Malware? regleaner pro und search protect

Bootsektor · 09.02.2014, 11:38

Nein, das sind nur nervige Beigaben.

zwirn · 09.02.2014, 12:03

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-02-2014
Ran by STS at 2014-02-09 12:01:25 Run:1
Running from C:\Users\STS\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Users\STS\AppData\Roaming\systweak
C:\WINDOWS\system32\roboot64.exe
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3315513&
octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP067850BC-3764-4A3C-8D03-CFCCAB0BED1C&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3315513&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP067850BC-3764-4A3C-8D03-CFCCAB0BED1C&q={searchTerms}&SSPV=
FF SearchPlugin: C:\Users\STS\AppData\Roaming\Mozilla\Firefox\Profiles\4mh195t8.default\searchplugins\conduit-search.xml
*****************

C:\Users\STS\AppData\Roaming\systweak => Moved successfully.
C:\WINDOWS\system32\roboot64.exe => Moved successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => Key deleted successfully.
HKCR\CLSID\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => Key not found.
C:\Users\STS\AppData\Roaming\Mozilla\Firefox\Profiles\4mh195t8.default\searchplugins\conduit-search.xml => Moved successfully.

==== End of Fixlog ====

Bootsektor · 09.02.2014, 16:32

Danke, mir fehlt aber immer noch die addition.txt von FRST und ein aktuelles Malwarebytes-Log.

zwirn · 09.02.2014, 17:42

Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.02.08.05

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16476
STS :: ARBEIT [Administrator]

Schutz: Aktiviert

09.02.2014 16:52:31
mbam-log-2014-02-09 (16-52-31).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 340569
Laufzeit: 31 Minute(n), 55 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-02-2014 02
Ran by STS (administrator) on ARBEIT on 09-02-2014 17:39:53
Running from C:\Users\STS\Desktop
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forums

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\MyPublicWiFi\PublicWiFiService.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2066293164-2638704917-626986965-1004\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-10-27] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-10-27] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\STS\AppData\Roaming\Mozilla\Firefox\Profiles\4mh195t8.default
FF Homepage: https://www.google.de/
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-02-07]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-02-07]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-02-07]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-02-07]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-02-07]

