| |
| |||||||
Log-Analyse und Auswertung: Problem mit hxxp://admin.true-secure.com/securita.php/?id=4157983&bro=FFWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
29.05.2014, 18:28
| #1 |
 |  Problem mit hxxp://admin.true-secure.com/securita.php/?id=4157983&bro=FF Liebe Community, ich habe o.g. Problem, welches avast gemeldet und geblockt hat. Im Vorfeld habe ich bereits folgende Infos für Euch: Ausgabe von FRST: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by ****** (administrator) on REGINA-PC on 29-05-2014 17:51:49
Running from C:\Users\******\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(FileHippo.com) C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBAgent.exe
(Thisisu) C:\Users\******\Desktop\JRT.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3888648 2014-05-29] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2092032 2014-02-03] (Dominik Reichl)
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBAgent.exe [2037072 2014-05-10] (Nero AG)
HKU\S-1-5-21-3492184576-273459616-3862360488-1001\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.splashtop.com/asusexpressgate/mb/searchAPI.php?SE=yahoo&QS=http%3A%2F%2Fde.search.yahoo.com%2Fsearch%3Ffr%3Dfp-devicevm%26type%3DWEB01
URLSearchHook: HKCU - (No Name) - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - No File
SearchScopes: HKCU - {33CA35C9-04D0-45af-AED5-A938D3EAE75E} URL = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5369970905&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms}
SearchScopes: HKCU - {AAE7B4C9-BB83-402c-A0E3-C282FD18D9A8} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: No Name - {FCADDC14-BD46-408A-9842-CDBE1C6D37EB} - C:\Users\******\AppData\LocalLow\systems ie bho\bho.dll ()
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\3ybwinz6.default
FF DefaultSearchEngine: DuckDuckGo
FF SelectedSearchEngine: DuckDuckGo
FF Homepage: www.zeit.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF SearchPlugin: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\3ybwinz6.default\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Foxy Security - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\3ybwinz6.default\Extensions\sys@foxysecurity.com [2014-05-29]
FF Extension: Ghostery - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\3ybwinz6.default\Extensions\firefox@ghostery.com.xpi [2014-02-28]
FF Extension: DuckDuckGo Plus - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\3ybwinz6.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2014-03-02]
FF Extension: Adblock Plus - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\3ybwinz6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-02]
FF Extension: BetterPrivacy - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\3ybwinz6.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2014-03-02]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-28]
==================== Services (Whitelisted) =================
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144 2010-11-03] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [915584 2010-12-02] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-19] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-05-29] (AVAST Software)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [241728 2014-03-11] (Foxit Corporation)
R2 NBService; C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe [265552 2014-05-10] (Nero AG)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
==================== Drivers (Whitelisted) ====================
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-04-19] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-05-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-19] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [447888 2014-05-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-19] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-19] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-19] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-19] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-04-19] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [26624 2010-05-20] (Windows (R) Codename Longhorn DDK provider)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-29 17:26 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-29 17:26 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-29 17:26 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-29 17:26 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-29 17:26 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-29 17:26 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-29 17:24 - 2014-05-29 17:25 - 00000474 _____ () C:\Users\******\Downloads\defogger_disable.log
2014-05-29 17:24 - 2014-05-29 17:24 - 00000000 _____ () C:\Users\******\defogger_reenable
2014-05-29 17:22 - 2014-05-29 17:22 - 00050477 _____ () C:\Users\******\Downloads\Defogger.exe
2014-05-29 17:04 - 2014-05-29 17:04 - 00001375 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk
2014-05-29 17:04 - 2014-05-29 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2014-05-29 17:02 - 2014-05-29 17:03 - 34131368 _____ (Oracle Corporation) C:\Users\******\Downloads\jre-8u5-windows-x64.exe
2014-05-29 17:01 - 2014-05-29 17:01 - 39187992 _____ (Foxit Corporation ) C:\Users\******\Downloads\FoxitReader620.0429_enu_Setup.exe
2014-05-29 16:59 - 2014-05-29 16:59 - 00000922 _____ () C:\Users\Public\Desktop\AIMP3.lnk
2014-05-29 16:59 - 2014-05-29 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3
2014-05-29 16:58 - 2014-05-29 16:58 - 07681400 _____ (AIMP DevTeam) C:\Users\******\Downloads\aimp_3.55.1345.exe
2014-05-29 16:57 - 2014-05-29 16:57 - 00264757 _____ () C:\Users\******\Downloads\FHSetup.exe
2014-05-29 16:57 - 2014-05-29 16:57 - 00002016 _____ () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
2014-05-29 16:57 - 2014-05-29 16:57 - 00001986 _____ () C:\Users\******\Desktop\Update Checker.lnk
2014-05-29 16:57 - 2014-05-29 16:57 - 00000000 ____D () C:\Program Files (x86)\FileHippo.com
2014-05-29 16:52 - 2014-05-29 16:52 - 00000000 __SHD () C:\Users\******\AppData\Local\EmieUserList
2014-05-29 16:52 - 2014-05-29 16:52 - 00000000 __SHD () C:\Users\******\AppData\Local\EmieSiteList
2014-05-29 16:52 - 2014-05-29 16:52 - 00000000 ____D () C:\Windows\pss
2014-05-29 16:49 - 2014-05-29 16:49 - 04748896 _____ (Piriform Ltd) C:\Users\******\Downloads\ccsetup414.exe
2014-05-29 16:47 - 2014-05-29 16:47 - 00003488 _____ () C:\Windows\System32\Tasks\****** NBAgent 15 0
2014-05-29 16:47 - 2014-05-29 16:47 - 00000000 ____D () C:\Users\******\Documents\Nero BackItUp Device Backup
2014-05-29 16:46 - 2014-05-29 16:46 - 00000000 ____D () C:\Users\******\AppData\Roaming\Nero
2014-05-29 16:45 - 2014-05-29 16:45 - 00002665 _____ () C:\Users\Public\Desktop\Nero BackItUp 2014.lnk
2014-05-29 16:45 - 2014-05-29 16:45 - 00000000 ____D () C:\Windows\System32\Tasks\Nero
2014-05-29 16:44 - 2014-05-29 16:46 - 00000000 ____D () C:\ProgramData\Nero
2014-05-29 16:44 - 2014-05-29 16:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2014-05-29 16:44 - 2014-05-29 16:45 - 00000000 ____D () C:\Program Files (x86)\Nero
2014-05-29 16:43 - 2014-05-29 16:43 - 42441496 _____ (Nero AG) C:\Users\******\Downloads\Nero_BackItUp2014-15.0.04200_free.exe
2014-05-29 16:41 - 2014-05-29 17:51 - 00010746 _____ () C:\Users\******\Desktop\FRST.txt
2014-05-29 15:57 - 2014-05-29 15:57 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-29 15:55 - 2014-05-29 15:55 - 02347384 _____ (ESET) C:\Users\******\Desktop\esetsmartinstaller_deu.exe
2014-05-29 15:52 - 2014-05-29 15:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-29 15:50 - 2014-05-29 15:51 - 00002040 _____ () C:\Users\******\Desktop\Rkill.txt
2014-05-29 15:50 - 2014-05-29 15:50 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\******\Downloads\rkill.com
2014-05-29 15:48 - 2014-05-29 15:48 - 01016261 _____ (Thisisu) C:\Users\******\Desktop\JRT.exe
2014-05-29 15:42 - 2014-05-29 15:42 - 00003026 _____ () C:\Users\******\Desktop\AdwCleaner[S1].txt
2014-05-29 15:33 - 2014-05-29 15:43 - 00000000 ____D () C:\AdwCleaner
2014-05-29 15:33 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-29 15:31 - 2014-05-29 15:31 - 01327971 _____ () C:\Users\******\Desktop\adwcleaner_3.211.exe
2014-05-29 15:20 - 2014-05-29 16:40 - 00025368 _____ () C:\Users\******\Desktop\Addition.txt
2014-05-29 15:19 - 2014-05-29 17:51 - 00000000 ____D () C:\FRST
2014-05-29 15:19 - 2014-05-29 16:40 - 00049629 _____ () C:\Users\******\Downloads\FRST.txt
2014-05-29 15:12 - 2014-05-29 15:12 - 02066944 _____ (Farbar) C:\Users\******\Desktop\FRST64.exe
2014-05-29 14:54 - 2014-05-29 15:39 - 00000650 _____ () C:\Windows\PFRO.log
2014-05-29 14:52 - 2014-05-29 14:52 - 00001989 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-05-29 14:51 - 2014-05-29 14:51 - 00447888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-05-29 14:51 - 2014-05-29 14:51 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-05-29 14:49 - 2014-05-29 14:49 - 133421120 _____ (AVAST Software) C:\Users\******\Downloads\avast_internet_security_setup.exe
2014-05-29 14:44 - 2014-05-20 01:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-05-29 14:40 - 2014-05-20 04:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-29 14:40 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-05-29 14:37 - 2014-05-29 14:37 - 00000000 ____D () C:\NVIDIA
2014-05-29 14:34 - 2014-05-29 16:31 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-29 14:34 - 2014-05-29 14:34 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-29 14:33 - 2014-05-29 15:42 - 00000000 ____D () C:\Users\******\Documents\Mein Steuer-Sparbuch Heute
2014-05-29 14:31 - 2014-05-29 17:47 - 00001196 _____ () C:\Windows\setupact.log
2014-05-29 14:31 - 2014-05-29 14:31 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-19 18:59 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-19 18:59 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-19 18:59 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-19 18:59 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-19 18:59 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-19 18:59 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-19 18:59 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-19 18:59 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-19 18:59 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-19 18:59 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-19 18:59 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-19 18:59 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-19 18:59 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-19 18:59 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-19 18:59 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-19 18:59 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-19 18:59 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-19 18:59 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-19 18:59 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-19 18:58 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-19 18:58 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-19 18:58 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-19 18:58 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-19 18:58 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-19 18:58 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-19 18:58 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-19 18:58 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-19 18:58 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-19 18:58 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-19 18:58 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-19 18:58 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-19 18:58 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-19 18:58 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-19 18:58 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-19 18:58 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-19 18:58 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-19 18:58 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-19 18:58 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-19 18:58 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-19 18:58 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-19 18:58 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-19 18:58 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-19 18:58 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-19 18:58 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-19 18:51 - 2014-05-19 18:52 - 00000000 ____D () C:\Users\******\AppData\Roaming\Security Systems
2014-05-19 18:51 - 2014-05-19 18:51 - 00000000 ____D () C:\Users\******\AppData\Roaming\Foxit Software
2014-05-19 18:51 - 2014-05-19 18:51 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-05-19 18:51 - 2014-05-19 18:51 - 00000000 ____D () C:\Program Files (x86)\Foxit Software
2014-05-19 18:47 - 2014-05-19 18:47 - 00386904 _____ (Softonic ) C:\Users\******\Downloads\SoftonicDownloader_fuer_foxit-reader.exe
2014-05-19 18:31 - 2014-05-19 18:31 - 00000000 ____D () C:\Users\******\Documents\Steuer-Sparbuch
2014-05-19 18:00 - 2014-05-19 18:00 - 00000000 _____ () C:\Users\******\Sti_Trace.log
2014-05-19 16:06 - 2014-05-19 16:06 - 00000000 ____D () C:\Users\******\AppData\Roaming\Buhl Data Service
2014-05-19 16:06 - 2014-05-19 16:06 - 00000000 ____D () C:\Users\******\AppData\Local\Buhl Data Service
2014-05-19 15:30 - 2014-05-19 15:30 - 04745984 _____ (Piriform Ltd) C:\Users\******\Downloads\ccsetup413.exe
2014-05-19 15:19 - 2014-05-19 15:19 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-05-19 15:19 - 2014-05-19 15:19 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-05-19 15:16 - 2014-05-19 15:32 - 00000000 ____D () C:\Users\******\AppData\Roaming\Samsung
2014-05-19 15:16 - 2014-05-19 15:32 - 00000000 ____D () C:\Users\******\AppData\Local\Samsung
2014-05-19 15:16 - 2014-05-19 15:16 - 00000000 ____D () C:\Users\******\Documents\samsung
2014-05-19 15:16 - 2014-05-19 15:16 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2014-05-19 15:15 - 2014-05-19 15:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
2014-05-19 15:15 - 2014-05-19 15:15 - 00000000 ____D () C:\Program Files (x86)\MyFree Codec
2014-05-19 15:15 - 2014-04-11 10:39 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2014-05-19 15:15 - 2014-04-11 10:39 - 00708168 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2014-05-19 15:15 - 2014-04-11 10:39 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-05-19 15:15 - 2014-04-11 10:39 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-05-19 15:14 - 2014-05-19 15:32 - 00000000 ____D () C:\ProgramData\Samsung
2014-05-19 15:14 - 2014-05-19 15:32 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-05-19 15:14 - 2013-12-30 10:53 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\SysWOW64\Redemption.dll
2014-05-19 15:14 - 2013-12-30 10:53 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2014-05-19 15:13 - 2014-05-19 15:13 - 00000000 ____D () C:\Users\******\AppData\Local\Downloaded Installations
2014-05-19 15:12 - 2014-05-19 15:13 - 75879368 _____ (Samsung Electronics Co., Ltd.) C:\Users\******\Downloads\KiesSetup263.exe
2014-05-19 15:10 - 2014-05-19 16:11 - 00000622 _____ () C:\Windows\wiso.ini
2014-05-19 15:10 - 2014-05-19 15:58 - 00000000 ____D () C:\Users\******\AppData\Local\Buhl
2014-05-19 15:10 - 2014-05-19 15:10 - 00002112 _____ () C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2014.lnk
2014-05-19 15:10 - 2014-05-19 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Steuer-Sparbuch 2014
2014-05-19 15:09 - 2014-05-19 15:09 - 00000000 ____D () C:\Program Files (x86)\WISO
2014-05-19 15:08 - 2014-05-19 15:10 - 00000000 ____D () C:\ProgramData\Buhl Data Service GmbH
2014-05-19 14:54 - 2014-05-19 14:54 - 01038704 _____ (Amazon Services LLC) C:\Users\******\Downloads\WISO_Steuer_Sparbuch_2014_für_Steuerjahr_2013_Downloader.exe
2014-05-19 13:26 - 2014-05-19 13:26 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-19 13:19 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-19 13:19 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-19 13:19 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-19 13:19 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-19 13:19 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-19 13:19 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-19 13:19 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-19 13:19 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-19 13:19 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-19 13:19 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-19 13:19 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-19 13:19 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-19 13:19 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-19 13:19 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-19 13:19 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-19 13:19 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-19 13:19 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-19 13:19 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-19 13:19 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-19 13:19 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-19 13:19 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-19 13:19 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-19 13:19 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-19 13:19 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-19 13:19 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-19 13:19 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-19 13:19 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-19 13:19 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-19 13:19 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-19 13:19 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-19 13:19 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-19 13:19 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-19 13:19 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-19 13:19 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-19 13:19 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-19 13:19 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-19 13:19 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-19 13:19 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-19 13:19 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-19 13:19 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-19 13:19 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-19 13:19 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-19 13:19 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-19 13:19 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-19 13:19 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-19 13:18 - 2014-03-04 16:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-05-19 13:18 - 2014-03-04 16:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-05-19 13:12 - 2014-05-19 13:12 - 00000000 ____D () C:\Windows\Options
