| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: redirect winflashplayer.com popupWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
27.12.2013, 21:19
| #1 |
 |  redirect winflashplayer.com popup Hallo, seit ca. 3 Tagen öffnen sich in Chrome ständig Fenster in denen ich Programme runterladen soll... meistens winflashplayer.com . Bis jetzt habe ich nur Malwarebytes anti malware runtergeladen da avira immer noch nichts findet.. der Suchlauf ist noch nicht durch hat aber bereits 7 infizierte Objekte gefunden. |
|
28.12.2013, 01:41
| #2 |
| /// the machine /// TB-Ausbilder    |  redirect winflashplayer.com popup hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
28.12.2013, 04:14
| #3 |
| | redirect winflashplayer.com popup mitlerweile bin ich mir sicher...
__________________ich habe jetzt die Logdatei von malwarebytes... Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.12.27.06 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16750 Petra Schäfer :: PETRA [Administrator] 27.12.2013 21:02:28 MBAM-log-2013-12-28 (04-10-46).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 437122 Laufzeit: 2 Stunde(n), 56 Minute(n), 13 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 20 HKCR\CLSID\{11111111-1111-1111-1111-110311121155} (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. HKCR\TypeLib\{44444444-4444-4444-4444-440344124455} (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. HKCR\Interface\{55555555-5555-5555-5555-550355125555} (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. HKCR\CrossriderApp0031255.BHO.1 (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311121155} (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311121155} (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. HKCR\CLSID\{4d5c5a63-c98f-4693-a3dc-5cf708212045} (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt. HKCR\TypeLib\{5682a6ff-9764-4969-bd6d-563bde14a53c} (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt. HKCR\Interface\{54ad8b5c-f5f3-4171-bd90-2c0ce8222bd0} (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D5C5A63-C98F-4693-A3DC-5CF708212045} (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D5C5A63-C98F-4693-A3DC-5CF708212045} (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D5C5A63-C98F-4693-A3DC-5CF708212045} (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\c974fc9c-b15a-417f-8a56-1c64d86b29b5 (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt. HKCR\CrossriderApp0031255.BHO (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. HKCR\CrossriderApp0031255.Sandbox (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. HKCR\CrossriderApp0031255.Sandbox.1 (PUP.Optional.CrossRider.A) -> Keine Aktion durchgeführt. HKCU\Software\InstalledBrowserExtensions\Plus HD (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Plus-HD-1.2 (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Google\Chrome\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-1.2 (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 2 C:\Program Files (x86)\Re-markit (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Plus-HD-1.2 (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. Infizierte Dateien: 40 C:\Program Files (x86)\Plus-HD-1.2\Plus-HD-1.2-bho.dll (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Plus-HD-1.2\Plus-HD-1.2-bg.exe (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Plus-HD-1.2\Plus-HD-1.2-bho64.dll (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Plus-HD-1.2\Plus-HD-1.2-buttonutil.exe (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Plus-HD-1.2\Plus-HD-1.2-buttonutil64.exe (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Plus-HD-1.2\Plus-HD-1.2-chromeinstaller.exe (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Plus-HD-1.2\Plus-HD-1.2-codedownloader.exe (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Plus-HD-1.2\Plus-HD-1.2-enabler.exe (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Plus-HD-1.2\Plus-HD-1.2-firefoxinstaller.exe (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Plus-HD-1.2\Plus-HD-1.2-updater.exe (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Plus-HD-1.2\utils.exe (PUP.Optional.PlusHD.A.A) -> Keine Aktion durchgeführt. C:\Users\Petra Schäfer\AppData\Local\Temp\nrrrddagftwsk\parent.txt (PUP.Optional.Domalq) -> Keine Aktion durchgeführt. C:\Users\Petra Schäfer\Downloads\FreeZipOpener_Install.exe (PUP.Optional.Spigot.A) -> Keine Aktion durchgeführt. C:\Users\Petra Schäfer\Downloads\soundtap.exe (PUP.Optional.Domalq) -> Keine Aktion durchgeführt. C:\Users\Petra Schäfer\Downloads\zip.exe (PUP.Optional.Spigot.A) -> Keine Aktion durchgeführt. C:\Users\Petra Schäfer\Local Settings\Temp\FreeZipOpener\PIPAskToolbar\Offercast2802_ADAP_.exe (PUP.Optional.Spigot.A) -> Keine Aktion durchgeführt. C:\Users\Petra Schäfer\Local Settings\Temp\FreeZipViewer\PIPAskToolbar\Offercast2802_ADAP_.exe (PUP.Optional.Spigot.A) -> Keine Aktion durchgeführt. C:\Windows\Tasks\Plus-HD-1.2-chromeinstaller.job (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. C:\Windows\Tasks\Plus-HD-1.2-codedownloader.job (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. C:\Windows\Tasks\Plus-HD-1.2-enabler.job (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. C:\Windows\Tasks\Plus-HD-1.2-firefoxinstaller.job (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. C:\Windows\Tasks\Plus-HD-1.2-updater.job (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Re-markit\150.crx (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Re-markit\01.db (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Re-markit\150.dat (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Re-markit\150.dll (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Re-markit\150.xpi (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Re-markit\ReMarkit_up.exe (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Re-markit\Sqlite3.dll (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Re-markit\Uninstall.exe (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt. C:\Windows\Tasks\Re-markit Update.job (PUP.Optional.ReMarkIt.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Plus-HD-1.2\31255.crx (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Plus-HD-1.2\31255.xpi (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Plus-HD-1.2\background.html (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Plus-HD-1.2\Installer.log (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Plus-HD-1.2\Plus-HD-1.2-buttonutil.dll (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Plus-HD-1.2\Plus-HD-1.2-buttonutil64.dll (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Plus-HD-1.2\Plus-HD-1.2-helper.exe (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Plus-HD-1.2\Plus-HD-1.2.ico (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Plus-HD-1.2\Uninstall.exe (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. (Ende) Geändert von nougatcrunch (28.12.2013 um 04:50 Uhr) |
|
28.12.2013, 18:15
| #4 |
| /// the machine /// TB-Ausbilder | redirect winflashplayer.com popup Klar sonst hätte ich es nit gepostet 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
28.12.2013, 18:27
| #5 |
| | redirect winflashplayer.com popup Ich kann dieses Programm nicht öffnen, bekomme die Meldung das es Schaden anrichten kann und es von der Computerschutzsoftware verhindert wird. Reicht das von Malwarebytes nicht aus? |
|
29.12.2013, 12:32
| #6 |
| /// the machine /// TB-Ausbilder | redirect winflashplayer.com popup Nö. Klick auf mehr Informationen, dann auch trotzdem ausführen.
__________________ --> redirect winflashplayer.com popup |
|
29.12.2013, 20:16
| #7 |
| | redirect winflashplayer.com popupFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2013 01
Ran by Petra Schäfer (administrator) on PETRA on 29-12-2013 20:10:52
Running from C:\Users\Petra Schäfer\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-05-22] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mcui_exe] - "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642816 2013-06-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1778640 2013-12-20] (APN)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer\Run: [BtvStack] - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-04-15] ( (Atheros Communications))
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKLM - DefaultScope {ABDBE777-2F20-4517-B2CF-0DF53328F40E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM - {ABDBE777-2F20-4517-B2CF-0DF53328F40E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - DefaultScope {ABDBE777-2F20-4517-B2CF-0DF53328F40E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 - {ABDBE777-2F20-4517-B2CF-0DF53328F40E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKCU - {ABDBE777-2F20-4517-B2CF-0DF53328F40E} URL =
BHO: Plus-HD-1.2 - {11111111-1111-1111-1111-110311121155} - C:\Program Files (x86)\Plus-HD-1.2\Plus-HD-1.2-bho64.dll (Plus HD)
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Plus-HD-1.2 - {11111111-1111-1111-1111-110311121155} - C:\Program Files (x86)\Plus-HD-1.2\Plus-HD-1.2-bho.dll (Plus HD)
BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Re-markit - {4d5c5a63-c98f-4693-a3dc-5cf708212045} - C:\Program Files (x86)\Re-markit\150.dll ()
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1011768 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-12-20] (APN LLC.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [228480 2013-04-15] (Qualcomm Atheros Commnucations)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-27] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [470056 2013-05-01] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [240736 2013-10-07] (WildTangent)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-04-26] (Acer Incorporate)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [121616 2013-11-07] (McAfee, Inc.)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation)
R3 AthrSdSrv; C:\Windows\system32\DRIVERS\athrsd.sys [48760 2012-12-01] (Qualcomm Atheros, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98744 2013-04-23] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-10-10] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [84720 2013-12-18] (Avira Operations GmbH & Co. KG)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-15] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-12-28] (Microsoft Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-12-28] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-29 20:10 - 2013-12-29 20:11 - 00012370 _____ C:\Users\Petra Schäfer\Downloads\FRST.txt
2013-12-29 20:10 - 2013-12-29 20:10 - 00000000 ____D C:\FRST
2013-12-28 23:20 - 2013-12-28 23:20 - 00000000 ____D C:\Users\Petra Schäfer\Documents\Bluetooth Folder
2013-12-28 23:20 - 2013-12-28 23:20 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Local\BMExplorer
2013-12-28 23:17 - 2013-12-28 23:17 - 00001458 _____ C:\Users\Petra Schäfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-28 23:16 - 2013-12-28 23:16 - 00000020 ___SH C:\Users\Petra Schäfer\ntuser.ini
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-12-28 23:07 - 2013-12-29 02:29 - 00116767 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-28 23:06 - 2013-12-28 23:06 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2013-12-28 22:50 - 2013-12-28 22:50 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-12-28 22:50 - 2013-12-28 22:50 - 00000000 ____D C:\Users\Default\AppData\Local\Pokki
2013-12-28 22:50 - 2013-12-28 22:50 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-12-28 22:50 - 2013-12-28 22:50 - 00000000 ____D C:\Users\Default User\AppData\Local\Pokki
2013-12-28 22:45 - 2013-12-28 22:45 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2013-12-28 22:43 - 2013-12-28 23:16 - 00000000 ____D C:\Users\Petra Schäfer
2013-12-28 22:43 - 2013-12-28 23:07 - 00022863 _____ C:\WINDOWS\diagwrn.xml
2013-12-28 22:43 - 2013-12-28 23:07 - 00022863 _____ C:\WINDOWS\diagerr.xml
2013-12-28 22:43 - 2013-12-28 22:44 - 00000000 ___RD C:\Users\Petra Schäfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Vorlagen
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Startmenü
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Netzwerkumgebung
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Lokale Einstellungen
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Eigene Dateien
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Druckumgebung
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Documents\Eigene Musik
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Documents\Eigene Bilder
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\AppData\Local\Verlauf
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\AppData\Local\Anwendungsdaten
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Anwendungsdaten
