Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   dhl Mail versandschein.exe - gmer findet wmpnetwk.exe (https://www.trojaner-board.de/152255-dhl-mail-versandschein-exe-gmer-findet-wmpnetwk-exe.html)

Steindl 14.04.2014 10:54
und hier der 4. und letzte FRST log Teil:
Code:
2014-04-06 00:54 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-04-06 00:54 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-04-06 00:54 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-04-06 00:54 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-04-06 00:54 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-04-06 00:54 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-04-06 00:54 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-04-06 00:53 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-04-06 00:53 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-04-06 00:51 - 2014-04-10 21:24 - 00007058 _____ () C:\Windows\PFRO.log
2014-04-06 00:46 - 2014-04-06 00:46 - 00033436 _____ () C:\Windows\system32\emptyregdb.dat
2014-04-06 00:39 - 2014-04-08 00:41 - 00000000 __SHD () C:\Users\Elisabeth\IETldCache
2014-04-06 00:20 - 2014-04-06 00:47 - 01055718 _____ () C:\Windows\comsetup.log
2014-04-06 00:19 - 2014-04-06 00:19 - 00000000 _SHDL () C:\Users\Besitzer\Vorlagen
2014-04-06 00:19 - 2014-04-06 00:19 - 00000000 _SHDL () C:\Users\Besitzer\Startmenü
2014-04-06 00:19 - 2014-04-06 00:19 - 00000000 _SHDL () C:\Users\Besitzer\Netzwerkumgebung
2014-04-06 00:19 - 2014-04-06 00:19 - 00000000 _SHDL () C:\Users\Besitzer\Lokale Einstellungen
2014-04-06 00:19 - 2014-04-06 00:19 - 00000000 _SHDL () C:\Users\Besitzer\Eigene Dateien
2014-04-06 00:19 - 2014-04-06 00:19 - 00000000 _SHDL () C:\Users\Besitzer\Documents\Eigene Musik
2014-04-06 00:19 - 2014-04-06 00:19 - 00000000 _SHDL () C:\Users\Besitzer\Documents\Eigene Bilder
2014-04-06 00:19 - 2014-04-06 00:19 - 00000000 _SHDL () C:\Users\Besitzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-06 00:19 - 2014-04-06 00:19 - 00000000 _SHDL () C:\Users\Besitzer\AppData\Local\Verlauf
2014-04-06 00:19 - 2014-04-06 00:19 - 00000000 _SHDL () C:\Users\Besitzer\AppData\Local\Anwendungsdaten
2014-04-06 00:19 - 2014-04-06 00:19 - 00000000 _SHDL () C:\Users\Besitzer\Anwendungsdaten
2014-04-06 00:19 - 2014-04-06 00:19 - 00000000 __HDL () C:\Users\Besitzer\Druckumgebung
2014-04-06 00:19 - 2014-04-06 00:19 - 00000000 ____D () C:\Users\Besitzer
2014-04-06 00:19 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Besitzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-06 00:19 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Besitzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-04-06 00:17 - 2014-04-07 02:15 - 00068328 _____ () C:\Users\Elisabeth\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-06 00:17 - 2014-04-06 00:17 - 00000000 ___DC () C:\Users\Elisabeth\AppData\Local\MigWiz
2014-04-06 00:08 - 2014-04-10 18:00 - 00000000 ____D () C:\Users\Elisabeth
2014-04-06 00:08 - 2014-04-08 00:19 - 00000000 ___RD () C:\Users\Elisabeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-06 00:08 - 2014-04-07 21:15 - 00000000 ___RD () C:\Users\Elisabeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-06 00:08 - 2014-04-06 00:08 - 00000020 ___SH () C:\Users\Elisabeth\ntuser.ini
2014-04-06 00:08 - 2014-04-06 00:08 - 00000000 _SHDL () C:\Users\Elisabeth\Vorlagen
2014-04-06 00:08 - 2014-04-06 00:08 - 00000000 _SHDL () C:\Users\Elisabeth\Startmenü
2014-04-06 00:08 - 2014-04-06 00:08 - 00000000 _SHDL () C:\Users\Elisabeth\Netzwerkumgebung
2014-04-06 00:08 - 2014-04-06 00:08 - 00000000 _SHDL () C:\Users\Elisabeth\Lokale Einstellungen
2014-04-06 00:08 - 2014-04-06 00:08 - 00000000 _SHDL () C:\Users\Elisabeth\Eigene Dateien
2014-04-06 00:08 - 2014-04-06 00:08 - 00000000 _SHDL () C:\Users\Elisabeth\Documents\Eigene Musik