2014-05-19 13:12 - 2014-05-19 13:12 - 00000000 ____D () C:\ProgramData\TP-LINK
2014-05-19 13:12 - 2010-05-13 09:58 - 00007484 _____ () C:\Windows\system32\athurextx.cat
2014-05-19 13:12 - 2010-01-05 19:23 - 01847296 ____R (Atheros Communications, Inc.) C:\Windows\system32\athurx.sys
2014-05-19 13:12 - 2010-01-05 19:23 - 01847296 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athurx.sys
==================== One Month Modified Files and Folders =======
2014-05-29 17:51 - 2014-05-29 16:41 - 00010746 _____ () C:\Users\******\Desktop\FRST.txt
2014-05-29 17:51 - 2014-05-29 15:19 - 00000000 ____D () C:\FRST
2014-05-29 17:50 - 2009-07-14 06:45 - 00021856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-29 17:50 - 2009-07-14 06:45 - 00021856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-29 17:47 - 2014-05-29 14:31 - 00001196 _____ () C:\Windows\setupact.log
2014-05-29 17:46 - 2014-02-28 16:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-29 17:46 - 2014-02-28 15:40 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-29 17:46 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-29 17:27 - 2014-02-28 14:47 - 01132360 _____ () C:\Windows\WindowsUpdate.log
2014-05-29 17:25 - 2014-05-29 17:24 - 00000474 _____ () C:\Users\******\Downloads\defogger_disable.log
2014-05-29 17:24 - 2014-05-29 17:24 - 00000000 _____ () C:\Users\******\defogger_reenable
2014-05-29 17:24 - 2014-02-28 14:51 - 00000000 ____D () C:\Users\******
2014-05-29 17:22 - 2014-05-29 17:22 - 00050477 _____ () C:\Users\******\Downloads\Defogger.exe
2014-05-29 17:04 - 2014-05-29 17:04 - 00001375 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk
2014-05-29 17:04 - 2014-05-29 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2014-05-29 17:03 - 2014-05-29 17:02 - 34131368 _____ (Oracle Corporation) C:\Users\******\Downloads\jre-8u5-windows-x64.exe
2014-05-29 17:01 - 2014-05-29 17:01 - 39187992 _____ (Foxit Corporation ) C:\Users\******\Downloads\FoxitReader620.0429_enu_Setup.exe
2014-05-29 16:59 - 2014-05-29 16:59 - 00000922 _____ () C:\Users\Public\Desktop\AIMP3.lnk
2014-05-29 16:59 - 2014-05-29 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3
2014-05-29 16:59 - 2014-02-28 18:41 - 00000000 ____D () C:\Program Files (x86)\AIMP3
2014-05-29 16:58 - 2014-05-29 16:58 - 07681400 _____ (AIMP DevTeam) C:\Users\******\Downloads\aimp_3.55.1345.exe
2014-05-29 16:57 - 2014-05-29 16:57 - 00264757 _____ () C:\Users\******\Downloads\FHSetup.exe
2014-05-29 16:57 - 2014-05-29 16:57 - 00002016 _____ () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
2014-05-29 16:57 - 2014-05-29 16:57 - 00001986 _____ () C:\Users\******\Desktop\Update Checker.lnk
2014-05-29 16:57 - 2014-05-29 16:57 - 00000000 ____D () C:\Program Files (x86)\FileHippo.com
2014-05-29 16:52 - 2014-05-29 16:52 - 00000000 __SHD () C:\Users\******\AppData\Local\EmieUserList
2014-05-29 16:52 - 2014-05-29 16:52 - 00000000 __SHD () C:\Users\******\AppData\Local\EmieSiteList
2014-05-29 16:52 - 2014-05-29 16:52 - 00000000 ____D () C:\Windows\pss
2014-05-29 16:52 - 2014-02-28 15:35 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-29 16:52 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-29 16:51 - 2014-02-28 15:35 - 00000000 ____D () C:\Users\******\AppData\Local\Google
2014-05-29 16:50 - 2014-02-28 16:09 - 00000839 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-05-29 16:50 - 2014-02-28 16:09 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-29 16:49 - 2014-05-29 16:49 - 04748896 _____ (Piriform Ltd) C:\Users\******\Downloads\ccsetup414.exe
2014-05-29 16:47 - 2014-05-29 16:47 - 00003488 _____ () C:\Windows\System32\Tasks\****** NBAgent 15 0
2014-05-29 16:47 - 2014-05-29 16:47 - 00000000 ____D () C:\Users\******\Documents\Nero BackItUp Device Backup
2014-05-29 16:46 - 2014-05-29 16:46 - 00000000 ____D () C:\Users\******\AppData\Roaming\Nero
2014-05-29 16:46 - 2014-05-29 16:44 - 00000000 ____D () C:\ProgramData\Nero
2014-05-29 16:45 - 2014-05-29 16:45 - 00002665 _____ () C:\Users\Public\Desktop\Nero BackItUp 2014.lnk
2014-05-29 16:45 - 2014-05-29 16:45 - 00000000 ____D () C:\Windows\System32\Tasks\Nero
2014-05-29 16:45 - 2014-05-29 16:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2014-05-29 16:45 - 2014-05-29 16:44 - 00000000 ____D () C:\Program Files (x86)\Nero
2014-05-29 16:43 - 2014-05-29 16:43 - 42441496 _____ (Nero AG) C:\Users\******\Downloads\Nero_BackItUp2014-15.0.04200_free.exe
2014-05-29 16:40 - 2014-05-29 15:20 - 00025368 _____ () C:\Users\******\Desktop\Addition.txt
2014-05-29 16:40 - 2014-05-29 15:19 - 00049629 _____ () C:\Users\******\Downloads\FRST.txt
2014-05-29 16:36 - 2014-02-28 16:07 - 00000000 ____D () C:\Users\******\AppData\Local\Thunderbird
2014-05-29 16:31 - 2014-05-29 14:34 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-29 16:06 - 2011-04-12 09:43 - 00698688 _____ () C:\Windows\system32\perfh007.dat
2014-05-29 16:06 - 2011-04-12 09:43 - 00148828 _____ () C:\Windows\system32\perfc007.dat
2014-05-29 16:06 - 2009-07-14 07:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-29 15:57 - 2014-05-29 15:57 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-29 15:55 - 2014-05-29 15:55 - 02347384 _____ (ESET) C:\Users\******\Desktop\esetsmartinstaller_deu.exe
2014-05-29 15:52 - 2014-05-29 15:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-29 15:51 - 2014-05-29 15:50 - 00002040 _____ () C:\Users\******\Desktop\Rkill.txt
2014-05-29 15:50 - 2014-05-29 15:50 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\******\Downloads\rkill.com
2014-05-29 15:48 - 2014-05-29 15:48 - 01016261 _____ (Thisisu) C:\Users\******\Desktop\JRT.exe
2014-05-29 15:43 - 2014-05-29 15:33 - 00000000 ____D () C:\AdwCleaner
2014-05-29 15:42 - 2014-05-29 15:42 - 00003026 _____ () C:\Users\******\Desktop\AdwCleaner[S1].txt
2014-05-29 15:42 - 2014-05-29 14:33 - 00000000 ____D () C:\Users\******\Documents\Mein Steuer-Sparbuch Heute
2014-05-29 15:39 - 2014-05-29 14:54 - 00000650 _____ () C:\Windows\PFRO.log
2014-05-29 15:31 - 2014-05-29 15:31 - 01327971 _____ () C:\Users\******\Desktop\adwcleaner_3.211.exe
2014-05-29 15:12 - 2014-05-29 15:12 - 02066944 _____ (Farbar) C:\Users\******\Desktop\FRST64.exe
2014-05-29 14:55 - 2014-02-28 15:36 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-05-29 14:52 - 2014-05-29 14:52 - 00001989 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-05-29 14:52 - 2014-02-28 15:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-05-29 14:51 - 2014-05-29 14:51 - 00447888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-05-29 14:51 - 2014-05-29 14:51 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-05-29 14:49 - 2014-05-29 14:49 - 133421120 _____ (AVAST Software) C:\Users\******\Downloads\avast_internet_security_setup.exe
2014-05-29 14:44 - 2014-02-28 17:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-05-29 14:44 - 2014-02-28 15:39 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-05-29 14:37 - 2014-05-29 14:37 - 00000000 ____D () C:\NVIDIA
2014-05-29 14:34 - 2014-05-29 14:34 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-29 14:33 - 2014-02-28 16:19 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-29 14:33 - 2014-02-28 16:19 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-29 14:31 - 2014-05-29 14:31 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-29 14:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-20 04:44 - 2014-05-29 14:40 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-20 04:44 - 2014-05-29 14:40 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-05-20 04:44 - 2014-02-28 17:36 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-05-20 04:44 - 2014-02-28 17:36 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-05-20 04:44 - 2014-02-28 17:36 - 14434704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-05-20 04:44 - 2014-02-28 17:36 - 03109248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-05-20 04:44 - 2014-02-28 17:36 - 02730208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-05-20 04:44 - 2014-02-28 17:36 - 00952952 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-05-20 04:44 - 2014-02-28 15:40 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-05-20 04:44 - 2014-02-28 15:40 - 00052056 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-05-20 04:44 - 2013-10-27 10:12 - 00026069 _____ () C:\Windows\system32\nvinfo.pb
2014-05-20 03:25 - 2014-02-28 15:40 - 06769096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-05-20 03:25 - 2014-02-28 15:40 - 03514144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-05-20 03:25 - 2014-02-28 15:40 - 02560968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-05-20 03:25 - 2014-02-28 15:40 - 00927520 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-05-20 03:25 - 2014-02-28 15:40 - 00387528 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-05-20 03:25 - 2014-02-28 15:40 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-05-20 01:10 - 2014-05-29 14:44 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-05-19 18:52 - 2014-05-19 18:51 - 00000000 ____D () C:\Users\******\AppData\Roaming\Security Systems
2014-05-19 18:51 - 2014-05-19 18:51 - 00000000 ____D () C:\Users\******\AppData\Roaming\Foxit Software
2014-05-19 18:51 - 2014-05-19 18:51 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-05-19 18:51 - 2014-05-19 18:51 - 00000000 ____D () C:\Program Files (x86)\Foxit Software
2014-05-19 18:47 - 2014-05-19 18:47 - 00386904 _____ (Softonic ) C:\Users\******\Downloads\SoftonicDownloader_fuer_foxit-reader.exe
2014-05-19 18:31 - 2014-05-19 18:31 - 00000000 ____D () C:\Users\******\Documents\Steuer-Sparbuch
2014-05-19 18:00 - 2014-05-19 18:00 - 00000000 _____ () C:\Users\******\Sti_Trace.log
2014-05-19 16:11 - 2014-05-19 15:10 - 00000622 _____ () C:\Windows\wiso.ini
2014-05-19 16:06 - 2014-05-19 16:06 - 00000000 ____D () C:\Users\******\AppData\Roaming\Buhl Data Service
2014-05-19 16:06 - 2014-05-19 16:06 - 00000000 ____D () C:\Users\******\AppData\Local\Buhl Data Service
2014-05-19 15:58 - 2014-05-19 15:10 - 00000000 ____D () C:\Users\******\AppData\Local\Buhl
2014-05-19 15:56 - 2014-02-28 18:41 - 00000000 ____D () C:\Users\******\AppData\Roaming\AIMP3
2014-05-19 15:56 - 2014-02-28 14:43 - 00000000 ____D () C:\Windows\Panther
2014-05-19 15:32 - 2014-05-19 15:16 - 00000000 ____D () C:\Users\******\AppData\Roaming\Samsung
2014-05-19 15:32 - 2014-05-19 15:16 - 00000000 ____D () C:\Users\******\AppData\Local\Samsung
2014-05-19 15:32 - 2014-05-19 15:14 - 00000000 ____D () C:\ProgramData\Samsung
2014-05-19 15:32 - 2014-05-19 15:14 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-05-19 15:32 - 2014-02-28 15:08 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-19 15:30 - 2014-05-19 15:30 - 04745984 _____ (Piriform Ltd) C:\Users\******\Downloads\ccsetup413.exe
2014-05-19 15:19 - 2014-05-19 15:19 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-05-19 15:19 - 2014-05-19 15:19 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-05-19 15:16 - 2014-05-19 15:16 - 00000000 ____D () C:\Users\******\Documents\samsung
2014-05-19 15:16 - 2014-05-19 15:16 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2014-05-19 15:15 - 2014-05-19 15:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
2014-05-19 15:15 - 2014-05-19 15:15 - 00000000 ____D () C:\Program Files (x86)\MyFree Codec
2014-05-19 15:13 - 2014-05-19 15:13 - 00000000 ____D () C:\Users\******\AppData\Local\Downloaded Installations
2014-05-19 15:13 - 2014-05-19 15:12 - 75879368 _____ (Samsung Electronics Co., Ltd.) C:\Users\******\Downloads\KiesSetup263.exe
2014-05-19 15:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-19 15:10 - 2014-05-19 15:10 - 00002112 _____ () C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2014.lnk
2014-05-19 15:10 - 2014-05-19 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Steuer-Sparbuch 2014
2014-05-19 15:10 - 2014-05-19 15:08 - 00000000 ____D () C:\ProgramData\Buhl Data Service GmbH
2014-05-19 15:09 - 2014-05-19 15:09 - 00000000 ____D () C:\Program Files (x86)\WISO
2014-05-19 14:54 - 2014-05-19 14:54 - 01038704 _____ (Amazon Services LLC) C:\Users\******\Downloads\WISO_Steuer_Sparbuch_2014_für_Steuerjahr_2013_Downloader.exe
2014-05-19 14:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-19 13:32 - 2014-02-28 15:35 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-05-19 13:32 - 2014-02-28 15:35 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-19 13:32 - 2014-02-28 15:35 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-19 13:30 - 2014-02-28 14:52 - 00000000 ___RD () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-19 13:30 - 2014-02-28 14:52 - 00000000 ___RD () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-19 13:26 - 2014-05-19 13:26 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-19 13:24 - 2014-02-28 19:31 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-19 13:21 - 2014-02-28 19:31 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-19 13:12 - 2014-05-19 13:12 - 00000000 ____D () C:\Windows\Options
2014-05-19 13:12 - 2014-05-19 13:12 - 00000000 ____D () C:\ProgramData\TP-LINK
2014-05-15 01:49 - 2014-02-28 15:40 - 03774821 _____ () C:\Windows\system32\nvcoproc.bin
2014-05-09 08:14 - 2014-05-19 13:19 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-19 13:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-06 06:40 - 2014-05-29 17:26 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-29 17:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-29 17:26 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-29 17:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-29 17:26 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-29 17:26 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
Some content of TEMP:
====================
C:\Users\******\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\******\AppData\Local\Temp\Foxit Updater.exe
C:\Users\******\AppData\Local\Temp\FoxySecuritySetup.exe
C:\Users\******\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\******\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\******\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\******\AppData\Local\Temp\nvStInst.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-19 13:58
==================== End Of Log ============================
--- --- --- weiter gehts mit: Ausgabe JRT: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 02
Ran by ****** at 2014-05-29 15:20:03
Running from C:\Users\******\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 1.01.14 - ASUSTeK)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.55.1338, 31.01.2014 - AIMP DevTeam)
avast! Internet Security (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
Browser Configuration Utility (HKLM-x32\...\{BA88EE67-8974-459D-A1DB-C8281D9AC6F6}) (Version: 1.0.12.1 - DeviceVM, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
Diagnostic Utility (HKLM-x32\...\{7236672F-6430-439E-9B27-27EDEAF1D676}) (Version: 1.00.0000 - Realtek)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
EPSON Attach To Email (HKLM-x32\...\InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}) (Version: 1.01.0000 - SEIKO EPSON)
EPSON Attach To Email (x32 Version: 1.01.0000 - SEIKO EPSON) Hidden
EPSON Copy Utility 3 (HKLM-x32\...\{67EDD823-135A-4D59-87BD-950616D6E857}) (Version: 3.3.0.0 - )
EPSON Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 1.80.00 - )
EPSON File Manager (HKLM-x32\...\{2EB81825-E9EE-44F4-8F51-1240C3898DC6}) (Version: 1.3.0.0 - )
EPSON PERFECTION V200 PHOTO Handbuch (HKLM-x32\...\EPSON PERFECTION V200 PHOTO Benutzerhandbuch) (Version: - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
EPSON Scan Assistant (HKLM-x32\...\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}) (Version: 1.11.00 - )
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.2.75.126 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.4.217 - Foxit Corporation)
Foxy Security (HKLM-x32\...\Foxy Security) (Version: - )
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
KeePass Password Safe 2.25 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.25 - Dominik Reichl)
Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 4.2.1909 - KYOCERA Document Solutions Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.3.0 (x86 de)) (Version: 24.3.0 - Mozilla)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 7.0.0.7129 - MyHeritage.com)
NVIDIA 3D Vision Controller-Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.154.1168 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0009 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
TP-LINK Wireless Client Utility (HKLM-x32\...\{7A2A107B-9695-423F-9462-8F17C178BD35}) (Version: 7.0 - TP-LINK)
WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{388B9059-5A66-41C5-9537-FDD8565AE011}) (Version: 21.00.8480 - Buhl Data Service GmbH)
==================== Restore Points =========================
19-04-2014 19:43:07 Windows Update
19-05-2014 11:20:17 Windows Update
19-05-2014 13:08:59 Installiert WISO Steuer-Sparbuch 2014
19-05-2014 13:13:53 Installed Samsung Kies
19-05-2014 13:31:58 Removed Samsung Kies
19-05-2014 16:58:38 Windows Update
29-05-2014 12:37:49 Windows Update
29-05-2014 12:49:52 avast! antivirus system restore point
29-05-2014 12:51:48 Gerätetreiber-Paketinstallation: Avast Netzwerkdienst
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {1EEC61A9-E197-4395-A59B-7AE3BF653C3C} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {462A7822-E95C-4794-8DC2-B19277BDE2F3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {4B65EB41-E310-4431-8CBA-207B96C16FB1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-28] (Google Inc.)