2013-12-28 22:43 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Petra Schäfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-12-28 22:43 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Petra Schäfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-12-28 22:43 - 2013-08-22 16:36 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-12-28 22:35 - 2013-12-28 22:35 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2013-12-28 22:35 - 2013-12-28 22:35 - 00000000 ____D C:\Program Files\Realtek
2013-12-28 22:34 - 2013-12-28 22:34 - 00000000 ____D C:\Program Files\Elantech
2013-12-28 22:34 - 2013-12-28 22:34 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2013-12-28 22:34 - 2013-12-28 22:34 - 00000000 ____D C:\Program Files\AMD
2013-12-28 22:34 - 2013-12-28 22:34 - 00000000 ____D C:\AMD
2013-12-28 22:34 - 2013-12-28 22:34 - 00000000 _____ C:\WINDOWS\system32\spu_storage.bin
2013-12-28 22:34 - 2013-12-28 22:34 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2013-12-28 22:31 - 2013-12-28 23:18 - 00000000 ___DC C:\WINDOWS\Panther
2013-12-28 22:31 - 2013-12-28 22:31 - 00000000 __SHD C:\Recovery
2013-12-28 22:30 - 2013-12-28 22:30 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2013-12-28 22:30 - 2013-12-28 22:30 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2013-12-28 22:30 - 2013-12-28 22:30 - 00000000 ____D C:\Windows.old
2013-12-28 22:29 - 2013-12-28 22:29 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2013-12-28 22:29 - 2013-12-28 22:29 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2013-12-28 22:29 - 2013-12-28 22:29 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2013-12-28 22:29 - 2013-12-28 22:29 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2013-12-28 22:29 - 2013-12-28 22:29 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2013-12-28 22:29 - 2013-12-28 22:29 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2013-12-28 22:29 - 2013-12-28 22:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-12-28 22:28 - 2013-12-28 22:28 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-12-28 22:28 - 2013-12-28 22:28 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-12-28 22:27 - 2013-12-28 22:27 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2013-12-28 22:27 - 2013-12-28 22:27 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-12-28 22:27 - 2013-12-28 22:27 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2013-12-28 22:27 - 2013-12-28 22:27 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-12-28 22:27 - 2013-12-28 22:27 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-12-28 22:27 - 2013-12-28 22:27 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-12-28 22:27 - 2013-12-28 22:27 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2013-12-28 22:27 - 2013-12-28 22:27 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2013-12-28 22:27 - 2013-12-28 22:27 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2013-12-28 22:27 - 2013-12-28 22:27 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2013-12-28 22:25 - 2013-12-28 22:25 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2013-12-28 22:22 - 2013-12-28 22:22 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2013-12-28 22:22 - 2013-12-28 22:22 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-12-28 22:22 - 2013-12-28 22:22 - 00000000 ____D C:\Program Files\MSBuild
2013-12-28 22:22 - 2013-12-28 22:22 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-12-28 22:22 - 2013-12-28 22:22 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-12-28 22:21 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2013-12-28 22:21 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2013-12-28 22:21 - 2013-08-03 05:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2013-12-28 22:21 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2013-12-28 22:21 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-12-28 22:21 - 2013-08-03 05:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2013-12-28 21:52 - 2013-12-28 23:07 - 00006609 _____ C:\WINDOWS\comsetup.log
2013-12-28 18:25 - 2013-12-28 18:26 - 01931176 _____ (Farbar) C:\Users\Petra Schäfer\Downloads\FRST64.exe
2013-12-28 18:23 - 2013-12-28 18:23 - 00000793 _____ C:\Users\Public\Desktop\iMesh-Installation fortsetzen.lnk
2013-12-28 18:23 - 2013-12-28 18:23 - 00000000 ____D C:\Program Files (x86)\iMesh Applications
2013-12-27 21:00 - 2013-12-27 21:00 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Roaming\Malwarebytes
2013-12-27 20:58 - 2013-12-27 20:58 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-27 20:58 - 2013-12-27 20:58 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-27 20:58 - 2013-12-27 20:58 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-27 20:58 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-12-27 20:48 - 2013-12-27 20:50 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Petra Schäfer\Desktop\mbam-setup-1.75.0.1300.exe
2013-12-23 18:27 - 2013-12-23 18:27 - 00000000 ____D C:\ProgramData\NCH Software
2013-12-23 18:24 - 2013-12-29 20:08 - 00001356 _____ C:\WINDOWS\Tasks\Plus-HD-1.2-updater.job
2013-12-23 18:24 - 2013-12-29 20:08 - 00001258 _____ C:\WINDOWS\Tasks\Plus-HD-1.2-codedownloader.job
2013-12-23 18:24 - 2013-12-29 20:08 - 00001158 _____ C:\WINDOWS\Tasks\Plus-HD-1.2-enabler.job
2013-12-23 18:24 - 2013-12-23 18:27 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-12-23 18:24 - 2013-12-23 18:24 - 00004360 _____ C:\WINDOWS\System32\Tasks\Plus-HD-1.2-updater
2013-12-23 18:24 - 2013-12-23 18:24 - 00004262 _____ C:\WINDOWS\System32\Tasks\Plus-HD-1.2-codedownloader
2013-12-23 18:24 - 2013-12-23 18:24 - 00004162 _____ C:\WINDOWS\System32\Tasks\Plus-HD-1.2-enabler
2013-12-23 18:23 - 2013-12-29 20:08 - 00002132 _____ C:\WINDOWS\Tasks\Plus-HD-1.2-firefoxinstaller.job
2013-12-23 18:23 - 2013-12-29 20:08 - 00002004 _____ C:\WINDOWS\Tasks\Plus-HD-1.2-chromeinstaller.job
2013-12-23 18:23 - 2013-12-27 20:57 - 00000905 _____ C:\Users\Petra Schäfer\AppData\Roaming\trace_FilterInstaller.txt
2013-12-23 18:23 - 2013-12-27 20:57 - 00000000 ____D C:\Program Files (x86)\NCH Software
2013-12-23 18:23 - 2013-12-27 20:57 - 00000000 _____ C:\Users\Petra Schäfer\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2013-12-23 18:23 - 2013-12-23 18:27 - 00000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2013-12-23 18:23 - 2013-12-23 18:24 - 00000000 ____D C:\Program Files (x86)\Plus-HD-1.2
2013-12-23 18:23 - 2013-12-23 18:23 - 00001167 _____ C:\Users\Petra Schäfer\AppData\Roaming\trace_FilterInstaller.1.txt
2013-12-23 18:23 - 2013-12-23 18:23 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Roaming\NCH Software
2013-12-23 18:22 - 2013-12-29 20:09 - 00000412 _____ C:\WINDOWS\Tasks\Re-markit Update.job
2013-12-23 18:22 - 2013-12-23 18:22 - 00003068 _____ C:\WINDOWS\System32\Tasks\Re-markit Update
2013-12-23 18:22 - 2013-12-23 18:22 - 00000000 ____D C:\Program Files (x86)\Re-markit
2013-12-23 18:21 - 2013-12-23 18:21 - 00471560 _____ C:\Users\Petra Schäfer\Downloads\soundtap.exe
2013-12-23 18:19 - 2013-12-23 18:19 - 00090283 _____ C:\Users\Petra Schäfer\Desktop\Unbenannt.wma
2013-12-22 18:08 - 2013-12-27 20:58 - 00024064 ___SH C:\Users\Petra Schäfer\Desktop\Thumbs.db
2013-12-21 12:38 - 2013-12-21 12:38 - 00000000 ____D C:\Users\Petra Schäfer\Desktop\DCIM
2013-12-15 22:35 - 2013-12-23 18:42 - 00001456 _____ C:\Users\Petra Schäfer\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-12-15 21:57 - 2013-12-22 18:29 - 00000000 ____D C:\Users\Petra Schäfer\Desktop\100EOS5D
2013-12-13 10:24 - 2013-12-13 10:24 - 00230912 _____ C:\WINDOWS\system32\clinfo.exe
2013-12-13 10:24 - 2013-12-13 10:24 - 00129536 _____ (AMD) C:\WINDOWS\system32\coinst_13.251.dll
2013-12-13 10:24 - 2013-12-13 10:24 - 00099840 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OpenVideo64.dll
2013-12-13 10:24 - 2013-12-13 10:24 - 00086528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OVDecode64.dll
2013-12-13 10:24 - 2013-12-13 10:24 - 00083968 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OpenVideo.dll
2013-12-13 10:24 - 2013-12-13 10:24 - 00073728 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OVDecode.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 29382144 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 26352128 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 24860160 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 22157824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 15716352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 13207552 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2013-12-13 10:23 - 2013-12-13 10:23 - 09753752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 08927704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 08406024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 08287008 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 07751920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 06630232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 03461040 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2013-12-13 10:23 - 2013-12-13 10:23 - 03426688 _____ C:\WINDOWS\system32\atiumd6a.cap
2013-12-13 10:23 - 2013-12-13 10:23 - 01318552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 01187342 _____ C:\WINDOWS\system32\amdocl_as64.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 01144320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 01100216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 01061902 _____ C:\WINDOWS\system32\amdocl_ld64.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00995342 _____ C:\WINDOWS\SysWOW64\amdocl_as32.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00825344 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00798734 _____ C:\WINDOWS\SysWOW64\amdocl_ld32.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00721296 _____ C:\WINDOWS\system32\atiicdxx.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00626176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2013-12-13 10:23 - 2013-12-13 10:23 - 00588288 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00550456 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2013-12-13 10:23 - 2013-12-13 10:23 - 00550456 _____ C:\WINDOWS\system32\atiapfxx.blb
2013-12-13 10:23 - 2013-12-13 10:23 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00412672 _____ C:\WINDOWS\system32\amdmiracast.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00332800 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00239616 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00234036 _____ C:\WINDOWS\system32\ativvaxy_cik.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00233776 _____ C:\WINDOWS\system32\ativvaxy_cik_nd.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00204952 _____ C:\WINDOWS\SysWOW64\ativvsvl.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00204952 _____ C:\WINDOWS\system32\ativvsvl.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00157736 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00157144 _____ C:\WINDOWS\SysWOW64\ativvsva.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00157144 _____ C:\WINDOWS\system32\ativvsva.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00143304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00142304 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00134656 _____ C:\WINDOWS\system32\amdhdl64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00126336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00123392 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00118784 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atibtmon.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00115512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00098496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00096256 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00083552 _____ C:\WINDOWS\system32\ativce02.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00074752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00063488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00057344 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00051200 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00047887 _____ C:\WINDOWS\atiogl.xml
2013-12-13 10:23 - 2013-12-13 10:23 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00031232 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00003917 _____ C:\WINDOWS\SysWOW64\atipblag.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00003917 _____ C:\WINDOWS\system32\atipblag.dat
2013-12-05 19:56 - 2013-12-05 19:56 - 00000000 ____D C:\Users\Petra Schäfer\Desktop\bearbeitet
2013-12-05 19:04 - 2013-12-05 19:04 - 00000000 ___SD C:\Users\Petra Schäfer\Documents\Meine Websites
2013-12-05 19:00 - 2013-12-05 19:03 - 00000000 ____D C:\Users\Petra Schäfer\Desktop\Deutsch
2013-12-05 18:59 - 2013-12-05 19:04 - 00000000 ____D C:\Users\Petra Schäfer\Desktop\Kunstgeschichte
2013-12-05 18:59 - 2013-12-05 18:59 - 00000000 ____D C:\Users\Petra Schäfer\Desktop\Homepage
2013-12-05 17:59 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2013-12-05 17:58 - 2013-12-05 17:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-12-05 17:56 - 2013-12-05 17:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Expression
