Win 8.1 - Selbstoeffnender-tab-regclean-systweak

Rheinfall · 13.02.2014, 19:18

Hallo wertes TB-Team,
auf meinem Laptop mit Win 8.1 hat mich dasselbe Problem ereilt wie einen der Vorredner (der allerdings Win 7 betrieb): Bei mir öffnet sich sporadisch ohne mein Zutun im Firefox ein Tab von systweak, der regclean pro bewirbt und mich zur Installation / Download auffordert. Meine Laien-Versuche mit adwcleaner, norman malware cleaner, ccleaner, junkware removal tool, malwarebytes antimalware, avira eu cleaner blieben erfolglos. Leider liegen keine Logfiles mehr dazu vor. Allerdings bin ich gut vorbereitet und habe gestern (12.2.2014) die Files zum defogger, frst, adition und GMER gemäß Ihrer Anleitung erstellt. Da im Fall des Vorredners explizit von Ihnen betont wird, Tools wie Combifix nur nach Ihrer Anweisung zu nutzen, möchte ich nicht "blind" dessen Lösung nachvollziehen, sondern wende mich mit meinen Problem an Sie mit Bitte um Hilfe.
Beste Grüße, Rheinfall

cosinus · 13.02.2014, 19:49

Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Rheinfall · 13.02.2014, 20:38

Hallo cosinus,
wie geschrieben, sind alle logs gelöscht. Ich hbae nur im Sinn, dass ein Tool die Datei Freemake video converter setup.exe moniert hat. Habe ich dann entfernt. Aber leider kein Log mehr. Sorry. Bin eben Laie. Hier aber die defogger, frst, addition und GMER txt-Dateien. Mehr kann ich leider nciht mehr bieten, zumal Sie ja gebeten haben KEINEN neuen Scan laufen zu lassen:

Code:

ATTFilter

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 19:15 on 12/02/2014 (*****)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-02-2014 01
Ran by ***** (administrator) on LAPTOP_***** on 12-02-2014 19:19:50
Running from C:\Users\*****\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(Hewlett-Packard Company) C:\WINDOWS\system32\Hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\WINDOWS\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe
(Hewlett-Packard Development Company, L.P.) c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(QNAP) C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Portrait Displays\Pivot Software\wpCtrl.exe
() C:\Program Files (x86)\Portrait Displays\Pivot Software\floater.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Hewlett-Packard\HP My Display\DTHtml.exe
(Portrait Displays Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSdkHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\WINDOWS\system32\igfxext.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Users\*****\Downloads\Windows-KB890830-x64-V5.9.exe
(Microsoft Corporation) c:\93cde86b977cbb03343a0caf\mrtstub.exe
(Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\WINDOWS\system32\backgroundTaskHost.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188552 2013-05-28] (Realtek Semiconductor)
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-10] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2114376 2008-03-17] (CANON INC.)
HKLM\...\Run: [Eraser] - C:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771184 2014-01-25] (Synaptics Incorporated)
HKLM-x32\...\Run: [YouCam Service] - C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-05-22] (CyberLink Corp.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PivotSoftware] - C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe [694824 2009-03-03] ()
HKLM-x32\...\Run: [DT HPC] - C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [123688 2013-01-10] (Portrait Displays, Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] - C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] - C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-10-08] (Hewlett-Packard Development Company, L.P.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-01-28] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3605841183-1322370777-216223967-1001\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-3605841183-1322370777-216223967-1002\...\Run: [Power2GoExpress8] - C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1714952 2013-10-16] (CyberLink Corp.)
HKU\S-1-5-21-3605841183-1322370777-216223967-1002\...\Run: [Nero MediaHome 4] - "C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-10-27] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT13/4
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {995F4BA9-CC4A-41A0-B361-FA996141DF9F} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {995F4BA9-CC4A-41A0-B361-FA996141DF9F} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\v4um31w7.default
FF Homepage: hxxp://www.google.com
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\IPSFF [2014-01-16]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-09-05] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-09-05] (CyberLink)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3526136 2013-08-27] (devolo AG)
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [140072 2013-01-10] (Portrait Displays, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [47416 2014-02-05] (Hewlett-Packard Company)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-10-08] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-22] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-01-24] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-01-24] (Intel Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [245832 2013-05-17] (Realtek Semiconductor)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-01-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [1526488 2014-01-10] (Symantec Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-01-16] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-01-16] (Symantec Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20140211.001\IDSvia64.sys [521944 2014-01-21] (Symantec Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-01-22] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2014-01-24] (Intel Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20140212.002\ENG64.SYS [126040 2014-01-16] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20140212.002\EX64.SYS [2099288 2014-01-16] (Symantec Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-08-21] (CACE Technologies)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [408136 2013-05-09] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2014-01-24] (Realtek Semiconductor Corporation                           )
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-01-22] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-04-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-01-25] (Synaptics Incorporated)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1404000.028\SymELAM.sys [23448 2012-11-15] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2014-01-16] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-12 19:19 - 2014-02-12 19:20 - 00023187 _____ () C:\Users\*****\Downloads\FRST.txt
2014-02-12 19:19 - 2014-02-12 19:19 - 00000000 ____D () C:\FRST
2014-02-12 19:15 - 2014-02-12 19:15 - 00000472 _____ () C:\Users\*****\Downloads\defogger_disable.log
2014-02-12 19:15 - 2014-02-12 19:15 - 00000000 _____ () C:\Users\*****\defogger_reenable
2014-02-12 19:11 - 2014-02-12 19:11 - 00380416 _____ () C:\Users\*****\Downloads\Gmer-19357.exe
2014-02-12 19:10 - 2014-02-12 19:10 - 00050477 _____ () C:\Users\*****\Downloads\Defogger.exe
2014-02-12 19:09 - 2014-02-12 19:09 - 02151424 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe
2014-02-12 18:31 - 2014-02-12 18:31 - 00000000 ____D () C:\93cde86b977cbb03343a0caf
2014-02-12 18:30 - 2014-02-12 18:30 - 25640672 _____ (Microsoft Corporation) C:\Users\*****\Downloads\Windows-KB890830-x64-V5.9.exe
2014-02-12 18:04 - 2014-02-12 19:17 - 00125639 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-11 21:27 - 2014-02-11 21:27 - 00000000 ____D () C:\Program Files (x86)\Hp
2014-02-11 20:46 - 2013-12-09 03:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-11 20:46 - 2013-12-09 02:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-02-11 19:22 - 2014-02-11 21:15 - 00000360 _____ () C:\WINDOWS\Tasks\HPCeeScheduleFor*****.job
2014-02-11 19:22 - 2014-02-11 19:22 - 00003174 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleFor*****
2014-02-08 21:31 - 2014-02-08 21:31 - 00000000 ____D () C:\Users\*****\Documents\Benutzerdefinierte Office-Vorlagen
2014-02-08 11:29 - 2014-02-08 11:29 - 00000000 ____D () C:\ProgramData\Mozilla
2014-02-08 11:29 - 2014-02-08 11:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-03 23:12 - 2014-02-03 23:12 - 00002032 _____ () C:\Users\*****\Desktop\Avira EU-Cleaner.lnk
2014-02-03 21:14 - 2014-02-03 21:21 - 312761032 _____ (Norman Shark AS) C:\Users\*****\Downloads\Norman_Malware208_Cleaner.exe
2014-02-03 20:58 - 2014-02-08 11:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-03 20:58 - 2014-02-03 20:58 - 00001166 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-03 20:09 - 2014-02-03 20:09 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-02-03 19:50 - 2014-02-03 19:50 - 00002772 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-02-03 19:50 - 2014-02-03 19:50 - 00000841 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-03 19:50 - 2014-02-03 19:50 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-02 18:46 - 2014-02-10 18:55 - 00000000 ____D () C:\Users\*****\Ebay
2014-02-01 22:35 - 2014-02-01 22:35 - 01037068 _____ (Thisisu) C:\Users\*****\Downloads\JRT61.exe
2014-02-01 22:21 - 2014-02-01 22:21 - 03645064 _____ (Piriform Ltd) C:\Users\*****\Downloads\ccsetup410_slim.exe
2014-02-01 19:22 - 2014-02-01 19:22 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Malwarebytes
2014-02-01 19:21 - 2014-02-01 19:21 - 00001128 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-01 19:21 - 2014-02-01 19:21 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-01 19:21 - 2014-02-01 19:21 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-01 19:21 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-02-01 19:20 - 2014-02-01 19:20 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\*****\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-01 18:09 - 2014-02-01 18:09 - 01166132 _____ () C:\Users\*****\Downloads\adwcleaner-3.018.exe
2014-02-01 18:02 - 2014-02-03 23:12 - 00001053 _____ () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avira-eu-cleaner_de(1).lnk
2014-01-31 18:54 - 2014-01-31 18:55 - 00000597 _____ () C:\Users\*****\AppData\Roaming\haj-log_2014-01-31 18_54_50.mjf
2014-01-31 18:54 - 2014-01-31 18:54 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Imploded Software
2014-01-30 21:03 - 2014-01-30 21:03 - 00000000 ____D () C:\Users\*****\AppData\Local\Eraser 6
2014-01-25 19:41 - 2014-02-11 19:52 - 00000000 ____D () C:\Users\NeroMediaHomeUser.4
2014-01-25 19:41 - 2014-01-25 19:41 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Nero
2014-01-25 19:41 - 2014-01-25 19:41 - 00000000 ____D () C:\Users\*****\AppData\Local\Nero
2014-01-25 19:32 - 2014-01-25 19:48 - 00000000 ____D () C:\ProgramData\Nero
2014-01-25 15:52 - 2014-01-25 15:54 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-01-25 15:17 - 2014-01-25 15:17 - 00003166 _____ () C:\WINDOWS\System32\Tasks\CLVDLauncher
2014-01-25 15:17 - 2013-03-05 12:01 - 00091712 _____ (CyberLink) C:\WINDOWS\system32\Drivers\CLVirtualDrive.sys
2014-01-25 15:16 - 2014-01-25 15:16 - 00003166 _____ () C:\WINDOWS\System32\Tasks\CLMLSvc_P2G8
2014-01-25 14:33 - 2014-01-25 14:33 - 00000000 ____D () C:\Users\*****\AppData\Local\Downloaded Installations
2014-01-25 14:24 - 2014-01-25 14:24 - 00000000 ____D () C:\Users\*****\AppData\Local\MediaServer
2014-01-25 13:39 - 2014-01-25 13:39 - 00830680 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys
2014-01-25 13:39 - 2014-01-25 13:39 - 00074456 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2014-01-25 13:38 - 2014-01-25 13:38 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2014-01-25 13:37 - 2014-01-25 13:37 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2014-01-25 13:37 - 2014-01-25 13:36 - 00722160 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2014-01-25 13:37 - 2014-01-25 13:36 - 00524016 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys
2014-01-25 13:37 - 2014-01-25 13:36 - 00421616 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo19.dll
2014-01-25 13:37 - 2014-01-25 13:36 - 00400112 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCom.dll
2014-01-25 13:37 - 2014-01-25 13:36 - 00251632 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2014-01-25 13:37 - 2014-01-25 13:36 - 00169712 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynTPCom.dll
2014-01-25 13:37 - 2014-01-25 13:36 - 00034544 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2014-01-25 12:57 - 2014-02-03 19:52 - 00000000 ____D () C:\WINDOWS\Minidump
2014-01-24 21:56 - 2014-01-24 21:55 - 02944216 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\SysWOW64\Drivers\rtwlane.sys
2014-01-24 21:56 - 2014-01-24 21:55 - 02944216 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\rtwlane.sys
2014-01-24 21:56 - 2012-02-14 19:37 - 00594432 _____ (Realtek Semiconductor Corp. ) C:\WINDOWS\SysWOW64\Rtlihvs.dll
2014-01-24 21:50 - 2014-01-24 21:50 - 00099288 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverx64.sys
2014-01-24 21:41 - 2014-01-24 21:41 - 00000000 ____D () C:\Users\*****\Intel
2014-01-24 18:35 - 2014-02-08 21:52 - 00000000 ____D () C:\Users\*****\Documents\Outlook-Dateien
2014-01-24 18:35 - 2014-01-24 19:28 - 00271360 _____ () C:\Users\*****\Desktop\Outlook.pst
2014-01-23 18:11 - 2014-01-25 14:15 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-01-23 18:08 - 2014-01-23 18:08 - 00575168 _____ (Microsoft Corporation) C:\Users\*****\Downloads\Setup.x86.de-DE_ProPlusRetail_QHG2J-NGYMH-KR9XQ-QDDHW-6MQ63_act_1_.exe
2014-01-23 17:59 - 2014-01-23 17:59 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2014-01-22 22:26 - 2014-02-12 18:04 - 00000000 __RDO () C:\Users\*****\SkyDrive
2014-01-22 22:23 - 2014-01-22 22:23 - 00001457 _____ () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-22 22:23 - 2014-01-22 22:23 - 00000020 ___SH () C:\Users\*****\ntuser.ini
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-01-22 21:51 - 2014-01-22 21:51 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-01-22 21:45 - 2014-01-22 21:47 - 00000000 ____D () C:\Users\Public\Documents\CyberLink
2014-01-22 21:42 - 2014-01-22 21:42 - 00000000 ____D () C:\Users\Default\Documents\hp.system.package.metadata
2014-01-22 21:42 - 2014-01-22 21:42 - 00000000 ____D () C:\Users\Default User\Documents\hp.system.package.metadata
2014-01-22 21:39 - 2014-02-12 19:15 - 00000000 ____D () C:\Users\*****
2014-01-22 21:39 - 2014-01-22 21:51 - 00028578 _____ () C:\WINDOWS\diagwrn.xml
2014-01-22 21:39 - 2014-01-22 21:51 - 00028578 _____ () C:\WINDOWS\diagerr.xml
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\Vorlagen
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\Startmenü
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\Netzwerkumgebung
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\Lokale Einstellungen
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\Eigene Dateien
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\Druckumgebung
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Musik
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Bilder
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Verlauf
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\Anwendungsdaten
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\Vorlagen
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\Startmenü
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\Netzwerkumgebung
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\Lokale Einstellungen
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\Eigene Dateien
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\Druckumgebung
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\Documents\Eigene Musik
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\Documents\Eigene Bilder
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\AppData\Local\Verlauf
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\AppData\Local\Anwendungsdaten
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\Anwendungsdaten
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 ___RD () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-01-22 21:39 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-01-22 21:39 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-01-22 21:39 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-01-22 21:39 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-01-22 21:39 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-01-22 21:39 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-01-22 21:36 - 2014-01-22 21:49 - 02008488 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-01-22 21:34 - 2013-10-23 09:20 - 06669600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-01-22 21:34 - 2013-10-23 09:20 - 03489568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-01-22 21:34 - 2013-10-23 09:20 - 03426956 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-01-22 21:34 - 2013-10-23 09:20 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-01-22 21:34 - 2013-10-23 09:20 - 01064224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2014-01-22 21:34 - 2013-10-23 09:20 - 00922912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-01-22 21:34 - 2013-10-23 09:20 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-01-22 21:34 - 2013-10-23 09:20 - 00067072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2014-01-22 21:34 - 2013-10-23 09:20 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-01-22 21:33 - 2014-01-24 21:44 - 00000000 ____D () C:\Program Files\Intel
2014-01-22 21:33 - 2014-01-22 21:41 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-01-22 21:33 - 2014-01-22 21:41 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-01-22 21:33 - 2014-01-22 21:34 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-01-22 21:33 - 2014-01-22 21:33 - 00000264 _____ () C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
2014-01-22 21:33 - 2014-01-22 21:33 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-01-22 21:33 - 2014-01-22 21:33 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
2014-01-22 21:33 - 2014-01-22 21:33 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-01-22 21:33 - 2014-01-22 21:33 - 00000000 ____D () C:\Program Files\Synaptics
2014-01-22 21:33 - 2013-12-21 00:02 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2014-01-22 21:33 - 2013-12-21 00:02 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2014-01-22 21:32 - 2014-01-22 21:32 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-01-22 21:32 - 2014-01-22 21:32 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-01-22 21:32 - 2014-01-22 21:32 - 00000000 ____D () C:\WINDOWS\system32\SRSLabs
2014-01-22 21:32 - 2014-01-22 21:32 - 00000000 ____D () C:\Program Files\Realtek
2014-01-22 21:30 - 2014-02-03 19:52 - 00000000 ___DC () C:\WINDOWS\Panther
2014-01-22 21:30 - 2014-01-22 21:30 - 00000000 __SHD () C:\Recovery
2014-01-22 21:29 - 2014-01-22 21:29 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-01-22 21:29 - 2014-01-22 21:29 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-01-22 21:29 - 2014-01-22 21:29 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-01-22 21:28 - 2014-01-22 21:28 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-01-22 21:28 - 2014-01-22 21:28 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-01-22 21:28 - 2014-01-22 21:28 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-01-22 21:28 - 2014-01-22 21:28 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-01-22 21:28 - 2014-01-22 21:28 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-01-22 21:28 - 2014-01-22 21:28 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-01-22 21:28 - 2014-01-22 21:28 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-01-22 21:28 - 2014-01-22 21:28 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-01-22 21:28 - 2014-01-22 21:28 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-01-22 21:28 - 2014-01-22 21:28 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-01-22 21:28 - 2014-01-22 21:28 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-01-22 21:28 - 2014-01-22 21:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-01-22 21:28 - 2014-01-22 21:28 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-01-22 21:28 - 2014-01-22 21:28 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-01-22 21:28 - 2014-01-22 21:28 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-01-22 21:28 - 2014-01-22 21:28 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-01-22 21:28 - 2014-01-22 21:28 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-01-22 21:28 - 2014-01-22 21:28 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2014-01-22 21:28 - 2014-01-22 21:28 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-01-22 21:28 - 2014-01-22 21:28 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-01-22 21:28 - 2014-01-22 21:28 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-01-22 21:27 - 2014-01-22 21:27 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-01-22 21:24 - 2014-01-22 21:24 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2014-01-22 21:24 - 2014-01-22 21:24 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2014-01-22 21:24 - 2014-01-22 21:24 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2014-01-22 21:24 - 2014-01-22 21:24 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2014-01-22 21:24 - 2014-01-22 21:24 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2014-01-22 21:24 - 2014-01-22 21:24 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2014-01-22 21:24 - 2014-01-22 21:24 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2014-01-22 21:24 - 2014-01-22 21:24 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2014-01-22 21:24 - 2014-01-22 21:24 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2014-01-22 21:24 - 2014-01-22 21:24 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2014-01-22 21:24 - 2014-01-22 21:24 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2014-01-22 21:24 - 2014-01-22 21:24 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2014-01-22 21:24 - 2014-01-22 21:24 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2014-01-22 21:24 - 2014-01-22 21:24 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-01-22 21:24 - 2014-01-22 21:24 - 00000000 ____D () C:\Program Files\MSBuild