Task: {7B85B6D5-1500-4BE4-8330-88FC47A7DF03} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-19] (AVAST Software)
Task: {D7A6FDA7-CC37-4002-B027-4C70BE1D6495} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-28] (Google Inc.)
Task: {D95672CA-3504-4D29-BF6D-6A53818CE151} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-29] (Adobe Systems Incorporated)
Task: {F8BC2DFC-3BE1-4F4E-8328-AA0B44BF3F39} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2010-11-26] (ASUSTeK Computer Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-02-28 15:40 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-11-03 11:30 - 2010-11-03 11:30 - 00918144 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
2010-12-02 04:15 - 2010-12-02 04:15 - 00915584 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
2014-02-28 15:23 - 2010-10-21 11:52 - 00586880 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
2014-05-19 15:09 - 2014-04-23 15:03 - 01430320 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe
2014-05-29 14:33 - 2014-05-29 14:33 - 02259456 _____ () C:\Program Files\AVAST Software\Avast\defs\14052900\algo.dll
2014-02-28 15:23 - 2014-05-29 14:54 - 00019456 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\PEbiosinterface32.dll
2014-02-28 15:23 - 2010-06-29 04:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.13\ATKEX.dll
2014-05-19 15:09 - 2014-04-23 15:03 - 09787184 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wgui14.dll
2014-05-19 15:09 - 2014-04-23 15:03 - 00035632 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\rsdcom48.dll
2014-05-19 15:09 - 2014-04-23 15:03 - 00309040 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\rscorewinapi48.dll
2014-05-19 15:09 - 2014-04-23 15:03 - 00322864 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\rsguiwinapi48.dll
2014-05-19 15:09 - 2014-04-23 15:04 - 03807024 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wcore14.dll
2014-05-19 15:09 - 2014-04-23 15:03 - 00136496 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\rsodbc48.dll
2014-05-19 15:09 - 2014-04-23 15:03 - 02703152 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wfvie14.dll
2014-05-19 15:09 - 2014-04-23 15:03 - 02001200 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wsteu14.dll
2014-05-19 15:09 - 2014-04-23 15:03 - 01929520 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wreli14.dll
2014-05-19 15:09 - 2014-04-23 15:03 - 04321072 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wauff14.dll
2014-05-19 15:09 - 2014-02-11 11:53 - 01043456 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\clucene-core.dll
2014-05-19 15:09 - 2014-02-11 11:53 - 00094720 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\clucene-shared.dll
2014-05-19 15:09 - 2014-02-11 11:53 - 00250368 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\clucene-contribs-lib.dll
2014-05-19 15:09 - 2014-04-23 15:03 - 01562928 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wmain14.dll
2014-05-19 15:09 - 2014-04-23 15:03 - 05154096 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wbae114.dll
2014-05-19 15:09 - 2014-04-23 15:03 - 01691440 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wbae214.dll
2014-05-19 15:09 - 2014-04-23 15:03 - 01807152 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wbae314.dll
2014-05-19 15:09 - 2014-04-23 15:03 - 01626416 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wbae414.dll
2014-05-19 15:09 - 2014-04-23 15:03 - 01115440 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\whau114.dll
2014-05-19 15:09 - 2014-04-23 15:03 - 01329456 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\whau214.dll
2014-05-19 15:09 - 2014-04-23 15:03 - 01257264 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wwerb14.dll
2014-05-19 15:09 - 2014-04-23 15:03 - 07326512 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wkont14.dll
2014-05-19 15:09 - 2014-04-23 15:03 - 01285936 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wimp14.dll
2014-05-19 15:09 - 2014-04-23 15:03 - 01330480 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2014\wfabu14.dll
2014-05-19 18:52 - 2014-05-19 18:52 - 00374272 _____ () C:\Users\******\AppData\Roaming\BupSystem\sub\default.dll
2009-07-31 22:39 - 2009-07-31 22:39 - 00503202 _____ () C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll
2014-02-28 15:35 - 2014-02-28 15:35 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-28 15:23 - 2010-12-02 18:28 - 00143360 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2014-02-28 15:23 - 2010-06-21 16:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2014-02-28 15:23 - 2009-08-12 21:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2014-02-28 15:23 - 2011-02-17 12:10 - 01035776 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll
2014-02-28 15:23 - 2010-11-19 11:53 - 00963584 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2014-02-28 15:24 - 2010-12-01 13:33 - 01244672 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2014-02-28 15:24 - 2011-01-06 11:38 - 01027072 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2014-02-28 15:23 - 2010-09-27 21:51 - 00881664 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2014-02-28 15:23 - 2010-09-27 21:51 - 01607168 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2014-02-28 15:23 - 2010-11-19 11:55 - 01246208 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2014-02-28 15:23 - 2010-08-06 19:11 - 00850944 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2014-02-28 15:23 - 2010-08-06 19:13 - 00886272 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2014-02-28 15:23 - 2010-08-23 04:17 - 00662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMLib.dll
2014-02-28 15:23 - 2010-06-21 16:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\ImageHelper.dll
2014-04-19 22:28 - 2014-04-19 22:28 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-05-29 14:33 - 2014-05-29 14:33 - 16361136 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/29/2014 02:55:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/29/2014 02:41:54 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "H:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (05/29/2014 02:32:21 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/29/2014 02:32:21 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.
Kontext: Windows Anwendung
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/29/2014 02:32:21 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/29/2014 02:32:21 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490)
Error: (05/29/2014 02:32:20 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/29/2014 02:32:20 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800) (0xc0041800)
Error: (05/29/2014 02:32:20 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/29/2014 02:32:19 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4700} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
System errors:
=============
Error: (05/29/2014 02:54:33 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126
Error: (05/29/2014 02:32:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/29/2014 02:32:22 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535.
Error: (05/29/2014 02:31:37 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126
Error: (05/19/2014 06:59:52 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126
Error: (05/19/2014 06:52:04 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "BUP Service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (05/19/2014 06:51:11 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "Foxit Cloud Safe Update Service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (05/19/2014 03:12:21 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126
Error: (05/19/2014 02:40:45 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126
Error: (05/19/2014 02:39:14 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {06622D85-6856-4460-8DE1-A81921B41C4B}
Microsoft Office Sessions:
=========================
Error: (05/29/2014 02:55:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/29/2014 02:41:54 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: H:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)
Error: (05/29/2014 02:32:21 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/29/2014 02:32:21 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: Windows Anwendung
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/29/2014 02:32:21 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/29/2014 02:32:21 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer
Error: (05/29/2014 02:32:20 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore
Error: (05/29/2014 02:32:20 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800) (0xc0041800)
Error: (05/29/2014 02:32:20 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description:
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt
Error: (05/29/2014 02:32:19 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description:
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
4700
==================== Memory info ===========================
Percentage of memory in use: 40%
Total physical RAM: 4077.25 MB
Available physical RAM: 2434.75 MB
Total Pagefile: 8152.67 MB
Available Pagefile: 6190.33 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (System-reserviert) (Fixed) (Total:515.79 GB) (Free:464.09 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Volume) (Fixed) (Total:159.09 GB) (Free:158.96 GB) NTFS
Drive e: (Volume) (Fixed) (Total:256.63 GB) (Free:256.21 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: BB3026DC)
Partition 1: (Active) - (Size=516 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=159 GB) - (Type=05)
Partition 3: (Not Active) - (Size=257 GB) - (Type=07 NTFS)
==================== End Of Log ============================
 |
|
29.05.2014, 18:42
| #2 |
| | Problem mit hxxp://admin.true-secure.com/securita.php/?id=4157983&bro=FF Hier die Ausgabe von GMER als Zip-Datei im Anhang. Ich hoffe, dass das klappt; bin nicht gerade der Superuser
__________________ Vielen Dank schon mal im voraus für Eure Unterstützung bei der Lösung des Problems. Es grüßt Santana |
|
29.05.2014, 19:02
| #3 |
| | Problem mit hxxp://admin.true-secure.com/securita.php/?id=4157983&bro=FF Fast hätte ich das vergessen, hier ist das Ergebnis von
__________________Eset: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=dafdc59e5069554784c429d4f043f0c6
# engine=18459
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-29 03:22:23
# local_time=2014-05-29 05:22:23 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Internet Security'
# compatibility_mode=781 16777213 100 97 8889 7786027 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 6201 153006793 0 0
# scanned=163967
# found=3
# cleaned=0
# scan_time=4757
sh=B89EA0A2A74BF83394E3734F9C77A22345942043 ft=1 fh=2ce87ed2e8380392 vn="Variante von Win32/SoftonicDownloader.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\++++++\Downloads\SoftonicDownloader_fuer_foxit-reader.exe"
sh=9AE45158D5CE5A4EAB834877A9B0AEAB284B7BFD ft=0 fh=0000000000000000 vn="Win32/TrojanNotifier.Small.A Trojaner" ac=I fn="H:\LwC\Users\Chefin\Downloads\FireDLL.dll.gz"
sh=C1FEF49C4D78D962BEB4E6CF060DEFCFF77DBF8D ft=0 fh=0000000000000000 vn="Win32/SoftonicDownloader.E evtl. unerwünschte Anwendung" ac=I fn="H:\SANTANA-THINK\Backup Set 2013-02-10 194514\Backup Files 2013-02-10 194514\Backup files 1.zip"
|
|
30.05.2014, 15:02
| #4 |
| /// the machine /// TB-Ausbilder    | Problem mit hxxp://admin.true-secure.com/securita.php/?id=4157983&bro=FF hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
30.05.2014, 21:56
| #5 |
| | Problem mit hxxp://admin.true-secure.com/securita.php/?id=4157983&bro=FF Hi Schrauber, habe gerade erst meine E-Mails gescheckt, deshalb melde ich mich erst jetzt. Danke, dass Du mich bei dem Problem unterstützt. Hier die Ausgabe von Combofix Code:
ATTFilter Combofix Logfile: |
|
31.05.2014, 15:42
| #6 |
| /// the machine /// TB-Ausbilder | Problem mit hxxp://admin.true-secure.com/securita.php/?id=4157983&bro=FF Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Problem mit hxxp://admin.true-secure.com/securita.php/?id=4157983&bro=FF |
|
31.05.2014, 16:36
| #7 |
| | Problem mit hxxp://admin.true-secure.com/securita.php/?id=4157983&bro=FF Hallo Schrauber, auf geht's Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 31.05.2014 Suchlauf-Zeit: 16:50:43 Logdatei: mbam.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.05.31.05 Rootkit Datenbank: v2014.05.21.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: ****** Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 264729 Verstrichene Zeit: 4 Min, 24 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 4 Trojan.BHO, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{FCADDC14-BD46-408A-9842-CDBE1C6D37EB}, In Quarantäne, [61901a3d9fdc989e40c2281c29d93ec2], Trojan.BHO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{FCADDC14-BD46-408A-9842-CDBE1C6D37EB}, In Quarantäne, [61901a3d9fdc989e40c2281c29d93ec2], Trojan.BHO, HKU\S-1-5-21-3492184576-273459616-3862360488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{FCADDC14-BD46-408A-9842-CDBE1C6D37EB}, In Quarantäne, [61901a3d9fdc989e40c2281c29d93ec2], Trojan.BHO, HKU\S-1-5-21-3492184576-273459616-3862360488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{FCADDC14-BD46-408A-9842-CDBE1C6D37EB}, In Quarantäne, [61901a3d9fdc989e40c2281c29d93ec2], Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 2 Trojan.BHO, C:\Users\******\AppData\LocalLow\systems ie bho\bho.dll, In Quarantäne, [61901a3d9fdc989e40c2281c29d93ec2], PUP.Optional.Softonic.A, C:\Users\******\Downloads\SoftonicDownloader_fuer_foxit-reader.exe, In Quarantäne, [35bc0c4ba5d68ea8024676ab1ee36e92], Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by ****** on 31.05.2014 at 17:17:37,89
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3492184576-273459616-3862360488-1001\Software\Microsoft\Internet Explorer\Main\\Start Page
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
~~~ FireFox
Emptied folder: C:\Users\******\AppData\Roaming\mozilla\firefox\profiles\3ybwinz6.default\minidumps [3 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31.05.2014 at 17:22:22,17
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter # AdwCleaner v3.211 - Bericht erstellt am 31/05/2014 um 17:11:02
# Aktualisiert 26/05/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : ****** - ******-PC
# Gestartet von : C:\Users\******\Desktop\adwcleaner_3.211.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v29.0.1 (de)
[ Datei : C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\3ybwinz6.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [3029 octets] - [29/05/2014 15:33:13]
AdwCleaner[R1].txt - [3118 octets] - [29/05/2014 15:35:33]
AdwCleaner[R2].txt - [1182 octets] - [29/05/2014 15:43:05]
AdwCleaner[R3].txt - [1171 octets] - [29/05/2014 17:55:44]
AdwCleaner[R4].txt - [1231 octets] - [31/05/2014 17:09:54]
AdwCleaner[S0].txt - [354 octets] - [29/05/2014 15:34:49]
AdwCleaner[S1].txt - [3026 octets] - [29/05/2014 15:35:51]
AdwCleaner[S2].txt - [1153 octets] - [31/05/2014 17:11:02]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1213 octets] ##########
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by ****** (administrator) on REGINA-PC on 31-05-2014 17:26:59
Running from C:\Users\******\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3888648 2014-05-29] (AVAST Software)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2092032 2014-02-03] (Dominik Reichl)
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBAgent.exe [2037072 2014-05-10] (Nero AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKU\S-1-5-21-3492184576-273459616-3862360488-1001\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKCU - (No Name) - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {33CA35C9-04D0-45af-AED5-A938D3EAE75E} URL = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5369970905&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms}
SearchScopes: HKCU - {AAE7B4C9-BB83-402c-A0E3-C282FD18D9A8} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\3ybwinz6.default
FF DefaultSearchEngine: DuckDuckGo
FF SelectedSearchEngine: DuckDuckGo
FF Homepage: www.zeit.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF SearchPlugin: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\3ybwinz6.default\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Foxy Security - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\3ybwinz6.default\Extensions\sys@foxysecurity.com [2014-05-29]
FF Extension: Ghostery - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\3ybwinz6.default\Extensions\firefox@ghostery.com.xpi [2014-02-28]
FF Extension: DuckDuckGo Plus - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\3ybwinz6.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2014-03-02]
FF Extension: Deutsch (DE) Language Pack - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\3ybwinz6.default\Extensions\langpack-de@firefox.mozilla.org.xpi [2014-05-29]
FF Extension: Adblock Plus - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\3ybwinz6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-02]
FF Extension: BetterPrivacy - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\3ybwinz6.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2014-03-02]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-28]
==================== Services (Whitelisted) =================
