Chrome Öffnet Seiten mit freeware-Angeboten (unteranderem delivery67) selbständig!

JeffdJeff · 27.05.2014, 19:33

Hallo, Ich schreibe vom Laptop meiner Eltern, den sie erst neu bekommen haben.
Da hab ich am ersten Tag vergessen addblock zu instalieren und schwups... jede menge Kaka.

Habe 3 Tests gemacht (sorry weiß nicht wie man einen schönen Spoiler macht

:
Malewarbytes (log):
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 27.05.2014
Scan Time: 20:00:33
Logfile: malw.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.05.27.07
Rootkit Database: v2014.05.21.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Lena

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 265547
Time Elapsed: 6 min, 42 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 1
PUP.Optional.BlockAndSurf.A, HKU\S-1-5-21-519987822-507761878-3893635422-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{0A81D8AD-AD92-427E-1DFF-223FAB5035E0}, C:\Program Files (x86)\BlockAndSurf-soft\170.xpi, , [93d080d6f487ff37a2b4e1a932d0fd03]

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

advcleaner:

# AdwCleaner v3.211 - Bericht erstellt am 27/05/2014 um 19:49:41
# Aktualisiert 26/05/2014 von Xplode
# Betriebssystem : Windows 8.1 (64 bits)
# Benutzername : Lena - ELENA
# Gestartet von : C:\Users\Lena\Downloads\adwcleaner_3.211 (1).exe
# Option : Löschen

***** [ Dienste ] *****

***** [ Dateien / Ordner ] *****

***** [ Verknüpfungen ] *****

***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\genesis
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17037

-\\ Google Chrome v35.0.1916.114

[ Datei : C:\Users\Lena\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [3650 octets] - [25/05/2014 21:15:02]
AdwCleaner[R1].txt - [1047 octets] - [26/05/2014 18:57:49]
AdwCleaner[R2].txt - [1168 octets] - [26/05/2014 19:02:20]
AdwCleaner[R3].txt - [1288 octets] - [27/05/2014 19:48:08]
AdwCleaner[S0].txt - [3254 octets] - [25/05/2014 21:15:28]
AdwCleaner[S1].txt - [1058 octets] - [26/05/2014 18:59:14]
AdwCleaner[S2].txt - [1180 octets] - [26/05/2014 19:04:37]
AdwCleaner[S3].txt - [1160 octets] - [27/05/2014 19:49:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1220 octets] ##########

JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by Lena on 27.05.2014 at 19:52:21,61
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27.05.2014 at 19:56:48,09
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