2013-12-05 17:36 - 2013-12-05 17:43 - 110669400 _____ (Microsoft Corporation) C:\Users\Petra Schäfer\Downloads\Web_Trial_de.exe
2013-12-02 17:47 - 2013-12-02 22:32 - 382338678 _____ C:\WINDOWS\MEMORY.DMP
2013-11-30 13:01 - 2013-11-30 13:01 - 00003512 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-Petra-Petra Schäfer
2013-11-30 12:27 - 2013-12-28 17:18 - 00000000 ____D C:\Program Files (x86)\Google
2013-11-30 12:27 - 2013-11-30 12:30 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Local\Google
2013-11-30 12:26 - 2013-11-30 12:26 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Local\Apps\2.0
2013-11-30 12:25 - 2013-11-30 12:25 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Local\Phase_One
2013-11-30 12:09 - 2013-11-30 12:09 - 00014848 ___SH C:\Users\Petra Schäfer\Downloads\Thumbs.db
2013-11-30 11:38 - 2013-11-30 11:38 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-11-30 11:37 - 2013-11-30 17:01 - 00000000 ____D C:\Users\Petra Schäfer\Desktop\Bauhaus
2013-11-30 00:15 - 2013-11-30 00:15 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Roaming\PDAppFlex
2013-11-30 00:10 - 2013-11-30 00:10 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Roaming\com.adobe.formscentral.FormsCentralForAcrobat
2013-11-29 14:09 - 2013-11-29 14:09 - 00000000 ____D C:\ProgramData\ALM
2013-11-29 14:06 - 2013-11-29 14:12 - 00000000 ____D C:\Program Files\Adobe
2013-11-29 13:58 - 2013-11-29 14:12 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-11-29 13:57 - 2013-11-29 13:57 - 00001526 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk
2013-11-29 12:57 - 2013-12-28 22:44 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bandizip
2013-11-29 12:57 - 2013-11-29 12:57 - 04320064 _____ C:\Users\Petra Schäfer\Downloads\bandizip-setup-gl.exe
2013-11-29 12:57 - 2013-11-29 12:57 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Local\Bandizip
2013-11-29 12:50 - 2013-11-29 23:47 - 00000000 ____D C:\Program Files (x86)\Free Zip Opener
2013-11-29 12:49 - 2013-11-29 12:49 - 02057080 _____ C:\Users\Petra Schäfer\Downloads\FreeZipOpener_Install.exe
2013-11-29 12:30 - 2013-12-28 22:52 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2013-11-29 12:06 - 2013-11-29 13:47 - 00000000 ____D C:\Users\Petra Schäfer\Desktop\photoshop
2013-11-29 11:55 - 2013-11-29 11:55 - 02186312 _____ C:\Users\Petra Schäfer\Downloads\zip.exe
==================== One Month Modified Files and Folders =======
2013-12-29 20:11 - 2013-12-29 20:10 - 00012370 _____ C:\Users\Petra Schäfer\Downloads\FRST.txt
2013-12-29 20:10 - 2013-12-29 20:10 - 00000000 ____D C:\FRST
2013-12-29 20:09 - 2013-12-23 18:22 - 00000412 _____ C:\WINDOWS\Tasks\Re-markit Update.job
2013-12-29 20:08 - 2013-12-23 18:24 - 00001356 _____ C:\WINDOWS\Tasks\Plus-HD-1.2-updater.job
2013-12-29 20:08 - 2013-12-23 18:24 - 00001258 _____ C:\WINDOWS\Tasks\Plus-HD-1.2-codedownloader.job
2013-12-29 20:08 - 2013-12-23 18:24 - 00001158 _____ C:\WINDOWS\Tasks\Plus-HD-1.2-enabler.job
2013-12-29 20:08 - 2013-12-23 18:23 - 00002132 _____ C:\WINDOWS\Tasks\Plus-HD-1.2-firefoxinstaller.job
2013-12-29 20:08 - 2013-12-23 18:23 - 00002004 _____ C:\WINDOWS\Tasks\Plus-HD-1.2-chromeinstaller.job
2013-12-29 20:08 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2013-12-29 14:59 - 2013-11-14 08:27 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-29 14:59 - 2013-11-14 08:11 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2013-12-29 14:59 - 2013-11-14 08:11 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2013-12-29 14:56 - 2013-08-22 15:46 - 00286606 _____ C:\WINDOWS\setupact.log
2013-12-29 02:33 - 2013-11-08 21:53 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4011578934-1874783229-1643335886-1001
2013-12-29 02:29 - 2013-12-28 23:07 - 00116767 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-29 02:00 - 2013-11-26 22:42 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Local\Adobe
2013-12-28 23:32 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2013-12-28 23:21 - 2013-11-14 09:24 - 00000000 ___HD C:\$Windows.~BT
2013-12-28 23:21 - 2013-11-05 02:39 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Local\Packages
2013-12-28 23:20 - 2013-12-28 23:20 - 00000000 ____D C:\Users\Petra Schäfer\Documents\Bluetooth Folder
2013-12-28 23:20 - 2013-12-28 23:20 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Local\BMExplorer
2013-12-28 23:20 - 2013-10-09 07:08 - 00000000 ____D C:\ProgramData\Atheros
2013-12-28 23:19 - 2013-11-05 02:41 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2013-12-28 23:18 - 2013-12-28 22:31 - 00000000 ___DC C:\WINDOWS\Panther
2013-12-28 23:18 - 2013-11-05 02:41 - 00000000 ___RD C:\Users\Petra Schäfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-28 23:18 - 2013-11-05 02:41 - 00000000 ___RD C:\Users\Petra Schäfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-28 23:17 - 2013-12-28 23:17 - 00001458 _____ C:\Users\Petra Schäfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-28 23:16 - 2013-12-28 23:16 - 00000020 ___SH C:\Users\Petra Schäfer\ntuser.ini
2013-12-28 23:16 - 2013-12-28 22:43 - 00000000 ____D C:\Users\Petra Schäfer
2013-12-28 23:09 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-12-28 23:08 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows NT
2013-12-28 23:08 - 2013-08-22 14:36 - 00000000 __RHD C:\Users\Default
2013-12-28 23:07 - 2013-12-28 22:43 - 00022863 _____ C:\WINDOWS\diagwrn.xml
2013-12-28 23:07 - 2013-12-28 22:43 - 00022863 _____ C:\WINDOWS\diagerr.xml
2013-12-28 23:07 - 2013-12-28 21:52 - 00006609 _____ C:\WINDOWS\comsetup.log
2013-12-28 23:07 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Registration
2013-12-28 23:06 - 2013-12-28 23:06 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2013-12-28 23:06 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-28 23:00 - 2013-08-22 16:36 - 00000000 __RSD C:\WINDOWS\Media
2013-12-28 22:59 - 2013-08-22 16:36 - 00000000 __RHD C:\Users\Public\Libraries
2013-12-28 22:53 - 2013-08-22 15:44 - 04957184 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-28 22:52 - 2013-11-29 12:30 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2013-12-28 22:52 - 2013-10-09 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\QCA_CR
2013-12-28 22:52 - 2013-10-09 06:54 - 00000000 ____D C:\WINDOWS\SysWOW64\Atheros_L1e
2013-12-28 22:52 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Help
2013-12-28 22:52 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2013-12-28 22:52 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2013-12-28 22:52 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2013-12-28 22:50 - 2013-12-28 22:50 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-12-28 22:50 - 2013-12-28 22:50 - 00000000 ____D C:\Users\Default\AppData\Local\Pokki
2013-12-28 22:50 - 2013-12-28 22:50 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-12-28 22:50 - 2013-12-28 22:50 - 00000000 ____D C:\Users\Default User\AppData\Local\Pokki
2013-12-28 22:50 - 2013-08-22 16:37 - 00004893 _____ C:\WINDOWS\DtcInstall.log
2013-12-28 22:50 - 2012-07-26 06:37 - 00000000 ____D C:\Users\Default.migrated
2013-12-28 22:49 - 2013-11-14 08:11 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2013-12-28 22:49 - 2013-11-14 08:11 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2013-12-28 22:49 - 2013-11-14 08:11 - 00000000 ____D C:\WINDOWS\system32\WCN
2013-12-28 22:49 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2013-12-28 22:49 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2013-12-28 22:49 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2013-12-28 22:49 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\spool
2013-12-28 22:49 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\IME
2013-12-28 22:49 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2013-12-28 22:49 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2013-12-28 22:48 - 2013-08-22 16:43 - 00000000 ____D C:\WINDOWS\DigitalLocker
2013-12-28 22:48 - 2013-08-22 16:36 - 00000000 __SHD C:\Program Files\Windows Sidebar
2013-12-28 22:48 - 2013-08-22 16:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2013-12-28 22:48 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\IME
2013-12-28 22:48 - 2013-05-27 13:37 - 00000000 ____D C:\ProgramData\PRICache
2013-12-28 22:47 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-12-28 22:45 - 2013-12-28 22:45 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2013-12-28 22:45 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\Recovery
2013-12-28 22:44 - 2013-12-28 22:43 - 00000000 ___RD C:\Users\Petra Schäfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-12-28 22:44 - 2013-11-29 12:57 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bandizip
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Vorlagen
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Startmenü
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Netzwerkumgebung
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Lokale Einstellungen
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Eigene Dateien
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Druckumgebung
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Documents\Eigene Musik
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Documents\Eigene Bilder
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\AppData\Local\Verlauf
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\AppData\Local\Anwendungsdaten
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Anwendungsdaten
2013-12-28 22:35 - 2013-12-28 22:35 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2013-12-28 22:35 - 2013-12-28 22:35 - 00000000 ____D C:\Program Files\Realtek
2013-12-28 22:35 - 2013-08-22 15:46 - 00000084 _____ C:\WINDOWS\setuperr.log
2013-12-28 22:34 - 2013-12-28 22:34 - 00000000 ____D C:\Program Files\Elantech
2013-12-28 22:34 - 2013-12-28 22:34 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2013-12-28 22:34 - 2013-12-28 22:34 - 00000000 ____D C:\Program Files\AMD
2013-12-28 22:34 - 2013-12-28 22:34 - 00000000 ____D C:\AMD
2013-12-28 22:34 - 2013-12-28 22:34 - 00000000 _____ C:\WINDOWS\system32\spu_storage.bin
2013-12-28 22:34 - 2013-12-28 22:34 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2013-12-28 22:32 - 2013-11-13 23:18 - 00000812 _____ C:\WINDOWS\PFRO.log
2013-12-28 22:31 - 2013-12-28 22:31 - 00000000 __SHD C:\Recovery
2013-12-28 22:30 - 2013-12-28 22:30 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2013-12-28 22:30 - 2013-12-28 22:30 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2013-12-28 22:30 - 2013-12-28 22:30 - 00000000 ____D C:\Windows.old
2013-12-28 22:30 - 2013-08-22 16:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2013-12-28 22:29 - 2013-12-28 22:29 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2013-12-28 22:29 - 2013-12-28 22:29 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2013-12-28 22:29 - 2013-12-28 22:29 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2013-12-28 22:29 - 2013-12-28 22:29 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2013-12-28 22:29 - 2013-12-28 22:29 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2013-12-28 22:29 - 2013-12-28 22:29 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2013-12-28 22:29 - 2013-12-28 22:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-12-28 22:28 - 2013-12-28 22:28 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-12-28 22:28 - 2013-12-28 22:28 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-12-28 22:27 - 2013-12-28 22:27 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2013-12-28 22:27 - 2013-12-28 22:27 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-12-28 22:27 - 2013-12-28 22:27 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2013-12-28 22:27 - 2013-12-28 22:27 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-12-28 22:27 - 2013-12-28 22:27 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-12-28 22:27 - 2013-12-28 22:27 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-12-28 22:27 - 2013-12-28 22:27 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2013-12-28 22:27 - 2013-12-28 22:27 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2013-12-28 22:27 - 2013-12-28 22:27 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2013-12-28 22:27 - 2013-12-28 22:27 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2013-12-28 22:27 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2013-12-28 22:27 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore
2013-12-28 22:27 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2013-12-28 22:27 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\FileManager
2013-12-28 22:27 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Camera
2013-12-28 22:25 - 2013-12-28 22:25 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2013-12-28 22:22 - 2013-12-28 22:22 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2013-12-28 22:22 - 2013-12-28 22:22 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-12-28 22:22 - 2013-12-28 22:22 - 00000000 ____D C:\Program Files\MSBuild