2014-04-06 00:08 - 2014-04-06 00:08 - 00000000 _SHDL () C:\Users\Elisabeth\Documents\Eigene Bilder
2014-04-06 00:08 - 2014-04-06 00:08 - 00000000 _SHDL () C:\Users\Elisabeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-06 00:08 - 2014-04-06 00:08 - 00000000 _SHDL () C:\Users\Elisabeth\AppData\Local\Verlauf
2014-04-06 00:08 - 2014-04-06 00:08 - 00000000 _SHDL () C:\Users\Elisabeth\AppData\Local\Anwendungsdaten
2014-04-06 00:08 - 2014-04-06 00:08 - 00000000 _SHDL () C:\Users\Elisabeth\Anwendungsdaten
2014-04-06 00:08 - 2014-04-06 00:08 - 00000000 __HDL () C:\Users\Elisabeth\Druckumgebung
2014-04-06 00:08 - 2014-04-06 00:08 - 00000000 ____D () C:\Users\Elisabeth\AppData\Local\VirtualStore
2014-04-06 00:08 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Elisabeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-06 00:08 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Elisabeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-04-05 23:58 - 2014-04-05 23:58 - 00001421 _____ () C:\Users\Ente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-04-05 23:57 - 2014-04-05 23:58 - 00001455 _____ () C:\Users\Ente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-05 23:57 - 2014-04-05 23:58 - 00000000 ___RD () C:\Users\Ente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-05 23:57 - 2014-04-05 23:58 - 00000000 ___RD () C:\Users\Ente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-05 23:57 - 2014-04-05 23:57 - 00000020 ___SH () C:\Users\Ente\ntuser.ini
2014-04-05 23:57 - 2014-04-05 23:57 - 00000000 _SHDL () C:\Users\Ente\Vorlagen
2014-04-05 23:57 - 2014-04-05 23:57 - 00000000 _SHDL () C:\Users\Ente\Startmenü
2014-04-05 23:57 - 2014-04-05 23:57 - 00000000 _SHDL () C:\Users\Ente\Netzwerkumgebung
2014-04-05 23:57 - 2014-04-05 23:57 - 00000000 _SHDL () C:\Users\Ente\Lokale Einstellungen
2014-04-05 23:57 - 2014-04-05 23:57 - 00000000 _SHDL () C:\Users\Ente\Eigene Dateien
2014-04-05 23:57 - 2014-04-05 23:57 - 00000000 _SHDL () C:\Users\Ente\Druckumgebung
2014-04-05 23:57 - 2014-04-05 23:57 - 00000000 _SHDL () C:\Users\Ente\Documents\Eigene Musik
2014-04-05 23:57 - 2014-04-05 23:57 - 00000000 _SHDL () C:\Users\Ente\Documents\Eigene Bilder
2014-04-05 23:57 - 2014-04-05 23:57 - 00000000 _SHDL () C:\Users\Ente\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-05 23:57 - 2014-04-05 23:57 - 00000000 _SHDL () C:\Users\Ente\AppData\Local\Verlauf
2014-04-05 23:57 - 2014-04-05 23:57 - 00000000 _SHDL () C:\Users\Ente\AppData\Local\Anwendungsdaten
2014-04-05 23:57 - 2014-04-05 23:57 - 00000000 _SHDL () C:\Users\Ente\Anwendungsdaten
2014-04-05 23:57 - 2014-04-05 23:57 - 00000000 ____D () C:\Users\Ente\AppData\Local\VirtualStore
2014-04-05 23:57 - 2014-04-05 23:57 - 00000000 ____D () C:\Users\Ente
2014-04-05 23:57 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Ente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-05 23:57 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Ente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-04-05 22:39 - 2014-01-19 09:33 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-04-05 22:23 - 2014-04-05 22:23 - 00001313 _____ () C:\Windows\TSSysprep.log
2014-04-05 22:22 - 2014-04-13 21:39 - 02036107 _____ () C:\Windows\WindowsUpdate.log
2014-04-05 22:21 - 2014-04-05 22:21 - 00010698 _____ () C:\Windows\avmcoins.log
2014-04-01 13:04 - 2014-04-06 00:33 - 00000000 __RSD () C:\Users\Elisabeth\Documents\My Stationery
2014-03-19 14:49 - 2014-04-06 00:45 - 00000000 ____D () C:\01b85af5a2f368cf877f

==================== One Month Modified Files and Folders =======

2014-04-14 07:50 - 2014-04-14 07:49 - 00008355 _____ () C:\Users\Elisabeth\Desktop\FRST.txt
2014-04-14 07:49 - 2014-04-14 07:49 - 00000000 ____D () C:\Users\Elisabeth\Desktop\FRST-OlderVersion
2014-04-14 07:49 - 2014-04-08 23:40 - 00000000 ____D () C:\FRST
2014-04-14 07:49 - 2014-04-08 23:39 - 02157568 _____ (Farbar) C:\Users\Elisabeth\Desktop\FRST64.exe
