.dat
2013-08-07 16:25 - 2013-08-07 16:25 - 00016384 ____T c:\temp\Perflib_Perfdata_9a0.dat
2013-08-07 16:25 - 2013-08-07 16:25 - 00016384 ____T c:\temp\Perflib_Perfdata_7cc.dat
2013-08-07 16:25 - 2013-08-07 16:25 - 00016384 ____T c:\temp\Perflib_Perfdata_4a0.dat
2013-08-07 16:25 - 2013-08-07 16:25 - 00000000 ____D c:\temp\WPDNSE
2013-08-07 07:16 - 2013-08-07 07:16 - 00000000 ____D c:\temp\ZNW1
2013-08-06 23:44 - 2013-08-06 23:44 - 00016384 ____T c:\temp\Perflib_Perfdata_b78.dat
2013-08-06 23:42 - 2013-08-06 23:42 - 00016384 ____T c:\temp\Perflib_Perfdata_9d0.dat
2013-08-06 23:41 - 2013-08-06 23:41 - 00016384 ____T c:\temp\Perflib_Perfdata_a0.dat
2013-08-06 23:09 - 2013-08-06 23:09 - 00000715 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
2013-08-06 23:09 - 2013-08-06 23:09 - 00000000 ____D C:\Programme\Mozilla Maintenance Service
2013-08-06 23:07 - 2013-08-06 23:07 - 00282112 _____ (Mozilla) C:\Programme\Firefox Setup Stub 23.0.exe
2013-08-06 23:01 - 2013-08-06 23:02 - 00100191 _____ C:\bookmarks.html
2013-08-06 18:30 - 2013-08-06 18:30 - 00016384 ____T c:\temp\Perflib_Perfdata_1158.dat
2013-08-06 14:31 - 2013-08-08 14:07 - 00001552 _____ c:\temp\TWAIN.LOG
2013-08-06 14:31 - 2013-08-08 14:07 - 00000156 _____ c:\temp\Twunk001.MTX
2013-08-06 14:31 - 2013-08-08 14:07 - 00000003 _____ c:\temp\Twain001.Mtx
2013-08-06 14:31 - 2013-08-06 14:31 - 00000000 _____ c:\temp\Twunk002.MTX
2013-08-06 12:58 - 2013-08-06 12:58 - 00000000 _____ c:\temp\scw4.tmp
2013-08-06 12:55 - 2013-08-06 12:53 - 00001479 _____ c:\temp\uninstall.tmp
2013-08-06 12:55 - 2011-03-23 06:48 - 00349592 ____R (CANON INC.) c:\temp\uninstall.exe
2013-08-06 12:53 - 2013-08-06 12:55 - 00000614 _____ c:\temp\MS43.LOG
2013-08-06 12:53 - 2011-02-07 11:09 - 00850320 ____N (CANON INC.) c:\temp\MSETUP4.EXE
2013-08-06 12:49 - 2013-08-06 12:49 - 00000000 _____ c:\temp\scw1.tmp
2013-08-06 12:28 - 2013-08-06 12:28 - 00016384 ____T c:\temp\Perflib_Perfdata_b04.dat
2013-08-06 12:27 - 2013-08-06 12:27 - 00016384 ____T c:\temp\Perflib_Perfdata_624.dat
2013-08-06 12:23 - 2013-08-06 12:23 - 00000000 ____D c:\temp\ZB
2013-08-06 12:18 - 2011-02-03 02:20 - 00184320 ____R (CANON INC.) C:\WINDOWS\system32\CNMIUAT.DLL
2013-08-06 12:17 - 2012-03-14 05:00 - 00311296 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMAT.DLL
2013-08-06 12:16 - 2011-03-31 10:07 - 00114688 _____ (CANON INC.) C:\WINDOWS\system32\CNC_ATU.dll
2013-08-06 12:16 - 2011-03-31 10:05 - 00286720 _____ (CANON INC.) C:\WINDOWS\system32\CNC_ATC.dll
2013-08-06 12:16 - 2011-03-31 10:05 - 00114688 _____ (CANON INC.) C:\WINDOWS\system32\CNC_ATI.dll
2013-08-06 12:16 - 2011-03-30 12:54 - 00323584 _____ (CANON INC.) C:\WINDOWS\system32\CNC_ATL.dll
2013-08-06 12:16 - 2010-11-18 08:15 - 00090112 ____R (Canon Inc.) C:\WINDOWS\system32\CNC_ATO.dll
2013-08-06 12:16 - 2010-11-12 11:13 - 00068096 _____ C:\WINDOWS\system32\CNC1754D.TBL
2013-08-06 12:16 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\WINDOWS\system32\CNHMCA.dll
2013-08-05 21:50 - 2013-08-05 21:52 - 00024414 _____ c:\temp\GimmeSetup(20130805215048ABC).log
2013-08-05 21:50 - 2013-08-05 21:50 - 00003544 _____ c:\temp\SetupExe(20130805215047ABC).log
2013-08-05 21:15 - 2013-08-05 21:15 - 00003939 _____ c:\temp\GimmeSetup(20130805211510A7C).log
2013-08-05 21:15 - 2013-08-05 21:15 - 00003544 _____ c:\temp\SetupExe(20130805211508A7C).log
2013-08-05 20:22 - 2013-08-05 20:22 - 00000000 ____D c:\temp\RarSFX1
2013-08-05 19:48 - 2013-08-05 19:48 - 00568821 _____ c:\temp\q+lIFSER.pdf.part
2013-08-05 19:48 - 2013-08-05 19:48 - 00255288 _____ c:\temp\QQa+6bQz.pdf.part
2013-08-05 18:30 - 2013-08-05 18:30 - 00016384 ____T c:\temp\Perflib_Perfdata_e54.dat
2013-08-05 17:28 - 2013-08-05 17:28 - 00016384 ____T c:\temp\Perflib_Perfdata_ae8.dat
2013-08-05 09:21 - 2013-08-05 09:21 - 00016384 ____T c:\temp\Perflib_Perfdata_434.dat
2013-08-05 09:20 - 2013-08-05 09:20 - 00016384 ____T c:\temp\Perflib_Perfdata_994.dat
2013-08-04 23:37 - 2013-08-04 23:37 - 00016384 ____T c:\temp\Perflib_Perfdata_8c4.dat
2013-08-04 23:05 - 2013-08-04 23:05 - 00016384 ____T c:\temp\Perflib_Perfdata_cf8.dat
2013-08-04 19:52 - 2013-08-04 19:52 - 00016384 ____T c:\temp\Perflib_Perfdata_cbc.dat
2013-08-04 19:47 - 2013-08-04 19:47 - 00000000 ____D c:\temp\WER6abb.dir00
2013-08-04 19:46 - 2013-08-04 19:46 - 00000000 ____D c:\temp\WER5625.dir00
2013-08-04 19:46 - 2013-08-04 19:46 - 00000000 ____D c:\temp\WER372c.dir00
2013-08-04 19:46 - 2013-08-04 19:46 - 00000000 ____D c:\temp\WER1fe0.dir00
2013-08-04 12:10 - 2013-08-04 21:57 - 00682962 _____ C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\model.fnp
2013-08-04 11:31 - 2013-08-04 11:38 - 00061158 _____ C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\m-rad.fnp
2013-08-03 21:22 - 2013-08-03 21:22 - 00003939 _____ c:\temp\GimmeSetup(20130803212201ACC).log
2013-08-03 21:21 - 2013-08-03 21:22 - 00003544 _____ c:\temp\SetupExe(20130803212159ACC).log
2013-08-03 15:18 - 2013-08-03 15:48 - 00064301 _____ C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\blat1 filou.fnp
2013-08-03 11:05 - 2013-08-03 11:05 - 00016384 ____T c:\temp\Perflib_Perfdata_89c.dat
2013-08-02 19:53 - 2013-08-02 19:54 - 00003939 _____ c:\temp\GimmeSetup(20130802195346E08).log
2013-08-02 19:53 - 2013-08-02 19:53 - 00003544 _____ c:\temp\SetupExe(20130802195344E08).log
2013-08-02 19:33 - 2013-08-02 19:33 - 00000000 _____ c:\temp\geIconCacheLock
2013-08-02 19:33 - 2013-08-02 19:33 - 00000000 _____ c:\temp\geColladaModelCacheLock
2013-08-02 18:30 - 2013-08-02 18:30 - 00016384 ____T c:\temp\Perflib_Perfdata_c4c.dat
2013-08-02 14:58 - 2013-08-02 14:58 - 00112298 _____ C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\test-01.fnp
2013-08-02 14:04 - 2013-08-02 14:04 - 00003939 _____ c:\temp\GimmeSetup(20130802140405FFC).log
2013-08-02 14:04 - 2013-08-02 14:04 - 00003544 _____ c:\temp\SetupExe(20130802140404FFC).log
2013-08-02 13:09 - 2013-08-02 13:09 - 00003938 _____ c:\temp\GimmeSetup(20130802130925260).log
2013-08-02 13:09 - 2013-08-02 13:09 - 00003541 _____ c:\temp\SetupExe(20130802130923260).log
2013-08-02 12:28 - 2013-08-02 12:28 - 00000000 ____D C:\Programme\ESET
2013-08-02 11:15 - 2013-08-02 11:15 - 00016384 ____T c:\temp\Perflib_Perfdata_a24.dat
2013-08-01 23:06 - 2013-08-01 23:06 - 00016384 ____T c:\temp\Perflib_Perfdata_c5c.dat
2013-08-01 22:37 - 2013-08-01 22:37 - 00016384 ____T c:\temp\Perflib_Perfdata_704.dat
2013-08-01 22:32 - 2013-08-01 22:32 - 00016384 ____T c:\temp\Perflib_Perfdata_878.dat
2013-08-01 22:28 - 2013-08-01 22:28 - 10285040 _____ (Malwarebytes Corporation                                    ) c:\temp\ZPBg+2uy.exe.part
2013-08-01 22:19 - 2013-08-01 22:20 - 00000000 ____D c:\temp\plugtmp-3
2013-08-01 21:19 - 2013-08-01 21:19 - 00016384 ____T c:\temp\Perflib_Perfdata_d80.dat
2013-08-01 20:48 - 2013-08-01 20:49 - 00003353 _____ c:\temp\tmpA9.tmp
2013-08-01 20:48 - 2013-08-01 20:48 - 00000000 _____ c:\temp\tmpA8.tmp
2013-08-01 18:30 - 2013-08-01 18:30 - 00016384 ____T c:\temp\Perflib_Perfdata_518.dat
2013-08-01 18:17 - 2013-08-01 18:17 - 00078749 _____ c:\temp\Projekt_115_test_3.TP_MODEL-QTECH8.DEMO
2013-08-01 18:14 - 2013-08-04 04:46 - 01926417 _____ c:\temp\NewPostFile.DEMO
2013-08-01 18:01 - 2013-08-04 07:46 - 00000615 _____ C:\Dokumente und Einstellungen\All Users\Desktop\FILOU-NC12.lnk