schrauber · 28.05.2014, 06:00

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

JeffdJeff · 28.05.2014, 12:10

frst

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by Lena (administrator) on ELENA on 28-05-2014 13:01:40
Running from C:\Users\Lena\Downloads
Platform: Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
() C:\Users\Lena\AppData\Local\Genesis_05232311\Genesis_05232311.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-12] (IDT, Inc.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17111056 2014-05-20] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2014-05-20] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-519987822-507761878-3893635422-1001\...\Run: [genesis_05232311] => c:\users\lena\appdata\local\genesis_05232311\genesis_05232311.exe [2953216 2014-05-24] ()
HKU\S-1-5-21-519987822-507761878-3893635422-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-01-06] (SUPERAntiSpyware)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyServer: http=127.0.0.1:13972;https=127.0.0.1:13972
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB471624F7973CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,de;q=0.7,ru;q=0.3
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome: 
=======
CHR HomePage: 
CHR Extension: (Google Docs) - C:\Users\Lena\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-26]
CHR Extension: (Google Drive) - C:\Users\Lena\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-26]
CHR Extension: (YouTube) - C:\Users\Lena\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-26]
CHR Extension: (Adblock Plus) - C:\Users\Lena\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-26]
CHR Extension: (Google-Suche) - C:\Users\Lena\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-26]
CHR Extension: (Google Wallet) - C:\Users\Lena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-26]
CHR Extension: (Google Mail) - C:\Users\Lena\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-26]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-11] (SUPERAntiSpyware.com)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-08-08] (Broadcom Corporation.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [976600 2013-08-19] (Broadcom Corporation.)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-08-08] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-03-18] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-05-28] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-03-18] (Microsoft Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-03-18] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2014-03-18] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-28 13:01 - 2014-05-28 13:01 - 00009503 _____ () C:\Users\Lena\Downloads\FRST.txt
2014-05-28 13:01 - 2014-05-28 13:01 - 00000000 ____D () C:\FRST
2014-05-28 13:00 - 2014-05-28 13:00 - 02066944 _____ (Farbar) C:\Users\Lena\Downloads\FRST64.exe
2014-05-27 20:07 - 2014-05-27 20:07 - 00001292 _____ () C:\Users\Lena\Desktop\malw.txt
2014-05-27 19:56 - 2014-05-27 19:56 - 00000613 _____ () C:\Users\Lena\Desktop\JRT.txt
2014-05-27 19:51 - 2014-05-27 19:51 - 00001300 _____ () C:\Users\Lena\Desktop\AdwCleaner[S3]dd.txt
2014-05-26 19:21 - 2014-05-26 19:21 - 00000000 ____D () C:\Windows\ERUNT
2014-05-26 19:20 - 2014-05-26 19:20 - 01016261 _____ (Thisisu) C:\Users\Lena\Downloads\JRT.exe
2014-05-26 18:56 - 2014-05-26 18:56 - 01327971 _____ () C:\Users\Lena\Downloads\adwcleaner_3.211 (1).exe
2014-05-26 18:53 - 2014-05-26 18:54 - 01327971 _____ () C:\Users\Lena\Downloads\adwcleaner_3.211.exe
2014-05-26 18:37 - 2014-05-27 19:50 - 00002195 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-26 18:37 - 2014-05-27 19:50 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-26 18:37 - 2014-05-27 19:42 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-26 18:37 - 2014-05-26 18:37 - 00004090 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-26 18:37 - 2014-05-26 18:37 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-26 18:37 - 2014-05-26 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-26 18:34 - 2014-05-26 18:34 - 00918672 _____ (Google Inc.) C:\Users\Lena\Downloads\ChromeSetup.exe
2014-05-25 21:15 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-25 21:14 - 2014-05-27 19:49 - 00000000 ____D () C:\AdwCleaner
2014-05-25 20:12 - 2014-05-27 20:12 - 00000520 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 4cf9be44-e0de-47f0-b507-4662330c3389.job
2014-05-25 20:12 - 2014-05-25 21:16 - 00000520 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 5ebeac05-d8e3-4df1-bc7b-dc04016e9ae0.job
2014-05-25 20:12 - 2014-05-25 20:12 - 00003566 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 5ebeac05-d8e3-4df1-bc7b-dc04016e9ae0
2014-05-25 20:12 - 2014-05-25 20:12 - 00003484 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 4cf9be44-e0de-47f0-b507-4662330c3389
2014-05-25 20:12 - 2014-05-25 20:12 - 00001820 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-05-25 20:12 - 2014-05-25 20:12 - 00000000 ____D () C:\Users\Lena\AppData\Roaming\SUPERAntiSpyware.com
2014-05-25 20:12 - 2014-05-25 20:12 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-05-25 20:12 - 2014-05-25 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-05-25 20:12 - 2014-05-25 20:12 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-05-25 20:10 - 2014-05-25 20:10 - 19279808 _____ (SUPERAntiSpyware) C:\Users\Lena\Downloads\SUPERAntiSpyware.exe
2014-05-24 16:02 - 2014-05-24 16:02 - 00001682 _____ () C:\Users\Lena\Desktop\WINWORD - Verknüpfung.lnk
2014-05-24 11:00 - 2014-05-24 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-05-24 10:58 - 2014-05-24 10:58 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-05-24 10:57 - 2014-05-24 10:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio
2014-05-24 10:56 - 2014-05-24 10:56 - 00000000 ____D () C:\Windows\PCHEALTH
2014-05-24 10:54 - 2014-05-24 10:54 - 00000000 ____D () C:\Users\Lena\AppData\Local\Blizzard
2014-05-24 10:54 - 2014-05-24 10:54 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-05-24 10:53 - 2014-05-24 11:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-24 10:53 - 2014-05-24 10:58 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-05-24 10:53 - 2014-05-24 10:53 - 00000000 __RHD () C:\MSOCache
2014-05-24 10:53 - 2014-05-24 10:53 - 00000000 ____D () C:\Users\Lena\AppData\Local\Microsoft Help
2014-05-24 10:41 - 2014-05-24 11:20 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-05-24 10:41 - 2014-05-24 10:41 - 00001195 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-05-24 10:41 - 2014-05-24 10:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-05-24 10:40 - 2014-05-25 20:03 - 00000000 ____D () C:\Users\Lena\AppData\Local\Battle.net
2014-05-24 10:40 - 2014-05-24 10:42 - 00000000 ____D () C:\Users\Lena\AppData\Roaming\Battle.net
2014-05-24 10:40 - 2014-05-24 10:40 - 00001158 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-05-24 10:40 - 2014-05-24 10:40 - 00000000 ____D () C:\Users\Lena\AppData\Local\Blizzard Entertainment
2014-05-24 10:40 - 2014-05-24 10:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-05-24 10:40 - 2014-05-24 10:40 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-05-24 10:40 - 2014-05-24 10:40 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-05-24 10:39 - 2014-05-24 10:39 - 00000000 ____D () C:\ProgramData\Battle.net
2014-05-24 10:38 - 2014-05-24 10:38 - 03099552 _____ (Blizzard Entertainment) C:\Users\Lena\Downloads\Hearthstone-Setup-enUS.exe
2014-05-24 10:37 - 2014-04-18 16:57 - 00032600 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2014-05-24 10:37 - 2014-04-18 16:44 - 01466856 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-05-24 10:37 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-05-24 10:37 - 2014-04-18 11:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\energyprov.dll
2014-05-24 10:37 - 2014-04-18 11:32 - 13287936 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-05-24 10:37 - 2014-04-18 10:58 - 11792384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-05-24 10:37 - 2014-04-18 10:32 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-05-24 10:37 - 2014-04-18 10:21 - 01126912 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-05-24 10:37 - 2014-04-18 10:09 - 08652800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-05-24 10:37 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-05-24 10:37 - 2014-04-18 09:49 - 05833216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-05-24 10:37 - 2014-04-14 11:20 - 00324888 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2014-05-24 10:37 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2014-05-24 10:37 - 2014-04-11 08:13 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-05-24 10:37 - 2014-04-11 06:51 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-05-24 10:37 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-05-24 10:37 - 2014-04-11 05:30 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-05-24 10:37 - 2014-04-09 13:53 - 00337240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-05-24 10:37 - 2014-04-09 08:39 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-05-24 10:37 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2014-05-24 10:37 - 2014-04-09 06:35 - 01411584 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-24 10:37 - 2014-04-09 05:33 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-05-24 10:37 - 2014-04-08 04:01 - 00589656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-05-24 10:37 - 2014-04-06 18:34 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-05-24 10:37 - 2014-04-06 18:34 - 00275800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-05-24 10:37 - 2014-04-06 18:32 - 00125496 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-05-24 10:37 - 2014-04-06 18:31 - 21268952 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-24 10:37 - 2014-04-06 18:30 - 00201920 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2014-05-24 10:37 - 2014-04-06 18:24 - 00360792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2014-05-24 10:37 - 2014-04-06 18:20 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-05-24 10:37 - 2014-04-06 18:20 - 01403856 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2014-05-24 10:37 - 2014-04-06 18:20 - 01379064 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-05-24 10:37 - 2014-04-06 18:20 - 00881616 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-05-24 10:37 - 2014-04-06 18:20 - 00765408 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-05-24 10:37 - 2014-04-06 18:20 - 00609448 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-05-24 10:37 - 2014-04-06 18:20 - 00491744 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2014-05-24 10:37 - 2014-04-06 18:20 - 00467496 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-05-24 10:37 - 2014-04-06 18:20 - 00463256 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-05-24 10:37 - 2014-04-06 18:20 - 00364640 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-05-24 10:37 - 2014-04-06 18:20 - 00244880 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-05-24 10:37 - 2014-04-06 18:20 - 00233912 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-05-24 10:37 - 2014-04-06 18:20 - 00028408 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-05-24 10:37 - 2014-04-06 17:23 - 00098584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-05-24 10:37 - 2014-04-06 17:22 - 18755672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-24 10:37 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2014-05-24 10:37 - 2014-04-06 17:16 - 02144984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-05-24 10:37 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-05-24 10:37 - 2014-04-06 17:16 - 00707048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-05-24 10:37 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-05-24 10:37 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-05-24 10:37 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-05-24 10:37 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-05-24 10:37 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-05-24 10:37 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-05-24 10:37 - 2014-04-06 16:10 - 04190720 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-05-24 10:37 - 2014-04-06 14:58 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-05-24 10:37 - 2014-04-06 14:51 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-05-24 10:37 - 2014-04-06 14:33 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2014-05-24 10:37 - 2014-04-06 14:24 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-05-24 10:37 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-05-24 10:37 - 2014-04-06 13:55 - 16872448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-05-24 10:37 - 2014-04-06 13:54 - 12711424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-05-24 10:37 - 2014-04-06 13:26 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2014-05-24 10:37 - 2014-04-06 13:20 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-05-24 10:37 - 2014-04-06 13:01 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-05-24 10:37 - 2014-04-06 12:52 - 00955904 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-05-24 10:37 - 2014-04-06 12:51 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-05-24 10:37 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-05-24 10:37 - 2014-04-06 12:36 - 00888320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-05-24 10:37 - 2014-04-06 12:05 - 01222656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2014-05-24 10:37 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2014-05-24 10:37 - 2014-04-03 10:12 - 02124840 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-05-24 10:37 - 2014-04-03 10:12 - 00307304 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-05-24 10:37 - 2014-04-03 10:12 - 00130144 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2014-05-24 10:37 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-05-24 10:37 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2014-05-24 10:37 - 2014-04-03 05:53 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-05-24 10:37 - 2014-04-03 04:53 - 04269056 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-05-24 10:37 - 2014-04-03 04:53 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-05-24 10:37 - 2014-04-03 04:51 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-05-24 10:37 - 2014-04-03 04:23 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-05-24 10:37 - 2014-04-03 04:23 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-05-24 10:37 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
2014-05-24 10:37 - 2014-04-03 04:22 - 03359744 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-05-24 10:37 - 2014-04-03 04:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
2014-05-24 10:37 - 2014-04-01 08:23 - 00384856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-05-24 10:37 - 2014-03-31 07:42 - 07425368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-24 10:37 - 2014-03-31 07:35 - 02518360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-05-24 10:37 - 2014-03-31 07:35 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-05-24 10:37 - 2014-03-31 02:41 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2014-05-24 10:37 - 2014-03-31 02:01 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-05-24 10:37 - 2014-03-31 01:43 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-05-24 10:37 - 2014-03-31 00:54 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-05-24 10:37 - 2014-03-31 00:49 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-05-24 10:37 - 2014-03-31 00:35 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-05-24 10:37 - 2014-03-31 00:11 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-05-24 10:37 - 2014-03-30 23:47 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-05-24 10:37 - 2014-03-28 17:58 - 00407016 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2014-05-24 10:37 - 2014-03-27 08:16 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-05-24 10:37 - 2014-03-27 07:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2014-05-24 10:37 - 2014-03-27 06:59 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-05-24 10:37 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2014-05-24 10:37 - 2014-03-27 06:19 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-05-24 10:37 - 2014-03-27 05:46 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-05-24 10:37 - 2014-03-27 05:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-05-24 10:37 - 2014-03-27 05:10 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-05-24 10:37 - 2014-03-25 00:58 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-05-24 10:37 - 2014-03-20 05:48 - 00263424 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-05-24 10:37 - 2014-03-20 02:44 - 06645248 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-05-24 10:37 - 2014-03-20 01:33 - 05774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-05-24 10:37 - 2014-03-19 10:15 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2014-05-24 10:37 - 2014-03-19 10:07 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-05-24 10:37 - 2014-03-19 09:24 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-05-24 10:37 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2014-05-24 10:37 - 2014-03-19 08:36 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-05-24 10:37 - 2014-03-19 07:56 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-05-24 10:37 - 2014-03-19 07:45 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-05-24 10:37 - 2014-03-19 07:19 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-05-24 10:37 - 2014-03-19 07:07 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-05-24 10:37 - 2014-03-19 07:02 - 01527296 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-05-24 10:37 - 2014-03-19 07:00 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-05-24 10:37 - 2014-03-19 06:51 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-05-24 10:37 - 2014-03-19 06:31 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-05-24 10:37 - 2014-03-19 06:18 - 02688000 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-05-24 10:37 - 2014-03-18 10:19 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-05-24 10:37 - 2014-03-18 07:00 - 07173120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2014-05-24 10:37 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2014-05-24 10:37 - 2014-03-17 07:09 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-05-24 10:37 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-05-24 10:37 - 2014-03-17 05:01 - 00486912 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-05-24 10:37 - 2014-03-17 04:47 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-05-24 10:37 - 2014-03-17 04:45 - 00370176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-05-24 10:37 - 2014-03-14 08:26 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2014-05-24 10:37 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2014-05-24 10:37 - 2014-03-06 14:42 - 00310616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-05-24 10:37 - 2014-01-27 20:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-05-24 10:29 - 2014-05-24 10:34 - 427406992 _____ (Microsoft Corporation) C:\Users\Lena\Downloads\office2007.exe
2014-05-24 01:18 - 2014-05-28 12:52 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-24 01:18 - 2014-05-24 01:18 - 00001114 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-24 01:18 - 2014-05-24 01:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-24 01:18 - 2014-05-24 01:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-24 01:18 - 2014-05-24 01:18 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-24 01:18 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-24 01:18 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-24 01:18 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-24 01:17 - 2014-05-24 01:17 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Lena\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-24 01:11 - 2014-05-27 19:43 - 00000000 ____D () C:\Users\Lena\AppData\Local\Genesis_05232311
2014-05-24 01:11 - 2014-05-24 01:23 - 00000000 ____D () C:\Users\Lena\AppData\Local\31629
2014-05-24 01:11 - 2014-05-24 01:11 - 00000000 ____D () C:\Users\Lena\AppData\Local\Comodo
2014-05-24 01:11 - 2014-05-24 01:11 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-05-24 01:11 - 2014-05-24 01:11 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-05-24 01:11 - 2014-05-24 01:11 - 00000000 ____D () C:\Users\Gast
2014-05-24 01:11 - 2014-05-24 01:11 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-24 01:11 - 2014-05-24 01:11 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-05-24 01:11 - 2014-05-24 01:11 - 00000000 ____D () C:\Users\Administrator
2014-05-24 01:11 - 2014-05-24 01:11 - 00000000 ____D () C:\ProgramData\ae47a0e3c3e7ce1c
2014-05-24 01:10 - 2014-05-24 01:10 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-05-24 01:08 - 2014-05-24 01:08 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-05-24 01:08 - 2014-05-24 01:08 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-05-24 01:08 - 2014-05-24 01:08 - 00000000 ____D () C:\Program Files\MSBuild
2014-05-24 01:08 - 2014-05-24 01:08 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-05-24 01:08 - 2014-05-24 01:08 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-05-24 01:07 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2014-05-24 01:07 - 2013-08-03 06:48 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-05-24 01:07 - 2013-08-03 06:48 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-05-24 01:07 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2014-05-24 01:07 - 2013-08-03 06:41 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-05-24 01:07 - 2013-08-03 06:41 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-05-24 01:05 - 2014-05-24 01:05 - 00000000 ____D () C:\Users\Lena\AppData\Roaming\Wise
2014-05-23 19:06 - 2014-05-23 19:06 - 00000000 ____D () C:\ProgramData\Energy Management
2014-05-20 20:23 - 2014-05-20 20:23 - 00006916 _____ () C:\Windows\DPINST.LOG
2014-05-20 20:23 - 2014-05-20 20:23 - 00000000 ____D () C:\Program Files\DIFX
2014-05-20 20:23 - 2014-05-20 20:22 - 00039008 _____ (Lenovo.) C:\Windows\system32\Drivers\LhdX64.sys
2014-05-20 20:23 - 2014-05-20 20:22 - 00019872 _____ (Lenovo (Beijing) Limited) C:\Windows\system32\LenovoSDKEmSubSystem.dll
2014-05-20 20:22 - 2014-05-20 20:23 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2014-05-20 20:22 - 2014-05-20 20:22 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2014-05-19 19:54 - 2014-05-19 19:56 - 00000000 ___RD () C:\Windows\BrowserChoice
2014-05-19 19:50 - 2014-05-19 19:51 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-19 19:50 - 2014-05-04 17:12 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-19 19:47 - 2014-05-19 19:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-05-19 19:04 - 2014-05-19 18:10 - 00000000 ____D () C:\Windows\Panther
2014-05-19 18:15 - 2014-05-27 19:58 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-519987822-507761878-3893635422-1001
