Trojaner-Board
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Avira / Quarantäne: adware/installcore.gen (https://www.trojaner-board.de/141703-avira-quarantaene-adware-installcore-gen.html)

schrauber 21.09.2013 10:44
Du meinst die Anleitung zum Aufräumen? Ja :)

steffiglaubi 21.09.2013 11:24
Ich werde noch verrückt, abends ist es immer weg und wenn ich morgens hier lese, ist die Werbung wieder da. :-(

schrauber 21.09.2013 16:41
in welchem Browser? Immer noch Firefox?

steffiglaubi 21.09.2013 19:28
ja immernoch Firefox

schrauber 21.09.2013 21:23
Mal ne dumme Frage: Nutzt du das Addon Adblock Plus?

steffiglaubi 22.09.2013 20:57
Das hab ich jetzt mal installiert, aber das bekämpft ja den Fehler nicht. Oder?

schrauber 23.09.2013 09:14
Doch. Einige Popups und Werbedinger sind normal, das ist nicht immer Malware. Ich hab auch dutzende Werbung wenn ich den Adblocker abstelle, deswegen gibt es den ja :)

steffiglaubi 23.09.2013 09:16
naja die normale Werbung kenne ich ja, aber es blinkt immer "geringer Speicher" auf und es öffnet sich auch ganz oft ein extra Fenster mit "Spyware gefunden".

schrauber 23.09.2013 09:49
Un das kommt immer noch in Firefox? Screenshot davon bitte. Bist du der einzige in dem Netzwerk?

Frisches FRST log bitte.

steffiglaubi 23.09.2013 10:26
Problem ist immernoch im Firefox.

Wie füge ich den Screenshot ein?

Um den Screenshot zu machen, drücke ich doch wenn die Werbung auftritt nur den "Druck"-Knopf auf der Tastatur, stimmts?

Ich bin die einzige im Netzwerk mit einem Computer, ansonsten sind noch 2 Iphone im Wlan-Netz.


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-09-2013
Ran by Kirchner (administrator) on KIRCHNER-PC on 23-09-2013 11:24:05
Running from C:\Users\Kirchner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AHFYRT93
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\PLFSetI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NTI, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Exsoft GmbH) C:\Audatex\AudaExpert\FotoCopy\FotoCopy.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office10\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Corel Corporation) C:\Corel\DRAW Select\PROGRAMS\CORELDRW.EXE
(KÜS) C:\Program Files (x86)\KUES\KE\KE32ext.exe
(iAnywhere Solutions, Inc.) C:\Program Files (x86)\Common Files\KUES\SqlAny11\BIN32\dbeng11.exe
(Fahrzeugsystemdaten GmbH) C:\Program Files (x86)\KUES\KE\sysdat\Framework\bin\FSDSuiteInterfaceProcess.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Lyrics) C:\program files (x86)\lyrixeeker-1\lyrixeeker-1-bg.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [206208 2011-03-10] ()
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM\...\Run: [IntelliPoint] - c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [MobileDocuments] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
MountPoints2: {2ee703f7-8efc-11e1-b1d8-1c7508da73ad} - E:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {a9f2467e-927d-11e1-b428-889ffa35a8e4} - E:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {e7bd93a6-5e24-11e1-b97b-1c7508da73ad} - F:\Startme.exe
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [265984 2010-11-19] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.)
HKLM-x32\...\Run: [FreePDF Assistant] - C:\Program Files (x86)\FreePDF_XP\fpassist.exe [370176 2010-06-17] (shbox.de)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.golsearch.com/?babsrc=HP_ss_Btisdt6&mntrId=E6CF889FFA35A8E4&affID=119357&tt=160913_m1&tsp=5011
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=E6CF889FFA35A8E4&affID=119357&tt=160913_m1&tsp=5011
BHO: LyriXeeker-1 - {11111111-1111-1111-1111-110411181156} - C:\Program Files (x86)\LyriXeeker-1\LyriXeeker-1-bho64.dll (Lyrics)
BHO-x32: LyriXeeker-1 - {11111111-1111-1111-1111-110411181156} - C:\Program Files (x86)\LyriXeeker-1\LyriXeeker-1-bho.dll (Lyrics)
BHO-x32: No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.24.6\bh\delta.dll (Delta-search.com)
Toolbar: HKLM-x32 -  No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.24.6\deltaTlbr.dll (Delta-search.com)
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} -  No File
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.188.1
Tcpip\..\Interfaces\{BB1A6F27-8249-450F-9985-45E285EF63D2}: [NameServer]139.7.30.125 139.7.30.126