2013-08-01 18:01 - 2013-08-04 07:46 - 00000000 ____D C:\Programme\FILOU-NC12
2013-08-01 18:01 - 2009-09-07 10:51 - 00389120 _____ (WinMain Software (hxxp://www.winmain.com)) C:\WINDOWS\system32\cmax20.ocx
2013-08-01 18:01 - 2009-09-03 13:25 - 00389120 _____ (FILOU Software GmbH) C:\WINDOWS\system32\NCGraph3.ocx
2013-08-01 18:01 - 1999-02-19 07:54 - 00040960 _____ (<none>) C:\WINDOWS\system32\SSubTmr6.dll
2013-08-01 18:01 - 1998-06-23 23:00 - 00103744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSCOMM32.OCX
2013-08-01 14:58 - 2013-08-01 14:58 - 00016384 ____T c:\temp\Perflib_Perfdata_b18.dat
2013-08-01 14:56 - 2013-08-01 14:56 - 00016384 ____T c:\temp\Perflib_Perfdata_8dc.dat
2013-08-01 14:52 - 2013-08-01 14:54 - 00028996 _____ C:\AdwCleaner[S2].txt
2013-08-01 14:50 - 2013-08-07 19:22 - 00000748 _____ c:\temp\JavaDeployReg.log
2013-08-01 14:43 - 2013-08-01 14:43 - 00016384 ____T c:\temp\Perflib_Perfdata_dd0.dat
2013-08-01 01:25 - 2013-08-08 18:00 - 00042238 _____ c:\temp\dd_clwireg.txt
2013-07-31 22:52 - 2013-07-31 22:52 - 00025525 _____ C:\ComboFix.txt
2013-07-31 22:48 - 2013-08-08 18:00 - 00001755 _____ c:\temp\dw.log
2013-07-31 22:47 - 2013-07-31 22:47 - 00016384 ____T c:\temp\Perflib_Perfdata_da4.dat
2013-07-31 22:46 - 2013-08-07 16:27 - 00000409 _____ c:\temp\WGANotify.settings
2013-07-31 22:44 - 2013-08-08 18:34 - 00016379 _____ c:\temp\jusched.log
2013-07-31 22:44 - 2013-08-07 16:25 - 00015718 _____ c:\temp\AdobeARM.log
2013-07-31 22:44 - 2013-07-31 22:44 - 00028759 _____ c:\temp\Spanish.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00028419 _____ c:\temp\Italian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00028183 _____ c:\temp\French.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026912 _____ c:\temp\Portuguese.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026669 _____ c:\temp\German.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026582 _____ c:\temp\Russian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026549 _____ c:\temp\Hungarian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026202 _____ c:\temp\Dutch.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026159 _____ c:\temp\Slovak.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026023 _____ c:\temp\Portuguese(Brazil).bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00025980 _____ c:\temp\Lithuanian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00025631 _____ c:\temp\Greek.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00025202 _____ c:\temp\Japanese.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00024950 _____ c:\temp\Polish.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00024855 _____ c:\temp\Croatian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00024769 _____ c:\temp\Czech.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00024503 _____ c:\temp\SWEDISH.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00024330 _____ c:\temp\Slovenian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00023326 _____ c:\temp\Finnish.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00023225 _____ c:\temp\Danish.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00022830 _____ c:\temp\Turkish.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00022808 _____ c:\temp\English.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00022406 _____ c:\temp\Norwegian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00022395 _____ c:\temp\Thai.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00021543 _____ c:\temp\Arabic.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00020917 _____ c:\temp\Korean.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00019937 _____ c:\temp\Hebrew.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00017584 _____ c:\temp\TradChin.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00017030 _____ c:\temp\SimChin.bin
2013-07-31 22:13 - 2013-07-31 22:14 - 00000000 ____D c:\temp\plugtmp-2
2013-07-31 18:30 - 2013-07-31 18:30 - 00016384 ____T c:\temp\Perflib_Perfdata_19c4.dat
2013-07-31 18:18 - 2013-07-31 18:18 - 00000000 ____D C:\FRST
2013-07-31 11:30 - 2013-07-31 11:30 - 00016384 ____T c:\temp\Perflib_Perfdata_8f0.dat
2013-07-31 11:29 - 2013-07-31 11:29 - 00016384 ____T c:\temp\Perflib_Perfdata_cc0.dat
2013-07-31 04:37 - 2013-08-04 06:41 - 00005207 _____ C:\WINDOWS\ncvsolid.ini
2013-07-30 23:32 - 2013-07-30 23:32 - 00000000 ____D c:\temp\plugtmp-1
2013-07-27 17:31 - 2013-07-27 17:31 - 23924396 _____ C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\Cimatron E10.0 x32 x64 Setup + Key.rar
2013-07-27 17:30 - 2013-08-08 17:30 - 00001162 _____ C:\WINDOWS\Tasks\Torntv 2-updater.job
2013-07-27 17:30 - 2013-08-08 17:30 - 00001156 _____ C:\WINDOWS\Tasks\Torntv 2-codedownloader.job
2013-07-27 17:30 - 2013-08-08 17:30 - 00001066 _____ C:\WINDOWS\Tasks\Torntv 2-enabler.job
2013-07-27 17:30 - 2013-07-27 17:31 - 00000000 ____D C:\Programme\Torntv 2
2013-07-27 17:29 - 2013-07-31 22:38 - 00000000 ____D c:\temp\nsb2D.tmp
2013-07-27 07:05 - 2013-07-29 12:05 - 00001906 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
2013-07-26 11:05 - 2013-07-26 11:05 - 00000000 ____D c:\temp\mt_ffx
2013-07-26 11:04 - 2013-08-01 22:58 - 00000000 ____D C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Web Cake
2013-07-26 11:04 - 2013-07-31 22:38 - 00000000 ____D c:\temp\B638892A-BAB0-7891-BC5B-A7A34DE01197
2013-07-26 11:04 - 2013-07-26 11:04 - 00000000 ____D C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\zulagames
2013-07-26 10:30 - 2013-08-04 06:42 - 00003738 _____ C:\WINDOWS\ncverify.INI
2013-07-18 16:57 - 2013-07-31 22:38 - 00000000 ____D c:\temp\WERbee9.dir00
2013-07-18 16:57 - 2013-07-31 22:38 - 00000000 ____D c:\temp\WER5681.dir00
2013-07-18 16:56 - 2013-07-31 22:38 - 00000000 ____D c:\temp\WER9fde.dir00
2013-07-18 16:56 - 2013-07-31 22:38 - 00000000 ____D c:\temp\WER2ca9.dir00
2013-07-18 16:56 - 2013-07-31 22:38 - 00000000 ____D c:\temp\WER2366.dir00
2013-07-12 18:00 - 2013-07-12 18:04 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-07-10 18:48 - 2013-07-10 18:48 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904_WM11$
2013-07-10 18:48 - 2013-07-10 18:48 - 00000000 ____D c:\temp\KB2835393_10.0.30319
2013-07-10 18:47 - 2013-07-10 18:48 - 00125219 _____ C:\WINDOWS\KB2834904.log
2013-07-10 18:45 - 2013-08-08 18:00 - 00000000 ____D c:\temp\NDP1.1sp1-KB2833941-X86
2013-07-10 18:45 - 2013-07-10 18:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$
2013-07-10 18:44 - 2013-07-10 18:45 - 00125004 _____ C:\WINDOWS\KB2834886.log
2013-07-10 18:44 - 2013-07-10 18:44 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850851$
2013-07-10 18:43 - 2013-07-10 18:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845187$
2013-07-10 18:22 - 2013-07-10 18:23 - 00128314 _____ C:\WINDOWS\KB2846071-IE8.log
2013-07-10 18:17 - 2013-07-10 18:17 - 00000000 ____D c:\temp\KB2832407_10.0.30319
2013-07-10 18:05 - 2013-07-10 18:05 - 00000000 ____D c:\temp\KB2840628_10.0.30319
2013-07-10 17:30 - 2013-07-10 18:44 - 00130926 _____ C:\WINDOWS\KB2850851.log
2013-07-10 17:30 - 2013-07-10 18:43 - 00129702 _____ C:\WINDOWS\KB2845187.log
2013-07-09 19:25 - 2013-07-31 22:38 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 1 für 21409500[2].zip
2013-07-09 19:25 - 2013-07-31 22:38 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 1 für 21405500[1].zip