2014-04-14 07:48 - 2014-04-14 07:48 - 00000948 _____ () C:\Users\Elisabeth\Desktop\checkup.txt
2014-04-14 07:34 - 2014-04-14 07:39 - 00987448 _____ () C:\Users\Elisabeth\Desktop\SecurityCheck.exe
2014-04-14 07:34 - 2014-04-14 07:34 - 00987448 _____ () C:\Users\Elisabeth\Downloads\SecurityCheck.exe
2014-04-14 07:06 - 2014-04-08 17:40 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-14 06:45 - 2014-04-09 00:49 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-14 06:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-13 21:39 - 2014-04-05 22:22 - 02036107 _____ () C:\Windows\WindowsUpdate.log
2014-04-13 18:21 - 2009-07-14 06:45 - 00019968 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-13 18:21 - 2009-07-14 06:45 - 00019968 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-13 18:16 - 2014-04-06 08:16 - 00691810 _____ () C:\Windows\system32\perfh007.dat
2014-04-13 18:16 - 2014-04-06 08:16 - 00145116 _____ () C:\Windows\system32\perfc007.dat
2014-04-13 18:16 - 2009-07-14 07:13 - 01597238 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-13 18:13 - 2014-04-13 18:12 - 02347384 _____ (ESET) C:\Users\Elisabeth\Downloads\esetsmartinstaller_enu.exe
2014-04-13 18:12 - 2009-07-14 06:51 - 00022872 _____ () C:\Windows\setupact.log
2014-04-13 18:09 - 2014-04-08 18:01 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-13 18:04 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-12 09:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-12 09:30 - 2014-04-07 00:10 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-12 09:29 - 2014-04-06 13:56 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-12 09:25 - 2014-04-06 13:56 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-11 13:48 - 2014-04-11 13:48 - 00000884 _____ () C:\Users\Elisabeth\Desktop\JRT.txt
2014-04-11 13:20 - 2014-04-11 13:20 - 00000000 ____D () C:\Windows\ERUNT
2014-04-11 13:16 - 2014-04-11 13:16 - 01016261 _____ (Thisisu) C:\Users\Elisabeth\Downloads\JRT.exe
2014-04-11 13:13 - 2014-04-11 13:13 - 00004206 _____ () C:\Users\Elisabeth\Desktop\AdwCleaner[S0].txt
2014-04-11 13:07 - 2014-04-11 13:03 - 00000000 ____D () C:\AdwCleaner
2014-04-11 13:01 - 2014-04-11 13:01 - 01426178 _____ () C:\Users\Elisabeth\Downloads\adwcleaner.exe
2014-04-11 13:00 - 2014-04-11 13:00 - 00001158 _____ () C:\Users\Elisabeth\Desktop\mbam.txt
2014-04-11 11:29 - 2014-04-09 00:48 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-11 11:29 - 2014-04-09 00:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-11 11:25 - 2014-04-11 11:25 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Elisabeth\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-10 21:32 - 2014-04-10 21:32 - 00000000 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2014-04-10 21:29 - 2014-04-10 21:32 - 00049952 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-04-10 21:24 - 2014-04-06 00:51 - 00007058 _____ () C:\Windows\PFRO.log
2014-04-10 18:37 - 2014-04-10 18:37 - 00019909 _____ () C:\ComboFix.txt
2014-04-10 18:37 - 2014-04-10 17:25 - 00000000 ____D () C:\Qoobox
2014-04-10 18:37 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-04-10 18:37 - 2008-08-11 12:02 - 00000000 ____D () C:\Users\drucker
2014-04-10 18:05 - 2014-04-10 17:24 - 00000000 ____D () C:\Windows\erdnt
2014-04-10 18:02 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-10 18:00 - 2014-04-06 00:08 - 00000000 ____D () C:\Users\Elisabeth
2014-04-10 17:20 - 2014-04-10 17:19 - 05196025 ____R (Swearware) C:\Users\Elisabeth\Downloads\ComboFix.exe
2014-04-10 17:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-09 12:42 - 2014-04-09 12:42 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-04-09 12:41 - 2014-04-09 12:41 - 01110476 _____ () C:\Users\Elisabeth\Downloads\7z920.exe
2014-04-09 09:50 - 2014-04-09 09:50 - 00000620 _____ () C:\Users\Elisabeth\Documents\gmer.txt