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144 2010-11-03] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [915584 2010-12-02] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-19] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-05-29] (AVAST Software)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [241728 2014-03-11] (Foxit Corporation)
R2 NBService; C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe [265552 2014-05-10] (Nero AG)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-04-19] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-05-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-19] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [447888 2014-05-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-19] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-19] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-19] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-19] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-04-19] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [26624 2010-05-20] (Windows (R) Codename Longhorn DDK provider)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-31 17:26 - 2014-05-31 17:26 - 00011442 _____ () C:\Users\******\Desktop\FRST.txt
2014-05-31 17:22 - 2014-05-31 17:23 - 00001557 _____ () C:\Users\******\Desktop\JRT.txt
2014-05-31 17:17 - 2014-05-31 17:17 - 00000000 ____D () C:\Windows\ERUNT
2014-05-31 17:16 - 2014-05-31 17:16 - 00001293 _____ () C:\Users\******\Desktop\AdwCleaner.txt
2014-05-31 17:07 - 2014-05-31 17:08 - 00002205 _____ () C:\Users\******\Desktop\mbam.txt
2014-05-31 16:49 - 2014-05-31 17:04 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-31 16:48 - 2014-05-31 16:48 - 00001119 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-31 16:48 - 2014-05-31 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-05-31 16:48 - 2014-05-31 16:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-31 16:48 - 2014-05-31 16:48 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-05-31 16:48 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-31 16:48 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-31 16:48 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-31 16:47 - 2014-05-31 16:47 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\******\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-30 22:35 - 2014-05-30 22:35 - 00018270 _____ () C:\ComboFix.txt
2014-05-30 22:29 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-30 22:29 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-30 22:29 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-30 22:29 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-30 22:29 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-30 22:29 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-30 22:29 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-30 22:29 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-30 22:28 - 2014-05-30 22:35 - 00000000 ____D () C:\Qoobox
2014-05-30 22:28 - 2014-05-30 22:34 - 00000000 ____D () C:\Windows\erdnt
2014-05-30 22:26 - 2014-05-30 22:26 - 05203398 ____R (Swearware) C:\Users\******\Desktop\ComboFix.exe
2014-05-30 14:28 - 2014-05-30 14:28 - 22155104 _____ (Mozilla) C:\Users\******\Downloads\Thunderbird Setup 24.5.0.exe
2014-05-30 14:28 - 2014-05-30 14:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-05-30 14:27 - 2014-05-30 14:27 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-30 14:27 - 2014-05-30 14:27 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-30 14:27 - 2014-05-30 14:27 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-30 14:27 - 2014-05-30 14:27 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-05-30 14:27 - 2014-05-30 14:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-30 14:27 - 2014-05-30 14:27 - 00000000 ____D () C:\Program Files\Java
2014-05-30 14:26 - 2014-05-30 14:26 - 34131368 _____ (Oracle Corporation) C:\Users\******\Downloads\jre-8u5-windows-x64(1).exe
2014-05-29 19:37 - 2014-05-29 19:37 - 00000168 _____ () C:\Users\******\Desktop\defogger_reenable.zip
2014-05-29 19:37 - 2014-05-29 19:37 - 00000168 _____ () C:\Users\******\defogger_reenable.zip
2014-05-29 19:07 - 2014-05-29 19:07 - 01110476 _____ () C:\Users\******\Downloads\7z920(2).exe
2014-05-29 19:07 - 2014-05-29 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-05-29 19:07 - 2014-05-29 19:07 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-05-29 18:56 - 2014-05-29 18:56 - 01110476 _____ () C:\Users\******\Downloads\7z920(1).exe
2014-05-29 18:44 - 2014-05-29 18:44 - 01110476 _____ () C:\Users\******\Downloads\7z920.exe
2014-05-29 18:26 - 2014-05-29 18:27 - 00289308 _____ () C:\Users\******\Desktop\defogger_disable.log
2014-05-29 18:00 - 2014-05-29 18:00 - 00380416 _____ () C:\Users\******\Downloads\Gmer-19357.exe
2014-05-29 17:26 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-29 17:26 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-29 17:26 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-29 17:26 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-29 17:26 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-29 17:26 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-29 17:24 - 2014-05-29 17:25 - 00000474 _____ () C:\Users\******\Downloads\defogger_disable.log
2014-05-29 17:24 - 2014-05-29 17:24 - 00000000 _____ () C:\Users\******\defogger_reenable
2014-05-29 17:22 - 2014-05-29 17:22 - 00050477 _____ () C:\Users\******\Downloads\Defogger.exe
2014-05-29 17:04 - 2014-05-29 17:04 - 00001375 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk
2014-05-29 17:04 - 2014-05-29 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2014-05-29 17:02 - 2014-05-29 17:03 - 34131368 _____ (Oracle Corporation) C:\Users\******\Downloads\jre-8u5-windows-x64.exe
2014-05-29 17:01 - 2014-05-29 17:01 - 39187992 _____ (Foxit Corporation ) C:\Users\******\Downloads\FoxitReader620.0429_enu_Setup.exe
2014-05-29 16:59 - 2014-05-29 16:59 - 00000922 _____ () C:\Users\Public\Desktop\AIMP3.lnk
2014-05-29 16:59 - 2014-05-29 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3
2014-05-29 16:58 - 2014-05-29 16:58 - 07681400 _____ (AIMP DevTeam) C:\Users\******\Downloads\aimp_3.55.1345.exe
2014-05-29 16:57 - 2014-05-29 16:57 - 00264757 _____ () C:\Users\******\Downloads\FHSetup.exe
2014-05-29 16:57 - 2014-05-29 16:57 - 00002016 _____ () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
2014-05-29 16:57 - 2014-05-29 16:57 - 00001986 _____ () C:\Users\******\Desktop\Update Checker.lnk
2014-05-29 16:57 - 2014-05-29 16:57 - 00000000 ____D () C:\Program Files (x86)\FileHippo.com
2014-05-29 16:52 - 2014-05-29 16:52 - 00000000 __SHD () C:\Users\******\AppData\Local\EmieUserList
2014-05-29 16:52 - 2014-05-29 16:52 - 00000000 __SHD () C:\Users\******\AppData\Local\EmieSiteList
2014-05-29 16:52 - 2014-05-29 16:52 - 00000000 ____D () C:\Windows\pss
2014-05-29 16:49 - 2014-05-29 16:49 - 04748896 _____ (Piriform Ltd) C:\Users\******\Downloads\ccsetup414.exe
2014-05-29 16:47 - 2014-05-29 16:47 - 00003488 _____ () C:\Windows\System32\Tasks\****** NBAgent 15 0
2014-05-29 16:47 - 2014-05-29 16:47 - 00000000 ____D () C:\Users\******\Documents\Nero BackItUp Device Backup
2014-05-29 16:46 - 2014-05-29 16:46 - 00000000 ____D () C:\Users\******\AppData\Roaming\Nero
2014-05-29 16:45 - 2014-05-29 16:45 - 00002665 _____ () C:\Users\Public\Desktop\Nero BackItUp 2014.lnk
2014-05-29 16:45 - 2014-05-29 16:45 - 00000000 ____D () C:\Windows\System32\Tasks\Nero
2014-05-29 16:44 - 2014-05-29 16:46 - 00000000 ____D () C:\ProgramData\Nero
2014-05-29 16:44 - 2014-05-29 16:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2014-05-29 16:44 - 2014-05-29 16:45 - 00000000 ____D () C:\Program Files (x86)\Nero
2014-05-29 16:43 - 2014-05-29 16:43 - 42441496 _____ (Nero AG) C:\Users\******\Downloads\Nero_BackItUp2014-15.0.04200_free.exe
2014-05-29 15:57 - 2014-05-29 15:57 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-29 15:55 - 2014-05-29 15:55 - 02347384 _____ (ESET) C:\Users\******\Desktop\esetsmartinstaller_deu.exe
2014-05-29 15:52 - 2014-05-29 15:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-29 15:50 - 2014-05-29 15:51 - 00002040 _____ () C:\Users\******\Desktop\Rkill.txt
2014-05-29 15:50 - 2014-05-29 15:50 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\******\Downloads\rkill.com
2014-05-29 15:48 - 2014-05-29 15:48 - 01016261 _____ (Thisisu) C:\Users\******\Desktop\JRT.exe
2014-05-29 15:33 - 2014-05-31 17:11 - 00000000 ____D () C:\AdwCleaner
2014-05-29 15:33 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-29 15:31 - 2014-05-29 15:31 - 01327971 _____ () C:\Users\******\Desktop\adwcleaner_3.211.exe
2014-05-29 15:19 - 2014-05-31 17:26 - 00000000 ____D () C:\FRST
2014-05-29 15:19 - 2014-05-29 16:40 - 00049629 _____ () C:\Users\******\Downloads\FRST.txt
2014-05-29 15:12 - 2014-05-29 15:12 - 02066944 _____ (Farbar) C:\Users\******\Desktop\FRST64.exe
2014-05-29 14:54 - 2014-05-31 17:12 - 00002962 _____ () C:\Windows\PFRO.log
2014-05-29 14:52 - 2014-05-29 14:52 - 00001989 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-05-29 14:51 - 2014-05-29 14:51 - 00447888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-05-29 14:51 - 2014-05-29 14:51 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-05-29 14:49 - 2014-05-29 14:49 - 133421120 _____ (AVAST Software) C:\Users\******\Downloads\avast_internet_security_setup.exe
2014-05-29 14:44 - 2014-05-20 01:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-05-29 14:40 - 2014-05-20 04:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-29 14:40 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-05-29 14:40 - 2014-05-20 04:44 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-05-29 14:37 - 2014-05-29 14:37 - 00000000 ____D () C:\NVIDIA
2014-05-29 14:34 - 2014-05-31 16:31 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-29 14:34 - 2014-05-29 14:34 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-29 14:33 - 2014-05-29 15:42 - 00000000 ____D () C:\Users\******\Documents\Mein Steuer-Sparbuch Heute
2014-05-29 14:31 - 2014-05-31 17:14 - 00002260 _____ () C:\Windows\setupact.log
2014-05-29 14:31 - 2014-05-29 14:31 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-19 18:59 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-19 18:59 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-19 18:59 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-19 18:59 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-19 18:59 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-19 18:59 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-19 18:59 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-19 18:59 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-19 18:59 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-19 18:59 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-19 18:59 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-19 18:59 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-19 18:59 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-19 18:59 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-19 18:59 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-19 18:59 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-19 18:59 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-19 18:59 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-19 18:59 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-19 18:58 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-19 18:58 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-19 18:58 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-19 18:58 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-19 18:58 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-19 18:58 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-19 18:58 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-19 18:58 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-19 18:58 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-19 18:58 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-19 18:58 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-19 18:58 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-19 18:58 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-19 18:58 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-19 18:58 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-19 18:58 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-19 18:58 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-19 18:58 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-19 18:58 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-19 18:58 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-19 18:58 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-19 18:58 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-19 18:58 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-19 18:58 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-19 18:58 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-19 18:51 - 2014-05-19 18:52 - 00000000 ____D () C:\Users\******\AppData\Roaming\Security Systems
2014-05-19 18:51 - 2014-05-19 18:51 - 00000000 ____D () C:\Users\******\AppData\Roaming\Foxit Software
2014-05-19 18:51 - 2014-05-19 18:51 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-05-19 18:51 - 2014-05-19 18:51 - 00000000 ____D () C:\Program Files (x86)\Foxit Software
2014-05-19 18:31 - 2014-05-19 18:31 - 00000000 ____D () C:\Users\******\Documents\Steuer-Sparbuch
2014-05-19 18:00 - 2014-05-19 18:00 - 00000000 _____ () C:\Users\******\Sti_Trace.log
2014-05-19 16:06 - 2014-05-19 16:06 - 00000000 ____D () C:\Users\******\AppData\Roaming\Buhl Data Service
2014-05-19 16:06 - 2014-05-19 16:06 - 00000000 ____D () C:\Users\******\AppData\Local\Buhl Data Service
2014-05-19 15:30 - 2014-05-19 15:30 - 04745984 _____ (Piriform Ltd) C:\Users\******\Downloads\ccsetup413.exe
2014-05-19 15:19 - 2014-05-19 15:19 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-05-19 15:19 - 2014-05-19 15:19 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-05-19 15:16 - 2014-05-19 15:32 - 00000000 ____D () C:\Users\******\AppData\Roaming\Samsung
2014-05-19 15:16 - 2014-05-19 15:32 - 00000000 ____D () C:\Users\******\AppData\Local\Samsung
2014-05-19 15:16 - 2014-05-19 15:16 - 00000000 ____D () C:\Users\******\Documents\samsung
2014-05-19 15:16 - 2014-05-19 15:16 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2014-05-19 15:15 - 2014-05-19 15:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
2014-05-19 15:15 - 2014-04-11 10:39 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2014-05-19 15:15 - 2014-04-11 10:39 - 00708168 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2014-05-19 15:15 - 2014-04-11 10:39 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-05-19 15:15 - 2014-04-11 10:39 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-05-19 15:14 - 2014-05-19 15:32 - 00000000 ____D () C:\ProgramData\Samsung
2014-05-19 15:14 - 2014-05-19 15:32 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-05-19 15:14 - 2013-12-30 10:53 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\SysWOW64\Redemption.dll
2014-05-19 15:14 - 2013-12-30 10:53 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2014-05-19 15:13 - 2014-05-19 15:13 - 00000000 ____D () C:\Users\******\AppData\Local\Downloaded Installations
2014-05-19 15:12 - 2014-05-19 15:13 - 75879368 _____ (Samsung Electronics Co., Ltd.) C:\Users\******\Downloads\KiesSetup263.exe
2014-05-19 15:10 - 2014-05-19 16:11 - 00000622 _____ () C:\Windows\wiso.ini
2014-05-19 15:10 - 2014-05-19 15:58 - 00000000 ____D () C:\Users\******\AppData\Local\Buhl
2014-05-19 15:10 - 2014-05-19 15:10 - 00002112 _____ () C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2014.lnk
2014-05-19 15:10 - 2014-05-19 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Steuer-Sparbuch 2014
2014-05-19 15:09 - 2014-05-19 15:09 - 00000000 ____D () C:\Program Files (x86)\WISO
2014-05-19 15:08 - 2014-05-19 15:10 - 00000000 ____D () C:\ProgramData\Buhl Data Service GmbH
2014-05-19 14:54 - 2014-05-19 14:54 - 01038704 _____ (Amazon Services LLC) C:\Users\******\Downloads\WISO_Steuer_Sparbuch_2014_für_Steuerjahr_2013_Downloader.exe