2014-01-22 21:24 - 2014-01-22 21:24 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-01-22 21:24 - 2014-01-22 21:24 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-01-22 21:24 - 2014-01-22 21:24 - 00000000 ____D () C:\inetpub
2014-01-22 21:23 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-01-22 21:23 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-01-22 21:23 - 2013-08-03 05:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-01-22 21:23 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-01-22 21:23 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-01-22 21:23 - 2013-08-03 05:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-01-19 18:36 - 2014-01-19 18:36 - 00000000 ____D () C:\Users\*****\AppData\Local\Macromedia
2014-01-19 14:00 - 2014-01-19 14:00 - 00000000 ____D () C:\Users\*****\AppData\Roaming\CANON INC
2014-01-19 13:29 - 2014-01-19 13:29 - 00000000 ____D () C:\Users\*****\AppData\Local\Intel_Corporation
2014-01-19 12:59 - 2014-01-19 12:59 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-01-19 12:59 - 2014-01-19 12:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-01-18 11:33 - 2014-01-18 11:33 - 00002130 _____ () C:\Users\Public\Desktop\devolo dLAN Cockpit.lnk
2014-01-18 11:32 - 2014-01-18 11:32 - 00000000 ____D () C:\Program Files (x86)\devolo
2014-01-18 11:31 - 2014-01-18 11:31 - 23063544 _____ (devolo AG) C:\Users\*****\Downloads\software-dlan-cockpit-windows-v4-1-3.exe
2014-01-18 11:30 - 2014-01-18 11:28 - 00025088 _____ (Microsoft Corporation) C:\Users\*****\Desktop\ZAPGRAB.exe.EXE
2014-01-18 11:28 - 2014-01-18 11:28 - 00025088 _____ (Microsoft Corporation) C:\Users\*****\Downloads\ZAPGRAB.exe.EXE
2014-01-17 20:36 - 2014-02-11 22:00 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2014-01-17 20:36 - 2014-02-11 22:00 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-01-17 20:32 - 2014-01-17 20:32 - 00000000 ____D () C:\Users\*****\AppData\Roaming\DisplayTune
2014-01-17 20:32 - 2014-01-17 20:32 - 00000000 ____D () C:\Users\*****\AppData\Local\DisplayTune
2014-01-17 20:28 - 2014-01-17 20:28 - 00000000 ____D () C:\Program Files (x86)\Portrait Displays
2014-01-17 20:28 - 2009-07-12 00:56 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\mfcm80.dll
2014-01-17 20:28 - 2009-07-12 00:55 - 00632656 _____ (Microsoft Corporation) C:\WINDOWS\msvcr80.dll
2014-01-17 20:28 - 2009-07-12 00:55 - 00554832 _____ (Microsoft Corporation) C:\WINDOWS\msvcp80.dll
2014-01-17 20:28 - 2009-07-12 00:55 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\msvcm80.dll
2014-01-17 20:28 - 2009-07-12 00:55 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\mfcm80u.dll
2014-01-17 20:28 - 2009-07-11 19:46 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\mfc80.dll
2014-01-17 20:28 - 2009-07-11 19:46 - 01093120 _____ (Microsoft Corporation) C:\WINDOWS\mfc80u.dll
2014-01-17 20:28 - 2009-07-11 19:46 - 00002372 _____ () C:\WINDOWS\Microsoft.VC80.MFC.manifest
2014-01-17 20:28 - 2009-07-11 18:10 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\atl80.dll
2014-01-17 20:28 - 2009-07-11 18:10 - 00001870 _____ () C:\WINDOWS\Microsoft.VC80.CRT.manifest
2014-01-17 20:28 - 2009-07-11 18:10 - 00000466 _____ () C:\WINDOWS\Microsoft.VC80.ATL.manifest
2014-01-17 20:28 - 2007-04-04 09:30 - 00007432 _____ () C:\WINDOWS\SysWOW64\Machnm32.sys
2014-01-17 20:28 - 2004-08-04 00:56 - 01392671 _____ (Microsoft Corporation) C:\WINDOWS\msvbvm60.dll
2014-01-17 20:28 - 2002-01-05 04:48 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\mfc70.dll
2014-01-17 20:28 - 2002-01-05 03:40 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\msvcp70.dll
2014-01-17 20:28 - 2002-01-05 03:37 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\msvcr70.dll
2014-01-17 20:28 - 2001-06-01 08:26 - 00372736 _____ (Intel Corporation) C:\WINDOWS\ijl15.dll
2014-01-17 20:16 - 2014-02-03 19:52 - 00000000 ____D () C:\Users\*****\AppData\Local\CrashDumps
2014-01-17 20:16 - 2014-01-17 20:16 - 00000000 ____D () C:\ProgramData\Panasonic
2014-01-17 20:15 - 2014-01-17 20:15 - 00000000 ____D () C:\Users\*****\AppData\Roaming\InstallShield
2014-01-17 20:15 - 2014-01-17 20:15 - 00000000 ____D () C:\Users\*****\AppData\Local\Panasonic
2014-01-17 20:15 - 2007-06-22 00:10 - 00501912 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\SysWOW64\PICSDK2.dll
2014-01-17 20:15 - 2007-06-22 00:10 - 00000097 _____ () C:\WINDOWS\SysWOW64\PICSDK.ini
2014-01-17 20:15 - 2006-10-31 00:10 - 00120992 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\SysWOW64\EpPicPrt.dll
2014-01-17 20:15 - 2006-10-31 00:10 - 00071840 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\SysWOW64\EPPicMgr.dll
2014-01-17 20:15 - 2006-10-20 00:10 - 00108704 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\SysWOW64\PICEntry.dll
2014-01-17 20:15 - 2006-10-20 00:10 - 00080024 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\SysWOW64\PICSDK.dll
2014-01-17 20:15 - 2005-06-01 00:20 - 00111932 _____ () C:\WINDOWS\SysWOW64\EPPICPrinterDB.dat
2014-01-17 20:15 - 2004-03-03 06:10 - 00031053 _____ () C:\WINDOWS\SysWOW64\EPPICPattern131.dat
2014-01-17 20:15 - 2004-03-03 06:10 - 00027417 _____ () C:\WINDOWS\SysWOW64\EPPICPattern121.dat
2014-01-17 20:15 - 2004-03-03 06:10 - 00026154 _____ () C:\WINDOWS\SysWOW64\EPPICPattern1.dat
2014-01-17 20:15 - 2004-03-03 06:10 - 00024903 _____ () C:\WINDOWS\SysWOW64\EPPICPattern3.dat
2014-01-17 20:15 - 2004-03-03 06:10 - 00021390 _____ () C:\WINDOWS\SysWOW64\EPPICPattern5.dat
2014-01-17 20:15 - 2004-03-03 06:10 - 00020148 _____ () C:\WINDOWS\SysWOW64\EPPICPattern2.dat
2014-01-17 20:15 - 2004-03-03 06:10 - 00013732 _____ () C:\WINDOWS\SysWOW64\EPPICLocal_EN.cfg
2014-01-17 20:15 - 2004-03-03 06:10 - 00011811 _____ () C:\WINDOWS\SysWOW64\EPPICPattern4.dat
2014-01-17 20:15 - 2004-03-03 06:10 - 00006442 _____ () C:\WINDOWS\SysWOW64\EPPICLocal_IT.cfg
2014-01-17 20:15 - 2004-03-03 06:10 - 00006347 _____ () C:\WINDOWS\SysWOW64\EPPICLocal_PT.cfg
2014-01-17 20:15 - 2004-03-03 06:10 - 00006347 _____ () C:\WINDOWS\SysWOW64\EPPICLocal_BP.cfg
2014-01-17 20:15 - 2004-03-03 06:10 - 00006335 _____ () C:\WINDOWS\SysWOW64\EPPICLocal_GE.cfg
2014-01-17 20:15 - 2004-03-03 06:10 - 00006195 _____ () C:\WINDOWS\SysWOW64\EPPICLocal_FR.cfg
2014-01-17 20:15 - 2004-03-03 06:10 - 00006195 _____ () C:\WINDOWS\SysWOW64\EPPICLocal_CF.cfg
2014-01-17 20:15 - 2004-03-03 06:10 - 00006122 _____ () C:\WINDOWS\SysWOW64\EPPICLocal_DU.cfg
2014-01-17 20:15 - 2004-03-03 06:10 - 00006103 _____ () C:\WINDOWS\SysWOW64\EPPICLocal_ES.cfg
2014-01-17 20:15 - 2004-03-03 06:10 - 00005817 _____ () C:\WINDOWS\SysWOW64\EPPICLocal_KO.cfg
2014-01-17 20:15 - 2004-03-03 06:10 - 00005436 _____ () C:\WINDOWS\SysWOW64\EPPICLocal_SC.cfg
2014-01-17 20:15 - 2004-03-03 06:10 - 00004943 _____ () C:\WINDOWS\SysWOW64\EPPICPattern6.dat
2014-01-17 20:15 - 2004-03-03 06:10 - 00002889 _____ () C:\WINDOWS\SysWOW64\EPPICLocal_RU.cfg
2014-01-17 20:15 - 2004-03-03 06:10 - 00002426 _____ () C:\WINDOWS\SysWOW64\EPPICLocal_TC.cfg
2014-01-17 20:15 - 2004-03-03 06:10 - 00001146 _____ () C:\WINDOWS\SysWOW64\EPPICPresetData_DU.dat
2014-01-17 20:15 - 2004-03-03 06:10 - 00001139 _____ () C:\WINDOWS\SysWOW64\EPPICPresetData_PT.dat
2014-01-17 20:15 - 2004-03-03 06:10 - 00001139 _____ () C:\WINDOWS\SysWOW64\EPPICPresetData_BP.dat
2014-01-17 20:15 - 2004-03-03 06:10 - 00001136 _____ () C:\WINDOWS\SysWOW64\EPPICPresetData_ES.dat
2014-01-17 20:15 - 2004-03-03 06:10 - 00001129 _____ () C:\WINDOWS\SysWOW64\EPPICPresetData_FR.dat
2014-01-17 20:15 - 2004-03-03 06:10 - 00001129 _____ () C:\WINDOWS\SysWOW64\EPPICPresetData_CF.dat
2014-01-17 20:15 - 2004-03-03 06:10 - 00001120 _____ () C:\WINDOWS\SysWOW64\EPPICPresetData_IT.dat
2014-01-17 20:15 - 2004-03-03 06:10 - 00001107 _____ () C:\WINDOWS\SysWOW64\EPPICPresetData_GE.dat
2014-01-17 20:15 - 2004-03-03 06:10 - 00001104 _____ () C:\WINDOWS\SysWOW64\EPPICPresetData_EN.dat
2014-01-17 20:14 - 2014-01-17 20:14 - 00002184 _____ () C:\Users\Public\Desktop\PHOTOfunSTUDIO 6.0.lnk
2014-01-17 20:13 - 2014-01-17 20:13 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services
2014-01-17 20:13 - 2014-01-17 20:13 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-01-17 20:13 - 2014-01-17 20:13 - 00000000 ____D () C:\Program Files (x86)\Panasonic
2014-01-17 20:13 - 2014-01-17 20:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2014-01-17 20:08 - 2014-01-17 20:08 - 00002962 _____ () C:\WINDOWS\System32\Tasks\iSCSIAgentAutoStartup
2014-01-17 20:08 - 2014-01-17 20:08 - 00001097 _____ () C:\Users\Public\Desktop\Qfinder.lnk
2014-01-17 20:07 - 2014-01-17 20:08 - 11208576 _____ (Igor Pavlov) C:\Users\*****\Downloads\QNAPQfinderWindows-4.0.3.1025.exe
2014-01-17 19:44 - 2014-01-17 20:08 - 00000000 ____D () C:\Program Files (x86)\QNAP
2014-01-17 19:30 - 2014-01-17 19:30 - 00000000 ____D () C:\Users\*****\Documents\Klett
2014-01-17 19:27 - 2014-01-17 19:28 - 00000000 ____D () C:\Program Files (x86)\Klett
2014-01-17 19:26 - 2014-01-17 19:26 - 00002026 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-17 19:26 - 2014-01-17 19:26 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-01-17 18:56 - 2014-01-17 18:56 - 00000000 ____D () C:\sources
2014-01-17 18:53 - 2014-01-21 19:19 - 00000000 ____D () C:\Users\*****\AppData\Local\Adobe
2014-01-17 18:53 - 2014-01-21 19:19 - 00000000 ____D () C:\ProgramData\Adobe
2014-01-17 18:36 - 2014-01-17 18:36 - 00000000 ____D () C:\Users\Public\Documents\Canon MyCameraFiles
2014-01-17 18:35 - 2014-01-17 18:35 - 00001144 _____ () C:\Users\Public\Desktop\Map Utility.lnk
2014-01-17 18:30 - 2014-01-17 18:30 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Canon_Inc_IC
2014-01-17 18:29 - 2014-01-17 18:33 - 00001199 _____ () C:\Users\Public\Desktop\ImageBrowser EX.lnk
2014-01-17 18:28 - 2014-01-17 18:28 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-01-17 18:21 - 2014-01-17 18:21 - 00000000 ____D () C:\Users\*****\AppData\Roaming\canon
2014-01-17 18:21 - 2014-01-17 18:21 - 00000000 ____D () C:\ProgramData\Canon_Inc_IC
2014-01-17 18:05 - 2014-02-01 18:01 - 02209056 _____ () C:\Users\*****\Downloads\avira-eu-cleaner_de.exe
2014-01-17 18:01 - 2014-02-04 19:09 - 88567024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-17 18:01 - 2014-01-17 18:02 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-01-17 17:33 - 2014-01-17 17:33 - 00000000 ____D () C:\Users\*****\AppData\Local\HP Quick Start
2014-01-17 17:32 - 2014-01-25 15:59 - 00000000 ____D () C:\Users\*****\AppData\Roaming\CyberLink
2014-01-17 17:32 - 2014-01-17 17:32 - 00000000 ____D () C:\Users\*****\Documents\Avatar
2014-01-17 17:31 - 2013-05-04 05:51 - 00014848 ____N (Microsoft) C:\WINDOWS\system32\rars.rs
2014-01-17 17:31 - 2013-05-04 05:10 - 00014848 ____N (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2014-01-17 17:28 - 2014-01-17 17:28 - 00002061 _____ () C:\Users\Public\Desktop\Canon MP540 series Benutzerregistrierung.LNK
2014-01-17 17:23 - 2014-01-17 17:23 - 00002046 _____ () C:\Users\Public\Desktop\Canon Solution Menu.lnk
2014-01-17 17:23 - 2014-01-17 17:23 - 00001811 _____ () C:\Users\Public\Desktop\My Printer.lnk
2014-01-17 17:23 - 2014-01-17 17:23 - 00000000 ____D () C:\Program Files\Common Files\CANON
2014-01-17 17:23 - 2014-01-17 17:23 - 00000000 ____D () C:\Program Files\Canon
2014-01-17 17:22 - 2014-01-17 17:22 - 00002102 _____ () C:\Users\Public\Desktop\MP Navigator EX 2.0.lnk
2014-01-17 17:22 - 2014-01-17 17:22 - 00002100 _____ () C:\Users\Public\Desktop\Easy-PhotoPrint EX.lnk
2014-01-17 17:21 - 2014-01-17 17:21 - 00002335 _____ () C:\Users\Public\Desktop\MP540 series Online-Handbuch.lnk
2014-01-17 17:20 - 2014-01-22 21:41 - 00000000 ___HD () C:\WINDOWS\system32\CanonIJ Uninstaller Information
2014-01-17 17:20 - 2014-01-17 17:20 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-01-17 17:19 - 2014-01-17 17:19 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-01-17 17:19 - 2008-05-30 01:28 - 00293376 _____ (CANON INC.) C:\WINDOWS\system32\CNC540L.DLL
2014-01-17 17:19 - 2008-05-26 21:00 - 00279040 _____ (CANON INC.) C:\WINDOWS\system32\CNMLM9E.DLL
2014-01-17 17:19 - 2008-04-07 06:59 - 01354240 _____ (CANON INC.) C:\WINDOWS\system32\CNC540C.DLL
2014-01-17 17:19 - 2008-04-07 06:59 - 00092672 _____ (CANON INC.) C:\WINDOWS\system32\CNC540I.DLL
2014-01-17 17:19 - 2007-03-15 06:13 - 00229888 _____ (Canon Inc.) C:\WINDOWS\system32\CNC540O.DLL
2014-01-17 17:17 - 2014-01-17 18:36 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-01-16 19:58 - 2014-01-19 12:26 - 00000000 ____D () C:\Users\*****\AppData\Roaming\vlc
2014-01-16 19:44 - 2014-01-16 19:45 - 41404760 _____ (Apple Inc.) C:\Users\*****\Downloads\QuickTimeInstaller.exe
2014-01-16 19:41 - 2014-01-16 19:41 - 00001897 _____ () C:\Users\Public\Desktop\IrfanView Thumbnails.lnk
2014-01-16 19:41 - 2014-01-16 19:41 - 00001009 _____ () C:\Users\Public\Desktop\IrfanView.lnk
2014-01-16 19:41 - 2014-01-16 19:41 - 00000000 ____D () C:\Users\*****\AppData\Roaming\IrfanView
2014-01-16 19:41 - 2014-01-16 19:41 - 00000000 ____D () C:\Program Files (x86)\IrfanView
2014-01-16 19:39 - 2014-01-16 19:39 - 02179728 _____ (Irfan Skiljan) C:\Users\*****\Downloads\iview437g_setup.exe
2014-01-16 19:35 - 2014-02-11 21:14 - 00000000 ____D () C:\AdwCleaner
2014-01-16 19:34 - 2014-01-31 19:52 - 00000000 ____D () C:\ProgramData\Freemake
2014-01-16 19:34 - 2014-01-22 21:39 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2014-01-16 19:34 - 2014-01-17 19:40 - 00000000 ____D () C:\Users\*****\Documents\Freemake
2014-01-16 19:34 - 2014-01-16 19:34 - 00001327 _____ () C:\Users\Public\Desktop\Freemake Video Converter.lnk
2014-01-16 19:34 - 2014-01-16 19:34 - 00000000 ____D () C:\Program Files (x86)\Freemake
2014-01-16 19:31 - 2014-01-16 19:31 - 00001330 _____ () C:\Users\Public\Desktop\Helium Audio Joiner.lnk
2014-01-16 19:31 - 2014-01-16 19:31 - 00000000 ____D () C:\ProgramData\Imploded Software
2014-01-16 19:31 - 2014-01-16 19:31 - 00000000 ____D () C:\Program Files (x86)\Imploded Software
2014-01-16 19:30 - 2014-01-16 19:30 - 04646928 _____ (Imploded Software ) C:\Users\*****\Downloads\haj_setup-1.8.0.exe
2014-01-16 19:29 - 2014-01-16 19:29 - 00002064 _____ () C:\Users\Public\Desktop\MyPhoneExplorer.lnk
2014-01-16 19:28 - 2014-01-16 19:29 - 00000000 ____D () C:\Program Files (x86)\MyPhoneExplorer
2014-01-16 19:27 - 2014-01-16 19:27 - 07080248 _____ () C:\Users\*****\Downloads\MyPhoneExplorer_1.8.5.exe
2014-01-16 19:24 - 2014-01-16 19:24 - 00001754 _____ () C:\Users\Public\Desktop\Eraser.lnk
2014-01-16 19:24 - 2014-01-16 19:24 - 00000000 ____D () C:\Program Files\Eraser
2014-01-16 19:23 - 2014-01-16 19:23 - 09110456 _____ (The Eraser Project) C:\Users\*****\Downloads\Eraser_6.0.10.2620.exe
2014-01-16 19:21 - 2014-01-16 19:21 - 00000878 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-01-16 19:21 - 2014-01-16 19:21 - 00000000 ____D () C:\Program Files\VideoLAN
2014-01-16 19:19 - 2014-01-16 19:19 - 23679700 _____ () C:\Users\*****\Downloads\vlc-2.1.1-win64.exe
2014-01-16 19:16 - 2014-02-03 19:52 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Winamp
2014-01-16 19:16 - 2014-01-16 19:17 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-01-16 19:16 - 2014-01-16 19:16 - 00000986 _____ () C:\Users\Public\Desktop\Winamp.lnk
2014-01-16 19:16 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2014-01-16 19:16 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2014-01-16 19:14 - 2014-01-16 19:14 - 12855384 _____ (Nullsoft, Inc.) C:\Users\*****\Downloads\winamp5666_full_de-de_b3516.exe
2014-01-16 19:11 - 2014-01-16 19:11 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Mozilla
2014-01-16 19:11 - 2014-01-16 19:11 - 00000000 ____D () C:\Users\*****\AppData\Local\Mozilla
2014-01-16 19:09 - 2014-01-16 19:09 - 23867560 _____ (Mozilla) C:\Users\*****\Downloads\Firefox_Setup_26.0.exe
2014-01-16 19:08 - 2014-01-16 19:08 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Avira
2014-01-16 19:06 - 2014-01-16 19:06 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Macromedia
2014-01-16 19:05 - 2014-01-16 19:05 - 00002073 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-01-16 19:05 - 2014-01-16 19:05 - 00000000 ____D () C:\ProgramData\Avira
2014-01-16 19:05 - 2014-01-16 19:05 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-01-16 19:05 - 2013-12-18 09:32 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2014-01-16 19:05 - 2013-12-18 09:32 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2014-01-16 19:05 - 2013-12-18 09:32 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2014-01-16 18:49 - 2014-01-16 18:58 - 130658432 _____ () C:\Users\*****\Downloads\avira_free_antivirus_de.exe
2014-01-16 18:40 - 2014-01-25 14:30 - 00000000 ____D () C:\Users\*****\AppData\Roaming\hpqlog
2014-01-15 22:24 - 2014-01-15 22:24 - 00000427 ____H () C:\WINDOWS\system32\Rebecca.dat
2014-01-15 21:07 - 2014-02-09 19:06 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3605841183-1322370777-216223967-1002
2014-01-15 21:01 - 2014-01-15 21:21 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Hewlett-Packard
2014-01-15 21:01 - 2014-01-15 21:01 - 00000000 ____D () C:\MediaServer
2014-01-15 21:00 - 2014-01-25 14:27 - 00000000 ____D () C:\Users\*****\AppData\Local\CyberLink
2014-01-15 21:00 - 2014-01-17 17:32 - 00000000 ____D () C:\Users\*****\Documents\Youcam
2014-01-15 21:00 - 2014-01-15 21:00 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Synaptics
2014-01-15 20:59 - 2014-01-22 22:24 - 00000000 ___RD () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-15 20:59 - 2014-01-22 22:24 - 00000000 ___RD () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-01-15 20:59 - 2014-01-22 22:24 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-01-15 20:58 - 2014-01-21 19:19 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Adobe
2014-01-15 20:58 - 2013-11-21 07:27 - 00002233 _____ () C:\Users\Public\Desktop\Snapfish Fotos.lnk
2014-01-15 20:57 - 2014-02-11 19:22 - 00000000 ____D () C:\Users\*****\AppData\Local\Hewlett-Packard
2014-01-15 20:57 - 2014-01-15 20:57 - 00000000 ____D () C:\Users\*****\AppData\Local\Power2Go8
2014-01-15 20:56 - 2014-01-25 15:54 - 00000000 ____D () C:\Users\*****\AppData\Local\Packages
2014-01-15 20:56 - 2014-01-15 20:56 - 00000000 ____D () C:\Users\*****\AppData\Local\VirtualStore
2014-01-15 20:56 - 2013-07-22 10:02 - 00000000 ___HD () C:\Users\*****\Documents\hp.system.package.metadata
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\Vorlagen
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\Startmenü
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\Netzwerkumgebung
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\Lokale Einstellungen
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\Eigene Dateien
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\Druckumgebung
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Musik
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Bilder
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Verlauf
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Anwendungsdaten
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\Anwendungsdaten
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Programme
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Dokumente und Einstellungen