FireFox:
========
FF ProfilePath: C:\Users\Kirchner\AppData\Roaming\Mozilla\Firefox\Profiles\rx6bjkrc.default
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Kirchner\AppData\Roaming\Mozilla\Firefox\Profiles\rx6bjkrc.default\Extensions\763ab44b-71df-436c-906e-2ee8e1d7b302@af951efb-381e-47b2-ac45-80df41e44bc7.com
FF Extension: No Name - C:\Users\Kirchner\AppData\Roaming\Mozilla\Firefox\Profiles\rx6bjkrc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-02] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [168400 2013-07-26] (APN LLC.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NTISchedulerSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [144640 2010-04-17] (NTI, Inc.)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-02] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-02] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-08-05] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 mod7700; C:\Windows\System32\DRIVERS\dvb7700all.sys [866600 2012-08-09] (DiBcom)
S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)
S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-23 09:46 - 2013-09-23 09:46 - 98615842 _____ C:\Windows\SysWOW64\﷦뒾‹
2013-09-22 22:29 - 2013-09-22 22:29 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-22 22:29 - 2013-09-22 22:29 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-21 21:34 - 2013-09-23 10:46 - 03762176 ____H C:\Users\Kirchner\Documents\~WRL1425.tmp
2013-09-21 21:34 - 2013-09-23 09:51 - 02364928 ____H C:\Users\Kirchner\Documents\~WRL3700.tmp
2013-09-21 21:34 - 2013-09-21 21:34 - 01307136 ____H C:\Users\Kirchner\Documents\~WRL2014.tmp
2013-09-21 21:06 - 2013-09-23 10:48 - 00629760 ____H C:\Users\Kirchner\Documents\~WRL2806.tmp
2013-09-21 21:06 - 2013-09-21 21:06 - 00630272 ____H C:\Users\Kirchner\Documents\~WRL4083.tmp
2013-09-21 13:13 - 2013-09-21 13:13 - 03961048 _____ (Speedchecker Limited                                        ) C:\Users\Kirchner\Downloads\pcbeschleunigen_f1c4b57c80fe4365a33691560b726b75_.exe
2013-09-21 13:08 - 2013-09-21 13:08 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-09-21 13:07 - 2013-09-21 13:08 - 00000000 ____D C:\Program Files (x86)\WinRAR
2013-09-21 13:07 - 2013-09-21 13:07 - 01766784 _____ C:\Users\Kirchner\Downloads\wrar500.exe
2013-09-21 13:05 - 2013-09-21 13:05 - 00533892 _____ C:\Users\Kirchner\Downloads\noscript_security_suite-2.6.7.1-sm_fn_fx.xpi.zip
2013-09-21 13:03 - 2013-09-21 13:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-21 12:33 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-21 12:33 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-21 12:33 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-21 12:33 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-21 12:33 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-21 12:33 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-21 12:33 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-21 12:33 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-21 12:33 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-21 12:33 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-21 12:33 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-21 12:33 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-21 12:33 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-21 12:33 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-21 12:33 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-21 12:33 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-21 12:33 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-21 12:33 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-21 12:33 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-21 12:33 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-21 12:33 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-21 12:33 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-21 12:33 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-21 12:33 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-21 12:33 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-21 12:33 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-21 12:33 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-21 12:33 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-21 12:33 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-21 12:33 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-21 12:33 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-21 12:27 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-21 12:27 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-21 12:27 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-21 12:27 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-21 12:27 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-21 12:27 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-21 12:27 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-21 12:27 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-21 12:27 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-21 12:27 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-21 12:27 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-21 12:27 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-21 12:27 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-21 12:27 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-21 12:27 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-21 12:27 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-21 12:27 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-21 12:27 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-21 12:27 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-21 12:27 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-21 12:27 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-21 12:27 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-21 12:27 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-21 12:27 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-21 12:27 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-21 12:27 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-21 12:27 - 2013-04-17 09:02 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-09-21 12:27 - 2013-04-17 08:24 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-09-21 12:25 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-09-21 12:25 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-09-20 20:56 - 2013-09-23 10:56 - 00000304 _____ C:\Windows\Tasks\UpdaterEX.job
2013-09-20 20:56 - 2013-09-20 20:56 - 00003256 _____ C:\Windows\System32\Tasks\UpdaterEX
2013-09-20 20:55 - 2013-09-20 20:55 - 22404568 _____ (Mozilla) C:\Users\Kirchner\Downloads\Firefox_Setup [1].exe
2013-09-20 20:55 - 2013-09-20 20:55 - 00003406 _____ C:\Windows\System32\Tasks\EPUpdater
2013-09-20 20:55 - 2013-09-20 20:55 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\UpdaterEX
2013-09-20 20:55 - 2013-09-20 20:55 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\Babylon
2013-09-20 20:55 - 2013-09-20 20:55 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\BabSolution
2013-09-20 20:55 - 2013-09-20 20:55 - 00000000 ____D C:\ProgramData\DSearchLink
2013-09-20 20:55 - 2013-09-20 20:55 - 00000000 ____D C:\ProgramData\Babylon
2013-09-20 20:55 - 2013-09-20 20:55 - 00000000 ____D C:\Program Files (x86)\Delta
2013-09-20 20:39 - 2013-09-20 20:39 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kirchner\Downloads\revosetup95.exe
2013-09-20 20:39 - 2013-09-20 20:39 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-09-18 19:43 - 2013-09-18 19:43 - 00064104 _____ C:\Users\Kirchner\Downloads\FRST.txt
2013-09-18 19:39 - 2013-09-18 19:39 - 00891144 _____ C:\Users\Kirchner\Downloads\SecurityCheck.exe
2013-09-18 17:23 - 2013-09-18 17:23 - 02347384 _____ (ESET) C:\Users\Kirchner\Downloads\esetsmartinstaller_enu.exe
2013-09-18 11:53 - 2013-09-18 11:53 - 00000000 ____D C:\Windows\ERUNT
2013-09-18 11:52 - 2013-09-18 11:52 - 01029675 _____ (Thisisu) C:\Users\Kirchner\Downloads\JRT.exe
2013-09-18 11:14 - 2013-09-18 11:14 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\Malwarebytes
2013-09-18 11:13 - 2013-09-18 11:13 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Kirchner\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-18 11:13 - 2013-09-18 11:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-18 11:13 - 2013-09-18 11:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-18 11:13 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-17 19:29 - 2013-09-17 19:30 - 00021634 _____ C:\Users\Kirchner\Downloads\Addition.txt
2013-09-17 19:28 - 2013-09-17 19:28 - 00000000 ____D C:\FRST
2013-09-17 12:47 - 2013-09-18 11:45 - 00000000 ____D C:\AdwCleaner
2013-09-17 12:10 - 2013-09-17 12:10 - 00003118 _____ C:\Windows\System32\Tasks\Advanced System Protector_startup
2013-09-17 12:10 - 2012-07-25 12:03 - 00016896 _____ C:\Windows\system32\sasnative64.exe
2013-09-17 12:09 - 2013-09-17 12:09 - 00003338 _____ C:\Windows\System32\Tasks\Advanced System Protector
2013-09-17 12:09 - 2013-09-17 12:09 - 00003108 _____ C:\Windows\System32\Tasks\RegClean Pro
2013-09-17 12:08 - 2013-09-17 12:08 - 00700783 ____R (Swearware) C:\Users\Kirchner\Downloads\dds+.exe
2013-09-17 12:06 - 2013-09-17 12:06 - 01039554 _____ C:\Users\Kirchner\Downloads\adwcleaner.exe
2013-09-15 19:16 - 2013-09-15 19:16 - 00000048 _____ C:\Windows\E44A3432AF7A7E8E.log
2013-09-15 19:01 - 2013-09-15 19:01 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-09-15 19:01 - 2013-09-15 19:01 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\TuneUp Software
2013-09-15 19:01 - 2013-09-15 19:01 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-09-15 19:00 - 2013-09-15 19:00 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\Canneverbe Limited
2013-09-15 19:00 - 2013-09-15 19:00 - 00000000 ____D C:\ProgramData\Canneverbe Limited
2013-09-15 18:53 - 2013-09-23 09:44 - 00001302 _____ C:\Windows\Tasks\LyriXeeker-1-updater.job
2013-09-15 18:53 - 2013-09-23 09:44 - 00001206 _____ C:\Windows\Tasks\LyriXeeker-1-codedownloader.job
2013-09-15 18:53 - 2013-09-23 09:44 - 00001106 _____ C:\Windows\Tasks\LyriXeeker-1-enabler.job
2013-09-15 18:53 - 2013-09-20 20:56 - 00004332 _____ C:\Windows\System32\Tasks\LyriXeeker-1-updater
2013-09-15 18:53 - 2013-09-20 20:56 - 00004136 _____ C:\Windows\System32\Tasks\LyriXeeker-1-enabler
2013-09-15 18:53 - 2013-09-20 20:55 - 00004236 _____ C:\Windows\System32\Tasks\LyriXeeker-1-codedownloader
2013-09-15 18:51 - 2013-09-23 09:44 - 00001840 _____ C:\Windows\Tasks\LyriXeeker-1-firefoxinstaller.job
2013-09-15 18:51 - 2013-09-15 18:59 - 05283736 _____ (Canneverbe Limited                                          ) C:\Users\Kirchner\Downloads\cdburner45SO_install [1].exe
2013-09-15 18:51 - 2013-09-15 18:53 - 00000000 ____D C:\Program Files (x86)\LyriXeeker-1
2013-09-15 18:49 - 2013-09-15 18:49 - 00000085 ___SH C:\ProgramData\.zreglib
2013-09-15 18:47 - 2013-09-15 18:47 - 05185720 _____ C:\Users\Kirchner\Downloads\SetupCloneDVD2930.exe
2013-09-09 20:24 - 2013-09-09 20:24 - 96772628 _____ C:\Windows\SysWOW64\⥁꿴œ
2013-09-03 22:26 - 2013-09-03 22:26 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-09-03 22:26 - 2013-09-03 22:26 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-09-03 22:26 - 2013-09-03 22:26 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-09-03 22:26 - 2013-09-03 22:26 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-09-03 22:26 - 2013-09-03 22:26 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-09-03 22:26 - 2013-09-03 22:26 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-09-03 22:26 - 2013-09-03 22:26 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-09-03 22:26 - 2013-09-03 22:26 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-09-03 22:26 - 2013-09-03 22:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-09-03 22:24 - 2013-09-03 22:24 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-09-03 22:21 - 2013-09-03 22:30 - 00011966 _____ C:\Windows\IE10_main.log