2014-05-19 13:26 - 2014-05-19 13:26 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-19 13:19 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-19 13:19 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-19 13:19 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-19 13:19 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-19 13:19 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-19 13:19 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-19 13:19 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-19 13:19 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-19 13:19 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-19 13:19 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-19 13:19 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-19 13:19 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-19 13:19 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-19 13:19 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-19 13:19 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-19 13:19 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-19 13:19 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-19 13:19 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-19 13:19 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-19 13:19 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-19 13:19 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-19 13:19 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-19 13:19 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-19 13:19 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-19 13:19 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-19 13:19 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-19 13:19 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-19 13:19 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-19 13:19 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-19 13:19 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-19 13:19 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-19 13:19 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-19 13:19 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-19 13:19 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-19 13:19 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-19 13:19 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-19 13:19 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-19 13:19 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-19 13:19 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-19 13:19 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-19 13:19 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-19 13:19 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-19 13:19 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-19 13:19 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-19 13:19 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-19 13:18 - 2014-03-04 16:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-05-19 13:18 - 2014-03-04 16:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-05-19 13:12 - 2014-05-19 13:12 - 00000000 ____D () C:\Windows\Options
2014-05-19 13:12 - 2014-05-19 13:12 - 00000000 ____D () C:\ProgramData\TP-LINK
2014-05-19 13:12 - 2010-05-13 09:58 - 00007484 _____ () C:\Windows\system32\athurextx.cat
2014-05-19 13:12 - 2010-01-05 19:23 - 01847296 ____R (Atheros Communications, Inc.) C:\Windows\system32\athurx.sys
2014-05-19 13:12 - 2010-01-05 19:23 - 01847296 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athurx.sys
==================== One Month Modified Files and Folders =======
2014-05-31 17:27 - 2014-05-31 17:26 - 00011442 _____ () C:\Users\******\Desktop\FRST.txt
2014-05-31 17:26 - 2014-05-29 15:19 - 00000000 ____D () C:\FRST
2014-05-31 17:23 - 2014-05-31 17:22 - 00001557 _____ () C:\Users\******\Desktop\JRT.txt
2014-05-31 17:21 - 2009-07-14 06:45 - 00021856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-31 17:21 - 2009-07-14 06:45 - 00021856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-31 17:17 - 2014-05-31 17:17 - 00000000 ____D () C:\Windows\ERUNT
2014-05-31 17:16 - 2014-05-31 17:16 - 00001293 _____ () C:\Users\******\Desktop\AdwCleaner.txt
2014-05-31 17:14 - 2014-05-29 14:31 - 00002260 _____ () C:\Windows\setupact.log
2014-05-31 17:12 - 2014-05-29 14:54 - 00002962 _____ () C:\Windows\PFRO.log
2014-05-31 17:12 - 2014-02-28 15:40 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-31 17:12 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-31 17:11 - 2014-05-29 15:33 - 00000000 ____D () C:\AdwCleaner
2014-05-31 17:11 - 2014-02-28 14:47 - 01203378 _____ () C:\Windows\WindowsUpdate.log
2014-05-31 17:08 - 2014-05-31 17:07 - 00002205 _____ () C:\Users\******\Desktop\mbam.txt
2014-05-31 17:04 - 2014-05-31 16:49 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-31 16:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Branding
2014-05-31 16:48 - 2014-05-31 16:48 - 00001119 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-31 16:48 - 2014-05-31 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-05-31 16:48 - 2014-05-31 16:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-31 16:48 - 2014-05-31 16:48 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-05-31 16:47 - 2014-05-31 16:47 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\******\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-31 16:31 - 2014-05-29 14:34 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-30 23:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-30 22:35 - 2014-05-30 22:35 - 00018270 _____ () C:\ComboFix.txt
2014-05-30 22:35 - 2014-05-30 22:28 - 00000000 ____D () C:\Qoobox
2014-05-30 22:35 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-05-30 22:34 - 2014-05-30 22:28 - 00000000 ____D () C:\Windows\erdnt
2014-05-30 22:34 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-30 22:26 - 2014-05-30 22:26 - 05203398 ____R (Swearware) C:\Users\******\Desktop\ComboFix.exe
2014-05-30 22:22 - 2014-02-28 15:36 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-05-30 22:20 - 2014-02-28 16:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-30 14:28 - 2014-05-30 14:28 - 22155104 _____ (Mozilla) C:\Users\******\Downloads\Thunderbird Setup 24.5.0.exe
2014-05-30 14:28 - 2014-05-30 14:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-05-30 14:27 - 2014-05-30 14:27 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-30 14:27 - 2014-05-30 14:27 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-30 14:27 - 2014-05-30 14:27 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-30 14:27 - 2014-05-30 14:27 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-05-30 14:27 - 2014-05-30 14:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-30 14:27 - 2014-05-30 14:27 - 00000000 ____D () C:\Program Files\Java
2014-05-30 14:26 - 2014-05-30 14:26 - 34131368 _____ (Oracle Corporation) C:\Users\******\Downloads\jre-8u5-windows-x64(1).exe
2014-05-29 19:37 - 2014-05-29 19:37 - 00000168 _____ () C:\Users\******\Desktop\defogger_reenable.zip
2014-05-29 19:37 - 2014-05-29 19:37 - 00000168 _____ () C:\Users\******\defogger_reenable.zip
2014-05-29 19:37 - 2014-02-28 14:51 - 00000000 ____D () C:\Users\******
2014-05-29 19:07 - 2014-05-29 19:07 - 01110476 _____ () C:\Users\******\Downloads\7z920(2).exe
2014-05-29 19:07 - 2014-05-29 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-05-29 19:07 - 2014-05-29 19:07 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-05-29 18:56 - 2014-05-29 18:56 - 01110476 _____ () C:\Users\******\Downloads\7z920(1).exe
2014-05-29 18:44 - 2014-05-29 18:44 - 01110476 _____ () C:\Users\******\Downloads\7z920.exe
2014-05-29 18:27 - 2014-05-29 18:26 - 00289308 _____ () C:\Users\******\Desktop\defogger_disable.log
2014-05-29 18:00 - 2014-05-29 18:00 - 00380416 _____ () C:\Users\******\Downloads\Gmer-19357.exe
2014-05-29 17:25 - 2014-05-29 17:24 - 00000474 _____ () C:\Users\******\Downloads\defogger_disable.log
2014-05-29 17:24 - 2014-05-29 17:24 - 00000000 _____ () C:\Users\******\defogger_reenable
2014-05-29 17:22 - 2014-05-29 17:22 - 00050477 _____ () C:\Users\******\Downloads\Defogger.exe
2014-05-29 17:04 - 2014-05-29 17:04 - 00001375 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk
2014-05-29 17:04 - 2014-05-29 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2014-05-29 17:03 - 2014-05-29 17:02 - 34131368 _____ (Oracle Corporation) C:\Users\******\Downloads\jre-8u5-windows-x64.exe
2014-05-29 17:01 - 2014-05-29 17:01 - 39187992 _____ (Foxit Corporation ) C:\Users\******\Downloads\FoxitReader620.0429_enu_Setup.exe
2014-05-29 16:59 - 2014-05-29 16:59 - 00000922 _____ () C:\Users\Public\Desktop\AIMP3.lnk
2014-05-29 16:59 - 2014-05-29 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3
2014-05-29 16:59 - 2014-02-28 18:41 - 00000000 ____D () C:\Program Files (x86)\AIMP3
2014-05-29 16:58 - 2014-05-29 16:58 - 07681400 _____ (AIMP DevTeam) C:\Users\******\Downloads\aimp_3.55.1345.exe
2014-05-29 16:57 - 2014-05-29 16:57 - 00264757 _____ () C:\Users\******\Downloads\FHSetup.exe
2014-05-29 16:57 - 2014-05-29 16:57 - 00002016 _____ () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
2014-05-29 16:57 - 2014-05-29 16:57 - 00001986 _____ () C:\Users\******\Desktop\Update Checker.lnk
2014-05-29 16:57 - 2014-05-29 16:57 - 00000000 ____D () C:\Program Files (x86)\FileHippo.com
2014-05-29 16:52 - 2014-05-29 16:52 - 00000000 __SHD () C:\Users\******\AppData\Local\EmieUserList
2014-05-29 16:52 - 2014-05-29 16:52 - 00000000 __SHD () C:\Users\******\AppData\Local\EmieSiteList
2014-05-29 16:52 - 2014-05-29 16:52 - 00000000 ____D () C:\Windows\pss
2014-05-29 16:52 - 2014-02-28 15:35 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-29 16:52 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-29 16:51 - 2014-02-28 15:35 - 00000000 ____D () C:\Users\******\AppData\Local\Google
2014-05-29 16:50 - 2014-02-28 16:09 - 00000839 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-05-29 16:50 - 2014-02-28 16:09 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-29 16:49 - 2014-05-29 16:49 - 04748896 _____ (Piriform Ltd) C:\Users\******\Downloads\ccsetup414.exe
2014-05-29 16:47 - 2014-05-29 16:47 - 00003488 _____ () C:\Windows\System32\Tasks\****** NBAgent 15 0
2014-05-29 16:47 - 2014-05-29 16:47 - 00000000 ____D () C:\Users\******\Documents\Nero BackItUp Device Backup
2014-05-29 16:46 - 2014-05-29 16:46 - 00000000 ____D () C:\Users\******\AppData\Roaming\Nero
2014-05-29 16:46 - 2014-05-29 16:44 - 00000000 ____D () C:\ProgramData\Nero
2014-05-29 16:45 - 2014-05-29 16:45 - 00002665 _____ () C:\Users\Public\Desktop\Nero BackItUp 2014.lnk
2014-05-29 16:45 - 2014-05-29 16:45 - 00000000 ____D () C:\Windows\System32\Tasks\Nero
2014-05-29 16:45 - 2014-05-29 16:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2014-05-29 16:45 - 2014-05-29 16:44 - 00000000 ____D () C:\Program Files (x86)\Nero
2014-05-29 16:43 - 2014-05-29 16:43 - 42441496 _____ (Nero AG) C:\Users\******\Downloads\Nero_BackItUp2014-15.0.04200_free.exe
2014-05-29 16:40 - 2014-05-29 15:19 - 00049629 _____ () C:\Users\******\Downloads\FRST.txt
2014-05-29 16:36 - 2014-02-28 16:07 - 00000000 ____D () C:\Users\******\AppData\Local\Thunderbird
2014-05-29 16:06 - 2011-04-12 09:43 - 00698688 _____ () C:\Windows\system32\perfh007.dat
2014-05-29 16:06 - 2011-04-12 09:43 - 00148828 _____ () C:\Windows\system32\perfc007.dat
2014-05-29 16:06 - 2009-07-14 07:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-29 15:57 - 2014-05-29 15:57 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-29 15:55 - 2014-05-29 15:55 - 02347384 _____ (ESET) C:\Users\******\Desktop\esetsmartinstaller_deu.exe
2014-05-29 15:52 - 2014-05-29 15:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-29 15:51 - 2014-05-29 15:50 - 00002040 _____ () C:\Users\******\Desktop\Rkill.txt
2014-05-29 15:50 - 2014-05-29 15:50 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\******\Downloads\rkill.com
2014-05-29 15:48 - 2014-05-29 15:48 - 01016261 _____ (Thisisu) C:\Users\******\Desktop\JRT.exe
2014-05-29 15:42 - 2014-05-29 14:33 - 00000000 ____D () C:\Users\******\Documents\Mein Steuer-Sparbuch Heute
2014-05-29 15:31 - 2014-05-29 15:31 - 01327971 _____ () C:\Users\******\Desktop\adwcleaner_3.211.exe
2014-05-29 15:12 - 2014-05-29 15:12 - 02066944 _____ (Farbar) C:\Users\******\Desktop\FRST64.exe
2014-05-29 14:52 - 2014-05-29 14:52 - 00001989 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-05-29 14:52 - 2014-02-28 15:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-05-29 14:51 - 2014-05-29 14:51 - 00447888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-05-29 14:51 - 2014-05-29 14:51 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-05-29 14:49 - 2014-05-29 14:49 - 133421120 _____ (AVAST Software) C:\Users\******\Downloads\avast_internet_security_setup.exe
2014-05-29 14:44 - 2014-02-28 17:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-05-29 14:44 - 2014-02-28 15:39 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-05-29 14:37 - 2014-05-29 14:37 - 00000000 ____D () C:\NVIDIA
2014-05-29 14:34 - 2014-05-29 14:34 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-29 14:33 - 2014-02-28 16:19 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-29 14:33 - 2014-02-28 16:19 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-29 14:31 - 2014-05-29 14:31 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-29 14:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-20 04:44 - 2014-05-29 14:40 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-20 04:44 - 2014-05-29 14:40 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-05-20 04:44 - 2014-05-29 14:40 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-05-20 04:44 - 2014-02-28 17:36 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-05-20 04:44 - 2014-02-28 17:36 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-05-20 04:44 - 2014-02-28 17:36 - 14434704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-05-20 04:44 - 2014-02-28 17:36 - 03109248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-05-20 04:44 - 2014-02-28 17:36 - 02730208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-05-20 04:44 - 2014-02-28 17:36 - 00952952 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-05-20 04:44 - 2014-02-28 15:40 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-05-20 04:44 - 2014-02-28 15:40 - 00052056 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-05-20 04:44 - 2013-10-27 10:12 - 00026069 _____ () C:\Windows\system32\nvinfo.pb
2014-05-20 03:25 - 2014-02-28 15:40 - 06769096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-05-20 03:25 - 2014-02-28 15:40 - 03514144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-05-20 03:25 - 2014-02-28 15:40 - 02560968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-05-20 03:25 - 2014-02-28 15:40 - 00927520 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-05-20 03:25 - 2014-02-28 15:40 - 00387528 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-05-20 03:25 - 2014-02-28 15:40 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-05-20 01:10 - 2014-05-29 14:44 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-05-19 18:52 - 2014-05-19 18:51 - 00000000 ____D () C:\Users\******\AppData\Roaming\Security Systems
2014-05-19 18:51 - 2014-05-19 18:51 - 00000000 ____D () C:\Users\******\AppData\Roaming\Foxit Software
2014-05-19 18:51 - 2014-05-19 18:51 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-05-19 18:51 - 2014-05-19 18:51 - 00000000 ____D () C:\Program Files (x86)\Foxit Software
2014-05-19 18:31 - 2014-05-19 18:31 - 00000000 ____D () C:\Users\******\Documents\Steuer-Sparbuch
2014-05-19 18:00 - 2014-05-19 18:00 - 00000000 _____ () C:\Users\******\Sti_Trace.log
2014-05-19 16:11 - 2014-05-19 15:10 - 00000622 _____ () C:\Windows\wiso.ini
2014-05-19 16:06 - 2014-05-19 16:06 - 00000000 ____D () C:\Users\******\AppData\Roaming\Buhl Data Service
2014-05-19 16:06 - 2014-05-19 16:06 - 00000000 ____D () C:\Users\******\AppData\Local\Buhl Data Service
2014-05-19 15:58 - 2014-05-19 15:10 - 00000000 ____D () C:\Users\******\AppData\Local\Buhl
2014-05-19 15:56 - 2014-02-28 18:41 - 00000000 ____D () C:\Users\******\AppData\Roaming\AIMP3
2014-05-19 15:56 - 2014-02-28 14:43 - 00000000 ____D () C:\Windows\Panther
2014-05-19 15:32 - 2014-05-19 15:16 - 00000000 ____D () C:\Users\******\AppData\Roaming\Samsung
2014-05-19 15:32 - 2014-05-19 15:16 - 00000000 ____D () C:\Users\******\AppData\Local\Samsung
2014-05-19 15:32 - 2014-05-19 15:14 - 00000000 ____D () C:\ProgramData\Samsung
2014-05-19 15:32 - 2014-05-19 15:14 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-05-19 15:32 - 2014-02-28 15:08 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-19 15:30 - 2014-05-19 15:30 - 04745984 _____ (Piriform Ltd) C:\Users\******\Downloads\ccsetup413.exe
2014-05-19 15:19 - 2014-05-19 15:19 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-05-19 15:19 - 2014-05-19 15:19 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-05-19 15:16 - 2014-05-19 15:16 - 00000000 ____D () C:\Users\******\Documents\samsung
2014-05-19 15:16 - 2014-05-19 15:16 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2014-05-19 15:15 - 2014-05-19 15:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
2014-05-19 15:13 - 2014-05-19 15:13 - 00000000 ____D () C:\Users\******\AppData\Local\Downloaded Installations
2014-05-19 15:13 - 2014-05-19 15:12 - 75879368 _____ (Samsung Electronics Co., Ltd.) C:\Users\******\Downloads\KiesSetup263.exe
2014-05-19 15:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-19 15:10 - 2014-05-19 15:10 - 00002112 _____ () C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2014.lnk
2014-05-19 15:10 - 2014-05-19 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Steuer-Sparbuch 2014
2014-05-19 15:10 - 2014-05-19 15:08 - 00000000 ____D () C:\ProgramData\Buhl Data Service GmbH
2014-05-19 15:09 - 2014-05-19 15:09 - 00000000 ____D () C:\Program Files (x86)\WISO
2014-05-19 14:54 - 2014-05-19 14:54 - 01038704 _____ (Amazon Services LLC) C:\Users\******\Downloads\WISO_Steuer_Sparbuch_2014_für_Steuerjahr_2013_Downloader.exe
2014-05-19 13:32 - 2014-02-28 15:35 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-05-19 13:32 - 2014-02-28 15:35 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-19 13:32 - 2014-02-28 15:35 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-19 13:30 - 2014-02-28 14:52 - 00000000 ___RD () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-19 13:30 - 2014-02-28 14:52 - 00000000 ___RD () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-19 13:26 - 2014-05-19 13:26 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-19 13:24 - 2014-02-28 19:31 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-19 13:21 - 2014-02-28 19:31 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-19 13:12 - 2014-05-19 13:12 - 00000000 ____D () C:\Windows\Options
2014-05-19 13:12 - 2014-05-19 13:12 - 00000000 ____D () C:\ProgramData\TP-LINK
2014-05-15 01:49 - 2014-02-28 15:40 - 03774821 _____ () C:\Windows\system32\nvcoproc.bin