2013-12-28 22:22 - 2013-12-28 22:22 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-12-28 22:22 - 2013-12-28 22:22 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-12-28 22:22 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2013-12-28 22:22 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\MUI
2013-12-28 22:13 - 2013-10-09 06:08 - 02074707 _____ C:\WINDOWS\WindowsUpdate (1).log
2013-12-28 20:59 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-12-28 18:26 - 2013-12-28 18:25 - 01931176 _____ (Farbar) C:\Users\Petra Schäfer\Downloads\FRST64.exe
2013-12-28 18:23 - 2013-12-28 18:23 - 00000793 _____ C:\Users\Public\Desktop\iMesh-Installation fortsetzen.lnk
2013-12-28 18:23 - 2013-12-28 18:23 - 00000000 ____D C:\Program Files (x86)\iMesh Applications
2013-12-28 17:18 - 2013-11-30 12:27 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-28 17:17 - 2013-11-05 02:39 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Local\Pokki
2013-12-27 21:00 - 2013-12-27 21:00 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Roaming\Malwarebytes
2013-12-27 20:58 - 2013-12-27 20:58 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-27 20:58 - 2013-12-27 20:58 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-27 20:58 - 2013-12-27 20:58 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-27 20:58 - 2013-12-22 18:08 - 00024064 ___SH C:\Users\Petra Schäfer\Desktop\Thumbs.db
2013-12-27 20:57 - 2013-12-23 18:23 - 00000905 _____ C:\Users\Petra Schäfer\AppData\Roaming\trace_FilterInstaller.txt
2013-12-27 20:57 - 2013-12-23 18:23 - 00000000 ____D C:\Program Files (x86)\NCH Software
2013-12-27 20:57 - 2013-12-23 18:23 - 00000000 _____ C:\Users\Petra Schäfer\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2013-12-27 20:50 - 2013-12-27 20:48 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Petra Schäfer\Desktop\mbam-setup-1.75.0.1300.exe
2013-12-23 18:42 - 2013-12-15 22:35 - 00001456 _____ C:\Users\Petra Schäfer\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-12-23 18:27 - 2013-12-23 18:27 - 00000000 ____D C:\ProgramData\NCH Software
2013-12-23 18:27 - 2013-12-23 18:24 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-12-23 18:27 - 2013-12-23 18:23 - 00000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2013-12-23 18:24 - 2013-12-23 18:24 - 00004360 _____ C:\WINDOWS\System32\Tasks\Plus-HD-1.2-updater
2013-12-23 18:24 - 2013-12-23 18:24 - 00004262 _____ C:\WINDOWS\System32\Tasks\Plus-HD-1.2-codedownloader
2013-12-23 18:24 - 2013-12-23 18:24 - 00004162 _____ C:\WINDOWS\System32\Tasks\Plus-HD-1.2-enabler
2013-12-23 18:24 - 2013-12-23 18:23 - 00000000 ____D C:\Program Files (x86)\Plus-HD-1.2
2013-12-23 18:23 - 2013-12-23 18:23 - 00001167 _____ C:\Users\Petra Schäfer\AppData\Roaming\trace_FilterInstaller.1.txt
2013-12-23 18:23 - 2013-12-23 18:23 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Roaming\NCH Software
2013-12-23 18:22 - 2013-12-23 18:22 - 00003068 _____ C:\WINDOWS\System32\Tasks\Re-markit Update
2013-12-23 18:22 - 2013-12-23 18:22 - 00000000 ____D C:\Program Files (x86)\Re-markit
2013-12-23 18:21 - 2013-12-23 18:21 - 00471560 _____ C:\Users\Petra Schäfer\Downloads\soundtap.exe
2013-12-23 18:19 - 2013-12-23 18:19 - 00090283 _____ C:\Users\Petra Schäfer\Desktop\Unbenannt.wma
2013-12-22 18:29 - 2013-12-15 21:57 - 00000000 ____D C:\Users\Petra Schäfer\Desktop\100EOS5D
2013-12-21 12:38 - 2013-12-21 12:38 - 00000000 ____D C:\Users\Petra Schäfer\Desktop\DCIM
2013-12-20 22:57 - 2013-11-08 21:51 - 00002105 _____ C:\Users\Petra Schäfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2013-12-18 22:09 - 2013-11-08 21:53 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2013-12-18 22:09 - 2013-11-08 21:53 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2013-12-18 22:09 - 2013-11-08 21:53 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2013-12-18 22:01 - 2013-05-27 13:55 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-12-15 17:26 - 2013-11-13 07:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-15 17:24 - 2013-11-13 07:30 - 90708896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-13 10:24 - 2013-12-13 10:24 - 00230912 _____ C:\WINDOWS\system32\clinfo.exe
2013-12-13 10:24 - 2013-12-13 10:24 - 00129536 _____ (AMD) C:\WINDOWS\system32\coinst_13.251.dll
2013-12-13 10:24 - 2013-12-13 10:24 - 00099840 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OpenVideo64.dll
2013-12-13 10:24 - 2013-12-13 10:24 - 00086528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OVDecode64.dll
2013-12-13 10:24 - 2013-12-13 10:24 - 00083968 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OpenVideo.dll
2013-12-13 10:24 - 2013-12-13 10:24 - 00073728 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OVDecode.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 29382144 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 26352128 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 24860160 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 22157824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 15716352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 13207552 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2013-12-13 10:23 - 2013-12-13 10:23 - 09753752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 08927704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 08406024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 08287008 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 07751920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 06630232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 03461040 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2013-12-13 10:23 - 2013-12-13 10:23 - 03426688 _____ C:\WINDOWS\system32\atiumd6a.cap
2013-12-13 10:23 - 2013-12-13 10:23 - 01318552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 01187342 _____ C:\WINDOWS\system32\amdocl_as64.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 01144320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 01100216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 01061902 _____ C:\WINDOWS\system32\amdocl_ld64.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00995342 _____ C:\WINDOWS\SysWOW64\amdocl_as32.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00825344 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00798734 _____ C:\WINDOWS\SysWOW64\amdocl_ld32.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00721296 _____ C:\WINDOWS\system32\atiicdxx.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00626176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2013-12-13 10:23 - 2013-12-13 10:23 - 00588288 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00550456 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2013-12-13 10:23 - 2013-12-13 10:23 - 00550456 _____ C:\WINDOWS\system32\atiapfxx.blb
2013-12-13 10:23 - 2013-12-13 10:23 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00412672 _____ C:\WINDOWS\system32\amdmiracast.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00332800 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00239616 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00234036 _____ C:\WINDOWS\system32\ativvaxy_cik.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00233776 _____ C:\WINDOWS\system32\ativvaxy_cik_nd.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00204952 _____ C:\WINDOWS\SysWOW64\ativvsvl.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00204952 _____ C:\WINDOWS\system32\ativvsvl.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00157736 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00157144 _____ C:\WINDOWS\SysWOW64\ativvsva.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00157144 _____ C:\WINDOWS\system32\ativvsva.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00143304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00142304 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00134656 _____ C:\WINDOWS\system32\amdhdl64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00126336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00123392 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00118784 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atibtmon.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00115512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00098496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00096256 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00083552 _____ C:\WINDOWS\system32\ativce02.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00074752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00063488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00057344 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00051200 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00047887 _____ C:\WINDOWS\atiogl.xml
2013-12-13 10:23 - 2013-12-13 10:23 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00031232 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00003917 _____ C:\WINDOWS\SysWOW64\atipblag.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00003917 _____ C:\WINDOWS\system32\atipblag.dat
2013-12-07 12:40 - 2013-11-16 19:00 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Local\CrashDumps
2013-12-05 19:56 - 2013-12-05 19:56 - 00000000 ____D C:\Users\Petra Schäfer\Desktop\bearbeitet
2013-12-05 19:04 - 2013-12-05 19:04 - 00000000 ___SD C:\Users\Petra Schäfer\Documents\Meine Websites
2013-12-05 19:04 - 2013-12-05 18:59 - 00000000 ____D C:\Users\Petra Schäfer\Desktop\Kunstgeschichte
2013-12-05 19:03 - 2013-12-05 19:00 - 00000000 ____D C:\Users\Petra Schäfer\Desktop\Deutsch
2013-12-05 18:59 - 2013-12-05 18:59 - 00000000 ____D C:\Users\Petra Schäfer\Desktop\Homepage
2013-12-05 17:58 - 2013-12-05 17:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-12-05 17:58 - 2013-12-05 17:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Expression
2013-12-05 17:43 - 2013-12-05 17:36 - 110669400 _____ (Microsoft Corporation) C:\Users\Petra Schäfer\Downloads\Web_Trial_de.exe
2013-12-02 22:32 - 2013-12-02 17:47 - 382338678 _____ C:\WINDOWS\MEMORY.DMP
2013-12-01 11:06 - 2013-11-26 22:44 - 00000000 ____D C:\ProgramData\Adobe
2013-11-30 17:01 - 2013-11-30 11:37 - 00000000 ____D C:\Users\Petra Schäfer\Desktop\Bauhaus
2013-11-30 16:11 - 2013-11-05 02:41 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Roaming\Adobe
2013-11-30 13:01 - 2013-11-30 13:01 - 00003512 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-Petra-Petra Schäfer
2013-11-30 12:30 - 2013-11-30 12:27 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Local\Google
2013-11-30 12:27 - 2013-11-27 11:03 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Local\CaptureOne
2013-11-30 12:26 - 2013-11-30 12:26 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Local\Apps\2.0
2013-11-30 12:25 - 2013-11-30 12:25 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Local\Phase_One
2013-11-30 12:09 - 2013-11-30 12:09 - 00014848 ___SH C:\Users\Petra Schäfer\Downloads\Thumbs.db
2013-11-30 11:38 - 2013-11-30 11:38 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-11-30 00:20 - 2013-11-26 22:44 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-11-30 00:15 - 2013-11-30 00:15 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Roaming\PDAppFlex
2013-11-30 00:10 - 2013-11-30 00:10 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Roaming\com.adobe.formscentral.FormsCentralForAcrobat
2013-11-29 23:47 - 2013-11-29 12:50 - 00000000 ____D C:\Program Files (x86)\Free Zip Opener
2013-11-29 14:12 - 2013-11-29 14:06 - 00000000 ____D C:\Program Files\Adobe
2013-11-29 14:12 - 2013-11-29 13:58 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-11-29 14:09 - 2013-11-29 14:09 - 00000000 ____D C:\ProgramData\ALM
2013-11-29 13:57 - 2013-11-29 13:57 - 00001526 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk
2013-11-29 13:47 - 2013-11-29 12:06 - 00000000 ____D C:\Users\Petra Schäfer\Desktop\photoshop
2013-11-29 12:57 - 2013-11-29 12:57 - 04320064 _____ C:\Users\Petra Schäfer\Downloads\bandizip-setup-gl.exe
2013-11-29 12:57 - 2013-11-29 12:57 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Local\Bandizip
2013-11-29 12:49 - 2013-11-29 12:49 - 02057080 _____ C:\Users\Petra Schäfer\Downloads\FreeZipOpener_Install.exe
2013-11-29 11:55 - 2013-11-29 11:55 - 02186312 _____ C:\Users\Petra Schäfer\Downloads\zip.exe
Some content of TEMP:
====================
C:\Users\Petra Schäfer\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-28 22:32
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2013 01
Ran by Petra Schäfer at 2013-12-29 20:13:28
Running from C:\Users\Petra Schäfer\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
clear.fi SDK - Video 2 (x32 Version: 2.1.2606)
clear.fi SDK- Movie 2 (x32 Version: 2.1.2606)
Acer Device Fast-lane (Version: 1.00.3013)
Acer Games (HKCU Version: 1.1.7.42206)
Acer Launch Manager (Version: 8.00.3004)
Acer Power Management (Version: 7.00.3013)
Acer Recovery Management (Version: 6.00.3016)
AcerCloud Docs (x32 Version: 1.01.2008)
AcerCloud Portal (x32 Version: 2.02.2022)