==================== One Month Modified Files and Folders =======

2014-02-12 19:20 - 2014-02-12 19:19 - 00023187 _____ () C:\Users\*****\Downloads\FRST.txt
2014-02-12 19:19 - 2014-02-12 19:19 - 00000000 ____D () C:\FRST
2014-02-12 19:17 - 2014-02-12 18:04 - 00125639 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-12 19:15 - 2014-02-12 19:15 - 00000472 _____ () C:\Users\*****\Downloads\defogger_disable.log
2014-02-12 19:15 - 2014-02-12 19:15 - 00000000 _____ () C:\Users\*****\defogger_reenable
2014-02-12 19:15 - 2014-01-22 21:39 - 00000000 ____D () C:\Users\*****
2014-02-12 19:11 - 2014-02-12 19:11 - 00380416 _____ () C:\Users\*****\Downloads\Gmer-19357.exe
2014-02-12 19:10 - 2014-02-12 19:10 - 00050477 _____ () C:\Users\*****\Downloads\Defogger.exe
2014-02-12 19:09 - 2014-02-12 19:09 - 02151424 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe
2014-02-12 19:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-02-12 18:31 - 2014-02-12 18:31 - 00000000 ____D () C:\93cde86b977cbb03343a0caf
2014-02-12 18:30 - 2014-02-12 18:30 - 25640672 _____ (Microsoft Corporation) C:\Users\*****\Downloads\Windows-KB890830-x64-V5.9.exe
2014-02-12 18:04 - 2014-01-22 22:26 - 00000000 __RDO () C:\Users\*****\SkyDrive
2014-02-11 22:00 - 2014-01-17 20:36 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2014-02-11 22:00 - 2014-01-17 20:36 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-02-11 21:27 - 2014-02-11 21:27 - 00000000 ____D () C:\Program Files (x86)\Hp
2014-02-11 21:22 - 2013-11-14 08:27 - 01984356 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-11 21:22 - 2013-11-14 08:11 - 00843606 _____ () C:\WINDOWS\system32\perfh007.dat
2014-02-11 21:22 - 2013-11-14 08:11 - 00192300 _____ () C:\WINDOWS\system32\perfc007.dat
2014-02-11 21:15 - 2014-02-11 19:22 - 00000360 _____ () C:\WINDOWS\Tasks\HPCeeScheduleFor*****.job
2014-02-11 21:15 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-11 21:14 - 2014-01-16 19:35 - 00000000 ____D () C:\AdwCleaner
2014-02-11 21:14 - 2013-08-22 14:25 - 00262144 _____ () C:\WINDOWS\system32\config\BBI
2014-02-11 19:52 - 2014-01-25 19:41 - 00000000 ____D () C:\Users\NeroMediaHomeUser.4
2014-02-11 19:22 - 2014-02-11 19:22 - 00003174 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleFor*****
2014-02-11 19:22 - 2014-01-15 20:57 - 00000000 ____D () C:\Users\*****\AppData\Local\Hewlett-Packard
2014-02-11 19:16 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-02-10 18:55 - 2014-02-02 18:46 - 00000000 ____D () C:\Users\*****\Ebay
2014-02-09 19:06 - 2014-01-15 21:07 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3605841183-1322370777-216223967-1002
2014-02-08 21:52 - 2014-01-24 18:35 - 00000000 ____D () C:\Users\*****\Documents\Outlook-Dateien
2014-02-08 21:31 - 2014-02-08 21:31 - 00000000 ____D () C:\Users\*****\Documents\Benutzerdefinierte Office-Vorlagen
2014-02-08 11:29 - 2014-02-08 11:29 - 00000000 ____D () C:\ProgramData\Mozilla
2014-02-08 11:29 - 2014-02-08 11:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-08 11:29 - 2014-02-03 20:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-04 19:09 - 2014-01-17 18:01 - 88567024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-03 23:12 - 2014-02-03 23:12 - 00002032 _____ () C:\Users\*****\Desktop\Avira EU-Cleaner.lnk
2014-02-03 23:12 - 2014-02-01 18:02 - 00001053 _____ () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avira-eu-cleaner_de(1).lnk
2014-02-03 22:04 - 2013-11-21 07:15 - 00000000 ____D () C:\WINDOWS\Hewlett-Packard
2014-02-03 21:21 - 2014-02-03 21:14 - 312761032 _____ (Norman Shark AS) C:\Users\*****\Downloads\Norman_Malware208_Cleaner.exe
2014-02-03 20:58 - 2014-02-03 20:58 - 00001166 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-03 20:09 - 2014-02-03 20:09 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-02-03 19:52 - 2014-01-25 12:57 - 00000000 ____D () C:\WINDOWS\Minidump
2014-02-03 19:52 - 2014-01-22 21:30 - 00000000 ___DC () C:\WINDOWS\Panther
2014-02-03 19:52 - 2014-01-17 20:16 - 00000000 ____D () C:\Users\*****\AppData\Local\CrashDumps
2014-02-03 19:52 - 2014-01-16 19:16 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Winamp
2014-02-03 19:50 - 2014-02-03 19:50 - 00002772 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-02-03 19:50 - 2014-02-03 19:50 - 00000841 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-03 19:50 - 2014-02-03 19:50 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-01 22:35 - 2014-02-01 22:35 - 01037068 _____ (Thisisu) C:\Users\*****\Downloads\JRT61.exe
2014-02-01 22:21 - 2014-02-01 22:21 - 03645064 _____ (Piriform Ltd) C:\Users\*****\Downloads\ccsetup410_slim.exe
2014-02-01 19:22 - 2014-02-01 19:22 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Malwarebytes
2014-02-01 19:21 - 2014-02-01 19:21 - 00001128 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-01 19:21 - 2014-02-01 19:21 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-01 19:21 - 2014-02-01 19:21 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-01 19:20 - 2014-02-01 19:20 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\*****\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-01 18:09 - 2014-02-01 18:09 - 01166132 _____ () C:\Users\*****\Downloads\adwcleaner-3.018.exe
2014-02-01 18:01 - 2014-01-17 18:05 - 02209056 _____ () C:\Users\*****\Downloads\avira-eu-cleaner_de.exe
2014-02-01 15:38 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-01-31 19:52 - 2014-01-16 19:34 - 00000000 ____D () C:\ProgramData\Freemake
2014-01-31 18:55 - 2014-01-31 18:54 - 00000597 _____ () C:\Users\*****\AppData\Roaming\haj-log_2014-01-31 18_54_50.mjf
2014-01-31 18:54 - 2014-01-31 18:54 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Imploded Software
2014-01-30 21:47 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-30 21:47 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-30 21:03 - 2014-01-30 21:03 - 00000000 ____D () C:\Users\*****\AppData\Local\Eraser 6
2014-01-25 19:48 - 2014-01-25 19:32 - 00000000 ____D () C:\ProgramData\Nero
2014-01-25 19:41 - 2014-01-25 19:41 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Nero
2014-01-25 19:41 - 2014-01-25 19:41 - 00000000 ____D () C:\Users\*****\AppData\Local\Nero
2014-01-25 16:53 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-01-25 16:03 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-01-25 15:59 - 2014-01-17 17:32 - 00000000 ____D () C:\Users\*****\AppData\Roaming\CyberLink
2014-01-25 15:54 - 2014-01-25 15:52 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-01-25 15:54 - 2014-01-15 20:56 - 00000000 ____D () C:\Users\*****\AppData\Local\Packages
2014-01-25 15:26 - 2013-07-22 10:02 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-01-25 15:25 - 2012-08-04 01:02 - 00000000 ____D () C:\SWSetup
2014-01-25 15:24 - 2013-11-21 07:22 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-01-25 15:17 - 2014-01-25 15:17 - 00003166 _____ () C:\WINDOWS\System32\Tasks\CLVDLauncher
2014-01-25 15:16 - 2014-01-25 15:16 - 00003166 _____ () C:\WINDOWS\System32\Tasks\CLMLSvc_P2G8
2014-01-25 14:33 - 2014-01-25 14:33 - 00000000 ____D () C:\Users\*****\AppData\Local\Downloaded Installations
2014-01-25 14:30 - 2014-01-16 18:40 - 00000000 ____D () C:\Users\*****\AppData\Roaming\hpqlog
2014-01-25 14:27 - 2014-01-15 21:00 - 00000000 ____D () C:\Users\*****\AppData\Local\CyberLink
2014-01-25 14:27 - 2013-11-21 07:29 - 00000000 ____D () C:\Users\Public\CyberLink
2014-01-25 14:25 - 2013-11-21 07:24 - 00000000 ____D () C:\ProgramData\CyberLink
2014-01-25 14:24 - 2014-01-25 14:24 - 00000000 ____D () C:\Users\*****\AppData\Local\MediaServer
2014-01-25 14:15 - 2014-01-23 18:11 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-01-25 13:56 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2014-01-25 13:39 - 2014-01-25 13:39 - 00830680 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys
2014-01-25 13:39 - 2014-01-25 13:39 - 00074456 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2014-01-25 13:39 - 2013-11-21 07:03 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-01-25 13:38 - 2014-01-25 13:38 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2014-01-25 13:37 - 2014-01-25 13:37 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2014-01-25 13:36 - 2014-01-25 13:37 - 00722160 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2014-01-25 13:36 - 2014-01-25 13:37 - 00524016 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys
2014-01-25 13:36 - 2014-01-25 13:37 - 00421616 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo19.dll
2014-01-25 13:36 - 2014-01-25 13:37 - 00400112 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCom.dll
2014-01-25 13:36 - 2014-01-25 13:37 - 00251632 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2014-01-25 13:36 - 2014-01-25 13:37 - 00169712 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynTPCom.dll
2014-01-25 13:36 - 2014-01-25 13:37 - 00034544 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2014-01-25 13:07 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-01-25 12:57 - 2013-08-22 15:44 - 00489600 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-01-25 12:56 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-01-24 21:55 - 2014-01-24 21:56 - 02944216 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\SysWOW64\Drivers\rtwlane.sys
2014-01-24 21:55 - 2014-01-24 21:56 - 02944216 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\rtwlane.sys
2014-01-24 21:50 - 2014-01-24 21:50 - 00099288 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverx64.sys
2014-01-24 21:50 - 2013-11-21 07:02 - 00016344 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\IntelMEFWVer.dll
2014-01-24 21:45 - 2013-11-21 07:00 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\WINDOWS\SysWOW64\CSVer.dll
2014-01-24 21:44 - 2014-01-22 21:33 - 00000000 ____D () C:\Program Files\Intel
2014-01-24 21:42 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-01-24 21:41 - 2014-01-24 21:41 - 00000000 ____D () C:\Users\*****\Intel
2014-01-24 19:28 - 2014-01-24 18:35 - 00271360 _____ () C:\Users\*****\Desktop\Outlook.pst
2014-01-23 18:08 - 2014-01-23 18:08 - 00575168 _____ (Microsoft Corporation) C:\Users\*****\Downloads\Setup.x86.de-DE_ProPlusRetail_QHG2J-NGYMH-KR9XQ-QDDHW-6MQ63_act_1_.exe
2014-01-23 17:59 - 2014-01-23 17:59 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2014-01-22 22:24 - 2014-01-15 20:59 - 00000000 ___RD () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-22 22:24 - 2014-01-15 20:59 - 00000000 ___RD () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-01-22 22:24 - 2014-01-15 20:59 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-01-22 22:23 - 2014-01-22 22:23 - 00001457 _____ () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-22 22:23 - 2014-01-22 22:23 - 00000020 ___SH () C:\Users\*****\ntuser.ini
2014-01-22 22:23 - 2013-11-21 07:38 - 00003234 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-01-22 21:52 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2014-01-22 21:51 - 2014-01-22 21:51 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-01-22 21:51 - 2014-01-22 21:39 - 00028578 _____ () C:\WINDOWS\diagwrn.xml
2014-01-22 21:51 - 2014-01-22 21:39 - 00028578 _____ () C:\WINDOWS\diagerr.xml
2014-01-22 21:51 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-01-22 21:49 - 2014-01-22 21:36 - 02008488 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-01-22 21:47 - 2014-01-22 21:45 - 00000000 ____D () C:\Users\Public\Documents\CyberLink
2014-01-22 21:47 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-01-22 21:47 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-01-22 21:45 - 2013-11-21 07:10 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2014-01-22 21:45 - 2013-11-21 07:10 - 00000000 ____D () C:\WINDOWS\system32\NV
2014-01-22 21:43 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-01-22 21:43 - 2013-07-22 18:35 - 00000000 ____D () C:\WINDOWS\en-GB
2014-01-22 21:43 - 2013-07-22 10:11 - 00000000 ____D () C:\WINDOWS\de
2014-01-22 21:42 - 2014-01-22 21:42 - 00000000 ____D () C:\Users\Default\Documents\hp.system.package.metadata
2014-01-22 21:42 - 2014-01-22 21:42 - 00000000 ____D () C:\Users\Default User\Documents\hp.system.package.metadata
2014-01-22 21:42 - 2013-11-21 07:03 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2014-01-22 21:42 - 2013-11-14 08:11 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-01-22 21:42 - 2013-11-14 08:11 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-01-22 21:42 - 2013-11-14 08:11 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-01-22 21:42 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-01-22 21:42 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-01-22 21:42 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2014-01-22 21:42 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-01-22 21:42 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-01-22 21:42 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-01-22 21:42 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-01-22 21:42 - 2013-07-22 10:07 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe
2014-01-22 21:42 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2014-01-22 21:41 - 2014-01-22 21:33 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-01-22 21:41 - 2014-01-22 21:33 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-01-22 21:41 - 2014-01-17 17:20 - 00000000 ___HD () C:\WINDOWS\system32\CanonIJ Uninstaller Information
2014-01-22 21:41 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-01-22 21:41 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-01-22 21:41 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-01-22 21:41 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME
2014-01-22 21:41 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2014-01-22 21:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-01-22 21:41 - 2012-08-03 23:29 - 00000000 ____D () C:\ProgramData\PRICache
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\Vorlagen
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\Startmenü
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\Netzwerkumgebung
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\Lokale Einstellungen
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\Eigene Dateien
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\Druckumgebung
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Musik
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Bilder
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Verlauf
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\Anwendungsdaten
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\Vorlagen
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\Startmenü
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\Netzwerkumgebung
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\Lokale Einstellungen
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\Eigene Dateien
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\Druckumgebung
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\Documents\Eigene Musik
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\Documents\Eigene Bilder
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\AppData\Local\Verlauf
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\AppData\Local\Anwendungsdaten
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\Anwendungsdaten
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 ___RD () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-01-22 21:39 - 2014-01-16 19:34 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2014-01-22 21:39 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-01-22 21:34 - 2014-01-22 21:33 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-01-22 21:33 - 2014-01-22 21:33 - 00000264 _____ () C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
2014-01-22 21:33 - 2014-01-22 21:33 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-01-22 21:33 - 2014-01-22 21:33 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
2014-01-22 21:33 - 2014-01-22 21:33 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-01-22 21:33 - 2014-01-22 21:33 - 00000000 ____D () C:\Program Files\Synaptics
2014-01-22 21:32 - 2014-01-22 21:32 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-01-22 21:32 - 2014-01-22 21:32 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-01-22 21:32 - 2014-01-22 21:32 - 00000000 ____D () C:\WINDOWS\system32\SRSLabs
2014-01-22 21:32 - 2014-01-22 21:32 - 00000000 ____D () C:\Program Files\Realtek
2014-01-22 21:30 - 2014-01-22 21:30 - 00000000 __SHD () C:\Recovery
2014-01-22 21:29 - 2014-01-22 21:29 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-01-22 21:29 - 2014-01-22 21:29 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-01-22 21:29 - 2014-01-22 21:29 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-01-22 21:29 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-01-22 21:29 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-01-22 21:28 - 2014-01-22 21:28 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-01-22 21:28 - 2014-01-22 21:28 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-01-22 21:28 - 2014-01-22 21:28 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-01-22 21:28 - 2014-01-22 21:28 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-01-22 21:28 - 2014-01-22 21:28 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-01-22 21:28 - 2014-01-22 21:28 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-01-22 21:28 - 2014-01-22 21:28 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-01-22 21:28 - 2014-01-22 21:28 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-01-22 21:28 - 2014-01-22 21:28 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-01-22 21:28 - 2014-01-22 21:28 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-01-22 21:28 - 2014-01-22 21:28 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-01-22 21:28 - 2014-01-22 21:28 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-01-22 21:28 - 2014-01-22 21:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-01-22 21:28 - 2014-01-22 21:28 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-01-22 21:28 - 2014-01-22 21:28 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-01-22 21:28 - 2014-01-22 21:28 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-01-22 21:28 - 2014-01-22 21:28 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-01-22 21:28 - 2014-01-22 21:28 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-01-22 21:28 - 2014-01-22 21:28 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2014-01-22 21:28 - 2014-01-22 21:28 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-01-22 21:28 - 2014-01-22 21:28 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-01-22 21:28 - 2014-01-22 21:28 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-01-22 21:28 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-01-22 21:28 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-01-22 21:28 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-01-22 21:28 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-01-22 21:27 - 2014-01-22 21:27 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-01-22 21:24 - 2014-01-22 21:24 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2014-01-22 21:24 - 2014-01-22 21:24 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2014-01-22 21:24 - 2014-01-22 21:24 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2014-01-22 21:24 - 2014-01-22 21:24 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2014-01-22 21:24 - 2014-01-22 21:24 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2014-01-22 21:24 - 2014-01-22 21:24 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2014-01-22 21:24 - 2014-01-22 21:24 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2014-01-22 21:24 - 2014-01-22 21:24 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2014-01-22 21:24 - 2014-01-22 21:24 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2014-01-22 21:24 - 2014-01-22 21:24 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2014-01-22 21:24 - 2014-01-22 21:24 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2014-01-22 21:24 - 2014-01-22 21:24 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2014-01-22 21:24 - 2014-01-22 21:24 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2014-01-22 21:24 - 2014-01-22 21:24 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-01-22 21:24 - 2014-01-22 21:24 - 00000000 ____D () C:\Program Files\MSBuild
2014-01-22 21:24 - 2014-01-22 21:24 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-01-22 21:24 - 2014-01-22 21:24 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-01-22 21:24 - 2014-01-22 21:24 - 00000000 ____D () C:\inetpub
2014-01-22 21:24 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-01-22 21:24 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\inetsrv
2014-01-22 21:24 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-01-22 21:24 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2014-01-22 19:48 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-01-21 19:19 - 2014-01-17 18:53 - 00000000 ____D () C:\Users\*****\AppData\Local\Adobe
2014-01-21 19:19 - 2014-01-17 18:53 - 00000000 ____D () C:\ProgramData\Adobe
2014-01-21 19:19 - 2014-01-15 20:58 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Adobe
2014-01-19 18:36 - 2014-01-19 18:36 - 00000000 ____D () C:\Users\*****\AppData\Local\Macromedia
2014-01-19 14:00 - 2014-01-19 14:00 - 00000000 ____D () C:\Users\*****\AppData\Roaming\CANON INC
2014-01-19 13:29 - 2014-01-19 13:29 - 00000000 ____D () C:\Users\*****\AppData\Local\Intel_Corporation
2014-01-19 12:59 - 2014-01-19 12:59 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-01-19 12:59 - 2014-01-19 12:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-01-19 12:26 - 2014-01-16 19:58 - 00000000 ____D () C:\Users\*****\AppData\Roaming\vlc
2014-01-18 11:33 - 2014-01-18 11:33 - 00002130 _____ () C:\Users\Public\Desktop\devolo dLAN Cockpit.lnk
2014-01-18 11:32 - 2014-01-18 11:32 - 00000000 ____D () C:\Program Files (x86)\devolo
2014-01-18 11:31 - 2014-01-18 11:31 - 23063544 _____ (devolo AG) C:\Users\*****\Downloads\software-dlan-cockpit-windows-v4-1-3.exe
2014-01-18 11:28 - 2014-01-18 11:30 - 00025088 _____ (Microsoft Corporation) C:\Users\*****\Desktop\ZAPGRAB.exe.EXE
2014-01-18 11:28 - 2014-01-18 11:28 - 00025088 _____ (Microsoft Corporation) C:\Users\*****\Downloads\ZAPGRAB.exe.EXE
2014-01-17 20:36 - 2013-07-22 10:05 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-01-17 20:32 - 2014-01-17 20:32 - 00000000 ____D () C:\Users\*****\AppData\Roaming\DisplayTune
2014-01-17 20:32 - 2014-01-17 20:32 - 00000000 ____D () C:\Users\*****\AppData\Local\DisplayTune
2014-01-17 20:28 - 2014-01-17 20:28 - 00000000 ____D () C:\Program Files (x86)\Portrait Displays
2014-01-17 20:28 - 2013-07-22 10:16 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-01-17 20:16 - 2014-01-17 20:16 - 00000000 ____D () C:\ProgramData\Panasonic
2014-01-17 20:15 - 2014-01-17 20:15 - 00000000 ____D () C:\Users\*****\AppData\Roaming\InstallShield
2014-01-17 20:15 - 2014-01-17 20:15 - 00000000 ____D () C:\Users\*****\AppData\Local\Panasonic
2014-01-17 20:14 - 2014-01-17 20:14 - 00002184 _____ () C:\Users\Public\Desktop\PHOTOfunSTUDIO 6.0.lnk
2014-01-17 20:13 - 2014-01-17 20:13 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services
2014-01-17 20:13 - 2014-01-17 20:13 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-01-17 20:13 - 2014-01-17 20:13 - 00000000 ____D () C:\Program Files (x86)\Panasonic
2014-01-17 20:13 - 2014-01-17 20:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2014-01-17 20:13 - 2013-07-22 10:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-01-17 20:08 - 2014-01-17 20:08 - 00002962 _____ () C:\WINDOWS\System32\Tasks\iSCSIAgentAutoStartup
2014-01-17 20:08 - 2014-01-17 20:08 - 00001097 _____ () C:\Users\Public\Desktop\Qfinder.lnk
2014-01-17 20:08 - 2014-01-17 20:07 - 11208576 _____ (Igor Pavlov) C:\Users\*****\Downloads\QNAPQfinderWindows-4.0.3.1025.exe
2014-01-17 20:08 - 2014-01-17 19:44 - 00000000 ____D () C:\Program Files (x86)\QNAP
2014-01-17 19:40 - 2014-01-16 19:34 - 00000000 ____D () C:\Users\*****\Documents\Freemake
2014-01-17 19:30 - 2014-01-17 19:30 - 00000000 ____D () C:\Users\*****\Documents\Klett
2014-01-17 19:28 - 2014-01-17 19:27 - 00000000 ____D () C:\Program Files (x86)\Klett
2014-01-17 19:26 - 2014-01-17 19:26 - 00002026 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-17 19:26 - 2014-01-17 19:26 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-01-17 19:09 - 2013-11-21 07:38 - 00002508 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-01-17 19:09 - 2013-11-21 07:37 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NISx64
2014-01-17 18:56 - 2014-01-17 18:56 - 00000000 ____D () C:\sources
2014-01-17 18:36 - 2014-01-17 18:36 - 00000000 ____D () C:\Users\Public\Documents\Canon MyCameraFiles
2014-01-17 18:36 - 2014-01-17 17:17 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-01-17 18:35 - 2014-01-17 18:35 - 00001144 _____ () C:\Users\Public\Desktop\Map Utility.lnk
2014-01-17 18:33 - 2014-01-17 18:29 - 00001199 _____ () C:\Users\Public\Desktop\ImageBrowser EX.lnk
2014-01-17 18:30 - 2014-01-17 18:30 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Canon_Inc_IC
2014-01-17 18:28 - 2014-01-17 18:28 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-01-17 18:21 - 2014-01-17 18:21 - 00000000 ____D () C:\Users\*****\AppData\Roaming\canon
2014-01-17 18:21 - 2014-01-17 18:21 - 00000000 ____D () C:\ProgramData\Canon_Inc_IC
2014-01-17 18:02 - 2014-01-17 18:01 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-01-17 17:33 - 2014-01-17 17:33 - 00000000 ____D () C:\Users\*****\AppData\Local\HP Quick Start
2014-01-17 17:32 - 2014-01-17 17:32 - 00000000 ____D () C:\Users\*****\Documents\Avatar
2014-01-17 17:32 - 2014-01-15 21:00 - 00000000 ____D () C:\Users\*****\Documents\Youcam
2014-01-17 17:31 - 2013-07-22 18:17 - 00000000 ___HD () C:\HP
2014-01-17 17:28 - 2014-01-17 17:28 - 00002061 _____ () C:\Users\Public\Desktop\Canon MP540 series Benutzerregistrierung.LNK
2014-01-17 17:23 - 2014-01-17 17:23 - 00002046 _____ () C:\Users\Public\Desktop\Canon Solution Menu.lnk
2014-01-17 17:23 - 2014-01-17 17:23 - 00001811 _____ () C:\Users\Public\Desktop\My Printer.lnk
2014-01-17 17:23 - 2014-01-17 17:23 - 00000000 ____D () C:\Program Files\Common Files\CANON
2014-01-17 17:23 - 2014-01-17 17:23 - 00000000 ____D () C:\Program Files\Canon
2014-01-17 17:22 - 2014-01-17 17:22 - 00002102 _____ () C:\Users\Public\Desktop\MP Navigator EX 2.0.lnk
2014-01-17 17:22 - 2014-01-17 17:22 - 00002100 _____ () C:\Users\Public\Desktop\Easy-PhotoPrint EX.lnk
2014-01-17 17:21 - 2014-01-17 17:21 - 00002335 _____ () C:\Users\Public\Desktop\MP540 series Online-Handbuch.lnk
2014-01-17 17:20 - 2014-01-17 17:20 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-01-17 17:19 - 2014-01-17 17:19 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-01-16 19:45 - 2014-01-16 19:44 - 41404760 _____ (Apple Inc.) C:\Users\*****\Downloads\QuickTimeInstaller.exe
2014-01-16 19:41 - 2014-01-16 19:41 - 00001897 _____ () C:\Users\Public\Desktop\IrfanView Thumbnails.lnk
2014-01-16 19:41 - 2014-01-16 19:41 - 00001009 _____ () C:\Users\Public\Desktop\IrfanView.lnk
2014-01-16 19:41 - 2014-01-16 19:41 - 00000000 ____D () C:\Users\*****\AppData\Roaming\IrfanView
2014-01-16 19:41 - 2014-01-16 19:41 - 00000000 ____D () C:\Program Files (x86)\IrfanView
2014-01-16 19:39 - 2014-01-16 19:39 - 02179728 _____ (Irfan Skiljan) C:\Users\*****\Downloads\iview437g_setup.exe
2014-01-16 19:34 - 2014-01-16 19:34 - 00001327 _____ () C:\Users\Public\Desktop\Freemake Video Converter.lnk
2014-01-16 19:34 - 2014-01-16 19:34 - 00000000 ____D () C:\Program Files (x86)\Freemake
2014-01-16 19:31 - 2014-01-16 19:31 - 00001330 _____ () C:\Users\Public\Desktop\Helium Audio Joiner.lnk
2014-01-16 19:31 - 2014-01-16 19:31 - 00000000 ____D () C:\ProgramData\Imploded Software
2014-01-16 19:31 - 2014-01-16 19:31 - 00000000 ____D () C:\Program Files (x86)\Imploded Software
2014-01-16 19:30 - 2014-01-16 19:30 - 04646928 _____ (Imploded Software ) C:\Users\*****\Downloads\haj_setup-1.8.0.exe
2014-01-16 19:29 - 2014-01-16 19:29 - 00002064 _____ () C:\Users\Public\Desktop\MyPhoneExplorer.lnk
2014-01-16 19:29 - 2014-01-16 19:28 - 00000000 ____D () C:\Program Files (x86)\MyPhoneExplorer
2014-01-16 19:27 - 2014-01-16 19:27 - 07080248 _____ () C:\Users\*****\Downloads\MyPhoneExplorer_1.8.5.exe
2014-01-16 19:24 - 2014-01-16 19:24 - 00001754 _____ () C:\Users\Public\Desktop\Eraser.lnk
2014-01-16 19:24 - 2014-01-16 19:24 - 00000000 ____D () C:\Program Files\Eraser
2014-01-16 19:23 - 2014-01-16 19:23 - 09110456 _____ (The Eraser Project) C:\Users\*****\Downloads\Eraser_6.0.10.2620.exe
2014-01-16 19:21 - 2014-01-16 19:21 - 00000878 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-01-16 19:21 - 2014-01-16 19:21 - 00000000 ____D () C:\Program Files\VideoLAN
2014-01-16 19:19 - 2014-01-16 19:19 - 23679700 _____ () C:\Users\*****\Downloads\vlc-2.1.1-win64.exe
2014-01-16 19:17 - 2014-01-16 19:16 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-01-16 19:16 - 2014-01-16 19:16 - 00000986 _____ () C:\Users\Public\Desktop\Winamp.lnk
2014-01-16 19:14 - 2014-01-16 19:14 - 12855384 _____ (Nullsoft, Inc.) C:\Users\*****\Downloads\winamp5666_full_de-de_b3516.exe
2014-01-16 19:11 - 2014-01-16 19:11 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Mozilla
2014-01-16 19:11 - 2014-01-16 19:11 - 00000000 ____D () C:\Users\*****\AppData\Local\Mozilla
2014-01-16 19:09 - 2014-01-16 19:09 - 23867560 _____ (Mozilla) C:\Users\*****\Downloads\Firefox_Setup_26.0.exe
2014-01-16 19:08 - 2014-01-16 19:08 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Avira
2014-01-16 19:06 - 2014-01-16 19:06 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Macromedia
2014-01-16 19:05 - 2014-01-16 19:05 - 00002073 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-01-16 19:05 - 2014-01-16 19:05 - 00000000 ____D () C:\ProgramData\Avira
2014-01-16 19:05 - 2014-01-16 19:05 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-01-16 18:58 - 2014-01-16 18:49 - 130658432 _____ () C:\Users\*****\Downloads\avira_free_antivirus_de.exe
2014-01-16 18:58 - 2013-11-21 07:38 - 00177312 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2014-01-16 18:58 - 2013-11-21 07:38 - 00007631 _____ () C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2014-01-15 22:24 - 2014-01-15 22:24 - 00000427 ____H () C:\WINDOWS\system32\Rebecca.dat
2014-01-15 21:21 - 2014-01-15 21:01 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Hewlett-Packard
2014-01-15 21:01 - 2014-01-15 21:01 - 00000000 ____D () C:\MediaServer
2014-01-15 21:00 - 2014-01-15 21:00 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Synaptics
2014-01-15 20:58 - 2013-07-22 10:14 - 00000000 ___RD () C:\Program Files\Online Services
2014-01-15 20:58 - 2013-07-22 10:14 - 00000000 ___RD () C:\Program Files (x86)\Online Services
2014-01-15 20:58 - 2012-08-04 01:02 - 00000000 ___HD () C:\SYSTEM.SAV
2014-01-15 20:57 - 2014-01-15 20:57 - 00000000 ____D () C:\Users\*****\AppData\Local\Power2Go8
2014-01-15 20:56 - 2014-01-15 20:56 - 00000000 ____D () C:\Users\*****\AppData\Local\VirtualStore
2014-01-15 20:56 - 2013-11-21 07:37 - 00000000 ____D () C:\ProgramData\Norton
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\Vorlagen
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\Startmenü
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\Netzwerkumgebung
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\Lokale Einstellungen
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\Eigene Dateien
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\Druckumgebung
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Musik
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Bilder
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Verlauf
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Anwendungsdaten
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\Anwendungsdaten
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Programme
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Dokumente und Einstellungen

Some content of TEMP:
====================
C:\Users\*****\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-08 03:11