==================== Services (Whitelisted) =================

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 HPSLPSVC; C:\Users\STS\AppData\Local\Temp\7zS6F22\hpslpsvc64.dll [1039360 2013-07-19] (Hewlett-Packard Co.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MyPublicWiFiService; C:\Program Files (x86)\MyPublicWiFi\PublicWiFiService.exe [756224 2013-04-03] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-02-07] (Microsoft Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-02-07] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2014-02-07] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [623712 2014-02-07] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [64608 2013-05-07] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2014-02-07] (Kaspersky Lab ZAO)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R1 ndiskhaz; C:\Windows\system32\DRIVERS\ndiskhaz.sys [30536 2012-12-07] (Khalil Azzouzi)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-02-07] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [112224 2013-06-08] (Kaspersky Lab ZAO)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-09 17:39 - 2014-02-09 17:40 - 00010593 _____ () C:\Users\STS\Desktop\FRST.txt
2014-02-09 17:39 - 2014-02-09 17:39 - 00000000 ____D () C:\Users\STS\Desktop\FRST-OlderVersion
2014-02-08 22:54 - 2014-02-08 22:54 - 00078309 _____ () C:\Users\STS\Downloads\FRST.txt
2014-02-08 22:54 - 2014-02-08 22:54 - 00009194 _____ () C:\Users\STS\Downloads\Addition.txt
2014-02-08 22:53 - 2014-02-09 17:39 - 00000000 ____D () C:\FRST
2014-02-08 22:52 - 2014-02-09 17:39 - 02170880 _____ (Farbar) C:\Users\STS\Desktop\FRST64.exe
2014-02-08 10:27 - 2014-02-08 10:27 - 00001125 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-08 10:27 - 2014-02-08 10:27 - 00000000 ____D () C:\Users\STS\AppData\Roaming\Malwarebytes
2014-02-08 10:27 - 2014-02-08 10:27 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-08 10:27 - 2014-02-08 10:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-08 10:27 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-02-08 10:25 - 2014-02-08 10:27 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\STS\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-08 01:16 - 2014-02-08 01:16 - 00000999 _____ () C:\Users\Public\Desktop\MyPublicWiFi.lnk
2014-02-08 01:16 - 2014-02-08 01:16 - 00000000 ____D () C:\Program Files (x86)\MyPublicWiFi
2014-02-08 01:16 - 2012-12-07 11:28 - 00030536 _____ (Khalil Azzouzi) C:\WINDOWS\system32\Drivers\ndiskhaz.sys
2014-02-08 00:39 - 2014-02-07 23:20 - 01142856 _____ (TRUE Software ) C:\Users\STS\Desktop\MyPublicWiFi.exe
2014-02-07 23:20 - 2014-02-07 23:20 - 01142856 _____ (TRUE Software ) C:\Users\STS\Downloads\MyPublicWiFi.exe
2014-02-07 23:18 - 2014-02-07 23:18 - 00000000 ____D () C:\Users\STS\AppData\Roaming\MyPhoneExplorer
2014-02-07 23:17 - 2014-02-07 23:17 - 00002073 _____ () C:\Users\Public\Desktop\MyPhoneExplorer.lnk
2014-02-07 23:17 - 2014-02-07 23:17 - 00000000 ____D () C:\Program Files (x86)\MyPhoneExplorer
2014-02-07 23:12 - 2014-02-07 23:13 - 07080248 _____ () C:\Users\STS\Downloads\MyPhoneExplorer_Setup_1.8.5.exe
2014-02-07 21:25 - 2014-02-07 21:25 - 00000000 ____D () C:\ProgramData\HP
2014-02-07 21:23 - 2014-02-07 21:23 - 02338824 _____ () C:\Users\STS\Downloads\hppiw.exe
2014-02-07 21:19 - 2014-02-07 21:19 - 00003036 _____ () C:\WINDOWS\System32\Tasks\{66C4E4DE-7581-4E55-BEC2-BC510F0FA585}
2014-02-07 21:03 - 2014-02-07 21:07 - 00000691 _____ () C:\ProgramData\hpzinstall.log
2014-02-07 19:01 - 2014-02-07 19:01 - 00000000 ____D () C:\Users\STS\AppData\Roaming\Thunderbird
2014-02-07 19:01 - 2014-02-07 19:01 - 00000000 ____D () C:\Users\STS\AppData\Local\Thunderbird
2014-02-07 19:00 - 2014-02-07 19:00 - 00002102 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-02-07 19:00 - 2014-02-07 19:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-07 18:26 - 2014-02-07 18:28 - 21987088 _____ (Mozilla) C:\Users\STS\Downloads\Thunderbird Setup 24.3.0(1).exe
2014-02-07 17:36 - 2014-02-07 17:39 - 21987088 _____ (Mozilla) C:\Users\STS\Downloads\Thunderbird Setup 24.3.0.exe
2014-02-07 16:48 - 2014-02-07 16:48 - 00000000 ____D () C:\Users\STS\AppData\Roaming\OpenOffice
2014-02-07 15:27 - 2013-11-27 16:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-02-07 15:27 - 2013-11-27 09:20 - 04106240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-07 15:27 - 2013-11-23 12:49 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-02-07 15:26 - 2013-12-09 01:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-02-07 15:26 - 2013-12-09 01:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-02-07 15:26 - 2013-11-27 16:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-02-07 15:26 - 2013-11-27 15:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-02-07 15:26 - 2013-11-27 14:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-02-07 15:26 - 2013-11-27 13:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-02-07 15:26 - 2013-11-27 11:54 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-02-07 15:26 - 2013-11-27 11:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-07 15:26 - 2013-11-27 11:08 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-02-07 15:26 - 2013-11-27 10:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-02-07 15:26 - 2013-11-27 10:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-02-07 15:26 - 2013-11-27 10:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-02-07 15:26 - 2013-11-27 10:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-02-07 15:26 - 2013-11-27 09:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-02-07 15:26 - 2013-11-27 09:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-02-07 15:26 - 2013-11-27 05:01 - 00385614 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-02-07 15:26 - 2013-11-26 14:22 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-02-07 15:26 - 2013-11-26 14:20 - 02131120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-02-07 15:26 - 2013-11-26 14:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-02-07 15:26 - 2013-11-26 14:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-02-07 15:26 - 2013-11-26 12:50 - 01371312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-02-07 15:26 - 2013-11-26 12:44 - 02142936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-02-07 15:26 - 2013-11-26 12:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-02-07 15:26 - 2013-11-26 11:13 - 04191232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-02-07 15:26 - 2013-11-26 10:21 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-02-07 15:26 - 2013-11-26 09:28 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-02-07 15:26 - 2013-11-25 02:45 - 00142680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-02-07 15:26 - 2013-11-25 02:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-02-07 15:26 - 2013-11-25 00:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-02-07 15:26 - 2013-11-25 00:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-02-07 15:26 - 2013-11-23 13:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-02-07 15:26 - 2013-11-23 09:19 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-02-07 15:26 - 2013-11-23 08:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-02-07 15:26 - 2013-11-23 08:13 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-02-07 15:26 - 2013-11-23 08:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-02-07 15:26 - 2013-11-23 05:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-02-07 15:26 - 2013-11-23 04:57 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-02-07 15:26 - 2013-11-23 04:48 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-02-07 15:26 - 2013-11-23 04:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-02-07 15:26 - 2013-11-23 04:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-02-07 15:26 - 2013-11-23 04:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-07 15:26 - 2013-11-23 04:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-02-07 15:26 - 2013-11-21 07:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-02-07 15:26 - 2013-11-21 07:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-02-07 15:26 - 2013-11-16 06:11 - 00764856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-02-07 15:26 - 2013-11-15 19:19 - 00669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-02-07 15:26 - 2013-11-15 15:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-02-07 15:26 - 2013-11-15 15:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-02-07 15:26 - 2013-11-15 15:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-02-07 15:26 - 2013-11-15 14:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-02-07 15:26 - 2013-11-05 21:12 - 02551128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-02-07 15:26 - 2013-10-31 01:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-02-07 15:26 - 2013-10-31 00:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-02-07 15:23 - 2013-12-11 08:55 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-07 15:11 - 2014-02-07 15:11 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-02-07 15:00 - 2014-02-07 15:00 - 00001132 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-02-07 14:58 - 2014-02-07 14:59 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-02-07 14:53 - 2014-02-07 14:53 - 00000000 ____D () C:\Users\STS\Desktop\OpenOffice 4.0.1 (de) Installation Files