2014-04-09 02:45 - 2014-04-08 17:41 - 00000000 ____D () C:\ProgramData\aqax
2014-04-09 02:39 - 2014-04-08 18:11 - 00000000 ____D () C:\ProgramData\AVG2014
2014-04-09 02:35 - 2014-04-09 02:35 - 00000000 _____ () C:\Users\Elisabeth\defogger_reenable
2014-04-09 02:27 - 2014-04-09 02:27 - 00380416 _____ () C:\Users\Elisabeth\Desktop\Gmer-19357.exe
2014-04-09 02:21 - 2014-04-09 02:21 - 00050477 _____ () C:\Users\Elisabeth\Desktop\Defogger.exe
2014-04-09 00:47 - 2014-04-09 00:47 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-08 19:26 - 2014-04-08 18:01 - 00000000 ____D () C:\Users\Elisabeth\AppData\Local\Avg2014
2014-04-08 18:42 - 2014-04-08 18:42 - 00000000 ____D () C:\Users\Elisabeth\AppData\Roaming\AVG2014
2014-04-08 18:37 - 2014-04-08 18:37 - 00000993 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-04-08 18:37 - 2014-04-08 18:37 - 00000000 ____D () C:\Users\Elisabeth\AppData\Roaming\TuneUp Software
2014-04-08 18:21 - 2007-09-13 14:43 - 00000000 ____D () C:\Users\Elisabeth\Documents\PGR 3 Pfarren
2014-04-08 18:11 - 2014-04-08 18:11 - 00000000 ____D () C:\$AVG
2014-04-08 18:04 - 2014-04-08 18:04 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-04-08 18:01 - 2014-04-08 18:01 - 00000000 ____D () C:\Users\Elisabeth\AppData\Local\MFAData
2014-04-08 17:58 - 2014-04-08 00:27 - 01570646 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-04-08 17:44 - 2014-04-08 17:41 - 00000000 ____D () C:\ProgramData\imusoruc
2014-04-08 17:43 - 2014-04-08 17:41 - 00000000 ____D () C:\ProgramData\Sun
2014-04-08 17:42 - 2014-04-08 17:42 - 00000000 ____D () C:\Users\Elisabeth\AppData\Roaming\Macromedia
2014-04-08 17:42 - 2014-04-08 17:42 - 00000000 ____D () C:\Users\Elisabeth\AppData\Local\Macromedia
2014-04-08 17:40 - 2014-04-08 17:40 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-08 17:40 - 2014-04-08 17:40 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-08 17:40 - 2014-04-08 17:40 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-08 17:40 - 2014-04-08 17:40 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-04-08 17:40 - 2014-04-08 17:40 - 00000000 ____D () C:\Windows\system32\Macromed
2014-04-08 17:36 - 2014-04-08 17:33 - 115763632 _____ (Microsoft Corporation) C:\Users\Elisabeth\Downloads\SQLEXPR_x86_ENU.exe
2014-04-08 17:26 - 2014-04-08 17:23 - 139132360 _____ (Microsoft Corporation) C:\Users\Elisabeth\Downloads\SQLEXPR_x64_DEU.exe
2014-04-08 17:22 - 2007-09-13 17:38 - 00000000 ____D () C:\WINLine
2014-04-08 17:21 - 2014-04-08 17:18 - 123669448 _____ (Microsoft Corporation) C:\Users\Elisabeth\Downloads\SQLEXPR_x86_DEU.exe
2014-04-08 17:07 - 2014-04-08 03:00 - 00000000 ____D () C:\Users\Elisabeth\Desktop\winline_alt
2014-04-08 03:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-04-08 02:27 - 2014-04-08 02:27 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-04-08 02:27 - 2014-04-08 02:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Vorlagen
2014-04-08 02:27 - 2014-04-08 02:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Startmenü
2014-04-08 02:27 - 2014-04-08 02:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Netzwerkumgebung
2014-04-08 02:27 - 2014-04-08 02:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Lokale Einstellungen
2014-04-08 02:27 - 2014-04-08 02:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Eigene Dateien
2014-04-08 02:27 - 2014-04-08 02:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Druckumgebung
2014-04-08 02:27 - 2014-04-08 02:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Musik
2014-04-08 02:27 - 2014-04-08 02:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Bilder
2014-04-08 02:27 - 2014-04-08 02:27 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-08 02:27 - 2014-04-08 02:27 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Verlauf
