Trojaner-Board - TR/Dropper.Gen und TR/Crypt.XPack.Gen ( Dateien verschwunden )

Seite 1 von 3

100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)

- Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)

- - TR/Dropper.Gen und TR/Crypt.XPack.Gen ( Dateien verschwunden ) (https://www.trojaner-board.de/144474-tr-dropper-gen-tr-crypt-xpack-gen-dateien-verschwunden.html)

xrcd73

12.11.2013 22:00

TR/Dropper.Gen und TR/Crypt.XPack.Gen ( Dateien verschwunden )

Hallo liebe Helfer.Es fing an mit der Meldung,sie müssen qtcore4.dll installieren ihr System geht sonst nicht.Dann verschwanden sämtliche Dateien 1000 Fotos,Musik,Videos,Dokumente und Ordner im Outlook.Benutzerkontensteuerung und Outlook defekt.Immer wieder die Meldung sie sind nicht berechtigt oder die Datei ist uns nicht bekannt.Für mich wäre in erster Linie unsere Fotos .Ordner im Outlook und Dokumente sehr wichtig alles andere wäre zweitrangig,da keine Kopie.Bin auf jeden Fall bei Erfolg für eure Arbeit für eine Spende bereit,versprochen.

schrauber

12.11.2013 23:34

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

xrcd73

13.11.2013 02:21

Zitat:

Zitat von schrauber (Beitrag 1192639)

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-11-2013 01

Ran by KH (administrator) on KH-PC on 12-11-2013 18:02:13

Running from D:\Users\KH\Desktop

Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard

Internet Explorer Version 10

Boot Mode: Normal
 

==================== Processes (Whitelisted) ===================
 

(NVIDIA Corporation) D:\Windows\system32\nvvsvc.exe

(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Microsoft Corporation) D:\Program Files\Microsoft Security Client\MsMpEng.exe

(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) D:\Windows\system32\nvvsvc.exe

(Avira Operations GmbH & Co. KG) D:\Program Files\Avira\AntiVir Desktop\sched.exe

(Systweak Software, (www.systweak.com)) D:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe

(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

() D:\Users\KH\AppData\Roaming\okitspace\protect\PluginProtect.exe

(LG Electronics) D:\Program Files\LG Software\On Screen Display\HotKey.exe

(Intel Corporation) D:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

(Realtek Semiconductor) D:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

(shbox.de) D:\Program Files\FreePDF_XP\fpassist.exe

(Microsoft Corporation) D:\Program Files\Microsoft Security Client\msseces.exe

(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Avira Operations GmbH & Co. KG) D:\Program Files\Avira\AntiVir Desktop\avgnt.exe

() D:\Users\KH\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe

(TuneUp Software) D:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe

() D:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe

(Microsoft Corp.) D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Intel Corporation) D:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

(TuneUp Software) D:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe

(Microsoft Corp.) D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Avira Operations GmbH & Co. KG) D:\Program Files\Avira\AntiVir Desktop\avmailc7.exe

(Avira Operations GmbH & Co. KG) D:\Program Files\Avira\AntiVir Desktop\avwebg7.exe

(Microsoft Corporation) D:\Program Files\Microsoft Security Client\NisSrv.exe

(Microsoft Corporation) D:\Program Files\Internet Explorer\iexplore.exe

(Avira Operations GmbH & Co. KG) D:\Program Files\Avira\AntiVir Desktop\avguard.exe

(Microsoft Corporation) D:\Program Files\Internet Explorer\iexplore.exe

(Avira Operations GmbH & Co. KG) D:\Program Files\Avira\AntiVir Desktop\avshadow.exe

(Nero AG) D:\Program Files\Nero\Update\NASvc.exe
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [KeybdUtility] - D:\Program Files\LG Software\On Screen Display\HotKey.exe [2655800 2007-04-10] (LG Electronics)

HKLM\...\Run: [IAAnotif] - D:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904 2009-06-04] (Intel Corporation)

HKLM\...\Run: [IaNvSrv] - D:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe [33304 2009-07-13] (Intel Corporation)

HKLM\...\Run: [RtHDVCpl] - D:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7772704 2009-10-06] (Realtek Semiconductor)

HKLM\...\Run: [FreePDF Assistant] - D:\Program Files\FreePDF_XP\fpassist.exe [385024 2009-09-05] (shbox.de)

HKLM\...\Run: [MSC] - D:\Program Files\Microsoft Security Client\msseces.exe [995176 2013-08-12] (Microsoft Corporation)

HKLM\...\Run: [Nvtmru] - D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-11-08] (NVIDIA Corporation)

HKLM\...\Run: [ShadowPlay] - D:\Windows\system32\rundll32.exe D:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [mobilegeni daemon] - D:\Program Files\Mobogenie\DaemonProcess.exe [735936 2013-10-08] ()

HKLM\...\Run: [avgnt] - D:\Program Files\Avira\AntiVir Desktop\avgnt.exe [681032 2013-11-10] (Avira Operations GmbH & Co. KG)

HKCU\...\Run: [AmazonMP3DownloaderHelper] - D:\Users\KH\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()

HKCU\...\Run: [iMesh] - D:\Program Files\iMesh Applications\iMesh\iMesh.exe [31012720 2013-11-03] (iMesh, Inc)

HKCU\...\Policies\Explorer: [NoCDBurning] 0

BootExecute: 
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=DE&userid=2a3a8c5d-55aa-0fb2-2bdd-a24772781652&searchtype=ds&q={searchTerms}&installDate=08/11/2013

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5386F3198455CA01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=DE&userid=2a3a8c5d-55aa-0fb2-2bdd-a24772781652&searchtype=ds&q={searchTerms}&installDate=08/11/2013

URLSearchHook: HKLM - (No Name) - {5786d022-540e-4699-b350-b4be0ae94b79} -  No File

SearchScopes: HKLM - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=DE&userid=2a3a8c5d-55aa-0fb2-2bdd-a24772781652&searchtype=ds&q={searchTerms}&installDate=08/11/2013

SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=DE&userid=2a3a8c5d-55aa-0fb2-2bdd-a24772781652&searchtype=ds&q={searchTerms}&installDate=08/11/2013

SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=DE&userid=2a3a8c5d-55aa-0fb2-2bdd-a24772781652&searchtype=ds&q={searchTerms}&installDate=08/11/2013

SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=DE&userid=2a3a8c5d-55aa-0fb2-2bdd-a24772781652&searchtype=ds&q={searchTerms}&installDate=08/11/2013

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: OKitSpace - {3543619C-D563-43f7-95EA-4DA7E1CC396A} - D:\Users\KH\AppData\Roaming\okitspace\IE\OkitSpace.dll ()

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO: AlxHelper Class - {F443A627-5009-4323-9C1D-7FD598D0D712} - D:\Program Files\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com)

Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File

Toolbar: HKLM - Amazon Browser Bar - {EA582743-9076-4178-9AA6-7393FDF4D5CE} - D:\Program Files\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com)

Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  No File

Toolbar: HKCU - No Name - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} -  No File

Toolbar: HKCU - No Name - {213C8ED6-1D78-4D8F-8729-25006AA86A76} -  No File

Toolbar: HKCU - No Name - {5786D022-540E-4699-B350-B4BE0AE94B79} -  No File

DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

Chrome: 

=======

Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION

CHR Extension: (CoolPic) - D:\Users\KH\AppData\Local\Google\Chrome\User Data\Default\Extensions\blcefchbfgmakifmejncnbognjoadloc\2.0.0.429_0

CHR Extension: () - D:\Users\KH\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb\2.2.0.4_0

CHR HKLM\...\Chrome\Extension: [hifnddafpdkmjljallgdlkjiiieidmec] - D:\Users\KH\AppData\Roaming\okitSpace\Chrome\OKitSpace.crx

CHR HKLM\...\Chrome\Extension: [iidmoehhpbghchkaogkhmcckhlhebekn] - D:\Program Files\iRobinHood\iRobinHood Addon\iRobinHoodPartnersVExtension1_58.crx
 

========================== Services (Whitelisted) =================
 

R2 AntiVirMailService; D:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [972872 2013-11-10] (Avira Operations GmbH & Co. KG)

R2 AntiVirSchedulerService; D:\Program Files\Avira\AntiVir Desktop\sched.exe [440392 2013-11-10] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; D:\Program Files\Avira\AntiVir Desktop\avguard.exe [440392 2013-11-10] (Avira Operations GmbH & Co. KG)

R2 AntiVirWebService; D:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1164360 2013-11-10] (Avira Operations GmbH & Co. KG)

R2 ASO3DiskOptimizer; D:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe [241448 2013-09-18] (Systweak Software, (www.systweak.com))

R2 MsMpSvc; D:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-08-12] (Microsoft Corporation)

R2 NAUpdate; D:\Program Files\Nero\Update\NASvc.exe [762192 2013-07-18] (Nero AG)

R3 NisSrv; D:\Program Files\Microsoft Security Client\NisSrv.exe [295376 2013-08-12] (Microsoft Corporation)

R2 NvStreamSvc; D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14652704 2013-11-08] (NVIDIA Corporation)

R2 srvPlgProtect; D:\Users\KH\AppData\Roaming\okitspace\protect\PluginProtect.exe [53760 2013-11-04] ()

R2 TuneUp.UtilitiesSvc; D:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1739576 2013-10-12] (TuneUp Software)

R2 Updater Service for AMZN; D:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe [222368 2013-03-21] ()
 

==================== Drivers (Whitelisted) ====================
 

S3 61883; D:\Windows\System32\DRIVERS\61883.sys [46976 2009-07-14] (Microsoft Corporation)

R2 avgntflt; D:\Windows\System32\DRIVERS\avgntflt.sys [89376 2013-11-10] (Avira Operations GmbH & Co. KG)

R1 avipbb; D:\Windows\System32\DRIVERS\avipbb.sys [137208 2013-11-10] (Avira Operations GmbH & Co. KG)

R1 avkmgr; D:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-10] (Avira Operations GmbH & Co. KG)

R2 avnetflt; D:\Windows\System32\DRIVERS\avnetflt.sys [67680 2013-11-10] (Avira Operations GmbH & Co. KG)

R3 btmhsf; D:\Windows\System32\DRIVERS\btmhsf.sys [225280 2011-07-19] (Intel Corporation)

R3 iBtFltCoex; D:\Windows\System32\DRIVERS\iBtFltCoex.sys [47104 2011-07-20] (Intel Corporation)

R0 MpFilter; D:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation)

S3 NuidFltr; D:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)

R3 nvvad_WaveExtensible; D:\Windows\System32\drivers\nvvad32v.sys [33568 2013-09-28] (NVIDIA Corporation)

R1 ssmdrv; D:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-11-10] (Avira GmbH)

R3 TuneUpUtilitiesDrv; D:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [12320 2013-09-18] (TuneUp Software)

S3 efipsk; \??\D:\Users\KH\AppData\Local\Temp\efipsk.sys [x]

S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [x]

U5 VWiFiFlt; D:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-11-12 18:01 - 2013-11-12 18:01 - 00000000 ____D D:\FRST

2013-11-12 17:58 - 2013-11-12 17:59 - 01090275 _____ (Farbar) D:\Users\KH\Desktop\FRST.exe

2013-11-12 17:54 - 2013-11-12 17:57 - 00000466 _____ D:\Users\KH\Desktop\defogger_disable.log

2013-11-12 17:54 - 2013-11-12 17:54 - 00000000 _____ D:\Users\KH\defogger_reenable

2013-11-12 17:53 - 2013-11-12 17:53 - 00050477 _____ D:\Users\KH\Desktop\Defogger.exe

2013-11-12 17:48 - 2013-11-12 17:48 - 00000000 ____D D:\Users\KH\Documents\My Received Files

2013-11-12 17:48 - 2013-11-12 17:48 - 00000000 ____D D:\Users\KH\AppData\Roaming\MusicNet

2013-11-12 17:38 - 2013-11-12 17:38 - 00001152 _____ D:\Users\KH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iMesh.lnk

2013-11-12 17:37 - 2013-11-12 17:48 - 00000000 ____D D:\Users\KH\AppData\Local\iMesh

2013-11-12 17:37 - 2013-11-12 17:37 - 00000000 ____D D:\Program Files\iMesh Applications

2013-11-12 16:38 - 2013-11-12 16:38 - 00000000 ____D D:\Users\KH\AppData\Local\NVIDIA Corporation

2013-11-10 19:16 - 2013-11-10 19:16 - 00000000 ____D D:\Users\KH\AppData\Roaming\Avira

2013-11-10 19:15 - 2013-11-10 19:15 - 00002022 _____ D:\Users\Public\Desktop\Avira Control Center.lnk

2013-11-10 19:15 - 2013-11-10 19:15 - 00000000 ____D D:\Program Files\Avira

2013-11-10 19:15 - 2013-11-10 19:09 - 00137208 _____ (Avira Operations GmbH & Co. KG) D:\Windows\system32\Drivers\avipbb.sys

2013-11-10 19:15 - 2013-11-10 19:09 - 00089376 _____ (Avira Operations GmbH & Co. KG) D:\Windows\system32\Drivers\avgntflt.sys

2013-11-10 19:15 - 2013-11-10 19:09 - 00067680 _____ (Avira Operations GmbH & Co. KG) D:\Windows\system32\Drivers\avnetflt.sys

2013-11-10 19:15 - 2013-11-10 19:09 - 00037352 _____ (Avira Operations GmbH & Co. KG) D:\Windows\system32\Drivers\avkmgr.sys

2013-11-10 19:15 - 2013-11-10 19:09 - 00028520 _____ (Avira GmbH) D:\Windows\system32\Drivers\ssmdrv.sys

2013-11-10 19:06 - 2013-11-10 19:06 - 02296760 _____ D:\Users\KH\Desktop\avira_internet_security_suite.exe

2013-11-10 16:48 - 2013-11-10 16:48 - 01050624 _____ D:\Users\KH\Desktop\MicrosoftFixit50511.msi

2013-11-10 16:41 - 2013-11-10 16:41 - 00000862 _____ D:\Users\KH\Desktop\Microsoft Office Outlook 2007.zip

2013-11-10 12:53 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 13120

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\Program Files\LucasArts

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 69534

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 69500

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 69268

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 66797

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 44421

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 43696

2013-11-10 12:50 - 2013-11-10 12:50 - 00000000 ____D D:\Program Files\Common Files\ParetoLogic

2013-11-10 12:50 - 2013-11-10 12:50 - 00000000 ____D D:\MFT 69327

2013-11-10 12:50 - 2013-11-10 12:50 - 00000000 ____D D:\MFT 43589

2013-11-10 12:49 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 69599

2013-11-10 12:49 - 2013-11-10 12:49 - 00000000 ____D D:\MFT 69537

2013-11-10 12:47 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84970

2013-11-10 12:47 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84925

2013-11-10 12:47 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84808

2013-11-10 12:47 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84152

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 99805

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 95531

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 95075

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 37463

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 2218

2013-11-10 12:44 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84847

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 99176

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 86563

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 84869

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 84110

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 48829

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 46649

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 44695

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 44585

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 44296

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 43434

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 37293

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 29708

2013-11-10 12:42 - 2013-11-10 12:42 - 00000000 ____D D:\MFT 69430

2013-11-10 12:39 - 2013-11-10 12:39 - 00000000 ____D D:\MFT 89457

2013-11-10 12:01 - 2013-11-10 12:01 - 00000000 ____D D:\Users\KH\AppData\Local\Avg2014

2013-11-10 10:57 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 85569

2013-11-10 10:57 - 2013-11-10 10:57 - 00000000 ____D D:\MFT 67386

2013-11-10 10:56 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 85251

2013-11-10 10:56 - 2013-11-10 10:56 - 00000000 ____D D:\MFT 37475

2013-11-10 10:55 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 85443

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 69652

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 69649

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 68594

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 67382

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 66129

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 619

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 47937

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 47931

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 47927

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 21752

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 18213

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 16634

2013-11-10 10:53 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 50434

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 9626

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 69244

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 69059

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 69052

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 68604

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 48730

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 48085

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 43046

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 140

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 10193

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69647

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69626

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69401

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69235

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69064

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69050

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69048

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69041

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 68597

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 68580

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 67403

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 67401

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 67399

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66478

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66472

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66457

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66135

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 28750

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 17744

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 15327

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 15276

2013-11-10 10:43 - 2013-11-10 12:50 - 00000000 ____D D:\MFT 69603

2013-11-10 10:43 - 2013-11-10 12:49 - 00000000 ____D D:\MFT 69491

2013-11-10 10:43 - 2013-11-10 12:49 - 00000000 ____D D:\MFT 69345

2013-11-10 10:43 - 2013-11-10 10:43 - 00000000 ____D D:\MFT 99757

2013-11-10 10:43 - 2013-11-10 10:43 - 00000000 ____D D:\MFT 99544

2013-11-10 10:28 - 2013-11-10 10:28 - 00000000 ____D D:\MFT 17617

2013-11-10 10:28 - 2013-11-10 10:28 - 00000000 ____D D:\MFT 15395

2013-11-10 10:18 - 2013-11-10 10:18 - 00000000 ____D D:\MFT 98455

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 77143

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 64491

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 63646

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 46360

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 45729

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 45723

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 2658

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 16514

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 99960

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 98476

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 6992

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 43812

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 261

2013-11-10 10:03 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 25091

2013-11-10 10:03 - 2013-11-10 12:48 - 00000000 ____D D:\MFT 40319

2013-11-10 10:03 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66778

2013-11-10 10:03 - 2013-11-10 10:03 - 00000000 ____D D:\MFT 71952

2013-11-10 10:03 - 2013-11-10 10:03 - 00000000 ____D D:\MFT 37473

2013-11-10 09:59 - 2013-11-10 20:31 - 00000000 ____D D:\MFT 63654

2013-11-10 09:59 - 2013-11-10 12:54 - 00000000 ____D D:\MFT 66742

2013-11-10 09:59 - 2013-11-10 12:54 - 00000000 ____D D:\MFT 29672

2013-11-10 09:59 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 84023

2013-11-10 09:59 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 83015

2013-11-10 09:59 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 69451

2013-11-10 09:59 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 69419

2013-11-10 09:59 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 63545

2013-11-10 09:59 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 35760

2013-11-10 09:59 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 65588

2013-11-10 09:59 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 47206

2013-11-10 09:59 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 41339

2013-11-10 09:59 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 27310

2013-11-10 09:59 - 2013-11-10 12:50 - 00000000 ____D D:\MFT 63505

2013-11-10 09:59 - 2013-11-10 12:50 - 00000000 ____D D:\MFT 60957

2013-11-10 09:59 - 2013-11-10 12:48 - 00000000 ____D D:\MFT 49115

2013-11-10 09:59 - 2013-11-10 12:48 - 00000000 ____D D:\MFT 48863

2013-11-10 09:59 - 2013-11-10 12:48 - 00000000 ____D D:\MFT 48501

2013-11-10 09:59 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 82784

2013-11-10 09:59 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 85663

2013-11-10 09:59 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 84838

2013-11-10 09:59 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 83029

2013-11-10 09:59 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 5659

2013-11-10 09:59 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 2519

2013-11-10 09:59 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 86951

2013-11-10 09:59 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 86507

2013-11-10 09:59 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 85679

2013-11-10 09:59 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 85448

2013-11-10 09:59 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 85011

2013-11-10 09:59 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 84088

2013-11-10 09:59 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 5821

2013-11-10 09:59 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 16537

2013-11-10 09:59 - 2013-11-10 12:43 - 00000000 ____D D:\MFT 48806

2013-11-10 09:59 - 2013-11-10 12:43 - 00000000 ____D D:\MFT 39942

2013-11-10 09:59 - 2013-11-10 12:43 - 00000000 ____D D:\MFT 29270

2013-11-10 09:59 - 2013-11-10 10:55 - 00000000 ____D D:\MFT 84701

2013-11-10 09:59 - 2013-11-10 10:55 - 00000000 ____D D:\MFT 49432

2013-11-10 09:59 - 2013-11-10 10:55 - 00000000 ____D D:\MFT 48844

2013-11-10 09:59 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 84233

2013-11-10 09:59 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 71072

2013-11-10 09:59 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 66932

2013-11-10 09:59 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 72750

2013-11-10 09:59 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 72099

2013-11-10 09:59 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 71615

2013-11-10 09:59 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 65795

2013-11-10 09:59 - 2013-11-10 10:33 - 00000000 ____D D:\MFT 99781

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\Users\kh_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\Program Files\ParetoLogic

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\NVIDIA

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 96635

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 87506

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 86926

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 86337

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85766

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85024

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84860

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84812

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84207

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 83366

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 83365

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 82568

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 82545

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 77570

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 77564

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 72209

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 72006

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 60821

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 5768

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 57550

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 52432

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 49035

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 48736

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 34301

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 21750

2013-11-10 09:57 - 2013-11-10 13:23 - 00000000 ____D D:\MFT 94973

2013-11-10 09:57 - 2013-11-10 12:54 - 00000000 ____D D:\MFT 96010

2013-11-10 09:57 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 69421

2013-11-10 09:57 - 2013-11-10 12:50 - 00000000 ____D D:\MFT 65480

2013-11-10 09:57 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 95553

2013-11-10 09:57 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 95544

2013-11-10 09:57 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84255

2013-11-10 09:57 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 63300

2013-11-10 09:57 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 96060

2013-11-10 09:57 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 95996

2013-11-10 09:57 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 96050

2013-11-10 09:57 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 95557

2013-11-10 09:57 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 95555

2013-11-10 09:57 - 2013-11-10 12:42 - 00000000 ____D D:\MFT 69541

2013-11-10 09:57 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 68592

2013-11-10 09:57 - 2013-11-10 10:03 - 00000000 ____D D:\MFT 33137

2013-11-10 09:57 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85729

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 99424

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 98750

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 96479

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 75295

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69628

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69409

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69403

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69061

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 68602

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 67694

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 66492

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 66482

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 48696

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 48312

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 48307

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 48051

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 41994

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 37486

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 37470

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 25723

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 17498

2013-11-10 09:43 - 2013-11-10 10:43 - 00000000 ____D D:\MFT 44093

2013-11-10 08:20 - 2013-11-10 08:20 - 00002165 _____ D:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk

2013-11-10 08:20 - 2013-11-10 08:20 - 00002145 _____ D:\Users\Public\Desktop\TuneUp Utilities 2014.lnk

2013-11-10 08:20 - 2013-11-10 08:20 - 00000000 ____D D:\Users\KH\AppData\Roaming\TuneUp Software

2013-11-10 08:20 - 2013-11-10 08:20 - 00000000 ____D D:\Program Files\TuneUp Utilities 2014

2013-11-10 08:20 - 2013-10-12 02:28 - 00036664 _____ (TuneUp Software) D:\Windows\system32\TURegOpt.exe

2013-11-10 08:20 - 2013-10-12 02:28 - 00025400 _____ (TuneUp Software) D:\Windows\system32\authuitu.dll

2013-11-10 08:19 - 2013-11-10 08:26 - 00000000 __SHD D:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}

2013-11-10 08:18 - 2013-11-10 08:19 - 32522152 _____ (TuneUp Software) D:\Users\KH\Desktop\TuneUpUtilities2014_de-DE.exe

2013-11-10 07:58 - 2013-11-10 07:58 - 00110072 _____ D:\Users\kh-pc\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-10 07:56 - 2013-11-10 07:58 - 00000000 ____D D:\Users\kh-pc

2013-11-10 07:56 - 2013-11-10 07:56 - 00001431 _____ D:\Users\kh-pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2013-11-10 07:56 - 2013-11-10 07:56 - 00000020 ___SH D:\Users\kh-pc\ntuser.ini

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Startmenü

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Netzwerkumgebung

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Druckumgebung

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Documents\Eigene Musik

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Documents\Eigene Bilder

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\AppData\Local\Verlauf

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 ____D D:\Users\kh-pc\AppData\Roaming\Adobe

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 ____D D:\Users\kh-pc\AppData\Local\VirtualStore

2013-11-10 07:56 - 2013-07-04 21:02 - 00000000 ____D D:\Users\kh-pc\AppData\Roaming\Macromedia

2013-11-10 07:56 - 2011-11-12 16:45 - 00000000 ____D D:\Users\kh-pc\AppData\Local\AskToolbar

2013-11-10 07:56 - 2009-10-26 14:45 - 00000000 ____D D:\Users\kh-pc\AppData\Local\Microsoft Help

2013-11-10 07:56 - 2009-07-14 05:42 - 00000000 ___RD D:\Users\kh-pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-11-10 07:56 - 2009-07-14 05:37 - 00000000 ___RD D:\Users\kh-pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-11-10 07:48 - 2013-11-11 10:29 - 00000400 _____ D:\Windows\Tasks\ASO-OneClickCare.job

2013-11-10 07:48 - 2013-11-10 11:00 - 00000428 _____ D:\Windows\Tasks\ASOService.job

2013-11-10 07:48 - 2013-11-10 09:01 - 00000430 _____ D:\Windows\Tasks\ASO-AutoCheckUpdate7Days.job

2013-11-10 07:48 - 2013-11-10 07:48 - 00002256 _____ D:\Users\Public\Desktop\Intelligente PC-Wartung.lnk

2013-11-10 07:48 - 2013-11-10 07:48 - 00002204 _____ D:\Users\Public\Desktop\Advanced System Optimizer.lnk

2013-11-10 07:47 - 2013-11-10 07:53 - 00000000 ____D D:\Program Files\Advanced System Optimizer 3

2013-11-09 22:20 - 2013-11-12 17:00 - 00001202 _____ D:\Users\KH\Desktop\Renee Undeleter.lnk

2013-11-09 19:59 - 2013-11-09 19:59 - 00000022 _____ D:\Users\KH\Desktop\Neuer ZIP-komprimierter Ordner.zip

2013-11-09 17:50 - 2013-11-09 17:55 - 00002216 _____ D:\Windows\system32\ASOROSet.bin

2013-11-09 15:33 - 2013-11-09 20:03 - 00271360 _____ D:\Users\KH\Documents\archive.pst

2013-11-09 14:32 - 2013-11-10 10:23 - 00271360 _____ D:\Users\KH\Documents\Outlook.pst

2013-11-09 13:57 - 2013-11-09 13:57 - 00110072 _____ D:\Users\kh_2.KH-PC.000\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 13:54 - 2013-11-09 14:06 - 00000000 ___RD D:\Users\kh_2.KH-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-11-09 13:54 - 2013-11-09 14:06 - 00000000 ____D D:\Users\kh_2.KH-PC.000

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Startmenü

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Netzwerkumgebung

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Druckumgebung

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Documents\Eigene Musik

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Documents\Eigene Bilder

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\AppData\Local\Verlauf

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 ____D D:\Users\kh_2.KH-PC.000\AppData\Roaming\Adobe

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 ____D D:\Users\kh_2.KH-PC.000\AppData\Local\VirtualStore

2013-11-09 13:54 - 2013-07-04 21:02 - 00000000 ____D D:\Users\kh_2.KH-PC.000\AppData\Roaming\Macromedia

2013-11-09 13:54 - 2011-11-12 16:45 - 00000000 ____D D:\Users\kh_2.KH-PC.000\AppData\Local\AskToolbar

2013-11-09 13:54 - 2009-10-26 14:45 - 00000000 ____D D:\Users\kh_2.KH-PC.000\AppData\Local\Microsoft Help

2013-11-09 13:42 - 2013-11-09 13:42 - 00000000 ____D D:\Users\KH\Tracing

2013-11-09 13:36 - 2013-11-09 13:36 - 00000000 ____D D:\Users\KH\Desktop\kh_2

2013-11-09 12:55 - 2013-11-09 12:55 - 00271360 _____ D:\Users\KH\Desktop\archive.pst

2013-11-09 12:46 - 2013-11-09 14:05 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Local\Nero

2013-11-09 12:46 - 2013-11-09 12:46 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Roaming\Nero

2013-11-09 12:46 - 2013-11-09 12:46 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Local\Nero_AG

2013-11-09 12:43 - 2013-11-09 12:43 - 00110072 _____ D:\Users\kh_2.KH-PC\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 12:39 - 2013-11-09 14:06 - 00000000 ___RD D:\Users\kh_2.KH-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-11-09 12:39 - 2013-11-09 14:06 - 00000000 ____D D:\Users\kh_2.KH-PC

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\Startmenü

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\Netzwerkumgebung

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\Druckumgebung

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\AppData\Local\Verlauf

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Roaming\Adobe

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Local\VirtualStore

2013-11-09 12:39 - 2013-07-04 21:02 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Roaming\Macromedia

2013-11-09 12:39 - 2011-11-12 16:45 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Local\AskToolbar

2013-11-09 12:39 - 2009-10-26 14:45 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Local\Microsoft Help

2013-11-09 12:35 - 2013-11-09 15:33 - 00271360 _____ D:\Users\KH\Documents\bewerbung.pst

2013-11-09 11:32 - 2013-11-09 11:32 - 00000000 ____D D:\Users\KH\AppData\Local\Adobe

2013-11-09 11:27 - 2013-11-09 12:55 - 00271360 _____ D:\Users\KH\Desktop\Outlook.pst

2013-11-09 11:25 - 2013-11-10 15:46 - 00110072 _____ D:\Users\KH\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 11:25 - 2013-11-09 11:25 - 00000000 ____D D:\Users\KH\Documents\Amazon MP3

2013-11-09 10:49 - 2013-11-09 10:49 - 00110072 _____ D:\Users\xrcd73\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 10:48 - 2013-11-09 11:24 - 00000000 ____D D:\Users\xrcd73

2013-11-09 10:48 - 2013-11-09 11:23 - 00000000 ___RD D:\Users\xrcd73\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Startmenü

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Netzwerkumgebung

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Druckumgebung

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Documents\Eigene Musik

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Documents\Eigene Bilder

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\AppData\Local\Verlauf

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 ____D D:\Users\xrcd73\AppData\Roaming\Adobe

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 ____D D:\Users\xrcd73\AppData\Local\VirtualStore

2013-11-09 10:48 - 2013-07-04 21:02 - 00000000 ____D D:\Users\xrcd73\AppData\Roaming\Macromedia

2013-11-09 10:48 - 2011-11-12 16:45 - 00000000 ____D D:\Users\xrcd73\AppData\Local\AskToolbar

2013-11-09 10:48 - 2009-10-26 14:45 - 00000000 ____D D:\Users\xrcd73\AppData\Local\Microsoft Help

2013-11-09 10:41 - 2013-11-09 10:41 - 00000000 ____D D:\Users\kh_2\Desktop\KH

2013-11-09 10:39 - 2013-11-09 10:39 - 00110072 _____ D:\Users\kh_2\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 10:38 - 2013-11-09 11:24 - 00000000 ____D D:\Users\kh_2

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Startmenü

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Netzwerkumgebung

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Druckumgebung

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Documents\Eigene Musik

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Documents\Eigene Bilder

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\AppData\Local\Verlauf

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 ____D D:\Users\kh_2\AppData\Roaming\Adobe

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 ____D D:\Users\kh_2\AppData\Local\VirtualStore

2013-11-09 10:38 - 2013-07-04 21:02 - 00000000 ____D D:\Users\kh_2\AppData\Roaming\Macromedia

2013-11-09 10:38 - 2011-11-12 16:45 - 00000000 ____D D:\Users\kh_2\AppData\Local\AskToolbar

2013-11-09 10:38 - 2009-10-26 14:45 - 00000000 ____D D:\Users\kh_2\AppData\Local\Microsoft Help

2013-11-08 22:48 - 2013-11-08 22:54 - 00000000 ____D D:\ProgramData\ParetoLogic

2013-11-08 21:08 - 2013-11-09 19:33 - 00000000 ____D D:\Windows\system32\config\RCCBakup

2013-11-08 19:00 - 2013-11-09 19:08 - 00000000 ____D D:\Program Files\Amazon Browser Bar

2013-11-08 19:00 - 2013-11-08 19:00 - 00129536 _____ D:\Users\Public\AlexaNSISPlugin.4168.dll

2013-11-08 18:59 - 2013-11-10 15:13 - 00000000 ____D D:\Users\KH\AppData\Roaming\Systweak

2013-11-08 18:59 - 2013-08-22 18:36 - 00018776 _____ (Systweak Inc., (www.systweak.com)) D:\Windows\system32\roboot.exe

2013-11-08 17:30 - 2013-11-09 14:05 - 00000000 ____D D:\Users\KH\AppData\Roaming\okitspace

2013-11-08 17:30 - 2013-11-09 14:05 - 00000000 ____D D:\Users\KH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie

2013-11-08 17:30 - 2013-11-09 14:05 - 00000000 ____D D:\Program Files\PC Speed Up

2013-11-08 17:29 - 2013-11-09 14:05 - 00000000 ____D D:\Users\KH\AppData\Local\Lollipop

2013-11-08 17:29 - 2013-11-09 14:05 - 00000000 ____D D:\Program Files\iRobinHood

2013-11-08 17:29 - 2013-11-08 17:29 - 00000000 ____D D:\Program Files\Uniblue

2013-11-08 17:28 - 2013-11-09 14:06 - 00000000 ____D D:\Program Files\CoolPic

2013-11-08 17:28 - 2013-11-09 14:05 - 00000000 ____D D:\Program Files\Mobogenie

2013-11-08 17:28 - 2013-11-09 12:31 - 00000000 ____D D:\Users\KH\AppData\Local\Smartbar

2013-10-29 10:51 - 2013-11-10 12:01 - 00001812 _____ D:\Users\KH\Desktop\Gutschein_5_Tage_im_Schloss_Purschenstein_im_Erzgebirge_fÃ¼r_zwei_Personen.lnk

2013-10-28 21:13 - 2013-10-23 11:24 - 22933792 _____ (NVIDIA Corporation) D:\Windows\system32\nvoglv32.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 17560352 _____ (NVIDIA Corporation) D:\Windows\system32\nvcompiler.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 10410272 _____ (NVIDIA Corporation) D:\Windows\system32\Drivers\nvlddmkm.sys

2013-10-28 21:13 - 2013-10-23 11:24 - 09524088 _____ (NVIDIA Corporation) D:\Windows\system32\nvcuda.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 09480328 _____ (NVIDIA Corporation) D:\Windows\system32\nvopencl.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 02946848 _____ (NVIDIA Corporation) D:\Windows\system32\nvcuvid.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 02747168 _____ (NVIDIA Corporation) D:\Windows\system32\nvcuvenc.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 01049888 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispco3233165.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 00893728 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispgenco3233165.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 00599840 _____ (NVIDIA Corporation) D:\Windows\system32\NvFBC.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 00560416 _____ (NVIDIA Corporation) D:\Windows\system32\NvIFR.dll

2013-10-28 21:07 - 2013-11-08 21:47 - 00955168 _____ (NVIDIA Corporation) D:\Windows\system32\nvspcap.dll

2013-10-28 21:03 - 2013-09-28 00:01 - 00033568 _____ (NVIDIA Corporation) D:\Windows\system32\Drivers\nvvad32v.sys

2013-10-28 10:56 - 2013-11-10 12:01 - 00001327 _____ D:\Users\KH\Desktop\Kreativitätskindertagesstätte 13.11.13.lnk

2013-10-24 19:01 - 2013-11-10 12:01 - 00001367 _____ D:\Users\KH\Desktop\kita 001.lnk

2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) D:\Windows\system32\nvStreaming.exe

2013-10-22 19:07 - 2013-10-16 01:41 - 01049888 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispco3233158.dll

2013-10-22 19:07 - 2013-10-16 01:41 - 00893728 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispgenco3233158.dll

2013-10-21 08:52 - 2013-11-10 12:01 - 00001327 _____ D:\Users\KH\Desktop\Anja Hoffmann Erzieherin Lotusblüte.lnk

2013-10-21 05:05 - 2013-10-21 05:05 - 00264616 _____ (Oracle Corporation) D:\Windows\system32\javaws.exe

2013-10-21 05:05 - 2013-10-21 05:05 - 00175016 _____ (Oracle Corporation) D:\Windows\system32\javaw.exe

2013-10-21 05:05 - 2013-10-21 05:05 - 00174504 _____ (Oracle Corporation) D:\Windows\system32\java.exe

2013-10-21 05:05 - 2013-10-21 05:05 - 00094632 _____ (Oracle Corporation) D:\Windows\system32\WindowsAccessBridge.dll

2013-10-21 05:05 - 2013-10-21 05:05 - 00000000 ____D D:\ProgramData\Oracle

2013-10-21 05:05 - 2013-10-21 05:05 - 00000000 ____D D:\Program Files\Java

2013-10-21 05:05 - 2013-10-21 05:05 - 00000000 ____D D:\Program Files\Common Files\Java

2013-10-15 16:35 - 2013-10-23 11:24 - 15855568 _____ (NVIDIA Corporation) D:\Windows\system32\nvwgf2um.dll

2013-10-15 16:35 - 2013-10-23 11:24 - 15212336 _____ (NVIDIA Corporation) D:\Windows\system32\nvd3dum.dll

2013-10-15 16:35 - 2013-09-27 09:50 - 01049888 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispco3233140.dll

2013-10-15 16:35 - 2013-09-27 09:50 - 00893728 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispgenco3233140.dll

2013-10-15 16:23 - 2013-10-15 16:23 - 00336816 _____ D:\Windows\Minidump\101513-39171-01.dmp

2013-10-15 16:19 - 2013-10-15 16:19 - 00366872 _____ D:\Windows\Minidump\101513-48687-01.dmp
 

==================== One Month Modified Files and Folders =======
 

2013-11-12 18:01 - 2013-11-12 18:01 - 00000000 ____D D:\FRST

2013-11-12 17:59 - 2013-11-12 17:58 - 01090275 _____ (Farbar) D:\Users\KH\Desktop\FRST.exe

2013-11-12 17:57 - 2013-11-12 17:54 - 00000466 _____ D:\Users\KH\Desktop\defogger_disable.log

2013-11-12 17:54 - 2013-11-12 17:54 - 00000000 _____ D:\Users\KH\defogger_reenable

2013-11-12 17:54 - 2009-10-25 15:53 - 00000000 ____D D:\Users\KH

2013-11-12 17:53 - 2013-11-12 17:53 - 00050477 _____ D:\Users\KH\Desktop\Defogger.exe

2013-11-12 17:48 - 2013-11-12 17:48 - 00000000 ____D D:\Users\KH\Documents\My Received Files

2013-11-12 17:48 - 2013-11-12 17:48 - 00000000 ____D D:\Users\KH\AppData\Roaming\MusicNet

2013-11-12 17:48 - 2013-11-12 17:37 - 00000000 ____D D:\Users\KH\AppData\Local\iMesh

2013-11-12 17:38 - 2013-11-12 17:38 - 00001152 _____ D:\Users\KH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iMesh.lnk

2013-11-12 17:37 - 2013-11-12 17:37 - 00000000 ____D D:\Program Files\iMesh Applications

2013-11-12 17:14 - 2012-04-09 17:29 - 00000884 _____ D:\Windows\Tasks\Adobe Flash Player Updater.job

2013-11-12 17:07 - 2009-07-14 05:34 - 00014608 ____H D:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-11-12 17:07 - 2009-07-14 05:34 - 00014608 ____H D:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-11-12 17:04 - 2009-10-25 15:54 - 01621084 _____ D:\Windows\system32\PerfStringBackup.INI

2013-11-12 17:00 - 2013-11-09 22:20 - 00001202 _____ D:\Users\KH\Desktop\Renee Undeleter.lnk

2013-11-12 16:58 - 2009-10-25 16:17 - 00000000 ____D D:\ProgramData\NVIDIA

2013-11-12 16:58 - 2009-07-14 05:53 - 00000006 ____H D:\Windows\Tasks\SA.DAT

2013-11-12 16:58 - 2009-07-14 05:39 - 00324690 _____ D:\Windows\setupact.log

2013-11-12 16:38 - 2013-11-12 16:38 - 00000000 ____D D:\Users\KH\AppData\Local\NVIDIA Corporation

2013-11-12 15:26 - 2009-10-25 15:35 - 01399530 _____ D:\Windows\WindowsUpdate.log

2013-11-11 10:29 - 2013-11-10 07:48 - 00000400 _____ D:\Windows\Tasks\ASO-OneClickCare.job

2013-11-10 20:59 - 2009-07-14 05:41 - 00000749 ___RH D:\Windows\WindowsShell.Manifest

2013-11-10 20:59 - 2009-07-14 03:37 - 00000000 __RHD D:\Users\Public\Libraries

2013-11-10 20:59 - 2009-07-14 03:37 - 00000000 ___RD D:\Users\Public

2013-11-10 20:40 - 2009-10-25 16:17 - 00113660 _____ D:\Windows\PFRO.log

2013-11-10 20:31 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 63654

2013-11-10 19:16 - 2013-11-10 19:16 - 00000000 ____D D:\Users\KH\AppData\Roaming\Avira

2013-11-10 19:15 - 2013-11-10 19:15 - 00002022 _____ D:\Users\Public\Desktop\Avira Control Center.lnk

2013-11-10 19:15 - 2013-11-10 19:15 - 00000000 ____D D:\Program Files\Avira

2013-11-10 19:15 - 2011-11-12 16:45 - 00000000 ____D D:\ProgramData\Avira

2013-11-10 19:09 - 2013-11-10 19:15 - 00137208 _____ (Avira Operations GmbH & Co. KG) D:\Windows\system32\Drivers\avipbb.sys

2013-11-10 19:09 - 2013-11-10 19:15 - 00089376 _____ (Avira Operations GmbH & Co. KG) D:\Windows\system32\Drivers\avgntflt.sys

2013-11-10 19:09 - 2013-11-10 19:15 - 00067680 _____ (Avira Operations GmbH & Co. KG) D:\Windows\system32\Drivers\avnetflt.sys

2013-11-10 19:09 - 2013-11-10 19:15 - 00037352 _____ (Avira Operations GmbH & Co. KG) D:\Windows\system32\Drivers\avkmgr.sys

2013-11-10 19:09 - 2013-11-10 19:15 - 00028520 _____ (Avira GmbH) D:\Windows\system32\Drivers\ssmdrv.sys

2013-11-10 19:06 - 2013-11-10 19:06 - 02296760 _____ D:\Users\KH\Desktop\avira_internet_security_suite.exe

2013-11-10 16:48 - 2013-11-10 16:48 - 01050624 _____ D:\Users\KH\Desktop\MicrosoftFixit50511.msi

2013-11-10 16:41 - 2013-11-10 16:41 - 00000862 _____ D:\Users\KH\Desktop\Microsoft Office Outlook 2007.zip

2013-11-10 15:46 - 2013-11-09 11:25 - 00110072 _____ D:\Users\KH\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-10 15:46 - 2009-07-14 05:33 - 00415560 _____ D:\Windows\system32\FNTCACHE.DAT

2013-11-10 15:44 - 2009-10-26 12:30 - 00000000 ____D D:\ProgramData\Microsoft Help

2013-11-10 15:43 - 2011-03-20 15:40 - 00000000 ____D D:\Program Files\Microsoft Works

2013-11-10 15:43 - 2011-03-20 15:40 - 00000000 ____D D:\Program Files\Common Files\DESIGNER

2013-11-10 15:42 - 2009-07-14 09:57 - 00000000 ____D D:\Windows\ShellNew

2013-11-10 15:37 - 2009-07-14 03:04 - 00000478 _____ D:\Windows\win.ini

2013-11-10 15:13 - 2013-11-08 18:59 - 00000000 ____D D:\Users\KH\AppData\Roaming\Systweak

2013-11-10 13:23 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 94973

2013-11-10 12:54 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 66742

2013-11-10 12:54 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 29672

2013-11-10 12:54 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 96010

2013-11-10 12:53 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 13120

2013-11-10 12:53 - 2013-11-10 12:49 - 00000000 ____D D:\MFT 69599

2013-11-10 12:53 - 2013-11-10 10:55 - 00000000 ____D D:\MFT 85443

2013-11-10 12:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84023

2013-11-10 12:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 83015

2013-11-10 12:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 69451

2013-11-10 12:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 69419

2013-11-10 12:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 63545

2013-11-10 12:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 35760

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\Program Files\LucasArts

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 69534

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 69500

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 69268

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 66797

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 44421

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 43696

2013-11-10 12:51 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 50434

2013-11-10 12:51 - 2013-11-10 10:03 - 00000000 ____D D:\MFT 25091

2013-11-10 12:51 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 65588

2013-11-10 12:51 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 47206

2013-11-10 12:51 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 41339

2013-11-10 12:51 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 27310

2013-11-10 12:51 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69421

2013-11-10 12:50 - 2013-11-10 12:50 - 00000000 ____D D:\Program Files\Common Files\ParetoLogic

2013-11-10 12:50 - 2013-11-10 12:50 - 00000000 ____D D:\MFT 69327

2013-11-10 12:50 - 2013-11-10 12:50 - 00000000 ____D D:\MFT 43589

2013-11-10 12:50 - 2013-11-10 10:43 - 00000000 ____D D:\MFT 69603

2013-11-10 12:50 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 63505

2013-11-10 12:50 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 60957

2013-11-10 12:50 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 65480

2013-11-10 12:49 - 2013-11-10 12:49 - 00000000 ____D D:\MFT 69537

2013-11-10 12:49 - 2013-11-10 10:43 - 00000000 ____D D:\MFT 69491

2013-11-10 12:49 - 2013-11-10 10:43 - 00000000 ____D D:\MFT 69345

2013-11-10 12:48 - 2013-11-10 10:03 - 00000000 ____D D:\MFT 40319

2013-11-10 12:48 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 49115

2013-11-10 12:48 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 48863

2013-11-10 12:48 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 48501

2013-11-10 12:47 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84970

2013-11-10 12:47 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84925

2013-11-10 12:47 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84808

2013-11-10 12:47 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84152

2013-11-10 12:47 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 84847

2013-11-10 12:47 - 2013-11-10 10:56 - 00000000 ____D D:\MFT 85251

2013-11-10 12:47 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 82784

2013-11-10 12:47 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 95553

2013-11-10 12:47 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 95544

2013-11-10 12:47 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 84255

2013-11-10 12:47 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 63300

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 99805

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 95531

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 95075

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 37463

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 2218

2013-11-10 12:45 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85663

2013-11-10 12:45 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84838

2013-11-10 12:45 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 83029

2013-11-10 12:45 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 5659

2013-11-10 12:45 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 2519

2013-11-10 12:45 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 96060

2013-11-10 12:45 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 95996

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 99176

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 86563

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 84869

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 84110

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 48829

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 46649

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 44695

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 44585

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 44296

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 43434

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 37293

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 29708

2013-11-10 12:44 - 2013-11-10 10:57 - 00000000 ____D D:\MFT 85569

2013-11-10 12:44 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 86951

2013-11-10 12:44 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 86507

2013-11-10 12:44 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85679

2013-11-10 12:44 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85448

2013-11-10 12:44 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85011

2013-11-10 12:44 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84088

2013-11-10 12:44 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 5821

2013-11-10 12:44 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 16537

2013-11-10 12:44 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 96050

2013-11-10 12:44 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 95557

2013-11-10 12:44 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 95555

2013-11-10 12:43 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 48806

2013-11-10 12:43 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 39942

2013-11-10 12:43 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 29270

2013-11-10 12:42 - 2013-11-10 12:42 - 00000000 ____D D:\MFT 69430

2013-11-10 12:42 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69541

2013-11-10 12:41 - 2013-04-18 05:32 - 00000000 ____D D:\Users\KH\AppData\Roaming\player

2013-11-10 12:39 - 2013-11-10 12:39 - 00000000 ____D D:\MFT 89457

2013-11-10 12:01 - 2013-11-10 12:01 - 00000000 ____D D:\Users\KH\AppData\Local\Avg2014

2013-11-10 12:01 - 2013-10-29 10:51 - 00001812 _____ D:\Users\KH\Desktop\Gutschein_5_Tage_im_Schloss_Purschenstein_im_Erzgebirge_fÃ¼r_zwei_Personen.lnk

2013-11-10 12:01 - 2013-10-28 10:56 - 00001327 _____ D:\Users\KH\Desktop\Kreativitätskindertagesstätte 13.11.13.lnk

2013-11-10 12:01 - 2013-10-24 19:01 - 00001367 _____ D:\Users\KH\Desktop\kita 001.lnk

2013-11-10 12:01 - 2013-10-21 08:52 - 00001327 _____ D:\Users\KH\Desktop\Anja Hoffmann Erzieherin Lotusblüte.lnk

2013-11-10 11:40 - 2013-01-24 13:07 - 00000000 ____D D:\Users\KH\AppData\Local\Nero

2013-11-10 11:21 - 2009-07-14 03:37 - 00000000 ____D D:\Windows\system32\NDF

2013-11-10 11:00 - 2013-11-10 07:48 - 00000428 _____ D:\Windows\Tasks\ASOService.job

2013-11-10 10:57 - 2013-11-10 10:57 - 00000000 ____D D:\MFT 67386

2013-11-10 10:56 - 2013-11-10 10:56 - 00000000 ____D D:\MFT 37475

2013-11-10 10:55 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84701

2013-11-10 10:55 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 49432

2013-11-10 10:55 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 48844

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 69652

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 69649

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 68594

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 67382

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 66129

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 619

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 47937

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 47931

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 47927

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 21752

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 18213

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 16634

2013-11-10 10:54 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84233

2013-11-10 10:54 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 71072

2013-11-10 10:54 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 66932

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 9626

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 69244

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 69059

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 69052

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 68604

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 48730

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 48085

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 43046

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 140

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 10193

2013-11-10 10:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 72750

2013-11-10 10:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 72099

2013-11-10 10:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 71615

2013-11-10 10:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 65795

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69647

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69626

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69401

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69235

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69064

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69050

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69048

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69041

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 68597

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 68580

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 67403

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 67401

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 67399

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66478

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66472

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66457

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66135

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 28750

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 17744

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 15327

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 15276

2013-11-10 10:52 - 2013-11-10 10:03 - 00000000 ____D D:\MFT 66778

2013-11-10 10:52 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 68592

2013-11-10 10:52 - 2013-07-19 18:07 - 00000000 ____D D:\Users\KH\AppData\Roaming\DVDVideoSoft

2013-11-10 10:43 - 2013-11-10 10:43 - 00000000 ____D D:\MFT 99757

2013-11-10 10:43 - 2013-11-10 10:43 - 00000000 ____D D:\MFT 99544

2013-11-10 10:43 - 2013-11-10 09:43 - 00000000 ____D D:\MFT 44093

2013-11-10 10:33 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 99781

2013-11-10 10:28 - 2013-11-10 10:28 - 00000000 ____D D:\MFT 17617

2013-11-10 10:28 - 2013-11-10 10:28 - 00000000 ____D D:\MFT 15395

2013-11-10 10:27 - 2009-10-26 13:43 - 00000000 ____D D:\ProgramData\SFirm32

2013-11-10 10:23 - 2013-11-09 14:32 - 00271360 _____ D:\Users\KH\Documents\Outlook.pst

2013-11-10 10:18 - 2013-11-10 10:18 - 00000000 ____D D:\MFT 98455

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 77143

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 64491

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 63646

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 46360

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 45729

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 45723

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 2658

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 16514

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 99960

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 98476

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 6992

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 43812

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 261

2013-11-10 10:03 - 2013-11-10 10:03 - 00000000 ____D D:\MFT 71952

2013-11-10 10:03 - 2013-11-10 10:03 - 00000000 ____D D:\MFT 37473

2013-11-10 10:03 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 33137

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\Users\kh_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\Program Files\ParetoLogic

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\NVIDIA

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 96635

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 87506

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 86926

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 86337

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85766

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85024

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84860

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84812

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84207

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 83366

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 83365

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 82568

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 82545

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 77570

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 77564

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 72209

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 72006

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 60821

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 5768

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 57550

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 52432

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 49035

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 48736

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 34301

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 21750

2013-11-10 09:59 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 85729

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 99424

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 98750

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 96479

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 75295

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69628

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69409

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69403

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69061

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 68602

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 67694

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 66492

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 66482

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 48696

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 48312

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 48307

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 48051

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 41994

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 37486

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 37470

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 25723

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 17498

2013-11-10 09:46 - 2009-10-25 19:09 - 00000000 ____D D:\Users\KH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2013-11-10 09:01 - 2013-11-10 07:48 - 00000430 _____ D:\Windows\Tasks\ASO-AutoCheckUpdate7Days.job

2013-11-10 08:26 - 2013-11-10 08:19 - 00000000 __SHD D:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}

2013-11-10 08:26 - 2013-09-09 13:36 - 00000000 __SHD D:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}

2013-11-10 08:26 - 2009-10-26 14:22 - 00000000 ___HD D:\ProgramData\{8F84A085-61F5-420C-99B2-2BCE2C37763C}

2013-11-10 08:26 - 2009-10-26 12:30 - 00000000 ____D D:\Users\KH\AppData\Local\Microsoft Help

2013-11-10 08:21 - 2013-09-09 13:36 - 00000000 ____D D:\ProgramData\TuneUp Software

2013-11-10 08:20 - 2013-11-10 08:20 - 00002165 _____ D:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk

2013-11-10 08:20 - 2013-11-10 08:20 - 00002145 _____ D:\Users\Public\Desktop\TuneUp Utilities 2014.lnk

2013-11-10 08:20 - 2013-11-10 08:20 - 00000000 ____D D:\Users\KH\AppData\Roaming\TuneUp Software

2013-11-10 08:20 - 2013-11-10 08:20 - 00000000 ____D D:\Program Files\TuneUp Utilities 2014

2013-11-10 08:19 - 2013-11-10 08:18 - 32522152 _____ (TuneUp Software) D:\Users\KH\Desktop\TuneUpUtilities2014_de-DE.exe

2013-11-10 07:58 - 2013-11-10 07:58 - 00110072 _____ D:\Users\kh-pc\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-10 07:58 - 2013-11-10 07:56 - 00000000 ____D D:\Users\kh-pc

2013-11-10 07:56 - 2013-11-10 07:56 - 00001431 _____ D:\Users\kh-pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2013-11-10 07:56 - 2013-11-10 07:56 - 00000020 ___SH D:\Users\kh-pc\ntuser.ini