==================== One Month Modified Files and Folders =======

2013-08-08 19:32 - 2013-08-08 19:31 - 00007104 _____ c:\temp\log1
2013-08-08 19:31 - 2013-08-08 19:31 - 00021167 _____ c:\temp\frstlog
2013-08-08 19:31 - 2013-08-08 19:31 - 00000305 _____ c:\temp\users00
2013-08-08 19:31 - 2013-08-08 19:31 - 00000003 _____ c:\temp\others
2013-08-08 19:31 - 2012-10-11 22:50 - 00000000 ____D C:\Bereinigung
2013-08-08 19:16 - 2006-09-02 15:35 - 01739161 ____C C:\WINDOWS\WindowsUpdate.log
2013-08-08 19:04 - 2009-11-23 03:27 - 00001094 ____C C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-08 18:39 - 2012-04-10 02:36 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-08-08 18:34 - 2013-07-31 22:44 - 00016379 _____ c:\temp\jusched.log
2013-08-08 18:34 - 2013-04-29 23:38 - 00000000 ____D c:\temp\hsperfdata_Hartmann
2013-08-08 18:30 - 2006-09-02 17:22 - 00000000 ____D C:\WINDOWS\repair
2013-08-08 18:00 - 2013-08-01 01:25 - 00042238 _____ c:\temp\dd_clwireg.txt
2013-08-08 18:00 - 2013-07-31 22:48 - 00001755 _____ c:\temp\dw.log
2013-08-08 18:00 - 2013-07-10 18:45 - 00000000 ____D c:\temp\NDP1.1sp1-KB2833941-X86
2013-08-08 17:45 - 2007-03-28 23:42 - 00000000 ____D C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\BVS Solitaire Collection
2013-08-08 17:30 - 2013-07-27 17:30 - 00001162 _____ C:\WINDOWS\Tasks\Torntv 2-updater.job
2013-08-08 17:30 - 2013-07-27 17:30 - 00001156 _____ C:\WINDOWS\Tasks\Torntv 2-codedownloader.job
2013-08-08 17:30 - 2013-07-27 17:30 - 00001066 _____ C:\WINDOWS\Tasks\Torntv 2-enabler.job
2013-08-08 14:49 - 2006-09-02 16:29 - 00003055 ____C C:\WINDOWS\wiadebug.log
2013-08-08 14:39 - 2013-08-08 14:37 - 00040960 ____T c:\temp\~DF3C9E.tmp
2013-08-08 14:08 - 2006-09-05 00:53 - 00000000 ____D C:\Bilder
2013-08-08 14:07 - 2013-08-06 14:31 - 00001552 _____ c:\temp\TWAIN.LOG
2013-08-08 14:07 - 2013-08-06 14:31 - 00000156 _____ c:\temp\Twunk001.MTX
2013-08-08 14:07 - 2013-08-06 14:31 - 00000003 _____ c:\temp\Twain001.Mtx
2013-08-08 13:37 - 2013-02-11 00:31 - 00000000 ____D c:\temp\Google Toolbar
2013-08-08 09:04 - 2006-09-02 15:38 - 00032384 _____ C:\WINDOWS\SchedLgU.Txt
2013-08-08 04:04 - 2009-11-23 03:27 - 00001090 ____C C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-08 00:25 - 2013-08-08 00:17 - 00049152 ____T c:\temp\~DFFD53.tmp
2013-08-08 00:17 - 2013-08-08 00:17 - 00016384 ____T c:\temp\~DFF03B.tmp
2013-08-07 19:46 - 2013-08-07 19:46 - 00003940 _____ c:\temp\GimmeSetup(201308071946041308).log
2013-08-07 19:46 - 2013-08-07 19:46 - 00003545 _____ c:\temp\SetupExe(201308071946011308).log
2013-08-07 19:22 - 2013-08-01 14:50 - 00000748 _____ c:\temp\JavaDeployReg.log
2013-08-07 18:30 - 2013-08-07 18:30 - 00016384 ____T c:\temp\Perflib_Perfdata_17a0.dat
2013-08-07 18:30 - 2006-09-02 15:33 - 00000000 ____D C:\WINDOWS\Registration
2013-08-07 16:27 - 2013-08-07 16:27 - 00016384 ____T c:\temp\Perflib_Perfdata_190.dat
2013-08-07 16:27 - 2013-07-31 22:46 - 00000409 _____ c:\temp\WGANotify.settings
2013-08-07 16:27 - 2004-08-04 14:00 - 00012682 ____C C:\WINDOWS\system32\wpa.dbl
2013-08-07 16:25 - 2013-08-07 16:25 - 00016384 ____T c:\temp\Perflib_Perfdata_9a0.dat
2013-08-07 16:25 - 2013-08-07 16:25 - 00016384 ____T c:\temp\Perflib_Perfdata_7cc.dat
2013-08-07 16:25 - 2013-08-07 16:25 - 00016384 ____T c:\temp\Perflib_Perfdata_4a0.dat
2013-08-07 16:25 - 2013-08-07 16:25 - 00000000 ____D c:\temp\WPDNSE
2013-08-07 16:25 - 2013-07-31 22:44 - 00015718 _____ c:\temp\AdobeARM.log
2013-08-07 16:25 - 2006-09-02 16:29 - 00000050 ____C C:\WINDOWS\wiaservc.log
2013-08-07 16:25 - 2006-09-02 15:38 - 00000006 ___HC C:\WINDOWS\Tasks\SA.DAT
2013-08-07 16:24 - 2008-12-01 22:11 - 00069112 ____C C:\WINDOWS\system32\ativvaxx.cap
2013-08-07 07:16 - 2013-08-07 07:16 - 00000000 ____D c:\temp\ZNW1
2013-08-07 07:15 - 2006-09-02 15:39 - 00000190 __SHC C:\Dokumente und Einstellungen\Hartmann\ntuser.ini
2013-08-07 07:15 - 2006-09-02 15:39 - 00000000 ____D C:\Dokumente und Einstellungen\Hartmann
2013-08-06 23:44 - 2013-08-06 23:44 - 00016384 ____T c:\temp\Perflib_Perfdata_b78.dat
2013-08-06 23:42 - 2013-08-06 23:42 - 00016384 ____T c:\temp\Perflib_Perfdata_9d0.dat
2013-08-06 23:41 - 2013-08-06 23:41 - 00016384 ____T c:\temp\Perflib_Perfdata_a0.dat
2013-08-06 23:09 - 2013-08-06 23:09 - 00000715 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
2013-08-06 23:09 - 2013-08-06 23:09 - 00000000 ____D C:\Programme\Mozilla Maintenance Service
2013-08-06 23:09 - 2013-07-03 02:04 - 00000000 ____D C:\Programme\Mozilla Firefox
2013-08-06 23:09 - 2006-09-02 16:27 - 00000000 ___RD C:\Programme
2013-08-06 23:07 - 2013-08-06 23:07 - 00282112 _____ (Mozilla) C:\Programme\Firefox Setup Stub 23.0.exe
2013-08-06 23:02 - 2013-08-06 23:01 - 00100191 _____ C:\bookmarks.html
2013-08-06 18:30 - 2013-08-06 18:30 - 00016384 ____T c:\temp\Perflib_Perfdata_1158.dat
2013-08-06 16:44 - 2010-10-15 14:38 - 00000000 ____D C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\VariCAD
2013-08-06 16:43 - 2010-10-15 14:38 - 00000244 _____ C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\varicad-work.ini
2013-08-06 15:03 - 2006-09-02 17:22 - 00000116 ____C C:\WINDOWS\NeroDigital.ini
2013-08-06 14:31 - 2013-08-06 14:31 - 00000000 _____ c:\temp\Twunk002.MTX
2013-08-06 14:30 - 2006-09-05 00:54 - 00000000 ____D C:\Filme
2013-08-06 14:30 - 2006-09-02 15:39 - 00000000 ___RD C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\Eigene Bilder
2013-08-06 12:58 - 2013-08-06 12:58 - 00000000 _____ c:\temp\scw4.tmp
2013-08-06 12:55 - 2013-08-06 12:53 - 00000614 _____ c:\temp\MS43.LOG
2013-08-06 12:53 - 2013-08-06 12:55 - 00001479 _____ c:\temp\uninstall.tmp
2013-08-06 12:53 - 2006-09-02 21:52 - 00000000 ____D C:\Programme\Canon
2013-08-06 12:49 - 2013-08-06 12:49 - 00000000 _____ c:\temp\scw1.tmp
2013-08-06 12:46 - 2012-04-12 06:36 - 00738324 _____ C:\WINDOWS\setupapi.log
2013-08-06 12:28 - 2013-08-06 12:28 - 00016384 ____T c:\temp\Perflib_Perfdata_b04.dat