2014-02-07 13:38 - 2014-02-07 14:06 - 163606685 _____ () C:\Users\STS\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-02-07 13:24 - 2014-02-07 13:24 - 00002350 _____ () C:\Users\STS\Desktop\Sicherer Zahlungsverkehr.lnk
2014-02-07 13:24 - 2014-02-07 13:24 - 00001345 _____ () C:\Users\STS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security.lnk
2014-02-07 13:23 - 2014-02-07 13:23 - 00001144 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2014-02-07 13:23 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2014-02-07 13:22 - 2014-02-09 16:52 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-02-07 13:22 - 2014-02-07 14:17 - 00623712 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klif.sys
2014-02-07 13:22 - 2014-02-07 13:22 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-02-07 13:22 - 2013-06-08 20:18 - 00112224 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klflt.sys
2014-02-07 12:44 - 2014-02-07 13:19 - 256314176 _____ () C:\Users\STS\Downloads\kis14.0.0.4651abDE_5155(1).exe
2014-02-07 11:50 - 2014-02-07 11:50 - 00001454 _____ () C:\Users\STS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-07 11:49 - 2014-02-07 11:49 - 00000020 ___SH () C:\Users\STS\ntuser.ini
2014-02-07 11:40 - 2014-02-07 11:40 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-02-07 11:40 - 2014-02-07 11:40 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-02-07 11:40 - 2014-02-07 11:40 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-02-07 11:40 - 2014-02-07 11:40 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-02-07 11:40 - 2014-02-07 11:40 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-02-07 11:40 - 2014-02-07 11:40 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-02-07 11:40 - 2014-02-07 11:40 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-02-07 11:40 - 2014-02-07 11:40 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-02-07 11:40 - 2014-02-07 11:40 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-07 11:40 - 2014-02-07 11:40 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-02-07 11:40 - 2014-02-07 11:40 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-02-07 11:40 - 2014-02-07 11:40 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-02-07 11:40 - 2014-02-07 11:40 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-02-07 11:40 - 2014-02-07 11:40 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-02-07 11:40 - 2014-02-07 11:40 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-07 11:40 - 2014-02-07 11:40 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-02-07 11:40 - 2014-02-07 11:40 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-02-07 11:39 - 2014-02-07 11:39 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-02-07 11:37 - 2014-02-07 11:37 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-02-07 11:28 - 2014-02-07 11:28 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-02-07 11:27 - 2014-02-08 01:09 - 00000000 ____D () C:\Users\STS
2014-02-07 11:27 - 2014-02-07 11:39 - 00028578 _____ () C:\WINDOWS\diagwrn.xml
2014-02-07 11:27 - 2014-02-07 11:39 - 00028578 _____ () C:\WINDOWS\diagerr.xml
2014-02-07 11:27 - 2014-02-07 11:28 - 00000000 ___RD () C:\Users\STS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Vorlagen
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Startmenü
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Netzwerkumgebung
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Lokale Einstellungen
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Eigene Dateien
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Druckumgebung
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Musik
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Bilder
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Verlauf
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Anwendungsdaten
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\STS\Vorlagen
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\STS\Startmenü
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\STS\Netzwerkumgebung
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\STS\Lokale Einstellungen
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\STS\Eigene Dateien
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\STS\Druckumgebung
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\STS\Documents\Eigene Musik
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\STS\Documents\Eigene Bilder
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\STS\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\STS\AppData\Local\Verlauf
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\STS\AppData\Local\Anwendungsdaten
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\STS\Anwendungsdaten
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-02-07 11:27 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-07 11:27 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-02-07 11:27 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\STS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-07 11:27 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\STS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-02-07 11:27 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-02-07 11:27 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\STS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-02-07 11:21 - 2014-02-09 17:10 - 01781820 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-07 11:21 - 2014-02-08 12:32 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-07 11:21 - 2014-02-07 11:30 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-02-07 11:21 - 2014-02-07 11:30 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-02-07 11:21 - 2014-02-07 11:30 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-02-07 11:21 - 2014-02-07 11:21 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2014-02-07 11:21 - 2014-02-07 11:21 - 00000000 ____D () C:\WINDOWS\system32\NV
2014-02-07 11:21 - 2013-10-23 09:20 - 06669600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-02-07 11:21 - 2013-10-23 09:20 - 03489568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-02-07 11:21 - 2013-10-23 09:20 - 03426956 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-02-07 11:21 - 2013-10-23 09:20 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-02-07 11:21 - 2013-10-23 09:20 - 01064224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2014-02-07 11:21 - 2013-10-23 09:20 - 00922912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-02-07 11:21 - 2013-10-23 09:20 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-02-07 11:21 - 2013-10-23 09:20 - 00067072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2014-02-07 11:21 - 2013-10-23 09:20 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-02-07 11:20 - 2014-02-07 11:20 - 00000000 ____D () C:\Program Files\Intel
2014-02-07 11:20 - 2013-12-21 00:02 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2014-02-07 11:20 - 2013-12-21 00:02 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2014-02-07 11:17 - 2014-02-08 18:07 - 00000000 ___DC () C:\WINDOWS\Panther