2014-05-19 18:14 - 2014-05-19 18:14 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-05-19 18:14 - 2013-09-04 17:53 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2014-05-19 18:14 - 2013-09-04 17:53 - 00099288 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2014-05-19 18:14 - 2013-08-08 16:49 - 02252504 _____ (Broadcom Corporation.) C:\Windows\system32\BtwRSupportService.exe
2014-05-19 18:14 - 2013-08-08 16:49 - 00057254 _____ () C:\Windows\system32\Drivers\BCM43142A0_001.001.011.0161.0172.hex
2014-05-19 18:14 - 2013-08-08 16:48 - 00170712 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\bcbtums.sys
2014-05-19 18:14 - 2013-07-03 13:41 - 00066264 _____ (Broadcom Corporation.) C:\Windows\system32\btwdi.dll
2014-05-19 18:11 - 2014-05-19 18:11 - 00000424 _____ () C:\Users\Lena\Desktop\Arbeitsplatz.lnk
2014-05-19 18:11 - 2014-05-19 18:11 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-05-19 18:10 - 2014-05-28 12:52 - 01659828 _____ () C:\Windows\WindowsUpdate.log
2014-05-19 18:10 - 2014-05-26 12:31 - 00000000 ____D () C:\Users\Lena
2014-05-19 18:10 - 2014-05-24 10:46 - 00000000 ___RD () C:\Users\Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-19 18:10 - 2014-05-24 10:46 - 00000000 ___RD () C:\Users\Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-19 18:10 - 2014-05-19 20:00 - 00000000 ____D () C:\Users\Lena\AppData\Roaming\Adobe
2014-05-19 18:10 - 2014-05-19 19:56 - 00000000 ____D () C:\Users\Lena\AppData\Local\Packages
2014-05-19 18:10 - 2014-05-19 18:10 - 00000020 ___SH () C:\Users\Lena\ntuser.ini
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Vorlagen
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Startmenü
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Netzwerkumgebung
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Lokale Einstellungen
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Eigene Dateien
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Druckumgebung
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Documents\Eigene Musik
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Documents\Eigene Bilder
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\AppData\Local\Verlauf
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\AppData\Local\Anwendungsdaten
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Anwendungsdaten
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 ____D () C:\Users\Lena\AppData\Local\VirtualStore
2014-05-19 18:10 - 2014-03-18 12:31 - 00000000 ___RD () C:\Users\Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-19 18:10 - 2014-03-18 12:31 - 00000000 ___RD () C:\Users\Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-05-19 18:10 - 2014-03-18 12:11 - 00000369 _____ () C:\Users\Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-05-19 18:10 - 2014-03-18 12:11 - 00000369 _____ () C:\Users\Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-05-19 18:10 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-19 18:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Programme
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-05-19 18:06 - 2014-05-19 18:06 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-05-19 18:04 - 2014-05-25 21:09 - 00000000 ____D () C:\Users\Lena\AppData\Roaming\uTorrent
2014-05-19 18:01 - 2014-05-27 19:44 - 00000000 ____D () C:\Users\Lena\AppData\Roaming\Skype
2014-05-19 18:01 - 2014-05-19 18:01 - 00002533 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-05-19 18:01 - 2014-05-19 18:01 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-19 18:01 - 2014-05-19 18:01 - 00000000 ____D () C:\Users\Lena\AppData\Local\Skype
2014-05-19 18:01 - 2014-05-19 18:01 - 00000000 ____D () C:\ProgramData\Skype
2014-05-19 18:01 - 2014-05-19 18:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-05-19 18:00 - 2014-05-19 18:00 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-19 18:00 - 2014-05-19 18:00 - 00002039 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-05-19 17:59 - 2014-05-23 19:06 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-19 17:59 - 2014-05-19 17:59 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-05-19 17:58 - 2014-05-19 20:00 - 00000000 ____D () C:\Users\Lena\AppData\Local\Adobe
2014-05-19 17:51 - 2014-05-26 18:38 - 00000000 ____D () C:\Users\Lena\AppData\Local\Google
2014-05-19 17:51 - 2014-05-26 18:37 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-19 17:50 - 2014-03-20 06:19 - 01291200 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-19 17:50 - 2014-03-20 05:41 - 02013016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-05-19 17:50 - 2014-03-20 05:41 - 00376152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2014-05-19 17:50 - 2014-03-20 05:40 - 01112536 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-19 17:50 - 2014-03-20 02:53 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2014-05-19 17:50 - 2014-03-20 02:48 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\ReInfo.dll
2014-05-19 17:50 - 2014-03-20 01:55 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-19 17:50 - 2014-03-20 01:39 - 00800256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2014-05-19 17:50 - 2014-03-20 01:36 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReInfo.dll
2014-05-19 17:50 - 2014-03-19 09:13 - 00836096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-19 17:50 - 2014-03-19 07:57 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2014-05-19 17:50 - 2014-03-19 07:50 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\w32tm.exe
2014-05-19 17:50 - 2014-03-19 07:31 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2014-05-19 17:50 - 2014-03-19 07:20 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\w32tm.exe
2014-05-19 17:50 - 2014-03-19 07:08 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2014-05-19 17:50 - 2014-03-13 14:35 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wof.sys
2014-05-19 17:50 - 2014-03-12 15:45 - 00387210 _____ () C:\Windows\system32\ApnDatabase.xml
2014-05-19 17:50 - 2014-03-11 17:18 - 01015808 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2014-05-19 17:50 - 2014-03-11 16:28 - 00887296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2014-05-19 17:50 - 2014-03-11 14:42 - 02641920 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-05-19 17:50 - 2014-03-11 14:35 - 02317824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-05-19 17:50 - 2014-03-08 22:47 - 00565536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-05-19 17:50 - 2014-03-08 22:47 - 00180056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-19 17:50 - 2014-03-08 22:40 - 00136024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2014-05-19 17:50 - 2014-03-08 22:38 - 01542768 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2014-05-19 17:50 - 2014-03-08 22:35 - 00467800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-05-19 17:50 - 2014-03-08 17:29 - 01339240 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-05-19 17:50 - 2014-03-08 17:29 - 00356848 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2014-05-19 17:50 - 2014-03-08 13:34 - 01095488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2014-05-19 17:50 - 2014-03-08 11:34 - 00731648 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-05-19 17:50 - 2014-03-08 11:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\sxproxy.dll
2014-05-19 17:50 - 2014-03-08 10:44 - 00731648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-05-19 17:50 - 2014-03-08 10:33 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
2014-05-19 17:50 - 2014-03-08 10:25 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\SetNetworkLocation.dll
2014-05-19 17:50 - 2014-03-08 10:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxproxy.dll
2014-05-19 17:50 - 2014-03-08 09:53 - 01843712 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2014-05-19 17:50 - 2014-03-08 09:47 - 00222720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spp.dll
2014-05-19 17:50 - 2014-03-08 09:12 - 01816576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-05-19 17:50 - 2014-03-08 09:04 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2014-05-19 17:50 - 2014-03-08 09:03 - 00939520 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-19 17:50 - 2014-03-08 09:01 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-05-19 17:50 - 2014-03-08 08:50 - 01066496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-05-19 17:50 - 2014-03-08 08:48 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2014-05-19 17:50 - 2014-03-08 08:46 - 01063424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-05-19 17:50 - 2014-03-08 08:41 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-05-19 17:50 - 2014-03-08 08:40 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2014-05-19 17:50 - 2014-03-08 08:37 - 00755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-19 17:50 - 2014-03-08 08:31 - 00222720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2014-05-19 17:50 - 2014-03-08 08:30 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2014-05-19 17:50 - 2014-03-08 08:25 - 00264192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-05-19 17:50 - 2014-03-08 08:04 - 00717312 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-05-19 17:50 - 2014-03-08 07:58 - 00567296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-05-19 17:50 - 2014-03-08 07:41 - 01306624 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2014-05-19 17:50 - 2014-03-08 07:11 - 00924160 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2014-05-19 17:50 - 2014-03-06 16:34 - 02331000 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-05-19 17:50 - 2014-03-06 16:34 - 00113648 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2014-05-19 17:50 - 2014-03-06 14:53 - 02141912 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-05-19 17:50 - 2014-03-06 14:53 - 00518552 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-05-19 17:50 - 2014-03-06 14:51 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-05-19 17:50 - 2014-03-06 14:51 - 00488280 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2014-05-19 17:50 - 2014-03-06 14:51 - 00379224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-05-19 17:50 - 2014-03-06 14:39 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-05-19 17:50 - 2014-03-06 13:19 - 00390488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2014-05-19 17:50 - 2014-03-06 13:19 - 00094016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2014-05-19 17:50 - 2014-03-06 13:13 - 01779800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-05-19 17:50 - 2014-03-06 13:13 - 00406912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-05-19 17:50 - 2014-03-06 12:46 - 01679128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-05-19 17:50 - 2014-03-06 11:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-05-19 17:50 - 2014-03-06 11:24 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-05-19 17:50 - 2014-03-06 11:24 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2014-05-19 17:50 - 2014-03-06 11:22 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-05-19 17:50 - 2014-03-06 11:22 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-05-19 17:50 - 2014-03-06 11:19 - 00283648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-05-19 17:50 - 2014-03-06 11:19 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-05-19 17:50 - 2014-03-06 11:19 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2014-05-19 17:50 - 2014-03-06 11:19 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-05-19 17:50 - 2014-03-06 11:19 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.Search.UriHandler.dll
2014-05-19 17:50 - 2014-03-06 11:08 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2014-05-19 17:50 - 2014-03-06 11:08 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\l2gpstore.dll
2014-05-19 17:50 - 2014-03-06 10:41 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\DevPropMgr.dll
2014-05-19 17:50 - 2014-03-06 10:38 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-05-19 17:50 - 2014-03-06 10:20 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-05-19 17:50 - 2014-03-06 10:10 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\l2gpstore.dll
2014-05-19 17:50 - 2014-03-06 10:09 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-05-19 17:50 - 2014-03-06 10:00 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2014-05-19 17:50 - 2014-03-06 09:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-05-19 17:50 - 2014-03-06 09:16 - 00171008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2014-05-19 17:50 - 2014-03-06 09:02 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2014-05-19 17:50 - 2014-03-06 08:51 - 02900992 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2014-05-19 17:50 - 2014-03-06 08:39 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-05-19 17:50 - 2014-03-06 08:31 - 02479616 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-05-19 17:50 - 2014-03-06 08:29 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2014-05-19 17:50 - 2014-03-06 08:27 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-05-19 17:50 - 2014-03-06 08:24 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
2014-05-19 17:50 - 2014-03-06 08:23 - 02270208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2014-05-19 17:50 - 2014-03-06 08:23 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dafWfdProvider.dll
2014-05-19 17:50 - 2014-03-06 08:21 - 00291840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2014-05-19 17:50 - 2014-03-06 08:13 - 00298496 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2014-05-19 17:50 - 2014-03-06 08:11 - 02030080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-05-19 17:50 - 2014-03-06 08:09 - 01764864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2014-05-19 17:50 - 2014-03-06 08:06 - 00386560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlangpui.dll
2014-05-19 17:50 - 2014-03-06 08:04 - 00226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2014-05-19 17:50 - 2014-03-06 08:01 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll
2014-05-19 17:50 - 2014-03-06 07:51 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
2014-05-19 17:50 - 2014-03-06 07:47 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2014-05-19 17:50 - 2014-03-06 07:42 - 00280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2014-05-19 17:50 - 2014-03-04 14:25 - 02373784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-05-19 17:50 - 2014-03-04 14:14 - 00360512 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-05-19 17:50 - 2014-03-04 13:16 - 02088160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-05-19 17:50 - 2014-03-04 13:10 - 00355832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-05-19 17:50 - 2014-03-04 09:16 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-05-19 17:50 - 2014-03-04 09:13 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-05-19 17:50 - 2014-03-04 09:08 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2014-05-19 17:50 - 2014-03-04 09:00 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll
2014-05-19 17:50 - 2014-03-04 08:56 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RMapi.dll
2014-05-19 17:50 - 2014-03-04 08:50 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-05-19 17:50 - 2014-03-04 08:42 - 00494592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-05-19 17:50 - 2014-03-04 08:39 - 00254976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2014-05-19 17:50 - 2014-03-04 08:32 - 00356864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll
2014-05-19 17:50 - 2014-03-04 08:15 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.dll
2014-05-19 17:50 - 2014-03-04 08:05 - 00402432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.dll
2014-05-19 17:50 - 2014-03-04 08:03 - 00669696 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2014-05-19 17:50 - 2014-03-04 08:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\CredentialMigrationHandler.dll
2014-05-19 17:50 - 2014-03-04 07:54 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll
2014-05-19 17:50 - 2014-03-04 07:52 - 00605184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2014-05-19 17:50 - 2013-12-24 01:28 - 00262656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2014-05-19 17:50 - 2013-12-24 01:26 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2014-05-19 17:49 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-19 17:49 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-19 17:49 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-19 17:49 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-19 17:49 - 2014-04-11 12:03 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2014-05-19 17:49 - 2014-04-11 12:03 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-05-19 17:49 - 2014-04-11 10:25 - 00419928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2014-05-19 17:49 - 2014-04-11 08:04 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-05-19 17:49 - 2014-04-11 07:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-05-19 17:49 - 2014-04-11 07:22 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-05-19 17:49 - 2014-04-11 05:54 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2014-05-19 17:49 - 2014-04-11 05:06 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-05-19 17:49 - 2014-04-11 05:05 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-19 17:49 - 2014-04-11 05:05 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-05-19 17:49 - 2014-04-11 05:02 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-19 17:49 - 2014-04-11 05:02 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-05-19 17:49 - 2014-04-11 05:01 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-05-19 17:49 - 2014-04-11 05:00 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-05-19 17:49 - 2014-04-11 04:59 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-05-19 17:49 - 2014-04-11 04:57 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-05-19 17:49 - 2014-04-11 04:56 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-05-19 17:49 - 2014-04-11 04:55 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-05-19 17:49 - 2014-04-11 04:53 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-05-19 17:49 - 2014-04-11 04:52 - 03464192 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-05-19 17:49 - 2014-04-11 04:46 - 01705472 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-05-19 17:49 - 2014-04-11 04:36 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-05-19 17:49 - 2014-04-11 04:34 - 00754688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-05-19 17:49 - 2014-04-11 04:29 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2014-05-19 17:49 - 2014-04-11 04:25 - 00921088 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-05-19 17:49 - 2014-03-24 04:30 - 00257880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-05-19 17:49 - 2014-03-24 04:30 - 00123224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2014-05-19 17:49 - 2014-03-24 04:27 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-05-19 17:49 - 2014-03-13 09:42 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-05-19 17:49 - 2014-03-13 08:51 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-05-19 17:49 - 2014-02-06 13:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-19 17:49 - 2014-02-06 12:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-19 17:48 - 2014-04-09 00:46 - 00086688 _____ (Microsoft Corporation) C:\Windows\system32\mrt_map.dll
2014-05-19 17:48 - 2014-04-09 00:46 - 00028320 _____ (Microsoft Corporation) C:\Windows\system32\mrt100.dll
2014-05-19 17:48 - 2014-04-08 20:54 - 00080032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt_map.dll
2014-05-19 17:48 - 2014-04-08 20:54 - 00026784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt100.dll
2014-05-19 17:48 - 2014-03-11 15:21 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-05-19 17:48 - 2014-03-11 15:02 - 00629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-05-19 17:46 - 2014-01-19 09:38 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-05-19 17:45 - 2014-05-28 12:55 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{CD59A460-E4BB-43D1-BB9E-B54C97289C8B}
2014-05-19 17:45 - 2014-05-19 17:45 - 00000000 __SHD () C:\Users\Lena\AppData\Local\EmieUserList
2014-05-19 17:45 - 2014-05-19 17:45 - 00000000 __SHD () C:\Users\Lena\AppData\Local\EmieSiteList
2014-05-19 17:45 - 2014-05-19 17:45 - 00000000 ____D () C:\Users\Lena\AppData\Roaming\Macromedia
2014-05-19 12:30 - 2014-05-19 12:30 - 00000000 ____D () C:\Users\Lena\Documents\Bluetooth-Exchange-Ordner
2014-05-19 12:30 - 2014-05-19 12:30 - 00000000 ____D () C:\Users\Lena\AppData\Local\Broadcom
2014-05-19 12:29 - 2014-05-20 20:23 - 00000000 ____D () C:\Program Files\Lenovo
2014-05-19 12:29 - 2013-07-12 17:41 - 00228568 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwavdt.sys
2014-05-19 12:29 - 2013-07-12 17:41 - 00186584 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwaudio.sys
2014-05-19 12:29 - 2013-07-12 17:41 - 00038616 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwrchid.sys
2014-05-19 12:29 - 2012-07-27 20:18 - 00040248 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwl2cap.sys
2014-05-19 12:27 - 2014-05-19 12:27 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-05-19 12:27 - 2014-05-19 12:27 - 00000000 ____D () C:\Program Files\Dolby Digital Plus
2014-05-19 12:27 - 2013-08-12 08:54 - 06101504 _____ (IDT, Inc.) C:\Windows\system32\stlang64.dll
2014-05-19 12:27 - 2013-08-12 08:54 - 02213376 _____ (IDT, Inc.) C:\Windows\system32\stapo64.dll
2014-05-19 12:27 - 2013-08-12 08:54 - 01897984 _____ (IDT, Inc.) C:\Windows\system32\IDTNC64.cpl
2014-05-19 12:27 - 2013-08-12 08:54 - 00697856 ____N (IDT, Inc.) C:\Windows\system32\stapi64.dll
2014-05-19 12:27 - 2013-08-12 08:54 - 00551936 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt64.sys
2014-05-19 12:27 - 2013-08-12 08:54 - 00499200 _____ (IDT, Inc.) C:\Windows\system32\stcplx64.dll
2014-05-19 12:27 - 2013-08-12 08:54 - 00338944 _____ (IDT, Inc.) C:\Windows\system32\stacsv64.exe
2014-05-19 12:27 - 2013-08-12 08:54 - 00256000 _____ (IDT, Inc.) C:\Windows\system32\st646490.dll
2014-05-19 12:27 - 2013-08-12 08:54 - 00088576 _____ (IDT, Inc.) C:\Windows\system32\IDTPMA64.exe
2014-05-19 12:27 - 2013-08-06 04:11 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-05-19 12:27 - 2013-08-05 23:56 - 06219096 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2014-05-19 12:27 - 2013-08-05 23:56 - 01908568 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2014-05-19 12:27 - 2013-08-05 23:56 - 00312152 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2014-05-19 12:26 - 2014-05-19 12:27 - 00000000 ____D () C:\Program Files\IDT
2014-05-19 12:26 - 2013-08-05 23:56 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2014-05-19 12:25 - 2014-05-20 20:23 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-19 12:25 - 2014-05-19 12:25 - 00000000 ____D () C:\ProgramData\AmUStor
2014-05-19 12:25 - 2014-05-19 12:25 - 00000000 ____D () C:\Program Files (x86)\AmIcoSingLun
2014-05-19 12:22 - 2014-05-19 12:22 - 00000000 ____D () C:\Program Files\Intel
2014-05-19 12:22 - 2014-05-19 12:22 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-05-19 12:22 - 2014-05-19 12:22 - 00000000 ____D () C:\Intel
2014-05-19 12:22 - 2014-01-25 02:23 - 00064000 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2014-05-19 12:22 - 2014-01-25 02:23 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL

==================== One Month Modified Files and Folders =======

2014-05-28 13:01 - 2014-05-28 13:01 - 00009503 _____ () C:\Users\Lena\Downloads\FRST.txt
2014-05-28 13:01 - 2014-05-28 13:01 - 00000000 ____D () C:\FRST
2014-05-28 13:00 - 2014-05-28 13:00 - 02066944 _____ (Farbar) C:\Users\Lena\Downloads\FRST64.exe
2014-05-28 12:55 - 2014-05-19 17:45 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{CD59A460-E4BB-43D1-BB9E-B54C97289C8B}
2014-05-28 12:52 - 2014-05-24 01:18 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-28 12:52 - 2014-05-19 18:10 - 01659828 _____ () C:\Windows\WindowsUpdate.log
2014-05-28 12:52 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-05-27 20:14 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-05-27 20:12 - 2014-05-25 20:12 - 00000520 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 4cf9be44-e0de-47f0-b507-4662330c3389.job
2014-05-27 20:07 - 2014-05-27 20:07 - 00001292 _____ () C:\Users\Lena\Desktop\malw.txt
2014-05-27 19:58 - 2014-05-19 18:15 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-519987822-507761878-3893635422-1001
2014-05-27 19:57 - 2014-03-18 12:03 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-27 19:57 - 2014-03-18 11:25 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2014-05-27 19:57 - 2014-03-18 11:25 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2014-05-27 19:56 - 2014-05-27 19:56 - 00000613 _____ () C:\Users\Lena\Desktop\JRT.txt
2014-05-27 19:51 - 2014-05-27 19:51 - 00001300 _____ () C:\Users\Lena\Desktop\AdwCleaner[S3]dd.txt
2014-05-27 19:50 - 2014-05-26 18:37 - 00002195 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-27 19:50 - 2014-05-26 18:37 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-27 19:50 - 2014-03-18 03:50 - 00111904 _____ () C:\Windows\PFRO.log
2014-05-27 19:50 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-27 19:49 - 2014-05-25 21:14 - 00000000 ____D () C:\AdwCleaner
2014-05-27 19:44 - 2014-05-19 18:01 - 00000000 ____D () C:\Users\Lena\AppData\Roaming\Skype
2014-05-27 19:43 - 2014-05-24 01:11 - 00000000 ____D () C:\Users\Lena\AppData\Local\Genesis_05232311
2014-05-27 19:42 - 2014-05-26 18:37 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-26 19:21 - 2014-05-26 19:21 - 00000000 ____D () C:\Windows\ERUNT
2014-05-26 19:20 - 2014-05-26 19:20 - 01016261 _____ (Thisisu) C:\Users\Lena\Downloads\JRT.exe
2014-05-26 19:04 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-05-26 18:56 - 2014-05-26 18:56 - 01327971 _____ () C:\Users\Lena\Downloads\adwcleaner_3.211 (1).exe
2014-05-26 18:54 - 2014-05-26 18:53 - 01327971 _____ () C:\Users\Lena\Downloads\adwcleaner_3.211.exe
2014-05-26 18:38 - 2014-05-19 17:51 - 00000000 ____D () C:\Users\Lena\AppData\Local\Google
2014-05-26 18:37 - 2014-05-26 18:37 - 00004090 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-26 18:37 - 2014-05-26 18:37 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-26 18:37 - 2014-05-26 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-26 18:37 - 2014-05-19 17:51 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-26 18:34 - 2014-05-26 18:34 - 00918672 _____ (Google Inc.) C:\Users\Lena\Downloads\ChromeSetup.exe
2014-05-26 12:31 - 2014-05-19 18:10 - 00000000 ____D () C:\Users\Lena
2014-05-25 21:16 - 2014-05-25 20:12 - 00000520 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 5ebeac05-d8e3-4df1-bc7b-dc04016e9ae0.job
2014-05-25 21:16 - 2013-08-22 16:44 - 00481408 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-25 21:09 - 2014-05-19 18:04 - 00000000 ____D () C:\Users\Lena\AppData\Roaming\uTorrent
2014-05-25 20:12 - 2014-05-25 20:12 - 00003566 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 5ebeac05-d8e3-4df1-bc7b-dc04016e9ae0
2014-05-25 20:12 - 2014-05-25 20:12 - 00003484 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 4cf9be44-e0de-47f0-b507-4662330c3389
2014-05-25 20:12 - 2014-05-25 20:12 - 00001820 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-05-25 20:12 - 2014-05-25 20:12 - 00000000 ____D () C:\Users\Lena\AppData\Roaming\SUPERAntiSpyware.com
2014-05-25 20:12 - 2014-05-25 20:12 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-05-25 20:12 - 2014-05-25 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-05-25 20:12 - 2014-05-25 20:12 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-05-25 20:10 - 2014-05-25 20:10 - 19279808 _____ (SUPERAntiSpyware) C:\Users\Lena\Downloads\SUPERAntiSpyware.exe
2014-05-25 20:03 - 2014-05-24 10:40 - 00000000 ____D () C:\Users\Lena\AppData\Local\Battle.net
2014-05-24 16:02 - 2014-05-24 16:02 - 00001682 _____ () C:\Users\Lena\Desktop\WINWORD - Verknüpfung.lnk
2014-05-24 11:20 - 2014-05-24 10:41 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-05-24 11:01 - 2014-05-24 10:53 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-24 11:00 - 2014-05-24 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-05-24 10:58 - 2014-05-24 10:58 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-05-24 10:58 - 2014-05-24 10:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-05-24 10:57 - 2014-05-24 10:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio
2014-05-24 10:57 - 2014-03-18 11:40 - 00000000 ____D () C:\Windows\ShellNew
2014-05-24 10:56 - 2014-05-24 10:56 - 00000000 ____D () C:\Windows\PCHEALTH
2014-05-24 10:55 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-05-24 10:54 - 2014-05-24 10:54 - 00000000 ____D () C:\Users\Lena\AppData\Local\Blizzard
2014-05-24 10:54 - 2014-05-24 10:54 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-05-24 10:54 - 2013-08-22 15:25 - 00000167 _____ () C:\Windows\win.ini
2014-05-24 10:53 - 2014-05-24 10:53 - 00000000 __RHD () C:\MSOCache
2014-05-24 10:53 - 2014-05-24 10:53 - 00000000 ____D () C:\Users\Lena\AppData\Local\Microsoft Help
2014-05-24 10:46 - 2014-05-19 18:10 - 00000000 ___RD () C:\Users\Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-24 10:46 - 2014-05-19 18:10 - 00000000 ___RD () C:\Users\Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-24 10:44 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-05-24 10:44 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-05-24 10:44 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-05-24 10:42 - 2014-05-24 10:40 - 00000000 ____D () C:\Users\Lena\AppData\Roaming\Battle.net
2014-05-24 10:41 - 2014-05-24 10:41 - 00001195 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-05-24 10:41 - 2014-05-24 10:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-05-24 10:40 - 2014-05-24 10:40 - 00001158 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-05-24 10:40 - 2014-05-24 10:40 - 00000000 ____D () C:\Users\Lena\AppData\Local\Blizzard Entertainment
2014-05-24 10:40 - 2014-05-24 10:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-05-24 10:40 - 2014-05-24 10:40 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-05-24 10:40 - 2014-05-24 10:40 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-05-24 10:39 - 2014-05-24 10:39 - 00000000 ____D () C:\ProgramData\Battle.net
2014-05-24 10:38 - 2014-05-24 10:38 - 03099552 _____ (Blizzard Entertainment) C:\Users\Lena\Downloads\Hearthstone-Setup-enUS.exe
2014-05-24 10:34 - 2014-05-24 10:29 - 427406992 _____ (Microsoft Corporation) C:\Users\Lena\Downloads\office2007.exe
2014-05-24 01:23 - 2014-05-24 01:11 - 00000000 ____D () C:\Users\Lena\AppData\Local\31629
2014-05-24 01:18 - 2014-05-24 01:18 - 00001114 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-24 01:18 - 2014-05-24 01:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-24 01:18 - 2014-05-24 01:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-24 01:18 - 2014-05-24 01:18 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-24 01:17 - 2014-05-24 01:17 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Lena\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-24 01:11 - 2014-05-24 01:11 - 00000000 ____D () C:\Users\Lena\AppData\Local\Comodo
2014-05-24 01:11 - 2014-05-24 01:11 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-05-24 01:11 - 2014-05-24 01:11 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-05-24 01:11 - 2014-05-24 01:11 - 00000000 ____D () C:\Users\Gast
2014-05-24 01:11 - 2014-05-24 01:11 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-24 01:11 - 2014-05-24 01:11 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-05-24 01:11 - 2014-05-24 01:11 - 00000000 ____D () C:\Users\Administrator
2014-05-24 01:11 - 2014-05-24 01:11 - 00000000 ____D () C:\ProgramData\ae47a0e3c3e7ce1c
2014-05-24 01:10 - 2014-05-24 01:10 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-05-24 01:10 - 2013-08-22 17:36 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-05-24 01:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-05-24 01:08 - 2014-05-24 01:08 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-05-24 01:08 - 2014-05-24 01:08 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-05-24 01:08 - 2014-05-24 01:08 - 00000000 ____D () C:\Program Files\MSBuild
2014-05-24 01:08 - 2014-05-24 01:08 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-05-24 01:08 - 2014-05-24 01:08 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-05-24 01:08 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-05-24 01:08 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\MUI
2014-05-24 01:05 - 2014-05-24 01:05 - 00000000 ____D () C:\Users\Lena\AppData\Roaming\Wise
2014-05-23 19:06 - 2014-05-23 19:06 - 00000000 ____D () C:\ProgramData\Energy Management
2014-05-23 19:06 - 2014-05-19 17:59 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-20 20:23 - 2014-05-20 20:23 - 00006916 _____ () C:\Windows\DPINST.LOG
2014-05-20 20:23 - 2014-05-20 20:23 - 00000000 ____D () C:\Program Files\DIFX
2014-05-20 20:23 - 2014-05-20 20:22 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2014-05-20 20:23 - 2014-05-19 12:29 - 00000000 ____D () C:\Program Files\Lenovo
2014-05-20 20:23 - 2014-05-19 12:25 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-20 20:22 - 2014-05-20 20:23 - 00039008 _____ (Lenovo.) C:\Windows\system32\Drivers\LhdX64.sys
2014-05-20 20:22 - 2014-05-20 20:23 - 00019872 _____ (Lenovo (Beijing) Limited) C:\Windows\system32\LenovoSDKEmSubSystem.dll
2014-05-20 20:22 - 2014-05-20 20:22 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2014-05-20 20:22 - 2012-07-08 20:22 - 00035600 _____ (Lenovo Corporation) C:\Windows\system32\Drivers\AcpiVpc.sys
2014-05-20 20:22 - 2012-02-21 05:48 - 02356592 _____ (Microsoft Corporation) C:\Windows\system32\WudfUpdate_01011.dll
2014-05-19 20:00 - 2014-05-19 18:10 - 00000000 ____D () C:\Users\Lena\AppData\Roaming\Adobe
2014-05-19 20:00 - 2014-05-19 17:58 - 00000000 ____D () C:\Users\Lena\AppData\Local\Adobe
2014-05-19 19:56 - 2014-05-19 19:54 - 00000000 ___RD () C:\Windows\BrowserChoice
2014-05-19 19:56 - 2014-05-19 18:10 - 00000000 ____D () C:\Users\Lena\AppData\Local\Packages
2014-05-19 19:54 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-19 19:54 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-19 19:54 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-05-19 19:54 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\setup
2014-05-19 19:54 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2014-05-19 19:54 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-19 19:54 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-19 19:52 - 2013-08-22 16:46 - 00014392 _____ () C:\Windows\setupact.log
2014-05-19 19:51 - 2014-05-19 19:50 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-19 19:47 - 2014-05-19 19:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-05-19 19:04 - 2013-08-22 17:36 - 00262144 _____ () C:\Windows\system32\config\BCD-Template
2014-05-19 18:14 - 2014-05-19 18:14 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-05-19 18:11 - 2014-05-19 18:11 - 00000424 _____ () C:\Users\Lena\Desktop\Arbeitsplatz.lnk
2014-05-19 18:11 - 2014-05-19 18:11 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-05-19 18:10 - 2014-05-19 19:04 - 00000000 ____D () C:\Windows\Panther
2014-05-19 18:10 - 2014-05-19 18:10 - 00000020 ___SH () C:\Users\Lena\ntuser.ini
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Vorlagen
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Startmenü
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Netzwerkumgebung
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Lokale Einstellungen
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Eigene Dateien
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Druckumgebung
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Documents\Eigene Musik
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Documents\Eigene Bilder
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\AppData\Local\Verlauf
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\AppData\Local\Anwendungsdaten
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Anwendungsdaten
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 ____D () C:\Users\Lena\AppData\Local\VirtualStore
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Programme
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-05-19 18:08 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-05-19 18:08 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows NT
2014-05-19 18:08 - 2013-08-22 15:36 - 00000000 __RHD () C:\Users\Default
2014-05-19 18:07 - 2013-08-22 17:37 - 00002664 _____ () C:\Windows\DtcInstall.log
2014-05-19 18:07 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\Recovery
2014-05-19 18:06 - 2014-05-19 18:06 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-05-19 18:01 - 2014-05-19 18:01 - 00002533 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-05-19 18:01 - 2014-05-19 18:01 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-19 18:01 - 2014-05-19 18:01 - 00000000 ____D () C:\Users\Lena\AppData\Local\Skype
2014-05-19 18:01 - 2014-05-19 18:01 - 00000000 ____D () C:\ProgramData\Skype
2014-05-19 18:01 - 2014-05-19 18:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-05-19 18:00 - 2014-05-19 18:00 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-19 18:00 - 2014-05-19 18:00 - 00002039 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-05-19 17:59 - 2014-05-19 17:59 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-05-19 17:47 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-05-19 17:45 - 2014-05-19 17:45 - 00000000 __SHD () C:\Users\Lena\AppData\Local\EmieUserList
2014-05-19 17:45 - 2014-05-19 17:45 - 00000000 __SHD () C:\Users\Lena\AppData\Local\EmieSiteList
2014-05-19 17:45 - 2014-05-19 17:45 - 00000000 ____D () C:\Users\Lena\AppData\Roaming\Macromedia
2014-05-19 12:30 - 2014-05-19 12:30 - 00000000 ____D () C:\Users\Lena\Documents\Bluetooth-Exchange-Ordner
2014-05-19 12:30 - 2014-05-19 12:30 - 00000000 ____D () C:\Users\Lena\AppData\Local\Broadcom
2014-05-19 12:29 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
2014-05-19 12:27 - 2014-05-19 12:27 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-05-19 12:27 - 2014-05-19 12:27 - 00000000 ____D () C:\Program Files\Dolby Digital Plus
2014-05-19 12:27 - 2014-05-19 12:26 - 00000000 ____D () C:\Program Files\IDT
2014-05-19 12:25 - 2014-05-19 12:25 - 00000000 ____D () C:\ProgramData\AmUStor
2014-05-19 12:25 - 2014-05-19 12:25 - 00000000 ____D () C:\Program Files (x86)\AmIcoSingLun
2014-05-19 12:25 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\restore
2014-05-19 12:22 - 2014-05-19 12:22 - 00000000 ____D () C:\Program Files\Intel
2014-05-19 12:22 - 2014-05-19 12:22 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-05-19 12:22 - 2014-05-19 12:22 - 00000000 ____D () C:\Intel
2014-05-12 07:26 - 2014-05-24 01:18 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-24 01:18 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-24 01:18 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-06 06:40 - 2014-05-19 17:49 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 05:25 - 2014-05-19 17:49 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:00 - 2014-05-19 17:49 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-19 17:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-04 17:12 - 2014-05-19 19:50 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-01 22:30 - 2013-08-22 17:38 - 00693240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-01 22:30 - 2013-08-22 17:38 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\Lena\AppData\Local\Temp\gv5jl5be.p2w.exe
C:\Users\Lena\AppData\Local\Temp\nsiA47D.exe
C:\Users\Lena\AppData\Local\Temp\nsmA1DC.exe
C:\Users\Lena\AppData\Local\Temp\nsuE969.exe
C:\Users\Lena\AppData\Local\Temp\nsz9BB.exe
C:\Users\Lena\AppData\Local\Temp\nszE6C9.exe
C:\Users\Lena\AppData\Local\Temp\p2km23zb.bfu.exe
C:\Users\Lena\AppData\Local\Temp\Quarantine.exe
C:\Users\Lena\AppData\Local\Temp\w53x3n4u.0fs.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe
[2014-05-24 10:37] - [2014-03-28 17:58] - 0407016 ____A (Microsoft Corporation) 067CB90C277DB4A737D5DEABA3055972

C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-05-24 10:37] - [2014-03-06 14:42] - 0310616 ____A (Microsoft Corporation) 4BB9BC49DEE1A319EC58274A7BBED663



LastRegBack: 2014-05-19 18:05

==================== End Of Log ============================

--- --- ---

addition

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 02
Ran by Lena at 2014-05-28 13:02:12
Running from C:\Users\Lena\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 20.2.1245.53580 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 20.2.1245.53580 - Alcor Micro Corp.) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.14 - Lenovo)
Energy Management (x32 Version: 8.0.2.14 - Lenovo) Hidden
Genesis (HKCU\...\genesis_05232311) (Version:  - ) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6490.0 - IDT)
InetStat (HKCU\...\InetStat) (Version: 0.4 - InetStat)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.7800 - Broadcom Corporation)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Professional 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)

==================== Restore Points  =========================

19-05-2014 10:25:09 Installiert Alcor Micro USB Card Reader
20-05-2014 18:22:47 Installiert Energy Management
23-05-2014 23:05:56 Windows Modules Installer

==================== Hosts content: ==========================

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {035792A1-D4EF-4A78-BF9A-AA9628C281A3} - System32\Tasks\Microsoft\Windows\Setup\SetupCleanupTask
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {09BC9279-428E-432F-A55A-18538F857966} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-26] (Google Inc.)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1C86EB71-0D69-4112-AB08-0404700FFCCA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-26] (Google Inc.)
Task: {1DE0CA86-2FC0-42EE-B3E5-675AE49C6571} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2559CBD2-D54B-411A-84C9-E2A689E2115A} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2D330D5E-0BB1-414E-9B73-9ECB1D5B6553} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {30858D07-C617-4C2F-95DC-B23A4547385B} - System32\Tasks\SUPERAntiSpyware Scheduled Task 4cf9be44-e0de-47f0-b507-4662330c3389 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {643CC1A3-3CD2-4C09-A129-089FB2E0C442} - System32\Tasks\SUPERAntiSpyware Scheduled Task 5ebeac05-d8e3-4df1-bc7b-dc04016e9ae0 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7BB1EC61-3140-48A7-9245-3DD56ECC42BA} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D4F1838F-B2D1-4B45-AEF2-FB800DF0E0ED} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {FF771ADC-35FC-413F-A176-C855BA8FBA89} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-05-04] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 4cf9be44-e0de-47f0-b507-4662330c3389.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 5ebeac05-d8e3-4df1-bc7b-dc04016e9ae0.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Loaded Modules (whitelisted) =============

2013-08-19 16:03 - 2013-08-19 16:03 - 00049368 _____ () C:\Program Files\Lenovo\Bluetooth Software\btwleapi.dll
2014-01-25 02:22 - 2014-01-25 02:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-05-24 01:11 - 2014-05-24 01:11 - 02953216 _____ () C:\Users\Lena\AppData\Local\Genesis_05232311\Genesis_05232311.exe
2014-05-26 18:37 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-26 18:37 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-26 18:37 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-26 18:37 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-26 18:37 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 54%
Total physical RAM: 3975.35 MB
Available physical RAM: 1827.5 MB
Total Pagefile: 5383.35 MB
Available Pagefile: 3303.91 MB
Total Virtual: 131072 MB
Available Virtual: 131071.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.42 GB) (Free:442.12 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: D9FA2484)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber · 29.05.2014, 13:46

Adware & Co. deinstallieren

Lade Dir bitte von hier Revo Uninstaller herunter.
Installiere und starte das Programm.
Suche im Uninstallerfeld nach den Programmen, die unter:

diesen Zusatz haben:
Wähle die Programme nacheinander aus und klicke jedesmal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter:

Revo Uninstaller - Download - Filepony
damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.google.com/chrome/answer/3296214?hl=de

Frisches FRST log bitte.