2013-08-06 12:27 - 2013-08-06 12:27 - 00016384 ____T c:\temp\Perflib_Perfdata_624.dat
2013-08-06 12:25 - 2006-09-02 16:27 - 00216856 ____C C:\WINDOWS\system32\FNTCACHE.DAT
2013-08-06 12:23 - 2013-08-06 12:23 - 00000000 ____D c:\temp\ZB
2013-08-06 12:16 - 2006-09-02 17:22 - 00000000 ____D C:\WINDOWS\twain_32
2013-08-06 12:16 - 2006-09-02 17:22 - 00000000 ____D C:\WINDOWS\Media
2013-08-05 21:52 - 2013-08-05 21:50 - 00024414 _____ c:\temp\GimmeSetup(20130805215048ABC).log
2013-08-05 21:50 - 2013-08-05 21:50 - 00003544 _____ c:\temp\SetupExe(20130805215047ABC).log
2013-08-05 21:15 - 2013-08-05 21:15 - 00003939 _____ c:\temp\GimmeSetup(20130805211510A7C).log
2013-08-05 21:15 - 2013-08-05 21:15 - 00003544 _____ c:\temp\SetupExe(20130805211508A7C).log
2013-08-05 20:22 - 2013-08-05 20:22 - 00000000 ____D c:\temp\RarSFX1
2013-08-05 19:48 - 2013-08-05 19:48 - 00568821 _____ c:\temp\q+lIFSER.pdf.part
2013-08-05 19:48 - 2013-08-05 19:48 - 00255288 _____ c:\temp\QQa+6bQz.pdf.part
2013-08-05 18:30 - 2013-08-05 18:30 - 00016384 ____T c:\temp\Perflib_Perfdata_e54.dat
2013-08-05 17:28 - 2013-08-05 17:28 - 00016384 ____T c:\temp\Perflib_Perfdata_ae8.dat
2013-08-05 09:21 - 2013-08-05 09:21 - 00016384 ____T c:\temp\Perflib_Perfdata_434.dat
2013-08-05 09:20 - 2013-08-05 09:20 - 00016384 ____T c:\temp\Perflib_Perfdata_994.dat
2013-08-04 23:37 - 2013-08-04 23:37 - 00016384 ____T c:\temp\Perflib_Perfdata_8c4.dat
2013-08-04 23:05 - 2013-08-04 23:05 - 00016384 ____T c:\temp\Perflib_Perfdata_cf8.dat
2013-08-04 22:54 - 2006-09-05 00:54 - 00000000 ____D C:\Boxer Klub
2013-08-04 21:57 - 2013-08-04 12:10 - 00682962 _____ C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\model.fnp
2013-08-04 19:52 - 2013-08-04 19:52 - 00016384 ____T c:\temp\Perflib_Perfdata_cbc.dat
2013-08-04 19:47 - 2013-08-04 19:47 - 00000000 ____D c:\temp\WER6abb.dir00
2013-08-04 19:46 - 2013-08-04 19:46 - 00000000 ____D c:\temp\WER5625.dir00
2013-08-04 19:46 - 2013-08-04 19:46 - 00000000 ____D c:\temp\WER372c.dir00
2013-08-04 19:46 - 2013-08-04 19:46 - 00000000 ____D c:\temp\WER1fe0.dir00
2013-08-04 11:38 - 2013-08-04 11:31 - 00061158 _____ C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\m-rad.fnp
2013-08-04 07:46 - 2013-08-01 18:01 - 00000615 _____ C:\Dokumente und Einstellungen\All Users\Desktop\FILOU-NC12.lnk
2013-08-04 07:46 - 2013-08-01 18:01 - 00000000 ____D C:\Programme\FILOU-NC12
2013-08-04 07:03 - 2007-06-14 23:52 - 06619136 ____C C:\WINDOWS\outlook.pst
2013-08-04 07:03 - 2004-08-04 14:00 - 00001738 ____C C:\WINDOWS\win.ini
2013-08-04 06:42 - 2013-07-26 10:30 - 00003738 _____ C:\WINDOWS\ncverify.INI
2013-08-04 06:41 - 2013-07-31 04:37 - 00005207 _____ C:\WINDOWS\ncvsolid.ini
2013-08-04 04:46 - 2013-08-01 18:14 - 01926417 _____ c:\temp\NewPostFile.DEMO
2013-08-03 21:23 - 2006-09-02 16:18 - 00000000 ____D C:\Privat
2013-08-03 21:22 - 2013-08-03 21:22 - 00003939 _____ c:\temp\GimmeSetup(20130803212201ACC).log
2013-08-03 21:22 - 2013-08-03 21:21 - 00003544 _____ c:\temp\SetupExe(20130803212159ACC).log
2013-08-03 15:48 - 2013-08-03 15:18 - 00064301 _____ C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\blat1 filou.fnp
2013-08-03 11:05 - 2013-08-03 11:05 - 00016384 ____T c:\temp\Perflib_Perfdata_89c.dat
2013-08-03 03:12 - 2006-09-02 18:25 - 00004096 ___SH C:\VSNAP.IDX
2013-08-02 19:54 - 2013-08-02 19:53 - 00003939 _____ c:\temp\GimmeSetup(20130802195346E08).log
2013-08-02 19:53 - 2013-08-02 19:53 - 00003544 _____ c:\temp\SetupExe(20130802195344E08).log
2013-08-02 19:33 - 2013-08-02 19:33 - 00000000 _____ c:\temp\geIconCacheLock
2013-08-02 19:33 - 2013-08-02 19:33 - 00000000 _____ c:\temp\geColladaModelCacheLock
2013-08-02 18:30 - 2013-08-02 18:30 - 00016384 ____T c:\temp\Perflib_Perfdata_c4c.dat
2013-08-02 14:58 - 2013-08-02 14:58 - 00112298 _____ C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\test-01.fnp
2013-08-02 14:04 - 2013-08-02 14:04 - 00003939 _____ c:\temp\GimmeSetup(20130802140405FFC).log
2013-08-02 14:04 - 2013-08-02 14:04 - 00003544 _____ c:\temp\SetupExe(20130802140404FFC).log
2013-08-02 13:09 - 2013-08-02 13:09 - 00003938 _____ c:\temp\GimmeSetup(20130802130925260).log
2013-08-02 13:09 - 2013-08-02 13:09 - 00003541 _____ c:\temp\SetupExe(20130802130923260).log
2013-08-02 12:28 - 2013-08-02 12:28 - 00000000 ____D C:\Programme\ESET
2013-08-02 11:15 - 2013-08-02 11:15 - 00016384 ____T c:\temp\Perflib_Perfdata_a24.dat
2013-08-01 23:06 - 2013-08-01 23:06 - 00016384 ____T c:\temp\Perflib_Perfdata_c5c.dat
2013-08-01 23:03 - 2007-01-10 19:00 - 00000000 ____D C:\WINDOWS\ie7updates
2013-08-01 22:58 - 2013-07-26 11:04 - 00000000 ____D C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Web Cake
2013-08-01 22:37 - 2013-08-01 22:37 - 00016384 ____T c:\temp\Perflib_Perfdata_704.dat
2013-08-01 22:35 - 2013-02-08 22:29 - 00000773 _____ C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-01 22:32 - 2013-08-01 22:32 - 00016384 ____T c:\temp\Perflib_Perfdata_878.dat
2013-08-01 22:28 - 2013-08-01 22:28 - 10285040 _____ (Malwarebytes Corporation                                    ) c:\temp\ZPBg+2uy.exe.part
2013-08-01 22:20 - 2013-08-01 22:19 - 00000000 ____D c:\temp\plugtmp-3
2013-08-01 21:19 - 2013-08-01 21:19 - 00016384 ____T c:\temp\Perflib_Perfdata_d80.dat
2013-08-01 20:49 - 2013-08-01 20:48 - 00003353 _____ c:\temp\tmpA9.tmp
2013-08-01 20:48 - 2013-08-01 20:48 - 00000000 _____ c:\temp\tmpA8.tmp
2013-08-01 20:37 - 2010-08-05 14:37 - 00000000 ____D C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\FreeVideoConverter
2013-08-01 18:30 - 2013-08-01 18:30 - 00016384 ____T c:\temp\Perflib_Perfdata_518.dat
2013-08-01 18:17 - 2013-08-01 18:17 - 00078749 _____ c:\temp\Projekt_115_test_3.TP_MODEL-QTECH8.DEMO
2013-08-01 14:58 - 2013-08-01 14:58 - 00016384 ____T c:\temp\Perflib_Perfdata_b18.dat
2013-08-01 14:56 - 2013-08-01 14:56 - 00016384 ____T c:\temp\Perflib_Perfdata_8dc.dat
2013-08-01 14:54 - 2013-08-01 14:52 - 00028996 _____ C:\AdwCleaner[S2].txt