2014-05-12 07:26 - 2014-05-31 16:48 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-31 16:48 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-31 16:48 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-09 08:14 - 2014-05-19 13:19 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-19 13:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-06 06:40 - 2014-05-29 17:26 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-29 17:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-29 17:26 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-29 17:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-29 17:26 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-29 17:26 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
Some content of TEMP:
====================
C:\Users\******\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-30 15:29
==================== End Of Log ============================
Bin ich schon clean |
|
01.06.2014, 14:13
| #8 |
| /// the machine /// TB-Ausbilder | Problem mit hxxp://admin.true-secure.com/securita.php/?id=4157983&bro=FFESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.06.2014, 20:00
| #9 |
| | Problem mit hxxp://admin.true-secure.com/securita.php/?id=4157983&bro=FF Hallo Schrauben , eset online scanner läuft schon seit über 5 Stunden und hat leider bereits 4 infizierte Dateien gefunden, alle auf meiner externen Festplatte in Backups meines Notebooks. Soll ich weiter laufen lassen? Wenn ja, kann ich Dir die Ergebnisse erst morgen posten. Viele Grüße Santana |
|
02.06.2014, 18:34
| #10 |
| /// the machine /// TB-Ausbilder | Problem mit hxxp://admin.true-secure.com/securita.php/?id=4157983&bro=FF Ja mach mal, dann weisste auch was auf deinen Externen abgeht.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
02.06.2014, 19:04
| #11 |
| | Problem mit hxxp://admin.true-secure.com/securita.php/?id=4157983&bro=FF Hallo Schrauber, hier sind die Logfiles Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=dafdc59e5069554784c429d4f043f0c6
# engine=18459
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-29 03:22:23
# local_time=2014-05-29 05:22:23 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Internet Security'
# compatibility_mode=781 16777213 100 97 8889 7786027 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 6201 153006793 0 0
# scanned=163967
# found=3
# cleaned=0
# scan_time=4757
sh=B89EA0A2A74BF83394E3734F9C77A22345942043 ft=1 fh=2ce87ed2e8380392 vn="Variante von Win32/SoftonicDownloader.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\******\Downloads\SoftonicDownloader_fuer_foxit-reader.exe"
sh=9AE45158D5CE5A4EAB834877A9B0AEAB284B7BFD ft=0 fh=0000000000000000 vn="Win32/TrojanNotifier.Small.A Trojaner" ac=I fn="H:\LwC\Users\Chefin\Downloads\FireDLL.dll.gz"
sh=C1FEF49C4D78D962BEB4E6CF060DEFCFF77DBF8D ft=0 fh=0000000000000000 vn="Win32/SoftonicDownloader.E evtl. unerwünschte Anwendung" ac=I fn="H:\SANTANA-THINK\Backup Set 2013-02-10 194514\Backup Files 2013-02-10 194514\Backup files 1.zip"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=dafdc59e5069554784c429d4f043f0c6
# engine=18498
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-06-01 07:37:32
# local_time=2014-06-01 09:37:32 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Internet Security'
# compatibility_mode=781 16777213 100 97 170200 8060536 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 90100 153281302 0 0
# scanned=166101
# found=4
# cleaned=0
# scan_time=21704
sh=9AE45158D5CE5A4EAB834877A9B0AEAB284B7BFD ft=0 fh=0000000000000000 vn="Win32/TrojanNotifier.Small.A Trojaner" ac=I fn="H:\LwC\Users\Chefin\Downloads\FireDLL.dll.gz"
sh=C1FEF49C4D78D962BEB4E6CF060DEFCFF77DBF8D ft=0 fh=0000000000000000 vn="Win32/SoftonicDownloader.E evtl. unerwünschte Anwendung" ac=I fn="H:\SANTANA-THINK\Backup Set 2013-02-10 194514\Backup Files 2013-02-10 194514\Backup files 1.zip"
sh=103F4B8CE1456B04E870BD581625480690C86C3D ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.E evtl. unerwünschte Anwendung" ac=I fn="H:\SANTANA-THINK\Backup Set 2013-02-10 194514\Backup Files 2013-02-10 194514\Backup files 24.zip"
sh=49A9F8AEE3DACEC3D6E85733A97F45A193075E41 ft=0 fh=0000000000000000 vn="Variante von Win32/Speedchecker.A evtl. unerwünschte Anwendung" ac=I fn="H:\SANTANA-THINK\Backup Set 2013-02-10 194514\Backup Files 2013-02-10 194514\Backup files 26.zip"
Code:
ATTFilter Results of screen317's Security Check version 0.99.83 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` avast! Antivirus Antivirus out of date! `````````Anti-malware/Other Utilities Check:````````` SpywareBlaster 5.0 Secunia PSI (3.0.0.9016) Java 7 Update 51 Java version out of Date! Adobe Flash Player 13.0.0.214 Mozilla Firefox (29.0.1) Mozilla Thunderbird (24.5.0) ````````Process Check: objlist.exe by Laurent```````` WinPatrol winpatrol.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Malwarebytes Anti-Malware mbamscheduler.exe AVAST Software Avast AvastSvc.exe AVAST Software Avast afwServ.exe AVAST Software Avast avastui.exe BillP Studios WinPatrol WinPatrol.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-06-2014 01 Ran by ****** (administrator) on ******-PC on 01-06-2014 21:56:01 Running from C:\Users\******\Desktop Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe () C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe () C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe (Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe (Nero AG) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Nero AG) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBAgent.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation) HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3888648 2014-05-29] (AVAST Software) HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2092032 2014-02-03] (Dominik Reichl) HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBAgent.exe [2037072 2014-05-10] (Nero AG) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation) HKU\S-1-5-21-3492184576-273459616-3862360488-1001\...\Run: [WinPatrol] => C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [533568 2014-04-23] (BillP Studios) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch URLSearchHook: HKCU - (No Name) - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - No File StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKCU - DefaultScope {AAE7B4C9-BB83-402c-A0E3-C282FD18D9A8} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB SearchScopes: HKCU - {33CA35C9-04D0-45af-AED5-A938D3EAE75E} URL = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5369970905&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms} SearchScopes: HKCU - {AAE7B4C9-BB83-402c-A0E3-C282FD18D9A8} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\3ybwinz6.default FF DefaultSearchEngine: DuckDuckGo FF SelectedSearchEngine: DuckDuckGo FF Homepage: www.zeit.de FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll () FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF SearchPlugin: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\3ybwinz6.default\searchplugins\duckduckgo.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Foxy Security - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\3ybwinz6.default\Extensions\sys@foxysecurity.com [2014-05-29] FF Extension: WOT - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\3ybwinz6.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-05-31] FF Extension: Ghostery - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\3ybwinz6.default\Extensions\firefox@ghostery.com.xpi [2014-02-28] FF Extension: DuckDuckGo Plus - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\3ybwinz6.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2014-03-02] FF Extension: Deutsch (DE) Language Pack - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\3ybwinz6.default\Extensions\langpack-de@firefox.mozilla.org.xpi [2014-05-29] FF Extension: NoScript - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\3ybwinz6.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-05-31] FF Extension: Adblock Plus - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\3ybwinz6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-02] FF Extension: BetterPrivacy - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\3ybwinz6.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2014-03-02] FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-28] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-28] ==================== Services (Whitelisted) ================= R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144 2010-11-03] () R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [915584 2010-12-02] () R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] () R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-19] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-05-29] (AVAST Software) R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [241728 2014-03-11] (Foxit Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 NBService; C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe [265552 2014-05-10] (Nero AG) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation) R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia) R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia) ==================== Drivers (Whitelisted) ==================== U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] () R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] () R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-04-19] () R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-05-29] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-19] (AVAST Software) R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [447888 2014-05-29] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-19] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-19] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-19] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-19] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-19] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-04-19] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-01] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation) R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia) R2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [26624 2010-05-20] (Windows (R) Codename Longhorn DDK provider) S3 catchme; \??\C:\ComboFix\catchme.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-01 21:54 - 2014-06-01 21:55 - 02067456 _____ (Farbar) C:\Users\******\Desktop\FRST64.exe 2014-06-01 21:46 - 2014-06-01 21:46 - 00001133 _____ () C:\Users\******\Desktop\checkup.txt 2014-06-01 15:30 - 2014-06-01 15:30 - 00854367 _____ () C:\Users\******\Desktop\SecurityCheck.exe 2014-05-31 18:28 - 2014-05-31 18:28 - 00001086 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk 2014-05-31 18:28 - 2014-05-31 18:28 - 00000000 ____D () C:\Users\******\AppData\Local\Secunia PSI 2014-05-31 18:28 - 2014-05-31 18:28 - 00000000 ____D () C:\Program Files (x86)\Secunia 2014-05-31 18:26 - 2014-05-31 18:27 - 05329480 _____ (Secunia) C:\Users\******\Downloads\PSISetup_3.0.0.9016.exe 2014-05-31 18:17 - 2014-05-31 18:17 - 00448512 _____ (OldTimer Tools) C:\Users\******\Downloads\TFC.exe 2014-05-31 18:11 - 2014-05-31 18:11 - 00000000 ____D () C:\Users\******\AppData\Roaming\WinPatrol 2014-05-31 18:11 - 2014-05-31 18:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol 2014-05-31 18:11 - 2014-05-31 18:11 - 00000000 ____D () C:\ProgramData\InstallMate 2014-05-31 18:11 - 2014-05-31 18:11 - 00000000 ____D () C:\Program Files (x86)\BillP Studios 2014-05-31 18:10 - 2014-05-31 18:10 - 01130536 _____ (BillP Studios) C:\Users\******\Downloads\wpsetup.exe 2014-05-31 18:06 - 2014-05-31 18:08 - 00000000 ____D () C:\ProgramData\TEMP 2014-05-31 18:06 - 2014-05-31 18:07 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster 2014-05-31 18:06 - 2014-05-31 18:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster 2014-05-31 18:06 - 2014-05-31 18:06 - 00000000 ____D () C:\ProgramData\Licenses 2014-05-31 18:06 - 2011-11-04 05:13 - 01070352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX 2014-05-31 17:26 - 2014-06-01 21:56 - 00013531 _____ () C:\Users\******\Desktop\FRST.txt 2014-05-31 17:22 - 2014-05-31 17:23 - 00001557 _____ () C:\Users\******\Desktop\JRT.txt 2014-05-31 17:17 - 2014-05-31 17:17 - 00000000 ____D () C:\Windows\ERUNT 2014-05-31 17:16 - 2014-05-31 17:16 - 00001293 _____ () C:\Users\******\Desktop\AdwCleaner.txt 2014-05-31 17:07 - 2014-05-31 17:08 - 00002205 _____ () C:\Users\******\Desktop\mbam.txt 2014-05-31 16:49 - 2014-06-01 15:55 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-31 16:48 - 2014-05-31 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-31 16:48 - 2014-05-31 16:48 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-31 16:48 - 2014-05-31 16:48 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-05-31 16:48 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-05-31 16:48 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-05-31 16:48 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-05-31 16:47 - 2014-05-31 16:47 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\******\Downloads\mbam-setup-2.0.2.1012.exe 2014-05-30 22:35 - 2014-05-30 22:35 - 00018270 _____ () C:\ComboFix.txt 2014-05-30 22:35 - 2014-05-30 22:35 - 00000000 ____D () C:\Users\Public\AppData\Local\temp 2014-05-30 22:35 - 2014-05-30 22:35 - 00000000 ____D () C:\Users\Default\AppData\Local\temp 2014-05-30 22:35 - 2014-05-30 22:35 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp 2014-05-30 22:29 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-05-30 22:29 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-05-30 22:29 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-05-30 22:29 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-05-30 22:29 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-05-30 22:29 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2014-05-30 22:29 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2014-05-30 22:29 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2014-05-30 22:28 - 2014-05-30 22:35 - 00000000 ____D () C:\Qoobox 2014-05-30 22:28 - 2014-05-30 22:34 - 00000000 ____D () C:\Windows\erdnt 2014-05-30 14:28 - 2014-05-30 14:28 - 22155104 _____ (Mozilla) C:\Users\******\Downloads\Thunderbird Setup 24.5.0.exe 2014-05-30 14:28 - 2014-05-30 14:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-05-30 14:27 - 2014-05-30 14:27 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-05-30 14:27 - 2014-05-30 14:27 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-05-30 14:27 - 2014-05-30 14:27 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-05-30 14:27 - 2014-05-30 14:27 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2014-05-30 14:27 - 2014-05-30 14:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-05-30 14:27 - 2014-05-30 14:27 - 00000000 ____D () C:\Program Files\Java 2014-05-30 14:26 - 2014-05-30 14:26 - 34131368 _____ (Oracle Corporation) C:\Users\******\Downloads\jre-8u5-windows-x64(1).exe 2014-05-29 19:37 - 2014-05-29 19:37 - 00000168 _____ () C:\Users\******\defogger_reenable.zip 2014-05-29 19:07 - 2014-05-29 19:07 - 01110476 _____ () C:\Users\******\Downloads\7z920(2).exe 2014-05-29 19:07 - 2014-05-29 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2014-05-29 19:07 - 2014-05-29 19:07 - 00000000 ____D () C:\Program Files (x86)\7-Zip 2014-05-29 18:56 - 2014-05-29 18:56 - 01110476 _____ () C:\Users\******\Downloads\7z920(1).exe 2014-05-29 18:44 - 2014-05-29 18:44 - 01110476 _____ () C:\Users\******\Downloads\7z920.exe 2014-05-29 18:00 - 2014-05-29 18:00 - 00380416 _____ () C:\Users\******\Downloads\Gmer-19357.exe 2014-05-29 17:26 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-29 17:26 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-29 17:26 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-29 17:26 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-29 17:26 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-29 17:26 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-29 17:24 - 2014-05-29 17:25 - 00000474 _____ () C:\Users\******\Downloads\defogger_disable.log 2014-05-29 17:24 - 2014-05-29 17:24 - 00000000 _____ () C:\Users\******\defogger_reenable 2014-05-29 17:22 - 2014-05-29 17:22 - 00050477 _____ () C:\Users\******\Downloads\Defogger.exe 2014-05-29 17:04 - 2014-05-29 17:04 - 00001375 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk 2014-05-29 17:04 - 2014-05-29 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader 2014-05-29 17:02 - 2014-05-29 17:03 - 34131368 _____ (Oracle Corporation) C:\Users\******\Downloads\jre-8u5-windows-x64.exe 2014-05-29 17:01 - 2014-05-29 17:01 - 39187992 _____ (Foxit Corporation ) C:\Users\******\Downloads\FoxitReader620.0429_enu_Setup.exe 2014-05-29 16:59 - 2014-05-29 16:59 - 00000922 _____ () C:\Users\Public\Desktop\AIMP3.lnk 2014-05-29 16:59 - 2014-05-29 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3 2014-05-29 16:58 - 2014-05-29 16:58 - 07681400 _____ (AIMP DevTeam) C:\Users\******\Downloads\aimp_3.55.1345.exe 2014-05-29 16:57 - 2014-05-31 18:31 - 00000000 ____D () C:\Program Files (x86)\FileHippo.com 2014-05-29 16:57 - 2014-05-29 16:57 - 00264757 _____ () C:\Users\******\Downloads\FHSetup.exe 2014-05-29 16:52 - 2014-05-29 16:52 - 00000000 __SHD () C:\Users\******\AppData\Local\EmieUserList 2014-05-29 16:52 - 2014-05-29 16:52 - 00000000 __SHD () C:\Users\******\AppData\Local\EmieSiteList 2014-05-29 16:52 - 2014-05-29 16:52 - 00000000 ____D () C:\Windows\pss 2014-05-29 16:49 - 2014-05-29 16:49 - 04748896 _____ (Piriform Ltd) C:\Users\******\Downloads\ccsetup414.exe 2014-05-29 