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Startmenü

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Netzwerkumgebung

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Druckumgebung

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Documents\Eigene Musik

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Documents\Eigene Bilder

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\AppData\Local\Verlauf

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 ____D D:\Users\kh-pc\AppData\Roaming\Adobe

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 ____D D:\Users\kh-pc\AppData\Local\VirtualStore

2013-11-10 07:53 - 2013-11-10 07:47 - 00000000 ____D D:\Program Files\Advanced System Optimizer 3

2013-11-10 07:48 - 2013-11-10 07:48 - 00002256 _____ D:\Users\Public\Desktop\Intelligente PC-Wartung.lnk

2013-11-10 07:48 - 2013-11-10 07:48 - 00002204 _____ D:\Users\Public\Desktop\Advanced System Optimizer.lnk

2013-11-09 20:25 - 2013-01-24 13:08 - 00000000 ____D D:\Users\KH\AppData\Roaming\Nero

2013-11-09 20:03 - 2013-11-09 15:33 - 00271360 _____ D:\Users\KH\Documents\archive.pst

2013-11-09 19:59 - 2013-11-09 19:59 - 00000022 _____ D:\Users\KH\Desktop\Neuer ZIP-komprimierter Ordner.zip

2013-11-09 19:33 - 2013-11-08 21:08 - 00000000 ____D D:\Windows\system32\config\RCCBakup

2013-11-09 19:08 - 2013-11-08 19:00 - 00000000 ____D D:\Program Files\Amazon Browser Bar

2013-11-09 18:09 - 2009-10-25 15:53 - 00000000 ____D D:\Users\KH\AppData\Local\VirtualStore

2013-11-09 17:55 - 2013-11-09 17:50 - 00002216 _____ D:\Windows\system32\ASOROSet.bin

2013-11-09 17:55 - 2009-07-14 03:03 - 54263808 _____ D:\Windows\system32\config\software.bak

2013-11-09 17:55 - 2009-07-14 03:03 - 21495808 _____ D:\Windows\system32\config\system.bak

2013-11-09 17:55 - 2009-07-14 03:03 - 00262144 _____ D:\Windows\system32\config\security.bak

2013-11-09 17:52 - 2009-07-14 03:03 - 00262144 _____ D:\Windows\system32\config\sam.bak

2013-11-09 15:33 - 2013-11-09 12:35 - 00271360 _____ D:\Users\KH\Documents\bewerbung.pst

2013-11-09 14:06 - 2013-11-09 13:54 - 00000000 ___RD D:\Users\kh_2.KH-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-11-09 14:06 - 2013-11-09 13:54 - 00000000 ____D D:\Users\kh_2.KH-PC.000

2013-11-09 14:06 - 2013-11-09 12:39 - 00000000 ___RD D:\Users\kh_2.KH-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-11-09 14:06 - 2013-11-09 12:39 - 00000000 ____D D:\Users\kh_2.KH-PC

2013-11-09 14:06 - 2013-11-08 17:28 - 00000000 ____D D:\Program Files\CoolPic

2013-11-09 14:06 - 2009-07-14 03:37 - 00000000 ____D D:\Windows\system32\wfp

2013-11-09 14:05 - 2013-11-09 12:46 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Local\Nero

2013-11-09 14:05 - 2013-11-08 17:30 - 00000000 ____D D:\Users\KH\AppData\Roaming\okitspace

2013-11-09 14:05 - 2013-11-08 17:30 - 00000000 ____D D:\Users\KH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie

2013-11-09 14:05 - 2013-11-08 17:30 - 00000000 ____D D:\Program Files\PC Speed Up

2013-11-09 14:05 - 2013-11-08 17:29 - 00000000 ____D D:\Users\KH\AppData\Local\Lollipop

2013-11-09 14:05 - 2013-11-08 17:29 - 00000000 ____D D:\Program Files\iRobinHood

2013-11-09 14:05 - 2013-11-08 17:28 - 00000000 ____D D:\Program Files\Mobogenie

2013-11-09 14:05 - 2013-08-25 22:08 - 00000000 ____D D:\Users\KH\AppData\Roaming\Audacity

2013-11-09 14:05 - 2013-02-14 20:22 - 00000000 ___RD D:\Users\KH\Desktop\lplex-0.3-win64

2013-11-09 14:05 - 2013-02-14 20:06 - 00000000 ____D D:\Users\KH\AppData\Roaming\lplex

2013-11-09 14:05 - 2013-02-13 09:36 - 00000000 ____D D:\Users\KH\AppData\Roaming\dvdae

2013-11-09 14:05 - 2013-01-21 15:47 - 00000000 ___RD D:\Users\KH\SkyDrive

2013-11-09 14:05 - 2013-01-15 20:07 - 00000000 ____D D:\Users\KH\AppData\Roaming\Pegasys Inc

2013-11-09 14:05 - 2013-01-05 22:26 - 00000000 ____D D:\Users\KH\AppData\Roaming\dvdcss

2013-11-09 14:05 - 2013-01-03 20:04 - 00000000 ____D D:\Program Files\Cypheros

2013-11-09 14:05 - 2013-01-03 13:14 - 00000000 ____D D:\Users\KH\AppData\Roaming\vlc

2013-11-09 14:05 - 2011-01-08 22:17 - 00000000 ____D D:\Users\KH\AppData\Roaming\PhotoScape

2013-11-09 14:05 - 2010-11-07 10:54 - 00000000 ____D D:\Program Files\LuminanceHDR-2.0.1

2013-11-09 14:05 - 2009-11-17 17:23 - 00000000 ____D D:\Users\KH\AppData\Local\{6CDD08D2-4502-44F0-9753-3D5B10261DFE}

2013-11-09 14:05 - 2009-11-04 09:58 - 00000000 ____D D:\Users\KH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ghostscript

2013-11-09 14:05 - 2009-10-26 14:20 - 00000000 ____D D:\Program Files\WIN-CASA2009

2013-11-09 14:05 - 2009-10-25 15:53 - 00000000 ____D D:\Users\KH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-11-09 14:05 - 2009-10-25 15:53 - 00000000 ____D D:\Users\KH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-11-09 14:05 - 2009-07-14 05:52 - 00000000 ____D D:\Windows\system32\WinBioDatabase

2013-11-09 14:05 - 2009-07-14 03:37 - 00000000 ____D D:\Windows\system32\de-DE

2013-11-09 14:05 - 2009-07-14 03:37 - 00000000 ____D D:\Windows\registration

2013-11-09 14:04 - 2013-09-09 13:36 - 00000000 ____D D:\Users\KH\AppData\Roaming\OpenCandy

2013-11-09 14:04 - 2013-08-24 18:17 - 00000000 ____D D:\Users\KH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon

2013-11-09 14:04 - 2013-01-11 22:03 - 00000000 ____D D:\Users\KH\AppData\Roaming\Digiarty

2013-11-09 14:04 - 2013-01-09 11:42 - 00000000 ____D D:\Users\KH\AppData\Roaming\Sony

2013-11-09 14:04 - 2012-01-17 22:07 - 00000000 ____D D:\Users\KH\AppData\Roaming\Canneverbe Limited

2013-11-09 14:04 - 2009-10-25 16:03 - 00000000 ____D D:\Users\KH\AppData\Roaming\Macromedia

2013-11-09 14:04 - 2009-10-25 16:03 - 00000000 ____D D:\Users\KH\AppData\Roaming\Adobe

2013-11-09 14:03 - 2013-09-06 20:24 - 00000000 ____D D:\Users\KH\AppData\Local\NVIDIA

2013-11-09 14:03 - 2013-01-24 13:08 - 00000000 ____D D:\Users\KH\AppData\Local\Nero_AG

2013-11-09 14:03 - 2013-01-09 11:50 - 00000000 ____D D:\Users\KH\AppData\Local\Sony

2013-11-09 14:03 - 2011-01-07 18:56 - 00000000 ____D D:\Users\KH\AppData\Local\Panasonic

2013-11-09 14:03 - 2009-11-15 16:24 - 00000000 ____D D:\Users\KH\AppData\Local\Microsoft Games

2013-11-09 14:02 - 2009-07-14 03:37 - 00000000 ____D D:\Program Files\Common Files\microsoft shared

2013-11-09 13:57 - 2013-11-09 13:57 - 00110072 _____ D:\Users\kh_2.KH-PC.000\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Startmenü

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Netzwerkumgebung

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Druckumgebung

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Documents\Eigene Musik

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Documents\Eigene Bilder

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\AppData\Local\Verlauf

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 ____D D:\Users\kh_2.KH-PC.000\AppData\Roaming\Adobe

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 ____D D:\Users\kh_2.KH-PC.000\AppData\Local\VirtualStore

2013-11-09 13:42 - 2013-11-09 13:42 - 00000000 ____D D:\Users\KH\Tracing

2013-11-09 13:36 - 2013-11-09 13:36 - 00000000 ____D D:\Users\KH\Desktop\kh_2

2013-11-09 12:55 - 2013-11-09 12:55 - 00271360 _____ D:\Users\KH\Desktop\archive.pst

2013-11-09 12:55 - 2013-11-09 11:27 - 00271360 _____ D:\Users\KH\Desktop\Outlook.pst

2013-11-09 12:46 - 2013-11-09 12:46 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Roaming\Nero

2013-11-09 12:46 - 2013-11-09 12:46 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Local\Nero_AG

2013-11-09 12:43 - 2013-11-09 12:43 - 00110072 _____ D:\Users\kh_2.KH-PC\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\Startmenü

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\Netzwerkumgebung

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\Druckumgebung

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\AppData\Local\Verlauf

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Roaming\Adobe

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Local\VirtualStore

2013-11-09 12:31 - 2013-11-08 17:28 - 00000000 ____D D:\Users\KH\AppData\Local\Smartbar

2013-11-09 12:31 - 2012-12-31 12:55 - 00000000 ____D D:\Program Files\Technisat

2013-11-09 12:31 - 2009-12-08 20:45 - 00000000 ____D D:\Users\KH\AppData\Local\Google

2013-11-09 11:32 - 2013-11-09 11:32 - 00000000 ____D D:\Users\KH\AppData\Local\Adobe

2013-11-09 11:25 - 2013-11-09 11:25 - 00000000 ____D D:\Users\KH\Documents\Amazon MP3

2013-11-09 11:24 - 2013-11-09 10:48 - 00000000 ____D D:\Users\xrcd73

2013-11-09 11:24 - 2013-11-09 10:38 - 00000000 ____D D:\Users\kh_2

2013-11-09 11:23 - 2013-11-09 10:48 - 00000000 ___RD D:\Users\xrcd73\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-11-09 10:49 - 2013-11-09 10:49 - 00110072 _____ D:\Users\xrcd73\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Startmenü

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Netzwerkumgebung

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Druckumgebung

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Documents\Eigene Musik

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Documents\Eigene Bilder

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\AppData\Local\Verlauf

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 ____D D:\Users\xrcd73\AppData\Roaming\Adobe

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 ____D D:\Users\xrcd73\AppData\Local\VirtualStore

2013-11-09 10:41 - 2013-11-09 10:41 - 00000000 ____D D:\Users\kh_2\Desktop\KH

2013-11-09 10:39 - 2013-11-09 10:39 - 00110072 _____ D:\Users\kh_2\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Startmenü

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Netzwerkumgebung

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Druckumgebung

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Documents\Eigene Musik

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Documents\Eigene Bilder

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\AppData\Local\Verlauf

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 ____D D:\Users\kh_2\AppData\Roaming\Adobe

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 ____D D:\Users\kh_2\AppData\Local\VirtualStore

2013-11-08 22:54 - 2013-11-08 22:48 - 00000000 ____D D:\ProgramData\ParetoLogic

2013-11-08 21:47 - 2013-10-28 21:07 - 00955168 _____ (NVIDIA Corporation) D:\Windows\system32\nvspcap.dll

2013-11-08 19:00 - 2013-11-08 19:00 - 00129536 _____ D:\Users\Public\AlexaNSISPlugin.4168.dll

2013-11-08 17:29 - 2013-11-08 17:29 - 00000000 ____D D:\Program Files\Uniblue

2013-11-04 21:40 - 2009-07-14 05:53 - 00032632 _____ D:\Windows\Tasks\SCHEDLGU.TXT

2013-10-28 21:18 - 2010-07-11 10:18 - 00000000 ____D D:\Program Files\NVIDIA Corporation

2013-10-28 21:07 - 2010-07-11 10:18 - 00000000 ____D D:\ProgramData\NVIDIA Corporation

2013-10-23 11:24 - 2013-10-28 21:13 - 22933792 _____ (NVIDIA Corporation) D:\Windows\system32\nvoglv32.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 17560352 _____ (NVIDIA Corporation) D:\Windows\system32\nvcompiler.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 10410272 _____ (NVIDIA Corporation) D:\Windows\system32\Drivers\nvlddmkm.sys

2013-10-23 11:24 - 2013-10-28 21:13 - 09524088 _____ (NVIDIA Corporation) D:\Windows\system32\nvcuda.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 09480328 _____ (NVIDIA Corporation) D:\Windows\system32\nvopencl.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 02946848 _____ (NVIDIA Corporation) D:\Windows\system32\nvcuvid.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 02747168 _____ (NVIDIA Corporation) D:\Windows\system32\nvcuvenc.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 01049888 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispco3233165.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 00893728 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispgenco3233165.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 00599840 _____ (NVIDIA Corporation) D:\Windows\system32\NvFBC.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 00560416 _____ (NVIDIA Corporation) D:\Windows\system32\NvIFR.dll

2013-10-23 11:24 - 2013-10-15 16:35 - 15855568 _____ (NVIDIA Corporation) D:\Windows\system32\nvwgf2um.dll

2013-10-23 11:24 - 2013-10-15 16:35 - 15212336 _____ (NVIDIA Corporation) D:\Windows\system32\nvd3dum.dll

2013-10-23 11:24 - 2013-09-19 20:30 - 00018174 _____ D:\Windows\system32\nvinfo.pb

2013-10-23 11:24 - 2010-07-11 10:17 - 02695200 _____ (NVIDIA Corporation) D:\Windows\system32\nvapi.dll

2013-10-23 08:19 - 2010-06-07 16:47 - 04318496 _____ (NVIDIA Corporation) D:\Windows\system32\nvcpl.dll

2013-10-23 08:19 - 2010-06-07 16:47 - 03036448 _____ (NVIDIA Corporation) D:\Windows\system32\nvsvc.dll

2013-10-23 08:19 - 2010-06-07 16:47 - 02555168 _____ (NVIDIA Corporation) D:\Windows\system32\nvsvcr.dll

2013-10-23 08:19 - 2010-06-07 16:47 - 00664352 _____ (NVIDIA Corporation) D:\Windows\system32\nvvsvc.exe

2013-10-23 08:19 - 2010-06-07 16:47 - 00209184 _____ (NVIDIA Corporation) D:\Windows\system32\nvmctray.dll

2013-10-23 08:19 - 2010-06-07 16:47 - 00062752 _____ (NVIDIA Corporation) D:\Windows\system32\nvshext.dll

2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) D:\Windows\system32\nvStreaming.exe

2013-10-21 15:50 - 2009-10-28 08:49 - 00000000 ____D D:\Windows\pss

2013-10-21 05:05 - 2013-10-21 05:05 - 00264616 _____ (Oracle Corporation) D:\Windows\system32\javaws.exe

2013-10-21 05:05 - 2013-10-21 05:05 - 00175016 _____ (Oracle Corporation) D:\Windows\system32\javaw.exe

2013-10-21 05:05 - 2013-10-21 05:05 - 00174504 _____ (Oracle Corporation) D:\Windows\system32\java.exe

2013-10-21 05:05 - 2013-10-21 05:05 - 00094632 _____ (Oracle Corporation) D:\Windows\system32\WindowsAccessBridge.dll

2013-10-21 05:05 - 2013-10-21 05:05 - 00000000 ____D D:\ProgramData\Oracle

2013-10-21 05:05 - 2013-10-21 05:05 - 00000000 ____D D:\Program Files\Java

2013-10-21 05:05 - 2013-10-21 05:05 - 00000000 ____D D:\Program Files\Common Files\Java

2013-10-16 08:35 - 2009-07-14 03:37 - 00000000 ____D D:\Windows\rescache

2013-10-16 01:41 - 2013-10-22 19:07 - 01049888 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispco3233158.dll

2013-10-16 01:41 - 2013-10-22 19:07 - 00893728 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispgenco3233158.dll

2013-10-15 16:46 - 2009-07-14 03:37 - 00000000 ____D D:\Windows\AppCompat

2013-10-15 16:23 - 2013-10-15 16:23 - 00336816 _____ D:\Windows\Minidump\101513-39171-01.dmp

2013-10-15 16:23 - 2012-06-27 20:31 - 00000000 ____D D:\Windows\Minidump

2013-10-15 16:19 - 2013-10-15 16:19 - 00366872 _____ D:\Windows\Minidump\101513-48687-01.dmp
 

Files to move or delete:

====================

D:\Users\Public\AlexaNSISPlugin.4168.dll
 
 

Some content of TEMP:

====================

D:\Users\KH\AppData\Local\Temp\84859-647921-format-factory.exe

D:\Users\KH\AppData\Local\Temp\avgnt.exe

D:\Users\KH\AppData\Local\Temp\b137Installer.exe

D:\Users\KH\AppData\Local\Temp\dotnetfx.exe

D:\Users\KH\AppData\Local\Temp\instloffer.exe

D:\Users\KH\AppData\Local\Temp\Setup.exe
 
 

==================== Bamital & volsnap Check =================
 

D:\Windows\explorer.exe => MD5 is legit

D:\Windows\System32\winlogon.exe => MD5 is legit

D:\Windows\System32\wininit.exe => MD5 is legit

D:\Windows\System32\svchost.exe => MD5 is legit

D:\Windows\System32\services.exe => MD5 is legit

D:\Windows\System32\User32.dll => MD5 is legit

D:\Windows\System32\userinit.exe => MD5 is legit

D:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2013-11-10 17:36
 

==================== End Of Log ============================

--- --- ---

schrauber

13.11.2013 12:43

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

xrcd73

13.11.2013 19:41

Hallo.Addition Logfiles hatte ich ja vergessen und die beiden Trojaner hatte ich mit Avira im abgesicherten Modus am 10.11.13 gelöscht.Bei dem # Symbol leider keine Reaktion.MfG Claas Hoffmann FRST Additions Logfile:

Code:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 10-11-2013 01

Ran by KH at 2013-11-12 18:03:07

Running from D:\Users\KH\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
 

==================== Installed Programs ======================
 

 Update for Microsoft Office 2007 (KB2508958)

2007 Microsoft Office system (Version: 12.0.6612.1000)

Adobe AIR (Version: 3.7.0.2090)

Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)

Adobe Reader XI (11.0.05) - Deutsch (Version: 11.0.05)

Adobe Shockwave Player 12.0 (Version: 12.0.3.133)

Advanced System Optimizer (Version: 3.5.1000.15564)

Amazon Browser Bar (Version: 3.0)

AuthenTec TrueSuite (Version: 2.0.0.57)

Avira Internet Security Suite (Version: 14.0.0.383)

BEWERBUNGSMASTER

Canon MP250 series MP Drivers

D3DX10 (Version: 15.4.2368.0902)

DVD Audio Extractor 7.1.1

Fotogalerie (Version: 16.4.3508.0205)

FreePDF (Remove only)

GeForce Experience NvStream Client Components (Version: 1.6.28)

GPL Ghostscript 8.70

HIGHRESAUDIO Manager 1.0 (Version: 1.0)

iMesh (HKCU Version: 12.5.0.134165)

Intel® Matrix Storage Manager und Intel® Turbo Memory

Intel® Turbo Memory

Java 7 Update 45 (Version: 7.0.450)

Java Auto Updater (Version: 2.1.9.8)

Junk Mail filter update (Version: 16.4.3508.0205)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft .NET Framework 4 Extended (Version: 4.0.30319)

Microsoft Application Error Reporting (Version: 12.0.6012.5000)

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000)

Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)

Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)

Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)

Microsoft Office Outlook Connector (Version: 14.0.5118.5000)

Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000)

Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)

Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000)

Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)

Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)

Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)

Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000)

Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)

Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)

Microsoft Security Client (Version: 4.3.0219.0)

Microsoft Security Essentials (Version: 4.3.219.0)

Microsoft Silverlight (Version: 5.1.20913.0)

Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)

Microsoft SQL Server Compact 3.5 SP1 English (Version: 3.5.5692.0)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)

Movie Maker (Version: 16.4.3508.0205)

MSVC80_x86 (Version: 1.0.1.0)

MSVC80_x86_v2 (Version: 1.0.3.0)

MSVCRT (Version: 15.4.2862.0708)

MSVCRT Redists (Version: 1.0)

MSVCRT110 (Version: 16.4.1108.0727)

MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)

MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)

Nero 12 (Version: 12.0.02900)

Nero 12 Content Pack (Version: 12.0.00400)

Nero Abstract Themes (Version: 12.0.11500)

Nero Audio Pack 1 (Version: 11.0.11500.110.0)

Nero BackItUp (Version: 12.5.11000)

Nero BackItUp Help (CHM) (Version: 12.0.13000)

Nero Blu-ray Player (Version: 12.0.20051)

Nero Blu-ray Player Help (CHM) (Version: 15.0.00015)

Nero Burning ROM (Version: 12.5.6000)

Nero Burning ROM Help (CHM) (Version: 12.0.3000)

Nero Cliparts (Version: 12.0.11500)

Nero ControlCenter (Version: 11.0.16700)

Nero ControlCenter Help (CHM) (Version: 15.0.00015)

Nero Core Components (Version: 11.0.22500)

Nero CoverDesigner (Version: 12.0.01500)

Nero CoverDesigner (Version: 12.0.10003)

Nero CoverDesigner Help (CHM) (Version: 12.0.2000)

Nero Disc Menus 1 (Version: 12.0.11500)

Nero Disc Menus 2 (Version: 12.0.11500)

Nero Disc Menus 3 (Version: 12.0.11500)

Nero Disc Menus Basic (Version: 12.0.11500)

Nero Effects Basic (Version: 15.0.10011)

Nero Express (Version: 12.5.7000)

Nero Express Help (CHM) (Version: 12.0.13000)

Nero Family and Events Themes (Version: 12.0.11500)

Nero Football (Soccer) Themes (Version: 12.0.11500)

Nero Holiday and Sports Themes (Version: 12.0.11500)

Nero Image Samples (Version: 15.0.10008)

Nero Info (Version: 15.1.0025)

Nero Kwik Themes Basic (Version: 12.0.11500)

Nero MediaHome (Version: 1.20.8300)

Nero MediaHome Help (CHM) (Version: 15.0.00018)

Nero PiP Effects 1 (Version: 12.0.11500)

Nero PiP Effects Basic (Version: 15.0.10008)

Nero Platinum Effects 12 (Version: 15.0.10011)

Nero Recode (Version: 12.5.6000)

Nero Recode Help (CHM) (Version: 12.0.12000)

Nero RescueAgent (Version: 12.0.11000)

Nero RescueAgent Help (CHM) (Version: 12.0.7000)

Nero Retro Film Themes (Version: 12.0.11700)

Nero SharedVideoCodecs (Version: 1.0.15003)

Nero SoundTrax (Version: 12.0.01700)

Nero SoundTrax (Version: 12.0.8000)

Nero SoundTrax Help (CHM) (Version: 12.0.14000)

Nero Update (Version: 11.0.13300.42.0)

Nero Video (Version: 12.5.4000)

Nero Video Help (CHM) (Version: 12.0.12000)

Nero Video Samples (Version: 12.0.11500)

Nero Video Transitions 1 (Version: 12.0.11500)

Nero WaveEditor (Version: 12.0.01000)

Nero WaveEditor (Version: 12.0.8000)

Nero WaveEditor Help (CHM) (Version: 12.0.7000)

neroxml (Version: 1.0.0)

NVIDIA 3D Vision Treiber 331.65 (Version: 331.65)

NVIDIA Display Control Panel (Version: 6.14.12.5721)

NVIDIA GeForce Experience 1.7.1 (Version: 1.7.1)

NVIDIA Grafiktreiber 331.65 (Version: 331.65)

NVIDIA Install Application (Version: 2.1002.140.952)

NVIDIA LED Visualizer 1.0 (Version: 1.0)

NVIDIA PhysX (Version: 9.13.0725)

NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725)

NVIDIA ShadowPlay 9.3.21 (Version: 9.3.21)

NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.3165)

NVIDIA Systemsteuerung 331.65 (Version: 331.65)

NVIDIA Update 9.3.21 (Version: 9.3.21)

NVIDIA Update Components (Version: 9.3.21)

NVIDIA Virtual Audio 1.2.9 (Version: 1.2.9)

On Screen Display (Version: 7.04.1001)

Photo Common (Version: 16.4.3508.0205)

Photo Gallery (Version: 16.4.3508.0205)

Prerequisite installer (Version: 12.0.0003)

Realtek High Definition Audio Driver (Version: 6.0.1.5953)

RedMon - Redirection Port Monitor

SHIELD Streaming (Version: 1.6.53)

swMSM (Version: 12.0.0.1)

System Requirements Lab

Texas Instruments PCIxx21/x515/xx12 drivers. (Version: 2.00.0001)

TIPCI (Version: 2.00.0001)

TuneUp Utilities 2014 (de-DE) (Version: 14.0.1000.143)

TuneUp Utilities 2014 (Version: 14.0.1000.143)

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)

Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2827325) 32-Bit Edition

Update für Microsoft Office Excel 2007 Help (KB963678)

Update für Microsoft Office Outlook 2007 Help (KB963677)

Update für Microsoft Office Powerpoint 2007 Help (KB963669)

Update für Microsoft Office Word 2007 Help (KB963665)

VLC media player 2.0.8 (Version: 2.0.8)

Welcome App (Start-up experience) (Version: 12.0.15000)

Win-CASA 2009  (Version: 2009)

Windows Live Communications Platform (Version: 16.4.3508.0205)

Windows Live Essentials (Version: 16.4.3508.0205)

Windows Live Family Safety (Version: 16.4.3508.0205)

Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)

Windows Live Installer (Version: 16.4.3508.0205)

Windows Live Mail (Version: 16.4.3508.0205)

Windows Live Messenger (Version: 16.4.3508.0205)

Windows Live MIME IFilter (Version: 16.4.3508.0205)

Windows Live Photo Common (Version: 16.4.3508.0205)

Windows Live PIMT Platform (Version: 16.4.3508.0205)

Windows Live SOXE (Version: 16.4.3508.0205)

Windows Live SOXE Definitions (Version: 16.4.3508.0205)

Windows Live UX Platform (Version: 16.4.3508.0205)

Windows Live UX Platform Language Pack (Version: 16.4.3508.0205)

Windows Live Writer (Version: 16.4.3508.0205)

Windows Live Writer Resources (Version: 16.4.3508.0205)
 

==================== Restore Points  =========================
 

11-11-2013 23:21:30 Geplanter Prüfpunkt
 

==================== Hosts content: ==========================
 

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A D:\Windows\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {02AD40C0-9DBD-4C63-85D9-055847D0AC9C} - System32\Tasks\{B3F6DE9A-14F9-45EA-B53E-017F72C4B6BF} => D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [2013-06-21] (Microsoft Corporation)

Task: {09E7E648-8D82-4758-80E3-1B7B3E7378F0} - System32\Tasks\{1E67335F-04B2-42AD-9C73-30B507FD9763} => D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [2013-06-21] (Microsoft Corporation)

Task: {0A7EDE72-4D29-406D-860F-CF5A0ED5405F} - System32\Tasks\{C98999A9-1D91-45A4-8FE2-0F9714BB17CB} => D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [2013-06-21] (Microsoft Corporation)

Task: {0B051E87-8782-47E4-924F-E166E185254B} - System32\Tasks\{BC9C531B-4E36-4C23-889B-2B938C00619E} => D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [2013-06-21] (Microsoft Corporation)

Task: {11571DF0-D1E0-45F4-9B6A-DA6E65FAB28B} - System32\Tasks\{8B3AF785-FE82-40DE-893C-90BFF1292FF5} => D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [2013-06-21] (Microsoft Corporation)

Task: {1E5F8A85-0759-40A7-8E79-6908FB9316CB} - System32\Tasks\Adobe Flash Player Updater => D:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08] (Adobe Systems Incorporated)

Task: {419AD1ED-1A7A-49FD-8598-02C5BA9671F0} - System32\Tasks\{C40B6C49-DBF0-453D-B491-644785F1D1CB} => D:\Program Files\VideoLAN\VLC\vlc.exe [2013-07-30] (VideoLAN)

Task: {4654FA3F-EAAF-472E-AA04-82E118BB3ACC} - System32\Tasks\{1745DFFB-8477-4723-8CB4-1323A66D941A} => D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [2013-06-21] (Microsoft Corporation)

Task: {516BC98C-2130-4DF5-92AC-A58A5D743FAE} - System32\Tasks\{53F1D303-6633-4D35-A798-0A2178C336A7} => D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [2013-06-21] (Microsoft Corporation)

Task: {5A42E282-47D5-4D84-8FB9-F2EBCDFC02A8} - System32\Tasks\{FE5D0990-A2A0-4774-A4B8-197C7311399E} => D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [2013-06-21] (Microsoft Corporation)

Task: {5D010AB4-48E9-4147-AA07-A8596BA1A559} - System32\Tasks\{30C30732-63B4-4E98-A67F-CA87CE50BB5C} => D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [2013-06-21] (Microsoft Corporation)

Task: {5DB7CED9-E113-4F14-99B8-E27EA7BE92AA} - System32\Tasks\{16D79578-BB70-4DFB-B260-9A69C050A9E3} => D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [2013-06-21] (Microsoft Corporation)

Task: {68BAC488-4F9B-4843-84B0-F0FEC327887D} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-09-05] (Adobe Systems Incorporated)

Task: {691BC59C-A74D-46E1-8165-FF64227EED27} - System32\Tasks\Advanced System Optimizer => D:\Program Files\Advanced System Optimizer 3\ASO3.exe [2013-09-18] (Systweak Software, (www.systweak.com))

Task: {6ADC9EB6-8D7B-4CDD-B886-FDEBD0C0F07B} - System32\Tasks\{72F3FF64-CF01-4CD7-87F6-64E92CD09B3C} => D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [2013-06-21] (Microsoft Corporation)

Task: {6E382062-F0C8-45A8-A4C5-5B1132AABF91} - System32\Tasks\{AF071432-A608-4396-B049-701F3A96D5D3} => D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [2013-06-21] (Microsoft Corporation)

Task: {6FFFE746-62ED-4EAC-959A-704EA2E11896} - System32\Tasks\Java Update Scheduler => D:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)

Task: {7089AB89-BC8C-46DC-94C6-2DF6A34FF2E7} - System32\Tasks\ASO-AutoCheckUpdate7Days => D:\Program Files\Advanced System Optimizer 3\CheckUpdate.exe [2013-09-18] (Systweak Software, (www.systweak.com))

Task: {7D76EBEA-5215-4057-94C2-C12F944D695C} - System32\Tasks\{C107B64E-A493-4FF8-A9E3-25587EEC3B88} => D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [2013-06-21] (Microsoft Corporation)

Task: {7E3F70B6-4563-42F6-8855-195C60A06C26} - System32\Tasks\ASO-OneClickCare => D:\Program Files\Advanced System Optimizer 3\ASO3.exe [2013-09-18] (Systweak Software, (www.systweak.com))

Task: {81110996-47AA-40A9-BB23-58022BCC27E8} - System32\Tasks\{099F629D-8E05-4622-A8C5-6D66A7426BD0} => D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [2013-06-21] (Microsoft Corporation)

Task: {813DCA1E-E736-4E19-8F7B-FB295E8C0242} - System32\Tasks\{6C029569-7575-4D61-82A1-9CAB5388590D} => D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [2013-06-21] (Microsoft Corporation)

Task: {81F951E1-B528-44B2-AA69-C3CE5AE07290} - System32\Tasks\{72B23E82-D776-4799-9073-DD942D51B266} => D:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe

Task: {852F63B1-80D1-446B-80F6-9E3B0831646F} - System32\Tasks\{5BBFC697-C918-4735-92C8-634473F726BA} => D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [2013-06-21] (Microsoft Corporation)

Task: {9045B1DB-DBFF-4600-867C-00D9E93CE321} - System32\Tasks\{E0EC1149-06B1-42C4-A15F-6F0545EFB917} => D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [2013-06-21] (Microsoft Corporation)

Task: {99B76AF2-3288-4EAD-9564-02835CD92E0C} - System32\Tasks\{155534ED-DC25-4767-9E3B-D5042B0D201D} => D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [2013-06-21] (Microsoft Corporation)

Task: {9BB82677-C7AD-4CE2-BCEA-B22E5B37C685} - System32\Tasks\ASOService => D:\Program Files\Advanced System Optimizer 3\ASO3.exe [2013-09-18] (Systweak Software, (www.systweak.com))

Task: {9E693380-7249-4E4D-9EF2-CEC914DCCEF4} - System32\Tasks\{38A34D1A-9FF9-453A-8EF3-CCE2942D9124} => D:\Program Files\VideoLAN\VLC\vlc.exe [2013-07-30] (VideoLAN)

Task: {A5BCFC68-6C75-412B-A0F6-8201FA5340DA} - System32\Tasks\{81957F70-5E9F-43BA-8468-55061D7994C4} => D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [2013-06-21] (Microsoft Corporation)

Task: {B12E3E36-3F93-4226-94EE-7B8492F47F3A} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => D:\Program Files\TuneUp Utilities 2014\OneClick.exe [2013-10-12] (TuneUp Software)

Task: {C2AD2526-81E3-40EA-93E0-E824DCA8D04D} - System32\Tasks\{81DA98CF-7346-4B48-B1C3-EB58FEEAC5DB} => D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [2013-06-21] (Microsoft Corporation)

Task: {C8DBD8AF-E048-48E1-A8A1-C2EE920C088E} - System32\Tasks\Nero\Nero Info => D:\Program Files\Common Files\Nero\Nero Info\NeroInfo.exe [2013-08-27] (Nero AG)

Task: {CAC80EF2-14E4-4404-9646-DFEEAF4C0756} - System32\Tasks\CreateChoiceProcessTask => D:\Windows\System32\browserchoice.exe [2010-02-11] (Microsoft Corporation)

Task: {D0204C40-5FFA-4F90-BBF1-2B57835CC842} - System32\Tasks\{FAD9CCB1-8ED5-4D5D-96F6-3BE881E2B6AE} => D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [2013-06-21] (Microsoft Corporation)

Task: {E5E5CB7A-0B81-4702-BD78-7C955C04BBFB} - System32\Tasks\{92ADBCB5-1875-447A-85AB-132F4BDE29D6} => D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [2013-06-21] (Microsoft Corporation)

Task: {EE71AC5C-964A-4BEC-88B0-B904F976F3B3} - System32\Tasks\{057319AF-A3CE-488A-B50D-993C7EC2A3D5} => D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [2013-06-21] (Microsoft Corporation)

Task: {F40C7091-66E1-4120-9ADC-9863BB0A24B7} - System32\Tasks\{42D103BD-C4AC-4683-A2C5-3AF366C6F350} => D:\Program Files\VideoLAN\VLC\vlc.exe [2013-07-30] (VideoLAN)

Task: {FDC01269-07F6-4CCA-A10E-635210C6B9FA} - System32\Tasks\{571809EC-D46A-4470-8329-D6BA57E3B8D3} => D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [2013-06-21] (Microsoft Corporation)

Task: D:\Windows\Tasks\Adobe Flash Player Updater.job => D:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: D:\Windows\Tasks\ASO-AutoCheckUpdate7Days.job => D:\Program Files\Advanced System Optimizer 3\CheckUpdate.exe

Task: D:\Windows\Tasks\ASO-OneClickCare.job => D:\Program Files\Advanced System Optimizer 3\ASO3.exe

Task: D:\Windows\Tasks\ASOService.job => D:\Program Files\Advanced System Optimizer 3\aso3.exe
 

==================== Loaded Modules (whitelisted) =============
 

2009-11-29 20:41 - 2009-11-29 20:41 - 00043520 _____ () D:\Windows\system32\CmdLineExt03.dll
 

==================== Alternate Data Streams (whitelisted) =========
 

AlternateDataStreams: D:\Windows:FF5E12D833B9498C

AlternateDataStreams: D:\ProgramData\TEMP:373E1720
 

==================== Safe Mode (whitelisted) ===================
 
 

==================== Faulty Device Manager Devices =============
 

Name: FO13FF-65 PC-CAM

Description: USB-Videogerät

Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}

Manufacturer: Microsoft

Service: usbvideo

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (11/12/2013 00:35:30 AM) (Source: SideBySide) (User: )

Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".

Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.

Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
 

Error: (11/12/2013 00:34:19 AM) (Source: SideBySide) (User: )

Description: Fehler beim Generieren des Aktivierungskontextes für "ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"1".

Die abhängige Assemblierung "ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"" konnte nicht gefunden werden.

Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
 

Error: (11/12/2013 00:33:45 AM) (Source: SideBySide) (User: )

Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".

Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.

Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
 

Error: (11/11/2013 00:36:26 AM) (Source: SideBySide) (User: )

Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".

Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.

Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
 

Error: (11/11/2013 00:34:42 AM) (Source: SideBySide) (User: )

Description: Fehler beim Generieren des Aktivierungskontextes für "ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"1".

Die abhängige Assemblierung "ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"" konnte nicht gefunden werden.

Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
 

Error: (11/11/2013 00:34:03 AM) (Source: SideBySide) (User: )

Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".

Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.

Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
 

Error: (11/10/2013 08:50:54 PM) (Source: Outlook) (User: )

Description: Fehler beim Bestimmen, ob sich der Speicher im Crawlbereich befindet (Fehler=0x8007043c).
 

Error: (11/10/2013 08:50:54 PM) (Source: Outlook) (User: )

Description: Fehler beim Abrufen des Crawlbereichs-Managers. Fehler=0x8007043c.
 

Error: (11/10/2013 08:50:43 PM) (Source: Outlook) (User: )

Description: Fehler beim Bestimmen, ob sich der Speicher im Crawlbereich befindet (Fehler=0x8007043c).
 

Error: (11/10/2013 08:50:43 PM) (Source: Outlook) (User: )

Description: Fehler beim Abrufen des Crawlbereichs-Managers. Fehler=0x8007043c.
 
 

System errors:

=============

Error: (11/12/2013 05:01:31 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (11/12/2013 05:01:04 PM) (Source: WMPNetworkSvc) (User: )

Description: WMPNetworkSvc0x80004005
 

Error: (11/12/2013 04:58:39 PM) (Source: EventLog) (User: )

Description: Das System wurde zuvor am ‎12.‎11.‎2013 um 16:55:08 unerwartet heruntergefahren.
 

Error: (11/12/2013 03:16:48 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (11/12/2013 01:01:18 AM) (Source: DCOM) (User: )

Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 

Error: (11/11/2013 06:27:20 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (11/11/2013 06:27:20 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Avira Browser-Schutz" ist vom Dienst "Avira Echtzeit-Scanner" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 

%%0
 

Error: (11/11/2013 06:27:20 PM) (Source: Service Control Manager) (User: )

Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 

%%5
 

Error: (11/11/2013 06:27:19 PM) (Source: Service Control Manager) (User: )

Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 

%%5
 

Error: (11/11/2013 06:27:00 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
 
 

Microsoft Office Sessions:

=========================

Error: (03/11/2013 11:41:23 AM) (Source: Microsoft Office 12 Sessions)(User: )

Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2 seconds with 0 seconds of active time.  This session ended with a crash.
 

Error: (01/25/2013 00:02:57 PM) (Source: Microsoft Office 12 Sessions)(User: )

Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 36 seconds with 0 seconds of active time.  This session ended with a crash.
 

Error: (09/06/2012 05:25:20 PM) (Source: Microsoft Office 12 Sessions)(User: )

Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time.  This session ended with a crash.
 

Error: (09/06/2012 05:18:55 PM) (Source: Microsoft Office 12 Sessions)(User: )

Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 8 seconds with 0 seconds of active time.  This session ended with a crash.
 

Error: (04/05/2012 11:32:36 PM) (Source: Microsoft Office 12 Sessions)(User: )

Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6 seconds with 0 seconds of active time.  This session ended with a crash.
 

Error: (02/13/2011 09:48:16 AM) (Source: Microsoft Office 12 Sessions)(User: )

Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 52 seconds with 0 seconds of active time.  This session ended with a crash.
 

Error: (11/16/2010 09:09:47 PM) (Source: Microsoft Office 12 Sessions)(User: )

Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10 seconds with 0 seconds of active time.  This session ended with a crash.
 

Error: (09/07/2010 08:46:31 PM) (Source: Microsoft Office 12 Sessions)(User: )

Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 156 seconds with 120 seconds of active time.  This session ended with a crash.
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 37%

Total physical RAM: 3069.98 MB

Available physical RAM: 1918.55 MB

Total Pagefile: 6136.19 MB

Available Pagefile: 4663.82 MB

Total Virtual: 2047.88 MB

Available Virtual: 1896.47 MB
 

==================== Drives ================================
 

Drive c: (Sicherung) (Fixed) (Total:48.05 GB) (Free:40.17 GB) NTFS

Drive d: (SYSTEM) (Fixed) (Total:100 GB) (Free:23.29 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (Size: 514 MB) (Disk ID: BE3BE039)

Partition 1: (Not Active) - (Size=513 MB) - (Type=1B)
 

==================== End Of Log ============================

--- --- ---
a2013-11-13 16:05:57 . 2013-11-13 16:05:57 1,730 ----a-w- D:\Qoobox\Quarantine\Registry_backups\AddRemove-{83F829E0-0D6B-4D63-BBDC-CBF135FBA9B6}.reg.dat
2013-11-13 16:05:32 . 2013-11-13 16:05:32 171 ----a-w- D:\Qoobox\Quarantine\Registry_backups\WebBrowser-{5786D022-540E-4699-B350-B4BE0AE94B79}.reg.dat
2013-11-13 16:05:32 . 2013-11-13 16:05:32 171 ----a-w- D:\Qoobox\Quarantine\Registry_backups\WebBrowser-{213C8ED6-1D78-4D8F-8729-25006AA86A76}.reg.dat
2013-11-13 1:05:32 . 2013-11-13 16:05:32 171 ----a-w- D:\Qoobox\Quarantine\Registry_backups\WebBrowser-{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}.reg.dat
2013-11-13 15:55:59 . 2013-11-13 15:55:59 1,390 ----a-w- D:\Qoobox\Quarantine\Registry_backups\Service_srvPlgProtect.reg.dat
2013-11-13 15:55:41 . 2013-11-13 15:55:41 18,817 ----a-w- D:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2013-11-13 15:50:20 . 2013-11-13 15:50:20 512 ----a-w- D:\Qoobox\Quarantine\MBR_HardDisk0.mbr
2013-11-13 15:47:40 . 2013-11-13 15:50:21 82 ----a-w- D:\Qoobox\Quarantine\catchme.log
2013-11-10 09:22:49 . 2013-10-29 12:12:58 757 ----a-w- D:\Qoobox\Quarantine\D\Users\KH\AppData\Roaming\Microsoft\Windows\Recent\Kabel Deutschlang Vertrieb und Service GmbH.docx.vir
2013-11-09 11:33:57 . 2013-11-09 11:33:57 236,614 ----a-w- D:\Qoobox\Quarantine\D\Users\KH\AppData\Local\Lollipop\lollipop_cfg.lpd.vir
2013-11-09 11:33:56 . 2013-11-09 13:01:01 2,035 ----a-w- D:\Qoobox\Quarantine\D\Users\KH\AppData\Local\Lollipop\lollipop_ps.lpd.vir
2013-11-09 11:33:55 . 2013-11-09 13:00:41 4,006 ----a-w- D:\Qoobox\Quarantine\D\Users\KH\AppData\Local\Lollipop\lollipop.lpd.vir
2013-11-08 16:36:11 . 2013-10-21 15:37:02 190,464 ----a-w- D:\Qoobox\Quarantine\D\Users\KH\AppData\Roaming\okitspace\IE\OkitSpace.dll.vir
2013-11-08 16:30:22 . 2013-11-08 16:30:22 121,387 ----a-w- D:\Qoobox\Quarantine\D\Users\KH\AppData\Roaming\okitspace\uninstallkit.exe.vir
2013-11-04 08:54:22 . 2013-11-04 08:54:22 88,576 ----a-w- D:\Qoobox\Quarantine\D\Users\KH\AppData\Roaming\okitspace\protect\utilsDll.dll.vir
2013-11-04 08:34:16 . 2013-11-04 08:32:40 53,760 ----a-w- D:\Qoobox\Quarantine\D\Users\KH\AppData\Roaming\okitspace\protect\PluginProtect.exe.vir
2013-10-15 06:59:44 . 2013-10-15 06:59:44 49,152 ----a-w- D:\Qoobox\Quarantine\D\Users\KH\AppData\Roaming\okitspace\protect\Interop.Shell32.dll.vir
2013-10-15 06:59:44 . 2013-10-15 06:59:44 513,536 ----a-w- D:\Qoobox\Quarantine\D\Users\KH\AppData\Roaming\okitspace\protect\sqlite3.exe.vir
2013-10-14 10:46:34 . 2013-11-08 16:36:15 1,443 ----a-w- D:\Qoobox\Quarantine\D\Users\KH\AppData\Roaming\okitspace\Firefox\chrome\content\main.js.vir
2013-02-15 12:11:12 . 2013-02-15 12:11:12 217 ----a-w- D:\Qoobox\Quarantine\D\Users\KH\AppData\Roaming\okitspace\Firefox\chrome.manifest.vir
2013-02-13 08:36:50 . 2013-05-27 15:27:56 2,732 ----a-w- D:\Qoobox\Quarantine\D\Users\KH\AppData\Roaming\dvdae\dvdae.config.vir
2013-02-13 08:36:29 . 2013-02-13 08:36:29 192 ----a-w- D:\Qoobox\Quarantine\D\Users\KH\AppData\Roaming\dvdae\dvdae.lic.vir
und die Logsdateien Combofix Logfile:

Code:

ComboFix 13-11-12.01 - KH 13.11.2013  16:50:21.1.2 - x86

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3070.1970 [GMT 1:00]

ausgeführt von:: d:\users\KH\Desktop\ComboFix.exe

AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.
  ADS - Windows: deleted 24 bytes in 1 streams. 

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

d:\users\KH\AppData\Local\lollipop

d:\users\KH\AppData\Local\lollipop\lollipop.lpd

d:\users\KH\AppData\Local\lollipop\lollipop_cfg.lpd

d:\users\KH\AppData\Local\lollipop\lollipop_ps.lpd

d:\users\KH\AppData\Roaming\dvdae

d:\users\KH\AppData\Roaming\dvdae\dvdae.config

d:\users\KH\AppData\Roaming\dvdae\dvdae.lic

d:\users\KH\AppData\Roaming\Microsoft\Windows\Recent\Kabel Deutschlang Vertrieb und Service GmbH.docx

d:\users\KH\AppData\Roaming\okitspace

d:\users\KH\AppData\Roaming\okitspace\Firefox\chrome.manifest

d:\users\KH\AppData\Roaming\okitspace\Firefox\chrome\content\main.js

d:\users\KH\AppData\Roaming\okitspace\IE\OkitSpace.dll

d:\users\KH\AppData\Roaming\okitspace\protect\Interop.Shell32.dll

d:\users\KH\AppData\Roaming\okitspace\protect\PluginProtect.exe

d:\users\KH\AppData\Roaming\okitspace\protect\sqlite3.exe

d:\users\KH\AppData\Roaming\okitspace\protect\utilsDll.dll

d:\users\KH\AppData\Roaming\okitspace\uninstallkit.exe

.

.

(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_srvPlgProtect

.

.

(((((((((((((((((((((((   Dateien erstellt von 2013-10-13 bis 2013-11-13  ))))))))))))))))))))))))))))))

.

.