2013-08-01 14:52 - 2013-02-23 11:53 - 00000908 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk
2013-08-01 14:52 - 2012-01-18 20:19 - 00000886 _____ C:\Dokumente und Einstellungen\Hartmann\Startmenü\Programme\WEB.DE.lnk
2013-08-01 14:52 - 2009-07-07 17:32 - 00000760 _____ C:\Dokumente und Einstellungen\Hartmann\Startmenü\Programme\Internet Explorer.lnk
2013-08-01 14:52 - 2006-09-02 15:39 - 00000000 ___RD C:\Dokumente und Einstellungen\Hartmann\Startmenü\Programme
2013-08-01 14:45 - 2013-02-22 23:27 - 00000000 ____D c:\temp\APNScripts
2013-08-01 14:43 - 2013-08-01 14:43 - 00016384 ____T c:\temp\Perflib_Perfdata_dd0.dat
2013-07-31 22:52 - 2013-07-31 22:52 - 00025525 _____ C:\ComboFix.txt
2013-07-31 22:52 - 2012-11-17 14:15 - 00000000 ____D C:\Qoobox
2013-07-31 22:47 - 2013-07-31 22:47 - 00016384 ____T c:\temp\Perflib_Perfdata_da4.dat
2013-07-31 22:45 - 2004-08-04 14:00 - 00000243 _____ C:\WINDOWS\system.ini
2013-07-31 22:44 - 2013-07-31 22:44 - 00028759 _____ c:\temp\Spanish.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00028419 _____ c:\temp\Italian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00028183 _____ c:\temp\French.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026912 _____ c:\temp\Portuguese.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026669 _____ c:\temp\German.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026582 _____ c:\temp\Russian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026549 _____ c:\temp\Hungarian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026202 _____ c:\temp\Dutch.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026159 _____ c:\temp\Slovak.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00026023 _____ c:\temp\Portuguese(Brazil).bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00025980 _____ c:\temp\Lithuanian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00025631 _____ c:\temp\Greek.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00025202 _____ c:\temp\Japanese.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00024950 _____ c:\temp\Polish.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00024855 _____ c:\temp\Croatian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00024769 _____ c:\temp\Czech.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00024503 _____ c:\temp\SWEDISH.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00024330 _____ c:\temp\Slovenian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00023326 _____ c:\temp\Finnish.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00023225 _____ c:\temp\Danish.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00022830 _____ c:\temp\Turkish.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00022808 _____ c:\temp\English.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00022406 _____ c:\temp\Norwegian.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00022395 _____ c:\temp\Thai.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00021543 _____ c:\temp\Arabic.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00020917 _____ c:\temp\Korean.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00019937 _____ c:\temp\Hebrew.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00017584 _____ c:\temp\TradChin.bin
2013-07-31 22:44 - 2013-07-31 22:44 - 00017030 _____ c:\temp\SimChin.bin
2013-07-31 22:41 - 2006-09-02 17:26 - 63176704 _____ C:\WINDOWS\system32\config\software.bak
2013-07-31 22:41 - 2006-09-02 17:26 - 08388608 _____ C:\WINDOWS\system32\config\system.bak
2013-07-31 22:41 - 2006-09-02 17:26 - 00311296 _____ C:\WINDOWS\system32\config\default.bak
2013-07-31 22:41 - 2006-09-02 16:26 - 00262144 _____ C:\WINDOWS\system32\config\SECURITY.bak
2013-07-31 22:41 - 2006-09-02 16:26 - 00028672 _____ C:\WINDOWS\system32\config\SAM.bak
2013-07-31 22:40 - 2009-10-10 13:25 - 00008192 ____H C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2013-07-31 22:40 - 2008-12-15 15:37 - 00000000 ____D C:\WINDOWS\erdnt
2013-07-31 22:38 - 2013-07-27 17:29 - 00000000 ____D c:\temp\nsb2D.tmp
2013-07-31 22:38 - 2013-07-26 11:04 - 00000000 ____D c:\temp\B638892A-BAB0-7891-BC5B-A7A34DE01197
2013-07-31 22:38 - 2013-07-18 16:57 - 00000000 ____D c:\temp\WERbee9.dir00
2013-07-31 22:38 - 2013-07-18 16:57 - 00000000 ____D c:\temp\WER5681.dir00
2013-07-31 22:38 - 2013-07-18 16:56 - 00000000 ____D c:\temp\WER9fde.dir00
2013-07-31 22:38 - 2013-07-18 16:56 - 00000000 ____D c:\temp\WER2ca9.dir00
2013-07-31 22:38 - 2013-07-18 16:56 - 00000000 ____D c:\temp\WER2366.dir00
2013-07-31 22:38 - 2013-07-09 19:25 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 1 für 21409500[2].zip
2013-07-31 22:38 - 2013-07-09 19:25 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 1 für 21405500[1].zip
2013-07-31 22:38 - 2013-07-05 04:44 - 00000000 ____D c:\temp\WERe655.dir00
2013-07-31 22:38 - 2013-06-29 16:21 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 1 für 29307500[1].zip
2013-07-31 22:38 - 2013-06-29 15:55 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 3 für 29306000[1].zip
2013-07-31 22:38 - 2013-06-29 15:49 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 2 für 29306000[1].zip
2013-07-31 22:38 - 2013-06-29 15:43 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 1 für 29306000[1].zip
2013-07-31 22:38 - 2013-06-29 04:08 - 00000000 ____D c:\temp\nsl14A
2013-07-31 22:38 - 2013-06-26 17:43 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 1 für 21612000[1].zip
2013-07-31 22:38 - 2013-06-26 17:20 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 1 für 23111090[2].zip
2013-07-31 22:38 - 2013-06-26 17:18 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 1 für 23111016[1].zip
2013-07-31 22:38 - 2013-06-20 17:32 - 00000000 ____D c:\temp\WER8702.dir00
2013-07-31 22:38 - 2013-06-20 17:31 - 00000000 ____D c:\temp\WERf690.dir00
2013-07-31 22:38 - 2013-06-20 17:30 - 00000000 ____D c:\temp\WER3cc8.dir00
2013-07-31 22:38 - 2013-06-20 17:30 - 00000000 ____D c:\temp\WER2a84.dir00