==================== One Month Modified Files and Folders =======

2013-09-23 11:09 - 2011-07-07 11:54 - 00000057 _____ C:\Windows\iltwain.ini
2013-09-23 11:08 - 2011-08-12 11:48 - 00000000 ____D C:\Users\Kirchner\AppData\Local\FreePDF_XP
2013-09-23 11:08 - 2011-08-12 11:38 - 00000546 _____ C:\Windows\WT61DE.UWL
2013-09-23 10:56 - 2013-09-20 20:56 - 00000304 _____ C:\Windows\Tasks\UpdaterEX.job
2013-09-23 10:48 - 2013-09-21 21:06 - 00629760 ____H C:\Users\Kirchner\Documents\~WRL2806.tmp
2013-09-23 10:46 - 2013-09-21 21:34 - 03762176 ____H C:\Users\Kirchner\Documents\~WRL1425.tmp
2013-09-23 09:52 - 2009-07-14 06:45 - 00009712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-23 09:52 - 2009-07-14 06:45 - 00009712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-23 09:51 - 2013-09-21 21:34 - 02364928 ____H C:\Users\Kirchner\Documents\~WRL3700.tmp
2013-09-23 09:46 - 2013-09-23 09:46 - 98615842 _____ C:\Windows\SysWOW64\﷦뒾‹
2013-09-23 09:44 - 2013-09-15 18:53 - 00001302 _____ C:\Windows\Tasks\LyriXeeker-1-updater.job
2013-09-23 09:44 - 2013-09-15 18:53 - 00001206 _____ C:\Windows\Tasks\LyriXeeker-1-codedownloader.job
2013-09-23 09:44 - 2013-09-15 18:53 - 00001106 _____ C:\Windows\Tasks\LyriXeeker-1-enabler.job
2013-09-23 09:44 - 2013-09-15 18:51 - 00001840 _____ C:\Windows\Tasks\LyriXeeker-1-firefoxinstaller.job
2013-09-23 09:44 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-23 09:44 - 2009-07-14 06:51 - 00149415 _____ C:\Windows\setupact.log
2013-09-22 23:03 - 2011-03-10 06:29 - 01365554 _____ C:\Windows\WindowsUpdate.log
2013-09-22 22:29 - 2013-09-22 22:29 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-22 22:29 - 2013-09-22 22:29 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-22 22:28 - 2013-03-05 10:14 - 00000000 ____D C:\Users\Kirchner\AppData\Local\Adobe
2013-09-21 21:34 - 2013-09-21 21:34 - 01307136 ____H C:\Users\Kirchner\Documents\~WRL2014.tmp
2013-09-21 21:06 - 2013-09-21 21:06 - 00630272 ____H C:\Users\Kirchner\Documents\~WRL4083.tmp
2013-09-21 14:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-21 13:30 - 2012-04-29 17:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-21 13:13 - 2013-09-21 13:13 - 03961048 _____ (Speedchecker Limited                                        ) C:\Users\Kirchner\Downloads\pcbeschleunigen_f1c4b57c80fe4365a33691560b726b75_.exe
2013-09-21 13:13 - 2013-09-21 13:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-21 13:08 - 2013-09-21 13:08 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-09-21 13:08 - 2013-09-21 13:07 - 00000000 ____D C:\Program Files (x86)\WinRAR
2013-09-21 13:07 - 2013-09-21 13:07 - 01766784 _____ C:\Users\Kirchner\Downloads\wrar500.exe
2013-09-21 13:05 - 2013-09-21 13:05 - 00533892 _____ C:\Users\Kirchner\Downloads\noscript_security_suite-2.6.7.1-sm_fn_fx.xpi.zip
2013-09-21 13:03 - 2011-06-28 10:50 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\Mozilla
2013-09-21 13:00 - 2011-06-28 10:45 - 00000000 ___RD C:\Users\Kirchner\Virtual Machines
2013-09-21 13:00 - 2011-06-28 10:45 - 00000000 ___RD C:\Users\Kirchner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-21 13:00 - 2011-06-28 10:45 - 00000000 ___RD C:\Users\Kirchner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-21 12:57 - 2009-07-14 06:45 - 00365744 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-21 12:33 - 2013-08-16 13:33 - 00000000 ____D C:\Windows\system32\MRT
2013-09-21 12:31 - 2011-06-28 11:55 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-21 12:14 - 2011-03-10 06:25 - 00051198 _____ C:\Windows\PFRO.log
2013-09-20 20:56 - 2013-09-20 20:56 - 00003256 _____ C:\Windows\System32\Tasks\UpdaterEX
2013-09-20 20:56 - 2013-09-15 18:53 - 00004332 _____ C:\Windows\System32\Tasks\LyriXeeker-1-updater
2013-09-20 20:56 - 2013-09-15 18:53 - 00004136 _____ C:\Windows\System32\Tasks\LyriXeeker-1-enabler
2013-09-20 20:55 - 2013-09-20 20:55 - 22404568 _____ (Mozilla) C:\Users\Kirchner\Downloads\Firefox_Setup [1].exe
2013-09-20 20:55 - 2013-09-20 20:55 - 00003406 _____ C:\Windows\System32\Tasks\EPUpdater
2013-09-20 20:55 - 2013-09-20 20:55 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\UpdaterEX
2013-09-20 20:55 - 2013-09-20 20:55 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\Babylon
2013-09-20 20:55 - 2013-09-20 20:55 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\BabSolution
2013-09-20 20:55 - 2013-09-20 20:55 - 00000000 ____D C:\ProgramData\DSearchLink
2013-09-20 20:55 - 2013-09-20 20:55 - 00000000 ____D C:\ProgramData\Babylon
2013-09-20 20:55 - 2013-09-20 20:55 - 00000000 ____D C:\Program Files (x86)\Delta
2013-09-20 20:55 - 2013-09-15 18:53 - 00004236 _____ C:\Windows\System32\Tasks\LyriXeeker-1-codedownloader
2013-09-20 20:39 - 2013-09-20 20:39 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kirchner\Downloads\revosetup95.exe
2013-09-20 20:39 - 2013-09-20 20:39 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-09-19 12:11 - 2011-03-10 15:20 - 00656294 _____ C:\Windows\system32\perfh007.dat
2013-09-19 12:11 - 2011-03-10 15:20 - 00130894 _____ C:\Windows\system32\perfc007.dat
2013-09-19 12:11 - 2009-07-14 07:13 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-18 23:06 - 2012-11-11 13:33 - 00000000 ____D C:\ProgramData\Adobe
2013-09-18 23:06 - 2011-03-08 11:30 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-09-18 23:04 - 2013-03-05 14:06 - 00000000 ____D C:\Users\Kirchner\Documents\Schriftverkehr 2013