2013-11-13 01:57 . 2013-10-01 23:45        32256        ----a-w-        d:\windows\system32\TsUsbGDCoInstaller.dll

2013-11-13 01:57 . 2013-10-02 00:32        12800        ----a-w-        d:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe

2013-11-13 01:57 . 2013-10-02 00:42        49152        ----a-w-        d:\windows\system32\drivers\TsUsbFlt.sys

2013-11-13 01:57 . 2013-10-02 00:30        14336        ----a-w-        d:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll

2013-11-13 01:57 . 2013-10-02 00:14        50176        ----a-w-        d:\windows\system32\MsRdpWebAccess.dll

2013-11-13 01:57 . 2013-10-02 00:14        17920        ----a-w-        d:\windows\system32\wksprtPS.dll

2013-11-13 01:57 . 2013-10-01 23:58        53248        ----a-w-        d:\windows\system32\tsgqec.dll

2013-11-13 01:57 . 2013-10-01 23:08        855552        ----a-w-        d:\windows\system32\rdvidcrl.dll

2013-11-13 01:57 . 2013-10-01 23:00        76288        ----a-w-        d:\windows\system32\TSWbPrxy.exe

2013-11-13 01:57 . 2013-10-01 22:53        350208        ----a-w-        d:\windows\system32\wksprt.exe

2013-11-13 01:57 . 2013-10-01 22:34        1068544        ----a-w-        d:\windows\system32\mstsc.exe

2013-11-13 01:57 . 2013-10-01 20:55        5698048        ----a-w-        d:\windows\system32\mstscax.dll

2013-11-13 01:55 . 2013-10-15 23:20        7796464        ----a-w-        d:\programdata\Microsoft\Windows Defender\Definition Updates\{5531D57C-44EB-405D-B7B3-FD8517FAD867}\mpengine.dll

2013-11-13 01:49 . 2013-11-13 01:49        97880        ----a-w-        d:\program files\Internet Explorer\pdmproxy100.dll

2013-11-13 01:45 . 2013-10-04 01:58        152576        ----a-w-        d:\windows\system32\SmartcardCredentialProvider.dll

2013-11-13 01:44 . 2013-10-05 19:57        1168384        ----a-w-        d:\windows\system32\crypt32.dll

2013-11-13 01:44 . 2013-10-12 02:03        656896        ----a-w-        d:\windows\system32\nshwfp.dll

2013-11-13 01:44 . 2013-10-12 02:01        679424        ----a-w-        d:\windows\system32\IKEEXT.DLL

2013-11-13 01:44 . 2013-10-12 02:01        216576        ----a-w-        d:\windows\system32\FWPUCLNT.DLL

2013-11-13 01:44 . 2013-10-03 01:58        305152        ----a-w-        d:\windows\system32\gdi32.dll

2013-11-12 17:01 . 2013-11-12 17:01        --------        d-----w-        D:\FRST

2013-11-12 16:48 . 2013-11-12 16:48        --------        d-----w-        d:\users\KH\AppData\Roaming\MusicNet

2013-11-12 15:38 . 2013-11-12 15:38        --------        d-----w-        d:\users\KH\AppData\Local\NVIDIA Corporation

2013-11-10 18:16 . 2013-11-10 18:16        --------        d-----w-        d:\users\KH\AppData\Roaming\Avira

2013-11-10 18:15 . 2013-11-10 18:09        67680        ----a-w-        d:\windows\system32\drivers\avnetflt.sys

2013-11-10 18:15 . 2013-11-10 18:09        89376        ----a-w-        d:\windows\system32\drivers\avgntflt.sys

2013-11-10 18:15 . 2013-11-10 18:09        37352        ----a-w-        d:\windows\system32\drivers\avkmgr.sys

2013-11-10 18:15 . 2013-11-10 18:09        137208        ----a-w-        d:\windows\system32\drivers\avipbb.sys

2013-11-10 18:15 . 2013-11-10 18:15        --------        d-----w-        d:\program files\Avira

2013-11-10 11:53 . 2013-11-10 11:53        --------        d-----w-        D:\MFT 13120

2013-11-10 11:51 . 2013-11-10 11:51        --------        d-----w-        D:\MFT 69534

2013-11-10 11:51 . 2013-11-10 11:51        --------        d-----w-        D:\MFT 69500

2013-11-10 11:51 . 2013-11-10 11:51        --------        d-----w-        D:\MFT 69268

2013-11-10 11:51 . 2013-11-10 11:51        --------        d-----w-        D:\MFT 66797

2013-11-10 11:51 . 2013-11-10 11:51        --------        d-----w-        D:\MFT 44421

2013-11-10 11:51 . 2013-11-10 11:51        --------        d-----w-        D:\MFT 43696

2013-11-10 11:51 . 2013-11-10 11:51        --------        d-----w-        d:\program files\LucasArts

2013-11-10 11:50 . 2013-11-10 11:50        --------        d-----w-        d:\program files\Common Files\ParetoLogic

2013-11-10 11:50 . 2013-11-10 11:50        --------        d-----w-        D:\MFT 69327

2013-11-10 11:50 . 2013-11-10 11:50        --------        d-----w-        D:\MFT 43589

2013-11-10 11:49 . 2013-11-10 11:53        --------        d-----w-        D:\MFT 69599

2013-11-10 11:49 . 2013-11-10 11:49        --------        d-----w-        D:\MFT 69537

2013-11-10 11:47 . 2013-11-10 11:47        --------        d-----w-        D:\MFT 84808

2013-11-10 11:47 . 2013-11-10 11:47        --------        d-----w-        D:\MFT 84970

2013-11-10 11:47 . 2013-11-10 11:47        --------        d-----w-        D:\MFT 84925

2013-11-10 11:47 . 2013-11-10 11:47        --------        d-----w-        D:\MFT 84152

2013-11-10 11:45 . 2013-11-10 11:45        --------        d-----w-        D:\MFT 99805

2013-11-10 11:45 . 2013-11-10 11:45        --------        d-----w-        D:\MFT 2218

2013-11-10 11:45 . 2013-11-10 11:45        --------        d-----w-        D:\MFT 95531

2013-11-10 11:45 . 2013-11-10 11:45        --------        d-----w-        D:\MFT 95075

2013-11-10 11:45 . 2013-11-10 11:45        --------        d-----w-        D:\MFT 37463

2013-11-10 11:42 . 2013-11-10 11:42        --------        d-----w-        D:\MFT 69430

2013-11-10 11:39 . 2013-11-10 11:39        --------        d-----w-        D:\MFT 89457

2013-11-10 11:01 . 2013-11-10 11:01        --------        d-----w-        d:\users\KH\AppData\Local\Avg2014

2013-11-10 09:57 . 2013-11-10 09:57        --------        d-----w-        D:\MFT 67386

2013-11-10 09:57 . 2013-11-10 11:44        --------        d-----w-        D:\MFT 85569

2013-11-10 09:56 . 2013-11-10 11:47        --------        d-----w-        D:\MFT 85251

2013-11-10 09:56 . 2013-11-10 09:56        --------        d-----w-        D:\MFT 37475

2013-11-10 09:55 . 2013-11-10 11:53        --------        d-----w-        D:\MFT 85443

2013-11-10 09:54 . 2013-11-10 09:54        --------        d-----w-        D:\MFT 69649

2013-11-10 09:54 . 2013-11-10 09:54        --------        d-----w-        D:\MFT 68594

2013-11-10 09:54 . 2013-11-10 09:54        --------        d-----w-        D:\MFT 67382

2013-11-10 09:54 . 2013-11-10 09:54        --------        d-----w-        D:\MFT 66129

2013-11-10 09:54 . 2013-11-10 09:54        --------        d-----w-        D:\MFT 619

2013-11-10 09:54 . 2013-11-10 09:54        --------        d-----w-        D:\MFT 47937

2013-11-10 09:54 . 2013-11-10 09:54        --------        d-----w-        D:\MFT 47931

2013-11-10 09:54 . 2013-11-10 09:54        --------        d-----w-        D:\MFT 47927

2013-11-10 09:54 . 2013-11-10 09:54        --------        d-----w-        D:\MFT 21752

2013-11-10 09:54 . 2013-11-10 09:54        --------        d-----w-        D:\MFT 18213

2013-11-10 09:54 . 2013-11-10 09:54        --------        d-----w-        D:\MFT 16634

2013-11-10 09:54 . 2013-11-10 09:54        --------        d-----w-        D:\MFT 69652

2013-11-10 09:53 . 2013-11-10 09:53        --------        d-----w-        D:\MFT 9626

2013-11-10 09:53 . 2013-11-10 09:53        --------        d-----w-        D:\MFT 140

2013-11-10 09:53 . 2013-11-10 09:53        --------        d-----w-        D:\MFT 10193

2013-11-10 09:53 . 2013-11-10 11:51        --------        d-----w-        D:\MFT 50434

2013-11-10 09:53 . 2013-11-10 09:53        --------        d-----w-        D:\MFT 69244

2013-11-10 09:53 . 2013-11-10 09:53        --------        d-----w-        D:\MFT 69059

2013-11-10 09:53 . 2013-11-10 09:53        --------        d-----w-        D:\MFT 69052

2013-11-10 09:53 . 2013-11-10 09:53        --------        d-----w-        D:\MFT 68604

2013-11-10 09:53 . 2013-11-10 09:53        --------        d-----w-        D:\MFT 48730

2013-11-10 09:53 . 2013-11-10 09:53        --------        d-----w-        D:\MFT 48085

2013-11-10 09:53 . 2013-11-10 09:53        --------        d-----w-        D:\MFT 43046

2013-11-10 09:43 . 2013-11-10 11:50        --------        d-----w-        D:\MFT 69603

2013-11-10 09:43 . 2013-11-10 11:49        --------        d-----w-        D:\MFT 69491

2013-11-10 09:43 . 2013-11-10 11:49        --------        d-----w-        D:\MFT 69345

2013-11-10 09:43 . 2013-11-10 09:43        --------        d-----w-        D:\MFT 99757

2013-11-10 09:43 . 2013-11-10 09:43        --------        d-----w-        D:\MFT 99544

2013-11-10 09:28 . 2013-11-10 09:28        --------        d-----w-        D:\MFT 15395

2013-11-10 09:28 . 2013-11-10 09:28        --------        d-----w-        D:\MFT 17617

2013-11-10 09:18 . 2013-11-10 09:18        --------        d-----w-        D:\MFT 98455

2013-11-10 09:16 . 2013-11-10 09:16        --------        d-----w-        D:\MFT 77143

2013-11-10 09:16 . 2013-11-10 09:16        --------        d-----w-        D:\MFT 64491

2013-11-10 09:16 . 2013-11-10 09:16        --------        d-----w-        D:\MFT 63646

2013-11-10 09:16 . 2013-11-10 09:16        --------        d-----w-        D:\MFT 46360

2013-11-10 09:16 . 2013-11-10 09:16        --------        d-----w-        D:\MFT 45729

2013-11-10 09:16 . 2013-11-10 09:16        --------        d-----w-        D:\MFT 16514

2013-11-10 09:16 . 2013-11-10 09:16        --------        d-----w-        D:\MFT 45723

2013-11-10 09:16 . 2013-11-10 09:16        --------        d-----w-        D:\MFT 2658

2013-11-10 09:10 . 2013-11-10 09:10        --------        d-----w-        D:\MFT 98476

2013-11-10 09:10 . 2013-11-10 09:10        --------        d-----w-        D:\MFT 99960

2013-11-10 09:10 . 2013-11-10 09:10        --------        d-----w-        D:\MFT 6992

2013-11-10 09:10 . 2013-11-10 09:10        --------        d-----w-        D:\MFT 43812

2013-11-10 09:10 . 2013-11-10 09:10        --------        d-----w-        D:\MFT 261

2013-11-10 09:03 . 2013-11-10 09:03        --------        d-----w-        D:\MFT 71952

2013-11-10 09:03 . 2013-11-10 09:03        --------        d-----w-        D:\MFT 37473

2013-11-10 09:03 . 2013-11-10 11:51        --------        d-----w-        D:\MFT 25091

2013-11-10 09:03 . 2013-11-10 11:48        --------        d-----w-        D:\MFT 40319

2013-11-10 09:03 . 2013-11-10 09:52        --------        d-----w-        D:\MFT 66778

2013-11-10 08:57 . 2013-11-10 12:23        --------        d-----w-        D:\MFT 94973

2013-11-10 08:43 . 2013-11-10 09:43        --------        d-----w-        D:\MFT 44093

2013-11-10 07:20 . 2013-10-12 01:28        36664        ----a-w-        d:\windows\system32\TURegOpt.exe

2013-11-10 07:20 . 2013-10-12 01:28        25400        ----a-w-        d:\windows\system32\authuitu.dll

2013-11-10 07:20 . 2013-11-10 07:20        --------        d-----w-        d:\users\KH\AppData\Roaming\TuneUp Software

2013-11-10 07:20 . 2013-11-10 07:20        --------        d-----w-        d:\program files\TuneUp Utilities 2014

2013-11-10 07:19 . 2013-11-10 07:26        --------        d-sh--w-        d:\programdata\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}

2013-11-10 06:56 . 2013-11-10 06:58        --------        d-----w-        d:\users\kh-pc

2013-11-10 06:47 . 2013-11-10 06:53        --------        d-----w-        d:\program files\Advanced System Optimizer 3

2013-11-09 18:07 . 2013-11-09 18:07        --------        d-----w-        d:\users\KH\AppData\Local\Programs

2013-11-09 16:50 . 2013-11-09 16:55        2216        ----a-w-        d:\windows\system32\ASOROSet.bin

2013-11-09 12:42 . 2013-11-09 12:42        --------        d-----w-        d:\users\KH\Tracing

2013-11-09 11:56 . 2013-11-09 17:00        --------        d-----w-        d:\users\KH\AppData\Local\Diagnostics

2013-11-09 10:32 . 2013-11-09 10:32        --------        d-----w-        d:\users\KH\AppData\Local\Adobe

2013-11-09 09:48 . 2013-11-09 10:24        --------        d-----w-        d:\users\xrcd73

2013-11-09 09:38 . 2013-11-09 10:24        --------        d-----w-        d:\users\kh_2

2013-11-08 21:48 . 2013-11-08 21:54        --------        d-----w-        d:\programdata\ParetoLogic

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-10-23 10:24 . 2010-07-11 09:17        2695200        ----a-w-        d:\windows\system32\nvapi.dll

2013-10-23 07:19 . 2010-06-07 15:47        4318496        ----a-w-        d:\windows\system32\nvcpl.dll

2013-10-23 07:19 . 2010-06-07 15:47        3036448        ----a-w-        d:\windows\system32\nvsvc.dll

2013-10-23 07:19 . 2010-06-07 15:47        664352        ----a-w-        d:\windows\system32\nvvsvc.exe

2013-10-23 07:19 . 2010-06-07 15:47        62752        ----a-w-        d:\windows\system32\nvshext.dll

2013-10-23 07:19 . 2010-06-07 15:47        2555168        ----a-w-        d:\windows\system32\nvsvcr.dll

2013-10-23 07:19 . 2010-06-07 15:47        209184        ----a-w-        d:\windows\system32\nvmctray.dll

2013-10-08 19:15 . 2012-04-09 16:29        692616        ----a-w-        d:\windows\system32\FlashPlayerApp.exe

2013-10-08 19:15 . 2011-05-19 03:59        71048        ----a-w-        d:\windows\system32\FlashPlayerCPLApp.cpl

2013-10-02 03:01 . 2013-11-13 01:57        3584        ----a-w-        d:\windows\system32\drivers\de-DE\tsusbflt.sys.mui

2013-09-27 23:01 . 2013-09-06 19:26        28960        ----a-w-        d:\windows\system32\nvaudcap32v.dll

2013-09-14 00:48 . 2013-10-09 17:18        338944        ----a-w-        d:\windows\system32\drivers\afd.sys

2013-09-12 08:51 . 2013-09-19 19:30        893728        ----a-w-        d:\windows\system32\nvdispgenco3232723.dll

2013-09-12 08:51 . 2013-09-19 19:30        1049376        ----a-w-        d:\windows\system32\nvdispco3232723.dll

2013-09-08 02:07 . 2013-10-09 17:18        1294272        ----a-w-        d:\windows\system32\drivers\tcpip.sys

2013-09-08 02:03 . 2013-10-09 17:18        231424        ----a-w-        d:\windows\system32\mswsock.dll

2013-09-04 01:15 . 2013-10-09 17:18        258560        ----a-w-        d:\windows\system32\drivers\usbhub.sys

2013-09-04 01:14 . 2013-10-09 17:18        76288        ----a-w-        d:\windows\system32\drivers\usbccgp.sys

2013-09-04 01:14 . 2013-10-09 17:18        284672        ----a-w-        d:\windows\system32\drivers\usbport.sys

2013-09-04 01:14 . 2013-10-09 17:18        43008        ----a-w-        d:\windows\system32\drivers\usbehci.sys

2013-09-04 01:14 . 2013-10-09 17:18        20480        ----a-w-        d:\windows\system32\drivers\usbohci.sys

2013-09-04 01:14 . 2013-10-09 17:18        24064        ----a-w-        d:\windows\system32\drivers\usbuhci.sys

2013-09-04 01:14 . 2013-10-09 17:18        6016        ----a-w-        d:\windows\system32\drivers\usbd.sys

2013-09-03 12:35 . 2009-10-25 15:14        238872        ------w-        d:\windows\system32\MpSigStub.exe

2013-08-29 15:18 . 2012-07-17 12:37        22240        ----a-w-        d:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2013-08-29 01:51 . 2013-10-09 17:18        3969472        ----a-w-        d:\windows\system32\ntkrnlpa.exe

2013-08-29 01:51 . 2013-10-09 17:18        3914176        ----a-w-        d:\windows\system32\ntoskrnl.exe

2013-08-29 01:50 . 2013-10-09 17:18        1289096        ----a-w-        d:\windows\system32\ntdll.dll

2013-08-29 01:50 . 2013-10-09 17:18        619520        ----a-w-        d:\windows\system32\tdh.dll

2013-08-29 01:48 . 2013-10-09 17:18        640512        ----a-w-        d:\windows\system32\advapi32.dll

2013-08-28 01:04 . 2013-10-09 17:17        2348544        ----a-w-        d:\windows\system32\win32k.sys

2013-08-28 00:57 . 2013-10-09 17:18        434688        ----a-w-        d:\windows\system32\scavengeui.dll

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AmazonMP3DownloaderHelper"="d:\users\KH\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe" [2013-05-22 400704]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"KeybdUtility"="d:\program files\LG Software\On Screen Display\HotKey.exe" [2007-04-10 2655800]

"IAAnotif"="d:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]

"IaNvSrv"="d:\program files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe" [2009-07-13 33304]

"RtHDVCpl"="d:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-10-06 7772704]

"FreePDF Assistant"="d:\program files\FreePDF_XP\fpassist.exe" [2009-09-05 385024]

"Nvtmru"="d:\program files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-11-08 1028384]

"ShadowPlay"="d:\windows\system32\nvspcap.dll" [2013-11-08 955168]

"mobilegeni daemon"="d:\program files\Mobogenie\DaemonProcess.exe" [2013-10-08 735936]

"avgnt"="d:\program files\Avira\AntiVir Desktop\avgnt.exe" [2013-11-10 681032]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"EnableLinkedConnections"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute        REG_MULTI_SZ           \0

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"Adobe ARM"="d:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"SunJavaUpdateSched"="d:\program files\Common Files\Java\Java Update\jusched.exe"

.

R3 dc3d;MS Hardware Device Detection Driver (USB);d:\windows\system32\DRIVERS\dc3d.sys [2009-10-16 16896]

R3 efipsk;efipsk;d:\users\KH\AppData\Local\Temp\efipsk.sys [x]

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;d:\windows\system32\IEEtwCollector.exe [2013-11-13 108032]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;d:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]

R3 TsUsbFlt;TsUsbFlt;d:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]

S0 iaNvStor;Intel(R) Turbo Memory Controller;d:\windows\system32\DRIVERS\iaNvStor.sys [2009-07-01 232472]

S1 avkmgr;avkmgr;d:\windows\system32\DRIVERS\avkmgr.sys [2013-11-10 37352]

S2 AntiVirMailService;Avira Email-Schutz;d:\program files\Avira\AntiVir Desktop\avmailc7.exe [2013-11-10 972872]

S2 AntiVirSchedulerService;Avira Planer;d:\program files\Avira\AntiVir Desktop\sched.exe [2013-11-10 440392]

S2 AntiVirWebService;Avira Browser-Schutz;d:\program files\Avira\AntiVir Desktop\avwebg7.exe [2013-11-10 1164360]

S2 ASO3DiskOptimizer;ASO3DiskOptimizer;d:\program files\Advanced System Optimizer 3\ASO3DefragSrv.exe [2013-09-18 241448]

S2 avnetflt;avnetflt;d:\windows\system32\DRIVERS\avnetflt.sys [2013-11-10 67680]

S2 NAUpdate;Nero Update;d:\program files\Nero\Update\NASvc.exe [2013-07-18 762192]

S2 NvStreamSvc;NVIDIA Streamer Service;d:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-11-08 14652704]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;d:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-23 414496]

S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;d:\program files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [2013-10-12 1739576]

S2 Updater Service for AMZN;Updater Service for AMZN;d:\program files\Amazon Browser Bar\ToolbarUpdaterService.exe [2013-03-21 222368]

S3 ATSwpWDF;AuthenTec TruePrint WBF Driver;d:\windows\system32\Drivers\ATSwpWDF.sys [2012-10-18 971752]

S3 btmhsf;btmhsf;d:\windows\system32\DRIVERS\btmhsf.sys [2011-07-19 225280]

S3 iBtFltCoex;iBtFltCoex;d:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-07-19 47104]

S3 netw5v32;Intel(R) Wireless WiFi Link 5000-Serie - Adaptertreiber für Windows Vista 32 Bit;d:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]

S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);d:\windows\system32\drivers\nvvad32v.sys [2013-09-27 33568]

S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;d:\program files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [2013-09-18 12320]

.

.

Inhalt des "geplante Tasks" Ordners

.

2013-11-13 d:\windows\Tasks\Adobe Flash Player Updater.job

- d:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 19:15]

.

2013-11-10 d:\windows\Tasks\ASO-AutoCheckUpdate7Days.job

- d:\program files\Advanced System Optimizer 3\CheckUpdate.exe [2013-11-10 11:10]

.

2013-11-11 d:\windows\Tasks\ASO-OneClickCare.job

- d:\program files\Advanced System Optimizer 3\ASO3.exe [2013-11-10 11:10]

.

2013-11-10 d:\windows\Tasks\ASOService.job

- d:\program files\Advanced System Optimizer 3\ASO3.exe [2013-11-10 11:10]

.

.

------- Zusätzlicher Suchlauf -------

.

uStart Page = hxxp://www.t-online.de/

mStart Page = hxxp://www.google.com

uSearchAssistant = hxxp://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=DE&userid=2a3a8c5d-55aa-0fb2-2bdd-a24772781652&searchtype=ds&q={searchTerms}&installDate=08/11/2013

IE: Nach Microsoft E&xel exportieren - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.178.1

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

WebBrowser-{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - (no file)

WebBrowser-{213C8ED6-1D78-4D8F-8729-25006AA86A76} - (no file)

WebBrowser-{5786D022-540E-4699-B350-B4BE0AE94B79} - (no file)

AddRemove-{83F829E0-0D6B-4D63-BBDC-CBF135FBA9B6} - d:\programdata\{8F84A085-61F5-420C-99B2-2BCE2C37763C}\setup.exe

.

.

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@d:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="d:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Weitere laufende Prozesse ------------------------

.

d:\windows\system32\nvvsvc.exe

d:\program files\NVIDIA Corporation\Display\nvxdsync.exe

d:\windows\system32\nvvsvc.exe

d:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe

d:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

d:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

d:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

d:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

d:\windows\system32\taskhost.exe

d:\windows\system32\conhost.exe

d:\program files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe

d:\windows\System32\rundll32.exe

d:\windows\system32\conhost.exe

d:\program files\Avira\AntiVir Desktop\avguard.exe

d:\program files\NVIDIA Corporation\Display\nvtray.exe

d:\program files\Windows Media Player\wmpnetwk.exe

d:\windows\system32\DllHost.exe

d:\program files\Avira\AntiVir Desktop\avshadow.exe

d:\windows\system32\sppsvc.exe

d:\\?\d:\windows\system32\wbem\WMIADAP.EXE

.

**************************************************************************

.

Zeit der Fertigstellung: 2013-11-13  17:06:55 - PC wurde neu gestartet

ComboFix-quarantined-files.txt  2013-11-13 16:06

.

Vor Suchlauf: 230 Verzeichnis(se), 25.073.795.072 Bytes frei

Nach Suchlauf: 237 Verzeichnis(se), 25.123.831.808 Bytes frei

.

- - End Of File - - BB1166B0D53EA5E7BDE6DE29B124AC8D

--- --- ---
5FB38429D5D77768867C76DCBDB35194

schrauber

14.11.2013 09:59

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

xrcd73

14.11.2013 21:04

Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.11.14.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.16428
KH :: KH-PC [Administrator]

Schutz: Aktiviert

14.11.2013 17:29:39
mbam-log-2013-11-14 (17-29-39).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 340170
Laufzeit: 10 Minute(n), 54 Sekunde(n)

Infizierte Speicherprozesse: 1
D:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe (PUP.Optional.AmazonTB.A) -> 1896 -> Löschen bei Neustart.

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 19
HKCR\CLSID\{3543619C-D563-43f7-95EA-4DA7E1CC396A} (PUP.Optional.OfferBox.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3543619C-D563-43F7-95EA-4DA7E1CC396A} (PUP.Optional.OfferBox.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{3543619C-D563-43F7-95EA-4DA7E1CC396A} (PUP.Optional.OfferBox.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3543619C-D563-43F7-95EA-4DA7E1CC396A} (PUP.Optional.OfferBox.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{8D03FA45-4B8C-4427-BE67-EE8885147151} (PUP.Optional.AmazonTB.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Interface\{8D03FA45-4B8C-4427-BE67-EE8885147151} (PUP.Optional.AmazonTB.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{008f6853-9cb4-41c5-a950-39d55e5e06ba} (PUP.Optional.AmazonTB.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\AlxTB2.TBLayoutBHO.1 (PUP.Optional.AmazonTB.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\AlxTB2.TBLayoutBHO (PUP.Optional.AmazonTB.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\TypeLib\{DA9FC525-41ED-4C00-B046-946DA7CDD305} (PUP.Optional.AmazonTB.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SYSTEM\CurrentControlSet\Services\Updater Service for AMZN (PUP.Optional.AmazonTB.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Amazon Browser Bar (PUP.Optional.AmazonTB.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\Distromatic\Toolbars (PUP.Optional.AlexaTB.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Amazon Browser Bar (PUP.Optional.AmazonTB.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Speedchecker Limited\PC Speed Up (PUP.Optional.PCSpeedUp.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 4
HKLM\SOFTWARE\Mozilla\Firefox\Extensions\{FEFE89E5-A43F-4f4b-8211-B11D91D02135} (PUP.Optional.CoolPic) -> Daten: -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Mozilla\Firefox\Extensions|{FEFE89E5-A43F-4f4b-8211-B11D91D02135} (PUP.Optional.CoolPic) -> Daten: D:\Program Files\CoolPic\Firefox -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Daten: {9059FAA0-63DA-11E2-B8E7-000DF0417B7D} -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Daten: {9059FAA0-63DA-11E2-B8E7-000DF0417B7D} -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (PUP.Optional.Snapdo) -> Bösartig: (hxxp://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=DE&userid=2a3a8c5d-55aa-0fb2-2bdd-a24772781652&searchtype=ds&q={searchTerms}&installDate=08/11/2013) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|SearchAssistant (PUP.Optional.Snapdo) -> Bösartig: (hxxp://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=DE&userid=2a3a8c5d-55aa-0fb2-2bdd-a24772781652&searchtype=ds&q={searchTerms}&installDate=08/11/2013) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt.

Infizierte Verzeichnisse: 21
D:\Program Files\Amazon Browser Bar (PUP.Optional.AmazonTB.A) -> Löschen bei Neustart.
D:\Program Files\Tuguu SL\VAFPlayer (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Users\KH\AppData\Local\Smartbar (PUP.Optional.SmartBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Users\KH\AppData\Local\Smartbar\Application (PUP.Optional.SmartBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Users\KH\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl (PUP.Optional.SmartBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Users\KH\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\JS (PUP.Optional.SmartBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Users\KH\AppData\Local\Smartbar\Application\de (PUP.Optional.SmartBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Users\KH\AppData\Local\Smartbar\Application\fr (PUP.Optional.SmartBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Users\KH\AppData\Local\Smartbar\Application\helperbar@helperbar.com (PUP.Optional.SmartBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Users\KH\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components (PUP.Optional.SmartBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Users\KH\AppData\Local\Smartbar\Application\it (PUP.Optional.SmartBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Users\KH\AppData\Local\Smartbar\Application\pt (PUP.Optional.SmartBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Users\KH\AppData\Local\Smartbar\Common (PUP.Optional.SmartBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Users\KH\AppData\Local\Smartbar\Common\iconsWide (PUP.Optional.SmartBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Users\KH\AppData\Local\Smartbar\SnapDo.exe_StrongName_vuedtbpoockmp1sq45awfxuouevabx0i (PUP.Optional.SmartBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Users\KH\AppData\Local\Smartbar\SnapDo.exe_StrongName_vuedtbpoockmp1sq45awfxuouevabx0i\11.10.1.13233 (PUP.Optional.SmartBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Users\KH\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Users\KH\AppData\Roaming\OpenCandy\456645A2E4D44A8FAD59528D141A5BD2 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Windows\System32\config\systemprofile\AppData\Roaming\okitSpace (PUP.Optional.OKitSpace.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Windows\System32\config\systemprofile\AppData\Roaming\okitSpace\IE (PUP.Optional.OKitSpace.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 107
D:\Windows\Installer\MSI9997.tmp (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Windows\Installer\338382.msi (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Windows\System32\roboot.exe (PUP.Optional.PCPerformer.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.ini (PUP.Optional.AmazonTB.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Amazon Browser Bar\AlxSSBPS.dll (PUP.Optional.AmazonTB.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Amazon Browser Bar\AlxSSBPS.dll-PREV (PUP.Optional.AmazonTB.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (PUP.Optional.AmazonTB.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Amazon Browser Bar\AmazonBrowserBar.3.0.Uninstall.exe (PUP.Optional.AmazonTB.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Amazon Browser Bar\AmazonBrowserBarSSB.3.0.dll (PUP.Optional.AmazonTB.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Amazon Browser Bar\AmazonBrowserBarSSB.3.0.dll-PREV (PUP.Optional.AmazonTB.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Amazon Browser Bar\search_protect.exe (PUP.Optional.AmazonTB.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe (PUP.Optional.AmazonTB.A) -> Löschen bei Neustart.
D:\Program Files\Amazon Browser Bar\uninstall.exe (PUP.Optional.AmazonTB.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Amazon Browser Bar\uninstall.ico (PUP.Optional.AmazonTB.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Amazon Browser Bar\uninstall.json (PUP.Optional.AmazonTB.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Amazon Browser Bar\update.xml (PUP.Optional.AmazonTB.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\AxInterop.WMPLib.dll (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\ComponentFactory.Krypton.Toolkit.dll (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\FileBrowser.dll (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\Interop.WMPLib.dll (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\libreria.ico (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\Newtonsoft.Json.dll (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\UltraID3Lib.dll (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\Uninstall.exe (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\uninstall.ico (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\VAFPlayer.exe (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\VAFPlayer.exe.config (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\VAFPlayer.InstallState (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\VAFUpdate.exe (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\wmp.dll (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Arabic.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Arabic.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Bulgarian.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Bulgarian.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Catalan.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Catalan.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Chinese (Simplified).gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Chinese (Simplified).ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Chinese (Traditional).gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Chinese (Traditional).ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Czech.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Czech.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Danish.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Danish.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Dutch.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Dutch.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\English.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\English.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Indonesian.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Italian.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Italian.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Japanese.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Japanese.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Korean.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Korean.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Latvian.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Latvian.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Lithuanian.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Lithuanian.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Norwegian.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Norwegian.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Polish.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Polish.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Portuguese.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Portuguese.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Romanian.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Romanian.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Russian.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Slovak.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Slovak.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Slovenian.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Slovenian.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Spanish.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Spanish.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Swedish.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Swedish.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Thai.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Thai.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Turkish.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Turkish.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Ukrainian.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Ukrainian.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Vietnamese.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Vietnamese.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Estonian.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Finnish.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Finnish.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\French.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\French.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\German.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\German.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Greek.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Greek.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Haitian Creole.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Haitian Creole.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Hebrew.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Hebrew.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Hindi.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Hindi.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Hungarian.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Hungarian.ini (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Estonian.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Indonesian.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Program Files\Tuguu SL\VAFPlayer\languages\Russian.gif (PUP.Optional.VPLMedia.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Users\KH\AppData\Roaming\OpenCandy\456645A2E4D44A8FAD59528D141A5BD2\TuneUpUtilities2013-2200217_de-DE.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Windows\System32\config\systemprofile\AppData\Roaming\okitSpace\IE\config (PUP.Optional.OKitSpace.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\Windows\System32\config\systemprofile\AppData\Roaming\okitSpace\IE\OkitSpace.dll (PUP.Optional.OKitSpace.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
2013/11/14 17:24:00 +0100 KH-PC KH MESSAGE Starting protection
2013/11/14 17:24:00 +0100 KH-PC KH MESSAGE Protection started successfully
2013/11/14 17:24:00 +0100 KH-PC KH MESSAGE Starting IP protection
2013/11/14 17:24:18 +0100 KH-PC KH MESSAGE IP Protection started successfully
2013/11/14 17:24:31 +0100 KH-PC KH MESSAGE Starting database refresh
2013/11/14 17:24:31 +0100 KH-PC KH MESSAGE Stopping IP protection
2013/11/14 17:24:32 +0100 KH-PC KH MESSAGE IP Protection stopped successfully
2013/11/14 17:24:36 +0100 KH-PC KH MESSAGE Database refreshed successfully
2013/11/14 17:24:36 +0100 KH-PC KH MESSAGE Starting IP protection
2013/11/14 17:24:39 +0100 KH-PC KH MESSAGE IP Protection started successfully
2013/11/14 17:26:03 +0100 KH-PC KH MESSAGE Executing scheduled update: Daily
2013/11/14 17:26:04 +0100 KH-PC KH MESSAGE Database already up-to-date
2013/11/14 17:45:04 +0100 KH-PC KH MESSAGE Starting protection
2013/11/14 17:45:04 +0100 KH-PC KH MESSAGE Protection started successfully
2013/11/14 17:45:04 +0100 KH-PC KH MESSAGE Starting IP protection
2013/11/14 17:45:10 +0100 KH-PC KH MESSAGE IP Protection started successfully
2013/11/14 18:05:29 +0100 KH-PC KH MESSAGE Starting protection
2013/11/14 18:05:29 +0100 KH-PC KH MESSAGE Protection started successfully
2013/11/14 18:05:29 +0100 KH-PC KH MESSAGE Starting IP protection
2013/11/14 18:05:37 +0100 KH-PC KH MESSAGE IP Protection started successfully
2013/11/14 18:27:57 +0100 KH-PC (null) MESSAGE Starting protection
2013/11/14 18:27:58 +0100 KH-PC (null) MESSAGE Protection started successfully
2013/11/14 18:27:58 +0100 KH-PC (null) MESSAGE Starting IP protection
2013/11/14 18:28:05 +0100 KH-PC (null) MESSAGE IP Protection started successfullyAdwCleaner Logfile:

Code:

# AdwCleaner v3.012 - Bericht erstellt am 14/11/2013 um 18:03:10

# Updated 11/11/2013 von Xplode

# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)

# Benutzername : KH - KH-PC

# Gestartet von : D:\Users\KH\Desktop\adwcleaner.exe

# Option : Löschen
 

***** [ Dienste ] *****
 
 

***** [ Dateien / Ordner ] *****
 

Ordner Gelöscht : D:\ProgramData\ParetoLogic

Ordner Gelöscht : D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue\DriverScanner

Ordner Gelöscht : D:\Program Files\ParetoLogic

Ordner Gelöscht : D:\Program Files\pc speed up

Ordner Gelöscht : D:\Program Files\tuguu sl

Ordner Gelöscht : D:\Program Files\Uniblue\DriverScanner

Ordner Gelöscht : D:\Program Files\Common Files\ParetoLogic

Ordner Gelöscht : D:\Users\KH\AppData\Roaming\Systweak

Ordner Gelöscht : D:\Users\UpdatusUser\AppData\Local\AskToolbar

Ordner Gelöscht : D:\Users\kh-pc\AppData\Local\AskToolbar

Ordner Gelöscht : D:\Users\KH\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb

Datei Gelöscht : D:\Program Files\Mozilla Firefox\user.js
 

***** [ Verknüpfungen ] *****
 
 

***** [ Registrierungsdatenbank ] *****
 

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\hifnddafpdkmjljallgdlkjiiieidmec

Schlüssel Gelöscht : HKCU\Software\Classes\Applications\lollipop.exe

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AlxSSB.AlxTBSSB

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AlxSSB.AlxTBSSB.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iMesh.AudioCD

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Softonic_chr_1-8-8-11_RASAPI32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Softonic_chr_1-8-8-11_RASMANCS

Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader58577[1]_RASAPI32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader58577[1]_RASMANCS

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader58577_RASAPI32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader58577_RASMANCS

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_cdburnerxp-pro_RASAPI32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_cdburnerxp-pro_RASMANCS

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_clonedvd_RASAPI32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_clonedvd_RASMANCS

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_easy-burning_RASAPI32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_easy-burning_RASMANCS

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_format-factory_RASAPI32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_format-factory_RASMANCS

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_gimp_RASAPI32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_gimp_RASMANCS

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_hamster-free-video-converter_RASAPI32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_hamster-free-video-converter_RASMANCS

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_photoscape_RASAPI32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_photoscape_RASMANCS

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_umplayer_RASAPI32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_umplayer_RASMANCS

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_vegas-pro_RASAPI32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_vegas-pro_RASMANCS

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_vlc-media-player_RASAPI32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_vlc-media-player_RASMANCS

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_windows-movie-maker-2012_RASAPI32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_windows-movie-maker-2012_RASMANCS

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_winx-dvd-author_RASAPI32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_winx-dvd-author_RASMANCS

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1F02FB61-2BE5-4C16-8199-AEAA16EB0342}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0923E315-2D8B-48CE-A37C-AE9A42F9711C}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1A1BBE49-C6F1-40EA-9D2F-262F0AF6DDE3}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2022154E-7E3E-4809-871E-1B45A6FC7058}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{292ECB89-350E-45D2-816F-52C15305B144}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{36CC2180-B6BF-4951-9578-6B0C40044AAA}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{44A36944-22C6-4A08-BC7C-161F3E540DBF}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{51F04BD6-3888-4849-864C-617FAE709CE0}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6247DD2C-8CF9-4041-A235-93691D71B8B4}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{835BED79-DF7E-4096-B355-ED43FA2EA87B}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C953EC4-8CFA-44FB-B32E-1249E5505091}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8E863BD6-50DE-47D0-A6F1-3C1F6DB72451}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9DD36F1E-5111-41C5-ADED-A2A11A2FF3E4}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A2FB8217-E320-434E-BA79-513E357AD54F}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A9CEBBF4-9129-479A-9231-E833ED3D3A8F}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AFD4D1F9-167C-4884-95AE-B5A9797B0D16}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C47788B1-9604-4D7A-A684-F4D450F2D7D2}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{CA3B41D0-D4C1-4808-B248-75DA27238828}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D4A2FF6C-087F-4D40-8DFE-92AAD484BFB8}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D88B9D5C-A9CF-4C69-906D-1CCA5D85A2EF}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E4E394E0-D331-431F-B76D-E3A19193D5F6}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F83AF01C-AA2F-469F-8BE7-D178FB15FD07}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}

Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

Schlüssel Gelöscht : HKCU\Software\distromatic

Schlüssel Gelöscht : HKCU\Software\Imesh

Schlüssel Gelöscht : HKCU\Software\Iminent

Schlüssel Gelöscht : HKCU\Software\lollipop

Schlüssel Gelöscht : HKCU\Software\Softonic

Schlüssel Gelöscht : HKCU\Software\systweak

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PassWidget

Schlüssel Gelöscht : HKLM\Software\Iminent

Schlüssel Gelöscht : HKLM\Software\SoftwareUpdater

Schlüssel Gelöscht : HKLM\Software\systweak

Schlüssel Gelöscht : HKLM\Software\Vittalia

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
 

***** [ Browser ] *****
 

-\\ Internet Explorer v11.0.9600.16428
 

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]

Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
 

-\\ Google Chrome v
 

[ Datei : D:\Users\KH\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 

*************************
 

AdwCleaner[R0].txt - [15665 octets] - [14/11/2013 18:00:52]

AdwCleaner[S0].txt - [15299 octets] - [14/11/2013 18:03:10]
 

########## EOF - D:\AdwCleaner\AdwCleaner[S0].txt - [15360 octets] ##########

--- --- ---
AdwCleaner Logfile:

Code:

# AdwCleaner v3.012 - Bericht erstellt am 14/11/2013 um 18:00:52

# Updated 11/11/2013 von Xplode

# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)

# Benutzername : KH - KH-PC

# Gestartet von : D:\Users\KH\Desktop\adwcleaner.exe

# Option : Suchen
 

***** [ Dienste ] *****
 
 

***** [ Dateien / Ordner ] *****
 

Datei Gefunden : D:\Program Files\Mozilla Firefox\user.js

Ordner Gefunden : D:\Users\KH\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb

Ordner Gefunden D:\Program Files\Common Files\ParetoLogic

Ordner Gefunden D:\Program Files\ParetoLogic

Ordner Gefunden D:\Program Files\pc speed up

Ordner Gefunden D:\Program Files\tuguu sl

Ordner Gefunden D:\Program Files\Uniblue\DriverScanner

Ordner Gefunden D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue\DriverScanner

Ordner Gefunden D:\ProgramData\ParetoLogic

Ordner Gefunden D:\Users\KH\AppData\Roaming\Systweak

Ordner Gefunden D:\Users\kh-pc\AppData\Local\AskToolbar

Ordner Gefunden D:\Users\UpdatusUser\AppData\Local\AskToolbar
 

***** [ Verknüpfungen ] *****
 
 

***** [ Registrierungsdatenbank ] *****
 

Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\PassWidget

Schlüssel Gefunden : HKCU\Software\Classes\Applications\lollipop.exe

Schlüssel Gefunden : HKCU\Software\distromatic

Schlüssel Gefunden : HKCU\Software\Imesh

Schlüssel Gefunden : HKCU\Software\Iminent

Schlüssel Gefunden : HKCU\Software\lollipop

Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}

Schlüssel Gefunden : HKCU\Software\Softonic

Schlüssel Gefunden : HKCU\Software\systweak

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AlxSSB.AlxTBSSB

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AlxSSB.AlxTBSSB.1

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{1F02FB61-2BE5-4C16-8199-AEAA16EB0342}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iMesh.AudioCD

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0923E315-2D8B-48CE-A37C-AE9A42F9711C}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1A1BBE49-C6F1-40EA-9D2F-262F0AF6DDE3}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2022154E-7E3E-4809-871E-1B45A6FC7058}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{292ECB89-350E-45D2-816F-52C15305B144}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{36CC2180-B6BF-4951-9578-6B0C40044AAA}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{44A36944-22C6-4A08-BC7C-161F3E540DBF}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{51F04BD6-3888-4849-864C-617FAE709CE0}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{6247DD2C-8CF9-4041-A235-93691D71B8B4}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{835BED79-DF7E-4096-B355-ED43FA2EA87B}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8C953EC4-8CFA-44FB-B32E-1249E5505091}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8E863BD6-50DE-47D0-A6F1-3C1F6DB72451}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{9DD36F1E-5111-41C5-ADED-A2A11A2FF3E4}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A2FB8217-E320-434E-BA79-513E357AD54F}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A9CEBBF4-9129-479A-9231-E833ED3D3A8F}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AFD4D1F9-167C-4884-95AE-B5A9797B0D16}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C47788B1-9604-4D7A-A684-F4D450F2D7D2}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{CA3B41D0-D4C1-4808-B248-75DA27238828}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D4A2FF6C-087F-4D40-8DFE-92AAD484BFB8}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D88B9D5C-A9CF-4C69-906D-1CCA5D85A2EF}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E4E394E0-D331-431F-B76D-E3A19193D5F6}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F83AF01C-AA2F-469F-8BE7-D178FB15FD07}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}

Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\hifnddafpdkmjljallgdlkjiiieidmec

Schlüssel Gefunden : HKLM\Software\Iminent

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Softonic_chr_1-8-8-11_RASAPI32

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Softonic_chr_1-8-8-11_RASMANCS

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_cdburnerxp-pro_RASAPI32

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_cdburnerxp-pro_RASMANCS

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_clonedvd_RASAPI32

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_clonedvd_RASMANCS

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_easy-burning_RASAPI32

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_easy-burning_RASMANCS

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_format-factory_RASAPI32

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_format-factory_RASMANCS

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_gimp_RASAPI32

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_gimp_RASMANCS

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_hamster-free-video-converter_RASAPI32

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_hamster-free-video-converter_RASMANCS

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_photoscape_RASAPI32

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_photoscape_RASMANCS

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_umplayer_RASAPI32

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_umplayer_RASMANCS

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_vegas-pro_RASAPI32

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_vegas-pro_RASMANCS

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_vlc-media-player_RASAPI32

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_vlc-media-player_RASMANCS

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_windows-movie-maker-2012_RASAPI32

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_windows-movie-maker-2012_RASMANCS

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_winx-dvd-author_RASAPI32

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_winx-dvd-author_RASMANCS

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader58577[1]_RASAPI32

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader58577[1]_RASMANCS

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader58577_RASAPI32

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader58577_RASMANCS

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}

Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5

Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375

Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C

Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD

Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7

Schlüssel Gefunden : HKLM\Software\SoftwareUpdater

Schlüssel Gefunden : HKLM\Software\systweak

Schlüssel Gefunden : HKLM\Software\Vittalia

Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc

Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
 

***** [ Browser ] *****
 

-\\ Internet Explorer v11.0.9600.16428
 

Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=DE&userid=2a3a8c5d-55aa-0fb2-2bdd-a24772781652&searchtype=ds&q={searchTerms}&installDate=08/11/2013

Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=DE&userid=2a3a8c5d-55aa-0fb2-2bdd-a24772781652&searchtype=ds&q={searchTerms}&installDate=08/11/2013
 

-\\ Google Chrome v
 

[ Datei : D:\Users\KH\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 

*************************
 

AdwCleaner[R0].txt - [15523 octets] - [14/11/2013 18:00:52]
 

########## EOF - D:\AdwCleaner\AdwCleaner[R0].txt - [15584 octets] ##########

--- --- ---
D:\Program Files\ParetoLogic\PCHA\Images\detected_items.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\detected_items.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\email_logo.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\email_logo.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\register.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\register.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\register_over.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\register_over.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\registration.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\registration.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\top nav icons\help_down.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\top nav icons\help_down.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\top nav icons\help_normal.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\top nav icons\help_normal.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\top nav icons\help_over.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\top nav icons\help_over.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\top nav icons\info_down.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\top nav icons\info_down.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\top nav icons\info_normal.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\top nav icons\info_normal.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\top nav icons\info_over.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\top nav icons\info_over.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\tab icons\nav-disk.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\tab icons\nav-disk.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\tab icons\nav-optimize.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\tab icons\nav-optimize.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\tab icons\nav-scan.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\tab icons\nav-scan.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\tab icons\nav-settings.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\tab icons\nav-settings.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Start Anim\1.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Start Anim\1.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Start Anim\10.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Start Anim\10.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Start Anim\11.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Start Anim\11.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Start Anim\12.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Start Anim\12.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Start Anim\13.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Start Anim\13.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Start Anim\14.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Start Anim\14.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Start Anim\15.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Start Anim\15.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Start Anim\16.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Start Anim\16.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Start Anim\17.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Start Anim\17.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Start Anim\18.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Start Anim\18.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Start Anim\19.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Start Anim\19.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Start Anim\2.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Start Anim\2.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Start Anim\20.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Start Anim\20.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Start Anim\21.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Start Anim\21.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Start Anim\22.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Start Anim\22.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Start Anim\23.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Start Anim\23.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Start Anim\24.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Start Anim\24.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Start Anim\25.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Start Anim\25.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Start Anim\3.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Start Anim\3.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Start Anim\4.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Start Anim\4.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Start Anim\5.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Start Anim\5.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Start Anim\6.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Start Anim\6.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Start Anim\7.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Start Anim\7.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Start Anim\8.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Start Anim\8.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Start Anim\9.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Start Anim\9.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\scanning\driver.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\scanning\driver.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\scanning\privacy.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\scanning\privacy.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\scanning\process.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\scanning\process.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\scanning\registry.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\scanning\registry.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\results page\drivers_green.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\results page\drivers_green.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\results page\drivers_red.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\results page\drivers_red.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\results page\drivers_yellow.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\results page\drivers_yellow.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\results page\malware_green.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\results page\malware_green.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\results page\malware_red.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\results page\malware_red.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\results page\privacy_green.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\results page\privacy_green.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\results page\privacy_red.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\results page\privacy_red.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\results page\processes_green.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\results page\processes_green.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\results page\processes_red.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\results page\processes_red.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\results page\registry_green.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\results page\registry_green.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\results page\registry_red.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\results page\registry_red.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\results page\startup_green.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\results page\startup_green.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\results page\startup_red.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\results page\startup_red.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\progress\add_check.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\progress\add_check.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\progress\add_error.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\progress\add_error.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\progress\add_unknown.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\progress\add_unknown.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\progress\scan.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\progress\scan.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\progress\small_driver.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\progress\small_driver.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\progress\small_md5.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\progress\small_md5.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\progress\small_privacy.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\progress\small_privacy.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\progress\small_registry.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\progress\small_registry.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Main\bg.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Main\bg.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Main\bg_logo.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Main\bg_logo.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Main\left_stretch.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Main\left_stretch.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Main\lower_left.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Main\lower_left.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Main\lower_right.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Main\lower_right.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Main\lower_stretch.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Main\lower_stretch.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Main\nav_back.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Main\nav_back.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Main\nav_bg.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Main\nav_bg.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Main\nav_forward.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Main\nav_forward.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Main\right_stretch.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Main\right_stretch.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Main\upper_left.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Main\upper_left.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Main\upper_right.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Main\upper_right.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Main\upper_stretch.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Main\upper_stretch.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Main\tabs\active_tab_left.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Main\tabs\active_tab_left.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Main\tabs\active_tab_right.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Main\tabs\active_tab_right.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Main\tabs\active_tab_stretch.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Main\tabs\active_tab_stretch.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Main\tabs\tab_left.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Main\tabs\tab_left.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Main\tabs\tab_right.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Main\tabs\tab_right.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\Main\tabs\tab_stretch.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\Main\tabs\tab_stretch.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\other.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\other.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\recommendations\rec_malware16.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\recommendations\rec_malware16.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\recommendations\rec_malware24.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\recommendations\rec_malware24.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\recommendations\rec_malware32.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\recommendations\rec_malware32.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\recommendations\rec_system16.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\recommendations\rec_system16.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\recommendations\rec_system24.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\recommendations\rec_system24.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\recommendations\rec_system32.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\recommendations\rec_system32.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\recommendations\rec_unknown16.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\recommendations\rec_unknown16.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\recommendations\rec_unknown24.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\recommendations\rec_unknown24.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\recommendations\rec_unknown32.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\recommendations\rec_unknown32.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\recommendations\rec_unwanted16.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\recommendations\rec_unwanted16.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\recommendations\rec_unwanted24.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\recommendations\rec_unwanted24.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\recommendations\rec_unwanted32.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\recommendations\rec_unwanted32.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\recommendations\rec_userapp16.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\recommendations\rec_userapp16.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\recommendations\rec_userapp24.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\recommendations\rec_userapp24.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\recommendations\rec_userapp32.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\recommendations\rec_userapp32.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\process\bho.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\process\bho.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\process\process.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\process\process.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\process\startup.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\process\startup.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\drivers\cd.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\drivers\cd.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\drivers\cpu.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\drivers\cpu.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\drivers\disk.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\drivers\disk.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\drivers\display.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\drivers\display.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\drivers\driver_outdated.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\drivers\driver_outdated.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\drivers\driver_uptodate.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\drivers\driver_uptodate.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\drivers\floppy.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\drivers\floppy.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\drivers\mouse_key.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\drivers\mouse_key.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\drivers\other.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\drivers\other.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\drivers\outdated.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\drivers\outdated.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\drivers\power.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\drivers\power.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\drivers\printer.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\drivers\printer.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\drivers\software.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\drivers\software.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\drivers\system.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\drivers\system.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\drivers\uptodate.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\drivers\uptodate.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\list\drivers\usb.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\list\drivers\usb.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\home settings\button_outline.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\home settings\button_outline.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\home settings\no_1.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\home settings\no_1.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\home settings\no_2.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\home settings\no_2.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\home settings\no_3.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\home settings\no_3.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\home settings\no_4.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\home settings\no_4.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\home settings\no_5.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\home settings\no_5.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\home settings\no_6.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\home settings\no_6.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\health rating\pchealth_high.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\health rating\pchealth_high.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\health rating\pchealth_high_short.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\health rating\pchealth_high_short.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\health rating\pchealth_low.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\health rating\pchealth_low.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\health rating\pchealth_low_short.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\health rating\pchealth_low_short.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\health rating\pchealth_medium.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\health rating\pchealth_medium.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\health rating\pchealth_medium_short.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\health rating\pchealth_medium_short.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\health rating\pchealth_unrated.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\health rating\pchealth_unrated.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\health rating\pchealth_unrated_short.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\health rating\pchealth_unrated_short.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\group\bho.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\group\bho.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\group\dup_audio.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\group\dup_audio.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\group\dup_doc.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\group\dup_doc.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\group\dup_image.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\group\dup_image.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\group\dup_other.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\group\dup_other.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\group\dup_video.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\group\dup_video.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\group\ig_proc.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\group\ig_proc.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\group\ig_reg.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\group\ig_reg.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\group\priv_3rd.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\group\priv_3rd.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\group\priv_browser.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\group\priv_browser.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\group\priv_email.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\group\priv_email.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\group\priv_fs.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\group\priv_fs.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\group\priv_im.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\group\priv_im.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\group\priv_multi.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\group\priv_multi.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\group\priv_office.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\group\priv_office.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\group\priv_other.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\group\priv_other.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\group\priv_windows.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\group\priv_windows.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\group\reg_apppath.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\group\reg_apppath.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\group\reg_com.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\group\reg_com.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\group\reg_dll.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\group\reg_dll.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\group\reg_empty.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\group\reg_empty.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\group\reg_extensions.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\group\reg_extensions.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\group\reg_filepath.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\group\reg_filepath.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\group\reg_font.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\group\reg_font.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\group\reg_help.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\group\reg_help.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\group\reg_shortcut.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\group\reg_shortcut.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\group\reg_startup.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\group\reg_startup.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\group\reg_uninstall.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\group\reg_uninstall.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\group\startup.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\group\startup.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\general\collapse.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\general\collapse.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\general\delete.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\general\delete.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\general\expand.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\general\expand.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\general\open.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\general\open.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\general\progress_glow.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\general\progress_glow.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\general\recycle.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\general\recycle.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\general\x.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\general\x.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\defrag\c_frag.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\defrag\c_frag.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\defrag\c_unfrag.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\defrag\c_unfrag.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\defrag\c_unknown.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\defrag\c_unknown.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\defrag\c_unmove.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\defrag\c_unmove.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_bho_mgr.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_bho_mgr.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_defrag.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_defrag.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_defrag_schedule.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_defrag_schedule.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_driver.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_driver.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_duplicate.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_duplicate.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_extmgr.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_extmgr.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_generalsettings.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_generalsettings.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_icons.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_icons.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_ignore.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_ignore.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_optimize.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_optimize.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_over.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_over.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_privacy.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_privacy.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_process_mgr.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_process_mgr.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_registry.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_registry.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_restore.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_restore.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_scansettings.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_scansettings.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_schedule.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_schedule.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_startup_mgr.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\button_startup_mgr.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\header_about.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\header_about.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\header_bho.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\header_bho.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\header_clean.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\header_clean.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\header_defrag.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\header_defrag.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\header_disk.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\header_disk.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\header_driver.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\header_driver.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\header_duplicate.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\header_duplicate.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\header_extmgr.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\header_extmgr.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\header_optimize.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\header_optimize.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\header_privacy.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\header_privacy.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\header_process.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\header_process.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\header_processes.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\header_processes.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\header_registry.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\header_registry.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\header_restore.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\header_restore.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\header_settings.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\header_settings.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\header_startup.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\header_startup.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\header_summary.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\header_summary.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\settings_defrag_schedule.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\settings_defrag_schedule.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\settings_general.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\settings_general.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\settings_icons.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\settings_icons.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\settings_ignore.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\settings_ignore.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\settings_privacy.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\settings_privacy.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\settings_registry.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\settings_registry.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\settings_scan.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\settings_scan.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\settings_schedule.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\settings_schedule.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\startbg.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\startbg.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\startbg_over.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\startbg_over.png.vir
D:\Program Files\ParetoLogic\PCHA\Images\buttons and headers\vdb.png->D:\AdwCleaner\Quarantine\D\Program Files\ParetoLogic\PCHA\Images\buttons and headers\vdb.png.vir
D:\Program Files\Uniblue\DriverScanner\Launcher.exe->D:\AdwCleaner\Quarantine\D\Program Files\Uniblue\DriverScanner\Launcher.exe.vir
D:\Program Files\Common Files\ParetoLogic\UUS3\Images\close.png->D:\AdwCleaner\Quarantine\D\Program Files\Common Files\ParetoLogic\UUS3\Images\close.png.vir
D:\Program Files\Common Files\ParetoLogic\UUS3\Images\close_md.png->D:\AdwCleaner\Quarantine\D\Program Files\Common Files\ParetoLogic\UUS3\Images\close_md.png.vir
D:\Program Files\Common Files\ParetoLogic\UUS3\Images\close_mo.png->D:\AdwCleaner\Quarantine\D\Program Files\Common Files\ParetoLogic\UUS3\Images\close_mo.png.vir
D:\Program Files\Common Files\ParetoLogic\UUS3\Images\close_pu.png->D:\AdwCleaner\Quarantine\D\Program Files\Common Files\ParetoLogic\UUS3\Images\close_pu.png.vir
D:\Program Files\Common Files\ParetoLogic\UUS3\Images\Logo.png->D:\AdwCleaner\Quarantine\D\Program Files\Common Files\ParetoLogic\UUS3\Images\Logo.png.vir
D:\Program Files\Common Files\ParetoLogic\UUS3\Images\min.png->D:\AdwCleaner\Quarantine\D\Program Files\Common Files\ParetoLogic\UUS3\Images\min.png.vir
D:\Program Files\Common Files\ParetoLogic\UUS3\Images\min_md.png->D:\AdwCleaner\Quarantine\D\Program Files\Common Files\ParetoLogic\UUS3\Images\min_md.png.vir
D:\Program Files\Common Files\ParetoLogic\UUS3\Images\min_mo.png->D:\AdwCleaner\Quarantine\D\Program Files\Common Files\ParetoLogic\UUS3\Images\min_mo.png.vir
D:\Program Files\Common Files\ParetoLogic\UUS3\Images\topbar_gradient.png->D:\AdwCleaner\Quarantine\D\Program Files\Common Files\ParetoLogic\UUS3\Images\topbar_gradient.png.vir
D:\Users\KH\AppData\Roaming\Systweak\ASO3\Driver Updater\Download.dat->D:\AdwCleaner\Quarantine\D\Users\KH\AppData\Roaming\Systweak\ASO3\Driver Updater\Download.dat.vir
D:\Users\KH\AppData\Roaming\Systweak\ASO3\Driver Updater\exc.xml->D:\AdwCleaner\Quarantine\D\Users\KH\AppData\Roaming\Systweak\ASO3\Driver Updater\exc.xml.vir
D:\Users\KH\AppData\Roaming\Systweak\ASO3\Driver Updater\log_11-10-2013.log->D:\AdwCleaner\Quarantine\D\Users\KH\AppData\Roaming\Systweak\ASO3\Driver Updater\log_11-10-2013.log.vir
D:\Users\KH\AppData\Roaming\Systweak\ASO3\Driver Updater\log_11-11-2013.log->D:\AdwCleaner\Quarantine\D\Users\KH\AppData\Roaming\Systweak\ASO3\Driver Updater\log_11-11-2013.log.vir
D:\Users\KH\AppData\Roaming\Systweak\ASO3\Checking for Updates\AppUpdates\LatestVersion.htm->D:\AdwCleaner\Quarantine\D\Users\KH\AppData\Roaming\Systweak\ASO3\Checking for Updates\AppUpdates\LatestVersion.htm.vir
D:\Users\UpdatusUser\AppData\Local\AskToolbar\Downloaded Program Files\avira.inf->D:\AdwCleaner\Quarantine\D\Users\UpdatusUser\AppData\Local\AskToolbar\Downloaded Program Files\avira.inf.vir
D:\Users\UpdatusUser\AppData\Local\AskToolbar\Downloaded Program Files\AviraIDWUPD.dll->D:\AdwCleaner\Quarantine\D\Users\UpdatusUser\AppData\Local\AskToolbar\Downloaded Program Files\AviraIDWUPD.dll.vir
D:\Users\kh-pc\AppData\Local\AskToolbar\Downloaded Program Files\avira.inf->D:\AdwCleaner\Quarantine\D\Users\kh-pc\AppData\Local\AskToolbar\Downloaded Program Files\avira.inf.vir
D:\Users\kh-pc\AppData\Local\AskToolbar\Downloaded Program Files\AviraIDWUPD.dll->D:\AdwCleaner\Quarantine\D\Users\kh-pc\AppData\Local\AskToolbar\Downloaded Program Files\AviraIDWUPD.dll.vir
D:\Program Files\Mozilla Firefox\user.js->D:\AdwCleaner\Quarantine\D\Program Files\Mozilla Firefox\user.js.vir

xrcd73

14.11.2013 21:06

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x86
Ran by KH on 14.11.2013 at 18:19:16,46
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\vafplayer
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\tuguu sl
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1393026197-2463848582-1862417882-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\domaiq uninstaller

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "D:\Users\KH\AppData\Roaming\systweak"
Successfully deleted: [Folder] "D:\ProgramData\Microsoft\Windows\Start Menu\Programs\uniblue"

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.11.2013 at 18:22:37,94
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-11-2013

Ran by KH (administrator) on KH-PC on 14-11-2013 18:38:11

Running from D:\Users\KH\Desktop

Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard

Internet Explorer Version 11

Boot Mode: Normal
 

==================== Processes (Whitelisted) ===================
 

(NVIDIA Corporation) D:\Windows\system32\nvvsvc.exe

(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) D:\Windows\system32\nvvsvc.exe

(Avira Operations GmbH & Co. KG) D:\Program Files\Avira\AntiVir Desktop\sched.exe

(Systweak Software, (www.systweak.com)) D:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe

(Malwarebytes Corporation) D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

(TuneUp Software) D:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe

(Microsoft Corp.) D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Intel Corporation) D:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

(Microsoft Corp.) D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Avira Operations GmbH & Co. KG) D:\Program Files\Avira\AntiVir Desktop\avmailc7.exe

(Avira Operations GmbH & Co. KG) D:\Program Files\Avira\AntiVir Desktop\avwebg7.exe

(Avira Operations GmbH & Co. KG) D:\Program Files\Avira\AntiVir Desktop\avguard.exe

(Malwarebytes Corporation) D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

(TuneUp Software) D:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe

(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(LG Electronics) D:\Program Files\LG Software\On Screen Display\HotKey.exe

(Intel Corporation) D:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

(Realtek Semiconductor) D:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

(shbox.de) D:\Program Files\FreePDF_XP\fpassist.exe

(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

(Avira Operations GmbH & Co. KG) D:\Program Files\Avira\AntiVir Desktop\avgnt.exe

() D:\Users\KH\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe

(Systweak Software, (www.systweak.com)) D:\Program Files\Advanced System Optimizer 3\ASO3.exe

(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Avira Operations GmbH & Co. KG) D:\Program Files\Avira\AntiVir Desktop\avshadow.exe

(Nero AG) D:\Program Files\Nero\Update\NASvc.exe

(Microsoft Corporation) D:\Program Files\Internet Explorer\iexplore.exe

(Microsoft Corporation) D:\Program Files\Internet Explorer\iexplore.exe

(Microsoft Corporation) D:\Program Files\Internet Explorer\iexplore.exe
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [KeybdUtility] - D:\Program Files\LG Software\On Screen Display\HotKey.exe [2655800 2007-04-10] (LG Electronics)

HKLM\...\Run: [IAAnotif] - D:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904 2009-06-04] (Intel Corporation)

HKLM\...\Run: [IaNvSrv] - D:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe [33304 2009-07-13] (Intel Corporation)

HKLM\...\Run: [RtHDVCpl] - D:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7772704 2009-10-06] (Realtek Semiconductor)

HKLM\...\Run: [FreePDF Assistant] - D:\Program Files\FreePDF_XP\fpassist.exe [385024 2009-09-05] (shbox.de)

HKLM\...\Run: [Nvtmru] - D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-11-08] (NVIDIA Corporation)

HKLM\...\Run: [ShadowPlay] - D:\Windows\system32\rundll32.exe D:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [mobilegeni daemon] - D:\Program Files\Mobogenie\DaemonProcess.exe [735936 2013-10-08] ()

HKLM\...\Run: [avgnt] - D:\Program Files\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-14] (Avira Operations GmbH & Co. KG)

HKCU\...\Run: [AmazonMP3DownloaderHelper] - D:\Users\KH\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()

HKCU\...\Policies\Explorer: [NoCDBurning] 0

BootExecute: 
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5386F3198455CA01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

URLSearchHook: HKLM - (No Name) - {5786d022-540e-4699-b350-b4be0ae94b79} -  No File

SearchScopes: HKLM - DefaultScope value is missing.