2014-02-07 11:01 - 2014-02-07 11:01 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-02-07 11:01 - 2014-02-07 11:01 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-02-07 11:01 - 2014-02-07 11:01 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-02-07 11:01 - 2014-02-07 11:01 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-02-07 11:01 - 2014-02-07 11:01 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-02-07 11:01 - 2014-02-07 11:01 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-02-07 11:01 - 2014-02-07 11:01 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-02-07 11:01 - 2014-02-07 11:01 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-02-07 11:01 - 2014-02-07 11:01 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-07 11:01 - 2014-02-07 11:01 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-02-07 11:01 - 2014-02-07 11:01 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-02-07 11:01 - 2014-02-07 11:01 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-02-07 11:01 - 2014-02-07 11:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-07 11:01 - 2014-02-07 11:01 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-02-07 11:01 - 2014-02-07 11:01 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-02-07 11:01 - 2014-02-07 11:01 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-02-07 11:01 - 2014-02-07 11:01 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-02-07 11:01 - 2014-02-07 11:01 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-02-07 11:01 - 2014-02-07 11:01 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-02-07 11:01 - 2014-02-07 11:01 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-02-07 11:00 - 2014-02-07 11:00 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-07 11:00 - 2014-02-07 11:00 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-07 11:00 - 2014-02-07 11:00 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-02-07 11:00 - 2014-02-07 11:00 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-02-07 11:00 - 2014-02-07 11:00 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-02-07 11:00 - 2014-02-07 11:00 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-02-07 11:00 - 2014-02-07 11:00 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-02-07 11:00 - 2014-02-07 11:00 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-02-07 11:00 - 2014-02-07 11:00 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-02-07 11:00 - 2014-02-07 11:00 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-02-07 11:00 - 2014-02-07 11:00 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-02-07 11:00 - 2014-02-07 11:00 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-02-07 11:00 - 2014-02-07 11:00 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-02-07 11:00 - 2014-02-07 11:00 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-07 11:00 - 2014-02-07 11:00 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2014-02-07 11:00 - 2014-02-07 11:00 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-02-07 11:00 - 2014-02-07 11:00 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-02-07 11:00 - 2014-02-07 11:00 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-02-07 10:59 - 2014-02-07 10:59 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-02-07 10:24 - 2014-02-07 11:39 - 00006654 _____ () C:\WINDOWS\comsetup.log
2014-02-06 23:57 - 2014-02-07 23:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-06 23:57 - 2014-02-06 23:57 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-06 23:57 - 2014-02-06 23:57 - 00000000 ____D () C:\Users\STS\AppData\Roaming\Mozilla
2014-02-06 23:57 - 2014-02-06 23:57 - 00000000 ____D () C:\Users\STS\AppData\Local\Mozilla
2014-02-06 23:57 - 2014-02-06 23:57 - 00000000 ____D () C:\ProgramData\Mozilla
2014-02-06 23:57 - 2014-02-06 23:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-06 23:50 - 2014-02-06 23:51 - 00003542 _____ () C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2014-02-06 23:50 - 2014-02-06 23:50 - 00002065 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2014-02-06 23:19 - 2014-02-06 23:19 - 00000136 _____ () C:\WINDOWS\system32\netcfg-212843.txt
2014-02-06 23:19 - 2014-02-06 23:19 - 00000134 _____ () C:\WINDOWS\system32\netcfg-212671.txt
2014-02-06 23:19 - 2014-02-06 23:19 - 00000134 _____ () C:\WINDOWS\system32\netcfg-208859.txt
2014-02-06 22:24 - 2014-01-19 08:33 - 00270496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-02-06 21:49 - 2014-02-06 21:50 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-06 21:49 - 2014-01-06 16:20 - 86054176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-06 21:14 - 2014-02-06 21:14 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-02-06 19:51 - 2013-05-04 05:51 - 00014848 ____N (Microsoft) C:\WINDOWS\system32\rars.rs
2014-02-06 19:51 - 2013-05-04 05:10 - 00014848 ____N (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2014-02-06 19:34 - 2014-02-08 11:32 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2066293164-2638704917-626986965-1001
2014-02-06 19:29 - 2014-02-06 19:29 - 00000117 _____ () C:\WINDOWS\system32\netcfg-3766140.txt
2014-02-06 18:54 - 2014-02-06 18:54 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1694828.txt
2014-02-06 18:51 - 2014-02-06 18:51 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1503312.txt
2014-02-06 18:51 - 2014-02-06 18:51 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1469703.txt
2014-02-06 18:50 - 2014-02-06 18:50 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1423109.txt
2014-02-06 18:50 - 2014-02-06 18:50 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1422328.txt
2014-02-06 18:44 - 2014-02-07 16:47 - 00000000 ___RD () C:\Users\STS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-06 18:44 - 2014-02-07 16:47 - 00000000 ___RD () C:\Users\STS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-06 18:44 - 2014-02-06 18:44 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-02-06 18:44 - 2014-02-06 18:44 - 00000000 ____D () C:\Users\STS\AppData\Roaming\Adobe
2014-02-06 18:43 - 2014-02-07 15:11 - 00000000 ____D () C:\Users\STS\AppData\Local\Packages
2014-02-06 18:43 - 2014-02-07 11:30 - 00000000 ____D () C:\ProgramData\PRICache
2014-02-06 18:43 - 2014-02-07 10:39 - 01397491 _____ () C:\WINDOWS\WindowsUpdate (1).log
2014-02-06 18:43 - 2014-02-06 18:43 - 00000000 ____D () C:\Users\STS\AppData\Local\VirtualStore
2014-02-06 18:40 - 2014-02-06 18:40 - 00000117 _____ () C:\WINDOWS\system32\netcfg-836750.txt
2014-02-06 18:40 - 2014-02-06 18:40 - 00000117 _____ () C:\WINDOWS\system32\netcfg-832812.txt
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\Users\Default.migrated\Vorlagen
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\Users\Default.migrated\Startmenü
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\Users\Default.migrated\Netzwerkumgebung
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\Users\Default.migrated\Lokale Einstellungen
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\Users\Default.migrated\Eigene Dateien
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\Users\Default.migrated\Druckumgebung
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Musik
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Bilder
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Verlauf
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Anwendungsdaten
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\Users\Default.migrated\Anwendungsdaten
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-02-06 17:58 - 2014-02-06 17:58 - 00001136 _____ () C:\WINDOWS\system32\netcfg-198546.txt
2014-02-06 17:58 - 2014-02-06 17:58 - 00001136 _____ () C:\WINDOWS\system32\netcfg-170734.txt
2014-02-06 17:58 - 2014-02-06 17:58 - 00000197 _____ () C:\WINDOWS\system32\netcfg-199390.txt
2014-02-06 17:58 - 2014-02-06 17:58 - 00000185 _____ () C:\WINDOWS\system32\netcfg-183640.txt
2014-02-06 17:58 - 2014-02-06 17:58 - 00000164 _____ () C:\WINDOWS\system32\netcfg-176390.txt
2014-02-06 17:58 - 2014-02-06 17:58 - 00000161 _____ () C:\WINDOWS\system32\netcfg-178875.txt
2014-02-06 17:58 - 2014-02-06 17:58 - 00000160 _____ () C:\WINDOWS\system32\netcfg-178421.txt
2014-02-06 17:58 - 2014-02-06 17:58 - 00000160 _____ () C:\WINDOWS\system32\netcfg-177500.txt
2014-02-06 17:58 - 2014-02-06 17:58 - 00000160 _____ () C:\WINDOWS\system32\netcfg-175843.txt
2014-02-06 17:58 - 2014-02-06 17:58 - 00000159 _____ () C:\WINDOWS\system32\netcfg-177062.txt
2014-02-06 17:58 - 2014-02-06 17:58 - 00000157 _____ () C:\WINDOWS\system32\netcfg-177890.txt
2014-02-06 17:58 - 2014-02-06 17:58 - 00000157 _____ () C:\WINDOWS\system32\netcfg-169515.txt
2014-02-06 17:58 - 2014-02-06 17:58 - 00000150 _____ () C:\WINDOWS\system32\netcfg-176750.txt