2013-09-18 19:47 - 2011-06-28 10:50 - 00000000 ____D C:\Users\Kirchner\AppData\Local\Mozilla
2013-09-18 19:43 - 2013-09-18 19:43 - 00064104 _____ C:\Users\Kirchner\Downloads\FRST.txt
2013-09-18 19:39 - 2013-09-18 19:39 - 00891144 _____ C:\Users\Kirchner\Downloads\SecurityCheck.exe
2013-09-18 18:12 - 2013-02-14 20:20 - 00001094 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-09-18 17:23 - 2013-09-18 17:23 - 02347384 _____ (ESET) C:\Users\Kirchner\Downloads\esetsmartinstaller_enu.exe
2013-09-18 11:53 - 2013-09-18 11:53 - 00000000 ____D C:\Windows\ERUNT
2013-09-18 11:52 - 2013-09-18 11:52 - 01029675 _____ (Thisisu) C:\Users\Kirchner\Downloads\JRT.exe
2013-09-18 11:45 - 2013-09-17 12:47 - 00000000 ____D C:\AdwCleaner
2013-09-18 11:14 - 2013-09-18 11:14 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\Malwarebytes
2013-09-18 11:13 - 2013-09-18 11:13 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Kirchner\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-18 11:13 - 2013-09-18 11:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-18 11:13 - 2013-09-18 11:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-17 19:30 - 2013-09-17 19:29 - 00021634 _____ C:\Users\Kirchner\Downloads\Addition.txt
2013-09-17 19:28 - 2013-09-17 19:28 - 00000000 ____D C:\FRST
2013-09-17 12:10 - 2013-09-17 12:10 - 00003118 _____ C:\Windows\System32\Tasks\Advanced System Protector_startup
2013-09-17 12:10 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-09-17 12:09 - 2013-09-17 12:09 - 00003338 _____ C:\Windows\System32\Tasks\Advanced System Protector
2013-09-17 12:09 - 2013-09-17 12:09 - 00003108 _____ C:\Windows\System32\Tasks\RegClean Pro
2013-09-17 12:09 - 2011-06-28 11:07 - 00000000 ____D C:\Users\Kirchner\Documents\Deckblätter
2013-09-17 12:08 - 2013-09-17 12:08 - 00700783 ____R (Swearware) C:\Users\Kirchner\Downloads\dds+.exe
2013-09-17 12:06 - 2013-09-17 12:06 - 01039554 _____ C:\Users\Kirchner\Downloads\adwcleaner.exe
2013-09-17 12:06 - 2011-07-15 17:18 - 00000000 ____D C:\Program Files (x86)\Java
2013-09-15 20:29 - 2013-07-20 20:51 - 00000000 ____D C:\ProgramData\hps
2013-09-15 20:27 - 2013-07-20 20:51 - 00000000 ____D C:\ProgramData\tmp
2013-09-15 19:16 - 2013-09-15 19:16 - 00000048 _____ C:\Windows\E44A3432AF7A7E8E.log
2013-09-15 19:01 - 2013-09-15 19:01 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-09-15 19:01 - 2013-09-15 19:01 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\TuneUp Software
2013-09-15 19:01 - 2013-09-15 19:01 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-09-15 19:00 - 2013-09-15 19:00 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\Canneverbe Limited
2013-09-15 19:00 - 2013-09-15 19:00 - 00000000 ____D C:\ProgramData\Canneverbe Limited
2013-09-15 18:59 - 2013-09-15 18:51 - 05283736 _____ (Canneverbe Limited                                          ) C:\Users\Kirchner\Downloads\cdburner45SO_install [1].exe
2013-09-15 18:53 - 2013-09-15 18:51 - 00000000 ____D C:\Program Files (x86)\LyriXeeker-1
2013-09-15 18:49 - 2013-09-15 18:49 - 00000085 ___SH C:\ProgramData\.zreglib
2013-09-15 18:47 - 2013-09-15 18:47 - 05185720 _____ C:\Users\Kirchner\Downloads\SetupCloneDVD2930.exe
2013-09-09 20:31 - 2012-02-13 20:45 - 00000000 ____D C:\Users\Kirchner\Documents\Rechnungen
2013-09-09 20:24 - 2013-09-09 20:24 - 96772628 _____ C:\Windows\SysWOW64\⥁꿴œ
2013-09-06 21:42 - 2013-08-04 14:20 - 00200192 _____ C:\Users\Kirchner\Documents\Kassenbericht 2013.xls
2013-09-04 11:08 - 2011-06-28 11:07 - 00000000 ____D C:\Users\Kirchner\Documents\Monatsabrechungen Gutachten
2013-09-03 22:37 - 2011-06-28 10:45 - 00001425 _____ C:\Users\Kirchner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-03 22:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-09-03 22:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-09-03 22:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\zh-HK
2013-09-03 22:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\tr-TR
2013-09-03 22:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-09-03 22:30 - 2013-09-03 22:21 - 00011966 _____ C:\Windows\IE10_main.log
2013-09-03 22:26 - 2013-09-03 22:26 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-09-03 22:26 - 2013-09-03 22:26 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-09-03 22:26 - 2013-09-03 22:26 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-09-03 22:26 - 2013-09-03 22:26 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-09-03 22:26 - 2013-09-03 22:26 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-09-03 22:26 - 2013-09-03 22:26 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-09-03 22:26 - 2013-09-03 22:26 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-09-03 22:26 - 2013-09-03 22:26 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-09-03 22:26 - 2013-09-03 22:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-09-03 22:24 - 2013-09-03 22:24 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-09-02 14:36 - 2013-08-05 19:57 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-09-02 14:36 - 2013-08-05 19:56 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-02 14:36 - 2013-08-05 19:56 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-08-28 19:03 - 2011-06-28 11:08 - 00000000 ____D C:\Users\Kirchner\Documents\Schwacke