2014-04-08 02:27 - 2014-04-08 02:27 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2014-04-08 02:27 - 2014-04-08 02:27 - 00000000 _SHDL () C:\Users\UpdatusUser\Anwendungsdaten
2014-04-08 02:27 - 2014-04-08 02:27 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-08 02:27 - 2014-04-08 02:27 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-04-08 02:27 - 2014-04-08 02:24 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-04-08 02:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-04-08 02:25 - 2014-04-08 02:25 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-04-08 01:51 - 2014-04-08 01:51 - 09918976 _____ () C:\Users\Elisabeth\Downloads\layout 01-10-2007.exe
2014-04-08 01:43 - 2014-04-06 17:56 - 00001437 _____ () C:\Users\Elisabeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-08 01:38 - 2014-04-08 00:02 - 00016341 _____ () C:\Windows\IE11_main.log
2014-04-08 01:00 - 2014-04-08 01:00 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-04-08 01:00 - 2014-04-08 01:00 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-04-08 01:00 - 2014-04-08 01:00 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-04-08 01:00 - 2014-04-08 01:00 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-04-08 01:00 - 2014-04-08 01:00 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-08 01:00 - 2014-04-08 01:00 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-04-08 01:00 - 2014-04-08 01:00 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-04-08 01:00 - 2014-04-08 01:00 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-04-08 01:00 - 2014-04-08 01:00 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-08 01:00 - 2014-04-08 01:00 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-04-08 01:00 - 2014-04-08 01:00 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-04-08 01:00 - 2014-04-08 01:00 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-04-08 01:00 - 2014-04-08 01:00 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-04-08 01:00 - 2014-04-08 01:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-04-08 01:00 - 2014-04-08 01:00 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-04-08 01:00 - 2014-04-08 01:00 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-04-08 01:00 - 2014-04-08 01:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-04-08 01:00 - 2014-04-08 01:00 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-08 01:00 - 2014-04-08 01:00 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-04-08 01:00 - 2014-04-08 01:00 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-04-08 01:00 - 2014-04-08 01:00 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-04-08 01:00 - 2014-04-08 01:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-08 01:00 - 2014-04-08 01:00 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-04-08 01:00 - 2014-04-08 01:00 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-04-08 01:00 - 2014-04-08 01:00 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-04-08 01:00 - 2014-04-08 01:00 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-04-08 01:00 - 2014-04-08 01:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-04-08 01:00 - 2014-04-08 01:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-04-08 01:00 - 2014-04-08 01:00 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-04-08 01:00 - 2014-04-08 01:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-04-08 01:00 - 2014-04-08 01:00 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-04-08 01:00 - 2014-04-08 01:00 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-04-08 00:59 - 2014-04-08 00:59 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-04-08 00:59 - 2014-04-08 00:59 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-08 00:59 - 2014-04-08 00:59 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-04-08 00:59 - 2014-04-08 00:59 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-08 00:59 - 