==================== End Of Log ============================

--- --- ---
--- ------

Danke schon jetzt für's "Kümmern". P.S. Die Addition.txt und GMER.txt kann ich nachreichen

cosinus · 14.02.2014, 00:13

Warum wurden die Logs gelöscht?
Und ja, bitte alle geforderten Logs posten

Rheinfall · 14.02.2014, 08:03

Hallo Cosinus, die Logs über die Tools hatte ich erzeugt, bevor mir klar war, dass ich Eure TB-Hilfe in Anspruch nehmen wollte. Da mir der Inhalt der Logs nichts gesagt hat, habe ich sie leider vom Desktop entfernt.
Hier die fehlende Addition.txt und gmer.txt:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-02-2014 01
Ran by ***** at 2014-02-12 19:20:56
Running from C:\Users\*****\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.2.122 - Adobe Systems, Inc.)
Avira Free Antivirus (x32 Version: 14.0.2.344 - Avira)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Canon MP Navigator EX 2.0 (x32 Version:  - )
Canon MP540 series Benutzerregistrierung (x32 Version:  - )
Canon MP540 series MP Drivers (Version:  - )
Canon Utilities CameraWindow DC 8 (x32 Version: 8.7.0.11 - Canon Inc.)
Canon Utilities Easy-PhotoPrint EX (x32 Version:  - )
Canon Utilities ImageBrowser EX (x32 Version: 1.4.0.5 - Canon Inc.)
Canon Utilities My Printer (x32 Version:  - )
Canon Utilities PhotoStitch (x32 Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Solution Menu (x32 Version:  - )
CCleaner (Version: 4.10 - Piriform)
CyberLink LabelPrint (x32 Version: 2.5.5.6902 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.5.6902 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (x32 Version: 10.0.5.3606 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.5.3606 - CyberLink Corp.) Hidden
Cyberlink PhotoDirector (x32 Version: 3.0.2.4128 - CyberLink Corp.)
Cyberlink PhotoDirector (x32 Version: 3.0.2.4128 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (x32 Version: 8.0.5.3416 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.5.3416 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (x32 Version: 10.0.4.3021 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.4.3021 - CyberLink Corp.) Hidden
CyberLink PowerDVD 12 (x32 Version: 12.0.2.3305 - CyberLink Corp.)
CyberLink PowerDVD 12 (x32 Version: 12.0.2.3305 - CyberLink Corp.) Hidden
CyberLink YouCam (x32 Version: 5.0.1.2922 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 5.0.1.2922 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
devolo dLAN Cockpit (x32 Version: 4.1.3.0 - devolo AG)
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Energy Star (x32 Version: 1.0.9 - Hewlett-Packard Company)
Eraser 6.0.10.2620 (Version: 6.0.2620 - The Eraser Project)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Freemake Video Converter Version 4.1.2 (x32 Version: 4.1.2 - Ellora Assets Corporation)
Green Line 1 Sprachtrainer (x32 Version: 1.00.000 - Klett)
Helium Audio Joiner (build 263) (x32 Version: 1.8.0.263 - Imploded Software)
Hewlett-Packard ACLM.NET v1.2.2.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (x32 Version: 6.0.15.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (x32 Version: 1.0 - Meridian Audio Ltd)
HP CoolSense (x32 Version: 2.20.21 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (x32 Version: 1.1.0.0 - Hewlett-Packard)
HP My Display (x32 Version: 2.01.006 - Portrait Displays, Inc.)
HP Postscript Converter (Version: 4.0.4100 - Hewlett-Packard) Hidden
HP Quick Start (x32 Version: 1.0.4660.30220 - Hewlett-Packard)
HP Recovery Manager (x32 Version: 11.00 - Hewlett-Packard) Hidden
HP Registration Service (Version: 1.2.6838.4521 - Hewlett-Packard)
HP Support Assistant (x32 Version: 7.2.23.56 - Hewlett-Packard Company)
HP Support Solutions Framework (x32 Version: 11.50.0011 - Hewlett-Packard Company)
HP System Event Utility (x32 Version: 1.0.10 - Hewlett-Packard Company)
HP Utility Center (Version: 2.2.2 - Hewlett-Packard Company)
HP Wireless Button Driver (x32 Version: 1.1.2.1 - Hewlett-Packard Company)
Intel(R) Management Engine Components (x32 Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 10.18.10.3379 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.1.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.1.1000 - Intel Corporation) Hidden
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 3.0.0.66956 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
IrfanView (remove only) (x32 Version: 4.37 - Irfan Skiljan)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 - de-de (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (x32 Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0 (x86 de) (x32 Version: 27.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 27.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MyPhoneExplorer (x32 Version: 1.8.5 - F.J. Wechselberger)
Norton Internet Security (x32 Version: 20.4.0.40 - Symantec Corporation)
NVIDIA Grafiktreiber 331.65 (Version: 331.65 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.11.3 (Version: 1.11.3 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PHOTOfunSTUDIO 6.0 (x32 Version: 6.00.135 - Panasonic Corporation)
Pivot Software (x32 Version: 9.03.004 - Portrait Displays, Inc.) Hidden
QNAP Qfinder (x32 Version: 4.0.3.1025 - QNAP Systems, Inc.)
Realtek Card Reader (x32 Version: 1.1.9200.15 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (x32 Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6923 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (x32 Version: 1.00.12.0906 - REALTEK Semiconductor Corp.)
SDK (x32 Version: 2.33.005 - Portrait Displays, Inc.) Hidden
Sprachtrainer Fonts (x32 Version: 1.00.01 - Ernst Klett Verlag GmbH)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (Version: 17.0.6.2 - Synaptics Incorporated)
VLC media player 2.1.1 (Version: 2.1.1 - VideoLAN)
Winamp (x32 Version: 5.666  - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

07-02-2014 20:49:24 Geplanter Prüfpunkt
11-02-2014 20:27:29 Installed HP Support Solutions Framework

==================== Hosts content: ==========================

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0A6DA674-8E70-42CB-9FF9-AFC8B3145DAA} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0BBB8C1F-D7E0-47C6-BA49-EDC5B87FFB7A} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: {0DB81C06-0CA8-41E3-8CE4-50591EF55ABA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-01-24] (Microsoft Corporation)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {31C84CDA-BE99-4F7C-B984-C94364CCA3C8} - System32\Tasks\iSCSIAgentAutoStartup => C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe [2013-10-25] (QNAP)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {37189418-64E2-45E7-A8E8-3B40A769493F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-06-07] (Hewlett-Packard Company)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {61E21360-E324-4E33-94FA-1AAB68C6969B} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe [2013-06-04] (Symantec Corporation)
Task: {675B76E5-E9D2-4A0E-B40A-254D07BDAEDB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-06-07] (Hewlett-Packard Company)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {84FEB1FA-1189-46CD-BDDB-83F87F6795CD} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-09-10] (Hewlett-Packard Development Company, L.P.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {907C564F-EAC9-4437-8003-ACCBA6BE8397} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-01-24] (Microsoft Corporation)
Task: {9C67117C-3B26-41E2-AD70-54FF0DEBC80B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSFUpdaterRedux => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A7BF565D-2E1D-42DF-95A6-7F9EF69F1165} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-11-22] (Hewlett-Packard)
Task: {BC5E083C-1997-4476-BD7E-8D95212CE114} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {C86F7CE7-6B5D-4A55-9981-64E73AD90F37} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D650567D-6715-4D19-B1F5-7284371B3DBF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-11-22] (Hewlett-Packard)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DC40CFD3-0DF0-4FE6-AC6C-05CBF91B1897} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
Task: {DFF90927-06FC-4D11-B47E-E531742E87A1} - System32\Tasks\HPCeeScheduleFor***** => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {ED61F955-141D-424E-98F5-D4D6A85C6CBD} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {F62E9048-1C7F-45FA-87CE-C7668F741281} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05] (CyberLink)
Task: C:\WINDOWS\Tasks\HPCeeScheduleFor*****.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) =============

2014-01-17 20:29 - 2013-01-10 15:26 - 00091944 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\msgHook64.dll
2014-01-17 20:28 - 2013-01-10 15:26 - 00275752 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dthook.dll
2014-01-17 20:28 - 2009-03-03 11:42 - 00694824 _____ () C:\Program Files (x86)\Portrait Displays\Pivot Software\wpCtrl.exe
2014-01-17 20:28 - 2009-03-03 11:42 - 00694824 _____ () C:\Program Files (x86)\Portrait Displays\Pivot Software\floater.exe
2014-01-28 19:58 - 2014-01-28 19:58 - 01782272 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\600862031eb4d4cfdc6f4d2025a7990e\Windows.ApplicationModel.ni.dll
2014-01-16 19:05 - 2013-12-18 09:32 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-01-24 21:50 - 2014-01-24 21:50 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-01-17 20:29 - 2013-01-10 15:26 - 00086824 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\msgHook.dll
2014-01-16 18:56 - 2012-05-30 07:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\wincfi39.dll
2013-10-27 09:03 - 2013-10-27 09:03 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-02-03 20:58 - 2014-02-08 11:29 - 03583600 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-01-17 20:28 - 2009-03-03 11:40 - 00245760 _____ () C:\Program Files (x86)\Portrait Displays\Pivot Software\winphook.dll
2014-01-17 20:28 - 2013-01-10 15:26 - 00189224 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\PresetsCOM.dll
2014-01-17 20:28 - 2013-01-10 15:25 - 00123688 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\CC\gui.dll
2014-01-25 15:16 - 2013-08-05 08:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-05 15:48 - 2013-08-05 15:48 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-01-17 20:29 - 2013-01-10 15:26 - 00164648 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\*****\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/11/2014 07:09:29 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 82036547

Error: (02/11/2014 07:09:29 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 82036547

Error: (02/11/2014 07:09:29 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/11/2014 07:09:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 82020922

Error: (02/11/2014 07:09:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 82020922

Error: (02/11/2014 07:09:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/11/2014 07:08:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 82005297

Error: (02/11/2014 07:08:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 82005297

Error: (02/11/2014 07:08:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/11/2014 07:08:43 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 81990078


System errors:
=============
Error: (02/12/2014 06:07:07 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (02/11/2014 10:03:02 PM) (Source: Service Control Manager) (User: )
Description: Dienst "CyberLink PowerDVD 12 Media Server Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (02/11/2014 09:24:18 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (02/11/2014 09:18:22 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (02/11/2014 09:18:22 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1326

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (02/11/2014 07:16:16 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (02/11/2014 07:15:41 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (02/11/2014 07:15:41 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1326

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (02/11/2014 07:12:44 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎10.‎02.‎2014 um 20:18:26 unerwartet heruntergefahren.

Error: (02/11/2014 07:10:29 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst WSearch erreicht.


Microsoft Office Sessions:
=========================
Error: (02/11/2014 07:09:29 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 82036547

Error: (02/11/2014 07:09:29 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 82036547

Error: (02/11/2014 07:09:29 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/11/2014 07:09:14 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 82020922

Error: (02/11/2014 07:09:14 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 82020922

Error: (02/11/2014 07:09:14 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/11/2014 07:08:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 82005297

Error: (02/11/2014 07:08:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 82005297

Error: (02/11/2014 07:08:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/11/2014 07:08:43 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 81990078


==================== Memory info =========================== 

Percentage of memory in use: 36%
Total physical RAM: 7962.14 MB
Available physical RAM: 5049.75 MB
Total Pagefile: 16154.14 MB
Available Pagefile: 13116.77 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:909.79 GB) (Free:862.21 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:20.61 GB) (Free:2.04 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 298DD091)

Partition: GPT Partition Type
==================== End Of Log ============================

Code:

ATTFilter

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-02-12 20:45:25
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\0000002c HGST_HTS541010A9E680 rev.JA0OA590 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\*****\AppData\Local\Temp\uwdyipow.sys


---- Kernel code sections - GMER 2.1 ----

.text   C:\WINDOWS\System32\win32k.sys!W32pServiceTable                                                                                               fffff96000178700 15 bytes [00, EA, 0F, 02, 00, 7F, 6F, ...]
.text   C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 16                                                                                          fffff96000178710 11 bytes [00, 1F, FC, FF, 80, 52, DE, ...]

---- User code sections - GMER 2.1 ----

.text   C:\WINDOWS\System32\spoolsv.exe[1540] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                  00007ffe1d17169a 4 bytes [17, 1D, FE, 7F]
.text   C:\WINDOWS\System32\spoolsv.exe[1540] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                  00007ffe1d1716a2 4 bytes [17, 1D, FE, 7F]
.text   C:\WINDOWS\System32\spoolsv.exe[1540] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                     00007ffe1d17181a 4 bytes [17, 1D, FE, 7F]
.text   C:\WINDOWS\System32\spoolsv.exe[1540] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                     00007ffe1d171832 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe[1712] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506              00007ffe1d17169a 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe[1712] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514              00007ffe1d1716a2 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe[1712] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                 00007ffe1d17181a 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe[1712] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                 00007ffe1d171832 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe[4868] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 506     00007ffe1d17169a 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe[4868] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 514     00007ffe1d1716a2 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe[4868] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 118        00007ffe1d17181a 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe[4868] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 142        00007ffe1d171832 4 bytes [17, 1D, FE, 7F]
.text   C:\WINDOWS\System32\dwm.exe[2540] C:\WINDOWS\system32\KERNEL32.DLL!K32GetModuleInformation                                                    00007ffe1da530e0 7 bytes JMP 00007fff1cc802d0
.text   C:\WINDOWS\System32\dwm.exe[2540] C:\WINDOWS\system32\KERNEL32.DLL!RegQueryValueExW                                                           00007ffe1da54478 7 bytes JMP 00007fff1cc80308
.text   C:\WINDOWS\System32\dwm.exe[2540] C:\WINDOWS\system32\KERNEL32.DLL!RegDeleteValueW                                                            00007ffe1db011a8 7 bytes JMP 00007fff1cc80340
.text   C:\WINDOWS\System32\dwm.exe[2540] C:\WINDOWS\system32\KERNEL32.DLL!RegSetValueExW                                                             00007ffe1db0121c 7 bytes JMP 00007fff1cc803b0
.text   C:\WINDOWS\System32\dwm.exe[2540] C:\WINDOWS\system32\KERNEL32.DLL!RegSetValueExA                                                             00007ffe1db01668 7 bytes JMP 00007fff1cc80378
.text   C:\WINDOWS\System32\dwm.exe[2540] C:\WINDOWS\system32\KERNEL32.DLL!K32GetModuleFileNameExW                                                    00007ffe1db072d0 7 bytes JMP 00007fff1cc80260
.text   C:\WINDOWS\System32\dwm.exe[2540] C:\WINDOWS\system32\KERNEL32.DLL!K32EnumProcessModulesEx                                                    00007ffe1db2d5a4 7 bytes JMP 00007fff1cc80228
.text   C:\WINDOWS\System32\dwm.exe[2540] C:\WINDOWS\system32\KERNEL32.DLL!K32GetMappedFileNameW                                                      00007ffe1db2d614 7 bytes JMP 00007fff1cc80298
.text   C:\WINDOWS\System32\dwm.exe[2540] C:\WINDOWS\system32\KERNELBASE.dll!GetModuleHandleW                                                         00007ffe1cc92124 7 bytes JMP 00007fff1cc800d8
.text   C:\WINDOWS\System32\dwm.exe[2540] C:\WINDOWS\system32\KERNELBASE.dll!FreeLibrary                                                              00007ffe1cc950e8 5 bytes JMP 00007fff1cc80180
.text   C:\WINDOWS\System32\dwm.exe[2540] C:\WINDOWS\system32\KERNELBASE.dll!LoadLibraryExW                                                           00007ffe1cc952a0 5 bytes JMP 00007fff1cc80148
.text   C:\WINDOWS\System32\dwm.exe[2540] C:\WINDOWS\system32\KERNELBASE.dll!GetModuleHandleExW                                                       00007ffe1cc9a9b0 5 bytes JMP 00007fff1cc80110
.text   C:\WINDOWS\System32\dwm.exe[2540] C:\WINDOWS\system32\USER32.dll!CreateWindowExW                                                              00007ffe1d877b64 10 bytes JMP 00007fff1cc80490
.text   C:\WINDOWS\System32\dwm.exe[2540] C:\WINDOWS\system32\USER32.dll!EnumDisplayDevicesA                                                          00007ffe1d892910 5 bytes JMP 00007fff1cc80420
.text   C:\WINDOWS\System32\dwm.exe[2540] C:\WINDOWS\system32\USER32.dll!EnumDisplayDevicesW                                                          00007ffe1d894578 5 bytes JMP 00007fff1cc80458
.text   C:\WINDOWS\System32\dwm.exe[2540] C:\WINDOWS\system32\USER32.dll!DisplayConfigGetDeviceInfo                                                   00007ffe1d894980 9 bytes JMP 00007fff1cc803e8
.text   C:\WINDOWS\System32\dwm.exe[2540] C:\WINDOWS\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                      00007ffe1db91500 8 bytes JMP 00007fff1cc801b8
.text   C:\WINDOWS\System32\dwm.exe[2540] C:\WINDOWS\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                        00007ffe1db91750 8 bytes JMP 00007fff1cc801f0
.text   C:\WINDOWS\System32\dwm.exe[2540] C:\WINDOWS\System32\dxgi.dll!CreateDXGIFactory                                                              00007ffe1a64705c 5 bytes JMP 00007fff1a6300d8
.text   C:\WINDOWS\System32\dwm.exe[2540] C:\WINDOWS\System32\dxgi.dll!CreateDXGIFactory1                                                             00007ffe1a647678 5 bytes JMP 00007fff1a630110
.text   C:\WINDOWS\System32\dwm.exe[2540] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                      00007ffe1d17169a 4 bytes [17, 1D, FE, 7F]
.text   C:\WINDOWS\System32\dwm.exe[2540] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                      00007ffe1d1716a2 4 bytes [17, 1D, FE, 7F]
.text   C:\WINDOWS\System32\dwm.exe[2540] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                         00007ffe1d17181a 4 bytes [17, 1D, FE, 7F]
.text   C:\WINDOWS\System32\dwm.exe[2540] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                         00007ffe1d171832 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[5564] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                         00007ffe1d17169a 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[5564] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                         00007ffe1d1716a2 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[5564] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                            00007ffe1d17181a 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[5564] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                            00007ffe1d171832 4 bytes [17, 1D, FE, 7F]
.text   C:\WINDOWS\system32\nvvsvc.exe[7704] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                   00007ffe1d17169a 4 bytes [17, 1D, FE, 7F]
.text   C:\WINDOWS\system32\nvvsvc.exe[7704] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                   00007ffe1d1716a2 4 bytes [17, 1D, FE, 7F]
.text   C:\WINDOWS\system32\nvvsvc.exe[7704] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                      00007ffe1d17181a 4 bytes [17, 1D, FE, 7F]
.text   C:\WINDOWS\system32\nvvsvc.exe[7704] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                      00007ffe1d171832 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[7576] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                   00007ffe1d17169a 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[7576] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                   00007ffe1d1716a2 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[7576] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                      00007ffe1d17181a 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[7576] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                      00007ffe1d171832 4 bytes [17, 1D, FE, 7F]
.text   C:\WINDOWS\system32\taskhostex.exe[7280] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                               00007ffe1d17169a 4 bytes [17, 1D, FE, 7F]
.text   C:\WINDOWS\system32\taskhostex.exe[7280] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                               00007ffe1d1716a2 4 bytes [17, 1D, FE, 7F]
.text   C:\WINDOWS\system32\taskhostex.exe[7280] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                  00007ffe1d17181a 4 bytes [17, 1D, FE, 7F]
.text   C:\WINDOWS\system32\taskhostex.exe[7280] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                  00007ffe1d171832 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[7116] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                           00007ffe1d17169a 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[7116] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                           00007ffe1d1716a2 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[7116] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                              00007ffe1d17181a 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[7116] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                              00007ffe1d171832 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3096] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                 00007ffe1d17169a 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3096] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                 00007ffe1d1716a2 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3096] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                    00007ffe1d17181a 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[3096] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                    00007ffe1d171832 4 bytes [17, 1D, FE, 7F]
.text   C:\Windows\System32\igfxtray.exe[5248] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                 00007ffe1d17169a 4 bytes [17, 1D, FE, 7F]
.text   C:\Windows\System32\igfxtray.exe[5248] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                 00007ffe1d1716a2 4 bytes [17, 1D, FE, 7F]
.text   C:\Windows\System32\igfxtray.exe[5248] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                    00007ffe1d17181a 4 bytes [17, 1D, FE, 7F]
.text   C:\Windows\System32\igfxtray.exe[5248] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                    00007ffe1d171832 4 bytes [17, 1D, FE, 7F]
.text   C:\WINDOWS\system32\igfxsrvc.exe[7904] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                 00007ffe1d17169a 4 bytes [17, 1D, FE, 7F]
.text   C:\WINDOWS\system32\igfxsrvc.exe[7904] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                 00007ffe1d1716a2 4 bytes [17, 1D, FE, 7F]
.text   C:\WINDOWS\system32\igfxsrvc.exe[7904] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                    00007ffe1d17181a 4 bytes [17, 1D, FE, 7F]
.text   C:\WINDOWS\system32\igfxsrvc.exe[7904] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                    00007ffe1d171832 4 bytes [17, 1D, FE, 7F]
.text   C:\Windows\System32\hkcmd.exe[8040] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                    00007ffe1d17169a 4 bytes [17, 1D, FE, 7F]
.text   C:\Windows\System32\hkcmd.exe[8040] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                    00007ffe1d1716a2 4 bytes [17, 1D, FE, 7F]
.text   C:\Windows\System32\hkcmd.exe[8040] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                       00007ffe1d17181a 4 bytes [17, 1D, FE, 7F]
.text   C:\Windows\System32\hkcmd.exe[8040] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                       00007ffe1d171832 4 bytes [17, 1D, FE, 7F]
.text   C:\Windows\System32\igfxpers.exe[5332] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                 00007ffe1d17169a 4 bytes [17, 1D, FE, 7F]
.text   C:\Windows\System32\igfxpers.exe[5332] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                 00007ffe1d1716a2 4 bytes [17, 1D, FE, 7F]
.text   C:\Windows\System32\igfxpers.exe[5332] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                    00007ffe1d17181a 4 bytes [17, 1D, FE, 7F]
.text   C:\Windows\System32\igfxpers.exe[5332] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                    00007ffe1d171832 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[5864] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                    00007ffe1d17169a 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[5864] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                    00007ffe1d1716a2 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[5864] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                       00007ffe1d17181a 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[5864] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                       00007ffe1d171832 4 bytes [17, 1D, FE, 7F]
.text   C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[8116] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                 00007ffe1d17169a 4 bytes [17, 1D, FE, 7F]
.text   C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[8116] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                 00007ffe1d1716a2 4 bytes [17, 1D, FE, 7F]
.text   C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[8116] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                    00007ffe1d17181a 4 bytes [17, 1D, FE, 7F]
.text   C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[8116] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                    00007ffe1d171832 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe[3372] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506      00007ffe1d17169a 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe[3372] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514      00007ffe1d1716a2 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe[3372] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118         00007ffe1d17181a 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe[3372] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142         00007ffe1d171832 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe[2768] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506     00007ffe1d17169a 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe[2768] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514     00007ffe1d1716a2 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe[2768] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118        00007ffe1d17181a 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe[2768] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142        00007ffe1d171832 4 bytes [17, 1D, FE, 7F]
.text   C:\WINDOWS\system32\igfxext.exe[6652] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                  00007ffe1d17169a 4 bytes [17, 1D, FE, 7F]
.text   C:\WINDOWS\system32\igfxext.exe[6652] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                  00007ffe1d1716a2 4 bytes [17, 1D, FE, 7F]
.text   C:\WINDOWS\system32\igfxext.exe[6652] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                     00007ffe1d17181a 4 bytes [17, 1D, FE, 7F]
.text   C:\WINDOWS\system32\igfxext.exe[6652] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                     00007ffe1d171832 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe[6424] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506  00007ffe1d17169a 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe[6424] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514  00007ffe1d1716a2 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe[6424] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118     00007ffe1d17181a 4 bytes [17, 1D, FE, 7F]
.text   C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe[6424] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142     00007ffe1d171832 4 bytes [17, 1D, FE, 7F]