2013-07-31 22:38 - 2013-06-13 20:09 - 00000000 ____D c:\temp\DownloadMngPhone
2013-07-31 22:38 - 2013-06-12 22:07 - 00000000 ____D c:\temp\3920-1-2013-6-12-20-7-51-46
2013-07-31 22:38 - 2013-05-20 14:07 - 00000000 ___HD c:\temp\Temporäres Verzeichnis 1 für 28314000[1].zip
2013-07-31 22:38 - 2013-05-11 18:03 - 00000000 ____D c:\temp\WER2fc6.dir00
2013-07-31 22:38 - 2013-05-11 18:03 - 00000000 ____D c:\temp\WER0037.dir00
2013-07-31 22:38 - 2013-05-01 16:41 - 00000000 ____D c:\temp\WERe632.dir00
2013-07-31 22:38 - 2013-05-01 16:40 - 00000000 ____D c:\temp\WER60aa.dir00
2013-07-31 22:38 - 2013-05-01 16:40 - 00000000 ____D c:\temp\WER5030.dir00
2013-07-31 22:38 - 2013-05-01 16:39 - 00000000 ____D c:\temp\WER922e.dir00
2013-07-31 22:38 - 2013-05-01 16:39 - 00000000 ____D c:\temp\WER6ea2.dir00
2013-07-31 22:38 - 2013-04-26 20:50 - 00000000 ____D c:\temp\scoped_dir_3712_3940
2013-07-31 22:38 - 2013-04-26 20:30 - 00000000 ____D c:\temp\RarSFX0
2013-07-31 22:38 - 2013-04-26 16:14 - 00000000 ____D c:\temp\WERaa2d.dir00
2013-07-31 22:38 - 2013-04-26 16:14 - 00000000 ____D c:\temp\WER8e09.dir00
2013-07-31 22:38 - 2013-04-26 16:14 - 00000000 ____D c:\temp\WER710a.dir00
2013-07-31 22:38 - 2013-04-12 17:43 - 00000000 ____D c:\temp\Temporäres Verzeichnis 1 für Bedienungsanleitung Bahn-Tix für DB-Automaten - Version 13.02.2012.pdf.zip
2013-07-31 22:38 - 2013-04-10 03:20 - 00000000 ____D c:\temp\WER7437.dir00
2013-07-31 22:38 - 2013-03-25 18:06 - 00000000 ____D c:\temp\nsfB
2013-07-31 22:38 - 2013-03-06 21:00 - 00000000 ____D c:\temp\CRX_75DAF8CB7768
2013-07-31 22:38 - 2013-02-22 16:17 - 00000000 ____D c:\temp\APN-Stub
2013-07-31 22:38 - 2013-02-08 19:00 - 00000000 ____D c:\temp\NDP1.1sp1-KB2742597-X86
2013-07-31 22:14 - 2013-07-31 22:13 - 00000000 ____D c:\temp\plugtmp-2
2013-07-31 18:30 - 2013-07-31 18:30 - 00016384 ____T c:\temp\Perflib_Perfdata_19c4.dat
2013-07-31 18:18 - 2013-07-31 18:18 - 00000000 ____D C:\FRST
2013-07-31 11:30 - 2013-07-31 11:30 - 00016384 ____T c:\temp\Perflib_Perfdata_8f0.dat
2013-07-31 11:29 - 2013-07-31 11:29 - 00016384 ____T c:\temp\Perflib_Perfdata_cc0.dat
2013-07-30 23:32 - 2013-07-30 23:32 - 00000000 ____D c:\temp\plugtmp-1
2013-07-29 12:05 - 2013-07-27 07:05 - 00001906 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
2013-07-27 21:55 - 2006-09-02 17:56 - 00000520 ____C C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\spider.sav
2013-07-27 17:31 - 2013-07-27 17:31 - 23924396 _____ C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\Cimatron E10.0 x32 x64 Setup + Key.rar
2013-07-27 17:31 - 2013-07-27 17:30 - 00000000 ____D C:\Programme\Torntv 2
2013-07-27 09:54 - 2013-02-10 23:07 - 00000000 ____D c:\temp\msohtmlclip1
2013-07-26 11:05 - 2013-07-26 11:05 - 00000000 ____D c:\temp\mt_ffx
2013-07-26 11:04 - 2013-07-26 11:04 - 00000000 ____D C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\zulagames
2013-07-21 15:00 - 2007-08-18 01:38 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\FreePDF
2013-07-21 14:53 - 2013-06-07 00:28 - 00000000 ____D C:\Müchen 16. + 06.Juni
2013-07-21 14:53 - 2013-03-18 17:12 - 00000000 ____D C:\Projekt 10a
2013-07-21 14:53 - 2012-04-05 22:25 - 00000000 ____D C:\HP BK
2013-07-21 14:53 - 2010-08-22 17:20 - 00000000 ____D C:\Tests
2013-07-21 14:53 - 2007-08-10 00:37 - 00007680 __SHC C:\WINDOWS\Thumbs.db
2013-07-20 21:04 - 2009-01-26 23:59 - 00000030 ____C C:\WINDOWS\Iedit_.INI
2013-07-19 04:15 - 2007-06-13 19:34 - 00000767 ____C C:\WINDOWS\CAD-Symbols.ini
2013-07-18 19:59 - 2007-06-13 19:55 - 00000064 ____C C:\WINDOWS\StvStepW.INI
2013-07-16 14:16 - 2006-09-02 16:28 - 01396008 ____C C:\WINDOWS\system32\PerfStringBackup.INI
2013-07-12 18:04 - 2013-07-12 18:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-07-10 19:51 - 2006-09-02 16:45 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-07-10 19:04 - 2009-01-04 21:39 - 00000000 ____D C:\Programme\Microsoft Silverlight
2013-07-10 18:48 - 2013-07-10 18:48 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904_WM11$
2013-07-10 18:48 - 2013-07-10 18:48 - 00000000 ____D c:\temp\KB2835393_10.0.30319
2013-07-10 18:48 - 2013-07-10 18:47 - 00125219 _____ C:\WINDOWS\KB2834904.log
2013-07-10 18:48 - 2006-09-02 16:28 - 02914674 ____C C:\WINDOWS\FaxSetup.log
2013-07-10 18:48 - 2006-09-02 16:28 - 01403138 ____C C:\WINDOWS\ocgen.log
2013-07-10 18:48 - 2006-09-02 16:28 - 01108568 ____C C:\WINDOWS\tsoc.log
2013-07-10 18:48 - 2006-09-02 16:28 - 00959526 ____C C:\WINDOWS\comsetup.log
2013-07-10 18:48 - 2006-09-02 16:28 - 00580260 ____C C:\WINDOWS\ntdtcsetup.log
2013-07-10 18:48 - 2006-09-02 16:28 - 00461223 ____C C:\WINDOWS\iis6.log
2013-07-10 18:48 - 2006-09-02 16:28 - 00159250 ____C C:\WINDOWS\ocmsn.log
2013-07-10 18:48 - 2006-09-02 16:28 - 00145398 ____C C:\WINDOWS\msgsocm.log
2013-07-10 18:48 - 2006-09-02 16:28 - 00001374 _____ C:\WINDOWS\imsins.log
2013-07-10 18:45 - 2013-07-10 18:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$
2013-07-10 18:45 - 2013-07-10 18:44 - 00125004 _____ C:\WINDOWS\KB2834886.log
2013-07-10 18:45 - 2006-09-02 16:28 - 00001374 _____ C:\WINDOWS\imsins.BAK
2013-07-10 18:44 - 2013-07-10 18:44 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850851$
2013-07-10 18:44 - 2013-07-10 17:30 - 00130926 _____ C:\WINDOWS\KB2850851.log
2013-07-10 18:43 - 2013-07-10 18:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845187$
2013-07-10 18:43 - 2013-07-10 17:30 - 00129702 _____ C:\WINDOWS\KB2845187.log
2013-07-10 18:23 - 2013-07-10 18:22 - 00128314 _____ C:\WINDOWS\KB2846071-IE8.log
2013-07-10 18:23 - 2009-07-07 17:29 - 00000000 ____D C:\WINDOWS\ie8updates
2013-07-10 18:23 - 2006-09-02 16:39 - 00702571 ____C C:\WINDOWS\updspapi.log
2013-07-10 18:17 - 2013-07-10 18:17 - 00000000 ____D c:\temp\KB2832407_10.0.30319
2013-07-10 18:05 - 2013-07-10 18:05 - 00000000 ____D c:\temp\KB2840628_10.0.30319
2013-07-10 18:00 - 2007-06-24 00:59 - 00000000 ____D C:\WINDOWS\system32\XPSViewer