==================== One Month Modified Files and Folders =======

2014-02-09 17:40 - 2014-02-09 17:39 - 00010593 _____ () C:\Users\STS\Desktop\FRST.txt
2014-02-09 17:39 - 2014-02-09 17:39 - 00000000 ____D () C:\Users\STS\Desktop\FRST-OlderVersion
2014-02-09 17:39 - 2014-02-08 22:53 - 00000000 ____D () C:\FRST
2014-02-09 17:39 - 2014-02-08 22:52 - 02170880 _____ (Farbar) C:\Users\STS\Desktop\FRST64.exe
2014-02-09 17:10 - 2014-02-07 11:21 - 01781820 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-09 17:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-02-09 16:52 - 2014-02-07 13:22 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-02-08 22:54 - 2014-02-08 22:54 - 00078309 _____ () C:\Users\STS\Downloads\FRST.txt
2014-02-08 22:54 - 2014-02-08 22:54 - 00009194 _____ () C:\Users\STS\Downloads\Addition.txt
2014-02-08 18:07 - 2014-02-07 11:17 - 00000000 ___DC () C:\WINDOWS\Panther
2014-02-08 12:32 - 2014-02-07 11:21 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-08 12:32 - 2013-11-13 23:18 - 00004686 _____ () C:\WINDOWS\PFRO.log
2014-02-08 12:32 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-08 11:32 - 2014-02-06 19:34 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2066293164-2638704917-626986965-1001
2014-02-08 10:27 - 2014-02-08 10:27 - 00001125 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-08 10:27 - 2014-02-08 10:27 - 00000000 ____D () C:\Users\STS\AppData\Roaming\Malwarebytes
2014-02-08 10:27 - 2014-02-08 10:27 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-08 10:27 - 2014-02-08 10:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-08 10:27 - 2014-02-08 10:25 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\STS\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-08 01:16 - 2014-02-08 01:16 - 00000999 _____ () C:\Users\Public\Desktop\MyPublicWiFi.lnk
2014-02-08 01:16 - 2014-02-08 01:16 - 00000000 ____D () C:\Program Files (x86)\MyPublicWiFi
2014-02-08 01:09 - 2014-02-07 11:27 - 00000000 ____D () C:\Users\STS
2014-02-07 23:55 - 2013-11-14 08:27 - 01686150 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-07 23:55 - 2013-11-14 08:11 - 00727930 _____ () C:\WINDOWS\system32\perfh007.dat
2014-02-07 23:55 - 2013-11-14 08:11 - 00151586 _____ () C:\WINDOWS\system32\perfc007.dat
2014-02-07 23:37 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-02-07 23:23 - 2014-02-06 23:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-07 23:20 - 2014-02-08 00:39 - 01142856 _____ (TRUE Software ) C:\Users\STS\Desktop\MyPublicWiFi.exe
2014-02-07 23:20 - 2014-02-07 23:20 - 01142856 _____ (TRUE Software ) C:\Users\STS\Downloads\MyPublicWiFi.exe
2014-02-07 23:18 - 2014-02-07 23:18 - 00000000 ____D () C:\Users\STS\AppData\Roaming\MyPhoneExplorer
2014-02-07 23:17 - 2014-02-07 23:17 - 00002073 _____ () C:\Users\Public\Desktop\MyPhoneExplorer.lnk
2014-02-07 23:17 - 2014-02-07 23:17 - 00000000 ____D () C:\Program Files (x86)\MyPhoneExplorer
2014-02-07 23:13 - 2014-02-07 23:12 - 07080248 _____ () C:\Users\STS\Downloads\MyPhoneExplorer_Setup_1.8.5.exe
2014-02-07 21:27 - 2013-08-22 16:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-02-07 21:27 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2014-02-07 21:25 - 2014-02-07 21:25 - 00000000 ____D () C:\ProgramData\HP
2014-02-07 21:23 - 2014-02-07 21:23 - 02338824 _____ () C:\Users\STS\Downloads\hppiw.exe
2014-02-07 21:19 - 2014-02-07 21:19 - 00003036 _____ () C:\WINDOWS\System32\Tasks\{66C4E4DE-7581-4E55-BEC2-BC510F0FA585}
2014-02-07 21:07 - 2014-02-07 21:03 - 00000691 _____ () C:\ProgramData\hpzinstall.log
2014-02-07 19:01 - 2014-02-07 19:01 - 00000000 ____D () C:\Users\STS\AppData\Roaming\Thunderbird
2014-02-07 19:01 - 2014-02-07 19:01 - 00000000 ____D () C:\Users\STS\AppData\Local\Thunderbird
2014-02-07 19:00 - 2014-02-07 19:00 - 00002102 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-02-07 19:00 - 2014-02-07 19:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-07 18:28 - 2014-02-07 18:26 - 21987088 _____ (Mozilla) C:\Users\STS\Downloads\Thunderbird Setup 24.3.0(1).exe
2014-02-07 17:39 - 2014-02-07 17:36 - 21987088 _____ (Mozilla) C:\Users\STS\Downloads\Thunderbird Setup 24.3.0.exe
2014-02-07 17:24 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-02-07 16:48 - 2014-02-07 16:48 - 00000000 ____D () C:\Users\STS\AppData\Roaming\OpenOffice
2014-02-07 16:47 - 2014-02-06 18:44 - 00000000 ___RD () C:\Users\STS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-07 16:47 - 2014-02-06 18:44 - 00000000 ___RD () C:\Users\STS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-07 15:49 - 2013-08-22 15:44 - 00360464 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-02-07 15:45 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-07 15:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-07 15:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-07 15:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-02-07 15:45 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-02-07 15:45 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-02-07 15:11 - 2014-02-07 15:11 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-02-07 15:11 - 2014-02-06 18:43 - 00000000 ____D () C:\Users\STS\AppData\Local\Packages
2014-02-07 15:00 - 2014-02-07 15:00 - 00001132 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-02-07 14:59 - 2014-02-07 14:58 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-02-07 14:56 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-02-07 14:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-02-07 14:53 - 2014-02-07 14:53 - 00000000 ____D () C:\Users\STS\Desktop\OpenOffice 4.0.1 (de) Installation Files
2014-02-07 14:17 - 2014-02-07 13:22 - 00623712 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klif.sys
2014-02-07 14:17 - 2013-10-17 15:47 - 00458336 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kl1.sys
2014-02-07 14:17 - 2013-06-06 17:38 - 00178272 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kneps.sys
2014-02-07 14:17 - 2012-07-27 18:38 - 00029792 _____ (Kaspersky Lab) C:\WINDOWS\system32\Drivers\klelam.sys
2014-02-07 14:06 - 2014-02-07 13:38 - 163606685 _____ () C:\Users\STS\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-02-07 13:24 - 2014-02-07 13:24 - 00002350 _____ () C:\Users\STS\Desktop\Sicherer Zahlungsverkehr.lnk
2014-02-07 13:24 - 2014-02-07 13:24 - 00001345 _____ () C:\Users\STS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security.lnk
2014-02-07 13:23 - 2014-02-07 13:23 - 00001144 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2014-02-07 13:23 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-02-07 13:22 - 2014-02-07 13:22 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-02-07 13:22 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-02-07 13:19 - 2014-02-07 12:44 - 256314176 _____ () C:\Users\STS\Downloads\kis14.0.0.4651abDE_5155(1).exe
2014-02-07 11:50 - 2014-02-07 11:50 - 00001454 _____ () C:\Users\STS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-07 11:49 - 2014-02-07 11:49 - 00000020 ___SH () C:\Users\STS\ntuser.ini