---- Threads - GMER 2.1 ----

Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [4368:744]                                                                                                      00000000008f1c24
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [4368:5572]                                                                                                     0000000064ade54e
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [4368:5772]                                                                                                     00000000639a0eb8
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [4368:5776]                                                                                                     00000000639a0eb8
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [4368:5780]                                                                                                     00000000639a0eb8
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [4368:6128]                                                                                                     0000000063ce319b
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [4368:6016]                                                                                                     0000000073271892
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [4368:4456]                                                                                                     000000005e4f8d99
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [4368:5104]                                                                                                     000000005e474b0d
Thread  C:\WINDOWS\system32\csrss.exe [7396:4972]                                                                                                     fffff960009884d0
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [4668:5440]                                                                                                     00000000008f1c24
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [4668:6320]                                                                                                     0000000010002960
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [4668:3492]                                                                                                     0000000010001070
Thread  C:\WINDOWS\SYSTEM32\ntdll.dll [4668:7220]                                                                                                     0000000064ade54e
Thread  C:\WINDOWS\Explorer.EXE [5028:6196]                                                                                                           00007ffe0a445130
Thread  C:\WINDOWS\Explorer.EXE [5028:4892]                                                                                                           00007ffe12d91e40
Thread  C:\WINDOWS\Explorer.EXE [5028:6204]                                                                                                           0000000002e82b00
Thread  C:\WINDOWS\Explorer.EXE [5028:188]                                                                                                            0000000002e81000
Thread  C:\WINDOWS\Explorer.EXE [5028:6860]                                                                                                           00007ffe197764f4
Thread  C:\WINDOWS\Explorer.EXE [5028:7944]                                                                                                           00007ffe12798c54
Thread  C:\WINDOWS\Explorer.EXE [5028:7360]                                                                                                           00007ffe1279d6bc
Thread  C:\WINDOWS\Explorer.EXE [5028:5456]                                                                                                           00007ffe1123c904
Thread  C:\WINDOWS\Explorer.EXE [5028:7132]                                                                                                           00007ffe10a7a760
Thread  C:\WINDOWS\Explorer.EXE [5028:1184]                                                                                                           00007ffe1c0f7ea8
Thread  C:\WINDOWS\Explorer.EXE [5028:7128]                                                                                                           00007ffe1d3d2764
Thread  C:\WINDOWS\Explorer.EXE [5028:3612]                                                                                                           00007ffe1c961b54

---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                                                                                                                         unknown MBR code

---- EOF - GMER 2.1 ----

cosinus · 14.02.2014, 09:14

Du hast den von mir verlinkten Artikel gelesen?
Von Malwarebytes gibt es "immer" Logs

Rheinfall · 14.02.2014, 16:46

Hallo, ich dachte die Logs sind nur auf dem Desktop. Ich habe tatsächlich drei unter "Logdateien" gefunden. Ich muss aber dazu sagen, dass bei den Suchlaufeinstellungen unter Aktion für PUP steht "In Ereignisliste anzeigen und NICHT zur Entfernung auswählen", also anders als in Ihrer Anleitung. Die im ersten Logfile gefundene "Freemake Video...exe" habe ich danach aus der Quarantäne gelöscht. Seitdem hat Malwarebytes anscheinend nichts mehr zu meckern. Hier die drei logs von malwarebytes:

Code:

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.02.01.06

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16476
***** :: LAPTOP_***** [Administrator]

01.02.2014 19:22:56
mbam-log-2014-02-01 (19-22-56).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 250322
Laufzeit: 4 Minute(n), 33 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\*****\Downloads\FreemakeVideoConverterSetup_4.1.2.2.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Code:

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.02.01.06

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16476
***** :: LAPTOP_***** [Administrator]

03.02.2014 22:39:47
mbam-log-2014-02-03 (22-39-47).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 250048
Laufzeit: 3 Minute(n), 12 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Code:

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.02.01.06

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16476
***** :: LAPTOP_***** [Administrator]

11.02.2014 21:16:57
mbam-log-2014-02-11 (21-16-57).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 249424
Laufzeit: 5 Minute(n), 46 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

cosinus · 14.02.2014, 17:11

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Rheinfall · 14.02.2014, 19:01

Hallo. Hier das logfile von mbar. Allerdings war ein Klicken des Cleanup Buttons nicht möglich oder erforderlich, da mbar nichts gefunden hat. Somit war auch kein Neustart und erneuter Scan mit mbar erforderlich bzw. möglich. Ich bin gespannt was jetzt kommt....?

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org

Database version: v2014.02.14.06

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16518
***** :: LAPTOP_***** [administrator]

14.02.2014 18:20:32
mbar-log-2014-02-14 (18-20-32).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 270653
Time elapsed: 24 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

cosinus · 14.02.2014, 19:02

Adware/Junkware/Toolbars entfernen

(alle Tools neu runterladen!!)

1. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Rheinfall · 14.02.2014, 19:54

Hallo.... frst kommt separat

Code:

ATTFilter

# AdwCleaner v3.018 - Bericht erstellt am 14/02/2014 um 19:15:24
# Updated 28/01/2014 von Xplode
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : ***** - LAPTOP_*****
# Gestartet von : C:\Users\*****\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v27.0 (de)

[ Datei : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\v4um31w7.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [837 octets] - [01/02/2014 18:10:09]
AdwCleaner[R1].txt - [904 octets] - [01/02/2014 19:19:20]
AdwCleaner[R2].txt - [963 octets] - [03/02/2014 23:04:08]
AdwCleaner[R3].txt - [1083 octets] - [11/02/2014 21:13:27]
AdwCleaner[R4].txt - [1197 octets] - [14/02/2014 19:14:15]
AdwCleaner[S0].txt - [897 octets] - [01/02/2014 18:11:47]
AdwCleaner[S1].txt - [1023 octets] - [03/02/2014 23:04:49]
AdwCleaner[S2].txt - [1145 octets] - [11/02/2014 21:14:07]
AdwCleaner[S3].txt - [1119 octets] - [14/02/2014 19:15:24]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1179 octets] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 8.1 x64
Ran by ***** on 14.02.2014 at 19:34:50,68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{995F4BA9-CC4A-41A0-B361-FA996141DF9F}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\Internet Explorer\SearchScopes\{995F4BA9-CC4A-41A0-B361-FA996141DF9F}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{995F4BA9-CC4A-41A0-B361-FA996141DF9F}



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.02.2014 at 19:39:53,72
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Rheinfall · 14.02.2014, 20:01

Leider als ZIP, da zu lang, im Anhang die frst Datei

Rheinfall · 14.02.2014, 20:16

P.S.: Eine addition.txt wurde nicht erzeugt!? Oder muss ich noch ein zweites Mal mit frst scannen?

cosinus · 15.02.2014, 15:02

Logs bitte in CODE-Tags, nofalls aufteilen

Rheinfall · 15.02.2014, 15:13

Hallo, das mit dem Aufteilen war mir nicht bekannt. SORRY:

Hier Teil 1 der frst:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-02-2014 01
Ran by ***** (administrator) on LAPTOP_***** on 14-02-2014 19:44:56
Running from C:\Users\*****\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(Hewlett-Packard Company) C:\WINDOWS\system32\Hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\WINDOWS\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Development Company, L.P.) c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(QNAP) C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Portrait Displays\Pivot Software\wpCtrl.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Portrait Displays, Inc) C:\Program Files (x86)\Hewlett-Packard\HP My Display\DTHtml.exe
() C:\Program Files (x86)\Portrait Displays\Pivot Software\floater.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Portrait Displays Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSdkHelper.exe
(Intel Corporation) C:\WINDOWS\system32\igfxext.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe
(Avira Operations GmbH & Co. KG) C:\program files (x86)\avira\antivir desktop\avcenter.exe
(Thisisu) C:\Users\*****\Downloads\JRT.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\cmd.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188552 2013-05-28] (Realtek Semiconductor)
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-10] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2114376 2008-03-17] (CANON INC.)
HKLM\...\Run: [Eraser] - C:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771184 2014-01-25] (Synaptics Incorporated)
HKLM-x32\...\Run: [YouCam Service] - C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-05-22] (CyberLink Corp.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PivotSoftware] - C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe [694824 2009-03-03] ()
HKLM-x32\...\Run: [DT HPC] - C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [123688 2013-01-10] (Portrait Displays, Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] - C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] - C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-10-08] (Hewlett-Packard Development Company, L.P.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-01-28] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3605841183-1322370777-216223967-1002\...\Run: [Power2GoExpress8] - C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1714952 2013-10-16] (CyberLink Corp.)
HKU\S-1-5-21-3605841183-1322370777-216223967-1002\...\Run: [Nero MediaHome 4] - "C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-10-27] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT13/4
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {995F4BA9-CC4A-41A0-B361-FA996141DF9F} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {995F4BA9-CC4A-41A0-B361-FA996141DF9F} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\v4um31w7.default
FF Homepage: hxxp://www.google.com
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\IPSFF [2014-01-16]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-09-05] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-09-05] (CyberLink)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3526136 2013-08-27] (devolo AG)
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [140072 2013-01-10] (Portrait Displays, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [47416 2014-02-05] (Hewlett-Packard Company)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-10-08] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-22] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-01-24] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-01-24] (Intel Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [245832 2013-05-17] (Realtek Semiconductor)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-01-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [1526488 2014-01-10] (Symantec Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-01-16] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-01-16] (Symantec Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20140213.002\IDSvia64.sys [521944 2014-01-21] (Symantec Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-01-22] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2014-01-24] (Intel Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20140214.001\ENG64.SYS [126040 2014-01-16] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20140214.001\EX64.SYS [2099288 2014-01-16] (Symantec Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-08-21] (CACE Technologies)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [408136 2013-05-09] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2014-01-24] (Realtek Semiconductor Corporation                           )
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-01-22] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-04-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-01-25] (Synaptics Incorporated)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1404000.028\SymELAM.sys [23448 2012-11-15] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2014-01-16] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-14 19:44 - 2014-02-14 19:44 - 00000000 ____D () C:\Users\*****\Downloads\FRST-OlderVersion
2014-02-14 19:39 - 2014-02-14 19:42 - 00001066 _____ () C:\Users\*****\Desktop\JRT.txt
2014-02-14 19:26 - 2014-02-14 19:27 - 01037530 _____ (Thisisu) C:\Users\*****\Downloads\JRT.exe
2014-02-14 19:13 - 2014-02-14 19:13 - 01166132 _____ () C:\Users\*****\Downloads\adwcleaner.exe
2014-02-14 18:20 - 2014-02-14 18:50 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-14 18:20 - 2014-02-14 18:20 - 00119000 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-02-14 18:18 - 2014-02-14 18:18 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-02-14 18:15 - 2014-02-14 18:50 - 00000000 ____D () C:\Users\*****\Desktop\mbar
2014-02-13 20:59 - 2014-02-13 20:59 - 12589848 _____ (Malwarebytes Corp.) C:\Users\*****\Downloads\mbar-1.07.0.1009.exe
2014-02-12 20:45 - 2014-02-12 20:53 - 00024795 _____ () C:\Users\*****\Downloads\Gmer.txt
2014-02-12 20:41 - 2014-02-12 20:42 - 00380416 _____ () C:\Users\*****\Downloads\Gmer-19357.exe
2014-02-12 19:20 - 2014-02-12 20:52 - 00026506 _____ () C:\Users\*****\Downloads\Addition.txt
2014-02-12 19:19 - 2014-02-14 19:44 - 00022411 _____ () C:\Users\*****\Downloads\FRST.txt
2014-02-12 19:19 - 2014-02-14 19:44 - 00000000 ____D () C:\FRST
2014-02-12 19:15 - 2014-02-12 20:48 - 00000474 _____ () C:\Users\*****\Downloads\defogger_disable.log
2014-02-12 19:15 - 2014-02-12 19:15 - 00000000 _____ () C:\Users\*****\defogger_reenable
2014-02-12 19:10 - 2014-02-12 19:10 - 00050477 _____ () C:\Users\*****\Downloads\Defogger.exe
2014-02-12 19:09 - 2014-02-14 19:44 - 02152960 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe
2014-02-12 18:30 - 2014-02-12 18:30 - 25640672 _____ (Microsoft Corporation) C:\Users\*****\Downloads\Windows-KB890830-x64-V5.9.exe
2014-02-12 18:04 - 2014-02-14 19:15 - 00308593 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-11 21:27 - 2014-02-11 21:27 - 00000000 ____D () C:\Program Files (x86)\Hp
2014-02-11 20:50 - 2014-01-07 06:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-11 20:50 - 2014-01-07 05:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-11 20:50 - 2013-12-09 01:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-11 20:50 - 2013-12-09 00:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-11 20:50 - 2013-11-21 07:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-11 20:50 - 2013-11-21 06:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-11 20:49 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-11 20:49 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-11 20:49 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-11 20:49 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-11 20:49 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-11 20:49 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-11 20:49 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-11 20:49 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-11 20:49 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-11 20:49 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-11 20:49 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-11 20:49 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-11 20:49 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-11 20:49 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-11 20:49 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-11 20:49 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-11 20:49 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-11 20:49 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-11 20:49 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-11 20:49 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-11 20:49 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-11 20:49 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-11 20:49 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-11 20:49 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-11 20:49 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-11 20:49 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-11 20:49 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-11 20:49 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-11 20:49 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-11 20:49 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-11 20:49 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-11 20:49 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-11 20:49 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-11 20:49 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-11 20:49 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-11 20:49 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-11 20:49 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-11 20:46 - 2013-12-09 03:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-11 20:46 - 2013-12-09 02:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-02-11 20:45 - 2013-12-24 04:16 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-02-11 19:22 - 2014-02-11 21:15 - 00000360 _____ () C:\WINDOWS\Tasks\HPCeeScheduleFor*****.job
2014-02-11 19:22 - 2014-02-11 19:22 - 00003174 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleFor*****
2014-02-08 21:31 - 2014-02-08 21:31 - 00000000 ____D () C:\Users\*****\Documents\Benutzerdefinierte Office-Vorlagen
2014-02-08 11:29 - 2014-02-08 11:29 - 00000000 ____D () C:\ProgramData\Mozilla
2014-02-08 11:29 - 2014-02-08 11:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-03 23:12 - 2014-02-03 23:12 - 00002032 _____ () C:\Users\*****\Desktop\Avira EU-Cleaner.lnk
2014-02-03 21:14 - 2014-02-03 21:21 - 312761032 _____ (Norman Shark AS) C:\Users\*****\Downloads\Norman_Malware208_Cleaner.exe
2014-02-03 20:58 - 2014-02-08 11:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-03 20:58 - 2014-02-03 20:58 - 00001166 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-03 20:09 - 2014-02-03 20:09 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-02-03 19:50 - 2014-02-03 19:50 - 00002772 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-02-03 19:50 - 2014-02-03 19:50 - 00000841 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-03 19:50 - 2014-02-03 19:50 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-02 18:46 - 2014-02-10 18:55 - 00000000 ____D () C:\Users\*****\Ebay
2014-02-01 22:21 - 2014-02-01 22:21 - 03645064 _____ (Piriform Ltd) C:\Users\*****\Downloads\ccsetup410_slim.exe
2014-02-01 19:22 - 2014-02-01 19:22 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Malwarebytes
2014-02-01 19:21 - 2014-02-01 19:21 - 00001128 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-01 19:21 - 2014-02-01 19:21 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-01 19:21 - 2014-02-01 19:21 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-01 19:21 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-02-01 19:20 - 2014-02-01 19:20 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\*****\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-01 18:02 - 2014-02-03 23:12 - 00001053 _____ () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avira-eu-cleaner_de(1).lnk
2014-01-31 18:54 - 2014-01-31 18:55 - 00000597 _____ () C:\Users\*****\AppData\Roaming\haj-log_2014-01-31 18_54_50.mjf
2014-01-31 18:54 - 2014-01-31 18:54 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Imploded Software
2014-01-30 21:03 - 2014-01-30 21:03 - 00000000 ____D () C:\Users\*****\AppData\Local\Eraser 6
2014-01-25 19:41 - 2014-02-11 19:52 - 00000000 ____D () C:\Users\NeroMediaHomeUser.4
2014-01-25 19:41 - 2014-01-25 19:41 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Nero
2014-01-25 19:41 - 2014-01-25 19:41 - 00000000 ____D () C:\Users\*****\AppData\Local\Nero
2014-01-25 19:32 - 2014-01-25 19:48 - 00000000 ____D () C:\ProgramData\Nero
2014-01-25 15:52 - 2014-01-25 15:54 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-01-25 15:17 - 2014-01-25 15:17 - 00003166 _____ () C:\WINDOWS\System32\Tasks\CLVDLauncher
2014-01-25 15:17 - 2013-03-05 12:01 - 00091712 _____ (CyberLink) C:\WINDOWS\system32\Drivers\CLVirtualDrive.sys
2014-01-25 15:16 - 2014-01-25 15:16 - 00003166 _____ () C:\WINDOWS\System32\Tasks\CLMLSvc_P2G8
2014-01-25 14:33 - 2014-01-25 14:33 - 00000000 ____D () C:\Users\*****\AppData\Local\Downloaded Installations
2014-01-25 14:24 - 2014-01-25 14:24 - 00000000 ____D () C:\Users\*****\AppData\Local\MediaServer
2014-01-25 13:39 - 2014-01-25 13:39 - 00830680 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys
2014-01-25 13:39 - 2014-01-25 13:39 - 00074456 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2014-01-25 13:38 - 2014-01-25 13:38 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2014-01-25 13:37 - 2014-01-25 13:37 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2014-01-25 13:37 - 2014-01-25 13:36 - 00722160 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2014-01-25 13:37 - 2014-01-25 13:36 - 00524016 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys
2014-01-25 13:37 - 2014-01-25 13:36 - 00421616 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo19.dll
2014-01-25 13:37 - 2014-01-25 13:36 - 00400112 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCom.dll
2014-01-25 13:37 - 2014-01-25 13:36 - 00251632 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2014-01-25 13:37 - 2014-01-25 13:36 - 00169712 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynTPCom.dll
2014-01-25 13:37 - 2014-01-25 13:36 - 00034544 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2014-01-25 12:57 - 2014-02-03 19:52 - 00000000 ____D () C:\WINDOWS\Minidump
2014-01-24 21:56 - 2014-01-24 21:55 - 02944216 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\SysWOW64\Drivers\rtwlane.sys
2014-01-24 21:56 - 2014-01-24 21:55 - 02944216 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\rtwlane.sys
2014-01-24 21:56 - 2012-02-14 19:37 - 00594432 _____ (Realtek Semiconductor Corp. ) C:\WINDOWS\SysWOW64\Rtlihvs.dll
2014-01-24 21:50 - 2014-01-24 21:50 - 00099288 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverx64.sys
2014-01-24 21:41 - 2014-01-24 21:41 - 00000000 ____D () C:\Users\*****\Intel
2014-01-24 18:35 - 2014-02-08 21:52 - 00000000 ____D () C:\Users\*****\Documents\Outlook-Dateien
2014-01-24 18:35 - 2014-01-24 19:28 - 00271360 _____ () C:\Users\*****\Desktop\Outlook.pst
2014-01-23 18:11 - 2014-01-25 14:15 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-01-23 18:08 - 2014-01-23 18:08 - 00575168 _____ (Microsoft Corporation) C:\Users\*****\Downloads\Setup.x86.de-DE_ProPlusRetail_QHG2J-NGYMH-KR9XQ-QDDHW-6MQ63_act_1_.exe
2014-01-23 17:59 - 2014-01-23 17:59 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2014-01-22 22:26 - 2014-02-14 19:22 - 00000000 __RDO () C:\Users\*****\SkyDrive
2014-01-22 22:23 - 2014-01-22 22:23 - 00001457 _____ () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-22 22:23 - 2014-01-22 22:23 - 00000020 ___SH () C:\Users\*****\ntuser.ini
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-01-22 21:52 - 2014-01-22 21:52 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-01-22 21:51 - 2014-01-22 21:51 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-01-22 21:45 - 2014-01-22 21:47 - 00000000 ____D () C:\Users\Public\Documents\CyberLink
2014-01-22 21:42 - 2014-01-22 21:42 - 00000000 ____D () C:\Users\Default\Documents\hp.system.package.metadata
2014-01-22 21:42 - 2014-01-22 21:42 - 00000000 ____D () C:\Users\Default User\Documents\hp.system.package.metadata
2014-01-22 21:39 - 2014-02-12 19:15 - 00000000 ____D () C:\Users\*****
2014-01-22 21:39 - 2014-01-22 21:51 - 00028578 _____ () C:\WINDOWS\diagwrn.xml
2014-01-22 21:39 - 2014-01-22 21:51 - 00028578 _____ () C:\WINDOWS\diagerr.xml
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\Vorlagen
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\Startmenü
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\Netzwerkumgebung
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\Lokale Einstellungen
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\Eigene Dateien
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\Druckumgebung
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Musik
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Bilder
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Verlauf
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\UpdatusUser\Anwendungsdaten
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\Vorlagen
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\Startmenü
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\Netzwerkumgebung
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\Lokale Einstellungen
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\Eigene Dateien
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\Druckumgebung
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\Documents\Eigene Musik
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\Documents\Eigene Bilder
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\AppData\Local\Verlauf
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\AppData\Local\Anwendungsdaten
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 _SHDL () C:\Users\*****\Anwendungsdaten
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 ___RD () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-01-22 21:39 - 2014-01-22 21:39 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-01-22 21:39 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-01-22 21:39 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-01-22 21:39 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-01-22 21:39 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-01-22 21:39 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-01-22 21:39 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-01-22 21:36 - 2014-01-22 21:49 - 02008488 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-01-22 21:34 - 2013-10-23 09:20 - 06669600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-01-22 21:34 - 2013-10-23 09:20 - 03489568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-01-22 21:34 - 2013-10-23 09:20 - 03426956 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-01-22 21:34 - 2013-10-23 09:20 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-01-22 21:34 - 2013-10-23 09:20 - 01064224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2014-01-22 21:34 - 2013-10-23 09:20 - 00922912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-01-22 21:34 - 2013-10-23 09:20 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-01-22 21:34 - 2013-10-23 09:20 - 00067072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2014-01-22 21:34 - 2013-10-23 09:20 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-01-22 21:33 - 2014-01-24 21:44 - 00000000 ____D () C:\Program Files\Intel
2014-01-22 21:33 - 2014-01-22 21:41 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-01-22 21:33 - 2014-01-22 21:41 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-01-22 21:33 - 2014-01-22 21:34 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-01-22 21:33 - 2014-01-22 21:33 - 00000264 _____ () C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
2014-01-22 21:33 - 2014-01-22 21:33 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-01-22 21:33 - 2014-01-22 21:33 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
2014-01-22 21:33 - 2014-01-22 21:33 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-01-22 21:33 - 2014-01-22 21:33 - 00000000 ____D () C:\Program Files\Synaptics
2014-01-22 21:33 - 2013-12-21 00:02 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2014-01-22 21:33 - 2013-12-21 00:02 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2014-01-22 21:32 - 2014-01-22 21:32 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-01-22 21:32 - 2014-01-22 21:32 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-01-22 21:32 - 2014-01-22 21:32 - 00000000 ____D () C:\WINDOWS\system32\SRSLabs
2014-01-22 21:32 - 2014-01-22 21:32 - 00000000 ____D () C:\Program Files\Realtek
2014-01-22 21:30 - 2014-02-03 19:52 - 00000000 ___DC () C:\WINDOWS\Panther
2014-01-22 21:30 - 2014-01-22 21:30 - 00000000 __SHD () C:\Recovery