Some content of TEMP:
====================
C:\Users\Kirchner\AppData\Local\Temp\APNStub.exe
C:\Users\Kirchner\AppData\Local\Temp\AskSLib.dll
C:\Users\Kirchner\AppData\Local\Temp\BackupSetup.exe
C:\Users\Kirchner\AppData\Local\Temp\COMAP.EXE
C:\Users\Kirchner\AppData\Local\Temp\firefoxjre_exe.exe
C:\Users\Kirchner\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\Kirchner\AppData\Local\Temp\fp_pl_pfs_installer-2.exe
C:\Users\Kirchner\AppData\Local\Temp\fp_pl_pfs_installer-3.exe
C:\Users\Kirchner\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Kirchner\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Kirchner\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Kirchner\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Kirchner\AppData\Local\Temp\MSNAD50.exe
C:\Users\Kirchner\AppData\Local\Temp\Quarantine.exe
C:\Users\Kirchner\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\Kirchner\AppData\Local\Temp\uninst1.exe
C:\Users\Kirchner\AppData\Local\Temp\uuhavfp4.dll
C:\Users\Kirchner\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Kirchner\AppData\Local\Temp\vlc-2.0.2-win32.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-21 14:48

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

schrauber 23.09.2013 17:43
Alt+Druck, dann Paint öffnen, Strg+V zum einfügen, das als JPG speichern und hier anhängen.

steffiglaubi 24.09.2013 09:11
Liste der Anhänge anzeigen (Anzahl: 1)
vielen Dank, hier sind 2 Screenshots

steffiglaubi 24.09.2013 09:13
Liste der Anhänge anzeigen (Anzahl: 1)
hier der 2te

schrauber 24.09.2013 18:39
FRST muss auf dem Desktop gespeichert werden und von dort laufen, sonst kann ich keine Fixes machen.

steffiglaubi 24.09.2013 18:52
Habe es jetzt auf dem Desktop kopiert und dort laufen lassen.


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-09-2013
Ran by Kirchner (administrator) on KIRCHNER-PC on 24-09-2013 19:50:15
Running from C:\Users\Kirchner\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\PLFSetI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NTI, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Exsoft GmbH) C:\Audatex\AudaExpert\FotoCopy\FotoCopy.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [206208 2011-03-10] ()
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM\...\Run: [IntelliPoint] - c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [MobileDocuments] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
MountPoints2: {2ee703f7-8efc-11e1-b1d8-1c7508da73ad} - E:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {a9f2467e-927d-11e1-b428-889ffa35a8e4} - E:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {e7bd93a6-5e24-11e1-b97b-1c7508da73ad} - F:\Startme.exe
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [265984 2010-11-19] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.)
HKLM-x32\...\Run: [FreePDF Assistant] - C:\Program Files (x86)\FreePDF_XP\fpassist.exe [370176 2010-06-17] (shbox.de)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.golsearch.com/?babsrc=HP_ss_Btisdt6&mntrId=E6CF889FFA35A8E4&affID=119357&tt=160913_m1&tsp=5011
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=E6CF889FFA35A8E4&affID=119357&tt=160913_m1&tsp=5011
BHO: LyriXeeker-1 - {11111111-1111-1111-1111-110411181156} - C:\Program Files (x86)\LyriXeeker-1\LyriXeeker-1-bho64.dll (Lyrics)
BHO-x32: LyriXeeker-1 - {11111111-1111-1111-1111-110411181156} - C:\Program Files (x86)\LyriXeeker-1\LyriXeeker-1-bho.dll (Lyrics)
BHO-x32: No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.24.6\bh\delta.dll (Delta-search.com)
Toolbar: HKLM-x32 -  No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.24.6\deltaTlbr.dll (Delta-search.com)
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} -  No File
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.188.1
Tcpip\..\Interfaces\{BB1A6F27-8249-450F-9985-45E285EF63D2}: [NameServer]139.7.30.125 139.7.30.126