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2004-08-04 14:00] - [2008-04-14 04:22] - 1036800 ____N (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e 

C:\Windows\System32\winlogon.exe
[2004-08-04 14:00] - [2008-04-14 04:23] - 0513024 ____N (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a 

C:\Windows\System32\svchost.exe
[2004-08-04 14:00] - [2008-04-14 04:23] - 0014336 ____N (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366 

C:\Windows\System32\services.exe
[2008-06-11 18:50] - [2009-02-09 13:21] - 0111104 ____N (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc 

C:\Windows\System32\User32.dll
[2004-08-04 14:00] - [2008-04-14 04:22] - 0580096 ____N (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd 

C:\Windows\System32\userinit.exe
[2008-06-11 18:50] - [2008-04-14 04:23] - 0026624 ____C (Microsoft Corporation) 788f95312e26389d596c0fa55834e106 

C:\Windows\System32\Drivers\volsnap.sys
[2008-06-11 18:50] - [2008-04-14 03:52] - 0053760 ___AC (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d 


==================== End Of Log ============================

--- --- ---

schrauber · 09.08.2013, 09:59

Firefox deinstallieren
alle Ordner von Firefox die Du noch findest von Hand löschen
Firefox neu installieren
AV PRogramm und sämtliche Schutzsoftware deaktivieren
Firefox testen.

Tina666 · 10.08.2013, 20:15

FF habe ich schon 2 x deinstalliert. Wo könnten denn noch Ordner usw sein?

Soll ich dann FF ohne AV usw. laufen lassen?

schrauber · 11.08.2013, 08:06

Deinstallier ihn mal, wir suchen dann nach Resten:

Scan mit SystemLook

Lade SystemLook von jpshortstuff vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit)

Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:
Code:
ATTFilter
```
:filefind
*Firefox*
         
```
Klicke nun auf den Button Look, um den Scan zu starten.
Der Suchlauf kann einige Zeit dauern.
Wenn der Suchlauf beendet ist, wird sich Dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
Die Ergebnisse werden auf dem Desktop als SystemLook.txt gespeichert.