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  No File

DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

Chrome: 

=======

Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION

CHR Extension: (CoolPic) - D:\Users\KH\AppData\Local\Google\Chrome\User Data\Default\Extensions\blcefchbfgmakifmejncnbognjoadloc\2.0.0.429_0

CHR HKLM\...\Chrome\Extension: [iidmoehhpbghchkaogkhmcckhlhebekn] - D:\Program Files\iRobinHood\iRobinHood Addon\iRobinHoodPartnersVExtension1_58.crx
 

========================== Services (Whitelisted) =================
 

R2 AntiVirMailService; D:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [972872 2013-11-10] (Avira Operations GmbH & Co. KG)

R2 AntiVirSchedulerService; D:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-11-14] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; D:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-14] (Avira Operations GmbH & Co. KG)

R2 AntiVirWebService; D:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1164360 2013-11-10] (Avira Operations GmbH & Co. KG)

R2 ASO3DiskOptimizer; D:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe [241448 2013-09-18] (Systweak Software, (www.systweak.com))

R2 MBAMScheduler; D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

R2 NAUpdate; D:\Program Files\Nero\Update\NASvc.exe [762192 2013-07-18] (Nero AG)

R2 NvStreamSvc; D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14652704 2013-11-08] (NVIDIA Corporation)

R2 TuneUp.UtilitiesSvc; D:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1739576 2013-10-12] (TuneUp Software)
 

==================== Drivers (Whitelisted) ====================
 

S3 61883; D:\Windows\System32\DRIVERS\61883.sys [46976 2009-07-14] (Microsoft Corporation)

R2 avgntflt; D:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-11-14] (Avira Operations GmbH & Co. KG)

R1 avipbb; D:\Windows\System32\DRIVERS\avipbb.sys [137208 2013-11-14] (Avira Operations GmbH & Co. KG)

R1 avkmgr; D:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-10] (Avira Operations GmbH & Co. KG)

R2 avnetflt; D:\Windows\System32\DRIVERS\avnetflt.sys [67680 2013-11-10] (Avira Operations GmbH & Co. KG)

R3 btmhsf; D:\Windows\System32\DRIVERS\btmhsf.sys [225280 2011-07-19] (Intel Corporation)

R3 iBtFltCoex; D:\Windows\System32\DRIVERS\iBtFltCoex.sys [47104 2011-07-20] (Intel Corporation)

R3 MBAMProtector; D:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)

S3 NuidFltr; D:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)

R3 nvvad_WaveExtensible; D:\Windows\System32\drivers\nvvad32v.sys [33568 2013-09-28] (NVIDIA Corporation)

R1 ssmdrv; D:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-11-10] (Avira GmbH)

R3 TuneUpUtilitiesDrv; D:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [12320 2013-09-18] (TuneUp Software)

U5 AppMgmt; D:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)

S3 catchme; \??\D:\Users\KH\AppData\Local\Temp\catchme.sys [x]

S3 efipsk; \??\D:\Users\KH\AppData\Local\Temp\efipsk.sys [x]

S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [x]

U5 VWiFiFlt; D:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-11-14 18:38 - 2013-11-14 18:38 - 00009658 _____ D:\Users\KH\Desktop\FRST.txt

2013-11-14 18:37 - 2013-11-14 18:37 - 01090529 _____ (Farbar) D:\Users\KH\Desktop\FRST.exe

2013-11-14 18:29 - 2013-11-14 18:29 - 00000000 ____D D:\Users\KH\AppData\Roaming\Systweak

2013-11-14 18:22 - 2013-11-14 18:22 - 00001409 _____ D:\Users\KH\Desktop\JRT.txt

2013-11-14 18:19 - 2013-11-14 18:19 - 00000000 ____D D:\Windows\ERUNT

2013-11-14 18:17 - 2013-11-14 18:17 - 01034531 _____ (Thisisu) D:\Users\KH\Desktop\JRT.exe

2013-11-14 18:13 - 2013-11-14 18:13 - 00040262 _____ D:\Users\KH\Desktop\Quarantine.txt

2013-11-14 18:12 - 2013-11-14 18:12 - 00015665 _____ D:\Users\KH\Desktop\AdwCleaner[R0].txt

2013-11-14 18:12 - 2013-11-14 18:12 - 00015441 _____ D:\Users\KH\Desktop\AdwCleaner[S0].txt

2013-11-14 18:00 - 2013-11-14 18:03 - 00000000 ____D D:\AdwCleaner

2013-11-14 17:58 - 2013-11-14 17:58 - 01085542 _____ D:\Users\KH\Desktop\adwcleaner.exe

2013-11-14 17:23 - 2013-11-14 17:23 - 00001077 _____ D:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-11-14 17:23 - 2013-11-14 17:23 - 00000000 ____D D:\Users\KH\AppData\Roaming\Malwarebytes

2013-11-14 17:23 - 2013-11-14 17:23 - 00000000 ____D D:\ProgramData\Malwarebytes

2013-11-14 17:23 - 2013-11-14 17:23 - 00000000 ____D D:\Program Files\Malwarebytes' Anti-Malware

2013-11-14 17:23 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) D:\Windows\system32\Drivers\mbam.sys

2013-11-14 17:20 - 2013-11-14 17:20 - 10285040 _____ (Malwarebytes Corporation                                    ) D:\Users\KH\Desktop\mbam-setup-1.75.0.1300.exe

2013-11-14 16:42 - 2013-11-14 16:42 - 17669000 _____ (Adobe Systems Incorporated) D:\Users\KH\Downloads\flashplayer_11_ax_debug.exe

2013-11-13 17:13 - 2013-11-13 17:13 - 00023722 _____ D:\Users\KH\Desktop\ComboFix.txt

2013-11-13 17:12 - 2013-11-13 17:12 - 00003279 _____ D:\Users\KH\Desktop\ComboFix-quarantined-files.txt

2013-11-13 17:06 - 2013-11-13 17:06 - 00023722 _____ D:\ComboFix.txt

2013-11-13 16:47 - 2013-11-13 17:06 - 00000000 ____D D:\Qoobox

2013-11-13 16:47 - 2013-11-13 17:05 - 00000000 ____D D:\Windows\erdnt

2013-11-13 16:47 - 2011-06-26 07:45 - 00256000 _____ D:\Windows\PEV.exe

2013-11-13 16:47 - 2010-11-07 18:20 - 00208896 _____ D:\Windows\MBR.exe

2013-11-13 16:47 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) D:\Windows\NIRCMD.exe

2013-11-13 16:47 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) D:\Windows\SWREG.exe

2013-11-13 16:47 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) D:\Windows\SWSC.exe

2013-11-13 16:47 - 2000-08-31 01:00 - 00098816 _____ D:\Windows\sed.exe

2013-11-13 16:47 - 2000-08-31 01:00 - 00080412 _____ D:\Windows\grep.exe

2013-11-13 16:47 - 2000-08-31 01:00 - 00068096 _____ D:\Windows\zip.exe

2013-11-13 16:33 - 2013-11-13 16:33 - 05147957 ____R (Swearware) D:\Users\KH\Desktop\ComboFix.exe

2013-11-13 02:57 - 2013-10-02 01:42 - 00049152 _____ (Microsoft Corporation) D:\Windows\system32\Drivers\TsUsbFlt.sys

2013-11-13 02:57 - 2013-10-02 01:32 - 00012800 _____ (Microsoft Corporation) D:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe

2013-11-13 02:57 - 2013-10-02 01:30 - 00014336 _____ (Microsoft Corporation) D:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll

2013-11-13 02:57 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) D:\Windows\system32\MsRdpWebAccess.dll

2013-11-13 02:57 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) D:\Windows\system32\wksprtPS.dll

2013-11-13 02:57 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) D:\Windows\system32\tsgqec.dll

2013-11-13 02:57 - 2013-10-02 00:45 - 00032256 _____ (Microsoft Corporation) D:\Windows\system32\TsUsbGDCoInstaller.dll

2013-11-13 02:57 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) D:\Windows\system32\rdvidcrl.dll

2013-11-13 02:57 - 2013-10-02 00:00 - 00076288 _____ (Microsoft Corporation) D:\Windows\system32\TSWbPrxy.exe

2013-11-13 02:57 - 2013-10-01 23:53 - 00350208 _____ (Microsoft Corporation) D:\Windows\system32\wksprt.exe

2013-11-13 02:57 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) D:\Windows\system32\mstsc.exe

2013-11-13 02:57 - 2013-10-01 21:55 - 05698048 _____ (Microsoft Corporation) D:\Windows\system32\mstscax.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 02166272 _____ (Microsoft Corporation) D:\Windows\system32\iertutil.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 01926656 _____ (Microsoft Corporation) D:\Windows\system32\inetcpl.cpl

2013-11-13 02:50 - 2013-11-13 02:50 - 01818112 _____ (Microsoft Corporation) D:\Windows\system32\wininet.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 01156608 _____ (Microsoft Corporation) D:\Windows\system32\urlmon.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 01051136 _____ (Microsoft Corporation) D:\Windows\system32\mshtmlmedia.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00703488 _____ (Microsoft Corporation) D:\Windows\system32\ieapfltr.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00646144 _____ (Microsoft Corporation) D:\Windows\system32\MsSpellCheckingFacility.exe

2013-11-13 02:50 - 2013-11-13 02:50 - 00645120 _____ (Microsoft Corporation) D:\Windows\system32\jsIntl.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00616104 _____ (Microsoft Corporation) D:\Windows\system32\ieapfltr.dat

2013-11-13 02:50 - 2013-11-13 02:50 - 00523776 _____ (Microsoft Corporation) D:\Windows\system32\msfeeds.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00367104 _____ (Microsoft Corporation) D:\Windows\system32\dxtmsft.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00337408 _____ (Microsoft Corporation) D:\Windows\system32\html.iec

2013-11-13 02:50 - 2013-11-13 02:50 - 00244736 _____ (Microsoft Corporation) D:\Windows\system32\dxtrans.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00238288 _____ (Microsoft Corporation) D:\Windows\system32\iedkcs32.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00233472 _____ (Microsoft Corporation) D:\Windows\system32\url.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00208896 _____ (Microsoft Corporation) D:\Windows\system32\ie4uinit.exe

2013-11-13 02:50 - 2013-11-13 02:50 - 00208384 _____ (Microsoft Corporation) D:\Windows\system32\webcheck.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00194048 _____ (Microsoft Corporation) D:\Windows\system32\elshyph.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00182272 _____ (Microsoft Corporation) D:\Windows\system32\msls31.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00164864 _____ (Microsoft Corporation) D:\Windows\system32\msrating.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00151552 _____ (Microsoft Corporation) D:\Windows\system32\iexpress.exe

2013-11-13 02:50 - 2013-11-13 02:50 - 00139264 _____ (Microsoft Corporation) D:\Windows\system32\wextract.exe

2013-11-13 02:50 - 2013-11-13 02:50 - 00083456 _____ (Microsoft Corporation) D:\Windows\system32\inseng.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00071680 _____ (Microsoft Corporation) D:\Windows\system32\RegisterIEPKEYs.exe

2013-11-13 02:50 - 2013-11-13 02:50 - 00069632 _____ (Microsoft Corporation) D:\Windows\system32\mshtmled.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00069120 _____ (Microsoft Corporation) D:\Windows\system32\icardie.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00062464 _____ (Microsoft Corporation) D:\Windows\system32\tdc.ocx

2013-11-13 02:50 - 2013-11-13 02:50 - 00061952 _____ (Microsoft Corporation) D:\Windows\system32\iesetup.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00043008 _____ (Microsoft Corporation) D:\Windows\system32\jsproxy.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00034816 _____ (Microsoft Corporation) D:\Windows\system32\JavaScriptCollectionAgent.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00032768 _____ (Microsoft Corporation) D:\Windows\system32\iernonce.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00024576 _____ (Microsoft Corporation) D:\Windows\system32\licmgr10.dll

2013-11-13 02:49 - 2013-11-13 02:53 - 00009945 _____ D:\Windows\IE11_main.log

2013-11-13 02:49 - 2013-11-13 02:49 - 17142784 _____ (Microsoft Corporation) D:\Windows\system32\mshtml.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 11220992 _____ (Microsoft Corporation) D:\Windows\system32\ieframe.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 04240384 _____ (Microsoft Corporation) D:\Windows\system32\jscript9.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 02724864 _____ (Microsoft Corporation) D:\Windows\system32\mshtml.tlb

2013-11-13 02:49 - 2013-11-13 02:49 - 00610304 _____ (Microsoft Corporation) D:\Windows\system32\jscript.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00553472 _____ (Microsoft Corporation) D:\Windows\system32\jscript9diag.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00454656 _____ (Microsoft Corporation) D:\Windows\system32\vbscript.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00440832 _____ (Microsoft Corporation) D:\Windows\system32\ieui.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00127488 _____ (Microsoft Corporation) D:\Windows\system32\occache.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00116736 _____ (Microsoft Corporation) D:\Windows\system32\iepeers.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00112128 _____ (Microsoft Corporation) D:\Windows\system32\ieUnatt.exe

2013-11-13 02:49 - 2013-11-13 02:49 - 00111616 _____ (Microsoft Corporation) D:\Windows\system32\IEAdvpack.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00108032 _____ (Microsoft Corporation) D:\Windows\system32\ieetwcollector.exe

2013-11-13 02:49 - 2013-11-13 02:49 - 00086016 _____ (Microsoft Corporation) D:\Windows\system32\iesysprep.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00074240 _____ (Microsoft Corporation) D:\Windows\system32\SetIEInstalledDate.exe

2013-11-13 02:49 - 2013-11-13 02:49 - 00061952 _____ (Microsoft Corporation) D:\Windows\system32\MshtmlDac.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00056832 _____ (Microsoft Corporation) D:\Windows\system32\pngfilt.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00051200 _____ (Microsoft Corporation) D:\Windows\system32\ieetwproxystub.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00048640 _____ (Microsoft Corporation) D:\Windows\system32\mshtmler.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00043008 _____ (Microsoft Corporation) D:\Windows\system32\msfeedsbs.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00036352 _____ (Microsoft Corporation) D:\Windows\system32\imgutil.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00013312 _____ (Microsoft Corporation) D:\Windows\system32\mshta.exe

2013-11-13 02:49 - 2013-11-13 02:49 - 00012800 _____ (Microsoft Corporation) D:\Windows\system32\msfeedssync.exe

2013-11-13 02:49 - 2013-11-13 02:49 - 00004096 _____ (Microsoft Corporation) D:\Windows\system32\ieetwcollectorres.dll

2013-11-13 02:45 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) D:\Windows\system32\SmartcardCredentialProvider.dll

2013-11-13 02:45 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) D:\Windows\system32\authui.dll

2013-11-13 02:45 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) D:\Windows\system32\credui.dll

2013-11-13 02:45 - 2013-09-25 03:01 - 00136640 _____ (Microsoft Corporation) D:\Windows\system32\Drivers\ksecpkg.sys

2013-11-13 02:45 - 2013-09-25 03:01 - 00067520 _____ (Microsoft Corporation) D:\Windows\system32\Drivers\ksecdd.sys

2013-11-13 02:45 - 2013-09-25 02:57 - 00792576 _____ (Microsoft Corporation) D:\Windows\system32\TSWorkspace.dll

2013-11-13 02:45 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) D:\Windows\system32\schannel.dll

2013-11-13 02:45 - 2013-09-25 02:57 - 00099840 _____ (Microsoft Corporation) D:\Windows\system32\sspicli.dll

2013-11-13 02:45 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) D:\Windows\system32\secur32.dll

2013-11-13 02:45 - 2013-09-25 02:56 - 01038848 _____ (Microsoft Corporation) D:\Windows\system32\lsasrv.dll

2013-11-13 02:45 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) D:\Windows\system32\ncrypt.dll

2013-11-13 02:45 - 2013-09-25 01:49 - 00022016 _____ (Microsoft Corporation) D:\Windows\system32\lsass.exe

2013-11-13 02:45 - 2013-09-25 01:49 - 00015872 _____ (Microsoft Corporation) D:\Windows\system32\sspisrv.dll

2013-11-13 02:45 - 2013-07-04 13:16 - 00369848 _____ (Microsoft Corporation) D:\Windows\system32\Drivers\cng.sys

2013-11-13 02:44 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) D:\Windows\system32\nshwfp.dll

2013-11-13 02:44 - 2013-10-12 03:01 - 00679424 _____ (Microsoft Corporation) D:\Windows\system32\IKEEXT.DLL

2013-11-13 02:44 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) D:\Windows\system32\FWPUCLNT.DLL

2013-11-13 02:44 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) D:\Windows\system32\crypt32.dll

2013-11-13 02:44 - 2013-10-03 02:58 - 00305152 _____ (Microsoft Corporation) D:\Windows\system32\gdi32.dll

2013-11-12 19:39 - 2013-11-12 19:39 - 00004091 _____ D:\Users\KH\Desktop\Gmer.txt

2013-11-12 19:12 - 2013-11-12 19:12 - 00158888 _____ D:\Windows\Minidump\111213-45879-01.dmp

2013-11-12 19:03 - 2013-11-12 19:03 - 00197992 _____ D:\Windows\Minidump\111213-48765-01.dmp

2013-11-12 18:11 - 2013-11-12 18:11 - 00377856 _____ D:\Users\KH\Desktop\gmer_2.1.19163.exe

2013-11-12 18:01 - 2013-11-12 18:01 - 00000000 ____D D:\FRST

2013-11-12 17:54 - 2013-11-12 17:57 - 00000466 _____ D:\Users\KH\Desktop\defogger_disable.log

2013-11-12 17:54 - 2013-11-12 17:54 - 00000000 _____ D:\Users\KH\defogger_reenable

2013-11-12 17:53 - 2013-11-12 17:53 - 00050477 _____ D:\Users\KH\Desktop\Defogger.exe

2013-11-12 17:48 - 2013-11-12 17:48 - 00000000 ____D D:\Users\KH\Documents\My Received Files

2013-11-12 17:48 - 2013-11-12 17:48 - 00000000 ____D D:\Users\KH\AppData\Roaming\MusicNet

2013-11-12 16:38 - 2013-11-12 16:38 - 00000000 ____D D:\Users\KH\AppData\Local\NVIDIA Corporation

2013-11-10 19:16 - 2013-11-10 19:16 - 00000000 ____D D:\Users\KH\AppData\Roaming\Avira

2013-11-10 19:15 - 2013-11-14 11:20 - 00137208 _____ (Avira Operations GmbH & Co. KG) D:\Windows\system32\Drivers\avipbb.sys

2013-11-10 19:15 - 2013-11-14 11:20 - 00090400 _____ (Avira Operations GmbH & Co. KG) D:\Windows\system32\Drivers\avgntflt.sys

2013-11-10 19:15 - 2013-11-10 19:15 - 00002022 _____ D:\Users\Public\Desktop\Avira Control Center.lnk

2013-11-10 19:15 - 2013-11-10 19:15 - 00000000 ____D D:\Program Files\Avira

2013-11-10 19:15 - 2013-11-10 19:09 - 00067680 _____ (Avira Operations GmbH & Co. KG) D:\Windows\system32\Drivers\avnetflt.sys

2013-11-10 19:15 - 2013-11-10 19:09 - 00037352 _____ (Avira Operations GmbH & Co. KG) D:\Windows\system32\Drivers\avkmgr.sys

2013-11-10 19:15 - 2013-11-10 19:09 - 00028520 _____ (Avira GmbH) D:\Windows\system32\Drivers\ssmdrv.sys

2013-11-10 19:06 - 2013-11-10 19:06 - 02296760 _____ D:\Users\KH\Desktop\avira_internet_security_suite.exe

2013-11-10 12:53 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 13120

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\Program Files\LucasArts

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 69534

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 69500

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 69268

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 66797

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 44421

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 43696

2013-11-10 12:50 - 2013-11-10 12:50 - 00000000 ____D D:\MFT 69327

2013-11-10 12:50 - 2013-11-10 12:50 - 00000000 ____D D:\MFT 43589

2013-11-10 12:49 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 69599

2013-11-10 12:49 - 2013-11-10 12:49 - 00000000 ____D D:\MFT 69537

2013-11-10 12:47 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84970

2013-11-10 12:47 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84925

2013-11-10 12:47 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84808

2013-11-10 12:47 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84152

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 99805

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 95531

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 95075

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 37463

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 2218

2013-11-10 12:44 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84847

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 99176

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 86563

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 84869

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 84110

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 48829

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 46649

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 44695

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 44585

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 44296

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 43434

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 37293

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 29708

2013-11-10 12:42 - 2013-11-10 12:42 - 00000000 ____D D:\MFT 69430

2013-11-10 12:39 - 2013-11-10 12:39 - 00000000 ____D D:\MFT 89457

2013-11-10 12:01 - 2013-11-10 12:01 - 00000000 ____D D:\Users\KH\AppData\Local\Avg2014

2013-11-10 10:57 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 85569

2013-11-10 10:57 - 2013-11-10 10:57 - 00000000 ____D D:\MFT 67386

2013-11-10 10:56 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 85251

2013-11-10 10:56 - 2013-11-10 10:56 - 00000000 ____D D:\MFT 37475

2013-11-10 10:55 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 85443

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 69652

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 69649

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 68594

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 67382

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 66129

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 619

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 47937

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 47931

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 47927

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 21752

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 18213

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 16634

2013-11-10 10:53 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 50434

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 9626

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 69244

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 69059

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 69052

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 68604

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 48730

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 48085

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 43046

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 140

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 10193

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69647

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69626

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69401

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69235

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69064

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69050

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69048

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69041

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 68597

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 68580

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 67403

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 67401

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 67399

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66478

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66472

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66457

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66135

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 28750

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 17744

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 15327

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 15276

2013-11-10 10:43 - 2013-11-10 12:50 - 00000000 ____D D:\MFT 69603

2013-11-10 10:43 - 2013-11-10 12:49 - 00000000 ____D D:\MFT 69491

2013-11-10 10:43 - 2013-11-10 12:49 - 00000000 ____D D:\MFT 69345

2013-11-10 10:43 - 2013-11-10 10:43 - 00000000 ____D D:\MFT 99757

2013-11-10 10:43 - 2013-11-10 10:43 - 00000000 ____D D:\MFT 99544

2013-11-10 10:28 - 2013-11-10 10:28 - 00000000 ____D D:\MFT 17617

2013-11-10 10:28 - 2013-11-10 10:28 - 00000000 ____D D:\MFT 15395

2013-11-10 10:18 - 2013-11-10 10:18 - 00000000 ____D D:\MFT 98455

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 77143

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 64491

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 63646

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 46360

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 45729

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 45723

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 2658

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 16514

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 99960

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 98476

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 6992

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 43812

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 261

2013-11-10 10:03 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 25091

2013-11-10 10:03 - 2013-11-10 12:48 - 00000000 ____D D:\MFT 40319

2013-11-10 10:03 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66778

2013-11-10 10:03 - 2013-11-10 10:03 - 00000000 ____D D:\MFT 71952

2013-11-10 10:03 - 2013-11-10 10:03 - 00000000 ____D D:\MFT 37473

2013-11-10 09:59 - 2013-11-10 20:31 - 00000000 ____D D:\MFT 63654

2013-11-10 09:59 - 2013-11-10 12:54 - 00000000 ____D D:\MFT 66742

2013-11-10 09:59 - 2013-11-10 12:54 - 00000000 ____D D:\MFT 29672

2013-11-10 09:59 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 84023

2013-11-10 09:59 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 83015

2013-11-10 09:59 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 69451

2013-11-10 09:59 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 69419

2013-11-10 09:59 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 63545

2013-11-10 09:59 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 35760

2013-11-10 09:59 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 65588

2013-11-10 09:59 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 47206

2013-11-10 09:59 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 41339

2013-11-10 09:59 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 27310

2013-11-10 09:59 - 2013-11-10 12:50 - 00000000 ____D D:\MFT 63505

2013-11-10 09:59 - 2013-11-10 12:50 - 00000000 ____D D:\MFT 60957

2013-11-10 09:59 - 2013-11-10 12:48 - 00000000 ____D D:\MFT 49115

2013-11-10 09:59 - 2013-11-10 12:48 - 00000000 ____D D:\MFT 48863

2013-11-10 09:59 - 2013-11-10 12:48 - 00000000 ____D D:\MFT 48501

2013-11-10 09:59 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 82784

2013-11-10 09:59 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 85663

2013-11-10 09:59 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 84838

2013-11-10 09:59 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 83029

2013-11-10 09:59 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 5659

2013-11-10 09:59 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 2519

2013-11-10 09:59 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 86951

2013-11-10 09:59 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 86507

2013-11-10 09:59 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 85679

2013-11-10 09:59 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 85448

2013-11-10 09:59 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 85011

2013-11-10 09:59 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 84088

2013-11-10 09:59 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 5821

2013-11-10 09:59 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 16537

2013-11-10 09:59 - 2013-11-10 12:43 - 00000000 ____D D:\MFT 48806

2013-11-10 09:59 - 2013-11-10 12:43 - 00000000 ____D D:\MFT 39942

2013-11-10 09:59 - 2013-11-10 12:43 - 00000000 ____D D:\MFT 29270

2013-11-10 09:59 - 2013-11-10 10:55 - 00000000 ____D D:\MFT 84701

2013-11-10 09:59 - 2013-11-10 10:55 - 00000000 ____D D:\MFT 49432

2013-11-10 09:59 - 2013-11-10 10:55 - 00000000 ____D D:\MFT 48844

2013-11-10 09:59 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 84233

2013-11-10 09:59 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 71072

2013-11-10 09:59 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 66932

2013-11-10 09:59 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 72750

2013-11-10 09:59 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 72099

2013-11-10 09:59 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 71615

2013-11-10 09:59 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 65795

2013-11-10 09:59 - 2013-11-10 10:33 - 00000000 ____D D:\MFT 99781

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\Users\kh_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\NVIDIA

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 96635

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 87506

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 86926

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 86337

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85766

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85024

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84860

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84812

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84207

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 83366

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 83365

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 82568

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 82545

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 77570

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 77564

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 72209

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 72006

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 60821

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 5768

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 57550

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 52432

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 49035

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 48736

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 34301

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 21750

2013-11-10 09:57 - 2013-11-10 13:23 - 00000000 ____D D:\MFT 94973

2013-11-10 09:57 - 2013-11-10 12:54 - 00000000 ____D D:\MFT 96010

2013-11-10 09:57 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 69421

2013-11-10 09:57 - 2013-11-10 12:50 - 00000000 ____D D:\MFT 65480

2013-11-10 09:57 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 95553

2013-11-10 09:57 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 95544

2013-11-10 09:57 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84255

2013-11-10 09:57 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 63300

2013-11-10 09:57 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 96060

2013-11-10 09:57 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 95996

2013-11-10 09:57 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 96050

2013-11-10 09:57 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 95557

2013-11-10 09:57 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 95555

2013-11-10 09:57 - 2013-11-10 12:42 - 00000000 ____D D:\MFT 69541

2013-11-10 09:57 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 68592

2013-11-10 09:57 - 2013-11-10 10:03 - 00000000 ____D D:\MFT 33137

2013-11-10 09:57 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85729

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 99424

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 98750

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 96479

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 75295

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69628

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69409

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69403

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69061

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 68602

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 67694

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 66492

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 66482

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 48696

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 48312

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 48307

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 48051

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 41994

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 37486

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 37470

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 25723

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 17498

2013-11-10 09:43 - 2013-11-10 10:43 - 00000000 ____D D:\MFT 44093

2013-11-10 08:20 - 2013-11-10 08:20 - 00002165 _____ D:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk

2013-11-10 08:20 - 2013-11-10 08:20 - 00002145 _____ D:\Users\Public\Desktop\TuneUp Utilities 2014.lnk

2013-11-10 08:20 - 2013-11-10 08:20 - 00000000 ____D D:\Users\KH\AppData\Roaming\TuneUp Software

2013-11-10 08:20 - 2013-11-10 08:20 - 00000000 ____D D:\Program Files\TuneUp Utilities 2014

2013-11-10 08:20 - 2013-10-12 02:28 - 00036664 _____ (TuneUp Software) D:\Windows\system32\TURegOpt.exe

2013-11-10 08:20 - 2013-10-12 02:28 - 00025400 _____ (TuneUp Software) D:\Windows\system32\authuitu.dll

2013-11-10 08:19 - 2013-11-10 08:26 - 00000000 __SHD D:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}

2013-11-10 08:18 - 2013-11-10 08:19 - 32522152 _____ (TuneUp Software) D:\Users\KH\Desktop\TuneUpUtilities2014_de-DE.exe

2013-11-10 07:58 - 2013-11-10 07:58 - 00110072 _____ D:\Users\kh-pc\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-10 07:56 - 2013-11-10 07:58 - 00000000 ____D D:\Users\kh-pc

2013-11-10 07:56 - 2013-11-10 07:56 - 00001431 _____ D:\Users\kh-pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2013-11-10 07:56 - 2013-11-10 07:56 - 00000020 ___SH D:\Users\kh-pc\ntuser.ini

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Startmenü

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Netzwerkumgebung

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Druckumgebung

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Documents\Eigene Musik

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Documents\Eigene Bilder

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\AppData\Local\Verlauf

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 ____D D:\Users\kh-pc\AppData\Roaming\Adobe

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 ____D D:\Users\kh-pc\AppData\Local\VirtualStore

2013-11-10 07:56 - 2013-07-04 21:02 - 00000000 ____D D:\Users\kh-pc\AppData\Roaming\Macromedia

2013-11-10 07:56 - 2009-10-26 14:45 - 00000000 ____D D:\Users\kh-pc\AppData\Local\Microsoft Help

2013-11-10 07:56 - 2009-07-14 05:42 - 00000000 ___RD D:\Users\kh-pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-11-10 07:56 - 2009-07-14 05:37 - 00000000 ___RD D:\Users\kh-pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-11-10 07:48 - 2013-11-10 11:00 - 00000428 _____ D:\Windows\Tasks\ASOService.job

2013-11-10 07:48 - 2013-11-10 07:48 - 00002256 _____ D:\Users\Public\Desktop\Intelligente PC-Wartung.lnk

2013-11-10 07:48 - 2013-11-10 07:48 - 00002204 _____ D:\Users\Public\Desktop\Advanced System Optimizer.lnk

2013-11-10 07:47 - 2013-11-10 07:53 - 00000000 ____D D:\Program Files\Advanced System Optimizer 3

2013-11-09 22:20 - 2013-11-12 17:00 - 00001202 _____ D:\Users\KH\Desktop\Renee Undeleter.lnk

2013-11-09 17:50 - 2013-11-09 17:55 - 00002216 _____ D:\Windows\system32\ASOROSet.bin

2013-11-09 15:33 - 2013-11-09 20:03 - 00271360 _____ D:\Users\KH\Documents\archive.pst

2013-11-09 14:32 - 2013-11-10 10:23 - 00271360 _____ D:\Users\KH\Documents\Outlook.pst

2013-11-09 13:57 - 2013-11-09 13:57 - 00110072 _____ D:\Users\kh_2.KH-PC.000\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 13:54 - 2013-11-09 14:06 - 00000000 ___RD D:\Users\kh_2.KH-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-11-09 13:54 - 2013-11-09 14:06 - 00000000 ____D D:\Users\kh_2.KH-PC.000

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Startmenü

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Netzwerkumgebung

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Druckumgebung

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Documents\Eigene Musik

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Documents\Eigene Bilder

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\AppData\Local\Verlauf

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 ____D D:\Users\kh_2.KH-PC.000\AppData\Roaming\Adobe

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 ____D D:\Users\kh_2.KH-PC.000\AppData\Local\VirtualStore

2013-11-09 13:54 - 2013-07-04 21:02 - 00000000 ____D D:\Users\kh_2.KH-PC.000\AppData\Roaming\Macromedia

2013-11-09 13:54 - 2011-11-12 16:45 - 00000000 ____D D:\Users\kh_2.KH-PC.000\AppData\Local\AskToolbar

2013-11-09 13:54 - 2009-10-26 14:45 - 00000000 ____D D:\Users\kh_2.KH-PC.000\AppData\Local\Microsoft Help

2013-11-09 13:42 - 2013-11-09 13:42 - 00000000 ____D D:\Users\KH\Tracing

2013-11-09 13:36 - 2013-11-09 13:36 - 00000000 ____D D:\Users\KH\Desktop\kh_2

2013-11-09 12:46 - 2013-11-09 14:05 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Local\Nero

2013-11-09 12:46 - 2013-11-09 12:46 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Roaming\Nero

2013-11-09 12:46 - 2013-11-09 12:46 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Local\Nero_AG

2013-11-09 12:43 - 2013-11-09 12:43 - 00110072 _____ D:\Users\kh_2.KH-PC\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 12:39 - 2013-11-09 14:06 - 00000000 ___RD D:\Users\kh_2.KH-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-11-09 12:39 - 2013-11-09 14:06 - 00000000 ____D D:\Users\kh_2.KH-PC

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\Startmenü

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\Netzwerkumgebung

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\Druckumgebung

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\AppData\Local\Verlauf

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Roaming\Adobe

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Local\VirtualStore

2013-11-09 12:39 - 2013-07-04 21:02 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Roaming\Macromedia

2013-11-09 12:39 - 2011-11-12 16:45 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Local\AskToolbar

2013-11-09 12:39 - 2009-10-26 14:45 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Local\Microsoft Help

2013-11-09 12:35 - 2013-11-09 15:33 - 00271360 _____ D:\Users\KH\Documents\bewerbung.pst

2013-11-09 11:32 - 2013-11-09 11:32 - 00000000 ____D D:\Users\KH\AppData\Local\Adobe

2013-11-09 11:27 - 2013-11-09 12:55 - 00271360 _____ D:\Users\KH\Desktop\Outlook.pst

2013-11-09 11:25 - 2013-11-10 15:46 - 00110072 _____ D:\Users\KH\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 11:25 - 2013-11-09 11:25 - 00000000 ____D D:\Users\KH\Documents\Amazon MP3

2013-11-09 10:49 - 2013-11-09 10:49 - 00110072 _____ D:\Users\xrcd73\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 10:48 - 2013-11-09 11:24 - 00000000 ____D D:\Users\xrcd73

2013-11-09 10:48 - 2013-11-09 11:23 - 00000000 ___RD D:\Users\xrcd73\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Startmenü

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Netzwerkumgebung

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Druckumgebung

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Documents\Eigene Musik

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Documents\Eigene Bilder

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\AppData\Local\Verlauf

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 ____D D:\Users\xrcd73\AppData\Roaming\Adobe

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 ____D D:\Users\xrcd73\AppData\Local\VirtualStore

2013-11-09 10:48 - 2013-07-04 21:02 - 00000000 ____D D:\Users\xrcd73\AppData\Roaming\Macromedia

2013-11-09 10:48 - 2011-11-12 16:45 - 00000000 ____D D:\Users\xrcd73\AppData\Local\AskToolbar

2013-11-09 10:48 - 2009-10-26 14:45 - 00000000 ____D D:\Users\xrcd73\AppData\Local\Microsoft Help

2013-11-09 10:41 - 2013-11-09 10:41 - 00000000 ____D D:\Users\kh_2\Desktop\KH

2013-11-09 10:39 - 2013-11-09 10:39 - 00110072 _____ D:\Users\kh_2\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 10:38 - 2013-11-09 11:24 - 00000000 ____D D:\Users\kh_2

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Startmenü

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Netzwerkumgebung

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Druckumgebung

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Documents\Eigene Musik

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Documents\Eigene Bilder

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\AppData\Local\Verlauf

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 ____D D:\Users\kh_2\AppData\Roaming\Adobe

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 ____D D:\Users\kh_2\AppData\Local\VirtualStore

2013-11-09 10:38 - 2013-07-04 21:02 - 00000000 ____D D:\Users\kh_2\AppData\Roaming\Macromedia

2013-11-09 10:38 - 2011-11-12 16:45 - 00000000 ____D D:\Users\kh_2\AppData\Local\AskToolbar

2013-11-09 10:38 - 2009-10-26 14:45 - 00000000 ____D D:\Users\kh_2\AppData\Local\Microsoft Help

2013-11-08 21:08 - 2013-11-09 19:33 - 00000000 ____D D:\Windows\system32\config\RCCBakup

2013-11-08 19:00 - 2013-11-08 19:00 - 00129536 _____ D:\Users\Public\AlexaNSISPlugin.4168.dll

2013-11-08 17:30 - 2013-11-09 14:05 - 00000000 ____D D:\Users\KH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie

2013-11-08 17:29 - 2013-11-09 14:05 - 00000000 ____D D:\Program Files\iRobinHood

2013-11-08 17:29 - 2013-11-08 17:29 - 00000000 ____D D:\Program Files\Uniblue

2013-11-08 17:28 - 2013-11-09 14:06 - 00000000 ____D D:\Program Files\CoolPic

2013-11-08 17:28 - 2013-11-09 14:05 - 00000000 ____D D:\Program Files\Mobogenie

2013-10-29 10:51 - 2013-11-10 12:01 - 00001812 _____ D:\Users\KH\Desktop\Gutschein_5_Tage_im_Schloss_Purschenstein_im_Erzgebirge_fÃ¼r_zwei_Personen.lnk

2013-10-28 21:13 - 2013-10-23 11:24 - 22933792 _____ (NVIDIA Corporation) D:\Windows\system32\nvoglv32.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 17560352 _____ (NVIDIA Corporation) D:\Windows\system32\nvcompiler.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 10410272 _____ (NVIDIA Corporation) D:\Windows\system32\Drivers\nvlddmkm.sys

2013-10-28 21:13 - 2013-10-23 11:24 - 09524088 _____ (NVIDIA Corporation) D:\Windows\system32\nvcuda.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 09480328 _____ (NVIDIA Corporation) D:\Windows\system32\nvopencl.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 02946848 _____ (NVIDIA Corporation) D:\Windows\system32\nvcuvid.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 02747168 _____ (NVIDIA Corporation) D:\Windows\system32\nvcuvenc.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 01049888 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispco3233165.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 00893728 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispgenco3233165.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 00599840 _____ (NVIDIA Corporation) D:\Windows\system32\NvFBC.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 00560416 _____ (NVIDIA Corporation) D:\Windows\system32\NvIFR.dll

2013-10-28 21:07 - 2013-11-08 21:47 - 00955168 _____ (NVIDIA Corporation) D:\Windows\system32\nvspcap.dll

2013-10-28 21:03 - 2013-09-28 00:01 - 00033568 _____ (NVIDIA Corporation) D:\Windows\system32\Drivers\nvvad32v.sys

2013-10-28 10:56 - 2013-11-10 12:01 - 00001327 _____ D:\Users\KH\Desktop\Kreativitätskindertagesstätte 13.11.13.lnk

2013-10-24 19:01 - 2013-11-10 12:01 - 00001367 _____ D:\Users\KH\Desktop\kita 001.lnk

2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) D:\Windows\system32\nvStreaming.exe

2013-10-22 19:07 - 2013-10-16 01:41 - 01049888 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispco3233158.dll

2013-10-22 19:07 - 2013-10-16 01:41 - 00893728 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispgenco3233158.dll

2013-10-21 08:52 - 2013-11-10 12:01 - 00001327 _____ D:\Users\KH\Desktop\Anja Hoffmann Erzieherin Lotusblüte.lnk

2013-10-21 05:05 - 2013-10-21 05:05 - 00264616 _____ (Oracle Corporation) D:\Windows\system32\javaws.exe

2013-10-21 05:05 - 2013-10-21 05:05 - 00175016 _____ (Oracle Corporation) D:\Windows\system32\javaw.exe

2013-10-21 05:05 - 2013-10-21 05:05 - 00174504 _____ (Oracle Corporation) D:\Windows\system32\java.exe

2013-10-21 05:05 - 2013-10-21 05:05 - 00094632 _____ (Oracle Corporation) D:\Windows\system32\WindowsAccessBridge.dll

2013-10-21 05:05 - 2013-10-21 05:05 - 00000000 ____D D:\ProgramData\Oracle

2013-10-21 05:05 - 2013-10-21 05:05 - 00000000 ____D D:\Program Files\Java

2013-10-21 05:05 - 2013-10-21 05:05 - 00000000 ____D D:\Program Files\Common Files\Java

2013-10-15 16:35 - 2013-10-23 11:24 - 15855568 _____ (NVIDIA Corporation) D:\Windows\system32\nvwgf2um.dll

2013-10-15 16:35 - 2013-10-23 11:24 - 15212336 _____ (NVIDIA Corporation) D:\Windows\system32\nvd3dum.dll

2013-10-15 16:35 - 2013-09-27 09:50 - 01049888 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispco3233140.dll

2013-10-15 16:35 - 2013-09-27 09:50 - 00893728 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispgenco3233140.dll

2013-10-15 16:23 - 2013-10-15 16:23 - 00336816 _____ D:\Windows\Minidump\101513-39171-01.dmp

2013-10-15 16:19 - 2013-10-15 16:19 - 00366872 _____ D:\Windows\Minidump\101513-48687-01.dmp
 

==================== One Month Modified Files and Folders =======
 

2013-11-14 18:38 - 2013-11-14 18:38 - 00009658 _____ D:\Users\KH\Desktop\FRST.txt

2013-11-14 18:37 - 2013-11-14 18:37 - 01090529 _____ (Farbar) D:\Users\KH\Desktop\FRST.exe

2013-11-14 18:36 - 2009-07-14 05:34 - 00014928 ____H D:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-11-14 18:36 - 2009-07-14 05:34 - 00014928 ____H D:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-11-14 18:32 - 2009-10-25 15:54 - 01621084 _____ D:\Windows\system32\PerfStringBackup.INI

2013-11-14 18:29 - 2013-11-14 18:29 - 00000000 ____D D:\Users\KH\AppData\Roaming\Systweak

2013-11-14 18:27 - 2009-10-25 16:17 - 00000000 ____D D:\ProgramData\NVIDIA

2013-11-14 18:27 - 2009-07-14 05:53 - 00000006 ____H D:\Windows\Tasks\SA.DAT

2013-11-14 18:27 - 2009-07-14 05:39 - 00327042 _____ D:\Windows\setupact.log

2013-11-14 18:26 - 2009-10-25 15:35 - 01864887 _____ D:\Windows\WindowsUpdate.log

2013-11-14 18:22 - 2013-11-14 18:22 - 00001409 _____ D:\Users\KH\Desktop\JRT.txt

2013-11-14 18:19 - 2013-11-14 18:19 - 00000000 ____D D:\Windows\ERUNT

2013-11-14 18:17 - 2013-11-14 18:17 - 01034531 _____ (Thisisu) D:\Users\KH\Desktop\JRT.exe

2013-11-14 18:13 - 2013-11-14 18:13 - 00040262 _____ D:\Users\KH\Desktop\Quarantine.txt

2013-11-14 18:12 - 2013-11-14 18:12 - 00015665 _____ D:\Users\KH\Desktop\AdwCleaner[R0].txt

2013-11-14 18:12 - 2013-11-14 18:12 - 00015441 _____ D:\Users\KH\Desktop\AdwCleaner[S0].txt

2013-11-14 18:03 - 2013-11-14 18:00 - 00000000 ____D D:\AdwCleaner

2013-11-14 18:03 - 2013-11-08 17:29 - 00000000 ____D D:\Program Files\Uniblue

2013-11-14 18:03 - 2012-12-21 13:42 - 00000000 ____D D:\Program Files\Mozilla Firefox

2013-11-14 17:58 - 2013-11-14 17:58 - 01085542 _____ D:\Users\KH\Desktop\adwcleaner.exe

2013-11-14 17:44 - 2009-10-25 16:17 - 00147476 _____ D:\Windows\PFRO.log

2013-11-14 17:42 - 2009-07-14 05:52 - 00000000 ____D D:\Windows\addins

2013-11-14 17:23 - 2013-11-14 17:23 - 00001077 _____ D:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-11-14 17:23 - 2013-11-14 17:23 - 00000000 ____D D:\Users\KH\AppData\Roaming\Malwarebytes

2013-11-14 17:23 - 2013-11-14 17:23 - 00000000 ____D D:\ProgramData\Malwarebytes

2013-11-14 17:23 - 2013-11-14 17:23 - 00000000 ____D D:\Program Files\Malwarebytes' Anti-Malware

2013-11-14 17:20 - 2013-11-14 17:20 - 10285040 _____ (Malwarebytes Corporation                                    ) D:\Users\KH\Desktop\mbam-setup-1.75.0.1300.exe

2013-11-14 16:43 - 2012-04-09 17:29 - 00692616 _____ (Adobe Systems Incorporated) D:\Windows\system32\FlashPlayerApp.exe

2013-11-14 16:43 - 2011-05-19 04:59 - 00071048 _____ (Adobe Systems Incorporated) D:\Windows\system32\FlashPlayerCPLApp.cpl

2013-11-14 16:42 - 2013-11-14 16:42 - 17669000 _____ (Adobe Systems Incorporated) D:\Users\KH\Downloads\flashplayer_11_ax_debug.exe

2013-11-14 11:20 - 2013-11-10 19:15 - 00137208 _____ (Avira Operations GmbH & Co. KG) D:\Windows\system32\Drivers\avipbb.sys

2013-11-14 11:20 - 2013-11-10 19:15 - 00090400 _____ (Avira Operations GmbH & Co. KG) D:\Windows\system32\Drivers\avgntflt.sys

2013-11-13 21:14 - 2009-07-14 03:37 - 00000000 ____D D:\Windows\rescache

2013-11-13 17:13 - 2013-11-13 17:13 - 00023722 _____ D:\Users\KH\Desktop\ComboFix.txt

2013-11-13 17:12 - 2013-11-13 17:12 - 00003279 _____ D:\Users\KH\Desktop\ComboFix-quarantined-files.txt

2013-11-13 17:06 - 2013-11-13 17:06 - 00023722 _____ D:\ComboFix.txt

2013-11-13 17:06 - 2013-11-13 16:47 - 00000000 ____D D:\Qoobox

2013-11-13 17:06 - 2009-07-14 03:37 - 00000000 __RHD D:\Users\Default

2013-11-13 17:06 - 2009-07-14 03:37 - 00000000 ___RD D:\Users\Public

2013-11-13 17:05 - 2013-11-13 16:47 - 00000000 ____D D:\Windows\erdnt

2013-11-13 17:01 - 2009-07-14 03:04 - 00000215 _____ D:\Windows\system.ini

2013-11-13 16:59 - 2009-07-14 03:03 - 51380224 _____ D:\Windows\system32\config\software.bak

2013-11-13 16:59 - 2009-07-14 03:03 - 21757952 _____ D:\Windows\system32\config\system.bak

2013-11-13 16:59 - 2009-07-14 03:03 - 00524288 _____ D:\Windows\system32\config\default.bak

2013-11-13 16:59 - 2009-07-14 03:03 - 00262144 _____ D:\Windows\system32\config\sam.bak

2013-11-13 16:59 - 2009-07-14 03:03 - 00028672 _____ D:\Windows\system32\config\security.bak

2013-11-13 16:33 - 2013-11-13 16:33 - 05147957 ____R (Swearware) D:\Users\KH\Desktop\ComboFix.exe

2013-11-13 05:52 - 2009-07-14 09:47 - 00000000 ____D D:\Windows\system32\Drivers\de-DE

2013-11-13 05:52 - 2009-07-14 03:37 - 00000000 ____D D:\Windows\system32\de-DE

2013-11-13 02:56 - 2009-10-26 12:30 - 00000000 ____D D:\ProgramData\Microsoft Help

2013-11-13 02:53 - 2013-11-13 02:49 - 00009945 _____ D:\Windows\IE11_main.log

2013-11-13 02:50 - 2013-11-13 02:50 - 02166272 _____ (Microsoft Corporation) D:\Windows\system32\iertutil.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 01926656 _____ (Microsoft Corporation) D:\Windows\system32\inetcpl.cpl