FireFox:
========
FF ProfilePath: C:\Users\Kirchner\AppData\Roaming\Mozilla\Firefox\Profiles\rx6bjkrc.default
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Kirchner\AppData\Roaming\Mozilla\Firefox\Profiles\rx6bjkrc.default\Extensions\763ab44b-71df-436c-906e-2ee8e1d7b302@af951efb-381e-47b2-ac45-80df41e44bc7.com
FF Extension: No Name - C:\Users\Kirchner\AppData\Roaming\Mozilla\Firefox\Profiles\rx6bjkrc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-02] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [168400 2013-07-26] (APN LLC.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NTISchedulerSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [144640 2010-04-17] (NTI, Inc.)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-02] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-02] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-08-05] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 mod7700; C:\Windows\System32\DRIVERS\dvb7700all.sys [866600 2012-08-09] (DiBcom)
S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)
S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-24 19:49 - 2013-09-24 19:49 - 01955802 _____ (Farbar) C:\Users\Kirchner\Desktop\FRST64.exe
2013-09-24 19:42 - 2013-09-24 19:42 - 97540783 _____ C:\Windows\SysWOW64\눜䉝¡
2013-09-24 10:41 - 2013-09-23 16:04 - 351174656 _____ C:\Users\Kirchner\Desktop\KE11.db
2013-09-22 22:29 - 2013-09-22 22:29 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-22 22:29 - 2013-09-22 22:29 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-21 13:08 - 2013-09-21 13:08 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-09-21 13:07 - 2013-09-21 13:08 - 00000000 ____D C:\Program Files (x86)\WinRAR
2013-09-21 13:07 - 2013-09-21 13:07 - 01766784 _____ C:\Users\Kirchner\Downloads\wrar500.exe
2013-09-21 13:03 - 2013-09-21 13:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-21 12:33 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-21 12:33 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-21 12:33 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-21 12:33 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-21 12:33 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-21 12:33 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-21 12:33 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-21 12:33 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-21 12:33 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-21 12:33 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-21 12:33 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-21 12:33 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-21 12:33 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-21 12:33 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-21 12:33 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-21 12:33 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-21 12:33 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-21 12:33 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-21 12:33 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-21 12:33 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-21 12:33 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-21 12:33 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-21 12:33 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-21 12:33 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-21 12:33 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-21 12:33 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-21 12:33 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-21 12:33 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-21 12:33 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-21 12:33 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-21 12:33 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-21 12:27 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-21 12:27 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-21 12:27 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-21 12:27 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-21 12:27 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-21 12:27 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-21 12:27 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-21 12:27 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-21 12:27 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-21 12:27 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-21 12:27 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-21 12:27 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-21 12:27 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-21 12:27 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-21 12:27 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-21 12:27 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-21 12:27 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-21 12:27 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-21 12:27 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-21 12:27 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-21 12:27 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-21 12:27 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-21 12:27 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-21 12:27 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-21 12:27 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-21 12:27 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-21 12:27 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-21 12:27 - 2013-04-17 09:02 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-09-21 12:27 - 2013-04-17 08:24 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-09-21 12:25 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-09-21 12:25 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-09-20 20:56 - 2013-09-24 12:56 - 00000304 _____ C:\Windows\Tasks\UpdaterEX.job
2013-09-20 20:56 - 2013-09-20 20:56 - 00003256 _____ C:\Windows\System32\Tasks\UpdaterEX
2013-09-20 20:55 - 2013-09-20 20:55 - 00003406 _____ C:\Windows\System32\Tasks\EPUpdater
2013-09-20 20:55 - 2013-09-20 20:55 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\UpdaterEX
2013-09-20 20:55 - 2013-09-20 20:55 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\Babylon
2013-09-20 20:55 - 2013-09-20 20:55 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\BabSolution
2013-09-20 20:55 - 2013-09-20 20:55 - 00000000 ____D C:\ProgramData\DSearchLink
2013-09-20 20:55 - 2013-09-20 20:55 - 00000000 ____D C:\ProgramData\Babylon
2013-09-20 20:55 - 2013-09-20 20:55 - 00000000 ____D C:\Program Files (x86)\Delta
2013-09-20 20:39 - 2013-09-20 20:39 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kirchner\Downloads\revosetup95.exe
2013-09-20 20:39 - 2013-09-20 20:39 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-09-18 19:43 - 2013-09-18 19:43 - 00064104 _____ C:\Users\Kirchner\Downloads\FRST.txt
2013-09-18 19:39 - 2013-09-18 19:39 - 00891144 _____ C:\Users\Kirchner\Downloads\SecurityCheck.exe
2013-09-18 17:23 - 2013-09-18 17:23 - 02347384 _____ (ESET) C:\Users\Kirchner\Downloads\esetsmartinstaller_enu.exe
2013-09-18 11:53 - 2013-09-18 11:53 - 00000000 ____D C:\Windows\ERUNT
2013-09-18 11:52 - 2013-09-18 11:52 - 01029675 _____ (Thisisu) C:\Users\Kirchner\Downloads\JRT.exe
2013-09-18 11:14 - 2013-09-18 11:14 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\Malwarebytes
2013-09-18 11:13 - 2013-09-18 11:13 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Kirchner\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-18 11:13 - 2013-09-18 11:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-18 11:13 - 2013-09-18 11:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-18 11:13 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-17 19:29 - 2013-09-17 19:30 - 00021634 _____ C:\Users\Kirchner\Downloads\Addition.txt
2013-09-17 19:28 - 2013-09-17 19:28 - 00000000 ____D C:\FRST
2013-09-17 12:47 - 2013-09-18 11:45 - 00000000 ____D C:\AdwCleaner
2013-09-17 12:10 - 2013-09-17 12:10 - 00003118 _____ C:\Windows\System32\Tasks\Advanced System Protector_startup
2013-09-17 12:10 - 2012-07-25 12:03 - 00016896 _____ C:\Windows\system32\sasnative64.exe
2013-09-17 12:09 - 2013-09-17 12:09 - 00003338 _____ C:\Windows\System32\Tasks\Advanced System Protector
2013-09-17 12:09 - 2013-09-17 12:09 - 00003108 _____ C:\Windows\System32\Tasks\RegClean Pro
2013-09-17 12:08 - 2013-09-17 12:08 - 00700783 ____R (Swearware) C:\Users\Kirchner\Downloads\dds+.exe
2013-09-17 12:06 - 2013-09-17 12:06 - 01039554 _____ C:\Users\Kirchner\Downloads\adwcleaner.exe
2013-09-15 19:16 - 2013-09-15 19:16 - 00000048 _____ C:\Windows\E44A3432AF7A7E8E.log
2013-09-15 19:01 - 2013-09-15 19:01 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-09-15 19:01 - 2013-09-15 19:01 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\TuneUp Software
2013-09-15 19:01 - 2013-09-15 19:01 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-09-15 19:00 - 2013-09-15 19:00 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\Canneverbe Limited
2013-09-15 19:00 - 2013-09-15 19:00 - 00000000 ____D C:\ProgramData\Canneverbe Limited
2013-09-15 18:53 - 2013-09-24 19:41 - 00001302 _____ C:\Windows\Tasks\LyriXeeker-1-updater.job
2013-09-15 18:53 - 2013-09-24 19:41 - 00001206 _____ C:\Windows\Tasks\LyriXeeker-1-codedownloader.job
2013-09-15 18:53 - 2013-09-24 19:41 - 00001106 _____ C:\Windows\Tasks\LyriXeeker-1-enabler.job
2013-09-15 18:53 - 2013-09-20 20:56 - 00004332 _____ C:\Windows\System32\Tasks\LyriXeeker-1-updater
2013-09-15 18:53 - 2013-09-20 20:56 - 00004136 _____ C:\Windows\System32\Tasks\LyriXeeker-1-enabler
2013-09-15 18:53 - 2013-09-20 20:55 - 00004236 _____ C:\Windows\System32\Tasks\LyriXeeker-1-codedownloader
2013-09-15 18:51 - 2013-09-24 19:41 - 00001840 _____ C:\Windows\Tasks\LyriXeeker-1-firefoxinstaller.job
2013-09-15 18:51 - 2013-09-15 18:53 - 00000000 ____D C:\Program Files (x86)\LyriXeeker-1
2013-09-15 18:49 - 2013-09-15 18:49 - 00000085 ___SH C:\ProgramData\.zreglib
2013-09-09 20:24 - 2013-09-09 20:24 - 96772628 _____ C:\Windows\SysWOW64\⥁꿴œ
2013-09-03 22:26 - 2013-09-03 22:26 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-09-03 22:26 - 2013-09-03 22:26 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-09-03 22:26 - 2013-09-03 22:26 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-09-03 22:26 - 2013-09-03 22:26 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-09-03 22:26 - 2013-09-03 22:26 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-09-03 22:26 - 2013-09-03 22:26 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-09-03 22:26 - 2013-09-03 22:26 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-09-03 22:26 - 2013-09-03 22:26 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-09-03 22:26 - 2013-09-03 22:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-09-03 22:24 - 2013-09-03 22:24 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-09-03 22:21 - 2013-09-03 22:30 - 00011966 _____ C:\Windows\IE10_main.log