16:47 - 2014-05-29 16:47 - 00003488 _____ () C:\Windows\System32\Tasks\****** NBAgent 15 0 2014-05-29 16:47 - 2014-05-29 16:47 - 00000000 ____D () C:\Users\******\Documents\Nero BackItUp Device Backup 2014-05-29 16:46 - 2014-05-29 16:46 - 00000000 ____D () C:\Users\******\AppData\Roaming\Nero 2014-05-29 16:45 - 2014-05-29 16:45 - 00002665 _____ () C:\Users\Public\Desktop\Nero BackItUp 2014.lnk 2014-05-29 16:45 - 2014-05-29 16:45 - 00000000 ____D () C:\Windows\System32\Tasks\Nero 2014-05-29 16:44 - 2014-05-29 16:46 - 00000000 ____D () C:\ProgramData\Nero 2014-05-29 16:44 - 2014-05-29 16:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2014-05-29 16:44 - 2014-05-29 16:45 - 00000000 ____D () C:\Program Files (x86)\Nero 2014-05-29 16:43 - 2014-05-29 16:43 - 42441496 _____ (Nero AG) C:\Users\******\Downloads\Nero_BackItUp2014-15.0.04200_free.exe 2014-05-29 15:57 - 2014-05-29 15:57 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-05-29 15:55 - 2014-05-29 15:55 - 02347384 _____ (ESET) C:\Users\******\Desktop\esetsmartinstaller_deu.exe 2014-05-29 15:52 - 2014-05-29 15:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-05-29 15:50 - 2014-05-29 15:50 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\******\Downloads\rkill.com 2014-05-29 15:33 - 2014-05-31 17:11 - 00000000 ____D () C:\AdwCleaner 2014-05-29 15:33 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-05-29 15:19 - 2014-06-01 21:56 - 00000000 ____D () C:\FRST 2014-05-29 15:19 - 2014-05-29 16:40 - 00049629 _____ () C:\Users\******\Downloads\FRST.txt 2014-05-29 14:54 - 2014-06-01 15:19 - 00003774 _____ () C:\Windows\PFRO.log 2014-05-29 14:51 - 2014-05-29 14:51 - 00447888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys 2014-05-29 14:51 - 2014-05-29 14:51 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2014-05-29 14:49 - 2014-05-29 14:49 - 133421120 _____ (AVAST Software) C:\Users\******\Downloads\avast_internet_security_setup.exe 2014-05-29 14:44 - 2014-05-20 01:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2014-05-29 14:40 - 2014-05-20 04:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2014-05-29 14:40 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2014-05-29 14:40 - 2014-05-20 04:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2014-05-29 14:40 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2014-05-29 14:40 - 2014-05-20 04:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2014-05-29 14:40 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2014-05-29 14:40 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2014-05-29 14:40 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2014-05-29 14:40 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2014-05-29 14:40 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2014-05-29 14:40 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2014-05-29 14:40 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2014-05-29 14:40 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2014-05-29 14:40 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2014-05-29 14:40 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll 2014-05-29 14:40 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll 2014-05-29 14:40 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2014-05-29 14:40 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2014-05-29 14:40 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2014-05-29 14:40 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2014-05-29 14:40 - 2014-05-20 04:44 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2014-05-29 14:40 - 2014-05-20 04:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2014-05-29 14:40 - 2014-05-20 04:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2014-05-29 14:40 - 2014-05-20 04:44 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2014-05-29 14:40 - 2014-05-20 04:44 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2014-05-29 14:37 - 2014-05-29 14:37 - 00000000 ____D () C:\NVIDIA 2014-05-29 14:34 - 2014-06-01 21:31 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-05-29 14:34 - 2014-05-29 14:34 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-05-29 14:33 - 2014-05-29 15:42 - 00000000 ____D () C:\Users\******\Documents\Mein Steuer-Sparbuch Heute 2014-05-29 14:31 - 2014-06-01 15:24 - 00004018 _____ () C:\Windows\setupact.log 2014-05-29 14:31 - 2014-05-29 14:31 - 00000000 _____ () C:\Windows\setuperr.log 2014-05-19 18:59 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-05-19 18:59 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-05-19 18:59 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-05-19 18:59 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-05-19 18:59 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-05-19 18:59 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-05-19 18:59 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-05-19 18:59 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-05-19 18:59 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-05-19 18:59 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-05-19 18:59 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-05-19 18:59 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-05-19 18:59 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-05-19 18:59 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-05-19 18:59 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-05-19 18:59 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-05-19 18:59 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-05-19 18:59 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-05-19 18:59 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-05-19 18:58 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-05-19 18:58 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-05-19 18:58 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-05-19 18:58 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-05-19 18:58 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-05-19 18:58 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-05-19 18:58 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-05-19 18:58 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-05-19 18:58 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-05-19 18:58 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-05-19 18:58 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-05-19 18:58 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-05-19 18:58 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-05-19 18:58 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-05-19 18:58 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-05-19 18:58 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-05-19 18:58 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-05-19 18:58 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-05-19 18:58 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-05-19 18:58 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-05-19 18:58 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-05-19 18:58 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-05-19 18:58 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-05-19 18:58 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-05-19 18:58 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-05-19 18:51 - 2014-05-19 18:52 - 00000000 ____D () C:\Users\******\AppData\Roaming\Security Systems 2014-05-19 18:51 - 2014-05-19 18:51 - 00000000 ____D () C:\Users\******\AppData\Roaming\Foxit Software 2014-05-19 18:51 - 2014-05-19 18:51 - 00000000 ____D () C:\Users\Public\Foxit Software 2014-05-19 18:51 - 2014-05-19 18:51 - 00000000 ____D () C:\Program Files (x86)\Foxit Software 2014-05-19 18:31 - 2014-05-19 18:31 - 00000000 ____D () C:\Users\******\Documents\Steuer-Sparbuch 2014-05-19 18:00 - 2014-05-19 18:00 - 00000000 _____ () C:\Users\******\Sti_Trace.log 2014-05-19 16:06 - 2014-05-19 16:06 - 00000000 ____D () C:\Users\******\AppData\Roaming\Buhl Data Service 2014-05-19 16:06 - 2014-05-19 16:06 - 00000000 ____D () C:\Users\******\AppData\Local\Buhl Data Service 2014-05-19 15:30 - 2014-05-19 15:30 - 04745984 _____ (Piriform Ltd) C:\Users\******\Downloads\ccsetup413.exe 2014-05-19 15:19 - 2014-05-19 15:19 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2014-05-19 15:19 - 2014-05-19 15:19 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf 2014-05-19 15:16 - 2014-05-19 15:32 - 00000000 ____D () C:\Users\******\AppData\Roaming\Samsung 2014-05-19 15:16 - 2014-05-19 15:32 - 00000000 ____D () C:\Users\******\AppData\Local\Samsung 2014-05-19 15:16 - 2014-05-19 15:16 - 00000000 ____D () C:\Users\******\Documents\samsung 2014-05-19 15:16 - 2014-05-19 15:16 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log 2014-05-19 15:15 - 2014-05-19 15:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec 2014-05-19 15:15 - 2014-04-11 10:39 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll 2014-05-19 15:15 - 2014-04-11 10:39 - 00708168 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll 2014-05-19 15:15 - 2014-04-11 10:39 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys 2014-05-19 15:15 - 2014-04-11 10:39 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys 2014-05-19 15:14 - 2014-05-19 15:32 - 00000000 ____D () C:\ProgramData\Samsung 2014-05-19 15:14 - 2014-05-19 15:32 - 00000000 ____D () C:\Program Files (x86)\Samsung 2014-05-19 15:14 - 2013-12-30 10:53 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\SysWOW64\Redemption.dll 2014-05-19 15:14 - 2013-12-30 10:53 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll 2014-05-19 15:13 - 2014-05-19 15:13 - 00000000 ____D () C:\Users\******\AppData\Local\Downloaded Installations 2014-05-19 15:12 - 2014-05-19 15:13 - 75879368 _____ (Samsung Electronics Co., Ltd.) C:\Users\******\Downloads\KiesSetup263.exe 2014-05-19 15:10 - 2014-05-19 16:11 - 00000622 _____ () C:\Windows\wiso.ini 2014-05-19 15:10 - 2014-05-19 15:58 - 00000000 ____D () C:\Users\******\AppData\Local\Buhl 2014-05-19 15:10 - 2014-05-19 15:10 - 00002112 _____ () C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2014.lnk 2014-05-19 15:10 - 2014-05-19 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Steuer-Sparbuch 2014 2014-05-19 15:09 - 2014-05-19 15:09 - 00000000 ____D () C:\Program Files (x86)\WISO 2014-05-19 15:08 - 2014-05-19 15:10 - 00000000 ____D () C:\ProgramData\Buhl Data Service GmbH 2014-05-19 14:54 - 2014-05-19 14:54 - 01038704 _____ (Amazon Services LLC) C:\Users\******\Downloads\WISO_Steuer_Sparbuch_2014_für_Steuerjahr_2013_Downloader.exe 2014-05-19 13:26 - 2014-05-19 13:26 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-05-19 13:19 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-05-19 13:19 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-05-19 13:19 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-05-19 13:19 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2014-05-19 13:19 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-05-19 13:19 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2014-05-19 13:19 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2014-05-19 13:19 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2014-05-19 13:19 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2014-05-19 13:19 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-05-19 13:19 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-05-19 13:19 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-05-19 13:19 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-05-19 13:19 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-05-19 13:19 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-05-19 13:19 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2014-05-19 13:19 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2014-05-19 13:19 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-05-19 13:19 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-05-19 13:19 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-05-19 13:19 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-05-19 13:19 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll 2014-05-19 13:19 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-05-19 13:19 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll 2014-05-19 13:19 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll 2014-05-19 13:19 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll 2014-05-19 13:19 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll 2014-05-19 13:19 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll 2014-05-19 13:19 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-05-19 13:19 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2014-05-19 13:19 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2014-05-19 13:19 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-05-19 13:19 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll 2014-05-19 13:19 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-05-19 13:19 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-05-19 13:19 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-05-19 13:19 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-05-19 13:19 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll 2014-05-19 13:19 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll 2014-05-19 13:19 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll 2014-05-19 13:19 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll 2014-05-19 13:19 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll 2014-05-19 13:19 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll 2014-05-19 13:19 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-05-19 13:19 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2014-05-19 13:18 - 2014-03-04 16:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll 2014-05-19 13:18 - 2014-03-04 16:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll 2014-05-19 13:12 - 2014-05-19 13:12 - 00000000 ____D () C:\Windows\Options 2014-05-19 13:12 - 2014-05-19 13:12 - 00000000 ____D () C:\ProgramData\TP-LINK 2014-05-19 13:12 - 2010-05-13 09:58 - 00007484 _____ () C:\Windows\system32\athurextx.cat 2014-05-19 13:12 - 2010-01-05 19:23 - 01847296 ____R (Atheros Communications, Inc.) C:\Windows\system32\athurx.sys 2014-05-19 13:12 - 2010-01-05 19:23 - 01847296 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athurx.sys ==================== One Month Modified Files and Folders ======= 2014-06-01 21:56 - 2014-05-31 17:26 - 00013531 _____ () C:\Users\******\Desktop\FRST.txt 2014-06-01 21:56 - 2014-05-29 15:19 - 00000000 ____D () C:\FRST 2014-06-01 21:56 - 2014-02-28 14:51 - 00000000 ____D () C:\Users\******\AppData\Local\Temp 2014-06-01 21:55 - 2014-06-01 21:54 - 02067456 _____ (Farbar) C:\Users\******\Desktop\FRST64.exe 2014-06-01 21:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-06-01 21:46 - 2014-06-01 21:46 - 00001133 _____ () C:\Users\******\Desktop\checkup.txt 2014-06-01 21:31 - 2014-05-29 14:34 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-06-01 15:55 - 2014-05-31 16:49 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-06-01 15:30 - 2014-06-01 15:30 - 00854367 _____ () C:\Users\******\Desktop\SecurityCheck.exe 2014-06-01 15:27 - 2011-04-12 09:43 - 00698688 _____ () C:\Windows\system32\perfh007.dat 2014-06-01 15:27 - 2011-04-12 09:43 - 00148828 _____ () C:\Windows\system32\perfc007.dat 2014-06-01 15:27 - 2009-07-14 07:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-06-01 15:27 - 2009-07-14 06:45 - 00021856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-06-01 15:27 - 2009-07-14 06:45 - 00021856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-06-01 15:24 - 2014-05-29 14:31 - 00004018 _____ () C:\Windows\setupact.log 2014-06-01 15:19 - 2014-05-29 14:54 - 00003774 _____ () C:\Windows\PFRO.log 2014-06-01 15:19 - 2014-02-28 15:40 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-06-01 15:19 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-05-31 20:35 - 2014-02-28 14:47 - 01258612 _____ () C:\Windows\WindowsUpdate.log 2014-05-31 18:31 - 2014-05-29 16:57 - 00000000 ____D () C:\Program Files (x86)\FileHippo.com 2014-05-31 18:28 - 2014-05-31 18:28 - 00001086 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk 2014-05-31 18:28 - 2014-05-31 18:28 - 00000000 ____D () C:\Users\******\AppData\Local\Secunia PSI 2014-05-31 18:28 - 2014-05-31 18:28 - 00000000 ____D () C:\Program Files (x86)\Secunia 2014-05-31 18:28 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-31 18:27 - 2014-05-31 18:26 - 05329480 _____ (Secunia) C:\Users\******\Downloads\PSISetup_3.0.0.9016.exe 2014-05-31 18:17 - 2014-05-31 18:17 - 00448512 _____ (OldTimer Tools) C:\Users\******\Downloads\TFC.exe 2014-05-31 18:11 - 2014-05-31 18:11 - 00000000 ____D () C:\Users\******\AppData\Roaming\WinPatrol 2014-05-31 18:11 - 2014-05-31 18:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol 2014-05-31 18:11 - 2014-05-31 18:11 - 00000000 ____D () C:\ProgramData\InstallMate 2014-05-31 18:11 - 2014-05-31 18:11 - 00000000 ____D () C:\Program Files (x86)\BillP Studios 2014-05-31 18:10 - 2014-05-31 18:10 - 01130536 _____ (BillP Studios) C:\Users\******\Downloads\wpsetup.exe 2014-05-31 18:08 - 2014-05-31 18:06 - 00000000 ____D () C:\ProgramData\TEMP 2014-05-31 18:07 - 2014-05-31 18:06 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster 2014-05-31 18:06 - 2014-05-31 18:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster 2014-05-31 18:06 - 2014-05-31 18:06 - 00000000 ____D () C:\ProgramData\Licenses 2014-05-31 17:23 - 2014-05-31 17:22 - 00001557 _____ () C:\Users\******\Desktop\JRT.txt 