2014-02-07 11:41 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-02-07 11:40 - 2014-02-07 11:40 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-02-07 11:40 - 2014-02-07 11:40 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-02-07 11:40 - 2014-02-07 11:40 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-02-07 11:40 - 2014-02-07 11:40 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-02-07 11:40 - 2014-02-07 11:40 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-02-07 11:40 - 2014-02-07 11:40 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-02-07 11:40 - 2014-02-07 11:40 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-02-07 11:40 - 2014-02-07 11:40 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-02-07 11:40 - 2014-02-07 11:40 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-07 11:40 - 2014-02-07 11:40 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-02-07 11:40 - 2014-02-07 11:40 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-02-07 11:40 - 2014-02-07 11:40 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-02-07 11:40 - 2014-02-07 11:40 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-02-07 11:40 - 2014-02-07 11:40 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-02-07 11:40 - 2014-02-07 11:40 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-07 11:40 - 2014-02-07 11:40 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-02-07 11:40 - 2014-02-07 11:40 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-02-07 11:40 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2014-02-07 11:40 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2014-02-07 11:39 - 2014-02-07 11:39 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-02-07 11:39 - 2014-02-07 11:27 - 00028578 _____ () C:\WINDOWS\diagwrn.xml
2014-02-07 11:39 - 2014-02-07 11:27 - 00028578 _____ () C:\WINDOWS\diagerr.xml
2014-02-07 11:39 - 2014-02-07 10:24 - 00006654 _____ () C:\WINDOWS\comsetup.log
2014-02-07 11:39 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-02-07 11:39 - 2013-08-22 15:46 - 00327699 _____ () C:\WINDOWS\setupact.log
2014-02-07 11:37 - 2014-02-07 11:37 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-02-07 11:36 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-02-07 11:36 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-02-07 11:32 - 2013-11-14 08:11 - 00000000 ____D () C:\WINDOWS\SysWOW64\winrm
2014-02-07 11:32 - 2013-11-14 08:11 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-02-07 11:32 - 2013-11-14 08:11 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-02-07 11:32 - 2013-11-14 08:11 - 00000000 ____D () C:\WINDOWS\SysWOW64\slmgr
2014-02-07 11:32 - 2013-11-14 08:11 - 00000000 ____D () C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2014-02-07 11:32 - 2013-08-22 16:37 - 00004893 _____ () C:\WINDOWS\DtcInstall.log
2014-02-07 11:32 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-02-07 11:32 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-02-07 11:32 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-02-07 11:32 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-02-07 11:32 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2014-02-07 11:32 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2014-02-07 11:31 - 2013-11-14 08:11 - 00000000 ____D () C:\WINDOWS\system32\winrm
2014-02-07 11:31 - 2013-11-14 08:11 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-02-07 11:31 - 2013-11-14 08:11 - 00000000 ____D () C:\WINDOWS\system32\slmgr
2014-02-07 11:31 - 2013-11-14 08:11 - 00000000 ____D () C:\WINDOWS\system32\Printing_Admin_Scripts
2014-02-07 11:31 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-02-07 11:31 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2014-02-07 11:31 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2014-02-07 11:31 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-02-07 11:31 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-02-07 11:31 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-02-07 11:31 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-02-07 11:31 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-02-07 11:30 - 2014-02-07 11:21 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-02-07 11:30 - 2014-02-07 11:21 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-02-07 11:30 - 2014-02-07 11:21 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-02-07 11:30 - 2014-02-06 18:43 - 00000000 ____D () C:\ProgramData\PRICache
2014-02-07 11:30 - 2013-11-14 08:13 - 00000000 ____D () C:\Program Files\Windows Journal
2014-02-07 11:30 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-02-07 11:30 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-02-07 11:30 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-02-07 11:30 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-02-07 11:30 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-02-07 11:30 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME
2014-02-07 11:30 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2014-02-07 11:30 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-02-07 11:30 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System
2014-02-07 11:30 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-02-07 11:28 - 2014-02-07 11:28 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-02-07 11:28 - 2014-02-07 11:27 - 00000000 ___RD () C:\Users\STS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-02-07 11:28 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Vorlagen
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Startmenü
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Netzwerkumgebung
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Lokale Einstellungen
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Eigene Dateien
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Druckumgebung
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Musik
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Bilder
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Verlauf
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Anwendungsdaten
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\STS\Vorlagen
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\STS\Startmenü
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\STS\Netzwerkumgebung
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\STS\Lokale Einstellungen
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\STS\Eigene Dateien
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\STS\Druckumgebung
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\STS\Documents\Eigene Musik
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\STS\Documents\Eigene Bilder
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\STS\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\STS\AppData\Local\Verlauf
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\STS\AppData\Local\Anwendungsdaten
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 _SHDL () C:\Users\STS\Anwendungsdaten
2014-02-07 11:27 - 2014-02-07 11:27 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-02-07 11:21 - 2014-02-07 11:21 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2014-02-07 11:21 - 2014-02-07 11:21 - 00000000 ____D () C:\WINDOWS\system32\NV
2014-02-07 11:20 - 2014-02-07 11:20 - 00000000 ____D () C:\Program Files\Intel
2014-02-07 11:17 - 2013-10-16 14:44 - 00000000 __SHD () C:\Recovery
2014-02-07 11:15 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-02-07 11:01 - 2014-02-07 11:01 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-02-07 11:01 - 2014-02-07 11:01 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-02-07 11:01 - 2014-02-07 11:01 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-02-07 11:01 - 2014-02-07 11:01 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-02-07 11:01 - 2014-02-07 11:01 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-02-07 11:01 - 2014-02-07 11:01 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-02-07 11:01 - 2014-02-07 11:01 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-02-07 11:01 - 2014-02-07 11:01 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-02-07 11:01 - 2014-02-07 11:01 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-07 11:01 - 2014-02-07 11:01 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-02-07 11:01 - 2014-02-07 11:01 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-02-07 11:01 - 2014-02-07 11:01 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-02-07 11:01 - 2014-02-07 11:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-07 11:01 - 2014-02-07 11:01 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-02-07 11:01 - 2014-02-07 11:01 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-02-07 11:01 - 2014-02-07 11:01 