Adobe AIR (x32 Version: 3.9.0.1210)
Adobe Creative Suite 6 Design Standard (x32 Version: 6)
Adobe Download Assistant (x32 Version: 1.2.6)
Adobe Help Manager (x32 Version: 4.0.244)
AMD Accelerated Video Transcoding (Version: 12.10.100.30613)
AMD Catalyst Install Manager (Version: 8.0.911.0)
AMD Quick Stream (Version: 3.4.4.2)
AMD VISION Engine Control Center (x32 Version: 2013.0613.2225.38432)
AMD Wireless Display v3.0 (Version: 1.0.0.10)
Avira Free Antivirus (x32 Version: 14.0.2.286)
Avira SearchFree Toolbar (x32 Version: 12.10.0.2949)
Bandizip (HKCU Version: 3.09)
Bejeweled 3 (x32 Version: 2.2.0.98)
Bonjour (Version: 2.0.4.0)
Capture One 6.4 (x32 Version: 6.4.65508.156)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0613.2225.38432)
Catalyst Control Center InstallProxy (x32 Version: 2013.0613.2225.38432)
Catalyst Control Center Localization All (x32 Version: 2013.0613.2225.38432)
CCC Help Chinese Standard (x32 Version: 2013.0613.2224.38432)
CCC Help Chinese Traditional (x32 Version: 2013.0613.2224.38432)
CCC Help Czech (x32 Version: 2013.0613.2224.38432)
CCC Help Danish (x32 Version: 2013.0613.2224.38432)
CCC Help Dutch (x32 Version: 2013.0613.2224.38432)
CCC Help English (x32 Version: 2013.0613.2224.38432)
CCC Help Finnish (x32 Version: 2013.0613.2224.38432)
CCC Help French (x32 Version: 2013.0613.2224.38432)
CCC Help German (x32 Version: 2013.0613.2224.38432)
CCC Help Greek (x32 Version: 2013.0613.2224.38432)
CCC Help Hungarian (x32 Version: 2013.0613.2224.38432)
CCC Help Italian (x32 Version: 2013.0613.2224.38432)
CCC Help Japanese (x32 Version: 2013.0613.2224.38432)
CCC Help Korean (x32 Version: 2013.0613.2224.38432)
CCC Help Norwegian (x32 Version: 2013.0613.2224.38432)
CCC Help Polish (x32 Version: 2013.0613.2224.38432)
CCC Help Portuguese (x32 Version: 2013.0613.2224.38432)
CCC Help Russian (x32 Version: 2013.0613.2224.38432)
CCC Help Spanish (x32 Version: 2013.0613.2224.38432)
CCC Help Swedish (x32 Version: 2013.0613.2224.38432)
CCC Help Thai (x32 Version: 2013.0613.2224.38432)
CCC Help Turkish (x32 Version: 2013.0613.2224.38432)
ccc-utility64 (Version: 2013.0613.2225.38432)
clear.fi Media (x32 Version: 2.02.2012)
clear.fi Photo (x32 Version: 2.02.2016)
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32)
DMUninstaller (x32)
eBay Worldwide (x32 Version: 2.4.0105)
ETDWare PS/2-X64 11.6.24.203_WHQL (Version: 11.6.24.203)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110)
Identity Card (x32 Version: 2.00.3006)
Jewel Match 3 (x32 Version: 2.2.0.98)
John Deere Drive Green (x32 Version: 2.2.0.95)
Live Updater (x32 Version: 2.00.3010)
Magic Academy (x32 Version: 2.2.0.98)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
McAfee SiteAdvisor (Version: 3.4.1.195)
McAfee SiteAdvisor (x32 Version: 3.6.160)
Microsoft Expression Web 4 (x32 Version: 4.0.1460.0)
Microsoft Office (x32 Version: 15.0.4454.1510)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Nero BackItUp (x32 Version: 12.5.5000)
Nero BackItUp 12 Essentials OEM.a01 (x32 Version: 12.5.00500)
Nero BackItUp Help (CHM) (x32 Version: 12.0.10000)
Nero ControlCenter (x32 Version: 11.0.15600)
Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000)
Nero Core Components (x32 Version: 11.0.20200)
Nero Launcher (x32 Version: 12.2.7000)
Nero RescueAgent (x32 Version: 12.0.3001)
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000)
Nero Update (x32 Version: 11.0.11800.31.0)
Norton Online Backup (x32 Version: 2.7.0.24)
Norton Online Backup ARA (x32 Version: 4.3.0.14)
OEM Application Profile (x32 Version: 1.00.0000)
Office Addin (x32 Version: 2.02.2008)
Office Addin 2003 (x32 Version: 2.02.2008)
PDF Settings CS6 (x32 Version: 11.0)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98)
Plus-HD-1.2 (x32 Version: 1.32.153.0) <==== ATTENTION
Pokki (HKCU Version: 0.266.1.172)
Prerequisite installer (x32 Version: 12.0.0003)
QCA CardReader Driver Installer (x32 Version: 1.0.1.34)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.224)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 2.1.0.13)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (x32 Version: 11.49)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6865)
Re-markit (x32)
Shared C Run-time for x64 (Version: 10.0.0)
Spielkanäle (x32 Version: 8.1.0.17)
Spotify (x32 Version: 0.8.4.99.ga249b5f1)
Tales of Lagoona (x32 Version: 2.2.0.110)
Update Installer for WildTangent Games App (x32)
Visual Studio 2005 Tools for Office Second Edition Runtime (x32)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729)
Visual Studio Tools for the Office system 3.0 Runtime (x32)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (x32 Version: 1)
WildTangent Games (x32 Version: 1.0.4.0)
WildTangent Games App (x32 Version: 4.0.10.5)
Windows-Treiberpaket - Leaf Imaging Ltd. Image (02/11/2010 ) (Version: 02/11/2010 )
==================== Restore Points =========================
==================== Hosts content: ==========================
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {035792A1-D4EF-4A78-BF9A-AA9628C281A3} - System32\Tasks\Microsoft\Windows\Setup\SetupCleanupTask
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {05DC210E-EBD6-48CE-A497-D5A3AA02056C} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-01-23] (Acer Incorporated)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1B24A10E-C8C7-4D45-A537-1E76C88730B0} - System32\Tasks\Re-markit Update => C:\Program Files (x86)\Re-markit\ReMarkit_up.exe [2013-12-23] () <==== ATTENTION
Task: {1B9BC735-E059-428E-B100-DCD700955190} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-04-26] (Acer Incorporate)
Task: {1EE89DA9-1071-4734-8AD6-1EA39A5D0BEA} - System32\Tasks\AdobeAAMUpdater-1.0-Petra-Petra Schäfer => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2CCD2E6D-8639-458D-AB98-511B3AB302DC} - System32\Tasks\Plus-HD-1.2-updater => C:\Program Files (x86)\Plus-HD-1.2\Plus-HD-1.2-updater.exe [2013-12-23] (Plus HD) <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\System32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {559DFD0E-1F56-4392-A582-473B6C5E6772} - System32\Tasks\Plus-HD-1.2-chromeinstaller => C:\Program Files (x86)\Plus-HD-1.2\Plus-HD-1.2-chromeinstaller.exe [2013-12-23] (Plus HD) <==== ATTENTION
Task: {66C3A4D9-DEB8-4C5B-A1B7-F5C5B803BEA4} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7C7E4617-EB9A-47A6-9942-B4A2D35C439B} - System32\Tasks\Plus-HD-1.2-firefoxinstaller => C:\Program Files (x86)\Plus-HD-1.2\Plus-HD-1.2-firefoxinstaller.exe [2013-12-23] (Plus HD) <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8AC1A9FF-BAB1-4995-8353-DF12F4030C13} - System32\Tasks\Plus-HD-1.2-enabler => C:\Program Files (x86)\Plus-HD-1.2\Plus-HD-1.2-enabler.exe [2013-12-23] (Plus HD) <==== ATTENTION
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9BAEBCE7-703F-4A75-BB6E-A077D0D7429B} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B9C635E8-B885-45A3-8D82-273EAB08A879} - System32\Tasks\Plus-HD-1.2-codedownloader => C:\Program Files (x86)\Plus-HD-1.2\Plus-HD-1.2-codedownloader.exe [2013-12-23] (Plus HD) <==== ATTENTION
Task: {BEC9B1E0-5255-49EE-85FB-0FCC08BA7601} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\Windows\System32\oobe\setupsqm.exe [2013-08-22] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D62BCDD5-8AF1-4374-A556-04C51C032377} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E2F4864D-34CE-4271-9B2D-F92D332804DB} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F48FBAB8-EF5D-4E2E-B400-1477768D658A} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.3.0.14\\Ara.exe [2013-08-27] (Symantec Corporation)
Task: C:\WINDOWS\Tasks\Plus-HD-1.2-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-1.2\Plus-HD-1.2-chromeinstaller.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Plus-HD-1.2-codedownloader.job => C:\Program Files (x86)\Plus-HD-1.2\Plus-HD-1.2-codedownloader.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Plus-HD-1.2-enabler.job => C:\Program Files (x86)\Plus-HD-1.2\Plus-HD-1.2-enabler.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Plus-HD-1.2-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-1.2\Plus-HD-1.2-firefoxinstaller.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Plus-HD-1.2-updater.job => C:\Program Files (x86)\Plus-HD-1.2\Plus-HD-1.2-updater.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Re-markit Update.job => C:\Program Files (x86)\Re-markit\ReMarkit_up.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2013-04-15 10:23 - 2013-04-15 10:23 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-04-15 10:20 - 2013-04-15 10:20 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-11-08 21:53 - 2013-10-10 19:14 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-12-23 18:22 - 2013-12-23 18:22 - 00146432 _____ () C:\Program Files (x86)\Re-markit\150.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/29/2013 01:37:18 AM) (Source: Application Hang) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 167c
Startzeit: 01cf042da5662a0e
Endzeit: 187
Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Berichts-ID: 5b1132dd-7021-11e3-824f-a4db3080b070
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/29/2013 01:33:35 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16384, Zeitstempel: 0x52157231
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.16476, Zeitstempel: 0x5294589a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00008a95
ID des fehlerhaften Prozesses: 0x470
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (12/29/2013 01:14:38 AM) (Source: Application Hang) (User: )
Description: Programm backgroundTaskHost.exe, Version 6.3.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 13a8
Startzeit: 01cf042a369bb227
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\system32\backgroundTaskHost.exe
Berichts-ID: 2a91c030-701e-11e3-824f-a4db3080b070
Vollständiger Name des fehlerhaften Pakets: Microsoft.BingNews_3.0.1.174_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AppexNews
Error: (12/29/2013 01:14:38 AM) (Source: Application Hang) (User: )
Description: Programm backgroundTaskHost.exe, Version 6.3.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 7f4
Startzeit: 01cf042a36817830
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\system32\backgroundTaskHost.exe
Berichts-ID: 2a928377-701e-11e3-824f-a4db3080b070
Vollständiger Name des fehlerhaften Pakets: Microsoft.BingTravel_3.0.1.174_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AppexTravel
Error: (12/29/2013 01:11:23 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16384, Zeitstempel: 0x52157231
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.16476, Zeitstempel: 0x5294589a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00008a95
ID des fehlerhaften Prozesses: 0xb20
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (12/29/2013 01:09:44 AM) (Source: Application Hang) (User: )
Description: Programm PhotosApp.exe, Version 6.3.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 20cc
Startzeit: 01cf0428856fbadb
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\FileManager\PhotosApp.exe
Berichts-ID: f40ef435-701b-11e3-824f-a4db3080b070
Vollständiger Name des fehlerhaften Pakets: FileManager_6.3.9600.16384_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Microsoft.Windows.PhotoManager
Error: (12/29/2013 01:09:24 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16384, Zeitstempel: 0x52157231
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.16476, Zeitstempel: 0x5294589a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00008a95
ID des fehlerhaften Prozesses: 0x21e0
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (12/29/2013 00:58:29 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: Petra)
Description: Das Paket „FileManager_6.3.9600.16384_neutral_neutral_cw5n1h2txyewy+Microsoft.Windows.PhotoManager“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (12/28/2013 11:56:39 PM) (Source: Perflib) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll8
Error: (12/28/2013 11:56:28 PM) (Source: PerfNet) (User: )
Description:
System errors:
=============
Error: (12/29/2013 02:55:29 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/29/2013 00:52:12 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40.
Error: (12/29/2013 00:52:12 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40.
Error: (12/29/2013 00:52:11 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40.
Error: (12/29/2013 00:52:11 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40.
Error: (12/29/2013 00:40:44 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40.
Error: (12/29/2013 00:40:44 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40.
Error: (12/29/2013 00:40:44 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40.
Error: (12/29/2013 00:40:44 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40.
Error: (12/28/2013 11:07:45 PM) (Source: NETLOGON) (User: )
Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als
Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser
Konfiguration nicht gestartet zu sein.