2013-11-13 02:50 - 2013-11-13 02:50 - 01818112 _____ (Microsoft Corporation) D:\Windows\system32\wininet.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 01156608 _____ (Microsoft Corporation) D:\Windows\system32\urlmon.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 01051136 _____ (Microsoft Corporation) D:\Windows\system32\mshtmlmedia.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00703488 _____ (Microsoft Corporation) D:\Windows\system32\ieapfltr.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00646144 _____ (Microsoft Corporation) D:\Windows\system32\MsSpellCheckingFacility.exe

2013-11-13 02:50 - 2013-11-13 02:50 - 00645120 _____ (Microsoft Corporation) D:\Windows\system32\jsIntl.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00616104 _____ (Microsoft Corporation) D:\Windows\system32\ieapfltr.dat

2013-11-13 02:50 - 2013-11-13 02:50 - 00523776 _____ (Microsoft Corporation) D:\Windows\system32\msfeeds.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00367104 _____ (Microsoft Corporation) D:\Windows\system32\dxtmsft.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00337408 _____ (Microsoft Corporation) D:\Windows\system32\html.iec

2013-11-13 02:50 - 2013-11-13 02:50 - 00244736 _____ (Microsoft Corporation) D:\Windows\system32\dxtrans.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00238288 _____ (Microsoft Corporation) D:\Windows\system32\iedkcs32.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00233472 _____ (Microsoft Corporation) D:\Windows\system32\url.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00208896 _____ (Microsoft Corporation) D:\Windows\system32\ie4uinit.exe

2013-11-13 02:50 - 2013-11-13 02:50 - 00208384 _____ (Microsoft Corporation) D:\Windows\system32\webcheck.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00194048 _____ (Microsoft Corporation) D:\Windows\system32\elshyph.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00182272 _____ (Microsoft Corporation) D:\Windows\system32\msls31.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00164864 _____ (Microsoft Corporation) D:\Windows\system32\msrating.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00151552 _____ (Microsoft Corporation) D:\Windows\system32\iexpress.exe

2013-11-13 02:50 - 2013-11-13 02:50 - 00139264 _____ (Microsoft Corporation) D:\Windows\system32\wextract.exe

2013-11-13 02:50 - 2013-11-13 02:50 - 00083456 _____ (Microsoft Corporation) D:\Windows\system32\inseng.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00071680 _____ (Microsoft Corporation) D:\Windows\system32\RegisterIEPKEYs.exe

2013-11-13 02:50 - 2013-11-13 02:50 - 00069632 _____ (Microsoft Corporation) D:\Windows\system32\mshtmled.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00069120 _____ (Microsoft Corporation) D:\Windows\system32\icardie.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00062464 _____ (Microsoft Corporation) D:\Windows\system32\tdc.ocx

2013-11-13 02:50 - 2013-11-13 02:50 - 00061952 _____ (Microsoft Corporation) D:\Windows\system32\iesetup.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00043008 _____ (Microsoft Corporation) D:\Windows\system32\jsproxy.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00034816 _____ (Microsoft Corporation) D:\Windows\system32\JavaScriptCollectionAgent.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00032768 _____ (Microsoft Corporation) D:\Windows\system32\iernonce.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00024576 _____ (Microsoft Corporation) D:\Windows\system32\licmgr10.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 17142784 _____ (Microsoft Corporation) D:\Windows\system32\mshtml.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 11220992 _____ (Microsoft Corporation) D:\Windows\system32\ieframe.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 04240384 _____ (Microsoft Corporation) D:\Windows\system32\jscript9.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 02724864 _____ (Microsoft Corporation) D:\Windows\system32\mshtml.tlb

2013-11-13 02:49 - 2013-11-13 02:49 - 00610304 _____ (Microsoft Corporation) D:\Windows\system32\jscript.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00553472 _____ (Microsoft Corporation) D:\Windows\system32\jscript9diag.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00454656 _____ (Microsoft Corporation) D:\Windows\system32\vbscript.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00440832 _____ (Microsoft Corporation) D:\Windows\system32\ieui.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00127488 _____ (Microsoft Corporation) D:\Windows\system32\occache.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00116736 _____ (Microsoft Corporation) D:\Windows\system32\iepeers.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00112128 _____ (Microsoft Corporation) D:\Windows\system32\ieUnatt.exe

2013-11-13 02:49 - 2013-11-13 02:49 - 00111616 _____ (Microsoft Corporation) D:\Windows\system32\IEAdvpack.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00108032 _____ (Microsoft Corporation) D:\Windows\system32\ieetwcollector.exe

2013-11-13 02:49 - 2013-11-13 02:49 - 00086016 _____ (Microsoft Corporation) D:\Windows\system32\iesysprep.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00074240 _____ (Microsoft Corporation) D:\Windows\system32\SetIEInstalledDate.exe

2013-11-13 02:49 - 2013-11-13 02:49 - 00061952 _____ (Microsoft Corporation) D:\Windows\system32\MshtmlDac.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00056832 _____ (Microsoft Corporation) D:\Windows\system32\pngfilt.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00051200 _____ (Microsoft Corporation) D:\Windows\system32\ieetwproxystub.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00048640 _____ (Microsoft Corporation) D:\Windows\system32\mshtmler.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00043008 _____ (Microsoft Corporation) D:\Windows\system32\msfeedsbs.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00036352 _____ (Microsoft Corporation) D:\Windows\system32\imgutil.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00013312 _____ (Microsoft Corporation) D:\Windows\system32\mshta.exe

2013-11-13 02:49 - 2013-11-13 02:49 - 00012800 _____ (Microsoft Corporation) D:\Windows\system32\msfeedssync.exe

2013-11-13 02:49 - 2013-11-13 02:49 - 00004096 _____ (Microsoft Corporation) D:\Windows\system32\ieetwcollectorres.dll

2013-11-13 02:48 - 2013-07-11 17:06 - 00000000 ____D D:\Windows\system32\MRT

2013-11-13 02:46 - 2009-10-25 16:23 - 80340640 _____ (Microsoft Corporation) D:\Windows\system32\MRT.exe

2013-11-12 19:39 - 2013-11-12 19:39 - 00004091 _____ D:\Users\KH\Desktop\Gmer.txt

2013-11-12 19:12 - 2013-11-12 19:12 - 00158888 _____ D:\Windows\Minidump\111213-45879-01.dmp

2013-11-12 19:12 - 2012-06-27 20:31 - 00000000 ____D D:\Windows\Minidump

2013-11-12 19:03 - 2013-11-12 19:03 - 00197992 _____ D:\Windows\Minidump\111213-48765-01.dmp

2013-11-12 18:58 - 2009-10-25 15:53 - 00000000 ____D D:\Users\KH\AppData\Local\VirtualStore

2013-11-12 18:39 - 2013-07-27 16:49 - 00001912 _____ D:\Windows\epplauncher.mif

2013-11-12 18:11 - 2013-11-12 18:11 - 00377856 _____ D:\Users\KH\Desktop\gmer_2.1.19163.exe

2013-11-12 18:01 - 2013-11-12 18:01 - 00000000 ____D D:\FRST

2013-11-12 17:57 - 2013-11-12 17:54 - 00000466 _____ D:\Users\KH\Desktop\defogger_disable.log

2013-11-12 17:54 - 2013-11-12 17:54 - 00000000 _____ D:\Users\KH\defogger_reenable

2013-11-12 17:54 - 2009-10-25 15:53 - 00000000 ____D D:\Users\KH

2013-11-12 17:53 - 2013-11-12 17:53 - 00050477 _____ D:\Users\KH\Desktop\Defogger.exe

2013-11-12 17:48 - 2013-11-12 17:48 - 00000000 ____D D:\Users\KH\Documents\My Received Files

2013-11-12 17:48 - 2013-11-12 17:48 - 00000000 ____D D:\Users\KH\AppData\Roaming\MusicNet

2013-11-12 17:00 - 2013-11-09 22:20 - 00001202 _____ D:\Users\KH\Desktop\Renee Undeleter.lnk

2013-11-12 16:38 - 2013-11-12 16:38 - 00000000 ____D D:\Users\KH\AppData\Local\NVIDIA Corporation

2013-11-10 20:59 - 2009-07-14 05:41 - 00000749 ___RH D:\Windows\WindowsShell.Manifest

2013-11-10 20:59 - 2009-07-14 03:37 - 00000000 __RHD D:\Users\Public\Libraries

2013-11-10 20:31 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 63654

2013-11-10 19:16 - 2013-11-10 19:16 - 00000000 ____D D:\Users\KH\AppData\Roaming\Avira

2013-11-10 19:15 - 2013-11-10 19:15 - 00002022 _____ D:\Users\Public\Desktop\Avira Control Center.lnk

2013-11-10 19:15 - 2013-11-10 19:15 - 00000000 ____D D:\Program Files\Avira

2013-11-10 19:15 - 2011-11-12 16:45 - 00000000 ____D D:\ProgramData\Avira

2013-11-10 19:09 - 2013-11-10 19:15 - 00067680 _____ (Avira Operations GmbH & Co. KG) D:\Windows\system32\Drivers\avnetflt.sys

2013-11-10 19:09 - 2013-11-10 19:15 - 00037352 _____ (Avira Operations GmbH & Co. KG) D:\Windows\system32\Drivers\avkmgr.sys

2013-11-10 19:09 - 2013-11-10 19:15 - 00028520 _____ (Avira GmbH) D:\Windows\system32\Drivers\ssmdrv.sys

2013-11-10 19:06 - 2013-11-10 19:06 - 02296760 _____ D:\Users\KH\Desktop\avira_internet_security_suite.exe

2013-11-10 15:46 - 2013-11-09 11:25 - 00110072 _____ D:\Users\KH\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-10 15:46 - 2009-07-14 05:33 - 00415560 _____ D:\Windows\system32\FNTCACHE.DAT

2013-11-10 15:43 - 2011-03-20 15:40 - 00000000 ____D D:\Program Files\Microsoft Works

2013-11-10 15:43 - 2011-03-20 15:40 - 00000000 ____D D:\Program Files\Common Files\DESIGNER

2013-11-10 15:42 - 2009-07-14 09:57 - 00000000 ____D D:\Windows\ShellNew

2013-11-10 15:37 - 2009-07-14 03:04 - 00000478 _____ D:\Windows\win.ini

2013-11-10 13:23 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 94973

2013-11-10 12:54 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 66742

2013-11-10 12:54 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 29672

2013-11-10 12:54 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 96010

2013-11-10 12:53 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 13120

2013-11-10 12:53 - 2013-11-10 12:49 - 00000000 ____D D:\MFT 69599

2013-11-10 12:53 - 2013-11-10 10:55 - 00000000 ____D D:\MFT 85443

2013-11-10 12:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84023

2013-11-10 12:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 83015

2013-11-10 12:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 69451

2013-11-10 12:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 69419

2013-11-10 12:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 63545

2013-11-10 12:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 35760

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\Program Files\LucasArts

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 69534

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 69500

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 69268

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 66797

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 44421

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 43696

2013-11-10 12:51 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 50434

2013-11-10 12:51 - 2013-11-10 10:03 - 00000000 ____D D:\MFT 25091

2013-11-10 12:51 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 65588

2013-11-10 12:51 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 47206

2013-11-10 12:51 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 41339

2013-11-10 12:51 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 27310

2013-11-10 12:51 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69421

2013-11-10 12:50 - 2013-11-10 12:50 - 00000000 ____D D:\MFT 69327

2013-11-10 12:50 - 2013-11-10 12:50 - 00000000 ____D D:\MFT 43589

2013-11-10 12:50 - 2013-11-10 10:43 - 00000000 ____D D:\MFT 69603

2013-11-10 12:50 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 63505

2013-11-10 12:50 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 60957

2013-11-10 12:50 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 65480

2013-11-10 12:49 - 2013-11-10 12:49 - 00000000 ____D D:\MFT 69537

2013-11-10 12:49 - 2013-11-10 10:43 - 00000000 ____D D:\MFT 69491

2013-11-10 12:49 - 2013-11-10 10:43 - 00000000 ____D D:\MFT 69345

2013-11-10 12:48 - 2013-11-10 10:03 - 00000000 ____D D:\MFT 40319

2013-11-10 12:48 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 49115

2013-11-10 12:48 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 48863

2013-11-10 12:48 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 48501

2013-11-10 12:47 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84970

2013-11-10 12:47 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84925

2013-11-10 12:47 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84808

2013-11-10 12:47 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84152

2013-11-10 12:47 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 84847

2013-11-10 12:47 - 2013-11-10 10:56 - 00000000 ____D D:\MFT 85251

2013-11-10 12:47 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 82784

2013-11-10 12:47 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 95553

2013-11-10 12:47 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 95544

2013-11-10 12:47 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 84255

2013-11-10 12:47 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 63300

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 99805

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 95531

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 95075

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 37463

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 2218

2013-11-10 12:45 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85663

2013-11-10 12:45 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84838

2013-11-10 12:45 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 83029

2013-11-10 12:45 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 5659

2013-11-10 12:45 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 2519

2013-11-10 12:45 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 96060

2013-11-10 12:45 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 95996

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 99176

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 86563

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 84869

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 84110

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 48829

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 46649

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 44695

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 44585

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 44296

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 43434

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 37293

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 29708

2013-11-10 12:44 - 2013-11-10 10:57 - 00000000 ____D D:\MFT 85569

2013-11-10 12:44 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 86951

2013-11-10 12:44 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 86507

2013-11-10 12:44 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85679

2013-11-10 12:44 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85448

2013-11-10 12:44 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85011

2013-11-10 12:44 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84088

2013-11-10 12:44 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 5821

2013-11-10 12:44 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 16537

2013-11-10 12:44 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 96050

2013-11-10 12:44 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 95557

2013-11-10 12:44 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 95555

2013-11-10 12:43 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 48806

2013-11-10 12:43 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 39942

2013-11-10 12:43 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 29270

2013-11-10 12:42 - 2013-11-10 12:42 - 00000000 ____D D:\MFT 69430

2013-11-10 12:42 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69541

2013-11-10 12:41 - 2013-04-18 05:32 - 00000000 ____D D:\Users\KH\AppData\Roaming\player

2013-11-10 12:39 - 2013-11-10 12:39 - 00000000 ____D D:\MFT 89457

2013-11-10 12:01 - 2013-11-10 12:01 - 00000000 ____D D:\Users\KH\AppData\Local\Avg2014

2013-11-10 12:01 - 2013-10-29 10:51 - 00001812 _____ D:\Users\KH\Desktop\Gutschein_5_Tage_im_Schloss_Purschenstein_im_Erzgebirge_fÃ¼r_zwei_Personen.lnk

2013-11-10 12:01 - 2013-10-28 10:56 - 00001327 _____ D:\Users\KH\Desktop\Kreativitätskindertagesstätte 13.11.13.lnk

2013-11-10 12:01 - 2013-10-24 19:01 - 00001367 _____ D:\Users\KH\Desktop\kita 001.lnk

2013-11-10 12:01 - 2013-10-21 08:52 - 00001327 _____ D:\Users\KH\Desktop\Anja Hoffmann Erzieherin Lotusblüte.lnk

2013-11-10 11:40 - 2013-01-24 13:07 - 00000000 ____D D:\Users\KH\AppData\Local\Nero

2013-11-10 11:21 - 2009-07-14 03:37 - 00000000 ____D D:\Windows\system32\NDF

2013-11-10 11:00 - 2013-11-10 07:48 - 00000428 _____ D:\Windows\Tasks\ASOService.job

2013-11-10 10:57 - 2013-11-10 10:57 - 00000000 ____D D:\MFT 67386

2013-11-10 10:56 - 2013-11-10 10:56 - 00000000 ____D D:\MFT 37475

2013-11-10 10:55 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84701

2013-11-10 10:55 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 49432

2013-11-10 10:55 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 48844

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 69652

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 69649

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 68594

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 67382

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 66129

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 619

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 47937

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 47931

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 47927

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 21752

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 18213

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 16634

2013-11-10 10:54 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84233

2013-11-10 10:54 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 71072

2013-11-10 10:54 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 66932

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 9626

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 69244

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 69059

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 69052

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 68604

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 48730

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 48085

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 43046

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 140

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 10193

2013-11-10 10:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 72750

2013-11-10 10:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 72099

2013-11-10 10:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 71615

2013-11-10 10:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 65795

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69647

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69626

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69401

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69235

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69064

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69050

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69048

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69041

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 68597

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 68580

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 67403

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 67401

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 67399

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66478

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66472

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66457

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66135

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 28750

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 17744

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 15327

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 15276

2013-11-10 10:52 - 2013-11-10 10:03 - 00000000 ____D D:\MFT 66778

2013-11-10 10:52 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 68592

2013-11-10 10:52 - 2013-07-19 18:07 - 00000000 ____D D:\Users\KH\AppData\Roaming\DVDVideoSoft

2013-11-10 10:43 - 2013-11-10 10:43 - 00000000 ____D D:\MFT 99757

2013-11-10 10:43 - 2013-11-10 10:43 - 00000000 ____D D:\MFT 99544

2013-11-10 10:43 - 2013-11-10 09:43 - 00000000 ____D D:\MFT 44093

2013-11-10 10:33 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 99781

2013-11-10 10:28 - 2013-11-10 10:28 - 00000000 ____D D:\MFT 17617

2013-11-10 10:28 - 2013-11-10 10:28 - 00000000 ____D D:\MFT 15395

2013-11-10 10:27 - 2009-10-26 13:43 - 00000000 ____D D:\ProgramData\SFirm32

2013-11-10 10:23 - 2013-11-09 14:32 - 00271360 _____ D:\Users\KH\Documents\Outlook.pst

2013-11-10 10:18 - 2013-11-10 10:18 - 00000000 ____D D:\MFT 98455

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 77143

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 64491

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 63646

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 46360

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 45729

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 45723

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 2658

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 16514

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 99960

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 98476

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 6992

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 43812

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 261

2013-11-10 10:03 - 2013-11-10 10:03 - 00000000 ____D D:\MFT 71952

2013-11-10 10:03 - 2013-11-10 10:03 - 00000000 ____D D:\MFT 37473

2013-11-10 10:03 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 33137

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\Users\kh_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\NVIDIA

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 96635

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 87506

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 86926

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 86337

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85766

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85024

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84860

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84812

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84207

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 83366

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 83365

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 82568

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 82545

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 77570

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 77564

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 72209

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 72006

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 60821

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 5768

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 57550

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 52432

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 49035

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 48736

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 34301

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 21750

2013-11-10 09:59 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 85729

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 99424

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 98750

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 96479

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 75295

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69628

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69409

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69403

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69061

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 68602

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 67694

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 66492

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 66482

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 48696

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 48312

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 48307

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 48051

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 41994

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 37486

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 37470

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 25723

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 17498

2013-11-10 09:46 - 2009-10-25 19:09 - 00000000 ____D D:\Users\KH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2013-11-10 08:26 - 2013-11-10 08:19 - 00000000 __SHD D:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}

2013-11-10 08:26 - 2013-09-09 13:36 - 00000000 __SHD D:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}

2013-11-10 08:26 - 2009-10-26 14:22 - 00000000 ___HD D:\ProgramData\{8F84A085-61F5-420C-99B2-2BCE2C37763C}

2013-11-10 08:26 - 2009-10-26 12:30 - 00000000 ____D D:\Users\KH\AppData\Local\Microsoft Help

2013-11-10 08:21 - 2013-09-09 13:36 - 00000000 ____D D:\ProgramData\TuneUp Software

2013-11-10 08:20 - 2013-11-10 08:20 - 00002165 _____ D:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk

2013-11-10 08:20 - 2013-11-10 08:20 - 00002145 _____ D:\Users\Public\Desktop\TuneUp Utilities 2014.lnk

2013-11-10 08:20 - 2013-11-10 08:20 - 00000000 ____D D:\Users\KH\AppData\Roaming\TuneUp Software

2013-11-10 08:20 - 2013-11-10 08:20 - 00000000 ____D D:\Program Files\TuneUp Utilities 2014

2013-11-10 08:19 - 2013-11-10 08:18 - 32522152 _____ (TuneUp Software) D:\Users\KH\Desktop\TuneUpUtilities2014_de-DE.exe

2013-11-10 07:58 - 2013-11-10 07:58 - 00110072 _____ D:\Users\kh-pc\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-10 07:58 - 2013-11-10 07:56 - 00000000 ____D D:\Users\kh-pc

2013-11-10 07:56 - 2013-11-10 07:56 - 00001431 _____ D:\Users\kh-pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2013-11-10 07:56 - 2013-11-10 07:56 - 00000020 ___SH D:\Users\kh-pc\ntuser.ini

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Startmenü

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Netzwerkumgebung

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Druckumgebung

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Documents\Eigene Musik

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Documents\Eigene Bilder

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\AppData\Local\Verlauf

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 ____D D:\Users\kh-pc\AppData\Roaming\Adobe

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 ____D D:\Users\kh-pc\AppData\Local\VirtualStore

2013-11-10 07:53 - 2013-11-10 07:47 - 00000000 ____D D:\Program Files\Advanced System Optimizer 3

2013-11-10 07:48 - 2013-11-10 07:48 - 00002256 _____ D:\Users\Public\Desktop\Intelligente PC-Wartung.lnk

2013-11-10 07:48 - 2013-11-10 07:48 - 00002204 _____ D:\Users\Public\Desktop\Advanced System Optimizer.lnk

2013-11-09 20:25 - 2013-01-24 13:08 - 00000000 ____D D:\Users\KH\AppData\Roaming\Nero

2013-11-09 20:03 - 2013-11-09 15:33 - 00271360 _____ D:\Users\KH\Documents\archive.pst

2013-11-09 19:33 - 2013-11-08 21:08 - 00000000 ____D D:\Windows\system32\config\RCCBakup

2013-11-09 17:55 - 2013-11-09 17:50 - 00002216 _____ D:\Windows\system32\ASOROSet.bin

2013-11-09 15:33 - 2013-11-09 12:35 - 00271360 _____ D:\Users\KH\Documents\bewerbung.pst

2013-11-09 14:06 - 2013-11-09 13:54 - 00000000 ___RD D:\Users\kh_2.KH-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-11-09 14:06 - 2013-11-09 13:54 - 00000000 ____D D:\Users\kh_2.KH-PC.000

2013-11-09 14:06 - 2013-11-09 12:39 - 00000000 ___RD D:\Users\kh_2.KH-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-11-09 14:06 - 2013-11-09 12:39 - 00000000 ____D D:\Users\kh_2.KH-PC

2013-11-09 14:06 - 2013-11-08 17:28 - 00000000 ____D D:\Program Files\CoolPic

2013-11-09 14:06 - 2009-07-14 03:37 - 00000000 ____D D:\Windows\system32\wfp

2013-11-09 14:05 - 2013-11-09 12:46 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Local\Nero

2013-11-09 14:05 - 2013-11-08 17:30 - 00000000 ____D D:\Users\KH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie

2013-11-09 14:05 - 2013-11-08 17:29 - 00000000 ____D D:\Program Files\iRobinHood

2013-11-09 14:05 - 2013-11-08 17:28 - 00000000 ____D D:\Program Files\Mobogenie

2013-11-09 14:05 - 2013-08-25 22:08 - 00000000 ____D D:\Users\KH\AppData\Roaming\Audacity

2013-11-09 14:05 - 2013-02-14 20:22 - 00000000 ___RD D:\Users\KH\Desktop\lplex-0.3-win64

2013-11-09 14:05 - 2013-02-14 20:06 - 00000000 ____D D:\Users\KH\AppData\Roaming\lplex

2013-11-09 14:05 - 2013-01-21 15:47 - 00000000 ___RD D:\Users\KH\SkyDrive

2013-11-09 14:05 - 2013-01-15 20:07 - 00000000 ____D D:\Users\KH\AppData\Roaming\Pegasys Inc

2013-11-09 14:05 - 2013-01-05 22:26 - 00000000 ____D D:\Users\KH\AppData\Roaming\dvdcss

2013-11-09 14:05 - 2013-01-03 20:04 - 00000000 ____D D:\Program Files\Cypheros

2013-11-09 14:05 - 2013-01-03 13:14 - 00000000 ____D D:\Users\KH\AppData\Roaming\vlc

2013-11-09 14:05 - 2011-01-08 22:17 - 00000000 ____D D:\Users\KH\AppData\Roaming\PhotoScape

2013-11-09 14:05 - 2010-11-07 10:54 - 00000000 ____D D:\Program Files\LuminanceHDR-2.0.1

2013-11-09 14:05 - 2009-11-17 17:23 - 00000000 ____D D:\Users\KH\AppData\Local\{6CDD08D2-4502-44F0-9753-3D5B10261DFE}

2013-11-09 14:05 - 2009-11-04 09:58 - 00000000 ____D D:\Users\KH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ghostscript

2013-11-09 14:05 - 2009-10-26 14:20 - 00000000 ____D D:\Program Files\WIN-CASA2009

2013-11-09 14:05 - 2009-10-25 15:53 - 00000000 ____D D:\Users\KH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-11-09 14:05 - 2009-10-25 15:53 - 00000000 ____D D:\Users\KH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-11-09 14:05 - 2009-07-14 05:52 - 00000000 ____D D:\Windows\system32\WinBioDatabase

2013-11-09 14:05 - 2009-07-14 03:37 - 00000000 ____D D:\Windows\registration

2013-11-09 14:04 - 2013-08-24 18:17 - 00000000 ____D D:\Users\KH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon

2013-11-09 14:04 - 2013-01-11 22:03 - 00000000 ____D D:\Users\KH\AppData\Roaming\Digiarty

2013-11-09 14:04 - 2013-01-09 11:42 - 00000000 ____D D:\Users\KH\AppData\Roaming\Sony

2013-11-09 14:04 - 2012-01-17 22:07 - 00000000 ____D D:\Users\KH\AppData\Roaming\Canneverbe Limited

2013-11-09 14:04 - 2009-10-25 16:03 - 00000000 ____D D:\Users\KH\AppData\Roaming\Macromedia

2013-11-09 14:04 - 2009-10-25 16:03 - 00000000 ____D D:\Users\KH\AppData\Roaming\Adobe

2013-11-09 14:03 - 2013-09-06 20:24 - 00000000 ____D D:\Users\KH\AppData\Local\NVIDIA

2013-11-09 14:03 - 2013-01-24 13:08 - 00000000 ____D D:\Users\KH\AppData\Local\Nero_AG

2013-11-09 14:03 - 2013-01-09 11:50 - 00000000 ____D D:\Users\KH\AppData\Local\Sony

2013-11-09 14:03 - 2011-01-07 18:56 - 00000000 ____D D:\Users\KH\AppData\Local\Panasonic

2013-11-09 14:03 - 2009-11-15 16:24 - 00000000 ____D D:\Users\KH\AppData\Local\Microsoft Games

2013-11-09 14:02 - 2009-07-14 03:37 - 00000000 ____D D:\Program Files\Common Files\microsoft shared

2013-11-09 13:57 - 2013-11-09 13:57 - 00110072 _____ D:\Users\kh_2.KH-PC.000\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Startmenü

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Netzwerkumgebung

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Druckumgebung

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Documents\Eigene Musik

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Documents\Eigene Bilder

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\AppData\Local\Verlauf

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 ____D D:\Users\kh_2.KH-PC.000\AppData\Roaming\Adobe

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 ____D D:\Users\kh_2.KH-PC.000\AppData\Local\VirtualStore

2013-11-09 13:42 - 2013-11-09 13:42 - 00000000 ____D D:\Users\KH\Tracing

2013-11-09 13:36 - 2013-11-09 13:36 - 00000000 ____D D:\Users\KH\Desktop\kh_2

2013-11-09 12:55 - 2013-11-09 11:27 - 00271360 _____ D:\Users\KH\Desktop\Outlook.pst

2013-11-09 12:46 - 2013-11-09 12:46 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Roaming\Nero

2013-11-09 12:46 - 2013-11-09 12:46 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Local\Nero_AG

2013-11-09 12:43 - 2013-11-09 12:43 - 00110072 _____ D:\Users\kh_2.KH-PC\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\Startmenü

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\Netzwerkumgebung

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\Druckumgebung

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\AppData\Local\Verlauf

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Roaming\Adobe

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Local\VirtualStore

2013-11-09 12:31 - 2012-12-31 12:55 - 00000000 ____D D:\Program Files\Technisat

2013-11-09 12:31 - 2009-12-08 20:45 - 00000000 ____D D:\Users\KH\AppData\Local\Google

2013-11-09 11:32 - 2013-11-09 11:32 - 00000000 ____D D:\Users\KH\AppData\Local\Adobe

2013-11-09 11:25 - 2013-11-09 11:25 - 00000000 ____D D:\Users\KH\Documents\Amazon MP3

2013-11-09 11:24 - 2013-11-09 10:48 - 00000000 ____D D:\Users\xrcd73

2013-11-09 11:24 - 2013-11-09 10:38 - 00000000 ____D D:\Users\kh_2

2013-11-09 11:23 - 2013-11-09 10:48 - 00000000 ___RD D:\Users\xrcd73\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-11-09 10:49 - 2013-11-09 10:49 - 00110072 _____ D:\Users\xrcd73\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Startmenü

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Netzwerkumgebung

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Druckumgebung

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Documents\Eigene Musik

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Documents\Eigene Bilder

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\AppData\Local\Verlauf

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 ____D D:\Users\xrcd73\AppData\Roaming\Adobe

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 ____D D:\Users\xrcd73\AppData\Local\VirtualStore

2013-11-09 10:41 - 2013-11-09 10:41 - 00000000 ____D D:\Users\kh_2\Desktop\KH

2013-11-09 10:39 - 2013-11-09 10:39 - 00110072 _____ D:\Users\kh_2\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Startmenü

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Netzwerkumgebung

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Druckumgebung

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Documents\Eigene Musik

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Documents\Eigene Bilder

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\AppData\Local\Verlauf

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 ____D D:\Users\kh_2\AppData\Roaming\Adobe

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 ____D D:\Users\kh_2\AppData\Local\VirtualStore

2013-11-08 21:47 - 2013-10-28 21:07 - 00955168 _____ (NVIDIA Corporation) D:\Windows\system32\nvspcap.dll

2013-11-08 19:00 - 2013-11-08 19:00 - 00129536 _____ D:\Users\Public\AlexaNSISPlugin.4168.dll

2013-11-04 21:40 - 2009-07-14 05:53 - 00032632 _____ D:\Windows\Tasks\SCHEDLGU.TXT

2013-10-28 21:18 - 2010-07-11 10:18 - 00000000 ____D D:\Program Files\NVIDIA Corporation

2013-10-28 21:07 - 2010-07-11 10:18 - 00000000 ____D D:\ProgramData\NVIDIA Corporation

2013-10-23 11:24 - 2013-10-28 21:13 - 22933792 _____ (NVIDIA Corporation) D:\Windows\system32\nvoglv32.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 17560352 _____ (NVIDIA Corporation) D:\Windows\system32\nvcompiler.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 10410272 _____ (NVIDIA Corporation) D:\Windows\system32\Drivers\nvlddmkm.sys

2013-10-23 11:24 - 2013-10-28 21:13 - 09524088 _____ (NVIDIA Corporation) D:\Windows\system32\nvcuda.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 09480328 _____ (NVIDIA Corporation) D:\Windows\system32\nvopencl.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 02946848 _____ (NVIDIA Corporation) D:\Windows\system32\nvcuvid.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 02747168 _____ (NVIDIA Corporation) D:\Windows\system32\nvcuvenc.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 01049888 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispco3233165.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 00893728 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispgenco3233165.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 00599840 _____ (NVIDIA Corporation) D:\Windows\system32\NvFBC.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 00560416 _____ (NVIDIA Corporation) D:\Windows\system32\NvIFR.dll

2013-10-23 11:24 - 2013-10-15 16:35 - 15855568 _____ (NVIDIA Corporation) D:\Windows\system32\nvwgf2um.dll

2013-10-23 11:24 - 2013-10-15 16:35 - 15212336 _____ (NVIDIA Corporation) D:\Windows\system32\nvd3dum.dll

2013-10-23 11:24 - 2013-09-19 20:30 - 00018174 _____ D:\Windows\system32\nvinfo.pb

2013-10-23 11:24 - 2010-07-11 10:17 - 02695200 _____ (NVIDIA Corporation) D:\Windows\system32\nvapi.dll

2013-10-23 08:19 - 2010-06-07 16:47 - 04318496 _____ (NVIDIA Corporation) D:\Windows\system32\nvcpl.dll

2013-10-23 08:19 - 2010-06-07 16:47 - 03036448 _____ (NVIDIA Corporation) D:\Windows\system32\nvsvc.dll

2013-10-23 08:19 - 2010-06-07 16:47 - 02555168 _____ (NVIDIA Corporation) D:\Windows\system32\nvsvcr.dll

2013-10-23 08:19 - 2010-06-07 16:47 - 00664352 _____ (NVIDIA Corporation) D:\Windows\system32\nvvsvc.exe

2013-10-23 08:19 - 2010-06-07 16:47 - 00209184 _____ (NVIDIA Corporation) D:\Windows\system32\nvmctray.dll

2013-10-23 08:19 - 2010-06-07 16:47 - 00062752 _____ (NVIDIA Corporation) D:\Windows\system32\nvshext.dll

2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) D:\Windows\system32\nvStreaming.exe

2013-10-21 15:50 - 2009-10-28 08:49 - 00000000 ____D D:\Windows\pss

2013-10-21 05:05 - 2013-10-21 05:05 - 00264616 _____ (Oracle Corporation) D:\Windows\system32\javaws.exe

2013-10-21 05:05 - 2013-10-21 05:05 - 00175016 _____ (Oracle Corporation) D:\Windows\system32\javaw.exe

2013-10-21 05:05 - 2013-10-21 05:05 - 00174504 _____ (Oracle Corporation) D:\Windows\system32\java.exe

2013-10-21 05:05 - 2013-10-21 05:05 - 00094632 _____ (Oracle Corporation) D:\Windows\system32\WindowsAccessBridge.dll

2013-10-21 05:05 - 2013-10-21 05:05 - 00000000 ____D D:\ProgramData\Oracle

2013-10-21 05:05 - 2013-10-21 05:05 - 00000000 ____D D:\Program Files\Java

2013-10-21 05:05 - 2013-10-21 05:05 - 00000000 ____D D:\Program Files\Common Files\Java

2013-10-16 01:41 - 2013-10-22 19:07 - 01049888 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispco3233158.dll

2013-10-16 01:41 - 2013-10-22 19:07 - 00893728 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispgenco3233158.dll

2013-10-15 16:46 - 2009-07-14 03:37 - 00000000 ____D D:\Windows\AppCompat

2013-10-15 16:23 - 2013-10-15 16:23 - 00336816 _____ D:\Windows\Minidump\101513-39171-01.dmp

2013-10-15 16:19 - 2013-10-15 16:19 - 00366872 _____ D:\Windows\Minidump\101513-48687-01.dmp
 

Files to move or delete:

====================

D:\Users\Public\AlexaNSISPlugin.4168.dll
 
 

Some content of TEMP:

====================

D:\Users\KH\AppData\Local\Temp\avgnt.exe
 
 

==================== Bamital & volsnap Check =================
 

D:\Windows\explorer.exe => MD5 is legit

D:\Windows\System32\winlogon.exe => MD5 is legit

D:\Windows\System32\wininit.exe => MD5 is legit

D:\Windows\System32\svchost.exe => MD5 is legit

D:\Windows\System32\services.exe => MD5 is legit

D:\Windows\System32\User32.dll => MD5 is legit

D:\Windows\System32\userinit.exe => MD5 is legit

D:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2013-11-10 17:36
 

==================== End Of Log ============================

--- --- ---

xrcd73

14.11.2013 22:53

Hallo.Hier noch ein kompletter Suchlauf mit Malware und dir Logs von Malware und FRST.MfG C.Hoffmann

Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.11.14.07

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.16428
KH :: KH-PC [Administrator]

Schutz: Aktiviert

14.11.2013 21:21:06
mbam-log-2013-11-14 (21-21-06).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 457739
Laufzeit: 1 Stunde(n), 14 Minute(n), 22 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
D:\Qoobox\Quarantine\D\Users\KH\AppData\Roaming\okitspace\protect\PluginProtect.exe.vir (Trojan.BrowserProtect) -> Erfolgreich gelöscht und in Quarantäne gestellt.
D:\MFT 21750\4282_Video-Banner_03[1].jpg (Extension.Mismatch) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
2013/11/14 21:08:53 +0100 KH-PC KH MESSAGE Starting database refresh
2013/11/14 21:08:53 +0100 KH-PC KH MESSAGE Stopping IP protection
2013/11/14 21:08:53 +0100 KH-PC KH MESSAGE IP Protection stopped successfully
2013/11/14 21:09:12 +0100 KH-PC KH MESSAGE Database refreshed successfully
2013/11/14 21:09:12 +0100 KH-PC KH MESSAGE Starting IP protection
2013/11/14 21:09:15 +0100 KH-PC KH MESSAGE IP Protection started successfully
2013/11/14 21:12:14 +0100 KH-PC KH MESSAGE Stopping protection
2013/11/14 21:12:14 +0100 KH-PC KH MESSAGE Protection stopped successfully
2013/11/14 21:12:17 +0100 KH-PC KH MESSAGE Stopping IP protection
2013/11/14 21:12:17 +0100 KH-PC KH MESSAGE IP Protection stopped successfully
2013/11/14 21:17:03 +0100 KH-PC KH MESSAGE Starting protection
2013/11/14 21:17:03 +0100 KH-PC KH MESSAGE Protection started successfully
2013/11/14 21:17:04 +0100 KH-PC KH MESSAGE Starting IP protection
2013/11/14 21:17:07 +0100 KH-PC KH MESSAGE IP Protection started successfully
2013/11/14 22:42:07 +0100 KH-PC (null) MESSAGE Starting protection
2013/11/14 22:42:08 +0100 KH-PC (null) MESSAGE Protection started successfully
2013/11/14 22:42:08 +0100 KH-PC (null) MESSAGE Starting IP protection
2013/11/14 22:42:17 +0100 KH-PC KH MESSAGE IP Protection started successfully
FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-11-2013

Ran by KH (administrator) on KH-PC on 14-11-2013 22:44:46

Running from D:\Users\KH\Desktop

Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard

Internet Explorer Version 11

Boot Mode: Normal
 

==================== Processes (Whitelisted) ===================
 

(NVIDIA Corporation) D:\Windows\system32\nvvsvc.exe

(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) D:\Windows\system32\nvvsvc.exe

(Avira Operations GmbH & Co. KG) D:\Program Files\Avira\AntiVir Desktop\sched.exe

(Systweak Software, (www.systweak.com)) D:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe

(Malwarebytes Corporation) D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

(TuneUp Software) D:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe

(Microsoft Corp.) D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Intel Corporation) D:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

(Microsoft Corp.) D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Malwarebytes Corporation) D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

(TuneUp Software) D:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe

(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Avira Operations GmbH & Co. KG) D:\Program Files\Avira\AntiVir Desktop\avguard.exe

(LG Electronics) D:\Program Files\LG Software\On Screen Display\HotKey.exe

(Intel Corporation) D:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

(Realtek Semiconductor) D:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

(shbox.de) D:\Program Files\FreePDF_XP\fpassist.exe

(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

(Avira Operations GmbH & Co. KG) D:\Program Files\Avira\AntiVir Desktop\avgnt.exe

() D:\Users\KH\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe

(Avira Operations GmbH & Co. KG) D:\Program Files\Avira\AntiVir Desktop\avshadow.exe
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [KeybdUtility] - D:\Program Files\LG Software\On Screen Display\HotKey.exe [2655800 2007-04-10] (LG Electronics)

HKLM\...\Run: [IAAnotif] - D:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904 2009-06-04] (Intel Corporation)

HKLM\...\Run: [IaNvSrv] - D:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe [33304 2009-07-13] (Intel Corporation)

HKLM\...\Run: [RtHDVCpl] - D:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7772704 2009-10-06] (Realtek Semiconductor)

HKLM\...\Run: [FreePDF Assistant] - D:\Program Files\FreePDF_XP\fpassist.exe [385024 2009-09-05] (shbox.de)

HKLM\...\Run: [Nvtmru] - D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-11-08] (NVIDIA Corporation)

HKLM\...\Run: [ShadowPlay] - D:\Windows\system32\rundll32.exe D:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [mobilegeni daemon] - D:\Program Files\Mobogenie\DaemonProcess.exe [735936 2013-10-08] ()

HKLM\...\Run: [avgnt] - D:\Program Files\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-14] (Avira Operations GmbH & Co. KG)

HKCU\...\Run: [AmazonMP3DownloaderHelper] - D:\Users\KH\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()

HKCU\...\Policies\Explorer: [NoCDBurning] 0

BootExecute: 
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5386F3198455CA01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

URLSearchHook: HKLM - (No Name) - {5786d022-540e-4699-b350-b4be0ae94b79} -  No File

SearchScopes: HKLM - DefaultScope value is missing.

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  No File

DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

Chrome: 

=======

Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION

CHR Extension: (CoolPic) - D:\Users\KH\AppData\Local\Google\Chrome\User Data\Default\Extensions\blcefchbfgmakifmejncnbognjoadloc\2.0.0.429_0

CHR HKLM\...\Chrome\Extension: [iidmoehhpbghchkaogkhmcckhlhebekn] - D:\Program Files\iRobinHood\iRobinHood Addon\iRobinHoodPartnersVExtension1_58.crx
 

========================== Services (Whitelisted) =================
 

S2 AntiVirMailService; D:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [972872 2013-11-10] (Avira Operations GmbH & Co. KG)

R2 AntiVirSchedulerService; D:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-11-14] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; D:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-14] (Avira Operations GmbH & Co. KG)

S2 AntiVirWebService; D:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1164360 2013-11-10] (Avira Operations GmbH & Co. KG)

R2 ASO3DiskOptimizer; D:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe [241448 2013-09-18] (Systweak Software, (www.systweak.com))

R2 MBAMScheduler; D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

S2 NAUpdate; D:\Program Files\Nero\Update\NASvc.exe [762192 2013-07-18] (Nero AG)

R2 NvStreamSvc; D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14652704 2013-11-08] (NVIDIA Corporation)

R2 TuneUp.UtilitiesSvc; D:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1739576 2013-10-12] (TuneUp Software)
 

==================== Drivers (Whitelisted) ====================
 

S3 61883; D:\Windows\System32\DRIVERS\61883.sys [46976 2009-07-14] (Microsoft Corporation)

R2 avgntflt; D:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-11-14] (Avira Operations GmbH & Co. KG)

R1 avipbb; D:\Windows\System32\DRIVERS\avipbb.sys [137208 2013-11-14] (Avira Operations GmbH & Co. KG)

R1 avkmgr; D:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-10] (Avira Operations GmbH & Co. KG)

R2 avnetflt; D:\Windows\System32\DRIVERS\avnetflt.sys [67680 2013-11-10] (Avira Operations GmbH & Co. KG)

R3 btmhsf; D:\Windows\System32\DRIVERS\btmhsf.sys [225280 2011-07-19] (Intel Corporation)

R3 iBtFltCoex; D:\Windows\System32\DRIVERS\iBtFltCoex.sys [47104 2011-07-20] (Intel Corporation)

R3 MBAMProtector; D:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)

S3 NuidFltr; D:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)

R3 nvvad_WaveExtensible; D:\Windows\System32\drivers\nvvad32v.sys [33568 2013-09-28] (NVIDIA Corporation)

R1 ssmdrv; D:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-11-10] (Avira GmbH)

R3 TuneUpUtilitiesDrv; D:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [12320 2013-09-18] (TuneUp Software)

U5 AppMgmt; D:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)

S3 catchme; \??\D:\Users\KH\AppData\Local\Temp\catchme.sys [x]

S3 efipsk; \??\D:\Users\KH\AppData\Local\Temp\efipsk.sys [x]

S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [x]

U5 VWiFiFlt; D:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-11-14 22:44 - 2013-11-14 22:45 - 00009123 _____ D:\Users\KH\Desktop\FRST.txt

2013-11-14 21:15 - 2013-11-14 21:16 - 00000000 ___SD D:\ComboFix

2013-11-14 18:37 - 2013-11-14 18:37 - 01090529 _____ (Farbar) D:\Users\KH\Desktop\FRST.exe

2013-11-14 18:29 - 2013-11-14 18:29 - 00000000 ____D D:\Users\KH\AppData\Roaming\Systweak

2013-11-14 18:22 - 2013-11-14 18:22 - 00001409 _____ D:\Users\KH\Desktop\JRT.txt

2013-11-14 18:19 - 2013-11-14 18:19 - 00000000 ____D D:\Windows\ERUNT

2013-11-14 18:17 - 2013-11-14 18:17 - 01034531 _____ (Thisisu) D:\Users\KH\Desktop\JRT.exe

2013-11-14 18:13 - 2013-11-14 18:13 - 00040262 _____ D:\Users\KH\Desktop\Quarantine.txt

2013-11-14 18:12 - 2013-11-14 18:12 - 00015665 _____ D:\Users\KH\Desktop\AdwCleaner[R0].txt

2013-11-14 18:12 - 2013-11-14 18:12 - 00015441 _____ D:\Users\KH\Desktop\AdwCleaner[S0].txt

2013-11-14 18:00 - 2013-11-14 18:03 - 00000000 ____D D:\AdwCleaner

2013-11-14 17:58 - 2013-11-14 17:58 - 01085542 _____ D:\Users\KH\Desktop\adwcleaner.exe

2013-11-14 17:23 - 2013-11-14 17:23 - 00001077 _____ D:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-11-14 17:23 - 2013-11-14 17:23 - 00000000 ____D D:\Users\KH\AppData\Roaming\Malwarebytes

2013-11-14 17:23 - 2013-11-14 17:23 - 00000000 ____D D:\ProgramData\Malwarebytes

2013-11-14 17:23 - 2013-11-14 17:23 - 00000000 ____D D:\Program Files\Malwarebytes' Anti-Malware

2013-11-14 17:23 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) D:\Windows\system32\Drivers\mbam.sys

2013-11-14 17:20 - 2013-11-14 17:20 - 10285040 _____ (Malwarebytes Corporation                                    ) D:\Users\KH\Desktop\mbam-setup-1.75.0.1300.exe

2013-11-14 16:42 - 2013-11-14 16:42 - 17669000 _____ (Adobe Systems Incorporated) D:\Users\KH\Downloads\flashplayer_11_ax_debug.exe

2013-11-13 17:13 - 2013-11-13 17:13 - 00023722 _____ D:\Users\KH\Desktop\ComboFix.txt

2013-11-13 17:12 - 2013-11-13 17:12 - 00003279 _____ D:\Users\KH\Desktop\ComboFix-quarantined-files.txt

2013-11-13 17:06 - 2013-11-13 17:06 - 00023722 _____ D:\ComboFix.txt

2013-11-13 16:47 - 2013-11-14 21:15 - 00000000 ____D D:\Qoobox

2013-11-13 16:47 - 2013-11-13 17:05 - 00000000 ____D D:\Windows\erdnt

2013-11-13 16:47 - 2011-06-26 07:45 - 00256000 _____ D:\Windows\PEV.exe

2013-11-13 16:47 - 2010-11-07 18:20 - 00208896 _____ D:\Windows\MBR.exe

2013-11-13 16:47 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) D:\Windows\NIRCMD.exe

2013-11-13 16:47 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) D:\Windows\SWREG.exe

2013-11-13 16:47 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) D:\Windows\SWSC.exe

2013-11-13 16:47 - 2000-08-31 01:00 - 00098816 _____ D:\Windows\sed.exe

2013-11-13 16:47 - 2000-08-31 01:00 - 00080412 _____ D:\Windows\grep.exe

2013-11-13 16:47 - 2000-08-31 01:00 - 00068096 _____ D:\Windows\zip.exe

2013-11-13 16:33 - 2013-11-13 16:33 - 05147957 ____R (Swearware) D:\Users\KH\Desktop\ComboFix.exe

2013-11-13 02:57 - 2013-10-02 01:42 - 00049152 _____ (Microsoft Corporation) D:\Windows\system32\Drivers\TsUsbFlt.sys

2013-11-13 02:57 - 2013-10-02 01:32 - 00012800 _____ (Microsoft Corporation) D:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe

2013-11-13 02:57 - 2013-10-02 01:30 - 00014336 _____ (Microsoft Corporation) D:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll

2013-11-13 02:57 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) D:\Windows\system32\MsRdpWebAccess.dll

2013-11-13 02:57 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) D:\Windows\system32\wksprtPS.dll

2013-11-13 02:57 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) D:\Windows\system32\tsgqec.dll

2013-11-13 02:57 - 2013-10-02 00:45 - 00032256 _____ (Microsoft Corporation) D:\Windows\system32\TsUsbGDCoInstaller.dll

2013-11-13 02:57 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) D:\Windows\system32\rdvidcrl.dll

2013-11-13 02:57 - 2013-10-02 00:00 - 00076288 _____ (Microsoft Corporation) D:\Windows\system32\TSWbPrxy.exe

2013-11-13 02:57 - 2013-10-01 23:53 - 00350208 _____ (Microsoft Corporation) D:\Windows\system32\wksprt.exe

2013-11-13 02:57 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) D:\Windows\system32\mstsc.exe

2013-11-13 02:57 - 2013-10-01 21:55 - 05698048 _____ (Microsoft Corporation) D:\Windows\system32\mstscax.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 02166272 _____ (Microsoft Corporation) D:\Windows\system32\iertutil.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 01926656 _____ (Microsoft Corporation) D:\Windows\system32\inetcpl.cpl

2013-11-13 02:50 - 2013-11-13 02:50 - 01818112 _____ (Microsoft Corporation) D:\Windows\system32\wininet.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 01156608 _____ (Microsoft Corporation) D:\Windows\system32\urlmon.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 01051136 _____ (Microsoft Corporation) D:\Windows\system32\mshtmlmedia.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00703488 _____ (Microsoft Corporation) D:\Windows\system32\ieapfltr.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00646144 _____ (Microsoft Corporation) D:\Windows\system32\MsSpellCheckingFacility.exe

2013-11-13 02:50 - 2013-11-13 02:50 - 00645120 _____ (Microsoft Corporation) D:\Windows\system32\jsIntl.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00616104 _____ (Microsoft Corporation) D:\Windows\system32\ieapfltr.dat

2013-11-13 02:50 - 2013-11-13 02:50 - 00523776 _____ (Microsoft Corporation) D:\Windows\system32\msfeeds.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00367104 _____ (Microsoft Corporation) D:\Windows\system32\dxtmsft.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00337408 _____ (Microsoft Corporation) D:\Windows\system32\html.iec

2013-11-13 02:50 - 2013-11-13 02:50 - 00244736 _____ (Microsoft Corporation) D:\Windows\system32\dxtrans.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00238288 _____ (Microsoft Corporation) D:\Windows\system32\iedkcs32.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00233472 _____ (Microsoft Corporation) D:\Windows\system32\url.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00208896 _____ (Microsoft Corporation) D:\Windows\system32\ie4uinit.exe

2013-11-13 02:50 - 2013-11-13 02:50 - 00208384 _____ (Microsoft Corporation) D:\Windows\system32\webcheck.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00194048 _____ (Microsoft Corporation) D:\Windows\system32\elshyph.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00182272 _____ (Microsoft Corporation) D:\Windows\system32\msls31.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00164864 _____ (Microsoft Corporation) D:\Windows\system32\msrating.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00151552 _____ (Microsoft Corporation) D:\Windows\system32\iexpress.exe

2013-11-13 02:50 - 2013-11-13 02:50 - 00139264 _____ (Microsoft Corporation) D:\Windows\system32\wextract.exe

2013-11-13 02:50 - 2013-11-13 02:50 - 00083456 _____ (Microsoft Corporation) D:\Windows\system32\inseng.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00071680 _____ (Microsoft Corporation) D:\Windows\system32\RegisterIEPKEYs.exe

2013-11-13 02:50 - 2013-11-13 02:50 - 00069632 _____ (Microsoft Corporation) D:\Windows\system32\mshtmled.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00069120 _____ (Microsoft Corporation) D:\Windows\system32\icardie.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00062464 _____ (Microsoft Corporation) D:\Windows\system32\tdc.ocx

2013-11-13 02:50 - 2013-11-13 02:50 - 00061952 _____ (Microsoft Corporation) D:\Windows\system32\iesetup.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00043008 _____ (Microsoft Corporation) D:\Windows\system32\jsproxy.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00034816 _____ (Microsoft Corporation) D:\Windows\system32\JavaScriptCollectionAgent.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00032768 _____ (Microsoft Corporation) D:\Windows\system32\iernonce.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00024576 _____ (Microsoft Corporation) D:\Windows\system32\licmgr10.dll

2013-11-13 02:49 - 2013-11-13 02:53 - 00009945 _____ D:\Windows\IE11_main.log

2013-11-13 02:49 - 2013-11-13 02:49 - 17142784 _____ (Microsoft Corporation) D:\Windows\system32\mshtml.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 11220992 _____ (Microsoft Corporation) D:\Windows\system32\ieframe.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 04240384 _____ (Microsoft Corporation) D:\Windows\system32\jscript9.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 02724864 _____ (Microsoft Corporation) D:\Windows\system32\mshtml.tlb

2013-11-13 02:49 - 2013-11-13 02:49 - 00610304 _____ (Microsoft Corporation) D:\Windows\system32\jscript.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00553472 _____ (Microsoft Corporation) D:\Windows\system32\jscript9diag.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00454656 _____ (Microsoft Corporation) D:\Windows\system32\vbscript.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00440832 _____ (Microsoft Corporation) D:\Windows\system32\ieui.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00127488 _____ (Microsoft Corporation) D:\Windows\system32\occache.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00116736 _____ (Microsoft Corporation) D:\Windows\system32\iepeers.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00112128 _____ (Microsoft Corporation) D:\Windows\system32\ieUnatt.exe