JeffdJeff · 29.05.2014, 15:08

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by Lena (administrator) on ELENA on 29-05-2014 15:59:58
Running from C:\Users\Lena\Downloads
Platform: Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
() C:\Users\Lena\AppData\Local\Genesis_05232311\Genesis_05232311.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-12] (IDT, Inc.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17111056 2014-05-20] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2014-05-20] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-519987822-507761878-3893635422-1001\...\Run: [genesis_05232311] => c:\users\lena\appdata\local\genesis_05232311\genesis_05232311.exe [2953216 2014-05-24] ()
HKU\S-1-5-21-519987822-507761878-3893635422-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-01-06] (SUPERAntiSpyware)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyServer: http=127.0.0.1:13972;https=127.0.0.1:13972
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB471624F7973CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,de;q=0.7,ru;q=0.3
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome: 
=======
CHR HomePage: 
CHR Extension: (Google Docs) - C:\Users\Lena\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-26]
CHR Extension: (Google Drive) - C:\Users\Lena\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-26]
CHR Extension: (YouTube) - C:\Users\Lena\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-26]
CHR Extension: (Adblock Plus) - C:\Users\Lena\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-26]
CHR Extension: (Google-Suche) - C:\Users\Lena\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-26]
CHR Extension: (Google Wallet) - C:\Users\Lena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-26]
CHR Extension: (Google Mail) - C:\Users\Lena\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-26]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-11] (SUPERAntiSpyware.com)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-08-08] (Broadcom Corporation.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [976600 2013-08-19] (Broadcom Corporation.)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-08-08] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-03-18] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-05-29] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-03-18] (Microsoft Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-03-18] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2014-03-18] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-29 15:46 - 2014-05-29 15:46 - 00002267 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-29 15:46 - 2014-05-29 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-29 15:40 - 2014-05-29 15:40 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lena\Downloads\revosetup95 (1).exe
2014-05-29 15:34 - 2014-05-29 15:34 - 00001280 _____ () C:\Users\Lena\Desktop\Revo Uninstaller.lnk
2014-05-29 15:34 - 2014-05-29 15:34 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-29 15:32 - 2014-05-29 15:32 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lena\Downloads\revosetup95.exe
2014-05-28 13:02 - 2014-05-28 13:02 - 00012015 _____ () C:\Users\Lena\Downloads\Addition.txt
2014-05-28 13:01 - 2014-05-29 15:59 - 00008903 _____ () C:\Users\Lena\Downloads\FRST.txt
2014-05-28 13:01 - 2014-05-29 15:59 - 00000000 ____D () C:\FRST
2014-05-28 13:00 - 2014-05-28 13:00 - 02066944 _____ (Farbar) C:\Users\Lena\Downloads\FRST64.exe
2014-05-27 20:07 - 2014-05-27 20:07 - 00001292 _____ () C:\Users\Lena\Desktop\malw.txt
2014-05-27 19:56 - 2014-05-27 19:56 - 00000613 _____ () C:\Users\Lena\Desktop\JRT.txt
2014-05-27 19:51 - 2014-05-27 19:51 - 00001300 _____ () C:\Users\Lena\Desktop\AdwCleaner[S3]dd.txt
2014-05-26 19:21 - 2014-05-26 19:21 - 00000000 ____D () C:\Windows\ERUNT
2014-05-26 19:20 - 2014-05-26 19:20 - 01016261 _____ (Thisisu) C:\Users\Lena\Downloads\JRT.exe
2014-05-26 18:56 - 2014-05-26 18:56 - 01327971 _____ () C:\Users\Lena\Downloads\adwcleaner_3.211 (1).exe
2014-05-26 18:53 - 2014-05-26 18:54 - 01327971 _____ () C:\Users\Lena\Downloads\adwcleaner_3.211.exe
2014-05-26 18:37 - 2014-05-29 15:59 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-26 18:37 - 2014-05-29 15:42 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-26 18:37 - 2014-05-26 18:37 - 00004090 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-26 18:37 - 2014-05-26 18:37 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-26 18:34 - 2014-05-26 18:34 - 00918672 _____ (Google Inc.) C:\Users\Lena\Downloads\ChromeSetup.exe
2014-05-25 21:15 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-25 21:14 - 2014-05-27 19:49 - 00000000 ____D () C:\AdwCleaner
2014-05-25 20:12 - 2014-05-29 12:12 - 00000520 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 4cf9be44-e0de-47f0-b507-4662330c3389.job
2014-05-25 20:12 - 2014-05-25 21:16 - 00000520 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 5ebeac05-d8e3-4df1-bc7b-dc04016e9ae0.job
2014-05-25 20:12 - 2014-05-25 20:12 - 00003566 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 5ebeac05-d8e3-4df1-bc7b-dc04016e9ae0
2014-05-25 20:12 - 2014-05-25 20:12 - 00003484 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 4cf9be44-e0de-47f0-b507-4662330c3389
2014-05-25 20:12 - 2014-05-25 20:12 - 00001820 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-05-25 20:12 - 2014-05-25 20:12 - 00000000 ____D () C:\Users\Lena\AppData\Roaming\SUPERAntiSpyware.com
2014-05-25 20:12 - 2014-05-25 20:12 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-05-25 20:12 - 2014-05-25 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-05-25 20:12 - 2014-05-25 20:12 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-05-25 20:10 - 2014-05-25 20:10 - 19279808 _____ (SUPERAntiSpyware) C:\Users\Lena\Downloads\SUPERAntiSpyware.exe
2014-05-24 16:02 - 2014-05-24 16:02 - 00001682 _____ () C:\Users\Lena\Desktop\WINWORD - Verknüpfung.lnk
2014-05-24 11:00 - 2014-05-24 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-05-24 10:58 - 2014-05-24 10:58 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-05-24 10:57 - 2014-05-24 10:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio
2014-05-24 10:56 - 2014-05-24 10:56 - 00000000 ____D () C:\Windows\PCHEALTH
2014-05-24 10:54 - 2014-05-24 10:54 - 00000000 ____D () C:\Users\Lena\AppData\Local\Blizzard
2014-05-24 10:54 - 2014-05-24 10:54 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-05-24 10:53 - 2014-05-24 11:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-24 10:53 - 2014-05-24 10:58 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-05-24 10:53 - 2014-05-24 10:53 - 00000000 __RHD () C:\MSOCache
2014-05-24 10:53 - 2014-05-24 10:53 - 00000000 ____D () C:\Users\Lena\AppData\Local\Microsoft Help
2014-05-24 10:41 - 2014-05-24 11:20 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-05-24 10:41 - 2014-05-24 10:41 - 00001195 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-05-24 10:41 - 2014-05-24 10:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-05-24 10:40 - 2014-05-28 21:45 - 00000000 ____D () C:\Users\Lena\AppData\Local\Battle.net
2014-05-24 10:40 - 2014-05-24 10:42 - 00000000 ____D () C:\Users\Lena\AppData\Roaming\Battle.net
2014-05-24 10:40 - 2014-05-24 10:40 - 00001158 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-05-24 10:40 - 2014-05-24 10:40 - 00000000 ____D () C:\Users\Lena\AppData\Local\Blizzard Entertainment
2014-05-24 10:40 - 2014-05-24 10:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-05-24 10:40 - 2014-05-24 10:40 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-05-24 10:40 - 2014-05-24 10:40 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-05-24 10:39 - 2014-05-24 10:39 - 00000000 ____D () C:\ProgramData\Battle.net
2014-05-24 10:38 - 2014-05-24 10:38 - 03099552 _____ (Blizzard Entertainment) C:\Users\Lena\Downloads\Hearthstone-Setup-enUS.exe
2014-05-24 10:37 - 2014-04-18 16:57 - 00032600 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2014-05-24 10:37 - 2014-04-18 16:44 - 01466856 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-05-24 10:37 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-05-24 10:37 - 2014-04-18 11:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\energyprov.dll
2014-05-24 10:37 - 2014-04-18 11:32 - 13287936 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-05-24 10:37 - 2014-04-18 10:58 - 11792384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-05-24 10:37 - 2014-04-18 10:32 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-05-24 10:37 - 2014-04-18 10:21 - 01126912 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-05-24 10:37 - 2014-04-18 10:09 - 08652800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-05-24 10:37 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-05-24 10:37 - 2014-04-18 09:49 - 05833216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-05-24 10:37 - 2014-04-14 11:20 - 00324888 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2014-05-24 10:37 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2014-05-24 10:37 - 2014-04-11 08:13 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-05-24 10:37 - 2014-04-11 06:51 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-05-24 10:37 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-05-24 10:37 - 2014-04-11 05:30 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2014-05-24 10:37 - 2014-04-09 13:53 - 00337240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-05-24 10:37 - 2014-04-09 08:39 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-05-24 10:37 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2014-05-24 10:37 - 2014-04-09 06:35 - 01411584 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-24 10:37 - 2014-04-09 05:33 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-05-24 10:37 - 2014-04-08 04:01 - 00589656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-05-24 10:37 - 2014-04-06 18:34 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-05-24 10:37 - 2014-04-06 18:34 - 00275800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-05-24 10:37 - 2014-04-06 18:32 - 00125496 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-05-24 10:37 - 2014-04-06 18:31 - 21268952 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-24 10:37 - 2014-04-06 18:30 - 00201920 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2014-05-24 10:37 - 2014-04-06 18:24 - 00360792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2014-05-24 10:37 - 2014-04-06 18:20 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-05-24 10:37 - 2014-04-06 18:20 - 01403856 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2014-05-24 10:37 - 2014-04-06 18:20 - 01379064 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-05-24 10:37 - 2014-04-06 18:20 - 00881616 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-05-24 10:37 - 2014-04-06 18:20 - 00765408 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-05-24 10:37 - 2014-04-06 18:20 - 00609448 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-05-24 10:37 - 2014-04-06 18:20 - 00491744 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2014-05-24 10:37 - 2014-04-06 18:20 - 00467496 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-05-24 10:37 - 2014-04-06 18:20 - 00463256 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-05-24 10:37 - 2014-04-06 18:20 - 00364640 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-05-24 10:37 - 2014-04-06 18:20 - 00244880 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-05-24 10:37 - 2014-04-06 18:20 - 00233912 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-05-24 10:37 - 2014-04-06 18:20 - 00028408 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-05-24 10:37 - 2014-04-06 17:23 - 00098584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-05-24 10:37 - 2014-04-06 17:22 - 18755672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-24 10:37 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2014-05-24 10:37 - 2014-04-06 17:16 - 02144984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-05-24 10:37 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-05-24 10:37 - 2014-04-06 17:16 - 00707048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-05-24 10:37 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-05-24 10:37 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-05-24 10:37 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-05-24 10:37 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-05-24 10:37 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-05-24 10:37 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-05-24 10:37 - 2014-04-06 16:10 - 04190720 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-05-24 10:37 - 2014-04-06 14:58 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-05-24 10:37 - 2014-04-06 14:51 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-05-24 10:37 - 2014-04-06 14:33 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2014-05-24 10:37 - 2014-04-06 14:24 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-05-24 10:37 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-05-24 10:37 - 2014-04-06 13:55 - 16872448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-05-24 10:37 - 2014-04-06 13:54 - 12711424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-05-24 10:37 - 2014-04-06 13:26 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2014-05-24 10:37 - 2014-04-06 13:20 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-05-24 10:37 - 2014-04-06 13:01 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-05-24 10:37 - 2014-04-06 12:52 - 00955904 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-05-24 10:37 - 2014-04-06 12:51 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-05-24 10:37 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-05-24 10:37 - 2014-04-06 12:36 - 00888320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-05-24 10:37 - 2014-04-06 12:05 - 01222656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2014-05-24 10:37 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2014-05-24 10:37 - 2014-04-03 10:12 - 02124840 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-05-24 10:37 - 2014-04-03 10:12 - 00307304 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-05-24 10:37 - 2014-04-03 10:12 - 00130144 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2014-05-24 10:37 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-05-24 10:37 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2014-05-24 10:37 - 2014-04-03 05:53 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-05-24 10:37 - 2014-04-03 04:53 - 04269056 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-05-24 10:37 - 2014-04-03 04:53 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-05-24 10:37 - 2014-04-03 04:51 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-05-24 10:37 - 2014-04-03 04:23 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-05-24 10:37 - 2014-04-03 04:23 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-05-24 10:37 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
2014-05-24 10:37 - 2014-04-03 04:22 - 03359744 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-05-24 10:37 - 2014-04-03 04:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
2014-05-24 10:37 - 2014-04-01 08:23 - 00384856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-05-24 10:37 - 2014-03-31 07:42 - 07425368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-24 10:37 - 2014-03-31 07:35 - 02518360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-05-24 10:37 - 2014-03-31 07:35 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-05-24 10:37 - 2014-03-31 02:41 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2014-05-24 10:37 - 2014-03-31 02:01 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-05-24 10:37 - 2014-03-31 01:43 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-05-24 10:37 - 2014-03-31 00:54 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-05-24 10:37 - 2014-03-31 00:49 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-05-24 10:37 - 2014-03-31 00:35 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-05-24 10:37 - 2014-03-31 00:11 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-05-24 10:37 - 2014-03-30 23:47 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-05-24 10:37 - 2014-03-28 17:58 - 00407016 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2014-05-24 10:37 - 2014-03-27 08:16 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-05-24 10:37 - 2014-03-27 07:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2014-05-24 10:37 - 2014-03-27 06:59 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-05-24 10:37 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2014-05-24 10:37 - 2014-03-27 06:19 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-05-24 10:37 - 2014-03-27 05:46 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-05-24 10:37 - 2014-03-27 05:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-05-24 10:37 - 2014-03-27 05:10 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-05-24 10:37 - 2014-03-25 00:58 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-05-24 10:37 - 2014-03-20 05:48 - 00263424 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2014-05-24 10:37 - 2014-03-20 02:44 - 06645248 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-05-24 10:37 - 2014-03-20 01:33 - 05774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-05-24 10:37 - 2014-03-19 10:15 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2014-05-24 10:37 - 2014-03-19 10:07 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-05-24 10:37 - 2014-03-19 09:24 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-05-24 10:37 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2014-05-24 10:37 - 2014-03-19 08:36 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-05-24 10:37 - 2014-03-19 07:56 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-05-24 10:37 - 2014-03-19 07:45 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-05-24 10:37 - 2014-03-19 07:19 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-05-24 10:37 - 2014-03-19 07:07 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-05-24 10:37 - 2014-03-19 07:02 - 01527296 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-05-24 10:37 - 2014-03-19 07:00 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-05-24 10:37 - 2014-03-19 06:51 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-05-24 10:37 - 2014-03-19 06:31 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2014-05-24 10:37 - 2014-03-19 06:18 - 02688000 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-05-24 10:37 - 2014-03-18 10:19 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-05-24 10:37 - 2014-03-18 07:00 - 07173120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2014-05-24 10:37 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2014-05-24 10:37 - 2014-03-17 07:09 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-05-24 10:37 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-05-24 10:37 - 2014-03-17 05:01 - 00486912 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-05-24 10:37 - 2014-03-17 04:47 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-05-24 10:37 - 2014-03-17 04:45 - 00370176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-05-24 10:37 - 2014-03-14 08:26 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2014-05-24 10:37 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2014-05-24 10:37 - 2014-03-06 14:42 - 00310616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-05-24 10:37 - 2014-01-27 20:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-05-24 10:29 - 2014-05-24 10:34 - 427406992 _____ (Microsoft Corporation) C:\Users\Lena\Downloads\office2007.exe
2014-05-24 01:18 - 2014-05-29 15:59 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-24 01:18 - 2014-05-24 01:18 - 00001114 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-24 01:18 - 2014-05-24 01:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-24 01:18 - 2014-05-24 01:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-24 01:18 - 2014-05-24 01:18 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-24 01:18 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-24 01:18 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-24 01:18 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-24 01:17 - 2014-05-24 01:17 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Lena\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-24 01:11 - 2014-05-29 16:00 - 00000000 ____D () C:\Users\Lena\AppData\Local\Genesis_05232311
2014-05-24 01:11 - 2014-05-24 01:23 - 00000000 ____D () C:\Users\Lena\AppData\Local\31629
2014-05-24 01:11 - 2014-05-24 01:11 - 00000000 ____D () C:\Users\Lena\AppData\Local\Comodo
2014-05-24 01:11 - 2014-05-24 01:11 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-05-24 01:11 - 2014-05-24 01:11 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-05-24 01:11 - 2014-05-24 01:11 - 00000000 ____D () C:\Users\Gast
2014-05-24 01:11 - 2014-05-24 01:11 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-24 01:11 - 2014-05-24 01:11 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-05-24 01:11 - 2014-05-24 01:11 - 00000000 ____D () C:\Users\Administrator
2014-05-24 01:11 - 2014-05-24 01:11 - 00000000 ____D () C:\ProgramData\ae47a0e3c3e7ce1c
2014-05-24 01:10 - 2014-05-24 01:10 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-05-24 01:08 - 2014-05-24 01:08 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-05-24 01:08 - 2014-05-24 01:08 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-05-24 01:08 - 2014-05-24 01:08 - 00000000 ____D () C:\Program Files\MSBuild
2014-05-24 01:08 - 2014-05-24 01:08 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-05-24 01:08 - 2014-05-24 01:08 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-05-24 01:07 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2014-05-24 01:07 - 2013-08-03 06:48 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-05-24 01:07 - 2013-08-03 06:48 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-05-24 01:07 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2014-05-24 01:07 - 2013-08-03 06:41 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-05-24 01:07 - 2013-08-03 06:41 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-05-24 01:05 - 2014-05-24 01:05 - 00000000 ____D () C:\Users\Lena\AppData\Roaming\Wise
2014-05-23 19:06 - 2014-05-23 19:06 - 00000000 ____D () C:\ProgramData\Energy Management
2014-05-20 20:23 - 2014-05-20 20:23 - 00006916 _____ () C:\Windows\DPINST.LOG
2014-05-20 20:23 - 2014-05-20 20:23 - 00000000 ____D () C:\Program Files\DIFX
2014-05-20 20:23 - 2014-05-20 20:22 - 00039008 _____ (Lenovo.) C:\Windows\system32\Drivers\LhdX64.sys
2014-05-20 20:23 - 2014-05-20 20:22 - 00019872 _____ (Lenovo (Beijing) Limited) C:\Windows\system32\LenovoSDKEmSubSystem.dll
2014-05-20 20:22 - 2014-05-20 20:23 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2014-05-20 20:22 - 2014-05-20 20:22 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2014-05-19 19:54 - 2014-05-19 19:56 - 00000000 ___RD () C:\Windows\BrowserChoice
2014-05-19 19:50 - 2014-05-19 19:51 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-19 19:50 - 2014-05-04 17:12 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-19 19:47 - 2014-05-19 19:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-05-19 19:04 - 2014-05-19 18:10 - 00000000 ____D () C:\Windows\Panther