Microsoft Office Sessions:
=========================
Error: (12/29/2013 01:37:18 AM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE11.0.9600.16384167c01cf042da5662a0e187C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE5b1132dd-7021-11e3-824f-a4db3080b070
Error: (12/29/2013 01:33:35 AM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.1638452157231jscript9.dll11.0.9600.164765294589ac000000500008a9547001cf0426195b9069C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\jscript9.dlld97f7bfe-7020-11e3-824f-a4db3080b070
Error: (12/29/2013 01:14:38 AM) (Source: Application Hang)(User: )
Description: backgroundTaskHost.exe6.3.9600.1638413a801cf042a369bb2274294967295C:\WINDOWS\system32\backgroundTaskHost.exe2a91c030-701e-11e3-824f-a4db3080b070Microsoft.BingNews_3.0.1.174_x64__8wekyb3d8bbweAppexNews
Error: (12/29/2013 01:14:38 AM) (Source: Application Hang)(User: )
Description: backgroundTaskHost.exe6.3.9600.163847f401cf042a368178304294967295C:\WINDOWS\system32\backgroundTaskHost.exe2a928377-701e-11e3-824f-a4db3080b070Microsoft.BingTravel_3.0.1.174_x64__8wekyb3d8bbweAppexTravel
Error: (12/29/2013 01:11:23 AM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.1638452157231jscript9.dll11.0.9600.164765294589ac000000500008a95b2001cf042a4574c9b5C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\jscript9.dllc011a638-701d-11e3-824f-a4db3080b070
Error: (12/29/2013 01:09:44 AM) (Source: Application Hang)(User: )
Description: PhotosApp.exe6.3.9600.1638420cc01cf0428856fbadb4294967295C:\WINDOWS\FileManager\PhotosApp.exef40ef435-701b-11e3-824f-a4db3080b070FileManager_6.3.9600.16384_neutral_neutral_cw5n1h2txyewyMicrosoft.Windows.PhotoManager
Error: (12/29/2013 01:09:24 AM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.1638452157231jscript9.dll11.0.9600.164765294589ac000000500008a9521e001cf042a12b12b60C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\jscript9.dll78d12b28-701d-11e3-824f-a4db3080b070
Error: (12/29/2013 00:58:29 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: Petra)
Description: FileManager_6.3.9600.16384_neutral_neutral_cw5n1h2txyewy+Microsoft.Windows.PhotoManager
Error: (12/28/2013 11:56:39 PM) (Source: Perflib)(User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll8
Error: (12/28/2013 11:56:28 PM) (Source: PerfNet)(User: )
Description:
==================== Memory info ===========================
Percentage of memory in use: 39%
Total physical RAM: 3525 MB
Available physical RAM: 2127.34 MB
Total Pagefile: 6018.27 MB
Available Pagefile: 4151 MB
Total Virtual: 131072 MB
Available Virtual: 131071.77 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:449.56 GB) (Free:377.72 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 9D64930C)
Partition: GPT Partition Type
==================== End Of Log ============================
|
|
30.12.2013, 11:22
| #8 |
| /// the machine /// TB-Ausbilder | redirect winflashplayer.com popup Funde mit MBAM auch löschen lassen. Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
30.12.2013, 15:13
| #9 |
| | redirect winflashplayer.com popup Sooo wäre erledigt. Code:
ATTFilter # AdwCleaner v3.016 - Bericht erstellt am 30/12/2013 um 14:39:42
# Aktualisiert 23/12/2013 von Xplode
# Betriebssystem : Windows 8.1 (64 bits)
# Benutzername : Petra Schäfer - PETRA
# Gestartet von : C:\Users\Petra Schäfer\Downloads\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\NCH Software
Ordner Gelöscht : C:\Program Files (x86)\iMesh Applications
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Program Files (x86)\NCH Software
Ordner Gelöscht : C:\Users\Petra Schäfer\AppData\Local\Pokki
Ordner Gelöscht : C:\Users\Petra Schäfer\AppData\Roaming\NCH Software
Datei Gelöscht : C:\Users\Public\Desktop\eBay.lnk
Datei Gelöscht : C:\WINDOWS\System32\Tasks\NCH Software
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\Classes\pokki
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322122255}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366126655}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322122255}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366126655}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\NCH Software
Schlüssel Gelöscht : HKCU\Software\Pokki
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\NCH Software
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DomaIQ
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16384
*************************
AdwCleaner[R0].txt - [2399 octets] - [30/12/2013 14:36:37]
AdwCleaner[S0].txt - [2100 octets] - [30/12/2013 14:39:42]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2160 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 8.1 x64
Ran by Petra Sch„fer on 30.12.2013 at 14:55:41,46
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmon
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\apn"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.12.2013 at 15:03:21,63
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-12-2013 01
Ran by Petra Schäfer (administrator) on PETRA on 30-12-2013 15:08:04
Running from C:\Users\Petra Schäfer\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-05-22] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mcui_exe] - "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642816 2013-06-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer\Run: [BtvStack] - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-04-15] ( (Atheros Communications))
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKLM - DefaultScope {ABDBE777-2F20-4517-B2CF-0DF53328F40E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM - {ABDBE777-2F20-4517-B2CF-0DF53328F40E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 - {ABDBE777-2F20-4517-B2CF-0DF53328F40E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKCU - {ABDBE777-2F20-4517-B2CF-0DF53328F40E} URL =
BHO: Plus-HD-1.2 - {11111111-1111-1111-1111-110311121155} - C:\Program Files (x86)\Plus-HD-1.2\Plus-HD-1.2-bho64.dll No File
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1011768 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-12-20] (APN LLC.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [228480 2013-04-15] (Qualcomm Atheros Commnucations)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-27] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [470056 2013-05-01] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [240736 2013-10-07] (WildTangent)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-04-26] (Acer Incorporate)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [121616 2013-11-07] (McAfee, Inc.)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation)
R3 AthrSdSrv; C:\Windows\system32\DRIVERS\athrsd.sys [48760 2012-12-01] (Qualcomm Atheros, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98744 2013-04-23] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-10-10] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [84720 2013-12-18] (Avira Operations GmbH & Co. KG)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-15] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-12-28] (Microsoft Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-12-28] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-30 15:03 - 2013-12-30 15:03 - 00000897 _____ C:\Users\Petra Schäfer\Desktop\JRT.txt
2013-12-30 14:48 - 2013-12-30 14:48 - 00000000 ____D C:\WINDOWS\ERUNT
2013-12-30 14:47 - 2013-12-30 14:47 - 01034531 _____ (Thisisu) C:\Users\Petra Schäfer\Downloads\JRT.exe
2013-12-30 14:44 - 2013-12-30 14:44 - 00002252 _____ C:\Users\Petra Schäfer\Desktop\AdwCleaner[S0]_noch posten.txt
2013-12-30 11:56 - 2013-12-30 14:39 - 00000000 ____D C:\AdwCleaner
2013-12-30 11:56 - 2013-12-30 11:56 - 01233962 _____ C:\Users\Petra Schäfer\Downloads\adwcleaner.exe
2013-12-30 11:51 - 2013-12-30 11:51 - 00000000 ____D C:\Users\Petra Schäfer\Downloads\FRST-OlderVersion
2013-12-29 20:13 - 2013-12-29 20:14 - 00025380 _____ C:\Users\Petra Schäfer\Downloads\Addition.txt
2013-12-29 20:10 - 2013-12-30 15:08 - 00011546 _____ C:\Users\Petra Schäfer\Downloads\FRST.txt
2013-12-29 20:10 - 2013-12-30 11:51 - 00000000 ____D C:\FRST
2013-12-28 23:20 - 2013-12-28 23:20 - 00000000 ____D C:\Users\Petra Schäfer\Documents\Bluetooth Folder
2013-12-28 23:20 - 2013-12-28 23:20 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Local\BMExplorer
2013-12-28 23:17 - 2013-12-28 23:17 - 00001458 _____ C:\Users\Petra Schäfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-28 23:16 - 2013-12-28 23:16 - 00000020 ___SH C:\Users\Petra Schäfer\ntuser.ini
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-12-28 23:07 - 2013-12-30 15:00 - 00225966 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-28 23:06 - 2013-12-28 23:06 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2013-12-28 22:50 - 2013-12-28 22:50 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-12-28 22:50 - 2013-12-28 22:50 - 00000000 ____D C:\Users\Default\AppData\Local\Pokki
2013-12-28 22:50 - 2013-12-28 22:50 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-12-28 22:50 - 2013-12-28 22:50 - 00000000 ____D C:\Users\Default User\AppData\Local\Pokki
2013-12-28 22:45 - 2013-12-28 22:45 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2013-12-28 22:43 - 2013-12-28 23:16 - 00000000 ____D C:\Users\Petra Schäfer
2013-12-28 22:43 - 2013-12-28 23:07 - 00022863 _____ C:\WINDOWS\diagwrn.xml
2013-12-28 22:43 - 2013-12-28 23:07 - 00022863 _____ C:\WINDOWS\diagerr.xml
2013-12-28 22:43 - 2013-12-28 22:44 - 00000000 ___RD C:\Users\Petra Schäfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Vorlagen
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Startmenü
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Netzwerkumgebung
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Lokale Einstellungen
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Eigene Dateien
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Druckumgebung
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Documents\Eigene Musik
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Documents\Eigene Bilder
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\AppData\Local\Verlauf
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\AppData\Local\Anwendungsdaten
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Anwendungsdaten
2013-12-28 22:43 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Petra Schäfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-12-28 22:43 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Petra Schäfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-12-28 22:43 - 2013-08-22 16:36 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-12-28 22:35 - 2013-12-28 22:35 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2013-12-28 22:35 - 2013-12-28 22:35 - 00000000 ____D C:\Program Files\Realtek
2013-12-28 22:34 - 2013-12-28 22:34 - 00000000 ____D C:\Program Files\Elantech
2013-12-28 22:34 - 2013-12-28 22:34 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2013-12-28 22:34 - 2013-12-28 22:34 - 00000000 ____D C:\Program Files\AMD
2013-12-28 22:34 - 2013-12-28 22:34 - 00000000 ____D C:\AMD
2013-12-28 22:34 - 2013-12-28 22:34 - 00000000 _____ C:\WINDOWS\system32\spu_storage.bin
2013-12-28 22:34 - 2013-12-28 22:34 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2013-12-28 22:31 - 2013-12-28 23:18 - 00000000 ___DC C:\WINDOWS\Panther
2013-12-28 22:31 - 2013-12-28 22:31 - 00000000 __SHD C:\Recovery
2013-12-28 22:30 - 2013-12-28 22:30 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2013-12-28 22:30 - 2013-12-28 22:30 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2013-12-28 22:30 - 2013-12-28 22:30 - 00000000 ____D C:\Windows.old
2013-12-28 22:29 - 2013-12-28 22:29 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2013-12-28 22:29 - 2013-12-28 22:29 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2013-12-28 22:29 - 2013-12-28 22:29 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2013-12-28 22:29 - 2013-12-28 22:29 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2013-12-28 22:29 - 2013-12-28 22:29 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2013-12-28 22:29 - 2013-12-28 22:29 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2013-12-28 22:29 - 2013-12-28 22:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-12-28 22:28 - 2013-12-28 22:28 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-12-28 22:28 - 2013-12-28 22:28 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-12-28 22:27 - 2013-12-28 22:27 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2013-12-28 22:27 - 2013-12-28 22:27 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-12-28 22:27 - 2013-12-28 22:27 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2013-12-28 22:27 - 2013-12-28 22:27 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-12-28 22:27 - 2013-12-28 22:27 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-12-28 22:27 - 2013-12-28 22:27 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-12-28 22:27 - 2013-12-28 22:27 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2013-12-28 22:27 - 2013-12-28 22:27 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2013-12-28 22:27 - 2013-12-28 22:27 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2013-12-28 22:27 - 2013-12-28 22:27 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2013-12-28 22:25 - 2013-12-28 22:25 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2013-12-28 22:22 - 2013-12-28 22:22 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2013-12-28 22:22 - 2013-12-28 22:22 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-12-28 22:22 - 2013-12-28 22:22 - 00000000 ____D C:\Program Files\MSBuild
2013-12-28 22:22 - 2013-12-28 22:22 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-12-28 22:22 - 2013-12-28 22:22 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-12-28 22:21 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2013-12-28 22:21 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2013-12-28 22:21 - 2013-08-03 05:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2013-12-28 22:21 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2013-12-28 22:21 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-12-28 22:21 - 2013-08-03 05:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2013-12-28 21:52 - 2013-12-28 23:07 - 00006609 _____ C:\WINDOWS\comsetup.log
2013-12-28 18:25 - 2013-12-30 11:51 - 01931302 _____ (Farbar) C:\Users\Petra Schäfer\Downloads\FRST64.exe
2013-12-28 18:23 - 2013-12-28 18:23 - 00000793 _____ C:\Users\Public\Desktop\iMesh-Installation fortsetzen.lnk
2013-12-27 21:00 - 2013-12-27 21:00 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Roaming\Malwarebytes
2013-12-27 20:58 - 2013-12-27 20:58 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-27 20:58 - 2013-12-27 20:58 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-27 20:58 - 2013-12-27 20:58 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-27 20:58 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-12-27 20:48 - 2013-12-27 20:50 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Petra Schäfer\Desktop\mbam-setup-1.75.0.1300.exe
2013-12-23 18:23 - 2013-12-27 20:57 - 00000905 _____ C:\Users\Petra Schäfer\AppData\Roaming\trace_FilterInstaller.txt
2013-12-23 18:23 - 2013-12-27 20:57 - 00000000 _____ C:\Users\Petra Schäfer\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2013-12-23 18:23 - 2013-12-23 18:27 - 00000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2013-12-23 18:23 - 2013-12-23 18:23 - 00001167 _____ C:\Users\Petra Schäfer\AppData\Roaming\trace_FilterInstaller.1.txt