2014-05-31 17:17 - 2014-05-31 17:17 - 00000000 ____D () C:\Windows\ERUNT 2014-05-31 17:16 - 2014-05-31 17:16 - 00001293 _____ () C:\Users\******\Desktop\AdwCleaner.txt 2014-05-31 17:11 - 2014-05-29 15:33 - 00000000 ____D () C:\AdwCleaner 2014-05-31 17:08 - 2014-05-31 17:07 - 00002205 _____ () C:\Users\******\Desktop\mbam.txt 2014-05-31 17:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Branding 2014-05-31 16:48 - 2014-05-31 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-31 16:48 - 2014-05-31 16:48 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-31 16:48 - 2014-05-31 16:48 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-05-31 16:47 - 2014-05-31 16:47 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\******\Downloads\mbam-setup-2.0.2.1012.exe 2014-05-30 23:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-05-30 22:35 - 2014-05-30 22:35 - 00018270 _____ () C:\ComboFix.txt 2014-05-30 22:35 - 2014-05-30 22:35 - 00000000 ____D () C:\Users\Public\AppData\Local\temp 2014-05-30 22:35 - 2014-05-30 22:35 - 00000000 ____D () C:\Users\Default\AppData\Local\temp 2014-05-30 22:35 - 2014-05-30 22:35 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp 2014-05-30 22:35 - 2014-05-30 22:28 - 00000000 ____D () C:\Qoobox 2014-05-30 22:35 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default 2014-05-30 22:34 - 2014-05-30 22:28 - 00000000 ____D () C:\Windows\erdnt 2014-05-30 22:34 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini 2014-05-30 22:22 - 2014-02-28 15:36 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-05-30 22:20 - 2014-02-28 16:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-05-30 14:28 - 2014-05-30 14:28 - 22155104 _____ (Mozilla) C:\Users\******\Downloads\Thunderbird Setup 24.5.0.exe 2014-05-30 14:28 - 2014-05-30 14:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-05-30 14:27 - 2014-05-30 14:27 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-05-30 14:27 - 2014-05-30 14:27 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-05-30 14:27 - 2014-05-30 14:27 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-05-30 14:27 - 2014-05-30 14:27 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2014-05-30 14:27 - 2014-05-30 14:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-05-30 14:27 - 2014-05-30 14:27 - 00000000 ____D () C:\Program Files\Java 2014-05-30 14:26 - 2014-05-30 14:26 - 34131368 _____ (Oracle Corporation) C:\Users\******\Downloads\jre-8u5-windows-x64(1).exe 2014-05-29 19:37 - 2014-05-29 19:37 - 00000168 _____ () C:\Users\******\defogger_reenable.zip 2014-05-29 19:37 - 2014-02-28 14:51 - 00000000 ____D () C:\Users\****** 2014-05-29 19:07 - 2014-05-29 19:07 - 01110476 _____ () C:\Users\******\Downloads\7z920(2).exe 2014-05-29 19:07 - 2014-05-29 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2014-05-29 19:07 - 2014-05-29 19:07 - 00000000 ____D () C:\Program Files (x86)\7-Zip 2014-05-29 18:56 - 2014-05-29 18:56 - 01110476 _____ () C:\Users\******\Downloads\7z920(1).exe 2014-05-29 18:44 - 2014-05-29 18:44 - 01110476 _____ () C:\Users\******\Downloads\7z920.exe 2014-05-29 18:00 - 2014-05-29 18:00 - 00380416 _____ () C:\Users\******\Downloads\Gmer-19357.exe 2014-05-29 17:25 - 2014-05-29 17:24 - 00000474 _____ () C:\Users\******\Downloads\defogger_disable.log 2014-05-29 17:24 - 2014-05-29 17:24 - 00000000 _____ () C:\Users\******\defogger_reenable 2014-05-29 17:22 - 2014-05-29 17:22 - 00050477 _____ () C:\Users\******\Downloads\Defogger.exe 2014-05-29 17:04 - 2014-05-29 17:04 - 00001375 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk 2014-05-29 17:04 - 2014-05-29 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader 2014-05-29 17:03 - 2014-05-29 17:02 - 34131368 _____ (Oracle Corporation) C:\Users\******\Downloads\jre-8u5-windows-x64.exe 2014-05-29 17:01 - 2014-05-29 17:01 - 39187992 _____ (Foxit Corporation ) C:\Users\******\Downloads\FoxitReader620.0429_enu_Setup.exe 2014-05-29 16:59 - 2014-05-29 16:59 - 00000922 _____ () C:\Users\Public\Desktop\AIMP3.lnk 2014-05-29 16:59 - 2014-05-29 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3 2014-05-29 16:59 - 2014-02-28 18:41 - 00000000 ____D () C:\Program Files (x86)\AIMP3 2014-05-29 16:58 - 2014-05-29 16:58 - 07681400 _____ (AIMP DevTeam) C:\Users\******\Downloads\aimp_3.55.1345.exe 2014-05-29 16:57 - 2014-05-29 16:57 - 00264757 _____ () C:\Users\******\Downloads\FHSetup.exe 2014-05-29 16:52 - 2014-05-29 16:52 - 00000000 __SHD () C:\Users\******\AppData\Local\EmieUserList 2014-05-29 16:52 - 2014-05-29 16:52 - 00000000 __SHD () C:\Users\******\AppData\Local\EmieSiteList 2014-05-29 16:52 - 2014-05-29 16:52 - 00000000 ____D () C:\Windows\pss 2014-05-29 16:52 - 2014-02-28 15:35 - 00000000 ____D () C:\Program Files (x86)\Google 2014-05-29 16:51 - 2014-02-28 15:35 - 00000000 ____D () C:\Users\******\AppData\Local\Google 2014-05-29 16:49 - 2014-05-29 16:49 - 04748896 _____ (Piriform Ltd) C:\Users\******\Downloads\ccsetup414.exe 2014-05-29 16:47 - 2014-05-29 16:47 - 00003488 _____ () C:\Windows\System32\Tasks\****** NBAgent 15 0 2014-05-29 16:47 - 2014-05-29 16:47 - 00000000 ____D () C:\Users\******\Documents\Nero BackItUp Device Backup 2014-05-29 16:46 - 2014-05-29 16:46 - 00000000 ____D () C:\Users\******\AppData\Roaming\Nero 2014-05-29 16:46 - 2014-05-29 16:44 - 00000000 ____D () C:\ProgramData\Nero 2014-05-29 16:45 - 2014-05-29 16:45 - 00002665 _____ () C:\Users\Public\Desktop\Nero BackItUp 2014.lnk 2014-05-29 16:45 - 2014-05-29 16:45 - 00000000 ____D () C:\Windows\System32\Tasks\Nero 2014-05-29 16:45 - 2014-05-29 16:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2014-05-29 16:45 - 2014-05-29 16:44 - 00000000 ____D () C:\Program Files (x86)\Nero 2014-05-29 16:43 - 2014-05-29 16:43 - 42441496 _____ (Nero AG) C:\Users\******\Downloads\Nero_BackItUp2014-15.0.04200_free.exe 2014-05-29 16:40 - 2014-05-29 15:19 - 00049629 _____ () C:\Users\******\Downloads\FRST.txt 2014-05-29 16:36 - 2014-02-28 16:07 - 00000000 ____D () C:\Users\******\AppData\Local\Thunderbird 2014-05-29 15:57 - 2014-05-29 15:57 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-05-29 15:55 - 2014-05-29 15:55 - 02347384 _____ (ESET) C:\Users\******\Desktop\esetsmartinstaller_deu.exe 2014-05-29 15:52 - 2014-05-29 15:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-05-29 15:50 - 2014-05-29 15:50 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\******\Downloads\rkill.com 2014-05-29 15:42 - 2014-05-29 14:33 - 00000000 ____D () C:\Users\******\Documents\Mein Steuer-Sparbuch Heute 2014-05-29 14:52 - 2014-02-28 15:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast 2014-05-29 14:51 - 2014-05-29 14:51 - 00447888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys 2014-05-29 14:51 - 2014-05-29 14:51 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2014-05-29 14:49 - 2014-05-29 14:49 - 133421120 _____ (AVAST Software) C:\Users\******\Downloads\avast_internet_security_setup.exe 2014-05-29 14:44 - 2014-02-28 17:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2014-05-29 14:44 - 2014-02-28 15:39 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-05-29 14:44 - 2014-02-28 14:32 - 00000000 ____D () C:\Temp 2014-05-29 14:37 - 2014-05-29 14:37 - 00000000 ____D () C:\NVIDIA 2014-05-29 14:34 - 2014-05-29 14:34 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-05-29 14:33 - 2014-02-28 16:19 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-05-29 14:33 - 2014-02-28 16:19 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-05-29 14:31 - 2014-05-29 14:31 - 00000000 _____ () C:\Windows\setuperr.log 2014-05-29 14:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-05-20 04:44 - 2014-05-29 14:40 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2014-05-20 04:44 - 2014-05-29 14:40 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2014-05-20 04:44 - 2014-05-29 14:40 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2014-05-20 04:44 - 2014-05-29 14:40 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2014-05-20 04:44 - 2014-05-29 14:40 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2014-05-20 04:44 - 2014-05-29 14:40 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2014-05-20 04:44 - 2014-05-29 14:40 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2014-05-20 04:44 - 2014-05-29 14:40 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2014-05-20 04:44 - 2014-05-29 14:40 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2014-05-20 04:44 - 2014-05-29 14:40 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2014-05-20 04:44 - 2014-05-29 14:40 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2014-05-20 04:44 - 2014-05-29 14:40 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2014-05-20 04:44 - 2014-05-29 14:40 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2014-05-20 04:44 - 2014-05-29 14:40 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2014-05-20 04:44 - 2014-05-29 14:40 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll 2014-05-20 04:44 - 2014-05-29 14:40 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll 2014-05-20 04:44 - 2014-05-29 14:40 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2014-05-20 04:44 - 2014-05-29 14:40 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2014-05-20 04:44 - 2014-05-29 14:40 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2014-05-20 04:44 - 2014-05-29 14:40 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2014-05-20 04:44 - 2014-05-29 14:40 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2014-05-20 04:44 - 2014-05-29 14:40 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2014-05-20 04:44 - 2014-05-29 14:40 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2014-05-20 04:44 - 2014-05-29 14:40 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2014-05-20 04:44 - 2014-05-29 14:40 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2014-05-20 04:44 - 2014-02-28 17:36 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2014-05-20 04:44 - 2014-02-28 17:36 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2014-05-20 04:44 - 2014-02-28 17:36 - 14434704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2014-05-20 04:44 - 2014-02-28 17:36 - 03109248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2014-05-20 04:44 - 2014-02-28 17:36 - 02730208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2014-05-20 04:44 - 2014-02-28 17:36 - 00952952 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2014-05-20 04:44 - 2014-02-28 15:40 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2014-05-20 04:44 - 2014-02-28 15:40 - 00052056 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2014-05-20 04:44 - 2013-10-27 10:12 - 00026069 _____ () C:\Windows\system32\nvinfo.pb 2014-05-20 03:25 - 2014-02-28 15:40 - 06769096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2014-05-20 03:25 - 2014-02-28 15:40 - 03514144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2014-05-20 03:25 - 2014-02-28 15:40 - 02560968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2014-05-20 03:25 - 2014-02-28 15:40 - 00927520 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2014-05-20 03:25 - 2014-02-28 15:40 - 00387528 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2014-05-20 03:25 - 2014-02-28 15:40 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2014-05-20 01:10 - 2014-05-29 14:44 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2014-05-19 18:52 - 2014-05-19 18:51 - 00000000 ____D () C:\Users\******\AppData\Roaming\Security Systems 2014-05-19 18:51 - 2014-05-19 18:51 - 00000000 ____D () C:\Users\******\AppData\Roaming\Foxit Software 2014-05-19 18:51 - 2014-05-19 18:51 - 00000000 ____D () C:\Users\Public\Foxit Software 2014-05-19 18:51 - 2014-05-19 18:51 - 00000000 ____D () C:\Program Files (x86)\Foxit Software 2014-05-19 18:31 - 2014-05-19 18:31 - 00000000 ____D () C:\Users\******\Documents\Steuer-Sparbuch 2014-05-19 18:00 - 2014-05-19 18:00 - 00000000 _____ () C:\Users\******\Sti_Trace.log 2014-05-19 16:11 - 2014-05-19 15:10 - 00000622 _____ () C:\Windows\wiso.ini 2014-05-19 16:06 - 2014-05-19 16:06 - 00000000 ____D () C:\Users\******\AppData\Roaming\Buhl Data Service 2014-05-19 16:06 - 2014-05-19 16:06 - 00000000 ____D () C:\Users\******\AppData\Local\Buhl Data Service 2014-05-19 15:58 - 2014-05-19 15:10 - 00000000 ____D () C:\Users\******\AppData\Local\Buhl 2014-05-19 15:56 - 2014-02-28 18:41 - 00000000 ____D () C:\Users\******\AppData\Roaming\AIMP3 2014-05-19 15:56 - 2014-02-28 14:43 - 00000000 ____D () C:\Windows\Panther 2014-05-19 15:32 - 2014-05-19 15:16 - 00000000 ____D () C:\Users\******\AppData\Roaming\Samsung 2014-05-19 15:32 - 2014-05-19 15:16 - 00000000 ____D () C:\Users\******\AppData\Local\Samsung 2014-05-19 15:32 - 2014-05-19 15:14 - 00000000 ____D () C:\ProgramData\Samsung 2014-05-19 15:32 - 2014-05-19 15:14 - 00000000 ____D () C:\Program Files (x86)\Samsung 2014-05-19 15:32 - 2014-02-28 15:08 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-05-19 15:30 - 2014-05-19 15:30 - 04745984 _____ (Piriform Ltd) C:\Users\******\Downloads\ccsetup413.exe 2014-05-19 15:19 - 2014-05-19 15:19 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2014-05-19 15:19 - 2014-05-19 15:19 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf 2014-05-19 15:16 - 2014-05-19 15:16 - 00000000 ____D () C:\Users\******\Documents\samsung 2014-05-19 15:16 - 2014-05-19 15:16 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log 2014-05-19 15:15 - 2014-05-19 15:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec 2014-05-19 15:13 - 2014-05-19 15:13 - 00000000 ____D () C:\Users\******\AppData\Local\Downloaded Installations 2014-05-19 15:13 - 2014-05-19 15:12 - 75879368 _____ (Samsung Electronics Co., Ltd.) C:\Users\******\Downloads\KiesSetup263.exe 2014-05-19 15:10 - 2014-05-19 15:10 - 00002112 _____ () C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2014.lnk 2014-05-19 15:10 - 2014-05-19 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Steuer-Sparbuch 2014 2014-05-19 15:10 - 2014-05-19 15:08 - 00000000 ____D () C:\ProgramData\Buhl Data Service GmbH 2014-05-19 15:09 - 2014-05-19 15:09 - 00000000 ____D () C:\Program Files (x86)\WISO 2014-05-19 14:54 - 2014-05-19 14:54 - 01038704 _____ (Amazon Services LLC) C:\Users\******\Downloads\WISO_Steuer_Sparbuch_2014_für_Steuerjahr_2013_Downloader.exe 2014-05-19 13:32 - 2014-02-28 15:35 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2014-05-19 13:32 - 2014-02-28 15:35 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2014-05-19 13:32 - 2014-02-28 15:35 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys 2014-05-19 13:30 - 2014-02-28 14:52 - 00000000 ___RD () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-19 13:30 - 2014-02-28 14:52 - 00000000 ___RD () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-05-19 13:26 - 2014-05-19 13:26 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-05-19 13:24 - 2014-02-28 19:31 - 00000000 ____D () C:\Windows\system32\MRT 2014-05-19 13:21 - 2014-02-28 19:31 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-05-19 13:12 - 2014-05-19 13:12 - 00000000 ____D () C:\Windows\Options 2014-05-19 13:12 - 2014-05-19 13:12 - 00000000 ____D () C:\ProgramData\TP-LINK 2014-05-15 01:49 - 2014-02-28 15:40 - 03774821 _____ () C:\Windows\system32\nvcoproc.bin 2014-05-12 07:26 - 2014-05-31 16:48 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-05-12 07:26 - 2014-05-31 16:48 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-05-12 07:25 - 2014-05-31 16:48 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-05-09 08:14 - 2014-05-19 13:19 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-05-09 08:11 - 2014-05-19 13:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-05-06 06:40 - 2014-05-29 17:26 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-06 06:17 - 2014-05-29 17:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-06 05:25 - 2014-05-29 17:26 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-06 05:07 - 2014-05-29 17:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-06 05:00 - 2014-05-29 17:26 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-06 04:10 - 2014-05-29 17:26 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-05-30 15:29 ==================== End Of Log ============================ --- --- --- Viele Grüße Santana |
|
03.06.2014, 18:37
| #12 |
| /// the machine /// TB-Ausbilder | Problem mit hxxp://admin.true-secure.com/securita.php/?id=4157983&bro=FF Backup auf H löschen. Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.06.2014, 19:59
| #13 |
| | Problem mit hxxp://admin.true-secure.com/securita.php/?id=4157983&bro=FF Hallo Schrauber, hab alles so gemacht, wie Du gesagt hast und Deine Tipps werde ich auf jeden Fall beachten. Eine Frage habe ich noch. Was ist mit den Registrierungsschlüsseleinträgen, die Malwarebytes beanstandet hat? Muss da noch was unternommern werden? Ansonsten ist soweit alles klar. Backup ist gelöscht, war sowieso nicht mehr aktuell. Tausend Dank für Deine Zeit und Hilfe.  Viele Grüße Santana |
|
04.06.2014, 18:32
| #14 | |
| /// the machine /// TB-Ausbilder | Problem mit hxxp://admin.true-secure.com/securita.php/?id=4157983&bro=FFZitat:
Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Problem mit hxxp://admin.true-secure.com/securita.php/?id=4157983&bro=FF |
| administrator, antivirus, association, browser, ccsetup, explorer, flash player, homepage, problem, pup.optional.softonic.a, security, services.exe, svchost.exe, system, trojan.bho, usb, win32/softonicdownloader.e, win32/softonicdownloader.f, win32/trojannotifier.small.a, windows |
WARNUNG an die MITLESER: 
Linear-Darstellung