2014-05-19 18:15 - 2014-05-29 15:48 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-519987822-507761878-3893635422-1001
2014-05-19 18:14 - 2014-05-19 18:14 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-05-19 18:14 - 2013-09-04 17:53 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2014-05-19 18:14 - 2013-09-04 17:53 - 00099288 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2014-05-19 18:14 - 2013-08-08 16:49 - 02252504 _____ (Broadcom Corporation.) C:\Windows\system32\BtwRSupportService.exe
2014-05-19 18:14 - 2013-08-08 16:49 - 00057254 _____ () C:\Windows\system32\Drivers\BCM43142A0_001.001.011.0161.0172.hex
2014-05-19 18:14 - 2013-08-08 16:48 - 00170712 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\bcbtums.sys
2014-05-19 18:14 - 2013-07-03 13:41 - 00066264 _____ (Broadcom Corporation.) C:\Windows\system32\btwdi.dll
2014-05-19 18:11 - 2014-05-19 18:11 - 00000424 _____ () C:\Users\Lena\Desktop\Arbeitsplatz.lnk
2014-05-19 18:11 - 2014-05-19 18:11 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-05-19 18:10 - 2014-05-29 15:48 - 01579982 _____ () C:\Windows\WindowsUpdate.log
2014-05-19 18:10 - 2014-05-26 12:31 - 00000000 ____D () C:\Users\Lena
2014-05-19 18:10 - 2014-05-24 10:46 - 00000000 ___RD () C:\Users\Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-19 18:10 - 2014-05-24 10:46 - 00000000 ___RD () C:\Users\Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-19 18:10 - 2014-05-19 20:00 - 00000000 ____D () C:\Users\Lena\AppData\Roaming\Adobe
2014-05-19 18:10 - 2014-05-19 19:56 - 00000000 ____D () C:\Users\Lena\AppData\Local\Packages
2014-05-19 18:10 - 2014-05-19 18:10 - 00000020 ___SH () C:\Users\Lena\ntuser.ini
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Vorlagen
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Startmenü
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Netzwerkumgebung
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Lokale Einstellungen
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Eigene Dateien
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Druckumgebung
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Documents\Eigene Musik
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Documents\Eigene Bilder
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\AppData\Local\Verlauf
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\AppData\Local\Anwendungsdaten
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Anwendungsdaten
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 ____D () C:\Users\Lena\AppData\Local\VirtualStore
2014-05-19 18:10 - 2014-03-18 12:31 - 00000000 ___RD () C:\Users\Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-19 18:10 - 2014-03-18 12:31 - 00000000 ___RD () C:\Users\Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-05-19 18:10 - 2014-03-18 12:11 - 00000369 _____ () C:\Users\Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-05-19 18:10 - 2014-03-18 12:11 - 00000369 _____ () C:\Users\Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-05-19 18:10 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-19 18:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Programme
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-05-19 18:06 - 2014-05-19 18:06 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-05-19 18:04 - 2014-05-25 21:09 - 00000000 ____D () C:\Users\Lena\AppData\Roaming\uTorrent
2014-05-19 18:01 - 2014-05-27 19:44 - 00000000 ____D () C:\Users\Lena\AppData\Roaming\Skype
2014-05-19 18:01 - 2014-05-19 18:01 - 00002533 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-05-19 18:01 - 2014-05-19 18:01 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-19 18:01 - 2014-05-19 18:01 - 00000000 ____D () C:\Users\Lena\AppData\Local\Skype
2014-05-19 18:01 - 2014-05-19 18:01 - 00000000 ____D () C:\ProgramData\Skype
2014-05-19 18:01 - 2014-05-19 18:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-05-19 18:00 - 2014-05-19 18:00 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-19 18:00 - 2014-05-19 18:00 - 00002039 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-05-19 17:59 - 2014-05-23 19:06 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-19 17:59 - 2014-05-19 17:59 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-05-19 17:58 - 2014-05-19 20:00 - 00000000 ____D () C:\Users\Lena\AppData\Local\Adobe
2014-05-19 17:51 - 2014-05-26 18:38 - 00000000 ____D () C:\Users\Lena\AppData\Local\Google
2014-05-19 17:51 - 2014-05-26 18:37 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-19 17:50 - 2014-03-20 06:19 - 01291200 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-19 17:50 - 2014-03-20 05:41 - 02013016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-05-19 17:50 - 2014-03-20 05:41 - 00376152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2014-05-19 17:50 - 2014-03-20 05:40 - 01112536 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-19 17:50 - 2014-03-20 02:53 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2014-05-19 17:50 - 2014-03-20 02:48 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\ReInfo.dll
2014-05-19 17:50 - 2014-03-20 01:55 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-19 17:50 - 2014-03-20 01:39 - 00800256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2014-05-19 17:50 - 2014-03-20 01:36 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReInfo.dll
2014-05-19 17:50 - 2014-03-19 09:13 - 00836096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-19 17:50 - 2014-03-19 07:57 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2014-05-19 17:50 - 2014-03-19 07:50 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\w32tm.exe
2014-05-19 17:50 - 2014-03-19 07:31 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2014-05-19 17:50 - 2014-03-19 07:20 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\w32tm.exe
2014-05-19 17:50 - 2014-03-19 07:08 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2014-05-19 17:50 - 2014-03-13 14:35 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wof.sys
2014-05-19 17:50 - 2014-03-12 15:45 - 00387210 _____ () C:\Windows\system32\ApnDatabase.xml
2014-05-19 17:50 - 2014-03-11 17:18 - 01015808 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2014-05-19 17:50 - 2014-03-11 16:28 - 00887296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2014-05-19 17:50 - 2014-03-11 14:42 - 02641920 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-05-19 17:50 - 2014-03-11 14:35 - 02317824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-05-19 17:50 - 2014-03-08 22:47 - 00565536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-05-19 17:50 - 2014-03-08 22:47 - 00180056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-19 17:50 - 2014-03-08 22:40 - 00136024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2014-05-19 17:50 - 2014-03-08 22:38 - 01542768 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2014-05-19 17:50 - 2014-03-08 22:35 - 00467800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-05-19 17:50 - 2014-03-08 17:29 - 01339240 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-05-19 17:50 - 2014-03-08 17:29 - 00356848 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2014-05-19 17:50 - 2014-03-08 13:34 - 01095488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2014-05-19 17:50 - 2014-03-08 11:34 - 00731648 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-05-19 17:50 - 2014-03-08 11:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\sxproxy.dll
2014-05-19 17:50 - 2014-03-08 10:44 - 00731648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-05-19 17:50 - 2014-03-08 10:33 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
2014-05-19 17:50 - 2014-03-08 10:25 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\SetNetworkLocation.dll
2014-05-19 17:50 - 2014-03-08 10:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxproxy.dll
2014-05-19 17:50 - 2014-03-08 09:53 - 01843712 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2014-05-19 17:50 - 2014-03-08 09:47 - 00222720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spp.dll
2014-05-19 17:50 - 2014-03-08 09:12 - 01816576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-05-19 17:50 - 2014-03-08 09:04 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2014-05-19 17:50 - 2014-03-08 09:03 - 00939520 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-19 17:50 - 2014-03-08 09:01 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-05-19 17:50 - 2014-03-08 08:50 - 01066496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-05-19 17:50 - 2014-03-08 08:48 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2014-05-19 17:50 - 2014-03-08 08:46 - 01063424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-05-19 17:50 - 2014-03-08 08:41 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-05-19 17:50 - 2014-03-08 08:40 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2014-05-19 17:50 - 2014-03-08 08:37 - 00755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-19 17:50 - 2014-03-08 08:31 - 00222720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2014-05-19 17:50 - 2014-03-08 08:30 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2014-05-19 17:50 - 2014-03-08 08:25 - 00264192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-05-19 17:50 - 2014-03-08 08:04 - 00717312 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-05-19 17:50 - 2014-03-08 07:58 - 00567296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-05-19 17:50 - 2014-03-08 07:41 - 01306624 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2014-05-19 17:50 - 2014-03-08 07:11 - 00924160 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2014-05-19 17:50 - 2014-03-06 16:34 - 02331000 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-05-19 17:50 - 2014-03-06 16:34 - 00113648 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2014-05-19 17:50 - 2014-03-06 14:53 - 02141912 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-05-19 17:50 - 2014-03-06 14:53 - 00518552 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-05-19 17:50 - 2014-03-06 14:51 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-05-19 17:50 - 2014-03-06 14:51 - 00488280 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2014-05-19 17:50 - 2014-03-06 14:51 - 00379224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-05-19 17:50 - 2014-03-06 14:39 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-05-19 17:50 - 2014-03-06 13:19 - 00390488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2014-05-19 17:50 - 2014-03-06 13:19 - 00094016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2014-05-19 17:50 - 2014-03-06 13:13 - 01779800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-05-19 17:50 - 2014-03-06 13:13 - 00406912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-05-19 17:50 - 2014-03-06 12:46 - 01679128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-05-19 17:50 - 2014-03-06 11:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-05-19 17:50 - 2014-03-06 11:24 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-05-19 17:50 - 2014-03-06 11:24 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2014-05-19 17:50 - 2014-03-06 11:22 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-05-19 17:50 - 2014-03-06 11:22 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-05-19 17:50 - 2014-03-06 11:19 - 00283648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-05-19 17:50 - 2014-03-06 11:19 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-05-19 17:50 - 2014-03-06 11:19 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2014-05-19 17:50 - 2014-03-06 11:19 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-05-19 17:50 - 2014-03-06 11:19 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.Search.UriHandler.dll
2014-05-19 17:50 - 2014-03-06 11:08 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2014-05-19 17:50 - 2014-03-06 11:08 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\l2gpstore.dll
2014-05-19 17:50 - 2014-03-06 10:41 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\DevPropMgr.dll
2014-05-19 17:50 - 2014-03-06 10:38 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-05-19 17:50 - 2014-03-06 10:20 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-05-19 17:50 - 2014-03-06 10:10 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\l2gpstore.dll
2014-05-19 17:50 - 2014-03-06 10:09 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-05-19 17:50 - 2014-03-06 10:00 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2014-05-19 17:50 - 2014-03-06 09:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-05-19 17:50 - 2014-03-06 09:16 - 00171008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2014-05-19 17:50 - 2014-03-06 09:02 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2014-05-19 17:50 - 2014-03-06 08:51 - 02900992 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2014-05-19 17:50 - 2014-03-06 08:39 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-05-19 17:50 - 2014-03-06 08:31 - 02479616 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-05-19 17:50 - 2014-03-06 08:29 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2014-05-19 17:50 - 2014-03-06 08:27 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-05-19 17:50 - 2014-03-06 08:24 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
2014-05-19 17:50 - 2014-03-06 08:23 - 02270208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2014-05-19 17:50 - 2014-03-06 08:23 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dafWfdProvider.dll
2014-05-19 17:50 - 2014-03-06 08:21 - 00291840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2014-05-19 17:50 - 2014-03-06 08:13 - 00298496 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2014-05-19 17:50 - 2014-03-06 08:11 - 02030080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-05-19 17:50 - 2014-03-06 08:09 - 01764864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2014-05-19 17:50 - 2014-03-06 08:06 - 00386560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlangpui.dll
2014-05-19 17:50 - 2014-03-06 08:04 - 00226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2014-05-19 17:50 - 2014-03-06 08:01 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll
2014-05-19 17:50 - 2014-03-06 07:51 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
2014-05-19 17:50 - 2014-03-06 07:47 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2014-05-19 17:50 - 2014-03-06 07:42 - 00280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2014-05-19 17:50 - 2014-03-04 14:25 - 02373784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-05-19 17:50 - 2014-03-04 14:14 - 00360512 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-05-19 17:50 - 2014-03-04 13:16 - 02088160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-05-19 17:50 - 2014-03-04 13:10 - 00355832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-05-19 17:50 - 2014-03-04 09:16 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-05-19 17:50 - 2014-03-04 09:13 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-05-19 17:50 - 2014-03-04 09:08 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2014-05-19 17:50 - 2014-03-04 09:00 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll
2014-05-19 17:50 - 2014-03-04 08:56 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RMapi.dll
2014-05-19 17:50 - 2014-03-04 08:50 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-05-19 17:50 - 2014-03-04 08:42 - 00494592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-05-19 17:50 - 2014-03-04 08:39 - 00254976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2014-05-19 17:50 - 2014-03-04 08:32 - 00356864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll
2014-05-19 17:50 - 2014-03-04 08:15 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.dll
2014-05-19 17:50 - 2014-03-04 08:05 - 00402432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.dll
2014-05-19 17:50 - 2014-03-04 08:03 - 00669696 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2014-05-19 17:50 - 2014-03-04 08:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\CredentialMigrationHandler.dll
2014-05-19 17:50 - 2014-03-04 07:54 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll
2014-05-19 17:50 - 2014-03-04 07:52 - 00605184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2014-05-19 17:50 - 2013-12-24 01:28 - 00262656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2014-05-19 17:50 - 2013-12-24 01:26 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2014-05-19 17:49 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-19 17:49 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-19 17:49 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-19 17:49 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-19 17:49 - 2014-04-11 12:03 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2014-05-19 17:49 - 2014-04-11 12:03 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-05-19 17:49 - 2014-04-11 10:25 - 00419928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2014-05-19 17:49 - 2014-04-11 08:04 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-05-19 17:49 - 2014-04-11 07:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-05-19 17:49 - 2014-04-11 07:22 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-05-19 17:49 - 2014-04-11 05:54 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2014-05-19 17:49 - 2014-04-11 05:06 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-05-19 17:49 - 2014-04-11 05:05 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-19 17:49 - 2014-04-11 05:05 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-05-19 17:49 - 2014-04-11 05:02 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-19 17:49 - 2014-04-11 05:02 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-05-19 17:49 - 2014-04-11 05:01 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-05-19 17:49 - 2014-04-11 05:00 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-05-19 17:49 - 2014-04-11 04:59 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-05-19 17:49 - 2014-04-11 04:57 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-05-19 17:49 - 2014-04-11 04:56 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-05-19 17:49 - 2014-04-11 04:55 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-05-19 17:49 - 2014-04-11 04:53 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-05-19 17:49 - 2014-04-11 04:52 - 03464192 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-05-19 17:49 - 2014-04-11 04:46 - 01705472 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-05-19 17:49 - 2014-04-11 04:36 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-05-19 17:49 - 2014-04-11 04:34 - 00754688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-05-19 17:49 - 2014-04-11 04:29 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2014-05-19 17:49 - 2014-04-11 04:25 - 00921088 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-05-19 17:49 - 2014-03-24 04:30 - 00257880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-05-19 17:49 - 2014-03-24 04:30 - 00123224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2014-05-19 17:49 - 2014-03-24 04:27 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-05-19 17:49 - 2014-03-13 09:42 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-05-19 17:49 - 2014-03-13 08:51 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-05-19 17:49 - 2014-02-06 13:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-19 17:49 - 2014-02-06 12:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-19 17:48 - 2014-04-09 00:46 - 00086688 _____ (Microsoft Corporation) C:\Windows\system32\mrt_map.dll
2014-05-19 17:48 - 2014-04-09 00:46 - 00028320 _____ (Microsoft Corporation) C:\Windows\system32\mrt100.dll
2014-05-19 17:48 - 2014-04-08 20:54 - 00080032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt_map.dll
2014-05-19 17:48 - 2014-04-08 20:54 - 00026784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt100.dll
2014-05-19 17:48 - 2014-03-11 15:21 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-05-19 17:48 - 2014-03-11 15:02 - 00629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-05-19 17:46 - 2014-01-19 09:38 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-05-19 17:45 - 2014-05-29 15:34 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{CD59A460-E4BB-43D1-BB9E-B54C97289C8B}
2014-05-19 17:45 - 2014-05-19 17:45 - 00000000 __SHD () C:\Users\Lena\AppData\Local\EmieUserList
2014-05-19 17:45 - 2014-05-19 17:45 - 00000000 __SHD () C:\Users\Lena\AppData\Local\EmieSiteList
2014-05-19 17:45 - 2014-05-19 17:45 - 00000000 ____D () C:\Users\Lena\AppData\Roaming\Macromedia
2014-05-19 12:30 - 2014-05-19 12:30 - 00000000 ____D () C:\Users\Lena\Documents\Bluetooth-Exchange-Ordner
2014-05-19 12:30 - 2014-05-19 12:30 - 00000000 ____D () C:\Users\Lena\AppData\Local\Broadcom
2014-05-19 12:29 - 2014-05-20 20:23 - 00000000 ____D () C:\Program Files\Lenovo
2014-05-19 12:29 - 2013-07-12 17:41 - 00228568 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwavdt.sys
2014-05-19 12:29 - 2013-07-12 17:41 - 00186584 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwaudio.sys
2014-05-19 12:29 - 2013-07-12 17:41 - 00038616 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwrchid.sys
2014-05-19 12:29 - 2012-07-27 20:18 - 00040248 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwl2cap.sys
2014-05-19 12:27 - 2014-05-19 12:27 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-05-19 12:27 - 2014-05-19 12:27 - 00000000 ____D () C:\Program Files\Dolby Digital Plus
2014-05-19 12:27 - 2013-08-12 08:54 - 06101504 _____ (IDT, Inc.) C:\Windows\system32\stlang64.dll
2014-05-19 12:27 - 2013-08-12 08:54 - 02213376 _____ (IDT, Inc.) C:\Windows\system32\stapo64.dll
2014-05-19 12:27 - 2013-08-12 08:54 - 01897984 _____ (IDT, Inc.) C:\Windows\system32\IDTNC64.cpl
2014-05-19 12:27 - 2013-08-12 08:54 - 00697856 ____N (IDT, Inc.) C:\Windows\system32\stapi64.dll
2014-05-19 12:27 - 2013-08-12 08:54 - 00551936 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt64.sys
2014-05-19 12:27 - 2013-08-12 08:54 - 00499200 _____ (IDT, Inc.) C:\Windows\system32\stcplx64.dll
2014-05-19 12:27 - 2013-08-12 08:54 - 00338944 _____ (IDT, Inc.) C:\Windows\system32\stacsv64.exe
2014-05-19 12:27 - 2013-08-12 08:54 - 00256000 _____ (IDT, Inc.) C:\Windows\system32\st646490.dll
2014-05-19 12:27 - 2013-08-12 08:54 - 00088576 _____ (IDT, Inc.) C:\Windows\system32\IDTPMA64.exe
2014-05-19 12:27 - 2013-08-06 04:11 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-05-19 12:27 - 2013-08-05 23:56 - 06219096 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2014-05-19 12:27 - 2013-08-05 23:56 - 01908568 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2014-05-19 12:27 - 2013-08-05 23:56 - 00312152 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2014-05-19 12:26 - 2014-05-19 12:27 - 00000000 ____D () C:\Program Files\IDT
2014-05-19 12:26 - 2013-08-05 23:56 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2014-05-19 12:25 - 2014-05-20 20:23 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-19 12:25 - 2014-05-19 12:25 - 00000000 ____D () C:\ProgramData\AmUStor
2014-05-19 12:25 - 2014-05-19 12:25 - 00000000 ____D () C:\Program Files (x86)\AmIcoSingLun
2014-05-19 12:22 - 2014-05-19 12:22 - 00000000 ____D () C:\Program Files\Intel
2014-05-19 12:22 - 2014-05-19 12:22 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-05-19 12:22 - 2014-05-19 12:22 - 00000000 ____D () C:\Intel
2014-05-19 12:22 - 2014-01-25 02:23 - 00064000 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2014-05-19 12:22 - 2014-01-25 02:23 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL

==================== One Month Modified Files and Folders =======

2014-05-29 16:00 - 2014-05-28 13:01 - 00008903 _____ () C:\Users\Lena\Downloads\FRST.txt
2014-05-29 16:00 - 2014-05-24 01:11 - 00000000 ____D () C:\Users\Lena\AppData\Local\Genesis_05232311
2014-05-29 16:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-05-29 15:59 - 2014-05-28 13:01 - 00000000 ____D () C:\FRST
2014-05-29 15:59 - 2014-05-26 18:37 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-29 15:59 - 2014-05-24 01:18 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-29 15:59 - 2014-05-19 18:10 - 01579982 _____ () C:\Windows\WindowsUpdate.log
2014-05-29 15:48 - 2014-05-19 18:15 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-519987822-507761878-3893635422-1001
2014-05-29 15:46 - 2014-05-29 15:46 - 00002267 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-29 15:46 - 2014-05-29 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-29 15:42 - 2014-05-26 18:37 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-29 15:40 - 2014-05-29 15:40 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lena\Downloads\revosetup95 (1).exe
2014-05-29 15:34 - 2014-05-29 15:34 - 00001280 _____ () C:\Users\Lena\Desktop\Revo Uninstaller.lnk
2014-05-29 15:34 - 2014-05-29 15:34 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-29 15:34 - 2014-05-19 17:45 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{CD59A460-E4BB-43D1-BB9E-B54C97289C8B}
2014-05-29 15:32 - 2014-05-29 15:32 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lena\Downloads\revosetup95.exe
2014-05-29 12:12 - 2014-05-25 20:12 - 00000520 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 4cf9be44-e0de-47f0-b507-4662330c3389.job
2014-05-29 11:51 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-05-28 21:45 - 2014-05-24 10:40 - 00000000 ____D () C:\Users\Lena\AppData\Local\Battle.net
2014-05-28 13:02 - 2014-05-28 13:02 - 00012015 _____ () C:\Users\Lena\Downloads\Addition.txt
2014-05-28 13:00 - 2014-05-28 13:00 - 02066944 _____ (Farbar) C:\Users\Lena\Downloads\FRST64.exe
2014-05-27 20:07 - 2014-05-27 20:07 - 00001292 _____ () C:\Users\Lena\Desktop\malw.txt
2014-05-27 19:57 - 2014-03-18 12:03 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-27 19:57 - 2014-03-18 11:25 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2014-05-27 19:57 - 2014-03-18 11:25 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2014-05-27 19:56 - 2014-05-27 19:56 - 00000613 _____ () C:\Users\Lena\Desktop\JRT.txt
2014-05-27 19:51 - 2014-05-27 19:51 - 00001300 _____ () C:\Users\Lena\Desktop\AdwCleaner[S3]dd.txt
2014-05-27 19:50 - 2014-03-18 03:50 - 00111904 _____ () C:\Windows\PFRO.log
2014-05-27 19:50 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-27 19:49 - 2014-05-25 21:14 - 00000000 ____D () C:\AdwCleaner
2014-05-27 19:44 - 2014-05-19 18:01 - 00000000 ____D () C:\Users\Lena\AppData\Roaming\Skype
2014-05-26 19:21 - 2014-05-26 19:21 - 00000000 ____D () C:\Windows\ERUNT
2014-05-26 19:20 - 2014-05-26 19:20 - 01016261 _____ (Thisisu) C:\Users\Lena\Downloads\JRT.exe
2014-05-26 19:04 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-05-26 18:56 - 2014-05-26 18:56 - 01327971 _____ () C:\Users\Lena\Downloads\adwcleaner_3.211 (1).exe
2014-05-26 18:54 - 2014-05-26 18:53 - 01327971 _____ () C:\Users\Lena\Downloads\adwcleaner_3.211.exe
2014-05-26 18:38 - 2014-05-19 17:51 - 00000000 ____D () C:\Users\Lena\AppData\Local\Google
2014-05-26 18:37 - 2014-05-26 18:37 - 00004090 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-26 18:37 - 2014-05-26 18:37 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-26 18:37 - 2014-05-19 17:51 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-26 18:34 - 2014-05-26 18:34 - 00918672 _____ (Google Inc.) C:\Users\Lena\Downloads\ChromeSetup.exe
2014-05-26 12:31 - 2014-05-19 18:10 - 00000000 ____D () C:\Users\Lena
2014-05-25 21:16 - 2014-05-25 20:12 - 00000520 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 5ebeac05-d8e3-4df1-bc7b-dc04016e9ae0.job
2014-05-25 21:16 - 2013-08-22 16:44 - 00481408 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-25 21:09 - 2014-05-19 18:04 - 00000000 ____D () C:\Users\Lena\AppData\Roaming\uTorrent
2014-05-25 20:12 - 2014-05-25 20:12 - 00003566 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 5ebeac05-d8e3-4df1-bc7b-dc04016e9ae0
2014-05-25 20:12 - 2014-05-25 20:12 - 00003484 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 4cf9be44-e0de-47f0-b507-4662330c3389
2014-05-25 20:12 - 2014-05-25 20:12 - 00001820 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-05-25 20:12 - 2014-05-25 20:12 - 00000000 ____D () C:\Users\Lena\AppData\Roaming\SUPERAntiSpyware.com
2014-05-25 20:12 - 2014-05-25 20:12 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-05-25 20:12 - 2014-05-25 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-05-25 20:12 - 2014-05-25 20:12 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-05-25 20:10 - 2014-05-25 20:10 - 19279808 _____ (SUPERAntiSpyware) C:\Users\Lena\Downloads\SUPERAntiSpyware.exe
2014-05-24 16:02 - 2014-05-24 16:02 - 00001682 _____ () C:\Users\Lena\Desktop\WINWORD - Verknüpfung.lnk
2014-05-24 11:20 - 2014-05-24 10:41 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-05-24 11:01 - 2014-05-24 10:53 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-24 11:00 - 2014-05-24 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-05-24 10:58 - 2014-05-24 10:58 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-05-24 10:58 - 2014-05-24 10:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-05-24 10:57 - 2014-05-24 10:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio
2014-05-24 10:57 - 2014-03-18 11:40 - 00000000 ____D () C:\Windows\ShellNew
2014-05-24 10:56 - 2014-05-24 10:56 - 00000000 ____D () C:\Windows\PCHEALTH
2014-05-24 10:55 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-05-24 10:54 - 2014-05-24 10:54 - 00000000 ____D () C:\Users\Lena\AppData\Local\Blizzard
2014-05-24 10:54 - 2014-05-24 10:54 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-05-24 10:54 - 2013-08-22 15:25 - 00000167 _____ () C:\Windows\win.ini
2014-05-24 10:53 - 2014-05-24 10:53 - 00000000 __RHD () C:\MSOCache
2014-05-24 10:53 - 2014-05-24 10:53 - 00000000 ____D () C:\Users\Lena\AppData\Local\Microsoft Help
2014-05-24 10:46 - 2014-05-19 18:10 - 00000000 ___RD () C:\Users\Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-24 10:46 - 2014-05-19 18:10 - 00000000 ___RD () C:\Users\Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-24 10:44 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-05-24 10:44 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-05-24 10:44 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-05-24 10:42 - 2014-05-24 10:40 - 00000000 ____D () C:\Users\Lena\AppData\Roaming\Battle.net
2014-05-24 10:41 - 2014-05-24 10:41 - 00001195 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-05-24 10:41 - 2014-05-24 10:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-05-24 10:40 - 2014-05-24 10:40 - 00001158 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-05-24 10:40 - 2014-05-24 10:40 - 00000000 ____D () C:\Users\Lena\AppData\Local\Blizzard Entertainment
2014-05-24 10:40 - 2014-05-24 10:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-05-24 10:40 - 2014-05-24 10:40 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-05-24 10:40 - 2014-05-24 10:40 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-05-24 10:39 - 2014-05-24 10:39 - 00000000 ____D () C:\ProgramData\Battle.net
2014-05-24 10:38 - 2014-05-24 10:38 - 03099552 _____ (Blizzard Entertainment) C:\Users\Lena\Downloads\Hearthstone-Setup-enUS.exe
2014-05-24 10:34 - 2014-05-24 10:29 - 427406992 _____ (Microsoft Corporation) C:\Users\Lena\Downloads\office2007.exe
2014-05-24 01:23 - 2014-05-24 01:11 - 00000000 ____D () C:\Users\Lena\AppData\Local\31629
2014-05-24 01:18 - 2014-05-24 01:18 - 00001114 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-24 01:18 - 2014-05-24 01:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-24 01:18 - 2014-05-24 01:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-24 01:18 - 2014-05-24 01:18 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-24 01:17 - 2014-05-24 01:17 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Lena\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-24 01:11 - 2014-05-24 01:11 - 00000000 ____D () C:\Users\Lena\AppData\Local\Comodo
2014-05-24 01:11 - 2014-05-24 01:11 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-05-24 01:11 - 2014-05-24 01:11 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-05-24 01:11 - 2014-05-24 01:11 - 00000000 ____D () C:\Users\Gast
2014-05-24 01:11 - 2014-05-24 01:11 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-24 01:11 - 2014-05-24 01:11 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-05-24 01:11 - 2014-05-24 01:11 - 00000000 ____D () C:\Users\Administrator
2014-05-24 01:11 - 2014-05-24 01:11 - 00000000 ____D () C:\ProgramData\ae47a0e3c3e7ce1c
2014-05-24 01:10 - 2014-05-24 01:10 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-05-24 01:10 - 2013-08-22 17:36 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-05-24 01:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-05-24 01:08 - 2014-05-24 01:08 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-05-24 01:08 - 2014-05-24 01:08 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-05-24 01:08 - 2014-05-24 01:08 - 00000000 ____D () C:\Program Files\MSBuild
2014-05-24 01:08 - 2014-05-24 01:08 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-05-24 01:08 - 2014-05-24 01:08 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-05-24 01:08 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-05-24 01:08 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\MUI
2014-05-24 01:05 - 2014-05-24 01:05 - 00000000 ____D () C:\Users\Lena\AppData\Roaming\Wise
2014-05-23 19:06 - 2014-05-23 19:06 - 00000000 ____D () C:\ProgramData\Energy Management
2014-05-23 19:06 - 2014-05-19 17:59 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-20 20:23 - 2014-05-20 20:23 - 00006916 _____ () C:\Windows\DPINST.LOG
2014-05-20 20:23 - 2014-05-20 20:23 - 00000000 ____D () C:\Program Files\DIFX
2014-05-20 20:23 - 2014-05-20 20:22 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2014-05-20 20:23 - 2014-05-19 12:29 - 00000000 ____D () C:\Program Files\Lenovo
2014-05-20 20:23 - 2014-05-19 12:25 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-20 20:22 - 2014-05-20 20:23 - 00039008 _____ (Lenovo.) C:\Windows\system32\Drivers\LhdX64.sys
2014-05-20 20:22 - 2014-05-20 20:23 - 00019872 _____ (Lenovo (Beijing) Limited) C:\Windows\system32\LenovoSDKEmSubSystem.dll
2014-05-20 20:22 - 2014-05-20 20:22 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2014-05-20 20:22 - 2012-07-08 20:22 - 00035600 _____ (Lenovo Corporation) C:\Windows\system32\Drivers\AcpiVpc.sys
2014-05-20 20:22 - 2012-02-21 05:48 - 02356592 _____ (Microsoft Corporation) C:\Windows\system32\WudfUpdate_01011.dll
2014-05-19 20:00 - 2014-05-19 18:10 - 00000000 ____D () C:\Users\Lena\AppData\Roaming\Adobe
2014-05-19 20:00 - 2014-05-19 17:58 - 00000000 ____D () C:\Users\Lena\AppData\Local\Adobe
2014-05-19 19:56 - 2014-05-19 19:54 - 00000000 ___RD () C:\Windows\BrowserChoice
2014-05-19 19:56 - 2014-05-19 18:10 - 00000000 ____D () C:\Users\Lena\AppData\Local\Packages
2014-05-19 19:54 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-19 19:54 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-19 19:54 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-05-19 19:54 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\setup
2014-05-19 19:54 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2014-05-19 19:54 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-19 19:54 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-19 19:52 - 2013-08-22 16:46 - 00014392 _____ () C:\Windows\setupact.log
2014-05-19 19:51 - 2014-05-19 19:50 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-19 19:47 - 2014-05-19 19:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-05-19 19:04 - 2013-08-22 17:36 - 00262144 _____ () C:\Windows\system32\config\BCD-Template
2014-05-19 18:14 - 2014-05-19 18:14 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-05-19 18:11 - 2014-05-19 18:11 - 00000424 _____ () C:\Users\Lena\Desktop\Arbeitsplatz.lnk
2014-05-19 18:11 - 2014-05-19 18:11 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-05-19 18:10 - 2014-05-19 19:04 - 00000000 ____D () C:\Windows\Panther
2014-05-19 18:10 - 2014-05-19 18:10 - 00000020 ___SH () C:\Users\Lena\ntuser.ini
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Vorlagen
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Startmenü
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Netzwerkumgebung
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Lokale Einstellungen
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Eigene Dateien
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Druckumgebung
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Documents\Eigene Musik
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Documents\Eigene Bilder
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\AppData\Local\Verlauf
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\AppData\Local\Anwendungsdaten
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 _SHDL () C:\Users\Lena\Anwendungsdaten
2014-05-19 18:10 - 2014-05-19 18:10 - 00000000 ____D () C:\Users\Lena\AppData\Local\VirtualStore
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Programme
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-05-19 18:08 - 2014-05-19 18:08 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-05-19 18:08 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-05-19 18:08 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows NT
2014-05-19 18:08 - 2013-08-22 15:36 - 00000000 __RHD () C:\Users\Default
2014-05-19 18:07 - 2013-08-22 17:37 - 00002664 _____ () C:\Windows\DtcInstall.log
2014-05-19 18:07 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\Recovery
2014-05-19 18:06 - 2014-05-19 18:06 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-05-19 18:01 - 2014-05-19 18:01 - 00002533 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-05-19 18:01 - 2014-05-19 18:01 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-19 18:01 - 2014-05-19 18:01 - 00000000 ____D () C:\Users\Lena\AppData\Local\Skype
2014-05-19 18:01 - 2014-05-19 18:01 - 00000000 ____D () C:\ProgramData\Skype
2014-05-19 18:01 - 2014-05-19 18:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-05-19 18:00 - 2014-05-19 18:00 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-19 18:00 - 2014-05-19 18:00 - 00002039 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-05-19 17:59 - 2014-05-19 17:59 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-05-19 17:47 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-05-19 17:45 - 2014-05-19 17:45 - 00000000 __SHD () C:\Users\Lena\AppData\Local\EmieUserList
2014-05-19 17:45 - 2014-05-19 17:45 - 00000000 __SHD () C:\Users\Lena\AppData\Local\EmieSiteList
2014-05-19 17:45 - 2014-05-19 17:45 - 00000000 ____D () C:\Users\Lena\AppData\Roaming\Macromedia
2014-05-19 12:30 - 2014-05-19 12:30 - 00000000 ____D () C:\Users\Lena\Documents\Bluetooth-Exchange-Ordner
2014-05-19 12:30 - 2014-05-19 12:30 - 00000000 ____D () C:\Users\Lena\AppData\Local\Broadcom
2014-05-19 12:29 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
2014-05-19 12:27 - 2014-05-19 12:27 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-05-19 12:27 - 2014-05-19 12:27 - 00000000 ____D () C:\Program Files\Dolby Digital Plus
2014-05-19 12:27 - 2014-05-19 12:26 - 00000000 ____D () C:\Program Files\IDT
2014-05-19 12:25 - 2014-05-19 12:25 - 00000000 ____D () C:\ProgramData\AmUStor
2014-05-19 12:25 - 2014-05-19 12:25 - 00000000 ____D () C:\Program Files (x86)\AmIcoSingLun
2014-05-19 12:25 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\restore
2014-05-19 12:22 - 2014-05-19 12:22 - 00000000 ____D () C:\Program Files\Intel
2014-05-19 12:22 - 2014-05-19 12:22 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-05-19 12:22 - 2014-05-19 12:22 - 00000000 ____D () C:\Intel
2014-05-12 07:26 - 2014-05-24 01:18 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-24 01:18 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-24 01:18 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-06 06:40 - 2014-05-19 17:49 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 05:25 - 2014-05-19 17:49 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:00 - 2014-05-19 17:49 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-19 17:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-04 17:12 - 2014-05-19 19:50 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-01 22:30 - 2013-08-22 17:38 - 00693240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-01 22:30 - 2013-08-22 17:38 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\Lena\AppData\Local\Temp\gv5jl5be.p2w.exe
C:\Users\Lena\AppData\Local\Temp\nsiA47D.exe
C:\Users\Lena\AppData\Local\Temp\nsmA1DC.exe
C:\Users\Lena\AppData\Local\Temp\nsuE969.exe
C:\Users\Lena\AppData\Local\Temp\nsz9BB.exe
C:\Users\Lena\AppData\Local\Temp\nszE6C9.exe
C:\Users\Lena\AppData\Local\Temp\p2km23zb.bfu.exe
C:\Users\Lena\AppData\Local\Temp\Quarantine.exe
C:\Users\Lena\AppData\Local\Temp\w53x3n4u.0fs.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe
[2014-05-24 10:37] - [2014-03-28 17:58] - 0407016 ____A (Microsoft Corporation) 067CB90C277DB4A737D5DEABA3055972