2013-12-23 18:19 - 2013-12-23 18:19 - 00090283 _____ C:\Users\Petra Schäfer\Desktop\Unbenannt.wma
2013-12-22 18:08 - 2013-12-27 20:58 - 00024064 ___SH C:\Users\Petra Schäfer\Desktop\Thumbs.db
2013-12-21 12:38 - 2013-12-21 12:38 - 00000000 ____D C:\Users\Petra Schäfer\Desktop\DCIM
2013-12-15 22:35 - 2013-12-23 18:42 - 00001456 _____ C:\Users\Petra Schäfer\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-12-15 21:57 - 2013-12-22 18:29 - 00000000 ____D C:\Users\Petra Schäfer\Desktop\100EOS5D
2013-12-13 10:24 - 2013-12-13 10:24 - 00230912 _____ C:\WINDOWS\system32\clinfo.exe
2013-12-13 10:24 - 2013-12-13 10:24 - 00129536 _____ (AMD) C:\WINDOWS\system32\coinst_13.251.dll
2013-12-13 10:24 - 2013-12-13 10:24 - 00099840 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OpenVideo64.dll
2013-12-13 10:24 - 2013-12-13 10:24 - 00086528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OVDecode64.dll
2013-12-13 10:24 - 2013-12-13 10:24 - 00083968 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OpenVideo.dll
2013-12-13 10:24 - 2013-12-13 10:24 - 00073728 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OVDecode.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 29382144 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 26352128 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 24860160 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 22157824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 15716352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 13207552 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2013-12-13 10:23 - 2013-12-13 10:23 - 09753752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 08927704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 08406024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 08287008 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 07751920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 06630232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 03461040 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2013-12-13 10:23 - 2013-12-13 10:23 - 03426688 _____ C:\WINDOWS\system32\atiumd6a.cap
2013-12-13 10:23 - 2013-12-13 10:23 - 01318552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 01187342 _____ C:\WINDOWS\system32\amdocl_as64.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 01144320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 01100216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 01061902 _____ C:\WINDOWS\system32\amdocl_ld64.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00995342 _____ C:\WINDOWS\SysWOW64\amdocl_as32.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00825344 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00798734 _____ C:\WINDOWS\SysWOW64\amdocl_ld32.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00721296 _____ C:\WINDOWS\system32\atiicdxx.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00626176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2013-12-13 10:23 - 2013-12-13 10:23 - 00588288 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00550456 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2013-12-13 10:23 - 2013-12-13 10:23 - 00550456 _____ C:\WINDOWS\system32\atiapfxx.blb
2013-12-13 10:23 - 2013-12-13 10:23 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00412672 _____ C:\WINDOWS\system32\amdmiracast.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00332800 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00239616 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00234036 _____ C:\WINDOWS\system32\ativvaxy_cik.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00233776 _____ C:\WINDOWS\system32\ativvaxy_cik_nd.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00204952 _____ C:\WINDOWS\SysWOW64\ativvsvl.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00204952 _____ C:\WINDOWS\system32\ativvsvl.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00157736 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00157144 _____ C:\WINDOWS\SysWOW64\ativvsva.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00157144 _____ C:\WINDOWS\system32\ativvsva.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00143304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00142304 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00134656 _____ C:\WINDOWS\system32\amdhdl64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00126336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00123392 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00118784 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atibtmon.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00115512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00098496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00096256 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00083552 _____ C:\WINDOWS\system32\ativce02.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00074752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00063488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00057344 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00051200 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00047887 _____ C:\WINDOWS\atiogl.xml
2013-12-13 10:23 - 2013-12-13 10:23 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00031232 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00003917 _____ C:\WINDOWS\SysWOW64\atipblag.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00003917 _____ C:\WINDOWS\system32\atipblag.dat
2013-12-05 19:56 - 2013-12-05 19:56 - 00000000 ____D C:\Users\Petra Schäfer\Desktop\bearbeitet
2013-12-05 19:04 - 2013-12-05 19:04 - 00000000 ___SD C:\Users\Petra Schäfer\Documents\Meine Websites
2013-12-05 19:00 - 2013-12-05 19:03 - 00000000 ____D C:\Users\Petra Schäfer\Desktop\Deutsch
2013-12-05 18:59 - 2013-12-05 19:04 - 00000000 ____D C:\Users\Petra Schäfer\Desktop\Kunstgeschichte
2013-12-05 18:59 - 2013-12-05 18:59 - 00000000 ____D C:\Users\Petra Schäfer\Desktop\Homepage
2013-12-05 17:59 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2013-12-05 17:58 - 2013-12-05 17:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-12-05 17:56 - 2013-12-05 17:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Expression
2013-12-05 17:36 - 2013-12-05 17:43 - 110669400 _____ (Microsoft Corporation) C:\Users\Petra Schäfer\Downloads\Web_Trial_de.exe
2013-12-02 17:47 - 2013-12-02 22:32 - 382338678 _____ C:\WINDOWS\MEMORY.DMP
2013-11-30 13:01 - 2013-11-30 13:01 - 00003512 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-Petra-Petra Schäfer
2013-11-30 12:27 - 2013-12-28 17:18 - 00000000 ____D C:\Program Files (x86)\Google
2013-11-30 12:27 - 2013-11-30 12:30 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Local\Google
2013-11-30 12:26 - 2013-11-30 12:26 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Local\Apps\2.0
2013-11-30 12:25 - 2013-11-30 12:25 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Local\Phase_One
2013-11-30 12:09 - 2013-11-30 12:09 - 00014848 ___SH C:\Users\Petra Schäfer\Downloads\Thumbs.db
2013-11-30 11:38 - 2013-11-30 11:38 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-11-30 11:37 - 2013-11-30 17:01 - 00000000 ____D C:\Users\Petra Schäfer\Desktop\Bauhaus
2013-11-30 00:15 - 2013-11-30 00:15 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Roaming\PDAppFlex
2013-11-30 00:10 - 2013-11-30 00:10 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Roaming\com.adobe.formscentral.FormsCentralForAcrobat
==================== One Month Modified Files and Folders =======
2013-12-30 15:08 - 2013-12-29 20:10 - 00011546 _____ C:\Users\Petra Schäfer\Downloads\FRST.txt
2013-12-30 15:04 - 2013-11-08 21:53 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4011578934-1874783229-1643335886-1001
2013-12-30 15:03 - 2013-12-30 15:03 - 00000897 _____ C:\Users\Petra Schäfer\Desktop\JRT.txt
2013-12-30 15:00 - 2013-12-28 23:07 - 00225966 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-30 15:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2013-12-30 14:48 - 2013-12-30 14:48 - 00000000 ____D C:\WINDOWS\ERUNT
2013-12-30 14:47 - 2013-12-30 14:47 - 01034531 _____ (Thisisu) C:\Users\Petra Schäfer\Downloads\JRT.exe
2013-12-30 14:46 - 2013-11-14 08:27 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-30 14:46 - 2013-11-14 08:11 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2013-12-30 14:46 - 2013-11-14 08:11 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2013-12-30 14:44 - 2013-12-30 14:44 - 00002252 _____ C:\Users\Petra Schäfer\Desktop\AdwCleaner[S0]_noch posten.txt
2013-12-30 14:41 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-30 14:40 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2013-12-30 14:39 - 2013-12-30 11:56 - 00000000 ____D C:\AdwCleaner
2013-12-30 14:37 - 2013-11-26 22:42 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Local\Adobe
2013-12-30 14:37 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2013-12-30 14:31 - 2013-11-13 23:18 - 00010058 _____ C:\WINDOWS\PFRO.log
2013-12-30 11:56 - 2013-12-30 11:56 - 01233962 _____ C:\Users\Petra Schäfer\Downloads\adwcleaner.exe
2013-12-30 11:51 - 2013-12-30 11:51 - 00000000 ____D C:\Users\Petra Schäfer\Downloads\FRST-OlderVersion
2013-12-30 11:51 - 2013-12-29 20:10 - 00000000 ____D C:\FRST
2013-12-30 11:51 - 2013-12-28 18:25 - 01931302 _____ (Farbar) C:\Users\Petra Schäfer\Downloads\FRST64.exe
2013-12-29 20:14 - 2013-12-29 20:13 - 00025380 _____ C:\Users\Petra Schäfer\Downloads\Addition.txt
2013-12-29 14:56 - 2013-08-22 15:46 - 00286606 _____ C:\WINDOWS\setupact.log
2013-12-28 23:21 - 2013-11-14 09:24 - 00000000 ___HD C:\$Windows.~BT
2013-12-28 23:21 - 2013-11-05 02:39 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Local\Packages
2013-12-28 23:20 - 2013-12-28 23:20 - 00000000 ____D C:\Users\Petra Schäfer\Documents\Bluetooth Folder
2013-12-28 23:20 - 2013-12-28 23:20 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Local\BMExplorer
2013-12-28 23:20 - 2013-10-09 07:08 - 00000000 ____D C:\ProgramData\Atheros
2013-12-28 23:19 - 2013-11-05 02:41 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2013-12-28 23:18 - 2013-12-28 22:31 - 00000000 ___DC C:\WINDOWS\Panther
2013-12-28 23:18 - 2013-11-05 02:41 - 00000000 ___RD C:\Users\Petra Schäfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-28 23:18 - 2013-11-05 02:41 - 00000000 ___RD C:\Users\Petra Schäfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-28 23:17 - 2013-12-28 23:17 - 00001458 _____ C:\Users\Petra Schäfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-28 23:16 - 2013-12-28 23:16 - 00000020 ___SH C:\Users\Petra Schäfer\ntuser.ini
2013-12-28 23:16 - 2013-12-28 22:43 - 00000000 ____D C:\Users\Petra Schäfer
2013-12-28 23:09 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-12-28 23:08 - 2013-12-28 23:08 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-12-28 23:08 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows NT
2013-12-28 23:08 - 2013-08-22 14:36 - 00000000 __RHD C:\Users\Default
2013-12-28 23:07 - 2013-12-28 22:43 - 00022863 _____ C:\WINDOWS\diagwrn.xml
2013-12-28 23:07 - 2013-12-28 22:43 - 00022863 _____ C:\WINDOWS\diagerr.xml
2013-12-28 23:07 - 2013-12-28 21:52 - 00006609 _____ C:\WINDOWS\comsetup.log
2013-12-28 23:07 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Registration
2013-12-28 23:06 - 2013-12-28 23:06 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2013-12-28 23:00 - 2013-08-22 16:36 - 00000000 __RSD C:\WINDOWS\Media
2013-12-28 22:59 - 2013-08-22 16:36 - 00000000 __RHD C:\Users\Public\Libraries
2013-12-28 22:53 - 2013-08-22 15:44 - 04957184 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-28 22:52 - 2013-11-29 12:30 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2013-12-28 22:52 - 2013-10-09 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\QCA_CR
2013-12-28 22:52 - 2013-10-09 06:54 - 00000000 ____D C:\WINDOWS\SysWOW64\Atheros_L1e
2013-12-28 22:52 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Help
2013-12-28 22:52 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2013-12-28 22:52 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2013-12-28 22:50 - 2013-12-28 22:50 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-12-28 22:50 - 2013-12-28 22:50 - 00000000 ____D C:\Users\Default\AppData\Local\Pokki
2013-12-28 22:50 - 2013-12-28 22:50 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-12-28 22:50 - 2013-12-28 22:50 - 00000000 ____D C:\Users\Default User\AppData\Local\Pokki
2013-12-28 22:50 - 2013-08-22 16:37 - 00004893 _____ C:\WINDOWS\DtcInstall.log
2013-12-28 22:50 - 2012-07-26 06:37 - 00000000 ____D C:\Users\Default.migrated
2013-12-28 22:49 - 2013-11-14 08:11 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2013-12-28 22:49 - 2013-11-14 08:11 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2013-12-28 22:49 - 2013-11-14 08:11 - 00000000 ____D C:\WINDOWS\system32\WCN
2013-12-28 22:49 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2013-12-28 22:49 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2013-12-28 22:49 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2013-12-28 22:49 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\spool
2013-12-28 22:49 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\IME
2013-12-28 22:49 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2013-12-28 22:49 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2013-12-28 22:48 - 2013-08-22 16:43 - 00000000 ____D C:\WINDOWS\DigitalLocker
2013-12-28 22:48 - 2013-08-22 16:36 - 00000000 __SHD C:\Program Files\Windows Sidebar
2013-12-28 22:48 - 2013-08-22 16:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2013-12-28 22:48 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\IME
2013-12-28 22:48 - 2013-05-27 13:37 - 00000000 ____D C:\ProgramData\PRICache
2013-12-28 22:47 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-12-28 22:45 - 2013-12-28 22:45 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2013-12-28 22:45 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\Recovery
2013-12-28 22:44 - 2013-12-28 22:43 - 00000000 ___RD C:\Users\Petra Schäfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-12-28 22:44 - 2013-11-29 12:57 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bandizip
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Vorlagen
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Startmenü
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Netzwerkumgebung
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Lokale Einstellungen
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Eigene Dateien
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Druckumgebung
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Documents\Eigene Musik
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Documents\Eigene Bilder
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\AppData\Local\Verlauf
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\AppData\Local\Anwendungsdaten
2013-12-28 22:43 - 2013-12-28 22:43 - 00000000 _SHDL C:\Users\Petra Schäfer\Anwendungsdaten
2013-12-28 22:35 - 2013-12-28 22:35 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2013-12-28 22:35 - 2013-12-28 22:35 - 00000000 ____D C:\Program Files\Realtek
2013-12-28 22:35 - 2013-08-22 15:46 - 00000084 _____ C:\WINDOWS\setuperr.log
2013-12-28 22:34 - 2013-12-28 22:34 - 00000000 ____D C:\Program Files\Elantech