2014-01-22 21:29 - 2014-01-22 21:29 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-01-22 21:29 - 2014-01-22 21:29 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-01-22 21:29 - 2014-01-22 21:29 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-01-22 21:29 - 2014-01-22 21:29 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-01-22 21:28 - 2014-01-22 21:28 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-01-22 21:28 - 2014-01-22 21:28 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-01-22 21:28 - 2014-01-22 21:28 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-01-22 21:28 - 2014-01-22 21:28 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-01-22 21:28 - 2014-01-22 21:28 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-01-22 21:28 - 2014-01-22 21:28 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-01-22 21:28 - 2014-01-22 21:28 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-01-22 21:28 - 2014-01-22 21:28 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-01-22 21:28 - 2014-01-22 21:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-01-22 21:28 - 2014-01-22 21:28 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-01-22 21:28 - 2014-01-22 21:28 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-01-22 21:28 - 2014-01-22 21:28 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-01-22 21:28 - 2014-01-22 21:28 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-01-22 21:28 - 2014-01-22 21:28 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2014-01-22 21:28 - 2014-01-22 21:28 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-01-22 21:28 - 2014-01-22 21:28 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-01-22 21:28 - 2014-01-22 21:28 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-01-22 21:28 - 2014-01-22 21:28 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-01-22 21:27 - 2014-01-22 21:27 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-01-22 21:24 - 2014-01-22 21:24 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2014-01-22 21:24 - 2014-01-22 21:24 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2014-01-22 21:24 - 2014-01-22 21:24 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2014-01-22 21:24 - 2014-01-22 21:24 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2014-01-22 21:24 - 2014-01-22 21:24 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2014-01-22 21:24 - 2014-01-22 21:24 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2014-01-22 21:24 - 2014-01-22 21:24 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2014-01-22 21:24 - 2014-01-22 21:24 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2014-01-22 21:24 - 2014-01-22 21:24 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2014-01-22 21:24 - 2014-01-22 21:24 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2014-01-22 21:24 - 2014-01-22 21:24 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2014-01-22 21:24 - 2014-01-22 21:24 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2014-01-22 21:24 - 2014-01-22 21:24 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2014-01-22 21:24 - 2014-01-22 21:24 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-01-22 21:24 - 2014-01-22 21:24 - 00000000 ____D () C:\Program Files\MSBuild
2014-01-22 21:24 - 2014-01-22 21:24 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-01-22 21:24 - 2014-01-22 21:24 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-01-22 21:24 - 2014-01-22 21:24 - 00000000 ____D () C:\inetpub
2014-01-22 21:23 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-01-22 21:23 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-01-22 21:23 - 2013-08-03 05:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-01-22 21:23 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-01-22 21:23 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-01-22 21:23 - 2013-08-03 05:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-01-19 18:36 - 2014-01-19 18:36 - 00000000 ____D () C:\Users\*****\AppData\Local\Macromedia
2014-01-19 14:00 - 2014-01-19 14:00 - 00000000 ____D () C:\Users\*****\AppData\Roaming\CANON INC
2014-01-19 13:29 - 2014-01-19 13:29 - 00000000 ____D () C:\Users\*****\AppData\Local\Intel_Corporation
2014-01-19 12:59 - 2014-01-19 12:59 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-01-19 12:59 - 2014-01-19 12:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-01-18 11:33 - 2014-01-18 11:33 - 00002130 _____ () C:\Users\Public\Desktop\devolo dLAN Cockpit.lnk
2014-01-18 11:32 - 2014-01-18 11:32 - 00000000 ____D () C:\Program Files (x86)\devolo
2014-01-18 11:31 - 2014-01-18 11:31 - 23063544 _____ (devolo AG) C:\Users\*****\Downloads\software-dlan-cockpit-windows-v4-1-3.exe
2014-01-18 11:30 - 2014-01-18 11:28 - 00025088 _____ (Microsoft Corporation) C:\Users\*****\Desktop\ZAPGRAB.exe.EXE
2014-01-18 11:28 - 2014-01-18 11:28 - 00025088 _____ (Microsoft Corporation) C:\Users\*****\Downloads\ZAPGRAB.exe.EXE
2014-01-17 20:36 - 2014-02-11 22:00 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2014-01-17 20:36 - 2014-02-11 22:00 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-01-17 20:32 - 2014-01-17 20:32 - 00000000 ____D () C:\Users\*****\AppData\Roaming\DisplayTune
2014-01-17 20:32 - 2014-01-17 20:32 - 00000000 ____D () C:\Users\*****\AppData\Local\DisplayTune
2014-01-17 20:28 - 2014-01-17 20:28 - 00000000 ____D () C:\Program Files (x86)\Portrait Displays
2014-01-17 20:28 - 2009-07-12 00:56 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\mfcm80.dll
2014-01-17 20:28 - 2009-07-12 00:55 - 00632656 _____ (Microsoft Corporation) C:\WINDOWS\msvcr80.dll
2014-01-17 20:28 - 2009-07-12 00:55 - 00554832 _____ (Microsoft Corporation) C:\WINDOWS\msvcp80.dll
2014-01-17 20:28 - 2009-07-12 00:55 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\msvcm80.dll
2014-01-17 20:28 - 2009-07-12 00:55 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\mfcm80u.dll
2014-01-17 20:28 - 2009-07-11 19:46 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\mfc80.dll
2014-01-17 20:28 - 2009-07-11 19:46 - 01093120 _____ (Microsoft Corporation) C:\WINDOWS\mfc80u.dll
2014-01-17 20:28 - 2009-07-11 19:46 - 00002372 _____ () C:\WINDOWS\Microsoft.VC80.MFC.manifest
2014-01-17 20:28 - 2009-07-11 18:10 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\atl80.dll
2014-01-17 20:28 - 2009-07-11 18:10 - 00001870 _____ () C:\WINDOWS\Microsoft.VC80.CRT.manifest
2014-01-17 20:28 - 2009-07-11 18:10 - 00000466 _____ () C:\WINDOWS\Microsoft.VC80.ATL.manifest
2014-01-17 20:28 - 2007-04-04 09:30 - 00007432 _____ () C:\WINDOWS\SysWOW64\Machnm32.sys
2014-01-17 20:28 - 2004-08-04 00:56 - 01392671 _____ (Microsoft Corporation) C:\WINDOWS\msvbvm60.dll
2014-01-17 20:28 - 2002-01-05 04:48 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\mfc70.dll
2014-01-17 20:28 - 2002-01-05 03:40 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\msvcp70.dll
2014-01-17 20:28 - 2002-01-05 03:37 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\msvcr70.dll
2014-01-17 20:28 - 2001-06-01 08:26 - 00372736 _____ (Intel Corporation) C:\WINDOWS\ijl15.dll
2014-01-17 20:16 - 2014-02-03 19:52 - 00000000 ____D () C:\Users\*****\AppData\Local\CrashDumps
2014-01-17 20:16 - 2014-01-17 20:16 - 00000000 ____D () C:\ProgramData\Panasonic
2014-01-17 20:15 - 2014-01-17 20:15 - 00000000 ____D () C:\Users\*****\AppData\Roaming\InstallShield
2014-01-17 20:15 - 2014-01-17 20:15 - 00000000 ____D () C:\Users\*****\AppData\Local\Panasonic
2014-01-17 20:15 - 2007-06-22 00:10 - 00501912 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\SysWOW64\PICSDK2.dll
2014-01-17 20:15 - 2007-06-22 00:10 - 00000097 _____ () C:\WINDOWS\SysWOW64\PICSDK.ini
2014-01-17 20:15 - 2006-10-31 00:10 - 00120992 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\SysWOW64\EpPicPrt.dll
2014-01-17 20:15 - 2006-10-31 00:10 - 00071840 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\SysWOW64\EPPicMgr.dll
2014-01-17 20:15 - 2006-10-20 00:10 - 00108704 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\SysWOW64\PICEntry.dll
2014-01-17 20:15 - 2006-10-20 00:10 - 00080024 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\SysWOW64\PICSDK.dll
2014-01-17 20:15 - 2005-06-01 00:20 - 00111932 _____ () C:\WINDOWS\SysWOW64\EPPICPrinterDB.dat
2014-01-17 20:15 - 2004-03-03 06:10 - 00031053 _____ () C:\WINDOWS\SysWOW64\EPPICPattern131.dat
2014-01-17 20:15 - 2004-03-03 06:10 - 00027417 _____ () C:\WINDOWS\SysWOW64\EPPICPattern121.dat
2014-01-17 20:15 - 2004-03-03 06:10 - 00026154 _____ () C:\WINDOWS\SysWOW64\EPPICPattern1.dat
2014-01-17 20:15 - 2004-03-03 06:10 - 00024903 _____ () C:\WINDOWS\SysWOW64\EPPICPattern3.dat
2014-01-17 20:15 - 2004-03-03 06:10 - 00021390 _____ () C:\WINDOWS\SysWOW64\EPPICPattern5.dat
2014-01-17 20:15 - 2004-03-03 06:10 - 00020148 _____ () C:\WINDOWS\SysWOW64\EPPICPattern2.dat
2014-01-17 20:15 - 2004-03-03 06:10 - 00013732 _____ () C:\WINDOWS\SysWOW64\EPPICLocal_EN.cfg
2014-01-17 20:15 - 2004-03-03 06:10 - 00011811 _____ () C:\WINDOWS\SysWOW64\EPPICPattern4.dat
2014-01-17 20:15 - 2004-03-03 06:10 - 00006442 _____ () C:\WINDOWS\SysWOW64\EPPICLocal_IT.cfg
2014-01-17 20:15 - 2004-03-03 06:10 - 00006347 _____ () C:\WINDOWS\SysWOW64\EPPICLocal_PT.cfg
2014-01-17 20:15 - 2004-03-03 06:10 - 00006347 _____ () C:\WINDOWS\SysWOW64\EPPICLocal_BP.cfg
2014-01-17 20:15 - 2004-03-03 06:10 - 00006335 _____ () C:\WINDOWS\SysWOW64\EPPICLocal_GE.cfg
2014-01-17 20:15 - 2004-03-03 06:10 - 00006195 _____ () C:\WINDOWS\SysWOW64\EPPICLocal_FR.cfg
2014-01-17 20:15 - 2004-03-03 06:10 - 00006195 _____ () C:\WINDOWS\SysWOW64\EPPICLocal_CF.cfg
2014-01-17 20:15 - 2004-03-03 06:10 - 00006122 _____ () C:\WINDOWS\SysWOW64\EPPICLocal_DU.cfg
2014-01-17 20:15 - 2004-03-03 06:10 - 00006103 _____ () C:\WINDOWS\SysWOW64\EPPICLocal_ES.cfg
2014-01-17 20:15 - 2004-03-03 06:10 - 00005817 _____ () C:\WINDOWS\SysWOW64\EPPICLocal_KO.cfg
2014-01-17 20:15 - 2004-03-03 06:10 - 00005436 _____ () C:\WINDOWS\SysWOW64\EPPICLocal_SC.cfg
2014-01-17 20:15 - 2004-03-03 06:10 - 00004943 _____ () C:\WINDOWS\SysWOW64\EPPICPattern6.dat
2014-01-17 20:15 - 2004-03-03 06:10 - 00002889 _____ () C:\WINDOWS\SysWOW64\EPPICLocal_RU.cfg
2014-01-17 20:15 - 2004-03-03 06:10 - 00002426 _____ () C:\WINDOWS\SysWOW64\EPPICLocal_TC.cfg
2014-01-17 20:15 - 2004-03-03 06:10 - 00001146 _____ () C:\WINDOWS\SysWOW64\EPPICPresetData_DU.dat
2014-01-17 20:15 - 2004-03-03 06:10 - 00001139 _____ () C:\WINDOWS\SysWOW64\EPPICPresetData_PT.dat
2014-01-17 20:15 - 2004-03-03 06:10 - 00001139 _____ () C:\WINDOWS\SysWOW64\EPPICPresetData_BP.dat
2014-01-17 20:15 - 2004-03-03 06:10 - 00001136 _____ () C:\WINDOWS\SysWOW64\EPPICPresetData_ES.dat
2014-01-17 20:15 - 2004-03-03 06:10 - 00001129 _____ () C:\WINDOWS\SysWOW64\EPPICPresetData_FR.dat
2014-01-17 20:15 - 2004-03-03 06:10 - 00001129 _____ () C:\WINDOWS\SysWOW64\EPPICPresetData_CF.dat
2014-01-17 20:15 - 2004-03-03 06:10 - 00001120 _____ () C:\WINDOWS\SysWOW64\EPPICPresetData_IT.dat
2014-01-17 20:15 - 2004-03-03 06:10 - 00001107 _____ () C:\WINDOWS\SysWOW64\EPPICPresetData_GE.dat
2014-01-17 20:15 - 2004-03-03 06:10 - 00001104 _____ () C:\WINDOWS\SysWOW64\EPPICPresetData_EN.dat
2014-01-17 20:14 - 2014-01-17 20:14 - 00002184 _____ () C:\Users\Public\Desktop\PHOTOfunSTUDIO 6.0.lnk
2014-01-17 20:13 - 2014-01-17 20:13 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services
2014-01-17 20:13 - 2014-01-17 20:13 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-01-17 20:13 - 2014-01-17 20:13 - 00000000 ____D () C:\Program Files (x86)\Panasonic
2014-01-17 20:13 - 2014-01-17 20:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2014-01-17 20:08 - 2014-01-17 20:08 - 00002962 _____ () C:\WINDOWS\System32\Tasks\iSCSIAgentAutoStartup
2014-01-17 20:08 - 2014-01-17 20:08 - 00001097 _____ () C:\Users\Public\Desktop\Qfinder.lnk
2014-01-17 20:07 - 2014-01-17 20:08 - 11208576 _____ (Igor Pavlov) C:\Users\*****\Downloads\QNAPQfinderWindows-4.0.3.1025.exe
2014-01-17 19:44 - 2014-01-17 20:08 - 00000000 ____D () C:\Program Files (x86)\QNAP
2014-01-17 19:30 - 2014-01-17 19:30 - 00000000 ____D () C:\Users\*****\Documents\Klett
2014-01-17 19:27 - 2014-01-17 19:28 - 00000000 ____D () C:\Program Files (x86)\Klett
2014-01-17 19:26 - 2014-01-17 19:26 - 00002026 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-17 19:26 - 2014-01-17 19:26 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-01-17 18:56 - 2014-01-17 18:56 - 00000000 ____D () C:\sources
2014-01-17 18:53 - 2014-01-21 19:19 - 00000000 ____D () C:\Users\*****\AppData\Local\Adobe
2014-01-17 18:53 - 2014-01-21 19:19 - 00000000 ____D () C:\ProgramData\Adobe
2014-01-17 18:36 - 2014-01-17 18:36 - 00000000 ____D () C:\Users\Public\Documents\Canon MyCameraFiles
2014-01-17 18:35 - 2014-01-17 18:35 - 00001144 _____ () C:\Users\Public\Desktop\Map Utility.lnk
2014-01-17 18:30 - 2014-01-17 18:30 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Canon_Inc_IC
2014-01-17 18:29 - 2014-01-17 18:33 - 00001199 _____ () C:\Users\Public\Desktop\ImageBrowser EX.lnk
2014-01-17 18:28 - 2014-01-17 18:28 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-01-17 18:21 - 2014-01-17 18:21 - 00000000 ____D () C:\Users\*****\AppData\Roaming\canon
2014-01-17 18:21 - 2014-01-17 18:21 - 00000000 ____D () C:\ProgramData\Canon_Inc_IC
2014-01-17 18:05 - 2014-02-01 18:01 - 02209056 _____ () C:\Users\*****\Downloads\avira-eu-cleaner_de.exe
2014-01-17 18:01 - 2014-02-04 19:09 - 88567024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-17 18:01 - 2014-01-17 18:02 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-01-17 17:33 - 2014-01-17 17:33 - 00000000 ____D () C:\Users\*****\AppData\Local\HP Quick Start
2014-01-17 17:32 - 2014-01-25 15:59 - 00000000 ____D () C:\Users\*****\AppData\Roaming\CyberLink
2014-01-17 17:32 - 2014-01-17 17:32 - 00000000 ____D () C:\Users\*****\Documents\Avatar
2014-01-17 17:31 - 2013-05-04 05:51 - 00014848 ____N (Microsoft) C:\WINDOWS\system32\rars.rs
2014-01-17 17:31 - 2013-05-04 05:10 - 00014848 ____N (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2014-01-17 17:28 - 2014-01-17 17:28 - 00002061 _____ () C:\Users\Public\Desktop\Canon MP540 series Benutzerregistrierung.LNK
2014-01-17 17:23 - 2014-01-17 17:23 - 00002046 _____ () C:\Users\Public\Desktop\Canon Solution Menu.lnk
2014-01-17 17:23 - 2014-01-17 17:23 - 00001811 _____ () C:\Users\Public\Desktop\My Printer.lnk
2014-01-17 17:23 - 2014-01-17 17:23 - 00000000 ____D () C:\Program Files\Common Files\CANON
2014-01-17 17:23 - 2014-01-17 17:23 - 00000000 ____D () C:\Program Files\Canon
2014-01-17 17:22 - 2014-01-17 17:22 - 00002102 _____ () C:\Users\Public\Desktop\MP Navigator EX 2.0.lnk
2014-01-17 17:22 - 2014-01-17 17:22 - 00002100 _____ () C:\Users\Public\Desktop\Easy-PhotoPrint EX.lnk
2014-01-17 17:21 - 2014-01-17 17:21 - 00002335 _____ () C:\Users\Public\Desktop\MP540 series Online-Handbuch.lnk
2014-01-17 17:20 - 2014-01-22 21:41 - 00000000 ___HD () C:\WINDOWS\system32\CanonIJ Uninstaller Information
2014-01-17 17:20 - 2014-01-17 17:20 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-01-17 17:19 - 2014-01-17 17:19 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-01-17 17:19 - 2008-05-30 01:28 - 00293376 _____ (CANON INC.) C:\WINDOWS\system32\CNC540L.DLL
2014-01-17 17:19 - 2008-05-26 21:00 - 00279040 _____ (CANON INC.) C:\WINDOWS\system32\CNMLM9E.DLL
2014-01-17 17:19 - 2008-04-07 06:59 - 01354240 _____ (CANON INC.) C:\WINDOWS\system32\CNC540C.DLL
2014-01-17 17:19 - 2008-04-07 06:59 - 00092672 _____ (CANON INC.) C:\WINDOWS\system32\CNC540I.DLL
2014-01-17 17:19 - 2007-03-15 06:13 - 00229888 _____ (Canon Inc.) C:\WINDOWS\system32\CNC540O.DLL
2014-01-17 17:17 - 2014-01-17 18:36 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-01-16 19:58 - 2014-01-19 12:26 - 00000000 ____D () C:\Users\*****\AppData\Roaming\vlc
2014-01-16 19:44 - 2014-01-16 19:45 - 41404760 _____ (Apple Inc.) C:\Users\*****\Downloads\QuickTimeInstaller.exe
2014-01-16 19:41 - 2014-01-16 19:41 - 00001897 _____ () C:\Users\Public\Desktop\IrfanView Thumbnails.lnk
2014-01-16 19:41 - 2014-01-16 19:41 - 00001009 _____ () C:\Users\Public\Desktop\IrfanView.lnk
2014-01-16 19:41 - 2014-01-16 19:41 - 00000000 ____D () C:\Users\*****\AppData\Roaming\IrfanView
2014-01-16 19:41 - 2014-01-16 19:41 - 00000000 ____D () C:\Program Files (x86)\IrfanView
2014-01-16 19:39 - 2014-01-16 19:39 - 02179728 _____ (Irfan Skiljan) C:\Users\*****\Downloads\iview437g_setup.exe
2014-01-16 19:35 - 2014-02-14 19:15 - 00000000 ____D () C:\AdwCleaner
2014-01-16 19:34 - 2014-01-31 19:52 - 00000000 ____D () C:\ProgramData\Freemake
2014-01-16 19:34 - 2014-01-22 21:39 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2014-01-16 19:34 - 2014-01-17 19:40 - 00000000 ____D () C:\Users\*****\Documents\Freemake
2014-01-16 19:34 - 2014-01-16 19:34 - 00001327 _____ () C:\Users\Public\Desktop\Freemake Video Converter.lnk
2014-01-16 19:34 - 2014-01-16 19:34 - 00000000 ____D () C:\Program Files (x86)\Freemake
2014-01-16 19:31 - 2014-01-16 19:31 - 00001330 _____ () C:\Users\Public\Desktop\Helium Audio Joiner.lnk
2014-01-16 19:31 - 2014-01-16 19:31 - 00000000 ____D () C:\ProgramData\Imploded Software
2014-01-16 19:31 - 2014-01-16 19:31 - 00000000 ____D () C:\Program Files (x86)\Imploded Software
2014-01-16 19:30 - 2014-01-16 19:30 - 04646928 _____ (Imploded Software ) C:\Users\*****\Downloads\haj_setup-1.8.0.exe
2014-01-16 19:29 - 2014-01-16 19:29 - 00002064 _____ () C:\Users\Public\Desktop\MyPhoneExplorer.lnk
2014-01-16 19:28 - 2014-01-16 19:29 - 00000000 ____D () C:\Program Files (x86)\MyPhoneExplorer
2014-01-16 19:27 - 2014-01-16 19:27 - 07080248 _____ () C:\Users\*****\Downloads\MyPhoneExplorer_1.8.5.exe
2014-01-16 19:24 - 2014-01-16 19:24 - 00001754 _____ () C:\Users\Public\Desktop\Eraser.lnk
2014-01-16 19:24 - 2014-01-16 19:24 - 00000000 ____D () C:\Program Files\Eraser
2014-01-16 19:23 - 2014-01-16 19:23 - 09110456 _____ (The Eraser Project) C:\Users\*****\Downloads\Eraser_6.0.10.2620.exe
2014-01-16 19:21 - 2014-01-16 19:21 - 00000878 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-01-16 19:21 - 2014-01-16 19:21 - 00000000 ____D () C:\Program Files\VideoLAN
2014-01-16 19:19 - 2014-01-16 19:19 - 23679700 _____ () C:\Users\*****\Downloads\vlc-2.1.1-win64.exe
2014-01-16 19:16 - 2014-02-03 19:52 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Winamp
2014-01-16 19:16 - 2014-01-16 19:17 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-01-16 19:16 - 2014-01-16 19:16 - 00000986 _____ () C:\Users\Public\Desktop\Winamp.lnk
2014-01-16 19:16 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2014-01-16 19:16 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2014-01-16 19:14 - 2014-01-16 19:14 - 12855384 _____ (Nullsoft, Inc.) C:\Users\*****\Downloads\winamp5666_full_de-de_b3516.exe
2014-01-16 19:11 - 2014-01-16 19:11 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Mozilla
2014-01-16 19:11 - 2014-01-16 19:11 - 00000000 ____D () C:\Users\*****\AppData\Local\Mozilla
2014-01-16 19:09 - 2014-01-16 19:09 - 23867560 _____ (Mozilla) C:\Users\*****\Downloads\Firefox_Setup_26.0.exe
2014-01-16 19:08 - 2014-01-16 19:08 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Avira
2014-01-16 19:06 - 2014-01-16 19:06 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Macromedia
2014-01-16 19:05 - 2014-01-16 19:05 - 00002073 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-01-16 19:05 - 2014-01-16 19:05 - 00000000 ____D () C:\ProgramData\Avira
2014-01-16 19:05 - 2014-01-16 19:05 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-01-16 19:05 - 2013-12-18 09:32 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2014-01-16 19:05 - 2013-12-18 09:32 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2014-01-16 19:05 - 2013-12-18 09:32 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2014-01-16 18:49 - 2014-01-16 18:58 - 130658432 _____ () C:\Users\*****\Downloads\avira_free_antivirus_de.exe
2014-01-16 18:40 - 2014-01-25 14:30 - 00000000 ____D () C:\Users\*****\AppData\Roaming\hpqlog
2014-01-15 22:24 - 2014-01-15 22:24 - 00000427 ____H () C:\WINDOWS\system32\Rebecca.dat
2014-01-15 21:07 - 2014-02-09 19:06 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3605841183-1322370777-216223967-1002
2014-01-15 21:01 - 2014-01-15 21:21 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Hewlett-Packard
2014-01-15 21:01 - 2014-01-15 21:01 - 00000000 ____D () C:\MediaServer
2014-01-15 21:00 - 2014-01-25 14:27 - 00000000 ____D () C:\Users\*****\AppData\Local\CyberLink
2014-01-15 21:00 - 2014-01-17 17:32 - 00000000 ____D () C:\Users\*****\Documents\Youcam
2014-01-15 21:00 - 2014-01-15 21:00 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Synaptics
2014-01-15 20:59 - 2014-01-22 22:24 - 00000000 ___RD () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-15 20:59 - 2014-01-22 22:24 - 00000000 ___RD () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-01-15 20:59 - 2014-01-22 22:24 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-01-15 20:58 - 2014-01-21 19:19 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Adobe
2014-01-15 20:58 - 2013-11-21 07:27 - 00002233 _____ () C:\Users\Public\Desktop\Snapfish Fotos.lnk
2014-01-15 20:57 - 2014-02-11 19:22 - 00000000 ____D () C:\Users\*****\AppData\Local\Hewlett-Packard
2014-01-15 20:57 - 2014-01-15 20:57 - 00000000 ____D () C:\Users\*****\AppData\Local\Power2Go8
2014-01-15 20:56 - 2014-01-25 15:54 - 00000000 ____D () C:\Users\*****\AppData\Local\Packages
2014-01-15 20:56 - 2014-01-15 20:56 - 00000000 ____D () C:\Users\*****\AppData\Local\VirtualStore
2014-01-15 20:56 - 2013-07-22 10:02 - 00000000 ___HD () C:\Users\*****\Documents\hp.system.package.metadata
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\Vorlagen
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\Startmenü
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\Netzwerkumgebung
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\Lokale Einstellungen
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\Eigene Dateien
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\Druckumgebung
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Musik
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Bilder
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Verlauf
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Anwendungsdaten
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Users\Default.migrated\Anwendungsdaten
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Programme
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 _SHDL () C:\Dokumente und Einstellungen

14.02.2014, 00:13	#4
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Win 8.1 - Selbstoeffnender-tab-regclean-systweak Warum wurden die Logs gelöscht? Und ja, bitte alle geforderten Logs posten __________________ Logfiles bitte immer in CODE-Tags posten

14.02.2014, 09:14	#6
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Win 8.1 - Selbstoeffnender-tab-regclean-systweak Du hast den von mir verlinkten Artikel gelesen? Von Malwarebytes gibt es "immer" Logs __________________ --> Win 8.1 - Selbstoeffnender-tab-regclean-systweak

15.02.2014, 15:02	#14
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Win 8.1 - Selbstoeffnender-tab-regclean-systweak Logs bitte in CODE-Tags, nofalls aufteilen __________________ Logfiles bitte immer in CODE-Tags posten

Win 8.1 - Selbstoeffnender-tab-regclean-systweak

Log-Analyse und Auswertung: Win 8.1 - Selbstoeffnender-tab-regclean-systweak