C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-05-24 10:37] - [2014-03-06 14:42] - 0310616 ____A (Microsoft Corporation) 4BB9BC49DEE1A319EC58274A7BBED663



LastRegBack: 2014-05-19 18:05

==================== End Of Log ============================

--- --- ---

schrauber · 30.05.2014, 15:26

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

HKU\S-1-5-21-519987822-507761878-3893635422-1001\...\Run: [genesis_05232311] => c:\users\lena\appdata\local\genesis_05232311\genesis_05232311.exe [2953216 2014-05-24] ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
ProxyServer: http=127.0.0.1:13972;https=127.0.0.1:13972
C:\Users\Lena\AppData\Local\Temp\gv5jl5be.p2w.exe
C:\Users\Lena\AppData\Local\Temp\nsiA47D.exe
C:\Users\Lena\AppData\Local\Temp\nsmA1DC.exe
C:\Users\Lena\AppData\Local\Temp\nsuE969.exe
C:\Users\Lena\AppData\Local\Temp\nsz9BB.exe
C:\Users\Lena\AppData\Local\Temp\nszE6C9.exe
C:\Users\Lena\AppData\Local\Temp\p2km23zb.bfu.exe
C:\Users\Lena\AppData\Local\Temp\Quarantine.exe
C:\Users\Lena\AppData\Local\Temp\w53x3n4u.0fs.exe

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

JeffdJeff · 30.05.2014, 15:47

habe chrome deinstaliert (zuvor) und hab jetzt firefox drauf (mit explorer gibts die selben Probleme wie mit fox und chrome)

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-05-2014 02
Ran by Lena at 2014-05-30 16:34:26 Run:1
Running from C:\Users\Lena\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-519987822-507761878-3893635422-1001\...\Run: [genesis_05232311] => c:\users\lena\appdata\local\genesis_05232311\genesis_05232311.exe [2953216 2014-05-24] ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
ProxyServer: http=127.0.0.1:13972;https=127.0.0.1:13972
C:\Users\Lena\AppData\Local\Temp\gv5jl5be.p2w.exe
C:\Users\Lena\AppData\Local\Temp\nsiA47D.exe
C:\Users\Lena\AppData\Local\Temp\nsmA1DC.exe
C:\Users\Lena\AppData\Local\Temp\nsuE969.exe
C:\Users\Lena\AppData\Local\Temp\nsz9BB.exe
C:\Users\Lena\AppData\Local\Temp\nszE6C9.exe
C:\Users\Lena\AppData\Local\Temp\p2km23zb.bfu.exe
C:\Users\Lena\AppData\Local\Temp\Quarantine.exe
C:\Users\Lena\AppData\Local\Temp\w53x3n4u.0fs.exe
*****************

HKU\S-1-5-21-519987822-507761878-3893635422-1001\Software\Microsoft\Windows\CurrentVersion\Run\\genesis_05232311 => Value deleted successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully.
C:\Users\Lena\AppData\Local\Temp\gv5jl5be.p2w.exe => Moved successfully.
C:\Users\Lena\AppData\Local\Temp\nsiA47D.exe => Moved successfully.
C:\Users\Lena\AppData\Local\Temp\nsmA1DC.exe => Moved successfully.
C:\Users\Lena\AppData\Local\Temp\nsuE969.exe => Moved successfully.
C:\Users\Lena\AppData\Local\Temp\nsz9BB.exe => Moved successfully.
C:\Users\Lena\AppData\Local\Temp\nszE6C9.exe => Moved successfully.
C:\Users\Lena\AppData\Local\Temp\p2km23zb.bfu.exe => Moved successfully.
C:\Users\Lena\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Lena\AppData\Local\Temp\w53x3n4u.0fs.exe => Moved successfully.


The system needed a reboot. 

==== End of Fixlog ====

schrauber · 31.05.2014, 15:07

Noch Probleme?

JeffdJeff · 01.06.2014, 16:26

jo alles noch das selbe

also, es hat sich nichts geändert, ständig iwelcher freeware spam, der selbstständich aufgeht ohne iwelche klicks egal auf welchen browse

Code:

ATTFilter

# AdwCleaner v3.211 - Bericht erstellt am 01/06/2014 um 00:58:53
# Aktualisiert 26/05/2014 von Xplode
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Lena - ELENA
# Gestartet von : C:\Users\Lena\Downloads\adwcleaner_3.211 (1).exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\Software
Schlüssel Gefunden : HKCU\Software\genesis
Schlüssel Gefunden : [x64] HKCU\Software\genesis

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17037


-\\ Mozilla Firefox v29.0.1 (de)

[ Datei : C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\yi1j1wbg.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [3650 octets] - [25/05/2014 21:15:02]
AdwCleaner[R1].txt - [1047 octets] - [26/05/2014 18:57:49]
AdwCleaner[R2].txt - [1168 octets] - [26/05/2014 19:02:20]
AdwCleaner[R3].txt - [1288 octets] - [27/05/2014 19:48:08]
AdwCleaner[R4].txt - [1034 octets] - [01/06/2014 00:58:53]
AdwCleaner[S0].txt - [3254 octets] - [25/05/2014 21:15:28]
AdwCleaner[S1].txt - [1058 octets] - [26/05/2014 18:59:14]
AdwCleaner[S2].txt - [1180 octets] - [26/05/2014 19:04:37]
AdwCleaner[S3].txt - [1300 octets] - [27/05/2014 19:49:41]

########## EOF - C:\AdwCleaner\AdwCleaner[R4].txt - [1334 octets] ##########

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Scan Date: 31.05.2014
Scan Time: 21:41:44
Logfile: malw.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.05.31.09
Rootkit Database: v2014.05.21.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Lena

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 375999
Time Elapsed: 43 min, 1 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 6
PUP.Optional.Conduit.A, C:\FRST\Quarantine\C\Users\Lena\AppData\Local\Temp\nsiA47D.exe.xBAD, , [08ed14431c5fbb7b0a0df192e1200df3], 
PUP.Optional.Conduit.A, C:\FRST\Quarantine\C\Users\Lena\AppData\Local\Temp\nsmA1DC.exe.xBAD, , [fafb99be6b106bcbff186a19d0313ac6], 
PUP.Optional.Conduit.A, C:\FRST\Quarantine\C\Users\Lena\AppData\Local\Temp\nsuE969.exe.xBAD, , [e11436217a0164d231e613705da4cf31], 
PUP.Optional.Conduit.A, C:\FRST\Quarantine\C\Users\Lena\AppData\Local\Temp\nsz9BB.exe.xBAD, , [e31251061b60b28470a7b8cb3fc25ba5], 
PUP.Optional.Conduit.A, C:\FRST\Quarantine\C\Users\Lena\AppData\Local\Temp\nszE6C9.exe.xBAD, , [8174391e5328dc5a5abd20631ce5946c], 
PUP.Optional.Conduit.A, C:\Users\Lena\AppData\Local\Temp\nss7CCF\SpSetup.exe, , [0aeb0e497704f04636e1f48fd72a59a7], 

Physical Sectors: 0
(No malicious items detected)


(end)

der erste adv war direct nach scan, der 2 nach "löschen" da hätte ich ne frage:
nach der suche fragt ja das programm welche objekte man nicht löschen will (da soll man häckchen manchen) , da sind ja 3 häckchen bei den registery, soll ich eigentlich weg machen?

Code:

ATTFilter

# AdwCleaner v3.211 - Bericht erstellt am 01/06/2014 um 01:03:44
# Aktualisiert 26/05/2014 von Xplode
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Lena - ELENA
# Gestartet von : C:\Users\Lena\Downloads\adwcleaner_3.211 (1).exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\genesis
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17037


-\\ Mozilla Firefox v29.0.1 (de)

[ Datei : C:\Users\Lena\AppData\Roaming\Mozilla\Firefox\Profiles\yi1j1wbg.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [3650 octets] - [25/05/2014 21:15:02]
AdwCleaner[R1].txt - [1047 octets] - [26/05/2014 18:57:49]
AdwCleaner[R2].txt - [1168 octets] - [26/05/2014 19:02:20]
AdwCleaner[R3].txt - [1288 octets] - [27/05/2014 19:48:08]
AdwCleaner[R4].txt - [1418 octets] - [01/06/2014 00:58:53]
AdwCleaner[R5].txt - [1478 octets] - [01/06/2014 01:03:28]
AdwCleaner[S0].txt - [3254 octets] - [25/05/2014 21:15:28]
AdwCleaner[S1].txt - [1058 octets] - [26/05/2014 18:59:14]
AdwCleaner[S2].txt - [1180 octets] - [26/05/2014 19:04:37]
AdwCleaner[S3].txt - [1300 octets] - [27/05/2014 19:49:41]
AdwCleaner[S4].txt - [1349 octets] - [01/06/2014 01:03:44]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1409 octets] ##########

ei mir war noch genesis drauf (ist doch auch adwar, dass diese Probleme verursacht), habs jetzt gelöscht

schrauber · 02.06.2014, 12:23

Bei welchen Browsern hast DU das Problem? Nur bei Chrome?

JeffdJeff · 02.06.2014, 17:54

Ne, bei allen, aber es hat sich jetzt erledigt. wie es aussieht hatte der Laptop 2 adware Programme drauf " support iwas" und "Genesis" hab die gelöscht und nun kommt nichts mehr.

Denke mal es hat sich hiermit erledigt, danke für die Hilfe

schrauber · 03.06.2014, 18:31

poste auf jeden Fall noch en frisches FRST log, dann schauen wir ob auch wirklich alles runter is.

31.05.2014, 15:07	#8
schrauber /// the machine /// TB-Ausbilder	Chrome Öffnet Seiten mit freeware-Angeboten (unteranderem delivery67) selbständig! Noch Probleme? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

02.06.2014, 12:23	#10
schrauber /// the machine /// TB-Ausbilder	Chrome Öffnet Seiten mit freeware-Angeboten (unteranderem delivery67) selbständig! Bei welchen Browsern hast DU das Problem? Nur bei Chrome? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

03.06.2014, 18:31	#12
schrauber /// the machine /// TB-Ausbilder	Chrome Öffnet Seiten mit freeware-Angeboten (unteranderem delivery67) selbständig! poste auf jeden Fall noch en frisches FRST log, dann schauen wir ob auch wirklich alles runter is. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Chrome Öffnet Seiten mit freeware-Angeboten (unteranderem delivery67) selbständig!

Plagegeister aller Art und deren Bekämpfung: Chrome Öffnet Seiten mit freeware-Angeboten (unteranderem delivery67) selbständig!