==================== One Month Modified Files and Folders =======

2013-09-24 19:49 - 2013-09-24 19:49 - 01955802 _____ (Farbar) C:\Users\Kirchner\Desktop\FRST64.exe
2013-09-24 19:49 - 2009-07-14 06:45 - 00009712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-24 19:49 - 2009-07-14 06:45 - 00009712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-24 19:44 - 2011-03-10 06:29 - 01387950 _____ C:\Windows\WindowsUpdate.log
2013-09-24 19:42 - 2013-09-24 19:42 - 97540783 _____ C:\Windows\SysWOW64\눜䉝¡
2013-09-24 19:41 - 2013-09-15 18:53 - 00001302 _____ C:\Windows\Tasks\LyriXeeker-1-updater.job
2013-09-24 19:41 - 2013-09-15 18:53 - 00001206 _____ C:\Windows\Tasks\LyriXeeker-1-codedownloader.job
2013-09-24 19:41 - 2013-09-15 18:53 - 00001106 _____ C:\Windows\Tasks\LyriXeeker-1-enabler.job
2013-09-24 19:41 - 2013-09-15 18:51 - 00001840 _____ C:\Windows\Tasks\LyriXeeker-1-firefoxinstaller.job
2013-09-24 19:41 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-24 19:41 - 2009-07-14 06:51 - 00149527 _____ C:\Windows\setupact.log
2013-09-24 12:56 - 2013-09-20 20:56 - 00000304 _____ C:\Windows\Tasks\UpdaterEX.job
2013-09-24 12:15 - 2011-08-12 11:48 - 00000000 ____D C:\Users\Kirchner\AppData\Local\FreePDF_XP
2013-09-24 12:13 - 2011-08-12 11:38 - 00000546 _____ C:\Windows\WT61DE.UWL
2013-09-24 09:48 - 2011-03-10 15:20 - 00656294 _____ C:\Windows\system32\perfh007.dat
2013-09-24 09:48 - 2011-03-10 15:20 - 00130894 _____ C:\Windows\system32\perfc007.dat
2013-09-24 09:48 - 2009-07-14 07:13 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-23 16:04 - 2013-09-24 10:41 - 351174656 _____ C:\Users\Kirchner\Desktop\KE11.db
2013-09-23 13:10 - 2011-07-07 11:54 - 00000057 _____ C:\Windows\iltwain.ini
2013-09-22 22:29 - 2013-09-22 22:29 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-22 22:29 - 2013-09-22 22:29 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-22 22:28 - 2013-03-05 10:14 - 00000000 ____D C:\Users\Kirchner\AppData\Local\Adobe
2013-09-21 14:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-21 13:30 - 2012-04-29 17:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-21 13:13 - 2013-09-21 13:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-21 13:08 - 2013-09-21 13:08 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-09-21 13:08 - 2013-09-21 13:07 - 00000000 ____D C:\Program Files (x86)\WinRAR
2013-09-21 13:07 - 2013-09-21 13:07 - 01766784 _____ C:\Users\Kirchner\Downloads\wrar500.exe
2013-09-21 13:03 - 2011-06-28 10:50 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\Mozilla
2013-09-21 13:00 - 2011-06-28 10:45 - 00000000 ___RD C:\Users\Kirchner\Virtual Machines
2013-09-21 13:00 - 2011-06-28 10:45 - 00000000 ___RD C:\Users\Kirchner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-21 13:00 - 2011-06-28 10:45 - 00000000 ___RD C:\Users\Kirchner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-21 12:57 - 2009-07-14 06:45 - 00365744 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-21 12:33 - 2013-08-16 13:33 - 00000000 ____D C:\Windows\system32\MRT
2013-09-21 12:31 - 2011-06-28 11:55 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-21 12:14 - 2011-03-10 06:25 - 00051198 _____ C:\Windows\PFRO.log
2013-09-20 20:56 - 2013-09-20 20:56 - 00003256 _____ C:\Windows\System32\Tasks\UpdaterEX
2013-09-20 20:56 - 2013-09-15 18:53 - 00004332 _____ C:\Windows\System32\Tasks\LyriXeeker-1-updater
2013-09-20 20:56 - 2013-09-15 18:53 - 00004136 _____ C:\Windows\System32\Tasks\LyriXeeker-1-enabler
2013-09-20 20:55 - 2013-09-20 20:55 - 00003406 _____ C:\Windows\System32\Tasks\EPUpdater
2013-09-20 20:55 - 2013-09-20 20:55 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\UpdaterEX
2013-09-20 20:55 - 2013-09-20 20:55 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\Babylon
2013-09-20 20:55 - 2013-09-20 20:55 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\BabSolution
2013-09-20 20:55 - 2013-09-20 20:55 - 00000000 ____D C:\ProgramData\DSearchLink
2013-09-20 20:55 - 2013-09-20 20:55 - 00000000 ____D C:\ProgramData\Babylon
2013-09-20 20:55 - 2013-09-20 20:55 - 00000000 ____D C:\Program Files (x86)\Delta
2013-09-20 20:55 - 2013-09-15 18:53 - 00004236 _____ C:\Windows\System32\Tasks\LyriXeeker-1-codedownloader
2013-09-20 20:39 - 2013-09-20 20:39 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kirchner\Downloads\revosetup95.exe
2013-09-20 20:39 - 2013-09-20 20:39 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-09-18 23:06 - 2012-11-11 13:33 - 00000000 ____D C:\ProgramData\Adobe
2013-09-18 23:06 - 2011-03-08 11:30 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-09-18 23:04 - 2013-03-05 14:06 - 00000000 ____D C:\Users\Kirchner\Documents\Schriftverkehr 2013
2013-09-18 19:47 - 2011-06-28 10:50 - 00000000 ____D C:\Users\Kirchner\AppData\Local\Mozilla
2013-09-18 19:43 - 2013-09-18 19:43 - 00064104 _____ C:\Users\Kirchner\Downloads\FRST.txt
2013-09-18 19:39 - 2013-09-18 19:39 - 00891144 _____ C:\Users\Kirchner\Downloads\SecurityCheck.exe
2013-09-18 18:12 - 2013-02-14 20:20 - 00001094 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-09-18 17:23 - 2013-09-18 17:23 - 02347384 _____ (ESET) C:\Users\Kirchner\Downloads\esetsmartinstaller_enu.exe
2013-09-18 11:53 - 2013-09-18 11:53 - 00000000 ____D C:\Windows\ERUNT
2013-09-18 11:52 - 2013-09-18 11:52 - 01029675 _____ (Thisisu) C:\Users\Kirchner\Downloads\JRT.exe
2013-09-18 11:45 - 2013-09-17 12:47 - 00000000 ____D C:\AdwCleaner
2013-09-18 11:14 - 2013-09-18 11:14 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\Malwarebytes
2013-09-18 11:13 - 2013-09-18 11:13 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Kirchner\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-18 11:13 - 2013-09-18 11:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-18 11:13 - 2013-09-18 11:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-17 19:30 - 2013-09-17 19:29 - 00021634 _____ C:\Users\Kirchner\Downloads\Addition.txt
2013-09-17 19:28 - 2013-09-17 19:28 - 00000000 ____D C:\FRST
2013-09-17 12:10 - 2013-09-17 12:10 - 00003118 _____ C:\Windows\System32\Tasks\Advanced System Protector_startup
2013-09-17 12:10 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-09-17 12:09 - 2013-09-17 12:09 - 00003338 _____ C:\Windows\System32\Tasks\Advanced System Protector
2013-09-17 12:09 - 2013-09-17 12:09 - 00003108 _____ C:\Windows\System32\Tasks\RegClean Pro
2013-09-17 12:09 - 2011-06-28 11:07 - 00000000 ____D C:\Users\Kirchner\Documents\Deckblätter
2013-09-17 12:08 - 2013-09-17 12:08 - 00700783 ____R (Swearware) C:\Users\Kirchner\Downloads\dds+.exe
2013-09-17 12:06 - 2013-09-17 12:06 - 01039554 _____ C:\Users\Kirchner\Downloads\adwcleaner.exe
2013-09-17 12:06 - 2011-07-15 17:18 - 00000000 ____D C:\Program Files (x86)\Java
2013-09-15 20:29 - 2013-07-20 20:51 - 00000000 ____D C:\ProgramData\hps
2013-09-15 20:27 - 2013-07-20 20:51 - 00000000 ____D C:\ProgramData\tmp
2013-09-15 19:16 - 2013-09-15 19:16 - 00000048 _____ C:\Windows\E44A3432AF7A7E8E.log
2013-09-15 19:01 - 2013-09-15 19:01 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-09-15 19:01 - 2013-09-15 19:01 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\TuneUp Software
2013-09-15 19:01 - 2013-09-15 19:01 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-09-15 19:00 - 2013-09-15 19:00 - 00000000 ____D C:\Users\Kirchner\AppData\Roaming\Canneverbe Limited
2013-09-15 19:00 - 2013-09-15 19:00 - 00000000 ____D C:\ProgramData\Canneverbe Limited
2013-09-15 18:53 - 2013-09-15 18:51 - 00000000 ____D C:\Program Files (x86)\LyriXeeker-1
2013-09-15 18:49 - 2013-09-15 18:49 - 00000085 ___SH C:\ProgramData\.zreglib
2013-09-09 20:31 - 2012-02-13 20:45 - 00000000 ____D C:\Users\Kirchner\Documents\Rechnungen
2013-09-09 20:24 - 2013-09-09 20:24 - 96772628 _____ C:\Windows\SysWOW64\⥁꿴œ
2013-09-06 21:42 - 2013-08-04 14:20 - 00200192 _____ C:\Users\Kirchner\Documents\Kassenbericht 2013.xls
2013-09-04 11:08 - 2011-06-28 11:07 - 00000000 ____D C:\Users\Kirchner\Documents\Monatsabrechungen Gutachten
2013-09-03 22:37 - 2011-06-28 10:45 - 00001425 _____ C:\Users\Kirchner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-03 22:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-09-03 22:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-09-03 22:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\zh-HK
2013-09-03 22:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\tr-TR
2013-09-03 22:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-09-03 22:30 - 2013-09-03 22:21 - 00011966 _____ C:\Windows\IE10_main.log
2013-09-03 22:26 - 2013-09-03 22:26 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-09-03 22:26 - 2013-09-03 22:26 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-09-03 22:26 - 2013-09-03 22:26 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-09-03 22:26 - 2013-09-03 22:26 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-09-03 22:26 - 2013-09-03 22:26 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-09-03 22:26 - 2013-09-03 22:26 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-09-03 22:26 - 2013-09-03 22:26 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-09-03 22:26 - 2013-09-03 22:26 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-09-03 22:26 - 2013-09-03 22:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-09-03 22:26 - 2013-09-03 22:26 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-09-03 22:26 - 2013-09-03 22:26 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-09-03 22:24 - 2013-09-03 22:24 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-09-03 22:24 - 2013-09-03 22:24 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-09-02 14:36 - 2013-08-05 19:57 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-09-02 14:36 - 2013-08-05 19:56 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-02 14:36 - 2013-08-05 19:56 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-08-28 19:03 - 2011-06-28 11:08 - 00000000 ____D C:\Users\Kirchner\Documents\Schwacke