Tina666 · 03.09.2013, 14:47

Hallo,

tut mir leid, daß es so lange gedauert hat. Hier nun die Daten:

SystemLook 30.07.11 by jpshortstuff
Log created at 15:41 on 03/09/2013 by Hartmann
Administrator - Elevation successful

========== filefind ==========

Searching for "*Firefox*"
C:\Bereinigung\Malwarebytes' Anti-Malware\Chameleon\firefox.com --a---- 218184 bytes [20:29 08/02/2013] [12:50 04/04/2013] B4C6E3889BB310CA7E974A04EC6E46AC
C:\Bereinigung\Malwarebytes' Anti-Malware\Chameleon\firefox.exe --a---- 218184 bytes [20:29 08/02/2013] [12:50 04/04/2013] B4C6E3889BB310CA7E974A04EC6E46AC
C:\Bereinigung\Malwarebytes' Anti-Malware\Chameleon\firefox.pif --a---- 218184 bytes [20:29 08/02/2013] [12:50 04/04/2013] B4C6E3889BB310CA7E974A04EC6E46AC
C:\Bereinigung\Malwarebytes' Anti-Malware\Chameleon\firefox.scr --a---- 218184 bytes [20:29 08/02/2013] [12:50 04/04/2013] B4C6E3889BB310CA7E974A04EC6E46AC
C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox\Mozilla Firefox (Safe-Mode).lnk --a--c- 1811 bytes [11:35 30/05/2008] [15:31 27/07/2013] 9FDECA4033631B1262AF6625FFEADB0D
C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\api\firefox.js --a---- 258 bytes [23:45 28/08/2013] [10:32 25/08/2013] 47FD23641C43F9F6BB1489EE41839754
C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\api\firefoxNotifications.js --a---- 1021 bytes [23:45 28/08/2013] [10:32 25/08/2013] F9D207D2E93E1C403E6263A95391511F
C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\api\firefoxOmnibox.js --a---- 1382 bytes [23:45 28/08/2013] [10:32 25/08/2013] CCFF4BA405DF45B9480DE35A58162AE7
C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\foxmarks@kei.com\chrome\skin\modern\images\browser_firefox .png --a---- 938 bytes [20:48 21/05/2013] [16:01 17/11/2011] 72084C4143DEB5EE33EDFD00729E30DB
C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla\Firefox\Profiles\iucssmz3.default\extensions\plugin@getwebcake.com\content\firefoxOverlay.xul ------- 493 bytes [15:32 02/09/2013] [14:07 14/08/2013] 486933053583F9C23E005005DE751EB2
C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\Downloads\Firefox 3.6 WEB.DE Edition(2).exe --a--c- 21649416 bytes [14:28 11/02/2010] [14:31 11/02/2010] FB5BE3722F3F0234B7BFAD879100DF3A
C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\Downloads\Firefox 3.6 WEB.DE Edition.exe --a--c- 21729234 bytes [01:48 23/01/2010] [01:51 23/01/2010] 2B153302380330B6BFB4ED98E985DB5C
C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\Downloads\WEB.DE_Firefox_Setup.exe --a---- 16759288 bytes [12:16 14/06/2012] [12:16 14/06/2012] E49EF8E1B7F421324AC24C7259E76F6B
C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\Downloads\gambio\gambiogx\Gambio GX\Shopsystem\Dateien\admin\images\icons\icons_browser\firefox.jpg --a--c- 618 bytes [20:47 20/10/2009] [13:28 16/07/2009] 517EA9B53B729CC270DF06BF3EE03D9A
C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\Downloads\gambio\gambiogx\Gambio GX\Shopsystem\Dateien\images\icons\icons_browser\firefox.jpg --a--c- 618 bytes [20:47 20/10/2009] [13:28 16/07/2009] 517EA9B53B729CC270DF06BF3EE03D9A
C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\Downloads\gambiogx\Gambio GX\Shopsystem\Dateien\admin\images\icons\icons_browser\firefox.jpg --a--c- 618 bytes [21:02 20/10/2009] [13:28 16/07/2009] 517EA9B53B729CC270DF06BF3EE03D9A
C:\Dokumente und Einstellungen\Hartmann\Eigene Dateien\Downloads\gambiogx\Gambio GX\Shopsystem\Dateien\images\icons\icons_browser\firefox.jpg --a--c- 618 bytes [21:02 20/10/2009] [13:28 16/07/2009] 517EA9B53B729CC270DF06BF3EE03D9A
C:\Dokumente und Einstellungen\Hartmann\Favoriten\Mozilla Firefox\Firefox anpassen.URL --a---- 136 bytes [11:35 20/07/2009] [12:23 06/08/2013] 826A7D1B82BE477AD53BAAD3F027452E
C:\Gambia\gambiogx\Gambio GX\Shopsystem\Dateien\admin\images\icons\icons_browser\firefox.jpg --a--c- 618 bytes [13:28 16/07/2009] [20:53 20/10/2009] 517EA9B53B729CC270DF06BF3EE03D9A
C:\Gambia\gambiogx\Gambio GX\Shopsystem\Dateien\images\icons\icons_browser\firefox.jpg --a--c- 618 bytes [13:28 16/07/2009] [20:53 20/10/2009] 517EA9B53B729CC270DF06BF3EE03D9A
C:\Programme\Firefox Setup Stub 23.0.exe --a---- 282112 bytes [21:07 06/08/2013] [21:07 06/08/2013] 751993D728C24C13D97890E3FDFDDEF3
C:\Programme\WEB.DE_Firefox_Setup.exe --a---- 18380552 bytes [21:25 21/10/2012] [21:25 21/10/2012] F283FBD3C1FFCB8B42E09B1C6EDBF450
C:\Programme\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2\content\firefoxoverlay.xul --a---- 932 bytes [12:27 17/08/2013] [21:13 24/04/2011] F2063E1A2B8D0959E09775B6F336D668
C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2\content\firefoxOverlay.xul --a---- 1651 bytes [12:27 17/08/2013] [21:14 24/04/2011] 76C69FCADDCDDA0FD53F2E82D4C2D674
C:\Programme\Webocton - Scriptly\help\de\faq_browserpreview_firefox.html --a--c- 7932 bytes [11:38 18/05/2010] [20:40 29/12/2009] DEC8C300CE3B80797B27EC42187E52C4
C:\Programme\Webocton - Scriptly\help\en\faq_browserpreview_firefox.html --a--c- 7932 bytes [11:38 18/05/2010] [20:40 29/12/2009] DEC8C300CE3B80797B27EC42187E52C4
C:\WINDOWS\erdnt\cache\firefox.exe --a---- 920472 bytes [12:33 17/11/2012] [00:04 03/07/2013] C8D28F8B498CADBB9445AC4545BD41B7
C:\WINDOWS\Prefetch\FIREFOX.EXE-1D57670A.pf --a---- 66636 bytes [10:21 30/03/2012] [12:37 03/09/2013] FAD563E437351151BD7B44D016986D03

-= EOF =-

schrauber · 03.09.2013, 20:23

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox
C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla
C:\Programme\Firefox Setup Stub 23.0.exe
C:\Programme\Mozilla Firefox

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Firefox neu installieren, testen.

Tina666 · 03.09.2013, 21:39

Danke für Deine schnelle Antwort.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 01-08-2013
Ran by Hartmann at 2013-09-03 22:38:19 Run:1
Running from C:\Bereinigung
Boot Mode: Normal

==============================================

C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox => Moved successfully.
C:\Dokumente und Einstellungen\Hartmann\Anwendungsdaten\Mozilla => Moved successfully.
C:\Programme\Firefox Setup Stub 23.0.exe => Moved successfully.
C:\Programme\Mozilla Firefox => Moved successfully.

==== End of Fixlog ====

schrauber · 04.09.2013, 09:02

dann teste mal und berichte

Tina666 · 04.09.2013, 17:14

Soll ich FF wieder installieren?
IE läuft aber auch jeden TAg schlechter .....

06.08.2013, 19:57	#19
schrauber /// the machine /// TB-Ausbilder	wahrscheinlich wieder Viren und Co. Ja. aber Lesezeichen kannste vorher exportieren und sichern. Aber sonst nix. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

08.08.2013, 11:34	#21
schrauber /// the machine /// TB-Ausbilder	wahrscheinlich wieder Viren und Co. Sehr komisch. Und das pasiert nur bei Firefo, nicht bei anderen Browsern? Poste bitte ein frisches FRST log. __________________ --> wahrscheinlich wieder Viren und Co.

04.09.2013, 09:02	#29
schrauber /// the machine /// TB-Ausbilder	wahrscheinlich wieder Viren und Co. dann teste mal und berichte __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

wahrscheinlich wieder Viren und Co.

Plagegeister aller Art und deren Bekämpfung: wahrscheinlich wieder Viren und Co.