2013-11-13 02:49 - 2013-11-13 02:49 - 00111616 _____ (Microsoft Corporation) D:\Windows\system32\IEAdvpack.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00108032 _____ (Microsoft Corporation) D:\Windows\system32\ieetwcollector.exe

2013-11-13 02:49 - 2013-11-13 02:49 - 00086016 _____ (Microsoft Corporation) D:\Windows\system32\iesysprep.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00074240 _____ (Microsoft Corporation) D:\Windows\system32\SetIEInstalledDate.exe

2013-11-13 02:49 - 2013-11-13 02:49 - 00061952 _____ (Microsoft Corporation) D:\Windows\system32\MshtmlDac.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00056832 _____ (Microsoft Corporation) D:\Windows\system32\pngfilt.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00051200 _____ (Microsoft Corporation) D:\Windows\system32\ieetwproxystub.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00048640 _____ (Microsoft Corporation) D:\Windows\system32\mshtmler.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00043008 _____ (Microsoft Corporation) D:\Windows\system32\msfeedsbs.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00036352 _____ (Microsoft Corporation) D:\Windows\system32\imgutil.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00013312 _____ (Microsoft Corporation) D:\Windows\system32\mshta.exe

2013-11-13 02:49 - 2013-11-13 02:49 - 00012800 _____ (Microsoft Corporation) D:\Windows\system32\msfeedssync.exe

2013-11-13 02:49 - 2013-11-13 02:49 - 00004096 _____ (Microsoft Corporation) D:\Windows\system32\ieetwcollectorres.dll

2013-11-13 02:45 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) D:\Windows\system32\SmartcardCredentialProvider.dll

2013-11-13 02:45 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) D:\Windows\system32\authui.dll

2013-11-13 02:45 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) D:\Windows\system32\credui.dll

2013-11-13 02:45 - 2013-09-25 03:01 - 00136640 _____ (Microsoft Corporation) D:\Windows\system32\Drivers\ksecpkg.sys

2013-11-13 02:45 - 2013-09-25 03:01 - 00067520 _____ (Microsoft Corporation) D:\Windows\system32\Drivers\ksecdd.sys

2013-11-13 02:45 - 2013-09-25 02:57 - 00792576 _____ (Microsoft Corporation) D:\Windows\system32\TSWorkspace.dll

2013-11-13 02:45 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) D:\Windows\system32\schannel.dll

2013-11-13 02:45 - 2013-09-25 02:57 - 00099840 _____ (Microsoft Corporation) D:\Windows\system32\sspicli.dll

2013-11-13 02:45 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) D:\Windows\system32\secur32.dll

2013-11-13 02:45 - 2013-09-25 02:56 - 01038848 _____ (Microsoft Corporation) D:\Windows\system32\lsasrv.dll

2013-11-13 02:45 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) D:\Windows\system32\ncrypt.dll

2013-11-13 02:45 - 2013-09-25 01:49 - 00022016 _____ (Microsoft Corporation) D:\Windows\system32\lsass.exe

2013-11-13 02:45 - 2013-09-25 01:49 - 00015872 _____ (Microsoft Corporation) D:\Windows\system32\sspisrv.dll

2013-11-13 02:45 - 2013-07-04 13:16 - 00369848 _____ (Microsoft Corporation) D:\Windows\system32\Drivers\cng.sys

2013-11-13 02:44 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) D:\Windows\system32\nshwfp.dll

2013-11-13 02:44 - 2013-10-12 03:01 - 00679424 _____ (Microsoft Corporation) D:\Windows\system32\IKEEXT.DLL

2013-11-13 02:44 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) D:\Windows\system32\FWPUCLNT.DLL

2013-11-13 02:44 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) D:\Windows\system32\crypt32.dll

2013-11-13 02:44 - 2013-10-03 02:58 - 00305152 _____ (Microsoft Corporation) D:\Windows\system32\gdi32.dll

2013-11-12 19:39 - 2013-11-12 19:39 - 00004091 _____ D:\Users\KH\Desktop\Gmer.txt

2013-11-12 19:12 - 2013-11-12 19:12 - 00158888 _____ D:\Windows\Minidump\111213-45879-01.dmp

2013-11-12 19:03 - 2013-11-12 19:03 - 00197992 _____ D:\Windows\Minidump\111213-48765-01.dmp

2013-11-12 18:11 - 2013-11-12 18:11 - 00377856 _____ D:\Users\KH\Desktop\gmer_2.1.19163.exe

2013-11-12 18:01 - 2013-11-12 18:01 - 00000000 ____D D:\FRST

2013-11-12 17:54 - 2013-11-12 17:57 - 00000466 _____ D:\Users\KH\Desktop\defogger_disable.log

2013-11-12 17:54 - 2013-11-12 17:54 - 00000000 _____ D:\Users\KH\defogger_reenable

2013-11-12 17:53 - 2013-11-12 17:53 - 00050477 _____ D:\Users\KH\Desktop\Defogger.exe

2013-11-12 17:48 - 2013-11-12 17:48 - 00000000 ____D D:\Users\KH\Documents\My Received Files

2013-11-12 17:48 - 2013-11-12 17:48 - 00000000 ____D D:\Users\KH\AppData\Roaming\MusicNet

2013-11-12 16:38 - 2013-11-12 16:38 - 00000000 ____D D:\Users\KH\AppData\Local\NVIDIA Corporation

2013-11-10 19:16 - 2013-11-10 19:16 - 00000000 ____D D:\Users\KH\AppData\Roaming\Avira

2013-11-10 19:15 - 2013-11-14 11:20 - 00137208 _____ (Avira Operations GmbH & Co. KG) D:\Windows\system32\Drivers\avipbb.sys

2013-11-10 19:15 - 2013-11-14 11:20 - 00090400 _____ (Avira Operations GmbH & Co. KG) D:\Windows\system32\Drivers\avgntflt.sys

2013-11-10 19:15 - 2013-11-10 19:15 - 00002022 _____ D:\Users\Public\Desktop\Avira Control Center.lnk

2013-11-10 19:15 - 2013-11-10 19:15 - 00000000 ____D D:\Program Files\Avira

2013-11-10 19:15 - 2013-11-10 19:09 - 00067680 _____ (Avira Operations GmbH & Co. KG) D:\Windows\system32\Drivers\avnetflt.sys

2013-11-10 19:15 - 2013-11-10 19:09 - 00037352 _____ (Avira Operations GmbH & Co. KG) D:\Windows\system32\Drivers\avkmgr.sys

2013-11-10 19:15 - 2013-11-10 19:09 - 00028520 _____ (Avira GmbH) D:\Windows\system32\Drivers\ssmdrv.sys

2013-11-10 19:06 - 2013-11-10 19:06 - 02296760 _____ D:\Users\KH\Desktop\avira_internet_security_suite.exe

2013-11-10 12:53 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 13120

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\Program Files\LucasArts

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 69534

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 69500

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 69268

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 66797

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 44421

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 43696

2013-11-10 12:50 - 2013-11-10 12:50 - 00000000 ____D D:\MFT 69327

2013-11-10 12:50 - 2013-11-10 12:50 - 00000000 ____D D:\MFT 43589

2013-11-10 12:49 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 69599

2013-11-10 12:49 - 2013-11-10 12:49 - 00000000 ____D D:\MFT 69537

2013-11-10 12:47 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84970

2013-11-10 12:47 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84925

2013-11-10 12:47 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84808

2013-11-10 12:47 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84152

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 99805

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 95531

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 95075

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 37463

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 2218

2013-11-10 12:44 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84847

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 99176

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 86563

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 84869

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 84110

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 48829

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 46649

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 44695

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 44585

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 44296

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 43434

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 37293

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 29708

2013-11-10 12:42 - 2013-11-10 12:42 - 00000000 ____D D:\MFT 69430

2013-11-10 12:39 - 2013-11-10 12:39 - 00000000 ____D D:\MFT 89457

2013-11-10 12:01 - 2013-11-10 12:01 - 00000000 ____D D:\Users\KH\AppData\Local\Avg2014

2013-11-10 10:57 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 85569

2013-11-10 10:57 - 2013-11-10 10:57 - 00000000 ____D D:\MFT 67386

2013-11-10 10:56 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 85251

2013-11-10 10:56 - 2013-11-10 10:56 - 00000000 ____D D:\MFT 37475

2013-11-10 10:55 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 85443

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 69652

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 69649

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 68594

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 67382

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 66129

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 619

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 47937

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 47931

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 47927

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 21752

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 18213

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 16634

2013-11-10 10:53 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 50434

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 9626

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 69244

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 69059

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 69052

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 68604

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 48730

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 48085

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 43046

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 140

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 10193

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69647

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69626

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69401

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69235

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69064

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69050

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69048

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69041

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 68597

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 68580

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 67403

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 67401

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 67399

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66478

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66472

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66457

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66135

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 28750

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 17744

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 15327

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 15276

2013-11-10 10:43 - 2013-11-10 12:50 - 00000000 ____D D:\MFT 69603

2013-11-10 10:43 - 2013-11-10 12:49 - 00000000 ____D D:\MFT 69491

2013-11-10 10:43 - 2013-11-10 12:49 - 00000000 ____D D:\MFT 69345

2013-11-10 10:43 - 2013-11-10 10:43 - 00000000 ____D D:\MFT 99757

2013-11-10 10:43 - 2013-11-10 10:43 - 00000000 ____D D:\MFT 99544

2013-11-10 10:28 - 2013-11-10 10:28 - 00000000 ____D D:\MFT 17617

2013-11-10 10:28 - 2013-11-10 10:28 - 00000000 ____D D:\MFT 15395

2013-11-10 10:18 - 2013-11-10 10:18 - 00000000 ____D D:\MFT 98455

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 77143

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 64491

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 63646

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 46360

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 45729

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 45723

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 2658

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 16514

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 99960

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 98476

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 6992

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 43812

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 261

2013-11-10 10:03 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 25091

2013-11-10 10:03 - 2013-11-10 12:48 - 00000000 ____D D:\MFT 40319

2013-11-10 10:03 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66778

2013-11-10 10:03 - 2013-11-10 10:03 - 00000000 ____D D:\MFT 71952

2013-11-10 10:03 - 2013-11-10 10:03 - 00000000 ____D D:\MFT 37473

2013-11-10 09:59 - 2013-11-14 22:36 - 00000000 ____D D:\MFT 21750

2013-11-10 09:59 - 2013-11-10 20:31 - 00000000 ____D D:\MFT 63654

2013-11-10 09:59 - 2013-11-10 12:54 - 00000000 ____D D:\MFT 66742

2013-11-10 09:59 - 2013-11-10 12:54 - 00000000 ____D D:\MFT 29672

2013-11-10 09:59 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 84023

2013-11-10 09:59 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 83015

2013-11-10 09:59 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 69451

2013-11-10 09:59 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 69419

2013-11-10 09:59 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 63545

2013-11-10 09:59 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 35760

2013-11-10 09:59 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 65588

2013-11-10 09:59 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 47206

2013-11-10 09:59 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 41339

2013-11-10 09:59 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 27310

2013-11-10 09:59 - 2013-11-10 12:50 - 00000000 ____D D:\MFT 63505

2013-11-10 09:59 - 2013-11-10 12:50 - 00000000 ____D D:\MFT 60957

2013-11-10 09:59 - 2013-11-10 12:48 - 00000000 ____D D:\MFT 49115

2013-11-10 09:59 - 2013-11-10 12:48 - 00000000 ____D D:\MFT 48863

2013-11-10 09:59 - 2013-11-10 12:48 - 00000000 ____D D:\MFT 48501

2013-11-10 09:59 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 82784

2013-11-10 09:59 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 85663

2013-11-10 09:59 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 84838

2013-11-10 09:59 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 83029

2013-11-10 09:59 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 5659

2013-11-10 09:59 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 2519

2013-11-10 09:59 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 86951

2013-11-10 09:59 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 86507

2013-11-10 09:59 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 85679

2013-11-10 09:59 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 85448

2013-11-10 09:59 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 85011

2013-11-10 09:59 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 84088

2013-11-10 09:59 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 5821

2013-11-10 09:59 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 16537

2013-11-10 09:59 - 2013-11-10 12:43 - 00000000 ____D D:\MFT 48806

2013-11-10 09:59 - 2013-11-10 12:43 - 00000000 ____D D:\MFT 39942

2013-11-10 09:59 - 2013-11-10 12:43 - 00000000 ____D D:\MFT 29270

2013-11-10 09:59 - 2013-11-10 10:55 - 00000000 ____D D:\MFT 84701

2013-11-10 09:59 - 2013-11-10 10:55 - 00000000 ____D D:\MFT 49432

2013-11-10 09:59 - 2013-11-10 10:55 - 00000000 ____D D:\MFT 48844

2013-11-10 09:59 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 84233

2013-11-10 09:59 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 71072

2013-11-10 09:59 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 66932

2013-11-10 09:59 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 72750

2013-11-10 09:59 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 72099

2013-11-10 09:59 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 71615

2013-11-10 09:59 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 65795

2013-11-10 09:59 - 2013-11-10 10:33 - 00000000 ____D D:\MFT 99781

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\Users\kh_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\NVIDIA

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 96635

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 87506

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 86926

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 86337

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85766

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85024

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84860

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84812

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84207

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 83366

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 83365

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 82568

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 82545

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 77570

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 77564

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 72209

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 72006

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 60821

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 5768

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 57550

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 52432

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 49035

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 48736

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 34301

2013-11-10 09:57 - 2013-11-10 13:23 - 00000000 ____D D:\MFT 94973

2013-11-10 09:57 - 2013-11-10 12:54 - 00000000 ____D D:\MFT 96010

2013-11-10 09:57 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 69421

2013-11-10 09:57 - 2013-11-10 12:50 - 00000000 ____D D:\MFT 65480

2013-11-10 09:57 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 95553

2013-11-10 09:57 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 95544

2013-11-10 09:57 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84255

2013-11-10 09:57 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 63300

2013-11-10 09:57 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 96060

2013-11-10 09:57 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 95996

2013-11-10 09:57 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 96050

2013-11-10 09:57 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 95557

2013-11-10 09:57 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 95555

2013-11-10 09:57 - 2013-11-10 12:42 - 00000000 ____D D:\MFT 69541

2013-11-10 09:57 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 68592

2013-11-10 09:57 - 2013-11-10 10:03 - 00000000 ____D D:\MFT 33137

2013-11-10 09:57 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85729

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 99424

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 98750

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 96479

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 75295

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69628

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69409

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69403

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69061

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 68602

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 67694

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 66492

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 66482

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 48696

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 48312

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 48307

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 48051

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 41994

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 37486

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 37470

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 25723

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 17498

2013-11-10 09:43 - 2013-11-10 10:43 - 00000000 ____D D:\MFT 44093

2013-11-10 08:20 - 2013-11-10 08:20 - 00002165 _____ D:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk

2013-11-10 08:20 - 2013-11-10 08:20 - 00002145 _____ D:\Users\Public\Desktop\TuneUp Utilities 2014.lnk

2013-11-10 08:20 - 2013-11-10 08:20 - 00000000 ____D D:\Users\KH\AppData\Roaming\TuneUp Software

2013-11-10 08:20 - 2013-11-10 08:20 - 00000000 ____D D:\Program Files\TuneUp Utilities 2014

2013-11-10 08:20 - 2013-10-12 02:28 - 00036664 _____ (TuneUp Software) D:\Windows\system32\TURegOpt.exe

2013-11-10 08:20 - 2013-10-12 02:28 - 00025400 _____ (TuneUp Software) D:\Windows\system32\authuitu.dll

2013-11-10 08:19 - 2013-11-10 08:26 - 00000000 __SHD D:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}

2013-11-10 08:18 - 2013-11-10 08:19 - 32522152 _____ (TuneUp Software) D:\Users\KH\Desktop\TuneUpUtilities2014_de-DE.exe

2013-11-10 07:58 - 2013-11-10 07:58 - 00110072 _____ D:\Users\kh-pc\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-10 07:56 - 2013-11-10 07:58 - 00000000 ____D D:\Users\kh-pc

2013-11-10 07:56 - 2013-11-10 07:56 - 00001431 _____ D:\Users\kh-pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2013-11-10 07:56 - 2013-11-10 07:56 - 00000020 ___SH D:\Users\kh-pc\ntuser.ini

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Startmenü

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Netzwerkumgebung

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Druckumgebung

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Documents\Eigene Musik

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Documents\Eigene Bilder

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\AppData\Local\Verlauf

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 ____D D:\Users\kh-pc\AppData\Roaming\Adobe

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 ____D D:\Users\kh-pc\AppData\Local\VirtualStore

2013-11-10 07:56 - 2013-07-04 21:02 - 00000000 ____D D:\Users\kh-pc\AppData\Roaming\Macromedia

2013-11-10 07:56 - 2009-10-26 14:45 - 00000000 ____D D:\Users\kh-pc\AppData\Local\Microsoft Help

2013-11-10 07:56 - 2009-07-14 05:42 - 00000000 ___RD D:\Users\kh-pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-11-10 07:56 - 2009-07-14 05:37 - 00000000 ___RD D:\Users\kh-pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-11-10 07:48 - 2013-11-10 11:00 - 00000428 _____ D:\Windows\Tasks\ASOService.job

2013-11-10 07:48 - 2013-11-10 07:48 - 00002256 _____ D:\Users\Public\Desktop\Intelligente PC-Wartung.lnk

2013-11-10 07:48 - 2013-11-10 07:48 - 00002204 _____ D:\Users\Public\Desktop\Advanced System Optimizer.lnk

2013-11-10 07:47 - 2013-11-10 07:53 - 00000000 ____D D:\Program Files\Advanced System Optimizer 3

2013-11-09 22:20 - 2013-11-12 17:00 - 00001202 _____ D:\Users\KH\Desktop\Renee Undeleter.lnk

2013-11-09 17:50 - 2013-11-09 17:55 - 00002216 _____ D:\Windows\system32\ASOROSet.bin

2013-11-09 15:33 - 2013-11-09 20:03 - 00271360 _____ D:\Users\KH\Documents\archive.pst

2013-11-09 14:32 - 2013-11-10 10:23 - 00271360 _____ D:\Users\KH\Documents\Outlook.pst

2013-11-09 13:57 - 2013-11-09 13:57 - 00110072 _____ D:\Users\kh_2.KH-PC.000\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 13:54 - 2013-11-09 14:06 - 00000000 ___RD D:\Users\kh_2.KH-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-11-09 13:54 - 2013-11-09 14:06 - 00000000 ____D D:\Users\kh_2.KH-PC.000

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Startmenü

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Netzwerkumgebung

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Druckumgebung

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Documents\Eigene Musik

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Documents\Eigene Bilder

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\AppData\Local\Verlauf

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 ____D D:\Users\kh_2.KH-PC.000\AppData\Roaming\Adobe

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 ____D D:\Users\kh_2.KH-PC.000\AppData\Local\VirtualStore

2013-11-09 13:54 - 2013-07-04 21:02 - 00000000 ____D D:\Users\kh_2.KH-PC.000\AppData\Roaming\Macromedia

2013-11-09 13:54 - 2011-11-12 16:45 - 00000000 ____D D:\Users\kh_2.KH-PC.000\AppData\Local\AskToolbar

2013-11-09 13:54 - 2009-10-26 14:45 - 00000000 ____D D:\Users\kh_2.KH-PC.000\AppData\Local\Microsoft Help

2013-11-09 13:42 - 2013-11-09 13:42 - 00000000 ____D D:\Users\KH\Tracing

2013-11-09 13:36 - 2013-11-09 13:36 - 00000000 ____D D:\Users\KH\Desktop\kh_2

2013-11-09 12:46 - 2013-11-09 14:05 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Local\Nero

2013-11-09 12:46 - 2013-11-09 12:46 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Roaming\Nero

2013-11-09 12:46 - 2013-11-09 12:46 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Local\Nero_AG

2013-11-09 12:43 - 2013-11-09 12:43 - 00110072 _____ D:\Users\kh_2.KH-PC\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 12:39 - 2013-11-09 14:06 - 00000000 ___RD D:\Users\kh_2.KH-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-11-09 12:39 - 2013-11-09 14:06 - 00000000 ____D D:\Users\kh_2.KH-PC

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\Startmenü

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\Netzwerkumgebung

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\Druckumgebung

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\AppData\Local\Verlauf

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Roaming\Adobe

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Local\VirtualStore

2013-11-09 12:39 - 2013-07-04 21:02 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Roaming\Macromedia

2013-11-09 12:39 - 2011-11-12 16:45 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Local\AskToolbar

2013-11-09 12:39 - 2009-10-26 14:45 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Local\Microsoft Help

2013-11-09 12:35 - 2013-11-09 15:33 - 00271360 _____ D:\Users\KH\Documents\bewerbung.pst

2013-11-09 11:32 - 2013-11-09 11:32 - 00000000 ____D D:\Users\KH\AppData\Local\Adobe

2013-11-09 11:27 - 2013-11-09 12:55 - 00271360 _____ D:\Users\KH\Desktop\Outlook.pst

2013-11-09 11:25 - 2013-11-10 15:46 - 00110072 _____ D:\Users\KH\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 11:25 - 2013-11-09 11:25 - 00000000 ____D D:\Users\KH\Documents\Amazon MP3

2013-11-09 10:49 - 2013-11-09 10:49 - 00110072 _____ D:\Users\xrcd73\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 10:48 - 2013-11-09 11:24 - 00000000 ____D D:\Users\xrcd73

2013-11-09 10:48 - 2013-11-09 11:23 - 00000000 ___RD D:\Users\xrcd73\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Startmenü

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Netzwerkumgebung

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Druckumgebung

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Documents\Eigene Musik

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Documents\Eigene Bilder

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\AppData\Local\Verlauf

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 ____D D:\Users\xrcd73\AppData\Roaming\Adobe

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 ____D D:\Users\xrcd73\AppData\Local\VirtualStore

2013-11-09 10:48 - 2013-07-04 21:02 - 00000000 ____D D:\Users\xrcd73\AppData\Roaming\Macromedia

2013-11-09 10:48 - 2011-11-12 16:45 - 00000000 ____D D:\Users\xrcd73\AppData\Local\AskToolbar

2013-11-09 10:48 - 2009-10-26 14:45 - 00000000 ____D D:\Users\xrcd73\AppData\Local\Microsoft Help

2013-11-09 10:41 - 2013-11-09 10:41 - 00000000 ____D D:\Users\kh_2\Desktop\KH

2013-11-09 10:39 - 2013-11-09 10:39 - 00110072 _____ D:\Users\kh_2\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 10:38 - 2013-11-09 11:24 - 00000000 ____D D:\Users\kh_2

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Startmenü

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Netzwerkumgebung

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Druckumgebung

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Documents\Eigene Musik

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Documents\Eigene Bilder

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\AppData\Local\Verlauf

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 ____D D:\Users\kh_2\AppData\Roaming\Adobe

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 ____D D:\Users\kh_2\AppData\Local\VirtualStore

2013-11-09 10:38 - 2013-07-04 21:02 - 00000000 ____D D:\Users\kh_2\AppData\Roaming\Macromedia

2013-11-09 10:38 - 2011-11-12 16:45 - 00000000 ____D D:\Users\kh_2\AppData\Local\AskToolbar

2013-11-09 10:38 - 2009-10-26 14:45 - 00000000 ____D D:\Users\kh_2\AppData\Local\Microsoft Help

2013-11-08 21:08 - 2013-11-09 19:33 - 00000000 ____D D:\Windows\system32\config\RCCBakup

2013-11-08 19:00 - 2013-11-08 19:00 - 00129536 _____ D:\Users\Public\AlexaNSISPlugin.4168.dll

2013-11-08 17:30 - 2013-11-09 14:05 - 00000000 ____D D:\Users\KH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie

2013-11-08 17:29 - 2013-11-14 18:03 - 00000000 ____D D:\Program Files\Uniblue

2013-11-08 17:29 - 2013-11-09 14:05 - 00000000 ____D D:\Program Files\iRobinHood

2013-11-08 17:28 - 2013-11-09 14:06 - 00000000 ____D D:\Program Files\CoolPic

2013-11-08 17:28 - 2013-11-09 14:05 - 00000000 ____D D:\Program Files\Mobogenie

2013-10-29 10:51 - 2013-11-10 12:01 - 00001812 _____ D:\Users\KH\Desktop\Gutschein_5_Tage_im_Schloss_Purschenstein_im_Erzgebirge_fÃ¼r_zwei_Personen.lnk

2013-10-28 21:13 - 2013-10-23 11:24 - 22933792 _____ (NVIDIA Corporation) D:\Windows\system32\nvoglv32.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 17560352 _____ (NVIDIA Corporation) D:\Windows\system32\nvcompiler.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 10410272 _____ (NVIDIA Corporation) D:\Windows\system32\Drivers\nvlddmkm.sys

2013-10-28 21:13 - 2013-10-23 11:24 - 09524088 _____ (NVIDIA Corporation) D:\Windows\system32\nvcuda.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 09480328 _____ (NVIDIA Corporation) D:\Windows\system32\nvopencl.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 02946848 _____ (NVIDIA Corporation) D:\Windows\system32\nvcuvid.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 02747168 _____ (NVIDIA Corporation) D:\Windows\system32\nvcuvenc.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 01049888 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispco3233165.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 00893728 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispgenco3233165.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 00599840 _____ (NVIDIA Corporation) D:\Windows\system32\NvFBC.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 00560416 _____ (NVIDIA Corporation) D:\Windows\system32\NvIFR.dll

2013-10-28 21:07 - 2013-11-08 21:47 - 00955168 _____ (NVIDIA Corporation) D:\Windows\system32\nvspcap.dll

2013-10-28 21:03 - 2013-09-28 00:01 - 00033568 _____ (NVIDIA Corporation) D:\Windows\system32\Drivers\nvvad32v.sys

2013-10-28 10:56 - 2013-11-10 12:01 - 00001327 _____ D:\Users\KH\Desktop\Kreativitätskindertagesstätte 13.11.13.lnk

2013-10-24 19:01 - 2013-11-10 12:01 - 00001367 _____ D:\Users\KH\Desktop\kita 001.lnk

2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) D:\Windows\system32\nvStreaming.exe

2013-10-22 19:07 - 2013-10-16 01:41 - 01049888 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispco3233158.dll

2013-10-22 19:07 - 2013-10-16 01:41 - 00893728 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispgenco3233158.dll

2013-10-21 08:52 - 2013-11-10 12:01 - 00001327 _____ D:\Users\KH\Desktop\Anja Hoffmann Erzieherin Lotusblüte.lnk

2013-10-21 05:05 - 2013-10-21 05:05 - 00264616 _____ (Oracle Corporation) D:\Windows\system32\javaws.exe

2013-10-21 05:05 - 2013-10-21 05:05 - 00175016 _____ (Oracle Corporation) D:\Windows\system32\javaw.exe

2013-10-21 05:05 - 2013-10-21 05:05 - 00174504 _____ (Oracle Corporation) D:\Windows\system32\java.exe

2013-10-21 05:05 - 2013-10-21 05:05 - 00094632 _____ (Oracle Corporation) D:\Windows\system32\WindowsAccessBridge.dll

2013-10-21 05:05 - 2013-10-21 05:05 - 00000000 ____D D:\ProgramData\Oracle

2013-10-21 05:05 - 2013-10-21 05:05 - 00000000 ____D D:\Program Files\Java

2013-10-21 05:05 - 2013-10-21 05:05 - 00000000 ____D D:\Program Files\Common Files\Java

2013-10-15 16:35 - 2013-10-23 11:24 - 15855568 _____ (NVIDIA Corporation) D:\Windows\system32\nvwgf2um.dll

2013-10-15 16:35 - 2013-10-23 11:24 - 15212336 _____ (NVIDIA Corporation) D:\Windows\system32\nvd3dum.dll

2013-10-15 16:35 - 2013-09-27 09:50 - 01049888 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispco3233140.dll

2013-10-15 16:35 - 2013-09-27 09:50 - 00893728 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispgenco3233140.dll

2013-10-15 16:23 - 2013-10-15 16:23 - 00336816 _____ D:\Windows\Minidump\101513-39171-01.dmp

2013-10-15 16:19 - 2013-10-15 16:19 - 00366872 _____ D:\Windows\Minidump\101513-48687-01.dmp
 

==================== One Month Modified Files and Folders =======
 

2013-11-14 22:45 - 2013-11-14 22:44 - 00009123 _____ D:\Users\KH\Desktop\FRST.txt

2013-11-14 22:42 - 2009-07-14 05:53 - 00000006 ____H D:\Windows\Tasks\SA.DAT

2013-11-14 22:42 - 2009-07-14 05:39 - 00327210 _____ D:\Windows\setupact.log

2013-11-14 22:41 - 2009-10-25 16:17 - 00148126 _____ D:\Windows\PFRO.log

2013-11-14 22:41 - 2009-10-25 16:17 - 00000000 ____D D:\ProgramData\NVIDIA

2013-11-14 22:40 - 2009-10-25 15:35 - 01866533 _____ D:\Windows\WindowsUpdate.log

2013-11-14 22:36 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 21750

2013-11-14 22:36 - 2009-07-14 09:47 - 00000000 ____D D:\Windows\DigitalLocker

2013-11-14 21:16 - 2013-11-14 21:15 - 00000000 ___SD D:\ComboFix

2013-11-14 21:15 - 2013-11-13 16:47 - 00000000 ____D D:\Qoobox

2013-11-14 20:11 - 2012-04-09 17:29 - 00692616 _____ (Adobe Systems Incorporated) D:\Windows\system32\FlashPlayerApp.exe

2013-11-14 20:11 - 2011-05-19 04:59 - 00071048 _____ (Adobe Systems Incorporated) D:\Windows\system32\FlashPlayerCPLApp.cpl

2013-11-14 18:37 - 2013-11-14 18:37 - 01090529 _____ (Farbar) D:\Users\KH\Desktop\FRST.exe

2013-11-14 18:36 - 2009-07-14 05:34 - 00014928 ____H D:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-11-14 18:36 - 2009-07-14 05:34 - 00014928 ____H D:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-11-14 18:32 - 2009-10-25 15:54 - 01621084 _____ D:\Windows\system32\PerfStringBackup.INI

2013-11-14 18:29 - 2013-11-14 18:29 - 00000000 ____D D:\Users\KH\AppData\Roaming\Systweak

2013-11-14 18:22 - 2013-11-14 18:22 - 00001409 _____ D:\Users\KH\Desktop\JRT.txt

2013-11-14 18:19 - 2013-11-14 18:19 - 00000000 ____D D:\Windows\ERUNT

2013-11-14 18:17 - 2013-11-14 18:17 - 01034531 _____ (Thisisu) D:\Users\KH\Desktop\JRT.exe

2013-11-14 18:13 - 2013-11-14 18:13 - 00040262 _____ D:\Users\KH\Desktop\Quarantine.txt

2013-11-14 18:12 - 2013-11-14 18:12 - 00015665 _____ D:\Users\KH\Desktop\AdwCleaner[R0].txt

2013-11-14 18:12 - 2013-11-14 18:12 - 00015441 _____ D:\Users\KH\Desktop\AdwCleaner[S0].txt

2013-11-14 18:03 - 2013-11-14 18:00 - 00000000 ____D D:\AdwCleaner

2013-11-14 18:03 - 2013-11-08 17:29 - 00000000 ____D D:\Program Files\Uniblue

2013-11-14 18:03 - 2012-12-21 13:42 - 00000000 ____D D:\Program Files\Mozilla Firefox

2013-11-14 17:58 - 2013-11-14 17:58 - 01085542 _____ D:\Users\KH\Desktop\adwcleaner.exe

2013-11-14 17:44 - 2009-07-14 05:52 - 00000000 ____D D:\Windows\addins

2013-11-14 17:23 - 2013-11-14 17:23 - 00001077 _____ D:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-11-14 17:23 - 2013-11-14 17:23 - 00000000 ____D D:\Users\KH\AppData\Roaming\Malwarebytes

2013-11-14 17:23 - 2013-11-14 17:23 - 00000000 ____D D:\ProgramData\Malwarebytes

2013-11-14 17:23 - 2013-11-14 17:23 - 00000000 ____D D:\Program Files\Malwarebytes' Anti-Malware

2013-11-14 17:20 - 2013-11-14 17:20 - 10285040 _____ (Malwarebytes Corporation                                    ) D:\Users\KH\Desktop\mbam-setup-1.75.0.1300.exe

2013-11-14 16:42 - 2013-11-14 16:42 - 17669000 _____ (Adobe Systems Incorporated) D:\Users\KH\Downloads\flashplayer_11_ax_debug.exe

2013-11-14 11:20 - 2013-11-10 19:15 - 00137208 _____ (Avira Operations GmbH & Co. KG) D:\Windows\system32\Drivers\avipbb.sys

2013-11-14 11:20 - 2013-11-10 19:15 - 00090400 _____ (Avira Operations GmbH & Co. KG) D:\Windows\system32\Drivers\avgntflt.sys

2013-11-13 21:14 - 2009-07-14 03:37 - 00000000 ____D D:\Windows\rescache

2013-11-13 17:13 - 2013-11-13 17:13 - 00023722 _____ D:\Users\KH\Desktop\ComboFix.txt

2013-11-13 17:12 - 2013-11-13 17:12 - 00003279 _____ D:\Users\KH\Desktop\ComboFix-quarantined-files.txt

2013-11-13 17:06 - 2013-11-13 17:06 - 00023722 _____ D:\ComboFix.txt

2013-11-13 17:06 - 2009-07-14 03:37 - 00000000 __RHD D:\Users\Default

2013-11-13 17:06 - 2009-07-14 03:37 - 00000000 ___RD D:\Users\Public

2013-11-13 17:05 - 2013-11-13 16:47 - 00000000 ____D D:\Windows\erdnt

2013-11-13 17:01 - 2009-07-14 03:04 - 00000215 _____ D:\Windows\system.ini

2013-11-13 16:59 - 2009-07-14 03:03 - 51380224 _____ D:\Windows\system32\config\software.bak

2013-11-13 16:59 - 2009-07-14 03:03 - 21757952 _____ D:\Windows\system32\config\system.bak

2013-11-13 16:59 - 2009-07-14 03:03 - 00524288 _____ D:\Windows\system32\config\default.bak

2013-11-13 16:59 - 2009-07-14 03:03 - 00262144 _____ D:\Windows\system32\config\sam.bak

2013-11-13 16:59 - 2009-07-14 03:03 - 00028672 _____ D:\Windows\system32\config\security.bak

2013-11-13 16:33 - 2013-11-13 16:33 - 05147957 ____R (Swearware) D:\Users\KH\Desktop\ComboFix.exe

2013-11-13 05:52 - 2009-07-14 09:47 - 00000000 ____D D:\Windows\system32\Drivers\de-DE

2013-11-13 05:52 - 2009-07-14 03:37 - 00000000 ____D D:\Windows\system32\de-DE

2013-11-13 02:56 - 2009-10-26 12:30 - 00000000 ____D D:\ProgramData\Microsoft Help

2013-11-13 02:53 - 2013-11-13 02:49 - 00009945 _____ D:\Windows\IE11_main.log

2013-11-13 02:50 - 2013-11-13 02:50 - 02166272 _____ (Microsoft Corporation) D:\Windows\system32\iertutil.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 01926656 _____ (Microsoft Corporation) D:\Windows\system32\inetcpl.cpl

2013-11-13 02:50 - 2013-11-13 02:50 - 01818112 _____ (Microsoft Corporation) D:\Windows\system32\wininet.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 01156608 _____ (Microsoft Corporation) D:\Windows\system32\urlmon.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 01051136 _____ (Microsoft Corporation) D:\Windows\system32\mshtmlmedia.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00703488 _____ (Microsoft Corporation) D:\Windows\system32\ieapfltr.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00646144 _____ (Microsoft Corporation) D:\Windows\system32\MsSpellCheckingFacility.exe

2013-11-13 02:50 - 2013-11-13 02:50 - 00645120 _____ (Microsoft Corporation) D:\Windows\system32\jsIntl.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00616104 _____ (Microsoft Corporation) D:\Windows\system32\ieapfltr.dat

2013-11-13 02:50 - 2013-11-13 02:50 - 00523776 _____ (Microsoft Corporation) D:\Windows\system32\msfeeds.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00367104 _____ (Microsoft Corporation) D:\Windows\system32\dxtmsft.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00337408 _____ (Microsoft Corporation) D:\Windows\system32\html.iec

2013-11-13 02:50 - 2013-11-13 02:50 - 00244736 _____ (Microsoft Corporation) D:\Windows\system32\dxtrans.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00238288 _____ (Microsoft Corporation) D:\Windows\system32\iedkcs32.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00233472 _____ (Microsoft Corporation) D:\Windows\system32\url.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00208896 _____ (Microsoft Corporation) D:\Windows\system32\ie4uinit.exe

2013-11-13 02:50 - 2013-11-13 02:50 - 00208384 _____ (Microsoft Corporation) D:\Windows\system32\webcheck.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00194048 _____ (Microsoft Corporation) D:\Windows\system32\elshyph.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00182272 _____ (Microsoft Corporation) D:\Windows\system32\msls31.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00164864 _____ (Microsoft Corporation) D:\Windows\system32\msrating.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00151552 _____ (Microsoft Corporation) D:\Windows\system32\iexpress.exe

2013-11-13 02:50 - 2013-11-13 02:50 - 00139264 _____ (Microsoft Corporation) D:\Windows\system32\wextract.exe

2013-11-13 02:50 - 2013-11-13 02:50 - 00083456 _____ (Microsoft Corporation) D:\Windows\system32\inseng.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00071680 _____ (Microsoft Corporation) D:\Windows\system32\RegisterIEPKEYs.exe

2013-11-13 02:50 - 2013-11-13 02:50 - 00069632 _____ (Microsoft Corporation) D:\Windows\system32\mshtmled.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00069120 _____ (Microsoft Corporation) D:\Windows\system32\icardie.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00062464 _____ (Microsoft Corporation) D:\Windows\system32\tdc.ocx

2013-11-13 02:50 - 2013-11-13 02:50 - 00061952 _____ (Microsoft Corporation) D:\Windows\system32\iesetup.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00043008 _____ (Microsoft Corporation) D:\Windows\system32\jsproxy.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00034816 _____ (Microsoft Corporation) D:\Windows\system32\JavaScriptCollectionAgent.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00032768 _____ (Microsoft Corporation) D:\Windows\system32\iernonce.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00024576 _____ (Microsoft Corporation) D:\Windows\system32\licmgr10.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 17142784 _____ (Microsoft Corporation) D:\Windows\system32\mshtml.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 11220992 _____ (Microsoft Corporation) D:\Windows\system32\ieframe.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 04240384 _____ (Microsoft Corporation) D:\Windows\system32\jscript9.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 02724864 _____ (Microsoft Corporation) D:\Windows\system32\mshtml.tlb

2013-11-13 02:49 - 2013-11-13 02:49 - 00610304 _____ (Microsoft Corporation) D:\Windows\system32\jscript.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00553472 _____ (Microsoft Corporation) D:\Windows\system32\jscript9diag.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00454656 _____ (Microsoft Corporation) D:\Windows\system32\vbscript.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00440832 _____ (Microsoft Corporation) D:\Windows\system32\ieui.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00127488 _____ (Microsoft Corporation) D:\Windows\system32\occache.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00116736 _____ (Microsoft Corporation) D:\Windows\system32\iepeers.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00112128 _____ (Microsoft Corporation) D:\Windows\system32\ieUnatt.exe

2013-11-13 02:49 - 2013-11-13 02:49 - 00111616 _____ (Microsoft Corporation) D:\Windows\system32\IEAdvpack.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00108032 _____ (Microsoft Corporation) D:\Windows\system32\ieetwcollector.exe

2013-11-13 02:49 - 2013-11-13 02:49 - 00086016 _____ (Microsoft Corporation) D:\Windows\system32\iesysprep.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00074240 _____ (Microsoft Corporation) D:\Windows\system32\SetIEInstalledDate.exe

2013-11-13 02:49 - 2013-11-13 02:49 - 00061952 _____ (Microsoft Corporation) D:\Windows\system32\MshtmlDac.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00056832 _____ (Microsoft Corporation) D:\Windows\system32\pngfilt.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00051200 _____ (Microsoft Corporation) D:\Windows\system32\ieetwproxystub.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00048640 _____ (Microsoft Corporation) D:\Windows\system32\mshtmler.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00043008 _____ (Microsoft Corporation) D:\Windows\system32\msfeedsbs.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00036352 _____ (Microsoft Corporation) D:\Windows\system32\imgutil.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00013312 _____ (Microsoft Corporation) D:\Windows\system32\mshta.exe

2013-11-13 02:49 - 2013-11-13 02:49 - 00012800 _____ (Microsoft Corporation) D:\Windows\system32\msfeedssync.exe

2013-11-13 02:49 - 2013-11-13 02:49 - 00004096 _____ (Microsoft Corporation) D:\Windows\system32\ieetwcollectorres.dll

2013-11-13 02:48 - 2013-07-11 17:06 - 00000000 ____D D:\Windows\system32\MRT

2013-11-13 02:46 - 2009-10-25 16:23 - 80340640 _____ (Microsoft Corporation) D:\Windows\system32\MRT.exe

2013-11-12 19:39 - 2013-11-12 19:39 - 00004091 _____ D:\Users\KH\Desktop\Gmer.txt

2013-11-12 19:12 - 2013-11-12 19:12 - 00158888 _____ D:\Windows\Minidump\111213-45879-01.dmp

2013-11-12 19:12 - 2012-06-27 20:31 - 00000000 ____D D:\Windows\Minidump

2013-11-12 19:03 - 2013-11-12 19:03 - 00197992 _____ D:\Windows\Minidump\111213-48765-01.dmp

2013-11-12 18:58 - 2009-10-25 15:53 - 00000000 ____D D:\Users\KH\AppData\Local\VirtualStore

2013-11-12 18:39 - 2013-07-27 16:49 - 00001912 _____ D:\Windows\epplauncher.mif

2013-11-12 18:11 - 2013-11-12 18:11 - 00377856 _____ D:\Users\KH\Desktop\gmer_2.1.19163.exe

2013-11-12 18:01 - 2013-11-12 18:01 - 00000000 ____D D:\FRST

2013-11-12 17:57 - 2013-11-12 17:54 - 00000466 _____ D:\Users\KH\Desktop\defogger_disable.log

2013-11-12 17:54 - 2013-11-12 17:54 - 00000000 _____ D:\Users\KH\defogger_reenable

2013-11-12 17:54 - 2009-10-25 15:53 - 00000000 ____D D:\Users\KH

2013-11-12 17:53 - 2013-11-12 17:53 - 00050477 _____ D:\Users\KH\Desktop\Defogger.exe

2013-11-12 17:48 - 2013-11-12 17:48 - 00000000 ____D D:\Users\KH\Documents\My Received Files

2013-11-12 17:48 - 2013-11-12 17:48 - 00000000 ____D D:\Users\KH\AppData\Roaming\MusicNet

2013-11-12 17:00 - 2013-11-09 22:20 - 00001202 _____ D:\Users\KH\Desktop\Renee Undeleter.lnk

2013-11-12 16:38 - 2013-11-12 16:38 - 00000000 ____D D:\Users\KH\AppData\Local\NVIDIA Corporation

2013-11-10 20:59 - 2009-07-14 05:41 - 00000749 ___RH D:\Windows\WindowsShell.Manifest

2013-11-10 20:59 - 2009-07-14 03:37 - 00000000 __RHD D:\Users\Public\Libraries

2013-11-10 20:31 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 63654

2013-11-10 19:16 - 2013-11-10 19:16 - 00000000 ____D D:\Users\KH\AppData\Roaming\Avira

2013-11-10 19:15 - 2013-11-10 19:15 - 00002022 _____ D:\Users\Public\Desktop\Avira Control Center.lnk

2013-11-10 19:15 - 2013-11-10 19:15 - 00000000 ____D D:\Program Files\Avira

2013-11-10 19:15 - 2011-11-12 16:45 - 00000000 ____D D:\ProgramData\Avira

2013-11-10 19:09 - 2013-11-10 19:15 - 00067680 _____ (Avira Operations GmbH & Co. KG) D:\Windows\system32\Drivers\avnetflt.sys

2013-11-10 19:09 - 2013-11-10 19:15 - 00037352 _____ (Avira Operations GmbH & Co. KG) D:\Windows\system32\Drivers\avkmgr.sys

2013-11-10 19:09 - 2013-11-10 19:15 - 00028520 _____ (Avira GmbH) D:\Windows\system32\Drivers\ssmdrv.sys

2013-11-10 19:06 - 2013-11-10 19:06 - 02296760 _____ D:\Users\KH\Desktop\avira_internet_security_suite.exe

2013-11-10 15:46 - 2013-11-09 11:25 - 00110072 _____ D:\Users\KH\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-10 15:46 - 2009-07-14 05:33 - 00415560 _____ D:\Windows\system32\FNTCACHE.DAT

2013-11-10 15:43 - 2011-03-20 15:40 - 00000000 ____D D:\Program Files\Microsoft Works

2013-11-10 15:43 - 2011-03-20 15:40 - 00000000 ____D D:\Program Files\Common Files\DESIGNER

2013-11-10 15:42 - 2009-07-14 09:57 - 00000000 ____D D:\Windows\ShellNew

2013-11-10 15:37 - 2009-07-14 03:04 - 00000478 _____ D:\Windows\win.ini

2013-11-10 13:23 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 94973

2013-11-10 12:54 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 66742

2013-11-10 12:54 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 29672

2013-11-10 12:54 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 96010

2013-11-10 12:53 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 13120

2013-11-10 12:53 - 2013-11-10 12:49 - 00000000 ____D D:\MFT 69599

2013-11-10 12:53 - 2013-11-10 10:55 - 00000000 ____D D:\MFT 85443

2013-11-10 12:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84023

2013-11-10 12:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 83015

2013-11-10 12:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 69451

2013-11-10 12:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 69419

2013-11-10 12:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 63545

2013-11-10 12:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 35760

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\Program Files\LucasArts

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 69534

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 69500

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 69268

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 66797

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 44421

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 43696

2013-11-10 12:51 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 50434

2013-11-10 12:51 - 2013-11-10 10:03 - 00000000 ____D D:\MFT 25091

2013-11-10 12:51 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 65588

2013-11-10 12:51 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 47206

2013-11-10 12:51 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 41339

2013-11-10 12:51 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 27310

2013-11-10 12:51 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69421

2013-11-10 12:50 - 2013-11-10 12:50 - 00000000 ____D D:\MFT 69327

2013-11-10 12:50 - 2013-11-10 12:50 - 00000000 ____D D:\MFT 43589

2013-11-10 12:50 - 2013-11-10 10:43 - 00000000 ____D D:\MFT 69603

2013-11-10 12:50 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 63505

2013-11-10 12:50 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 60957

2013-11-10 12:50 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 65480

2013-11-10 12:49 - 2013-11-10 12:49 - 00000000 ____D D:\MFT 69537

2013-11-10 12:49 - 2013-11-10 10:43 - 00000000 ____D D:\MFT 69491

2013-11-10 12:49 - 2013-11-10 10:43 - 00000000 ____D D:\MFT 69345

2013-11-10 12:48 - 2013-11-10 10:03 - 00000000 ____D D:\MFT 40319

2013-11-10 12:48 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 49115

2013-11-10 12:48 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 48863

2013-11-10 12:48 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 48501

2013-11-10 12:47 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84970

2013-11-10 12:47 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84925

2013-11-10 12:47 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84808

2013-11-10 12:47 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84152

2013-11-10 12:47 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 84847

2013-11-10 12:47 - 2013-11-10 10:56 - 00000000 ____D D:\MFT 85251

2013-11-10 12:47 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 82784

2013-11-10 12:47 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 95553

2013-11-10 12:47 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 95544

2013-11-10 12:47 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 84255

2013-11-10 12:47 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 63300

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 99805

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 95531

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 95075

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 37463

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 2218

2013-11-10 12:45 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85663

2013-11-10 12:45 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84838

2013-11-10 12:45 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 83029

2013-11-10 12:45 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 5659

2013-11-10 12:45 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 2519

2013-11-10 12:45 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 96060

2013-11-10 12:45 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 95996

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 99176

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 86563

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 84869

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 84110

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 48829

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 46649

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 44695

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 44585

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 44296

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 43434

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 37293

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 29708

2013-11-10 12:44 - 2013-11-10 10:57 - 00000000 ____D D:\MFT 85569

2013-11-10 12:44 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 86951

2013-11-10 12:44 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 86507

2013-11-10 12:44 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85679

2013-11-10 12:44 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85448

2013-11-10 12:44 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85011

2013-11-10 12:44 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84088

2013-11-10 12:44 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 5821

2013-11-10 12:44 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 16537

2013-11-10 12:44 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 96050

2013-11-10 12:44 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 95557

2013-11-10 12:44 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 95555

2013-11-10 12:43 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 48806

2013-11-10 12:43 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 39942

2013-11-10 12:43 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 29270

2013-11-10 12:42 - 2013-11-10 12:42 - 00000000 ____D D:\MFT 69430

2013-11-10 12:42 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69541

2013-11-10 12:41 - 2013-04-18 05:32 - 00000000 ____D D:\Users\KH\AppData\Roaming\player

2013-11-10 12:39 - 2013-11-10 12:39 - 00000000 ____D D:\MFT 89457

2013-11-10 12:01 - 2013-11-10 12:01 - 00000000 ____D D:\Users\KH\AppData\Local\Avg2014

2013-11-10 12:01 - 2013-10-29 10:51 - 00001812 _____ D:\Users\KH\Desktop\Gutschein_5_Tage_im_Schloss_Purschenstein_im_Erzgebirge_fÃ¼r_zwei_Personen.lnk

2013-11-10 12:01 - 2013-10-28 10:56 - 00001327 _____ D:\Users\KH\Desktop\Kreativitätskindertagesstätte 13.11.13.lnk

2013-11-10 12:01 - 2013-10-24 19:01 - 00001367 _____ D:\Users\KH\Desktop\kita 001.lnk

2013-11-10 12:01 - 2013-10-21 08:52 - 00001327 _____ D:\Users\KH\Desktop\Anja Hoffmann Erzieherin Lotusblüte.lnk

2013-11-10 11:40 - 2013-01-24 13:07 - 00000000 ____D D:\Users\KH\AppData\Local\Nero

2013-11-10 11:21 - 2009-07-14 03:37 - 00000000 ____D D:\Windows\system32\NDF

2013-11-10 11:00 - 2013-11-10 07:48 - 00000428 _____ D:\Windows\Tasks\ASOService.job

2013-11-10 10:57 - 2013-11-10 10:57 - 00000000 ____D D:\MFT 67386

2013-11-10 10:56 - 2013-11-10 10:56 - 00000000 ____D D:\MFT 37475

2013-11-10 10:55 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84701

2013-11-10 10:55 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 49432

2013-11-10 10:55 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 48844

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 69652

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 69649

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 68594

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 67382

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 66129

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 619

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 47937

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 47931

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 47927

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 21752

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 18213

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 16634

2013-11-10 10:54 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84233

2013-11-10 10:54 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 71072

2013-11-10 10:54 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 66932

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 9626

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 69244

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 69059

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 69052

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 68604

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 48730

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 48085

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 43046

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 140

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 10193

2013-11-10 10:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 72750

2013-11-10 10:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 72099

2013-11-10 10:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 71615

2013-11-10 10:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 65795

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69647

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69626

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69401

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69235

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69064

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69050

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69048

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69041

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 68597

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 68580

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 67403

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 67401

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 67399

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66478

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66472

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66457

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66135

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 28750

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 17744

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 15327

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 15276

2013-11-10 10:52 - 2013-11-10 10:03 - 00000000 ____D D:\MFT 66778

2013-11-10 10:52 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 68592

2013-11-10 10:52 - 2013-07-19 18:07 - 00000000 ____D D:\Users\KH\AppData\Roaming\DVDVideoSoft

2013-11-10 10:43 - 2013-11-10 10:43 - 00000000 ____D D:\MFT 99757

2013-11-10 10:43 - 2013-11-10 10:43 - 00000000 ____D D:\MFT 99544

2013-11-10 10:43 - 2013-11-10 09:43 - 00000000 ____D D:\MFT 44093

2013-11-10 10:33 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 99781

2013-11-10 10:28 - 2013-11-10 10:28 - 00000000 ____D D:\MFT 17617

2013-11-10 10:28 - 2013-11-10 10:28 - 00000000 ____D D:\MFT 15395

2013-11-10 10:27 - 2009-10-26 13:43 - 00000000 ____D D:\ProgramData\SFirm32

2013-11-10 10:23 - 2013-11-09 14:32 - 00271360 _____ D:\Users\KH\Documents\Outlook.pst

2013-11-10 10:18 - 2013-11-10 10:18 - 00000000 ____D D:\MFT 98455

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 77143

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 64491

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 63646

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 46360

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 45729

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 45723

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 2658

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 16514

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 99960

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 98476

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 6992

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 43812

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 261

2013-11-10 10:03 - 2013-11-10 10:03 - 00000000 ____D D:\MFT 71952

2013-11-10 10:03 - 2013-11-10 10:03 - 00000000 ____D D:\MFT 37473

2013-11-10 10:03 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 33137

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\Users\kh_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\NVIDIA

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 96635

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 87506

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 86926

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 86337

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85766

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85024

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84860

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84812

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84207

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 83366

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 83365

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 82568

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 82545

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 77570

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 77564

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 72209

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 72006

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 60821

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 5768

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 57550

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 52432

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 49035

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 48736

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 34301

2013-11-10 09:59 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 85729

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 99424

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 98750

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 96479

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 75295

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69628

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69409

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69403

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69061

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 68602

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 67694

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 66492

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 66482

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 48696

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 48312

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 48307

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 48051

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 41994

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 37486

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 37470

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 25723

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 17498

2013-11-10 09:46 - 2009-10-25 19:09 - 00000000 ____D D:\Users\KH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2013-11-10 08:26 - 2013-11-10 08:19 - 00000000 __SHD D:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}