Some content of TEMP:
====================
C:\Users\Kirchner\AppData\Local\Temp\APNStub.exe
C:\Users\Kirchner\AppData\Local\Temp\AskSLib.dll
C:\Users\Kirchner\AppData\Local\Temp\BackupSetup.exe
C:\Users\Kirchner\AppData\Local\Temp\COMAP.EXE
C:\Users\Kirchner\AppData\Local\Temp\firefoxjre_exe.exe
C:\Users\Kirchner\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\Kirchner\AppData\Local\Temp\fp_pl_pfs_installer-2.exe
C:\Users\Kirchner\AppData\Local\Temp\fp_pl_pfs_installer-3.exe
C:\Users\Kirchner\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Kirchner\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Kirchner\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Kirchner\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Kirchner\AppData\Local\Temp\MSNAD50.exe
C:\Users\Kirchner\AppData\Local\Temp\Quarantine.exe
C:\Users\Kirchner\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\Kirchner\AppData\Local\Temp\uninst1.exe
C:\Users\Kirchner\AppData\Local\Temp\uuhavfp4.dll
C:\Users\Kirchner\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Kirchner\AppData\Local\Temp\vlc-2.0.2-win32.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-21 14:48

==================== End Of Log ============================
--- --- ---


Alle Zeitangaben in WEZ +1. Es ist jetzt 11:12 Uhr.
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19