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-02-07 11:01 - 2014-02-07 11:01 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-02-07 11:01 - 2014-02-07 11:01 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-02-07 11:01 - 2014-02-07 11:01 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-02-07 11:01 - 2014-02-07 11:01 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-02-07 11:00 - 2014-02-07 11:00 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-07 11:00 - 2014-02-07 11:00 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-07 11:00 - 2014-02-07 11:00 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-02-07 11:00 - 2014-02-07 11:00 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-02-07 11:00 - 2014-02-07 11:00 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-02-07 11:00 - 2014-02-07 11:00 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-02-07 11:00 - 2014-02-07 11:00 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-02-07 11:00 - 2014-02-07 11:00 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-02-07 11:00 - 2014-02-07 11:00 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-02-07 11:00 - 2014-02-07 11:00 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-02-07 11:00 - 2014-02-07 11:00 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-02-07 11:00 - 2014-02-07 11:00 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-02-07 11:00 - 2014-02-07 11:00 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-02-07 11:00 - 2014-02-07 11:00 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-07 11:00 - 2014-02-07 11:00 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2014-02-07 11:00 - 2014-02-07 11:00 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-02-07 11:00 - 2014-02-07 11:00 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-02-07 11:00 - 2014-02-07 11:00 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-02-07 11:00 - 2014-02-07 11:00 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-02-07 10:59 - 2014-02-07 10:59 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-02-07 10:39 - 2014-02-06 18:43 - 01397491 _____ () C:\WINDOWS\WindowsUpdate (1).log
2014-02-07 09:23 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-02-07 01:43 - 2012-08-30 08:04 - 00749116 _____ () C:\WINDOWS\system32\perfh015.dat
2014-02-07 01:43 - 2012-08-30 08:04 - 00151616 _____ () C:\WINDOWS\system32\perfc015.dat
2014-02-07 01:43 - 2012-08-30 08:02 - 00741758 _____ () C:\WINDOWS\system32\prfh0816.dat
2014-02-07 01:43 - 2012-08-30 08:02 - 00152194 _____ () C:\WINDOWS\system32\prfc0816.dat
2014-02-07 01:43 - 2012-08-30 07:59 - 00695714 _____ () C:\WINDOWS\system32\perfh00E.dat
2014-02-07 01:43 - 2012-08-30 07:59 - 00166238 _____ () C:\WINDOWS\system32\perfc00E.dat
2014-02-07 01:43 - 2012-08-30 07:54 - 00420230 _____ () C:\WINDOWS\system32\perfh006.dat
2014-02-07 01:43 - 2012-08-30 07:54 - 00071642 _____ () C:\WINDOWS\system32\perfc006.dat
2014-02-07 01:43 - 2012-08-30 07:49 - 00745136 _____ () C:\WINDOWS\system32\perfh010.dat
2014-02-07 01:43 - 2012-08-30 07:49 - 00144828 _____ () C:\WINDOWS\system32\perfc010.dat
2014-02-07 01:43 - 2012-08-30 07:44 - 00753602 _____ () C:\WINDOWS\system32\perfh00C.dat
2014-02-07 01:43 - 2012-08-30 07:44 - 00147304 _____ () C:\WINDOWS\system32\perfc00C.dat
2014-02-06 23:57 - 2014-02-06 23:57 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-06 23:57 - 2014-02-06 23:57 - 00000000 ____D () C:\Users\STS\AppData\Roaming\Mozilla
2014-02-06 23:57 - 2014-02-06 23:57 - 00000000 ____D () C:\Users\STS\AppData\Local\Mozilla
2014-02-06 23:57 - 2014-02-06 23:57 - 00000000 ____D () C:\ProgramData\Mozilla
2014-02-06 23:57 - 2014-02-06 23:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-06 23:51 - 2014-02-06 23:50 - 00003542 _____ () C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2014-02-06 23:50 - 2014-02-06 23:50 - 00002065 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2014-02-06 23:19 - 2014-02-06 23:19 - 00000136 _____ () C:\WINDOWS\system32\netcfg-212843.txt
2014-02-06 23:19 - 2014-02-06 23:19 - 00000134 _____ () C:\WINDOWS\system32\netcfg-212671.txt
2014-02-06 23:19 - 2014-02-06 23:19 - 00000134 _____ () C:\WINDOWS\system32\netcfg-208859.txt
2014-02-06 21:50 - 2014-02-06 21:49 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-06 21:14 - 2014-02-06 21:14 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-02-06 19:29 - 2014-02-06 19:29 - 00000117 _____ () C:\WINDOWS\system32\netcfg-3766140.txt
2014-02-06 18:54 - 2014-02-06 18:54 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1694828.txt
2014-02-06 18:51 - 2014-02-06 18:51 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1503312.txt
2014-02-06 18:51 - 2014-02-06 18:51 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1469703.txt
2014-02-06 18:50 - 2014-02-06 18:50 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1423109.txt
2014-02-06 18:50 - 2014-02-06 18:50 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1422328.txt
2014-02-06 18:44 - 2014-02-06 18:44 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-02-06 18:44 - 2014-02-06 18:44 - 00000000 ____D () C:\Users\STS\AppData\Roaming\Adobe
2014-02-06 18:43 - 2014-02-06 18:43 - 00000000 ____D () C:\Users\STS\AppData\Local\VirtualStore
2014-02-06 18:40 - 2014-02-06 18:40 - 00000117 _____ () C:\WINDOWS\system32\netcfg-836750.txt
2014-02-06 18:40 - 2014-02-06 18:40 - 00000117 _____ () C:\WINDOWS\system32\netcfg-832812.txt
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\Users\Default.migrated\Vorlagen
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\Users\Default.migrated\Startmenü
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\Users\Default.migrated\Netzwerkumgebung
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\Users\Default.migrated\Lokale Einstellungen
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\Users\Default.migrated\Eigene Dateien
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\Users\Default.migrated\Druckumgebung
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Musik
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Bilder
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Verlauf
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Anwendungsdaten
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\Users\Default.migrated\Anwendungsdaten
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-02-06 18:28 - 2014-02-06 18:28 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-02-06 17:58 - 2014-02-06 17:58 - 00001136 _____ () C:\WINDOWS\system32\netcfg-198546.txt
2014-02-06 17:58 - 2014-02-06 17:58 - 00001136 _____ () C:\WINDOWS\system32\netcfg-170734.txt
2014-02-06 17:58 - 2014-02-06 17:58 - 00000197 _____ () C:\WINDOWS\system32\netcfg-199390.txt
2014-02-06 17:58 - 2014-02-06 17:58 - 00000185 _____ () C:\WINDOWS\system32\netcfg-183640.txt
2014-02-06 17:58 - 2014-02-06 17:58 - 00000164 _____ () C:\WINDOWS\system32\netcfg-176390.txt
2014-02-06 17:58 - 2014-02-06 17:58 - 00000161 _____ () C:\WINDOWS\system32\netcfg-178875.txt
2014-02-06 17:58 - 2014-02-06 17:58 - 00000160 _____ () C:\WINDOWS\system32\netcfg-178421.txt
2014-02-06 17:58 - 2014-02-06 17:58 - 00000160 _____ () C:\WINDOWS\system32\netcfg-177500.txt
2014-02-06 17:58 - 2014-02-06 17:58 - 00000160 _____ () C:\WINDOWS\system32\netcfg-175843.txt
2014-02-06 17:58 - 2014-02-06 17:58 - 00000159 _____ () C:\WINDOWS\system32\netcfg-177062.txt
2014-02-06 17:58 - 2014-02-06 17:58 - 00000157 _____ () C:\WINDOWS\system32\netcfg-177890.txt
2014-02-06 17:58 - 2014-02-06 17:58 - 00000157 _____ () C:\WINDOWS\system32\netcfg-169515.txt
2014-02-06 17:58 - 2014-02-06 17:58 - 00000150 _____ () C:\WINDOWS\system32\netcfg-176750.txt
2014-01-30 21:47 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-30 21:47 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-19 08:33 - 2014-02-06 22:24 - 00270496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-07 11:19