2013-11-10 08:26 - 2013-09-09 13:36 - 00000000 __SHD D:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}

2013-11-10 08:26 - 2009-10-26 14:22 - 00000000 ___HD D:\ProgramData\{8F84A085-61F5-420C-99B2-2BCE2C37763C}

2013-11-10 08:26 - 2009-10-26 12:30 - 00000000 ____D D:\Users\KH\AppData\Local\Microsoft Help

2013-11-10 08:21 - 2013-09-09 13:36 - 00000000 ____D D:\ProgramData\TuneUp Software

2013-11-10 08:20 - 2013-11-10 08:20 - 00002165 _____ D:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk

2013-11-10 08:20 - 2013-11-10 08:20 - 00002145 _____ D:\Users\Public\Desktop\TuneUp Utilities 2014.lnk

2013-11-10 08:20 - 2013-11-10 08:20 - 00000000 ____D D:\Users\KH\AppData\Roaming\TuneUp Software

2013-11-10 08:20 - 2013-11-10 08:20 - 00000000 ____D D:\Program Files\TuneUp Utilities 2014

2013-11-10 08:19 - 2013-11-10 08:18 - 32522152 _____ (TuneUp Software) D:\Users\KH\Desktop\TuneUpUtilities2014_de-DE.exe

2013-11-10 07:58 - 2013-11-10 07:58 - 00110072 _____ D:\Users\kh-pc\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-10 07:58 - 2013-11-10 07:56 - 00000000 ____D D:\Users\kh-pc

2013-11-10 07:56 - 2013-11-10 07:56 - 00001431 _____ D:\Users\kh-pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2013-11-10 07:56 - 2013-11-10 07:56 - 00000020 ___SH D:\Users\kh-pc\ntuser.ini

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Startmenü

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Netzwerkumgebung

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Druckumgebung

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Documents\Eigene Musik

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Documents\Eigene Bilder

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\AppData\Local\Verlauf

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 ____D D:\Users\kh-pc\AppData\Roaming\Adobe

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 ____D D:\Users\kh-pc\AppData\Local\VirtualStore

2013-11-10 07:53 - 2013-11-10 07:47 - 00000000 ____D D:\Program Files\Advanced System Optimizer 3

2013-11-10 07:48 - 2013-11-10 07:48 - 00002256 _____ D:\Users\Public\Desktop\Intelligente PC-Wartung.lnk

2013-11-10 07:48 - 2013-11-10 07:48 - 00002204 _____ D:\Users\Public\Desktop\Advanced System Optimizer.lnk

2013-11-09 20:25 - 2013-01-24 13:08 - 00000000 ____D D:\Users\KH\AppData\Roaming\Nero

2013-11-09 20:03 - 2013-11-09 15:33 - 00271360 _____ D:\Users\KH\Documents\archive.pst

2013-11-09 19:33 - 2013-11-08 21:08 - 00000000 ____D D:\Windows\system32\config\RCCBakup

2013-11-09 17:55 - 2013-11-09 17:50 - 00002216 _____ D:\Windows\system32\ASOROSet.bin

2013-11-09 15:33 - 2013-11-09 12:35 - 00271360 _____ D:\Users\KH\Documents\bewerbung.pst

2013-11-09 14:06 - 2013-11-09 13:54 - 00000000 ___RD D:\Users\kh_2.KH-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-11-09 14:06 - 2013-11-09 13:54 - 00000000 ____D D:\Users\kh_2.KH-PC.000

2013-11-09 14:06 - 2013-11-09 12:39 - 00000000 ___RD D:\Users\kh_2.KH-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-11-09 14:06 - 2013-11-09 12:39 - 00000000 ____D D:\Users\kh_2.KH-PC

2013-11-09 14:06 - 2013-11-08 17:28 - 00000000 ____D D:\Program Files\CoolPic

2013-11-09 14:06 - 2009-07-14 03:37 - 00000000 ____D D:\Windows\system32\wfp

2013-11-09 14:05 - 2013-11-09 12:46 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Local\Nero

2013-11-09 14:05 - 2013-11-08 17:30 - 00000000 ____D D:\Users\KH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie

2013-11-09 14:05 - 2013-11-08 17:29 - 00000000 ____D D:\Program Files\iRobinHood

2013-11-09 14:05 - 2013-11-08 17:28 - 00000000 ____D D:\Program Files\Mobogenie

2013-11-09 14:05 - 2013-08-25 22:08 - 00000000 ____D D:\Users\KH\AppData\Roaming\Audacity

2013-11-09 14:05 - 2013-02-14 20:22 - 00000000 ___RD D:\Users\KH\Desktop\lplex-0.3-win64

2013-11-09 14:05 - 2013-02-14 20:06 - 00000000 ____D D:\Users\KH\AppData\Roaming\lplex

2013-11-09 14:05 - 2013-01-21 15:47 - 00000000 ___RD D:\Users\KH\SkyDrive

2013-11-09 14:05 - 2013-01-15 20:07 - 00000000 ____D D:\Users\KH\AppData\Roaming\Pegasys Inc

2013-11-09 14:05 - 2013-01-05 22:26 - 00000000 ____D D:\Users\KH\AppData\Roaming\dvdcss

2013-11-09 14:05 - 2013-01-03 20:04 - 00000000 ____D D:\Program Files\Cypheros

2013-11-09 14:05 - 2013-01-03 13:14 - 00000000 ____D D:\Users\KH\AppData\Roaming\vlc

2013-11-09 14:05 - 2011-01-08 22:17 - 00000000 ____D D:\Users\KH\AppData\Roaming\PhotoScape

2013-11-09 14:05 - 2010-11-07 10:54 - 00000000 ____D D:\Program Files\LuminanceHDR-2.0.1

2013-11-09 14:05 - 2009-11-17 17:23 - 00000000 ____D D:\Users\KH\AppData\Local\{6CDD08D2-4502-44F0-9753-3D5B10261DFE}

2013-11-09 14:05 - 2009-11-04 09:58 - 00000000 ____D D:\Users\KH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ghostscript

2013-11-09 14:05 - 2009-10-26 14:20 - 00000000 ____D D:\Program Files\WIN-CASA2009

2013-11-09 14:05 - 2009-10-25 15:53 - 00000000 ____D D:\Users\KH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-11-09 14:05 - 2009-10-25 15:53 - 00000000 ____D D:\Users\KH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-11-09 14:05 - 2009-07-14 05:52 - 00000000 ____D D:\Windows\system32\WinBioDatabase

2013-11-09 14:05 - 2009-07-14 03:37 - 00000000 ____D D:\Windows\registration

2013-11-09 14:04 - 2013-08-24 18:17 - 00000000 ____D D:\Users\KH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon

2013-11-09 14:04 - 2013-01-11 22:03 - 00000000 ____D D:\Users\KH\AppData\Roaming\Digiarty

2013-11-09 14:04 - 2013-01-09 11:42 - 00000000 ____D D:\Users\KH\AppData\Roaming\Sony

2013-11-09 14:04 - 2012-01-17 22:07 - 00000000 ____D D:\Users\KH\AppData\Roaming\Canneverbe Limited

2013-11-09 14:04 - 2009-10-25 16:03 - 00000000 ____D D:\Users\KH\AppData\Roaming\Macromedia

2013-11-09 14:04 - 2009-10-25 16:03 - 00000000 ____D D:\Users\KH\AppData\Roaming\Adobe

2013-11-09 14:03 - 2013-09-06 20:24 - 00000000 ____D D:\Users\KH\AppData\Local\NVIDIA

2013-11-09 14:03 - 2013-01-24 13:08 - 00000000 ____D D:\Users\KH\AppData\Local\Nero_AG

2013-11-09 14:03 - 2013-01-09 11:50 - 00000000 ____D D:\Users\KH\AppData\Local\Sony

2013-11-09 14:03 - 2011-01-07 18:56 - 00000000 ____D D:\Users\KH\AppData\Local\Panasonic

2013-11-09 14:03 - 2009-11-15 16:24 - 00000000 ____D D:\Users\KH\AppData\Local\Microsoft Games

2013-11-09 14:02 - 2009-07-14 03:37 - 00000000 ____D D:\Program Files\Common Files\microsoft shared

2013-11-09 13:57 - 2013-11-09 13:57 - 00110072 _____ D:\Users\kh_2.KH-PC.000\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Startmenü

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Netzwerkumgebung

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Druckumgebung

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Documents\Eigene Musik

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Documents\Eigene Bilder

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\AppData\Local\Verlauf

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 ____D D:\Users\kh_2.KH-PC.000\AppData\Roaming\Adobe

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 ____D D:\Users\kh_2.KH-PC.000\AppData\Local\VirtualStore

2013-11-09 13:42 - 2013-11-09 13:42 - 00000000 ____D D:\Users\KH\Tracing

2013-11-09 13:36 - 2013-11-09 13:36 - 00000000 ____D D:\Users\KH\Desktop\kh_2

2013-11-09 12:55 - 2013-11-09 11:27 - 00271360 _____ D:\Users\KH\Desktop\Outlook.pst

2013-11-09 12:46 - 2013-11-09 12:46 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Roaming\Nero

2013-11-09 12:46 - 2013-11-09 12:46 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Local\Nero_AG

2013-11-09 12:43 - 2013-11-09 12:43 - 00110072 _____ D:\Users\kh_2.KH-PC\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\Startmenü

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\Netzwerkumgebung

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\Druckumgebung

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\AppData\Local\Verlauf

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Roaming\Adobe

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Local\VirtualStore

2013-11-09 12:31 - 2012-12-31 12:55 - 00000000 ____D D:\Program Files\Technisat

2013-11-09 12:31 - 2009-12-08 20:45 - 00000000 ____D D:\Users\KH\AppData\Local\Google

2013-11-09 11:32 - 2013-11-09 11:32 - 00000000 ____D D:\Users\KH\AppData\Local\Adobe

2013-11-09 11:25 - 2013-11-09 11:25 - 00000000 ____D D:\Users\KH\Documents\Amazon MP3

2013-11-09 11:24 - 2013-11-09 10:48 - 00000000 ____D D:\Users\xrcd73

2013-11-09 11:24 - 2013-11-09 10:38 - 00000000 ____D D:\Users\kh_2

2013-11-09 11:23 - 2013-11-09 10:48 - 00000000 ___RD D:\Users\xrcd73\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-11-09 10:49 - 2013-11-09 10:49 - 00110072 _____ D:\Users\xrcd73\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Startmenü

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Netzwerkumgebung

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Druckumgebung

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Documents\Eigene Musik

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Documents\Eigene Bilder

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\AppData\Local\Verlauf

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 ____D D:\Users\xrcd73\AppData\Roaming\Adobe

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 ____D D:\Users\xrcd73\AppData\Local\VirtualStore

2013-11-09 10:41 - 2013-11-09 10:41 - 00000000 ____D D:\Users\kh_2\Desktop\KH

2013-11-09 10:39 - 2013-11-09 10:39 - 00110072 _____ D:\Users\kh_2\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Startmenü

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Netzwerkumgebung

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Druckumgebung

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Documents\Eigene Musik

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Documents\Eigene Bilder

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\AppData\Local\Verlauf

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 ____D D:\Users\kh_2\AppData\Roaming\Adobe

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 ____D D:\Users\kh_2\AppData\Local\VirtualStore

2013-11-08 21:47 - 2013-10-28 21:07 - 00955168 _____ (NVIDIA Corporation) D:\Windows\system32\nvspcap.dll

2013-11-08 19:00 - 2013-11-08 19:00 - 00129536 _____ D:\Users\Public\AlexaNSISPlugin.4168.dll

2013-11-04 21:40 - 2009-07-14 05:53 - 00032632 _____ D:\Windows\Tasks\SCHEDLGU.TXT

2013-10-28 21:18 - 2010-07-11 10:18 - 00000000 ____D D:\Program Files\NVIDIA Corporation

2013-10-28 21:07 - 2010-07-11 10:18 - 00000000 ____D D:\ProgramData\NVIDIA Corporation

2013-10-23 11:24 - 2013-10-28 21:13 - 22933792 _____ (NVIDIA Corporation) D:\Windows\system32\nvoglv32.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 17560352 _____ (NVIDIA Corporation) D:\Windows\system32\nvcompiler.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 10410272 _____ (NVIDIA Corporation) D:\Windows\system32\Drivers\nvlddmkm.sys

2013-10-23 11:24 - 2013-10-28 21:13 - 09524088 _____ (NVIDIA Corporation) D:\Windows\system32\nvcuda.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 09480328 _____ (NVIDIA Corporation) D:\Windows\system32\nvopencl.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 02946848 _____ (NVIDIA Corporation) D:\Windows\system32\nvcuvid.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 02747168 _____ (NVIDIA Corporation) D:\Windows\system32\nvcuvenc.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 01049888 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispco3233165.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 00893728 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispgenco3233165.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 00599840 _____ (NVIDIA Corporation) D:\Windows\system32\NvFBC.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 00560416 _____ (NVIDIA Corporation) D:\Windows\system32\NvIFR.dll

2013-10-23 11:24 - 2013-10-15 16:35 - 15855568 _____ (NVIDIA Corporation) D:\Windows\system32\nvwgf2um.dll

2013-10-23 11:24 - 2013-10-15 16:35 - 15212336 _____ (NVIDIA Corporation) D:\Windows\system32\nvd3dum.dll

2013-10-23 11:24 - 2013-09-19 20:30 - 00018174 _____ D:\Windows\system32\nvinfo.pb

2013-10-23 11:24 - 2010-07-11 10:17 - 02695200 _____ (NVIDIA Corporation) D:\Windows\system32\nvapi.dll

2013-10-23 08:19 - 2010-06-07 16:47 - 04318496 _____ (NVIDIA Corporation) D:\Windows\system32\nvcpl.dll

2013-10-23 08:19 - 2010-06-07 16:47 - 03036448 _____ (NVIDIA Corporation) D:\Windows\system32\nvsvc.dll

2013-10-23 08:19 - 2010-06-07 16:47 - 02555168 _____ (NVIDIA Corporation) D:\Windows\system32\nvsvcr.dll

2013-10-23 08:19 - 2010-06-07 16:47 - 00664352 _____ (NVIDIA Corporation) D:\Windows\system32\nvvsvc.exe

2013-10-23 08:19 - 2010-06-07 16:47 - 00209184 _____ (NVIDIA Corporation) D:\Windows\system32\nvmctray.dll

2013-10-23 08:19 - 2010-06-07 16:47 - 00062752 _____ (NVIDIA Corporation) D:\Windows\system32\nvshext.dll

2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) D:\Windows\system32\nvStreaming.exe

2013-10-21 15:50 - 2009-10-28 08:49 - 00000000 ____D D:\Windows\pss

2013-10-21 05:05 - 2013-10-21 05:05 - 00264616 _____ (Oracle Corporation) D:\Windows\system32\javaws.exe

2013-10-21 05:05 - 2013-10-21 05:05 - 00175016 _____ (Oracle Corporation) D:\Windows\system32\javaw.exe

2013-10-21 05:05 - 2013-10-21 05:05 - 00174504 _____ (Oracle Corporation) D:\Windows\system32\java.exe

2013-10-21 05:05 - 2013-10-21 05:05 - 00094632 _____ (Oracle Corporation) D:\Windows\system32\WindowsAccessBridge.dll

2013-10-21 05:05 - 2013-10-21 05:05 - 00000000 ____D D:\ProgramData\Oracle

2013-10-21 05:05 - 2013-10-21 05:05 - 00000000 ____D D:\Program Files\Java

2013-10-21 05:05 - 2013-10-21 05:05 - 00000000 ____D D:\Program Files\Common Files\Java

2013-10-16 01:41 - 2013-10-22 19:07 - 01049888 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispco3233158.dll

2013-10-16 01:41 - 2013-10-22 19:07 - 00893728 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispgenco3233158.dll

2013-10-15 16:46 - 2009-07-14 03:37 - 00000000 ____D D:\Windows\AppCompat

2013-10-15 16:23 - 2013-10-15 16:23 - 00336816 _____ D:\Windows\Minidump\101513-39171-01.dmp

2013-10-15 16:19 - 2013-10-15 16:19 - 00366872 _____ D:\Windows\Minidump\101513-48687-01.dmp
 

Files to move or delete:

====================

D:\Users\Public\AlexaNSISPlugin.4168.dll
 
 

Some content of TEMP:

====================

D:\Users\KH\AppData\Local\Temp\avgnt.exe
 
 

==================== Bamital & volsnap Check =================
 

D:\Windows\explorer.exe => MD5 is legit

D:\Windows\System32\winlogon.exe => MD5 is legit

D:\Windows\System32\wininit.exe => MD5 is legit

D:\Windows\System32\svchost.exe => MD5 is legit

D:\Windows\System32\services.exe => MD5 is legit

D:\Windows\System32\User32.dll => MD5 is legit

D:\Windows\System32\userinit.exe => MD5 is legit

D:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2013-11-10 17:36
 

==================== End Of Log ============================

--- --- ---

schrauber

15.11.2013 18:39

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

xrcd73

16.11.2013 07:44

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=6d190b837bd5b244afde7fe1f776ae7e
# engine=15901
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-11-15 08:02:36
# local_time=2013-11-15 09:02:36 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 23894 136176947 0 0
# scanned=142616
# found=1
# cleaned=0
# scan_time=6251
sh=29A97927A6DF778AFDA9C8D1006C62E91BFCF462 ft=1 fh=c71c00114bf77115 vn="a variant of Win32/AdWare.OkitSpace.A application" ac=I fn="D:\Qoobox\Quarantine\D\Users\KH\AppData\Roaming\okitspace\IE\OkitSpace.dll.vir"