2013-12-28 22:34 - 2013-12-28 22:34 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2013-12-28 22:34 - 2013-12-28 22:34 - 00000000 ____D C:\Program Files\AMD
2013-12-28 22:34 - 2013-12-28 22:34 - 00000000 ____D C:\AMD
2013-12-28 22:34 - 2013-12-28 22:34 - 00000000 _____ C:\WINDOWS\system32\spu_storage.bin
2013-12-28 22:34 - 2013-12-28 22:34 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2013-12-28 22:31 - 2013-12-28 22:31 - 00000000 __SHD C:\Recovery
2013-12-28 22:30 - 2013-12-28 22:30 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2013-12-28 22:30 - 2013-12-28 22:30 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2013-12-28 22:30 - 2013-12-28 22:30 - 00000000 ____D C:\Windows.old
2013-12-28 22:30 - 2013-08-22 16:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2013-12-28 22:29 - 2013-12-28 22:29 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2013-12-28 22:29 - 2013-12-28 22:29 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2013-12-28 22:29 - 2013-12-28 22:29 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2013-12-28 22:29 - 2013-12-28 22:29 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2013-12-28 22:29 - 2013-12-28 22:29 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2013-12-28 22:29 - 2013-12-28 22:29 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2013-12-28 22:29 - 2013-12-28 22:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-12-28 22:28 - 2013-12-28 22:28 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-12-28 22:28 - 2013-12-28 22:28 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2013-12-28 22:28 - 2013-12-28 22:28 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-12-28 22:27 - 2013-12-28 22:27 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2013-12-28 22:27 - 2013-12-28 22:27 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-12-28 22:27 - 2013-12-28 22:27 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2013-12-28 22:27 - 2013-12-28 22:27 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2013-12-28 22:27 - 2013-12-28 22:27 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-12-28 22:27 - 2013-12-28 22:27 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-12-28 22:27 - 2013-12-28 22:27 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-12-28 22:27 - 2013-12-28 22:27 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2013-12-28 22:27 - 2013-12-28 22:27 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2013-12-28 22:27 - 2013-12-28 22:27 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2013-12-28 22:27 - 2013-12-28 22:27 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2013-12-28 22:27 - 2013-12-28 22:27 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2013-12-28 22:27 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2013-12-28 22:27 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore
2013-12-28 22:27 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2013-12-28 22:27 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\FileManager
2013-12-28 22:27 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Camera
2013-12-28 22:25 - 2013-12-28 22:25 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2013-12-28 22:22 - 2013-12-28 22:22 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2013-12-28 22:22 - 2013-12-28 22:22 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-12-28 22:22 - 2013-12-28 22:22 - 00000000 ____D C:\Program Files\MSBuild
2013-12-28 22:22 - 2013-12-28 22:22 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-12-28 22:22 - 2013-12-28 22:22 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-12-28 22:22 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2013-12-28 22:22 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\MUI
2013-12-28 22:13 - 2013-10-09 06:08 - 02074707 _____ C:\WINDOWS\WindowsUpdate (1).log
2013-12-28 20:59 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-12-28 18:23 - 2013-12-28 18:23 - 00000793 _____ C:\Users\Public\Desktop\iMesh-Installation fortsetzen.lnk
2013-12-28 17:18 - 2013-11-30 12:27 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-27 21:00 - 2013-12-27 21:00 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Roaming\Malwarebytes
2013-12-27 20:58 - 2013-12-27 20:58 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-27 20:58 - 2013-12-27 20:58 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-27 20:58 - 2013-12-27 20:58 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-27 20:58 - 2013-12-22 18:08 - 00024064 ___SH C:\Users\Petra Schäfer\Desktop\Thumbs.db
2013-12-27 20:57 - 2013-12-23 18:23 - 00000905 _____ C:\Users\Petra Schäfer\AppData\Roaming\trace_FilterInstaller.txt
2013-12-27 20:57 - 2013-12-23 18:23 - 00000000 _____ C:\Users\Petra Schäfer\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2013-12-27 20:50 - 2013-12-27 20:48 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Petra Schäfer\Desktop\mbam-setup-1.75.0.1300.exe
2013-12-23 18:42 - 2013-12-15 22:35 - 00001456 _____ C:\Users\Petra Schäfer\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-12-23 18:27 - 2013-12-23 18:23 - 00000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2013-12-23 18:23 - 2013-12-23 18:23 - 00001167 _____ C:\Users\Petra Schäfer\AppData\Roaming\trace_FilterInstaller.1.txt
2013-12-23 18:19 - 2013-12-23 18:19 - 00090283 _____ C:\Users\Petra Schäfer\Desktop\Unbenannt.wma
2013-12-22 18:29 - 2013-12-15 21:57 - 00000000 ____D C:\Users\Petra Schäfer\Desktop\100EOS5D
2013-12-21 12:38 - 2013-12-21 12:38 - 00000000 ____D C:\Users\Petra Schäfer\Desktop\DCIM
2013-12-20 22:57 - 2013-11-08 21:51 - 00002105 _____ C:\Users\Petra Schäfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2013-12-18 22:09 - 2013-11-08 21:53 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2013-12-18 22:09 - 2013-11-08 21:53 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2013-12-18 22:09 - 2013-11-08 21:53 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2013-12-18 22:01 - 2013-05-27 13:55 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-12-15 17:26 - 2013-11-13 07:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-15 17:24 - 2013-11-13 07:30 - 90708896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-13 10:24 - 2013-12-13 10:24 - 00230912 _____ C:\WINDOWS\system32\clinfo.exe
2013-12-13 10:24 - 2013-12-13 10:24 - 00129536 _____ (AMD) C:\WINDOWS\system32\coinst_13.251.dll
2013-12-13 10:24 - 2013-12-13 10:24 - 00099840 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OpenVideo64.dll
2013-12-13 10:24 - 2013-12-13 10:24 - 00086528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OVDecode64.dll
2013-12-13 10:24 - 2013-12-13 10:24 - 00083968 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OpenVideo.dll
2013-12-13 10:24 - 2013-12-13 10:24 - 00073728 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OVDecode.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 29382144 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 26352128 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 24860160 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 22157824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 15716352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 13207552 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2013-12-13 10:23 - 2013-12-13 10:23 - 09753752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 08927704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 08406024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 08287008 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 07751920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 06630232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 03461040 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2013-12-13 10:23 - 2013-12-13 10:23 - 03426688 _____ C:\WINDOWS\system32\atiumd6a.cap
2013-12-13 10:23 - 2013-12-13 10:23 - 01318552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 01187342 _____ C:\WINDOWS\system32\amdocl_as64.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 01144320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 01100216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 01061902 _____ C:\WINDOWS\system32\amdocl_ld64.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00995342 _____ C:\WINDOWS\SysWOW64\amdocl_as32.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00825344 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00798734 _____ C:\WINDOWS\SysWOW64\amdocl_ld32.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00721296 _____ C:\WINDOWS\system32\atiicdxx.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00626176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2013-12-13 10:23 - 2013-12-13 10:23 - 00588288 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00550456 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2013-12-13 10:23 - 2013-12-13 10:23 - 00550456 _____ C:\WINDOWS\system32\atiapfxx.blb
2013-12-13 10:23 - 2013-12-13 10:23 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00412672 _____ C:\WINDOWS\system32\amdmiracast.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00332800 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00239616 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00234036 _____ C:\WINDOWS\system32\ativvaxy_cik.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00233776 _____ C:\WINDOWS\system32\ativvaxy_cik_nd.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00204952 _____ C:\WINDOWS\SysWOW64\ativvsvl.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00204952 _____ C:\WINDOWS\system32\ativvsvl.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00157736 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00157144 _____ C:\WINDOWS\SysWOW64\ativvsva.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00157144 _____ C:\WINDOWS\system32\ativvsva.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00143304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00142304 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00134656 _____ C:\WINDOWS\system32\amdhdl64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00126336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00123392 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00118784 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atibtmon.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00115512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00098496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00096256 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00083552 _____ C:\WINDOWS\system32\ativce02.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00074752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00063488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00057344 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00051200 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2013-12-13 10:23 - 2013-12-13 10:23 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00047887 _____ C:\WINDOWS\atiogl.xml
2013-12-13 10:23 - 2013-12-13 10:23 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00031232 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2013-12-13 10:23 - 2013-12-13 10:23 - 00003917 _____ C:\WINDOWS\SysWOW64\atipblag.dat
2013-12-13 10:23 - 2013-12-13 10:23 - 00003917 _____ C:\WINDOWS\system32\atipblag.dat
2013-12-07 12:40 - 2013-11-16 19:00 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Local\CrashDumps
2013-12-05 19:56 - 2013-12-05 19:56 - 00000000 ____D C:\Users\Petra Schäfer\Desktop\bearbeitet
2013-12-05 19:04 - 2013-12-05 19:04 - 00000000 ___SD C:\Users\Petra Schäfer\Documents\Meine Websites
2013-12-05 19:04 - 2013-12-05 18:59 - 00000000 ____D C:\Users\Petra Schäfer\Desktop\Kunstgeschichte
2013-12-05 19:03 - 2013-12-05 19:00 - 00000000 ____D C:\Users\Petra Schäfer\Desktop\Deutsch
2013-12-05 18:59 - 2013-12-05 18:59 - 00000000 ____D C:\Users\Petra Schäfer\Desktop\Homepage
2013-12-05 17:58 - 2013-12-05 17:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-12-05 17:58 - 2013-12-05 17:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Expression
2013-12-05 17:43 - 2013-12-05 17:36 - 110669400 _____ (Microsoft Corporation) C:\Users\Petra Schäfer\Downloads\Web_Trial_de.exe
2013-12-02 22:32 - 2013-12-02 17:47 - 382338678 _____ C:\WINDOWS\MEMORY.DMP
2013-12-01 11:06 - 2013-11-26 22:44 - 00000000 ____D C:\ProgramData\Adobe
2013-11-30 17:01 - 2013-11-30 11:37 - 00000000 ____D C:\Users\Petra Schäfer\Desktop\Bauhaus
2013-11-30 16:11 - 2013-11-05 02:41 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Roaming\Adobe
2013-11-30 13:01 - 2013-11-30 13:01 - 00003512 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-Petra-Petra Schäfer
2013-11-30 12:30 - 2013-11-30 12:27 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Local\Google
2013-11-30 12:27 - 2013-11-27 11:03 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Local\CaptureOne
2013-11-30 12:26 - 2013-11-30 12:26 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Local\Apps\2.0
2013-11-30 12:25 - 2013-11-30 12:25 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Local\Phase_One
2013-11-30 12:09 - 2013-11-30 12:09 - 00014848 ___SH C:\Users\Petra Schäfer\Downloads\Thumbs.db
2013-11-30 11:38 - 2013-11-30 11:38 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-11-30 00:20 - 2013-11-26 22:44 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-11-30 00:15 - 2013-11-30 00:15 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Roaming\PDAppFlex
2013-11-30 00:10 - 2013-11-30 00:10 - 00000000 ____D C:\Users\Petra Schäfer\AppData\Roaming\com.adobe.formscentral.FormsCentralForAcrobat
Some content of TEMP:
====================
C:\Users\Petra Schäfer\AppData\Local\Temp\avgnt.exe
C:\Users\Petra Schäfer\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-28 22:32
==================== End Of Log ============================
|
|
31.12.2013, 14:42
| #10 |
| /// the machine /// TB-Ausbilder | redirect winflashplayer.com popupESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
31.12.2013, 17:56
| #11 |
| | redirect winflashplayer.com popupCode:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=60681c7b2c672a4883d189b60cf5119f
# engine=16463
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-12-31 04:45:59
# local_time=2013-12-31 05:45:59 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=1799 16775165 100 94 13781 7079517 6502 0
# compatibility_mode=5893 16776574 100 94 4092854 11342061 0 0
# scanned=120743
# found=0
# cleaned=0
# scan_time=5243
Code:
ATTFilter Results of screen317's Security Check version 0.99.77 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Defender Avira Desktop Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` McAfee SiteAdvisor Malwarebytes Anti-Malware Version 1.75.0.1300 ````````Process Check: objlist.exe by Laurent```````` Avira Antivir avgnt.exe Avira Antivir avguard.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` Vielen Dank |
|
01.01.2014, 13:30
| #12 |
| /// the machine /// TB-Ausbilder | redirect winflashplayer.com popup Fertig Falls Du Lob oder Kritik loswerden möchtest kannst Du das hier tun Die Reihenfolge ist hier entscheidend.
Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.01.2014, 14:48
| #13 |
| | redirect winflashplayer.com popup Ist erledigt. ich danke dir vielmals! |
|
02.01.2014, 09:01
| #14 |
| /// the machine /// TB-Ausbilder | redirect winflashplayer.com popup Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
Linear-Darstellung