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-02-2014 02
Ran by STS at 2014-02-09 17:40:34
Running from C:\Users\STS\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

Intel(R) Processor Graphics (x32 Version: 10.18.10.3379 - Intel Corporation)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 27.0 (x86 de) (x32 Version: 27.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 24.3.0 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (x32 Version: 24.3.0 - Mozilla)
MyPhoneExplorer (x32 Version: 1.8.5 - F.J. Wechselberger)
MyPublicWiFi 5.1 (x32 Version:  - TRUE Software)
NVIDIA 3D Vision Treiber 331.65 (Version: 331.65 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (Version: 331.65 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.15.2 (Version: 1.15.2 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 1.15.2 (Version: 1.15.2 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden
OpenOffice 4.0.1 (x32 Version: 4.01.9714 - Apache Software Foundation)

==================== Restore Points  =========================

07-02-2014 13:54:17 Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

==================== Hosts content: ==========================

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE

==================== Loaded Modules (whitelisted) =============

2013-12-21 00:02 - 2013-12-21 00:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-10-27 09:03 - 2013-10-27 09:03 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-02-06 23:57 - 2014-01-28 07:54 - 03583600 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Officejet Pro K550
Description: Officejet Pro K550
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (02/09/2014 00:09:44 PM) (Source: DCOM) (User: Arbeit)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (02/09/2014 00:09:14 PM) (Source: DCOM) (User: Arbeit)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (02/08/2014 04:23:17 AM) (Source: DCOM) (User: Arbeit)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (02/08/2014 04:22:47 AM) (Source: DCOM) (User: Arbeit)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (02/08/2014 01:09:56 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "MyPublicWiFi Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (02/08/2014 00:51:06 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎08.‎02.‎2014 um 00:33:37 unerwartet heruntergefahren.

Error: (02/07/2014 03:45:32 PM) (Source: DCOM) (User: Arbeit)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (02/07/2014 02:17:36 PM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (02/07/2014 11:39:52 AM) (Source: NETLOGON) (User: )
Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als
Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser
Konfiguration nicht gestartet zu sein.

Error: (02/07/2014 11:39:21 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 42%
Total physical RAM: 3977.04 MB
Available physical RAM: 2277.74 MB
Total Pagefile: 5385.04 MB
Available Pagefile: 3449.04 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:869.46 GB) (Free:846.02 GB) NTFS
Drive d: (Recover) (Fixed) (Total:60 GB) (Free:38.53 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 00000000)

Partition: GPT Partition Type
==================== End Of Log ============================

--- --- ---

Bootsektor · 10.02.2014, 10:26

Hallo zwirn,

Mehrere Anti-Virus-Programme

Code:

ATTFilter

Windows Defender
Kaspersky

Mir ist aufgefallen, dass Du mehr als ein Anti-Virus-Programm mit Hintergrundwächter laufen hast. Das ist gefährlich, da sich die Programme in die Quere kommen können und dadurch Viren erst recht auf dem Rechner landen können. Ausserdem bremst es auch das System aus. Entscheide Dich für eine Variante und deinstalliere die andere über Systemsteuerung => Software.

>OK<

So wie ich es sehe, haben wir damit alles Schadhafte entfernt. Deine Logs sind sauber.
Abschließend räumen wir noch etwas auf und dann bekommst du noch etwas Lesestoff von mir.

Schritt 1
Falls Du Malwarebytes-Antimalware nicht mehr benötigst, kannst Du es einfach über die Programmdeinstallation deinstallieren.
Ich empfehle Dir aber Malwarebytes zu behalten, und damit einmal die Woche einen Kontrollscan zu machen.

Schritt 2
Downloade dir bitte delfix auf deinen Desktop.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.
DelFix entfernt u. a. alle verwendeten Programme und löscht sich abschließend selbst.

Nun zum Schluss noch ein paar Tipps zur Absicherung deines Systems.

Aktualität des Systems
Es ist extrem wichtig, dass sowohl dein System als auch die darauf installierte sicherheitsrelevante Software (Flash Player, PDF-Reader und besonders Java, sofern vorhanden) aktuell sind.

Bitte überprüfe, ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.

Antivirensoftware

Gehe sicher immer eine Antiviren Software installiert zu haben und halte diese unbedingt aktuell.

Zusätzlicher Schutz

MalwareBytes Anti-Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On-Demand Scantool welches viele aktuelle Malware erkennt und auch entfernt.
Aktualisiere das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der Internet Explorer, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf einen Banner um diesen zu AdBlockPlus hinzuzufügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Systemleistung
Lösche regelmäßig deine temporären Dateien. Ich empfehle hierzu TFC
Halte dich fern von jeglichen Registry Cleanern.
Diese schaden deinem System mehr als dass sie es schneller machen.

Verhaltensregeln zum sichereren Surfen

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Achte besonders bei der Installation von Programmen darauf, ob sich weitere Software mitinstallieren möchte, wähle wo immer es geht die benutzerdefinierte Installation und wähle alles ab, was nichts mit dem Programm zu tun hat, welches du dir installieren möchtest.

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Falls Du Lob oder Kritik abgeben möchtest, kannst Du das sehr gerne hier tun.

Wenn Du etwas für das Forum und unsere Arbeit spenden möchtest, so kannst Du das hier tun.

zwirn · 10.02.2014, 11:14

Hallo Sandra,
erstmal herzlichen Dank soweit!!!

Unter Win8.1 und Programme deinstallieren taucht der Defender nicht auf.
Wenn ich unter Suche Defender eingebe und dann das Defender-Icon anklicke bekomme ich die Meldung: App wurde deaktiviert. Sonst passiert da nix??

LG Zwirn

Bootsektor · 10.02.2014, 11:53

Hallo zwirn,

das passt dann auch so.

zwirn · 10.02.2014, 12:23

Ich denke das wars für den Moment.

Herzlichen und lieben Dank für die Hilfe!!!!!!!!

Liebe Grüße
Zwirn

Bootsektor · 10.02.2014, 23:23

Zitat:

Ich denke das wars für den Moment.

Herzlichen und lieben Dank für die Hilfe!!!!!!!!

Bitte schön, gern geschehen.

09.02.2014, 11:38	#16
Bootsektor Ruhe in Frieden † 2019	Malware? regleaner pro und search protect Nein, das sind nur nervige Beigaben. __________________ Grüße stolzes Mitglied von UNITE Du hast Lob oder Verbesserungsvorschläge? Du findest unsere Arbeit gut und möchtest uns finanziell unterstützen? -> Spende

09.02.2014, 16:32	#18
Bootsektor Ruhe in Frieden † 2019	Malware? regleaner pro und search protect Danke, mir fehlt aber immer noch die addition.txt von FRST und ein aktuelles Malwarebytes-Log. __________________ __________________

10.02.2014, 11:53	#22
Bootsektor Ruhe in Frieden † 2019	Malware? regleaner pro und search protect Hallo zwirn, das passt dann auch so. __________________ Grüße stolzes Mitglied von UNITE Du hast Lob oder Verbesserungsvorschläge? Du findest unsere Arbeit gut und möchtest uns finanziell unterstützen? -> Spende

Malware? regleaner pro und search protect

Plagegeister aller Art und deren Bekämpfung: Malware? regleaner pro und search protect