Results of screen317's Security Check version 0.99.76
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware Version 1.75.0.1300
TuneUp Utilities 2014
TuneUp Utilities 2014 (de-DE)
TuneUp Utilities 2014
Java 7 Update 45
Adobe Reader XI
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive D:
````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-11-2013

Ran by KH (administrator) on KH-PC on 15-11-2013 21:48:21

Running from D:\Users\KH\Desktop

Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard

Internet Explorer Version 11

Boot Mode: Normal
 

==================== Processes (Whitelisted) ===================
 

(NVIDIA Corporation) D:\Windows\system32\nvvsvc.exe

(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) D:\Windows\system32\nvvsvc.exe

(Avira Operations GmbH & Co. KG) D:\Program Files\Avira\AntiVir Desktop\sched.exe

(Systweak Software, (www.systweak.com)) D:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe

(Malwarebytes Corporation) D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

(TuneUp Software) D:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe

(Microsoft Corp.) D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Intel Corporation) D:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

(Microsoft Corp.) D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Avira Operations GmbH & Co. KG) D:\Program Files\Avira\AntiVir Desktop\avmailc7.exe

(Avira Operations GmbH & Co. KG) D:\Program Files\Avira\AntiVir Desktop\avwebg7.exe

(Avira Operations GmbH & Co. KG) D:\Program Files\Avira\AntiVir Desktop\avguard.exe

(Avira Operations GmbH & Co. KG) D:\Program Files\Avira\AntiVir Desktop\avshadow.exe

(Malwarebytes Corporation) D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

(LG Electronics) D:\Program Files\LG Software\On Screen Display\HotKey.exe

(Intel Corporation) D:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

(Realtek Semiconductor) D:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

(shbox.de) D:\Program Files\FreePDF_XP\fpassist.exe

(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

(Avira Operations GmbH & Co. KG) D:\Program Files\Avira\AntiVir Desktop\avgnt.exe

() D:\Users\KH\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe

(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(TuneUp Software) D:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe

(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Nero AG) D:\Program Files\Nero\Update\NASvc.exe
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [KeybdUtility] - D:\Program Files\LG Software\On Screen Display\HotKey.exe [2655800 2007-04-10] (LG Electronics)

HKLM\...\Run: [IAAnotif] - D:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904 2009-06-04] (Intel Corporation)

HKLM\...\Run: [IaNvSrv] - D:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe [33304 2009-07-13] (Intel Corporation)

HKLM\...\Run: [RtHDVCpl] - D:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7772704 2009-10-06] (Realtek Semiconductor)

HKLM\...\Run: [FreePDF Assistant] - D:\Program Files\FreePDF_XP\fpassist.exe [385024 2009-09-05] (shbox.de)

HKLM\...\Run: [Nvtmru] - D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-11-08] (NVIDIA Corporation)

HKLM\...\Run: [ShadowPlay] - D:\Windows\system32\rundll32.exe D:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [mobilegeni daemon] - D:\Program Files\Mobogenie\DaemonProcess.exe [735936 2013-10-08] ()

HKLM\...\Run: [avgnt] - D:\Program Files\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-14] (Avira Operations GmbH & Co. KG)

HKCU\...\Run: [AmazonMP3DownloaderHelper] - D:\Users\KH\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()

HKCU\...\Policies\Explorer: [NoCDBurning] 0

BootExecute: 
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5386F3198455CA01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

URLSearchHook: HKLM - (No Name) - {5786d022-540e-4699-b350-b4be0ae94b79} -  No File

SearchScopes: HKLM - DefaultScope value is missing.

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  No File

DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

Chrome: 

=======

Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION

CHR Extension: (CoolPic) - D:\Users\KH\AppData\Local\Google\Chrome\User Data\Default\Extensions\blcefchbfgmakifmejncnbognjoadloc\2.0.0.429_0

CHR HKLM\...\Chrome\Extension: [iidmoehhpbghchkaogkhmcckhlhebekn] - D:\Program Files\iRobinHood\iRobinHood Addon\iRobinHoodPartnersVExtension1_58.crx
 

========================== Services (Whitelisted) =================
 

R2 AntiVirMailService; D:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [972872 2013-11-10] (Avira Operations GmbH & Co. KG)

R2 AntiVirSchedulerService; D:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-11-14] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; D:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-14] (Avira Operations GmbH & Co. KG)

R2 AntiVirWebService; D:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1164360 2013-11-10] (Avira Operations GmbH & Co. KG)

R2 ASO3DiskOptimizer; D:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe [241448 2013-09-18] (Systweak Software, (www.systweak.com))

R2 MBAMScheduler; D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

R2 NAUpdate; D:\Program Files\Nero\Update\NASvc.exe [762192 2013-07-18] (Nero AG)

R2 NvStreamSvc; D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14652704 2013-11-08] (NVIDIA Corporation)

R2 TuneUp.UtilitiesSvc; D:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1739576 2013-10-12] (TuneUp Software)
 

==================== Drivers (Whitelisted) ====================
 

S3 61883; D:\Windows\System32\DRIVERS\61883.sys [46976 2009-07-14] (Microsoft Corporation)

R2 avgntflt; D:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-11-14] (Avira Operations GmbH & Co. KG)

R1 avipbb; D:\Windows\System32\DRIVERS\avipbb.sys [137208 2013-11-14] (Avira Operations GmbH & Co. KG)

R1 avkmgr; D:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-10] (Avira Operations GmbH & Co. KG)

R2 avnetflt; D:\Windows\System32\DRIVERS\avnetflt.sys [67680 2013-11-10] (Avira Operations GmbH & Co. KG)

R3 btmhsf; D:\Windows\System32\DRIVERS\btmhsf.sys [225280 2011-07-19] (Intel Corporation)

R3 iBtFltCoex; D:\Windows\System32\DRIVERS\iBtFltCoex.sys [47104 2011-07-20] (Intel Corporation)

R3 MBAMProtector; D:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)

S3 NuidFltr; D:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)

R3 nvvad_WaveExtensible; D:\Windows\System32\drivers\nvvad32v.sys [33568 2013-09-28] (NVIDIA Corporation)

R1 ssmdrv; D:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-11-10] (Avira GmbH)

R3 TuneUpUtilitiesDrv; D:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [12320 2013-09-18] (TuneUp Software)

U5 AppMgmt; D:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)

S3 catchme; \??\D:\Users\KH\AppData\Local\Temp\catchme.sys [x]

S3 efipsk; \??\D:\Users\KH\AppData\Local\Temp\efipsk.sys [x]

S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [x]

U5 VWiFiFlt; D:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-11-15 21:48 - 2013-11-15 21:48 - 00009344 _____ D:\Users\KH\Desktop\FRST.txt

2013-11-15 21:47 - 2013-11-15 21:47 - 01090529 _____ (Farbar) D:\Users\KH\Desktop\FRST.exe

2013-11-15 21:33 - 2013-11-15 21:33 - 00891184 _____ D:\Users\KH\Desktop\SecurityCheck.exe

2013-11-15 19:16 - 2013-11-15 21:30 - 00000000 ____D D:\Program Files\ESET

2013-11-15 18:15 - 2013-11-15 18:15 - 00000000 ____D D:\Users\kh-pc\AppData\Roaming\Avira

2013-11-15 18:14 - 2013-11-15 18:14 - 00000000 ____D D:\Users\kh-pc\AppData\Roaming\Nero

2013-11-15 18:14 - 2013-11-15 18:14 - 00000000 ____D D:\Users\kh-pc\AppData\Local\Nero_AG

2013-11-15 18:13 - 2013-11-15 18:14 - 00000000 ____D D:\Users\kh-pc\AppData\Local\Nero

2013-11-15 18:10 - 2013-11-15 18:10 - 00000000 ____D D:\Users\kh-pc\AppData\Roaming\Systweak

2013-11-14 21:15 - 2013-11-14 21:16 - 00000000 ___SD D:\ComboFix

2013-11-14 18:29 - 2013-11-14 18:29 - 00000000 ____D D:\Users\KH\AppData\Roaming\Systweak

2013-11-14 18:22 - 2013-11-14 18:22 - 00001409 _____ D:\Users\KH\Desktop\JRT.txt

2013-11-14 18:19 - 2013-11-14 18:19 - 00000000 ____D D:\Windows\ERUNT

2013-11-14 18:17 - 2013-11-14 18:17 - 01034531 _____ (Thisisu) D:\Users\KH\Desktop\JRT.exe

2013-11-14 18:13 - 2013-11-14 18:13 - 00040262 _____ D:\Users\KH\Desktop\Quarantine.txt

2013-11-14 18:12 - 2013-11-14 18:12 - 00015665 _____ D:\Users\KH\Desktop\AdwCleaner[R0].txt

2013-11-14 18:12 - 2013-11-14 18:12 - 00015441 _____ D:\Users\KH\Desktop\AdwCleaner[S0].txt

2013-11-14 18:00 - 2013-11-14 18:03 - 00000000 ____D D:\AdwCleaner

2013-11-14 17:58 - 2013-11-14 17:58 - 01085542 _____ D:\Users\KH\Desktop\adwcleaner.exe

2013-11-14 17:23 - 2013-11-14 17:23 - 00001077 _____ D:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-11-14 17:23 - 2013-11-14 17:23 - 00000000 ____D D:\Users\KH\AppData\Roaming\Malwarebytes

2013-11-14 17:23 - 2013-11-14 17:23 - 00000000 ____D D:\ProgramData\Malwarebytes

2013-11-14 17:23 - 2013-11-14 17:23 - 00000000 ____D D:\Program Files\Malwarebytes' Anti-Malware

2013-11-14 17:23 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) D:\Windows\system32\Drivers\mbam.sys

2013-11-14 16:42 - 2013-11-14 16:42 - 17669000 _____ (Adobe Systems Incorporated) D:\Users\KH\Downloads\flashplayer_11_ax_debug.exe

2013-11-13 17:13 - 2013-11-13 17:13 - 00023722 _____ D:\Users\KH\Desktop\ComboFix.txt

2013-11-13 17:12 - 2013-11-13 17:12 - 00003279 _____ D:\Users\KH\Desktop\ComboFix-quarantined-files.txt

2013-11-13 17:06 - 2013-11-13 17:06 - 00023722 _____ D:\ComboFix.txt

2013-11-13 16:47 - 2013-11-14 21:15 - 00000000 ____D D:\Qoobox

2013-11-13 16:47 - 2013-11-13 17:05 - 00000000 ____D D:\Windows\erdnt

2013-11-13 16:47 - 2011-06-26 07:45 - 00256000 _____ D:\Windows\PEV.exe

2013-11-13 16:47 - 2010-11-07 18:20 - 00208896 _____ D:\Windows\MBR.exe

2013-11-13 16:47 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) D:\Windows\NIRCMD.exe

2013-11-13 16:47 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) D:\Windows\SWREG.exe

2013-11-13 16:47 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) D:\Windows\SWSC.exe

2013-11-13 16:47 - 2000-08-31 01:00 - 00098816 _____ D:\Windows\sed.exe

2013-11-13 16:47 - 2000-08-31 01:00 - 00080412 _____ D:\Windows\grep.exe

2013-11-13 16:47 - 2000-08-31 01:00 - 00068096 _____ D:\Windows\zip.exe

2013-11-13 16:33 - 2013-11-13 16:33 - 05147957 ____R (Swearware) D:\Users\KH\Desktop\ComboFix.exe

2013-11-13 02:57 - 2013-10-02 01:42 - 00049152 _____ (Microsoft Corporation) D:\Windows\system32\Drivers\TsUsbFlt.sys

2013-11-13 02:57 - 2013-10-02 01:32 - 00012800 _____ (Microsoft Corporation) D:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe

2013-11-13 02:57 - 2013-10-02 01:30 - 00014336 _____ (Microsoft Corporation) D:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll

2013-11-13 02:57 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) D:\Windows\system32\MsRdpWebAccess.dll

2013-11-13 02:57 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) D:\Windows\system32\wksprtPS.dll

2013-11-13 02:57 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) D:\Windows\system32\tsgqec.dll

2013-11-13 02:57 - 2013-10-02 00:45 - 00032256 _____ (Microsoft Corporation) D:\Windows\system32\TsUsbGDCoInstaller.dll

2013-11-13 02:57 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) D:\Windows\system32\rdvidcrl.dll

2013-11-13 02:57 - 2013-10-02 00:00 - 00076288 _____ (Microsoft Corporation) D:\Windows\system32\TSWbPrxy.exe

2013-11-13 02:57 - 2013-10-01 23:53 - 00350208 _____ (Microsoft Corporation) D:\Windows\system32\wksprt.exe

2013-11-13 02:57 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) D:\Windows\system32\mstsc.exe

2013-11-13 02:57 - 2013-10-01 21:55 - 05698048 _____ (Microsoft Corporation) D:\Windows\system32\mstscax.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 02166272 _____ (Microsoft Corporation) D:\Windows\system32\iertutil.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 01926656 _____ (Microsoft Corporation) D:\Windows\system32\inetcpl.cpl

2013-11-13 02:50 - 2013-11-13 02:50 - 01818112 _____ (Microsoft Corporation) D:\Windows\system32\wininet.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 01156608 _____ (Microsoft Corporation) D:\Windows\system32\urlmon.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 01051136 _____ (Microsoft Corporation) D:\Windows\system32\mshtmlmedia.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00703488 _____ (Microsoft Corporation) D:\Windows\system32\ieapfltr.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00646144 _____ (Microsoft Corporation) D:\Windows\system32\MsSpellCheckingFacility.exe

2013-11-13 02:50 - 2013-11-13 02:50 - 00645120 _____ (Microsoft Corporation) D:\Windows\system32\jsIntl.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00616104 _____ (Microsoft Corporation) D:\Windows\system32\ieapfltr.dat

2013-11-13 02:50 - 2013-11-13 02:50 - 00523776 _____ (Microsoft Corporation) D:\Windows\system32\msfeeds.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00367104 _____ (Microsoft Corporation) D:\Windows\system32\dxtmsft.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00337408 _____ (Microsoft Corporation) D:\Windows\system32\html.iec

2013-11-13 02:50 - 2013-11-13 02:50 - 00244736 _____ (Microsoft Corporation) D:\Windows\system32\dxtrans.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00238288 _____ (Microsoft Corporation) D:\Windows\system32\iedkcs32.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00233472 _____ (Microsoft Corporation) D:\Windows\system32\url.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00208896 _____ (Microsoft Corporation) D:\Windows\system32\ie4uinit.exe

2013-11-13 02:50 - 2013-11-13 02:50 - 00208384 _____ (Microsoft Corporation) D:\Windows\system32\webcheck.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00194048 _____ (Microsoft Corporation) D:\Windows\system32\elshyph.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00182272 _____ (Microsoft Corporation) D:\Windows\system32\msls31.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00164864 _____ (Microsoft Corporation) D:\Windows\system32\msrating.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00151552 _____ (Microsoft Corporation) D:\Windows\system32\iexpress.exe

2013-11-13 02:50 - 2013-11-13 02:50 - 00139264 _____ (Microsoft Corporation) D:\Windows\system32\wextract.exe

2013-11-13 02:50 - 2013-11-13 02:50 - 00083456 _____ (Microsoft Corporation) D:\Windows\system32\inseng.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00071680 _____ (Microsoft Corporation) D:\Windows\system32\RegisterIEPKEYs.exe

2013-11-13 02:50 - 2013-11-13 02:50 - 00069632 _____ (Microsoft Corporation) D:\Windows\system32\mshtmled.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00069120 _____ (Microsoft Corporation) D:\Windows\system32\icardie.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00062464 _____ (Microsoft Corporation) D:\Windows\system32\tdc.ocx

2013-11-13 02:50 - 2013-11-13 02:50 - 00061952 _____ (Microsoft Corporation) D:\Windows\system32\iesetup.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00043008 _____ (Microsoft Corporation) D:\Windows\system32\jsproxy.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00034816 _____ (Microsoft Corporation) D:\Windows\system32\JavaScriptCollectionAgent.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00032768 _____ (Microsoft Corporation) D:\Windows\system32\iernonce.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00024576 _____ (Microsoft Corporation) D:\Windows\system32\licmgr10.dll

2013-11-13 02:49 - 2013-11-13 02:53 - 00009945 _____ D:\Windows\IE11_main.log

2013-11-13 02:49 - 2013-11-13 02:49 - 17142784 _____ (Microsoft Corporation) D:\Windows\system32\mshtml.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 11220992 _____ (Microsoft Corporation) D:\Windows\system32\ieframe.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 04240384 _____ (Microsoft Corporation) D:\Windows\system32\jscript9.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 02724864 _____ (Microsoft Corporation) D:\Windows\system32\mshtml.tlb

2013-11-13 02:49 - 2013-11-13 02:49 - 00610304 _____ (Microsoft Corporation) D:\Windows\system32\jscript.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00553472 _____ (Microsoft Corporation) D:\Windows\system32\jscript9diag.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00454656 _____ (Microsoft Corporation) D:\Windows\system32\vbscript.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00440832 _____ (Microsoft Corporation) D:\Windows\system32\ieui.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00127488 _____ (Microsoft Corporation) D:\Windows\system32\occache.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00116736 _____ (Microsoft Corporation) D:\Windows\system32\iepeers.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00112128 _____ (Microsoft Corporation) D:\Windows\system32\ieUnatt.exe

2013-11-13 02:49 - 2013-11-13 02:49 - 00111616 _____ (Microsoft Corporation) D:\Windows\system32\IEAdvpack.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00108032 _____ (Microsoft Corporation) D:\Windows\system32\ieetwcollector.exe

2013-11-13 02:49 - 2013-11-13 02:49 - 00086016 _____ (Microsoft Corporation) D:\Windows\system32\iesysprep.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00074240 _____ (Microsoft Corporation) D:\Windows\system32\SetIEInstalledDate.exe

2013-11-13 02:49 - 2013-11-13 02:49 - 00061952 _____ (Microsoft Corporation) D:\Windows\system32\MshtmlDac.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00056832 _____ (Microsoft Corporation) D:\Windows\system32\pngfilt.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00051200 _____ (Microsoft Corporation) D:\Windows\system32\ieetwproxystub.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00048640 _____ (Microsoft Corporation) D:\Windows\system32\mshtmler.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00043008 _____ (Microsoft Corporation) D:\Windows\system32\msfeedsbs.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00036352 _____ (Microsoft Corporation) D:\Windows\system32\imgutil.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00013312 _____ (Microsoft Corporation) D:\Windows\system32\mshta.exe

2013-11-13 02:49 - 2013-11-13 02:49 - 00012800 _____ (Microsoft Corporation) D:\Windows\system32\msfeedssync.exe

2013-11-13 02:49 - 2013-11-13 02:49 - 00004096 _____ (Microsoft Corporation) D:\Windows\system32\ieetwcollectorres.dll

2013-11-13 02:45 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) D:\Windows\system32\SmartcardCredentialProvider.dll

2013-11-13 02:45 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) D:\Windows\system32\authui.dll

2013-11-13 02:45 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) D:\Windows\system32\credui.dll

2013-11-13 02:45 - 2013-09-25 03:01 - 00136640 _____ (Microsoft Corporation) D:\Windows\system32\Drivers\ksecpkg.sys

2013-11-13 02:45 - 2013-09-25 03:01 - 00067520 _____ (Microsoft Corporation) D:\Windows\system32\Drivers\ksecdd.sys

2013-11-13 02:45 - 2013-09-25 02:57 - 00792576 _____ (Microsoft Corporation) D:\Windows\system32\TSWorkspace.dll

2013-11-13 02:45 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) D:\Windows\system32\schannel.dll

2013-11-13 02:45 - 2013-09-25 02:57 - 00099840 _____ (Microsoft Corporation) D:\Windows\system32\sspicli.dll

2013-11-13 02:45 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) D:\Windows\system32\secur32.dll

2013-11-13 02:45 - 2013-09-25 02:56 - 01038848 _____ (Microsoft Corporation) D:\Windows\system32\lsasrv.dll

2013-11-13 02:45 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) D:\Windows\system32\ncrypt.dll

2013-11-13 02:45 - 2013-09-25 01:49 - 00022016 _____ (Microsoft Corporation) D:\Windows\system32\lsass.exe

2013-11-13 02:45 - 2013-09-25 01:49 - 00015872 _____ (Microsoft Corporation) D:\Windows\system32\sspisrv.dll

2013-11-13 02:45 - 2013-07-04 13:16 - 00369848 _____ (Microsoft Corporation) D:\Windows\system32\Drivers\cng.sys

2013-11-13 02:44 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) D:\Windows\system32\nshwfp.dll

2013-11-13 02:44 - 2013-10-12 03:01 - 00679424 _____ (Microsoft Corporation) D:\Windows\system32\IKEEXT.DLL

2013-11-13 02:44 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) D:\Windows\system32\FWPUCLNT.DLL

2013-11-13 02:44 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) D:\Windows\system32\crypt32.dll

2013-11-13 02:44 - 2013-10-03 02:58 - 00305152 _____ (Microsoft Corporation) D:\Windows\system32\gdi32.dll

2013-11-12 19:39 - 2013-11-12 19:39 - 00004091 _____ D:\Users\KH\Desktop\Gmer.txt

2013-11-12 19:12 - 2013-11-12 19:12 - 00158888 _____ D:\Windows\Minidump\111213-45879-01.dmp

2013-11-12 19:03 - 2013-11-12 19:03 - 00197992 _____ D:\Windows\Minidump\111213-48765-01.dmp

2013-11-12 18:11 - 2013-11-12 18:11 - 00377856 _____ D:\Users\KH\Desktop\gmer_2.1.19163.exe

2013-11-12 18:01 - 2013-11-12 18:01 - 00000000 ____D D:\FRST

2013-11-12 17:54 - 2013-11-12 17:57 - 00000466 _____ D:\Users\KH\Desktop\defogger_disable.log

2013-11-12 17:54 - 2013-11-12 17:54 - 00000000 _____ D:\Users\KH\defogger_reenable

2013-11-12 17:53 - 2013-11-12 17:53 - 00050477 _____ D:\Users\KH\Desktop\Defogger.exe

2013-11-12 17:48 - 2013-11-12 17:48 - 00000000 ____D D:\Users\KH\Documents\My Received Files

2013-11-12 17:48 - 2013-11-12 17:48 - 00000000 ____D D:\Users\KH\AppData\Roaming\MusicNet

2013-11-12 16:38 - 2013-11-12 16:38 - 00000000 ____D D:\Users\KH\AppData\Local\NVIDIA Corporation

2013-11-10 19:16 - 2013-11-10 19:16 - 00000000 ____D D:\Users\KH\AppData\Roaming\Avira

2013-11-10 19:15 - 2013-11-14 11:20 - 00137208 _____ (Avira Operations GmbH & Co. KG) D:\Windows\system32\Drivers\avipbb.sys

2013-11-10 19:15 - 2013-11-14 11:20 - 00090400 _____ (Avira Operations GmbH & Co. KG) D:\Windows\system32\Drivers\avgntflt.sys

2013-11-10 19:15 - 2013-11-10 19:15 - 00002022 _____ D:\Users\Public\Desktop\Avira Control Center.lnk

2013-11-10 19:15 - 2013-11-10 19:15 - 00000000 ____D D:\Program Files\Avira

2013-11-10 19:15 - 2013-11-10 19:09 - 00067680 _____ (Avira Operations GmbH & Co. KG) D:\Windows\system32\Drivers\avnetflt.sys

2013-11-10 19:15 - 2013-11-10 19:09 - 00037352 _____ (Avira Operations GmbH & Co. KG) D:\Windows\system32\Drivers\avkmgr.sys

2013-11-10 19:15 - 2013-11-10 19:09 - 00028520 _____ (Avira GmbH) D:\Windows\system32\Drivers\ssmdrv.sys

2013-11-10 19:06 - 2013-11-10 19:06 - 02296760 _____ D:\Users\KH\Desktop\avira_internet_security_suite.exe

2013-11-10 12:53 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 13120

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\Program Files\LucasArts

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 69534

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 69500

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 69268

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 66797

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 44421

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 43696

2013-11-10 12:50 - 2013-11-10 12:50 - 00000000 ____D D:\MFT 69327

2013-11-10 12:50 - 2013-11-10 12:50 - 00000000 ____D D:\MFT 43589

2013-11-10 12:49 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 69599

2013-11-10 12:49 - 2013-11-10 12:49 - 00000000 ____D D:\MFT 69537

2013-11-10 12:47 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84970

2013-11-10 12:47 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84925

2013-11-10 12:47 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84808

2013-11-10 12:47 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84152

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 99805

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 95531

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 95075

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 37463

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 2218

2013-11-10 12:44 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84847

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 99176

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 86563

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 84869

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 84110

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 48829

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 46649

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 44695

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 44585

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 44296

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 43434

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 37293

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 29708

2013-11-10 12:42 - 2013-11-10 12:42 - 00000000 ____D D:\MFT 69430

2013-11-10 12:39 - 2013-11-10 12:39 - 00000000 ____D D:\MFT 89457

2013-11-10 12:01 - 2013-11-10 12:01 - 00000000 ____D D:\Users\KH\AppData\Local\Avg2014

2013-11-10 10:57 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 85569

2013-11-10 10:57 - 2013-11-10 10:57 - 00000000 ____D D:\MFT 67386

2013-11-10 10:56 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 85251

2013-11-10 10:56 - 2013-11-10 10:56 - 00000000 ____D D:\MFT 37475

2013-11-10 10:55 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 85443

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 69652

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 69649

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 68594

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 67382

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 66129

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 619

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 47937

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 47931

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 47927

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 21752

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 18213

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 16634

2013-11-10 10:53 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 50434

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 9626

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 69244

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 69059

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 69052

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 68604

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 48730

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 48085

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 43046

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 140

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 10193

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69647

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69626

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69401

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69235

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69064

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69050

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69048

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69041

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 68597

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 68580

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 67403

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 67401

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 67399

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66478

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66472

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66457

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66135

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 28750

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 17744

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 15327

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 15276

2013-11-10 10:43 - 2013-11-10 12:50 - 00000000 ____D D:\MFT 69603

2013-11-10 10:43 - 2013-11-10 12:49 - 00000000 ____D D:\MFT 69491

2013-11-10 10:43 - 2013-11-10 12:49 - 00000000 ____D D:\MFT 69345

2013-11-10 10:43 - 2013-11-10 10:43 - 00000000 ____D D:\MFT 99757

2013-11-10 10:43 - 2013-11-10 10:43 - 00000000 ____D D:\MFT 99544

2013-11-10 10:28 - 2013-11-10 10:28 - 00000000 ____D D:\MFT 17617

2013-11-10 10:28 - 2013-11-10 10:28 - 00000000 ____D D:\MFT 15395

2013-11-10 10:18 - 2013-11-10 10:18 - 00000000 ____D D:\MFT 98455

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 77143

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 64491

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 63646

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 46360

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 45729

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 45723

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 2658

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 16514

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 99960

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 98476

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 6992

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 43812

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 261

2013-11-10 10:03 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 25091

2013-11-10 10:03 - 2013-11-10 12:48 - 00000000 ____D D:\MFT 40319

2013-11-10 10:03 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66778

2013-11-10 10:03 - 2013-11-10 10:03 - 00000000 ____D D:\MFT 71952

2013-11-10 10:03 - 2013-11-10 10:03 - 00000000 ____D D:\MFT 37473

2013-11-10 09:59 - 2013-11-14 22:36 - 00000000 ____D D:\MFT 21750

2013-11-10 09:59 - 2013-11-10 20:31 - 00000000 ____D D:\MFT 63654

2013-11-10 09:59 - 2013-11-10 12:54 - 00000000 ____D D:\MFT 66742

2013-11-10 09:59 - 2013-11-10 12:54 - 00000000 ____D D:\MFT 29672

2013-11-10 09:59 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 84023

2013-11-10 09:59 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 83015

2013-11-10 09:59 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 69451

2013-11-10 09:59 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 69419

2013-11-10 09:59 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 63545

2013-11-10 09:59 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 35760

2013-11-10 09:59 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 65588

2013-11-10 09:59 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 47206

2013-11-10 09:59 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 41339

2013-11-10 09:59 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 27310

2013-11-10 09:59 - 2013-11-10 12:50 - 00000000 ____D D:\MFT 63505

2013-11-10 09:59 - 2013-11-10 12:50 - 00000000 ____D D:\MFT 60957

2013-11-10 09:59 - 2013-11-10 12:48 - 00000000 ____D D:\MFT 49115

2013-11-10 09:59 - 2013-11-10 12:48 - 00000000 ____D D:\MFT 48863

2013-11-10 09:59 - 2013-11-10 12:48 - 00000000 ____D D:\MFT 48501

2013-11-10 09:59 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 82784

2013-11-10 09:59 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 85663

2013-11-10 09:59 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 84838

2013-11-10 09:59 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 83029

2013-11-10 09:59 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 5659

2013-11-10 09:59 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 2519

2013-11-10 09:59 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 86951

2013-11-10 09:59 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 86507

2013-11-10 09:59 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 85679

2013-11-10 09:59 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 85448

2013-11-10 09:59 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 85011

2013-11-10 09:59 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 84088

2013-11-10 09:59 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 5821

2013-11-10 09:59 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 16537

2013-11-10 09:59 - 2013-11-10 12:43 - 00000000 ____D D:\MFT 48806

2013-11-10 09:59 - 2013-11-10 12:43 - 00000000 ____D D:\MFT 39942

2013-11-10 09:59 - 2013-11-10 12:43 - 00000000 ____D D:\MFT 29270

2013-11-10 09:59 - 2013-11-10 10:55 - 00000000 ____D D:\MFT 84701

2013-11-10 09:59 - 2013-11-10 10:55 - 00000000 ____D D:\MFT 49432

2013-11-10 09:59 - 2013-11-10 10:55 - 00000000 ____D D:\MFT 48844

2013-11-10 09:59 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 84233

2013-11-10 09:59 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 71072

2013-11-10 09:59 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 66932

2013-11-10 09:59 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 72750

2013-11-10 09:59 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 72099

2013-11-10 09:59 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 71615

2013-11-10 09:59 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 65795

2013-11-10 09:59 - 2013-11-10 10:33 - 00000000 ____D D:\MFT 99781

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\Users\kh_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\NVIDIA

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 96635

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 87506

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 86926

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 86337

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85766

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85024

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84860

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84812

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84207

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 83366

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 83365

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 82568

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 82545

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 77570

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 77564

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 72209

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 72006

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 60821

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 5768

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 57550

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 52432

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 49035

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 48736

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 34301

2013-11-10 09:57 - 2013-11-10 13:23 - 00000000 ____D D:\MFT 94973

2013-11-10 09:57 - 2013-11-10 12:54 - 00000000 ____D D:\MFT 96010

2013-11-10 09:57 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 69421

2013-11-10 09:57 - 2013-11-10 12:50 - 00000000 ____D D:\MFT 65480

2013-11-10 09:57 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 95553

2013-11-10 09:57 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 95544

2013-11-10 09:57 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84255

2013-11-10 09:57 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 63300

2013-11-10 09:57 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 96060

2013-11-10 09:57 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 95996

2013-11-10 09:57 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 96050

2013-11-10 09:57 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 95557

2013-11-10 09:57 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 95555

2013-11-10 09:57 - 2013-11-10 12:42 - 00000000 ____D D:\MFT 69541

2013-11-10 09:57 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 68592

2013-11-10 09:57 - 2013-11-10 10:03 - 00000000 ____D D:\MFT 33137

2013-11-10 09:57 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85729

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 99424

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 98750

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 96479

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 75295

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69628

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69409

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69403

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69061

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 68602

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 67694

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 66492

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 66482

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 48696

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 48312

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 48307

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 48051

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 41994

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 37486

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 37470

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 25723

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 17498

2013-11-10 09:43 - 2013-11-10 10:43 - 00000000 ____D D:\MFT 44093

2013-11-10 08:20 - 2013-11-10 08:20 - 00002165 _____ D:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk

2013-11-10 08:20 - 2013-11-10 08:20 - 00002145 _____ D:\Users\Public\Desktop\TuneUp Utilities 2014.lnk

2013-11-10 08:20 - 2013-11-10 08:20 - 00000000 ____D D:\Users\KH\AppData\Roaming\TuneUp Software

2013-11-10 08:20 - 2013-11-10 08:20 - 00000000 ____D D:\Program Files\TuneUp Utilities 2014

2013-11-10 08:20 - 2013-10-12 02:28 - 00036664 _____ (TuneUp Software) D:\Windows\system32\TURegOpt.exe

2013-11-10 08:20 - 2013-10-12 02:28 - 00025400 _____ (TuneUp Software) D:\Windows\system32\authuitu.dll

2013-11-10 08:19 - 2013-11-10 08:26 - 00000000 __SHD D:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}

2013-11-10 08:18 - 2013-11-10 08:19 - 32522152 _____ (TuneUp Software) D:\Users\KH\Desktop\TuneUpUtilities2014_de-DE.exe

2013-11-10 07:58 - 2013-11-10 07:58 - 00110072 _____ D:\Users\kh-pc\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-10 07:56 - 2013-11-10 07:58 - 00000000 ____D D:\Users\kh-pc

2013-11-10 07:56 - 2013-11-10 07:56 - 00001431 _____ D:\Users\kh-pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2013-11-10 07:56 - 2013-11-10 07:56 - 00000020 ___SH D:\Users\kh-pc\ntuser.ini

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Startmenü

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Netzwerkumgebung

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Druckumgebung

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Documents\Eigene Musik

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Documents\Eigene Bilder

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\AppData\Local\Verlauf

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 ____D D:\Users\kh-pc\AppData\Roaming\Adobe

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 ____D D:\Users\kh-pc\AppData\Local\VirtualStore

2013-11-10 07:56 - 2013-07-04 21:02 - 00000000 ____D D:\Users\kh-pc\AppData\Roaming\Macromedia

2013-11-10 07:56 - 2009-10-26 14:45 - 00000000 ____D D:\Users\kh-pc\AppData\Local\Microsoft Help

2013-11-10 07:56 - 2009-07-14 05:42 - 00000000 ___RD D:\Users\kh-pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-11-10 07:56 - 2009-07-14 05:37 - 00000000 ___RD D:\Users\kh-pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-11-10 07:48 - 2013-11-10 11:00 - 00000428 _____ D:\Windows\Tasks\ASOService.job

2013-11-10 07:48 - 2013-11-10 07:48 - 00002256 _____ D:\Users\Public\Desktop\Intelligente PC-Wartung.lnk

2013-11-10 07:48 - 2013-11-10 07:48 - 00002204 _____ D:\Users\Public\Desktop\Advanced System Optimizer.lnk

2013-11-10 07:47 - 2013-11-10 07:53 - 00000000 ____D D:\Program Files\Advanced System Optimizer 3

2013-11-09 22:20 - 2013-11-12 17:00 - 00001202 _____ D:\Users\KH\Desktop\Renee Undeleter.lnk

2013-11-09 17:50 - 2013-11-09 17:55 - 00002216 _____ D:\Windows\system32\ASOROSet.bin

2013-11-09 15:33 - 2013-11-09 20:03 - 00271360 _____ D:\Users\KH\Documents\archive.pst

2013-11-09 14:32 - 2013-11-10 10:23 - 00271360 _____ D:\Users\KH\Documents\Outlook.pst

2013-11-09 13:57 - 2013-11-09 13:57 - 00110072 _____ D:\Users\kh_2.KH-PC.000\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 13:54 - 2013-11-09 14:06 - 00000000 ___RD D:\Users\kh_2.KH-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-11-09 13:54 - 2013-11-09 14:06 - 00000000 ____D D:\Users\kh_2.KH-PC.000

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Startmenü

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Netzwerkumgebung

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Druckumgebung

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Documents\Eigene Musik

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Documents\Eigene Bilder

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\AppData\Local\Verlauf

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 ____D D:\Users\kh_2.KH-PC.000\AppData\Roaming\Adobe

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 ____D D:\Users\kh_2.KH-PC.000\AppData\Local\VirtualStore

2013-11-09 13:54 - 2013-07-04 21:02 - 00000000 ____D D:\Users\kh_2.KH-PC.000\AppData\Roaming\Macromedia

2013-11-09 13:54 - 2011-11-12 16:45 - 00000000 ____D D:\Users\kh_2.KH-PC.000\AppData\Local\AskToolbar

2013-11-09 13:54 - 2009-10-26 14:45 - 00000000 ____D D:\Users\kh_2.KH-PC.000\AppData\Local\Microsoft Help

2013-11-09 13:42 - 2013-11-09 13:42 - 00000000 ____D D:\Users\KH\Tracing

2013-11-09 13:36 - 2013-11-09 13:36 - 00000000 ____D D:\Users\KH\Desktop\kh_2

2013-11-09 12:46 - 2013-11-09 14:05 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Local\Nero

2013-11-09 12:46 - 2013-11-09 12:46 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Roaming\Nero

2013-11-09 12:46 - 2013-11-09 12:46 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Local\Nero_AG

2013-11-09 12:43 - 2013-11-09 12:43 - 00110072 _____ D:\Users\kh_2.KH-PC\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 12:39 - 2013-11-09 14:06 - 00000000 ___RD D:\Users\kh_2.KH-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-11-09 12:39 - 2013-11-09 14:06 - 00000000 ____D D:\Users\kh_2.KH-PC

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\Startmenü

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\Netzwerkumgebung

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\Druckumgebung

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\AppData\Local\Verlauf

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Roaming\Adobe

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Local\VirtualStore

2013-11-09 12:39 - 2013-07-04 21:02 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Roaming\Macromedia

2013-11-09 12:39 - 2011-11-12 16:45 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Local\AskToolbar

2013-11-09 12:39 - 2009-10-26 14:45 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Local\Microsoft Help

2013-11-09 12:35 - 2013-11-09 15:33 - 00271360 _____ D:\Users\KH\Documents\bewerbung.pst

2013-11-09 11:32 - 2013-11-09 11:32 - 00000000 ____D D:\Users\KH\AppData\Local\Adobe

2013-11-09 11:27 - 2013-11-09 12:55 - 00271360 _____ D:\Users\KH\Desktop\Outlook.pst

2013-11-09 11:25 - 2013-11-10 15:46 - 00110072 _____ D:\Users\KH\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 11:25 - 2013-11-09 11:25 - 00000000 ____D D:\Users\KH\Documents\Amazon MP3

2013-11-09 10:49 - 2013-11-09 10:49 - 00110072 _____ D:\Users\xrcd73\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 10:48 - 2013-11-09 11:24 - 00000000 ____D D:\Users\xrcd73

2013-11-09 10:48 - 2013-11-09 11:23 - 00000000 ___RD D:\Users\xrcd73\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Startmenü

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Netzwerkumgebung

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Druckumgebung

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Documents\Eigene Musik

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Documents\Eigene Bilder

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\AppData\Local\Verlauf

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 ____D D:\Users\xrcd73\AppData\Roaming\Adobe

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 ____D D:\Users\xrcd73\AppData\Local\VirtualStore

2013-11-09 10:48 - 2013-07-04 21:02 - 00000000 ____D D:\Users\xrcd73\AppData\Roaming\Macromedia

2013-11-09 10:48 - 2011-11-12 16:45 - 00000000 ____D D:\Users\xrcd73\AppData\Local\AskToolbar

2013-11-09 10:48 - 2009-10-26 14:45 - 00000000 ____D D:\Users\xrcd73\AppData\Local\Microsoft Help

2013-11-09 10:41 - 2013-11-09 10:41 - 00000000 ____D D:\Users\kh_2\Desktop\KH

2013-11-09 10:39 - 2013-11-09 10:39 - 00110072 _____ D:\Users\kh_2\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 10:38 - 2013-11-09 11:24 - 00000000 ____D D:\Users\kh_2

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Startmenü

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Netzwerkumgebung

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Druckumgebung

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Documents\Eigene Musik

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Documents\Eigene Bilder

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\AppData\Local\Verlauf

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 ____D D:\Users\kh_2\AppData\Roaming\Adobe

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 ____D D:\Users\kh_2\AppData\Local\VirtualStore

2013-11-09 10:38 - 2013-07-04 21:02 - 00000000 ____D D:\Users\kh_2\AppData\Roaming\Macromedia

2013-11-09 10:38 - 2011-11-12 16:45 - 00000000 ____D D:\Users\kh_2\AppData\Local\AskToolbar

2013-11-09 10:38 - 2009-10-26 14:45 - 00000000 ____D D:\Users\kh_2\AppData\Local\Microsoft Help

2013-11-08 21:08 - 2013-11-09 19:33 - 00000000 ____D D:\Windows\system32\config\RCCBakup

2013-11-08 19:00 - 2013-11-08 19:00 - 00129536 _____ D:\Users\Public\AlexaNSISPlugin.4168.dll

2013-11-08 17:30 - 2013-11-09 14:05 - 00000000 ____D D:\Users\KH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie

2013-11-08 17:29 - 2013-11-14 18:03 - 00000000 ____D D:\Program Files\Uniblue

2013-11-08 17:29 - 2013-11-09 14:05 - 00000000 ____D D:\Program Files\iRobinHood

2013-11-08 17:28 - 2013-11-09 14:06 - 00000000 ____D D:\Program Files\CoolPic

2013-11-08 17:28 - 2013-11-09 14:05 - 00000000 ____D D:\Program Files\Mobogenie

2013-10-29 10:51 - 2013-11-10 12:01 - 00001812 _____ D:\Users\KH\Desktop\Gutschein_5_Tage_im_Schloss_Purschenstein_im_Erzgebirge_fÃ¼r_zwei_Personen.lnk

2013-10-28 21:13 - 2013-10-23 11:24 - 22933792 _____ (NVIDIA Corporation) D:\Windows\system32\nvoglv32.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 17560352 _____ (NVIDIA Corporation) D:\Windows\system32\nvcompiler.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 10410272 _____ (NVIDIA Corporation) D:\Windows\system32\Drivers\nvlddmkm.sys

2013-10-28 21:13 - 2013-10-23 11:24 - 09524088 _____ (NVIDIA Corporation) D:\Windows\system32\nvcuda.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 09480328 _____ (NVIDIA Corporation) D:\Windows\system32\nvopencl.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 02946848 _____ (NVIDIA Corporation) D:\Windows\system32\nvcuvid.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 02747168 _____ (NVIDIA Corporation) D:\Windows\system32\nvcuvenc.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 01049888 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispco3233165.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 00893728 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispgenco3233165.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 00599840 _____ (NVIDIA Corporation) D:\Windows\system32\NvFBC.dll

2013-10-28 21:13 - 2013-10-23 11:24 - 00560416 _____ (NVIDIA Corporation) D:\Windows\system32\NvIFR.dll

2013-10-28 21:07 - 2013-11-08 21:47 - 00955168 _____ (NVIDIA Corporation) D:\Windows\system32\nvspcap.dll

2013-10-28 21:03 - 2013-09-28 00:01 - 00033568 _____ (NVIDIA Corporation) D:\Windows\system32\Drivers\nvvad32v.sys

2013-10-28 10:56 - 2013-11-10 12:01 - 00001327 _____ D:\Users\KH\Desktop\Kreativitätskindertagesstätte 13.11.13.lnk

2013-10-24 19:01 - 2013-11-10 12:01 - 00001367 _____ D:\Users\KH\Desktop\kita 001.lnk

2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) D:\Windows\system32\nvStreaming.exe

2013-10-22 19:07 - 2013-10-16 01:41 - 01049888 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispco3233158.dll

2013-10-22 19:07 - 2013-10-16 01:41 - 00893728 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispgenco3233158.dll

2013-10-21 08:52 - 2013-11-10 12:01 - 00001327 _____ D:\Users\KH\Desktop\Anja Hoffmann Erzieherin Lotusblüte.lnk

2013-10-21 05:05 - 2013-10-21 05:05 - 00264616 _____ (Oracle Corporation) D:\Windows\system32\javaws.exe

2013-10-21 05:05 - 2013-10-21 05:05 - 00175016 _____ (Oracle Corporation) D:\Windows\system32\javaw.exe

2013-10-21 05:05 - 2013-10-21 05:05 - 00174504 _____ (Oracle Corporation) D:\Windows\system32\java.exe

2013-10-21 05:05 - 2013-10-21 05:05 - 00094632 _____ (Oracle Corporation) D:\Windows\system32\WindowsAccessBridge.dll

2013-10-21 05:05 - 2013-10-21 05:05 - 00000000 ____D D:\ProgramData\Oracle

2013-10-21 05:05 - 2013-10-21 05:05 - 00000000 ____D D:\Program Files\Java

2013-10-21 05:05 - 2013-10-21 05:05 - 00000000 ____D D:\Program Files\Common Files\Java
 

==================== One Month Modified Files and Folders =======
 

2013-11-15 21:48 - 2013-11-15 21:48 - 00009344 _____ D:\Users\KH\Desktop\FRST.txt

2013-11-15 21:47 - 2013-11-15 21:47 - 01090529 _____ (Farbar) D:\Users\KH\Desktop\FRST.exe

2013-11-15 21:33 - 2013-11-15 21:33 - 00891184 _____ D:\Users\KH\Desktop\SecurityCheck.exe

2013-11-15 21:30 - 2013-11-15 19:16 - 00000000 ____D D:\Program Files\ESET

2013-11-15 21:25 - 2009-10-25 15:35 - 01919436 _____ D:\Windows\WindowsUpdate.log

2013-11-15 18:30 - 2009-07-14 05:34 - 00014928 ____H D:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-11-15 18:30 - 2009-07-14 05:34 - 00014928 ____H D:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-11-15 18:26 - 2009-10-25 15:54 - 01621084 _____ D:\Windows\system32\PerfStringBackup.INI

2013-11-15 18:22 - 2009-10-25 16:17 - 00000000 ____D D:\ProgramData\NVIDIA

2013-11-15 18:22 - 2009-07-14 05:53 - 00000006 ____H D:\Windows\Tasks\SA.DAT

2013-11-15 18:22 - 2009-07-14 05:39 - 00327882 _____ D:\Windows\setupact.log

2013-11-15 18:15 - 2013-11-15 18:15 - 00000000 ____D D:\Users\kh-pc\AppData\Roaming\Avira

2013-11-15 18:14 - 2013-11-15 18:14 - 00000000 ____D D:\Users\kh-pc\AppData\Roaming\Nero

2013-11-15 18:14 - 2013-11-15 18:14 - 00000000 ____D D:\Users\kh-pc\AppData\Local\Nero_AG

2013-11-15 18:14 - 2013-11-15 18:13 - 00000000 ____D D:\Users\kh-pc\AppData\Local\Nero

2013-11-15 18:10 - 2013-11-15 18:10 - 00000000 ____D D:\Users\kh-pc\AppData\Roaming\Systweak

2013-11-14 22:41 - 2009-10-25 16:17 - 00148126 _____ D:\Windows\PFRO.log

2013-11-14 22:41 - 2009-07-14 09:47 - 00000000 ____D D:\Windows\DigitalLocker

2013-11-14 22:36 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 21750

2013-11-14 21:16 - 2013-11-14 21:15 - 00000000 ___SD D:\ComboFix

2013-11-14 21:15 - 2013-11-13 16:47 - 00000000 ____D D:\Qoobox

2013-11-14 20:11 - 2012-04-09 17:29 - 00692616 _____ (Adobe Systems Incorporated) D:\Windows\system32\FlashPlayerApp.exe

2013-11-14 20:11 - 2011-05-19 04:59 - 00071048 _____ (Adobe Systems Incorporated) D:\Windows\system32\FlashPlayerCPLApp.cpl

2013-11-14 18:29 - 2013-11-14 18:29 - 00000000 ____D D:\Users\KH\AppData\Roaming\Systweak

2013-11-14 18:22 - 2013-11-14 18:22 - 00001409 _____ D:\Users\KH\Desktop\JRT.txt

2013-11-14 18:19 - 2013-11-14 18:19 - 00000000 ____D D:\Windows\ERUNT

2013-11-14 18:17 - 2013-11-14 18:17 - 01034531 _____ (Thisisu) D:\Users\KH\Desktop\JRT.exe

2013-11-14 18:13 - 2013-11-14 18:13 - 00040262 _____ D:\Users\KH\Desktop\Quarantine.txt

2013-11-14 18:12 - 2013-11-14 18:12 - 00015665 _____ D:\Users\KH\Desktop\AdwCleaner[R0].txt

2013-11-14 18:12 - 2013-11-14 18:12 - 00015441 _____ D:\Users\KH\Desktop\AdwCleaner[S0].txt

2013-11-14 18:03 - 2013-11-14 18:00 - 00000000 ____D D:\AdwCleaner

2013-11-14 18:03 - 2013-11-08 17:29 - 00000000 ____D D:\Program Files\Uniblue

2013-11-14 18:03 - 2012-12-21 13:42 - 00000000 ____D D:\Program Files\Mozilla Firefox

2013-11-14 17:58 - 2013-11-14 17:58 - 01085542 _____ D:\Users\KH\Desktop\adwcleaner.exe

2013-11-14 17:44 - 2009-07-14 05:52 - 00000000 ____D D:\Windows\addins

2013-11-14 17:23 - 2013-11-14 17:23 - 00001077 _____ D:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-11-14 17:23 - 2013-11-14 17:23 - 00000000 ____D D:\Users\KH\AppData\Roaming\Malwarebytes

2013-11-14 17:23 - 2013-11-14 17:23 - 00000000 ____D D:\ProgramData\Malwarebytes

2013-11-14 17:23 - 2013-11-14 17:23 - 00000000 ____D D:\Program Files\Malwarebytes' Anti-Malware

2013-11-14 16:42 - 2013-11-14 16:42 - 17669000 _____ (Adobe Systems Incorporated) D:\Users\KH\Downloads\flashplayer_11_ax_debug.exe

2013-11-14 11:20 - 2013-11-10 19:15 - 00137208 _____ (Avira Operations GmbH & Co. KG) D:\Windows\system32\Drivers\avipbb.sys

2013-11-14 11:20 - 2013-11-10 19:15 - 00090400 _____ (Avira Operations GmbH & Co. KG) D:\Windows\system32\Drivers\avgntflt.sys

2013-11-13 21:14 - 2009-07-14 03:37 - 00000000 ____D D:\Windows\rescache

2013-11-13 17:13 - 2013-11-13 17:13 - 00023722 _____ D:\Users\KH\Desktop\ComboFix.txt

2013-11-13 17:12 - 2013-11-13 17:12 - 00003279 _____ D:\Users\KH\Desktop\ComboFix-quarantined-files.txt

2013-11-13 17:06 - 2013-11-13 17:06 - 00023722 _____ D:\ComboFix.txt

2013-11-13 17:06 - 2009-07-14 03:37 - 00000000 __RHD D:\Users\Default

2013-11-13 17:06 - 2009-07-14 03:37 - 00000000 ___RD D:\Users\Public

2013-11-13 17:05 - 2013-11-13 16:47 - 00000000 ____D D:\Windows\erdnt

2013-11-13 17:01 - 2009-07-14 03:04 - 00000215 _____ D:\Windows\system.ini

2013-11-13 16:59 - 2009-07-14 03:03 - 51380224 _____ D:\Windows\system32\config\software.bak

2013-11-13 16:59 - 2009-07-14 03:03 - 21757952 _____ D:\Windows\system32\config\system.bak

2013-11-13 16:59 - 2009-07-14 03:03 - 00524288 _____ D:\Windows\system32\config\default.bak

2013-11-13 16:59 - 2009-07-14 03:03 - 00262144 _____ D:\Windows\system32\config\sam.bak

2013-11-13 16:59 - 2009-07-14 03:03 - 00028672 _____ D:\Windows\system32\config\security.bak

2013-11-13 16:33 - 2013-11-13 16:33 - 05147957 ____R (Swearware) D:\Users\KH\Desktop\ComboFix.exe

2013-11-13 05:52 - 2009-07-14 09:47 - 00000000 ____D D:\Windows\system32\Drivers\de-DE

2013-11-13 05:52 - 2009-07-14 03:37 - 00000000 ____D D:\Windows\system32\de-DE

2013-11-13 02:56 - 2009-10-26 12:30 - 00000000 ____D D:\ProgramData\Microsoft Help

2013-11-13 02:53 - 2013-11-13 02:49 - 00009945 _____ D:\Windows\IE11_main.log

2013-11-13 02:50 - 2013-11-13 02:50 - 02166272 _____ (Microsoft Corporation) D:\Windows\system32\iertutil.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 01926656 _____ (Microsoft Corporation) D:\Windows\system32\inetcpl.cpl

2013-11-13 02:50 - 2013-11-13 02:50 - 01818112 _____ (Microsoft Corporation) D:\Windows\system32\wininet.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 01156608 _____ (Microsoft Corporation) D:\Windows\system32\urlmon.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 01051136 _____ (Microsoft Corporation) D:\Windows\system32\mshtmlmedia.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00703488 _____ (Microsoft Corporation) D:\Windows\system32\ieapfltr.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00646144 _____ (Microsoft Corporation) D:\Windows\system32\MsSpellCheckingFacility.exe

2013-11-13 02:50 - 2013-11-13 02:50 - 00645120 _____ (Microsoft Corporation) D:\Windows\system32\jsIntl.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00616104 _____ (Microsoft Corporation) D:\Windows\system32\ieapfltr.dat

2013-11-13 02:50 - 2013-11-13 02:50 - 00523776 _____ (Microsoft Corporation) D:\Windows\system32\msfeeds.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00367104 _____ (Microsoft Corporation) D:\Windows\system32\dxtmsft.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00337408 _____ (Microsoft Corporation) D:\Windows\system32\html.iec

2013-11-13 02:50 - 2013-11-13 02:50 - 00244736 _____ (Microsoft Corporation) D:\Windows\system32\dxtrans.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00238288 _____ (Microsoft Corporation) D:\Windows\system32\iedkcs32.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00233472 _____ (Microsoft Corporation) D:\Windows\system32\url.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00208896 _____ (Microsoft Corporation) D:\Windows\system32\ie4uinit.exe

2013-11-13 02:50 - 2013-11-13 02:50 - 00208384 _____ (Microsoft Corporation) D:\Windows\system32\webcheck.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00194048 _____ (Microsoft Corporation) D:\Windows\system32\elshyph.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00182272 _____ (Microsoft Corporation) D:\Windows\system32\msls31.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00164864 _____ (Microsoft Corporation) D:\Windows\system32\msrating.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00151552 _____ (Microsoft Corporation) D:\Windows\system32\iexpress.exe

2013-11-13 02:50 - 2013-11-13 02:50 - 00139264 _____ (Microsoft Corporation) D:\Windows\system32\wextract.exe

2013-11-13 02:50 - 2013-11-13 02:50 - 00083456 _____ (Microsoft Corporation) D:\Windows\system32\inseng.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00071680 _____ (Microsoft Corporation) D:\Windows\system32\RegisterIEPKEYs.exe

2013-11-13 02:50 - 2013-11-13 02:50 - 00069632 _____ (Microsoft Corporation) D:\Windows\system32\mshtmled.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00069120 _____ (Microsoft Corporation) D:\Windows\system32\icardie.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00062464 _____ (Microsoft Corporation) D:\Windows\system32\tdc.ocx

2013-11-13 02:50 - 2013-11-13 02:50 - 00061952 _____ (Microsoft Corporation) D:\Windows\system32\iesetup.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00043008 _____ (Microsoft Corporation) D:\Windows\system32\jsproxy.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00034816 _____ (Microsoft Corporation) D:\Windows\system32\JavaScriptCollectionAgent.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00032768 _____ (Microsoft Corporation) D:\Windows\system32\iernonce.dll

2013-11-13 02:50 - 2013-11-13 02:50 - 00024576 _____ (Microsoft Corporation) D:\Windows\system32\licmgr10.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 17142784 _____ (Microsoft Corporation) D:\Windows\system32\mshtml.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 11220992 _____ (Microsoft Corporation) D:\Windows\system32\ieframe.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 04240384 _____ (Microsoft Corporation) D:\Windows\system32\jscript9.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 02724864 _____ (Microsoft Corporation) D:\Windows\system32\mshtml.tlb

2013-11-13 02:49 - 2013-11-13 02:49 - 00610304 _____ (Microsoft Corporation) D:\Windows\system32\jscript.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00553472 _____ (Microsoft Corporation) D:\Windows\system32\jscript9diag.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00454656 _____ (Microsoft Corporation) D:\Windows\system32\vbscript.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00440832 _____ (Microsoft Corporation) D:\Windows\system32\ieui.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00127488 _____ (Microsoft Corporation) D:\Windows\system32\occache.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00116736 _____ (Microsoft Corporation) D:\Windows\system32\iepeers.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00112128 _____ (Microsoft Corporation) D:\Windows\system32\ieUnatt.exe

2013-11-13 02:49 - 2013-11-13 02:49 - 00111616 _____ (Microsoft Corporation) D:\Windows\system32\IEAdvpack.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00108032 _____ (Microsoft Corporation) D:\Windows\system32\ieetwcollector.exe

2013-11-13 02:49 - 2013-11-13 02:49 - 00086016 _____ (Microsoft Corporation) D:\Windows\system32\iesysprep.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00074240 _____ (Microsoft Corporation) D:\Windows\system32\SetIEInstalledDate.exe

2013-11-13 02:49 - 2013-11-13 02:49 - 00061952 _____ (Microsoft Corporation) D:\Windows\system32\MshtmlDac.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00056832 _____ (Microsoft Corporation) D:\Windows\system32\pngfilt.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00051200 _____ (Microsoft Corporation) D:\Windows\system32\ieetwproxystub.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00048640 _____ (Microsoft Corporation) D:\Windows\system32\mshtmler.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00043008 _____ (Microsoft Corporation) D:\Windows\system32\msfeedsbs.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00036352 _____ (Microsoft Corporation) D:\Windows\system32\imgutil.dll

2013-11-13 02:49 - 2013-11-13 02:49 - 00013312 _____ (Microsoft Corporation) D:\Windows\system32\mshta.exe

2013-11-13 02:49 - 2013-11-13 02:49 - 00012800 _____ (Microsoft Corporation) D:\Windows\system32\msfeedssync.exe

2013-11-13 02:49 - 2013-11-13 02:49 - 00004096 _____ (Microsoft Corporation) D:\Windows\system32\ieetwcollectorres.dll

2013-11-13 02:48 - 2013-07-11 17:06 - 00000000 ____D D:\Windows\system32\MRT

2013-11-13 02:46 - 2009-10-25 16:23 - 80340640 _____ (Microsoft Corporation) D:\Windows\system32\MRT.exe

2013-11-12 19:39 - 2013-11-12 19:39 - 00004091 _____ D:\Users\KH\Desktop\Gmer.txt

2013-11-12 19:12 - 2013-11-12 19:12 - 00158888 _____ D:\Windows\Minidump\111213-45879-01.dmp

2013-11-12 19:12 - 2012-06-27 20:31 - 00000000 ____D D:\Windows\Minidump

2013-11-12 19:03 - 2013-11-12 19:03 - 00197992 _____ D:\Windows\Minidump\111213-48765-01.dmp

2013-11-12 18:58 - 2009-10-25 15:53 - 00000000 ____D D:\Users\KH\AppData\Local\VirtualStore

2013-11-12 18:39 - 2013-07-27 16:49 - 00001912 _____ D:\Windows\epplauncher.mif

2013-11-12 18:11 - 2013-11-12 18:11 - 00377856 _____ D:\Users\KH\Desktop\gmer_2.1.19163.exe

2013-11-12 18:01 - 2013-11-12 18:01 - 00000000 ____D D:\FRST

2013-11-12 17:57 - 2013-11-12 17:54 - 00000466 _____ D:\Users\KH\Desktop\defogger_disable.log

2013-11-12 17:54 - 2013-11-12 17:54 - 00000000 _____ D:\Users\KH\defogger_reenable

2013-11-12 17:54 - 2009-10-25 15:53 - 00000000 ____D D:\Users\KH

2013-11-12 17:53 - 2013-11-12 17:53 - 00050477 _____ D:\Users\KH\Desktop\Defogger.exe

2013-11-12 17:48 - 2013-11-12 17:48 - 00000000 ____D D:\Users\KH\Documents\My Received Files

2013-11-12 17:48 - 2013-11-12 17:48 - 00000000 ____D D:\Users\KH\AppData\Roaming\MusicNet

2013-11-12 17:00 - 2013-11-09 22:20 - 00001202 _____ D:\Users\KH\Desktop\Renee Undeleter.lnk

2013-11-12 16:38 - 2013-11-12 16:38 - 00000000 ____D D:\Users\KH\AppData\Local\NVIDIA Corporation

2013-11-10 20:59 - 2009-07-14 05:41 - 00000749 ___RH D:\Windows\WindowsShell.Manifest

2013-11-10 20:59 - 2009-07-14 03:37 - 00000000 __RHD D:\Users\Public\Libraries

2013-11-10 20:31 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 63654

2013-11-10 19:16 - 2013-11-10 19:16 - 00000000 ____D D:\Users\KH\AppData\Roaming\Avira

2013-11-10 19:15 - 2013-11-10 19:15 - 00002022 _____ D:\Users\Public\Desktop\Avira Control Center.lnk

2013-11-10 19:15 - 2013-11-10 19:15 - 00000000 ____D D:\Program Files\Avira

2013-11-10 19:15 - 2011-11-12 16:45 - 00000000 ____D D:\ProgramData\Avira

2013-11-10 19:09 - 2013-11-10 19:15 - 00067680 _____ (Avira Operations GmbH & Co. KG) D:\Windows\system32\Drivers\avnetflt.sys

2013-11-10 19:09 - 2013-11-10 19:15 - 00037352 _____ (Avira Operations GmbH & Co. KG) D:\Windows\system32\Drivers\avkmgr.sys

2013-11-10 19:09 - 2013-11-10 19:15 - 00028520 _____ (Avira GmbH) D:\Windows\system32\Drivers\ssmdrv.sys

2013-11-10 19:06 - 2013-11-10 19:06 - 02296760 _____ D:\Users\KH\Desktop\avira_internet_security_suite.exe

2013-11-10 15:46 - 2013-11-09 11:25 - 00110072 _____ D:\Users\KH\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-10 15:46 - 2009-07-14 05:33 - 00415560 _____ D:\Windows\system32\FNTCACHE.DAT

2013-11-10 15:43 - 2011-03-20 15:40 - 00000000 ____D D:\Program Files\Microsoft Works

2013-11-10 15:43 - 2011-03-20 15:40 - 00000000 ____D D:\Program Files\Common Files\DESIGNER

2013-11-10 15:42 - 2009-07-14 09:57 - 00000000 ____D D:\Windows\ShellNew

2013-11-10 15:37 - 2009-07-14 03:04 - 00000478 _____ D:\Windows\win.ini

2013-11-10 13:23 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 94973

2013-11-10 12:54 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 66742

2013-11-10 12:54 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 29672

2013-11-10 12:54 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 96010

2013-11-10 12:53 - 2013-11-10 12:53 - 00000000 ____D D:\MFT 13120

2013-11-10 12:53 - 2013-11-10 12:49 - 00000000 ____D D:\MFT 69599

2013-11-10 12:53 - 2013-11-10 10:55 - 00000000 ____D D:\MFT 85443

2013-11-10 12:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84023

2013-11-10 12:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 83015

2013-11-10 12:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 69451

2013-11-10 12:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 69419

2013-11-10 12:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 63545

2013-11-10 12:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 35760

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\Program Files\LucasArts

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 69534

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 69500

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 69268

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 66797

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 44421

2013-11-10 12:51 - 2013-11-10 12:51 - 00000000 ____D D:\MFT 43696

2013-11-10 12:51 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 50434

2013-11-10 12:51 - 2013-11-10 10:03 - 00000000 ____D D:\MFT 25091

2013-11-10 12:51 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 65588

2013-11-10 12:51 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 47206

2013-11-10 12:51 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 41339

2013-11-10 12:51 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 27310

2013-11-10 12:51 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69421

2013-11-10 12:50 - 2013-11-10 12:50 - 00000000 ____D D:\MFT 69327

2013-11-10 12:50 - 2013-11-10 12:50 - 00000000 ____D D:\MFT 43589

2013-11-10 12:50 - 2013-11-10 10:43 - 00000000 ____D D:\MFT 69603

2013-11-10 12:50 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 63505

2013-11-10 12:50 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 60957

2013-11-10 12:50 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 65480

2013-11-10 12:49 - 2013-11-10 12:49 - 00000000 ____D D:\MFT 69537

2013-11-10 12:49 - 2013-11-10 10:43 - 00000000 ____D D:\MFT 69491

2013-11-10 12:49 - 2013-11-10 10:43 - 00000000 ____D D:\MFT 69345

2013-11-10 12:48 - 2013-11-10 10:03 - 00000000 ____D D:\MFT 40319

2013-11-10 12:48 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 49115

2013-11-10 12:48 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 48863

2013-11-10 12:48 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 48501

2013-11-10 12:47 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84970

2013-11-10 12:47 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84925

2013-11-10 12:47 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84808

2013-11-10 12:47 - 2013-11-10 12:47 - 00000000 ____D D:\MFT 84152

2013-11-10 12:47 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 84847

2013-11-10 12:47 - 2013-11-10 10:56 - 00000000 ____D D:\MFT 85251

2013-11-10 12:47 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 82784

2013-11-10 12:47 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 95553

2013-11-10 12:47 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 95544

2013-11-10 12:47 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 84255

2013-11-10 12:47 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 63300

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 99805

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 95531

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 95075

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 37463

2013-11-10 12:45 - 2013-11-10 12:45 - 00000000 ____D D:\MFT 2218

2013-11-10 12:45 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85663

2013-11-10 12:45 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84838

2013-11-10 12:45 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 83029

2013-11-10 12:45 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 5659

2013-11-10 12:45 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 2519

2013-11-10 12:45 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 96060

2013-11-10 12:45 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 95996

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 99176

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 86563

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 84869

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 84110

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 48829

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 46649

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 44695

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 44585

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 44296

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 43434

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 37293

2013-11-10 12:44 - 2013-11-10 12:44 - 00000000 ____D D:\MFT 29708

2013-11-10 12:44 - 2013-11-10 10:57 - 00000000 ____D D:\MFT 85569

2013-11-10 12:44 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 86951

2013-11-10 12:44 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 86507

2013-11-10 12:44 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85679

2013-11-10 12:44 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85448

2013-11-10 12:44 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85011

2013-11-10 12:44 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84088

2013-11-10 12:44 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 5821

2013-11-10 12:44 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 16537

2013-11-10 12:44 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 96050

2013-11-10 12:44 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 95557

2013-11-10 12:44 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 95555

2013-11-10 12:43 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 48806

2013-11-10 12:43 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 39942

2013-11-10 12:43 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 29270

2013-11-10 12:42 - 2013-11-10 12:42 - 00000000 ____D D:\MFT 69430

2013-11-10 12:42 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69541

2013-11-10 12:41 - 2013-04-18 05:32 - 00000000 ____D D:\Users\KH\AppData\Roaming\player

2013-11-10 12:39 - 2013-11-10 12:39 - 00000000 ____D D:\MFT 89457

2013-11-10 12:01 - 2013-11-10 12:01 - 00000000 ____D D:\Users\KH\AppData\Local\Avg2014

2013-11-10 12:01 - 2013-10-29 10:51 - 00001812 _____ D:\Users\KH\Desktop\Gutschein_5_Tage_im_Schloss_Purschenstein_im_Erzgebirge_fÃ¼r_zwei_Personen.lnk

2013-11-10 12:01 - 2013-10-28 10:56 - 00001327 _____ D:\Users\KH\Desktop\Kreativitätskindertagesstätte 13.11.13.lnk

2013-11-10 12:01 - 2013-10-24 19:01 - 00001367 _____ D:\Users\KH\Desktop\kita 001.lnk

2013-11-10 12:01 - 2013-10-21 08:52 - 00001327 _____ D:\Users\KH\Desktop\Anja Hoffmann Erzieherin Lotusblüte.lnk

2013-11-10 11:40 - 2013-01-24 13:07 - 00000000 ____D D:\Users\KH\AppData\Local\Nero

2013-11-10 11:21 - 2009-07-14 03:37 - 00000000 ____D D:\Windows\system32\NDF

2013-11-10 11:00 - 2013-11-10 07:48 - 00000428 _____ D:\Windows\Tasks\ASOService.job

2013-11-10 10:57 - 2013-11-10 10:57 - 00000000 ____D D:\MFT 67386

2013-11-10 10:56 - 2013-11-10 10:56 - 00000000 ____D D:\MFT 37475

2013-11-10 10:55 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84701

2013-11-10 10:55 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 49432

2013-11-10 10:55 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 48844

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 69652

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 69649

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 68594

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 67382

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 66129

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 619

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 47937

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 47931

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 47927

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 21752

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 18213

2013-11-10 10:54 - 2013-11-10 10:54 - 00000000 ____D D:\MFT 16634

2013-11-10 10:54 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84233

2013-11-10 10:54 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 71072

2013-11-10 10:54 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 66932

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 9626

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 69244

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 69059

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 69052

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 68604

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 48730

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 48085

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 43046

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 140

2013-11-10 10:53 - 2013-11-10 10:53 - 00000000 ____D D:\MFT 10193

2013-11-10 10:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 72750

2013-11-10 10:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 72099

2013-11-10 10:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 71615

2013-11-10 10:53 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 65795

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69647

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69626

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69401

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69235

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69064

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69050

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69048

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 69041

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 68597

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 68580

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 67403

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 67401

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 67399

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66478

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66472

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66457

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 66135

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 28750

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 17744

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 15327

2013-11-10 10:52 - 2013-11-10 10:52 - 00000000 ____D D:\MFT 15276

2013-11-10 10:52 - 2013-11-10 10:03 - 00000000 ____D D:\MFT 66778

2013-11-10 10:52 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 68592

2013-11-10 10:52 - 2013-07-19 18:07 - 00000000 ____D D:\Users\KH\AppData\Roaming\DVDVideoSoft

2013-11-10 10:43 - 2013-11-10 10:43 - 00000000 ____D D:\MFT 99757

2013-11-10 10:43 - 2013-11-10 10:43 - 00000000 ____D D:\MFT 99544

2013-11-10 10:43 - 2013-11-10 09:43 - 00000000 ____D D:\MFT 44093

2013-11-10 10:33 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 99781

2013-11-10 10:28 - 2013-11-10 10:28 - 00000000 ____D D:\MFT 17617

2013-11-10 10:28 - 2013-11-10 10:28 - 00000000 ____D D:\MFT 15395

2013-11-10 10:27 - 2009-10-26 13:43 - 00000000 ____D D:\ProgramData\SFirm32

2013-11-10 10:23 - 2013-11-09 14:32 - 00271360 _____ D:\Users\KH\Documents\Outlook.pst

2013-11-10 10:18 - 2013-11-10 10:18 - 00000000 ____D D:\MFT 98455

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 77143

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 64491

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 63646

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 46360

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 45729

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 45723

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 2658

2013-11-10 10:16 - 2013-11-10 10:16 - 00000000 ____D D:\MFT 16514

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 99960

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 98476

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 6992

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 43812

2013-11-10 10:10 - 2013-11-10 10:10 - 00000000 ____D D:\MFT 261

2013-11-10 10:03 - 2013-11-10 10:03 - 00000000 ____D D:\MFT 71952

2013-11-10 10:03 - 2013-11-10 10:03 - 00000000 ____D D:\MFT 37473

2013-11-10 10:03 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 33137

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\Users\kh_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\NVIDIA

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 96635

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 87506

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 86926

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 86337

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85766

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 85024

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84860

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84812

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 84207

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 83366

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 83365

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 82568

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 82545

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 77570

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 77564

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 72209

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 72006

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 60821

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 5768

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 57550

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 52432

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 49035

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 48736

2013-11-10 09:59 - 2013-11-10 09:59 - 00000000 ____D D:\MFT 34301

2013-11-10 09:59 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 85729

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 99424

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 98750

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 96479

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 75295

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69628

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69409

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69403

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 69061

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 68602

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 67694

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 66492

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 66482

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 48696

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 48312

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 48307

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 48051

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 41994

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 37486

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 37470

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 25723

2013-11-10 09:57 - 2013-11-10 09:57 - 00000000 ____D D:\MFT 17498

2013-11-10 09:46 - 2009-10-25 19:09 - 00000000 ____D D:\Users\KH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2013-11-10 08:26 - 2013-11-10 08:19 - 00000000 __SHD D:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}

2013-11-10 08:26 - 2013-09-09 13:36 - 00000000 __SHD D:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}

2013-11-10 08:26 - 2009-10-26 14:22 - 00000000 ___HD D:\ProgramData\{8F84A085-61F5-420C-99B2-2BCE2C37763C}

2013-11-10 08:26 - 2009-10-26 12:30 - 00000000 ____D D:\Users\KH\AppData\Local\Microsoft Help

2013-11-10 08:21 - 2013-09-09 13:36 - 00000000 ____D D:\ProgramData\TuneUp Software

2013-11-10 08:20 - 2013-11-10 08:20 - 00002165 _____ D:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk

2013-11-10 08:20 - 2013-11-10 08:20 - 00002145 _____ D:\Users\Public\Desktop\TuneUp Utilities 2014.lnk

2013-11-10 08:20 - 2013-11-10 08:20 - 00000000 ____D D:\Users\KH\AppData\Roaming\TuneUp Software

2013-11-10 08:20 - 2013-11-10 08:20 - 00000000 ____D D:\Program Files\TuneUp Utilities 2014

2013-11-10 08:19 - 2013-11-10 08:18 - 32522152 _____ (TuneUp Software) D:\Users\KH\Desktop\TuneUpUtilities2014_de-DE.exe

2013-11-10 07:58 - 2013-11-10 07:58 - 00110072 _____ D:\Users\kh-pc\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-10 07:58 - 2013-11-10 07:56 - 00000000 ____D D:\Users\kh-pc

2013-11-10 07:56 - 2013-11-10 07:56 - 00001431 _____ D:\Users\kh-pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2013-11-10 07:56 - 2013-11-10 07:56 - 00000020 ___SH D:\Users\kh-pc\ntuser.ini

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Startmenü

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Netzwerkumgebung

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Druckumgebung

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Documents\Eigene Musik

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\Documents\Eigene Bilder

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 _SHDL D:\Users\kh-pc\AppData\Local\Verlauf

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 ____D D:\Users\kh-pc\AppData\Roaming\Adobe

2013-11-10 07:56 - 2013-11-10 07:56 - 00000000 ____D D:\Users\kh-pc\AppData\Local\VirtualStore

2013-11-10 07:53 - 2013-11-10 07:47 - 00000000 ____D D:\Program Files\Advanced System Optimizer 3

2013-11-10 07:48 - 2013-11-10 07:48 - 00002256 _____ D:\Users\Public\Desktop\Intelligente PC-Wartung.lnk

2013-11-10 07:48 - 2013-11-10 07:48 - 00002204 _____ D:\Users\Public\Desktop\Advanced System Optimizer.lnk

2013-11-09 20:25 - 2013-01-24 13:08 - 00000000 ____D D:\Users\KH\AppData\Roaming\Nero

2013-11-09 20:03 - 2013-11-09 15:33 - 00271360 _____ D:\Users\KH\Documents\archive.pst

2013-11-09 19:33 - 2013-11-08 21:08 - 00000000 ____D D:\Windows\system32\config\RCCBakup

2013-11-09 17:55 - 2013-11-09 17:50 - 00002216 _____ D:\Windows\system32\ASOROSet.bin

2013-11-09 15:33 - 2013-11-09 12:35 - 00271360 _____ D:\Users\KH\Documents\bewerbung.pst

2013-11-09 14:06 - 2013-11-09 13:54 - 00000000 ___RD D:\Users\kh_2.KH-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-11-09 14:06 - 2013-11-09 13:54 - 00000000 ____D D:\Users\kh_2.KH-PC.000

2013-11-09 14:06 - 2013-11-09 12:39 - 00000000 ___RD D:\Users\kh_2.KH-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-11-09 14:06 - 2013-11-09 12:39 - 00000000 ____D D:\Users\kh_2.KH-PC

2013-11-09 14:06 - 2013-11-08 17:28 - 00000000 ____D D:\Program Files\CoolPic

2013-11-09 14:06 - 2009-07-14 03:37 - 00000000 ____D D:\Windows\system32\wfp

2013-11-09 14:05 - 2013-11-09 12:46 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Local\Nero

2013-11-09 14:05 - 2013-11-08 17:30 - 00000000 ____D D:\Users\KH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie

2013-11-09 14:05 - 2013-11-08 17:29 - 00000000 ____D D:\Program Files\iRobinHood

2013-11-09 14:05 - 2013-11-08 17:28 - 00000000 ____D D:\Program Files\Mobogenie

2013-11-09 14:05 - 2013-08-25 22:08 - 00000000 ____D D:\Users\KH\AppData\Roaming\Audacity

2013-11-09 14:05 - 2013-02-14 20:22 - 00000000 ___RD D:\Users\KH\Desktop\lplex-0.3-win64

2013-11-09 14:05 - 2013-02-14 20:06 - 00000000 ____D D:\Users\KH\AppData\Roaming\lplex

2013-11-09 14:05 - 2013-01-21 15:47 - 00000000 ___RD D:\Users\KH\SkyDrive

2013-11-09 14:05 - 2013-01-15 20:07 - 00000000 ____D D:\Users\KH\AppData\Roaming\Pegasys Inc

2013-11-09 14:05 - 2013-01-05 22:26 - 00000000 ____D D:\Users\KH\AppData\Roaming\dvdcss

2013-11-09 14:05 - 2013-01-03 20:04 - 00000000 ____D D:\Program Files\Cypheros

2013-11-09 14:05 - 2013-01-03 13:14 - 00000000 ____D D:\Users\KH\AppData\Roaming\vlc

2013-11-09 14:05 - 2011-01-08 22:17 - 00000000 ____D D:\Users\KH\AppData\Roaming\PhotoScape

2013-11-09 14:05 - 2010-11-07 10:54 - 00000000 ____D D:\Program Files\LuminanceHDR-2.0.1

2013-11-09 14:05 - 2009-11-17 17:23 - 00000000 ____D D:\Users\KH\AppData\Local\{6CDD08D2-4502-44F0-9753-3D5B10261DFE}

2013-11-09 14:05 - 2009-11-04 09:58 - 00000000 ____D D:\Users\KH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ghostscript

2013-11-09 14:05 - 2009-10-26 14:20 - 00000000 ____D D:\Program Files\WIN-CASA2009

2013-11-09 14:05 - 2009-10-25 15:53 - 00000000 ____D D:\Users\KH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-11-09 14:05 - 2009-10-25 15:53 - 00000000 ____D D:\Users\KH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-11-09 14:05 - 2009-07-14 05:52 - 00000000 ____D D:\Windows\system32\WinBioDatabase

2013-11-09 14:05 - 2009-07-14 03:37 - 00000000 ____D D:\Windows\registration

2013-11-09 14:04 - 2013-08-24 18:17 - 00000000 ____D D:\Users\KH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon

2013-11-09 14:04 - 2013-01-11 22:03 - 00000000 ____D D:\Users\KH\AppData\Roaming\Digiarty

2013-11-09 14:04 - 2013-01-09 11:42 - 00000000 ____D D:\Users\KH\AppData\Roaming\Sony

2013-11-09 14:04 - 2012-01-17 22:07 - 00000000 ____D D:\Users\KH\AppData\Roaming\Canneverbe Limited

2013-11-09 14:04 - 2009-10-25 16:03 - 00000000 ____D D:\Users\KH\AppData\Roaming\Macromedia

2013-11-09 14:04 - 2009-10-25 16:03 - 00000000 ____D D:\Users\KH\AppData\Roaming\Adobe

2013-11-09 14:03 - 2013-09-06 20:24 - 00000000 ____D D:\Users\KH\AppData\Local\NVIDIA

2013-11-09 14:03 - 2013-01-24 13:08 - 00000000 ____D D:\Users\KH\AppData\Local\Nero_AG

2013-11-09 14:03 - 2013-01-09 11:50 - 00000000 ____D D:\Users\KH\AppData\Local\Sony

2013-11-09 14:03 - 2011-01-07 18:56 - 00000000 ____D D:\Users\KH\AppData\Local\Panasonic

2013-11-09 14:03 - 2009-11-15 16:24 - 00000000 ____D D:\Users\KH\AppData\Local\Microsoft Games

2013-11-09 14:02 - 2009-07-14 03:37 - 00000000 ____D D:\Program Files\Common Files\microsoft shared

2013-11-09 13:57 - 2013-11-09 13:57 - 00110072 _____ D:\Users\kh_2.KH-PC.000\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Startmenü

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Netzwerkumgebung

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Druckumgebung

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Documents\Eigene Musik

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\Documents\Eigene Bilder

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 _SHDL D:\Users\kh_2.KH-PC.000\AppData\Local\Verlauf

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 ____D D:\Users\kh_2.KH-PC.000\AppData\Roaming\Adobe

2013-11-09 13:54 - 2013-11-09 13:54 - 00000000 ____D D:\Users\kh_2.KH-PC.000\AppData\Local\VirtualStore

2013-11-09 13:42 - 2013-11-09 13:42 - 00000000 ____D D:\Users\KH\Tracing

2013-11-09 13:36 - 2013-11-09 13:36 - 00000000 ____D D:\Users\KH\Desktop\kh_2

2013-11-09 12:55 - 2013-11-09 11:27 - 00271360 _____ D:\Users\KH\Desktop\Outlook.pst

2013-11-09 12:46 - 2013-11-09 12:46 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Roaming\Nero

2013-11-09 12:46 - 2013-11-09 12:46 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Local\Nero_AG

2013-11-09 12:43 - 2013-11-09 12:43 - 00110072 _____ D:\Users\kh_2.KH-PC\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\Startmenü

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\Netzwerkumgebung

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\Druckumgebung

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 _SHDL D:\Users\kh_2.KH-PC\AppData\Local\Verlauf

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Roaming\Adobe

2013-11-09 12:39 - 2013-11-09 12:39 - 00000000 ____D D:\Users\kh_2.KH-PC\AppData\Local\VirtualStore

2013-11-09 12:31 - 2012-12-31 12:55 - 00000000 ____D D:\Program Files\Technisat

2013-11-09 12:31 - 2009-12-08 20:45 - 00000000 ____D D:\Users\KH\AppData\Local\Google

2013-11-09 11:32 - 2013-11-09 11:32 - 00000000 ____D D:\Users\KH\AppData\Local\Adobe

2013-11-09 11:25 - 2013-11-09 11:25 - 00000000 ____D D:\Users\KH\Documents\Amazon MP3

2013-11-09 11:24 - 2013-11-09 10:48 - 00000000 ____D D:\Users\xrcd73

2013-11-09 11:24 - 2013-11-09 10:38 - 00000000 ____D D:\Users\kh_2

2013-11-09 11:23 - 2013-11-09 10:48 - 00000000 ___RD D:\Users\xrcd73\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-11-09 10:49 - 2013-11-09 10:49 - 00110072 _____ D:\Users\xrcd73\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Startmenü

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Netzwerkumgebung

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Druckumgebung

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Documents\Eigene Musik

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\Documents\Eigene Bilder

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 _SHDL D:\Users\xrcd73\AppData\Local\Verlauf

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 ____D D:\Users\xrcd73\AppData\Roaming\Adobe

2013-11-09 10:48 - 2013-11-09 10:48 - 00000000 ____D D:\Users\xrcd73\AppData\Local\VirtualStore

2013-11-09 10:41 - 2013-11-09 10:41 - 00000000 ____D D:\Users\kh_2\Desktop\KH

2013-11-09 10:39 - 2013-11-09 10:39 - 00110072 _____ D:\Users\kh_2\AppData\Local\GDIPFONTCACHEV1.DAT

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Startmenü

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Netzwerkumgebung

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Druckumgebung

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Documents\Eigene Musik

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\Documents\Eigene Bilder

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 _SHDL D:\Users\kh_2\AppData\Local\Verlauf

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 ____D D:\Users\kh_2\AppData\Roaming\Adobe

2013-11-09 10:38 - 2013-11-09 10:38 - 00000000 ____D D:\Users\kh_2\AppData\Local\VirtualStore

2013-11-08 21:47 - 2013-10-28 21:07 - 00955168 _____ (NVIDIA Corporation) D:\Windows\system32\nvspcap.dll

2013-11-08 19:00 - 2013-11-08 19:00 - 00129536 _____ D:\Users\Public\AlexaNSISPlugin.4168.dll

2013-11-04 21:40 - 2009-07-14 05:53 - 00032632 _____ D:\Windows\Tasks\SCHEDLGU.TXT

2013-10-28 21:18 - 2010-07-11 10:18 - 00000000 ____D D:\Program Files\NVIDIA Corporation

2013-10-28 21:07 - 2010-07-11 10:18 - 00000000 ____D D:\ProgramData\NVIDIA Corporation

2013-10-23 11:24 - 2013-10-28 21:13 - 22933792 _____ (NVIDIA Corporation) D:\Windows\system32\nvoglv32.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 17560352 _____ (NVIDIA Corporation) D:\Windows\system32\nvcompiler.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 10410272 _____ (NVIDIA Corporation) D:\Windows\system32\Drivers\nvlddmkm.sys

2013-10-23 11:24 - 2013-10-28 21:13 - 09524088 _____ (NVIDIA Corporation) D:\Windows\system32\nvcuda.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 09480328 _____ (NVIDIA Corporation) D:\Windows\system32\nvopencl.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 02946848 _____ (NVIDIA Corporation) D:\Windows\system32\nvcuvid.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 02747168 _____ (NVIDIA Corporation) D:\Windows\system32\nvcuvenc.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 01049888 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispco3233165.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 00893728 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispgenco3233165.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 00599840 _____ (NVIDIA Corporation) D:\Windows\system32\NvFBC.dll

2013-10-23 11:24 - 2013-10-28 21:13 - 00560416 _____ (NVIDIA Corporation) D:\Windows\system32\NvIFR.dll

2013-10-23 11:24 - 2013-10-15 16:35 - 15855568 _____ (NVIDIA Corporation) D:\Windows\system32\nvwgf2um.dll

2013-10-23 11:24 - 2013-10-15 16:35 - 15212336 _____ (NVIDIA Corporation) D:\Windows\system32\nvd3dum.dll

2013-10-23 11:24 - 2013-09-19 20:30 - 00018174 _____ D:\Windows\system32\nvinfo.pb

2013-10-23 11:24 - 2010-07-11 10:17 - 02695200 _____ (NVIDIA Corporation) D:\Windows\system32\nvapi.dll

2013-10-23 08:19 - 2010-06-07 16:47 - 04318496 _____ (NVIDIA Corporation) D:\Windows\system32\nvcpl.dll

2013-10-23 08:19 - 2010-06-07 16:47 - 03036448 _____ (NVIDIA Corporation) D:\Windows\system32\nvsvc.dll

2013-10-23 08:19 - 2010-06-07 16:47 - 02555168 _____ (NVIDIA Corporation) D:\Windows\system32\nvsvcr.dll

2013-10-23 08:19 - 2010-06-07 16:47 - 00664352 _____ (NVIDIA Corporation) D:\Windows\system32\nvvsvc.exe

2013-10-23 08:19 - 2010-06-07 16:47 - 00209184 _____ (NVIDIA Corporation) D:\Windows\system32\nvmctray.dll

2013-10-23 08:19 - 2010-06-07 16:47 - 00062752 _____ (NVIDIA Corporation) D:\Windows\system32\nvshext.dll

2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) D:\Windows\system32\nvStreaming.exe

2013-10-21 15:50 - 2009-10-28 08:49 - 00000000 ____D D:\Windows\pss

2013-10-21 05:05 - 2013-10-21 05:05 - 00264616 _____ (Oracle Corporation) D:\Windows\system32\javaws.exe

2013-10-21 05:05 - 2013-10-21 05:05 - 00175016 _____ (Oracle Corporation) D:\Windows\system32\javaw.exe

2013-10-21 05:05 - 2013-10-21 05:05 - 00174504 _____ (Oracle Corporation) D:\Windows\system32\java.exe

2013-10-21 05:05 - 2013-10-21 05:05 - 00094632 _____ (Oracle Corporation) D:\Windows\system32\WindowsAccessBridge.dll

2013-10-21 05:05 - 2013-10-21 05:05 - 00000000 ____D D:\ProgramData\Oracle

2013-10-21 05:05 - 2013-10-21 05:05 - 00000000 ____D D:\Program Files\Java

2013-10-21 05:05 - 2013-10-21 05:05 - 00000000 ____D D:\Program Files\Common Files\Java

2013-10-16 01:41 - 2013-10-22 19:07 - 01049888 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispco3233158.dll

2013-10-16 01:41 - 2013-10-22 19:07 - 00893728 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispgenco3233158.dll
 

Files to move or delete:

====================

D:\Users\Public\AlexaNSISPlugin.4168.dll
 
 

Some content of TEMP:

====================

D:\Users\KH\AppData\Local\Temp\avgnt.exe

D:\Users\kh-pc\AppData\Local\Temp\avgnt.exe
 
 

==================== Bamital & volsnap Check =================
 

D:\Windows\explorer.exe => MD5 is legit

D:\Windows\System32\winlogon.exe => MD5 is legit

D:\Windows\System32\wininit.exe => MD5 is legit

D:\Windows\System32\svchost.exe => MD5 is legit

D:\Windows\System32\services.exe => MD5 is legit

D:\Windows\System32\User32.dll => MD5 is legit

D:\Windows\System32\userinit.exe => MD5 is legit

D:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2013-11-10 17:36
 

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Hallo.Nach dem starten kommt immer die Meldung,sie müssen qtcore4.dll installieren und ich habe wohl vor einer Woche bei den Virusbefall ein Benutzerkonto gelöscht.

schrauber

16.11.2013 16:19

Kannst DU mir nen Screenshot machen von der MEldung?

xrcd73

16.11.2013 20:22

Liste der Anhänge anzeigen (Anzahl: 1)

Hallo.Ich hoffe du kannst es sehen.

schrauber

17.11.2013 07:34

Öffne bitte mal FRST, setz nen Haken bei Additional und scanne, poste beide Logfiles.

xrcd73

17.11.2013 08:55

Hallo.hier die Logs.MfG Claas

Alle Zeitangaben in WEZ +1. Es ist jetzt 13:30 Uhr.

Seite 1 von 3

100 Beiträge dieses Themas auf einer Seite anzeigen

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19