2014-04-08 00:59 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-08 00:59 - 2014-04-08 00:59 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-04-08 00:59 - 2014-04-08 00:59 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-04-08 00:59 - 2014-04-08 00:59 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-08 00:59 - 2014-04-08 00:59 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-04-08 00:59 - 2014-04-08 00:59 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-08 00:59 - 2014-04-08 00:59 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-04-08 00:59 - 2014-04-08 00:59 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-08 00:59 - 2014-04-08 00:59 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-04-08 00:59 - 2014-04-08 00:59 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-08 00:59 - 2014-04-08 00:59 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-04-08 00:59 - 2014-04-08 00:59 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-04-08 00:59 - 2014-04-08 00:59 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-04-08 00:59 - 2014-04-08 00:59 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-08 00:59 - 2014-04-08 00:59 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-04-08 00:59 - 2014-04-08 00:59 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-04-08 00:59 - 2014-04-08 00:59 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-04-08 00:59 - 2014-04-08 00:59 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-04-08 00:59 - 2014-04-08 00:59 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-08 00:59 - 2014-04-08 00:59 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-04-08 00:59 - 2014-04-08 00:59 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-04-08 00:59 - 2014-04-08 00:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-08 00:59 - 2014-04-08 00:59 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-04-08 00:59 - 2014-04-08 00:59 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-08 00:57 - 2014-04-07 12:01 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-08 00:43 - 2014-04-06 01:30 - 00000000 __SHD () C:\Users\Elisabeth\IECompatCache
2014-04-08 00:41 - 2014-04-06 01:30 - 00000000 __SHD () C:\Users\Elisabeth\PrivacIE
2014-04-08 00:41 - 2014-04-06 00:39 - 00000000 __SHD () C:\Users\Elisabeth\IETldCache
2014-04-08 00:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-04-08 00:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-04-08 00:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-04-08 00:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-04-08 00:28 - 2014-04-08 00:28 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-04-08 00:28 - 2014-04-08 00:28 - 00000000 ____D () C:\Windows\RegisteredPackages
2014-04-08 00:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Cursors
2014-04-08 00:22 - 2014-04-08 00:22 - 00001009 _____ () C:\Users\Ente\Desktop\WINLine Assistent.lnk
2014-04-08 00:22 - 2014-04-08 00:22 - 00001009 _____ () C:\Users\Elisabeth\Desktop\WINLine Assistent.lnk
2014-04-08 00:22 - 2014-04-08 00:22 - 00001009 _____ () C:\Users\Besitzer\Desktop\WINLine Assistent.lnk
2014-04-08 00:22 - 2014-04-08 00:22 - 00001009 _____ () C:\Users\Administrator\Desktop\WINLine Assistent.lnk
2014-04-08 00:22 - 2014-04-08 00:22 - 00000752 _____ () C:\Users\Ente\Desktop\Budgetierung.lnk
2014-04-08 00:22 - 2014-04-08 00:22 - 00000752 _____ () C:\Users\Elisabeth\Desktop\Budgetierung.lnk
2014-04-08 00:22 - 2014-04-08 00:22 - 00000752 _____ () C:\Users\Besitzer\Desktop\Budgetierung.lnk
2014-04-08 00:22 - 2014-04-08 00:22 - 00000752 _____ () C:\Users\Administrator\Desktop\Budgetierung.lnk
2014-04-08 00:22 - 2014-04-08 00:22 - 00000609 _____ () C:\Users\Ente\Desktop\WINLine Start.lnk
2014-04-08 00:22 - 2014-04-08 00:22 - 00000609 _____ () C:\Users\Elisabeth\Desktop\WINLine Start.lnk
2014-04-08 00:22 - 2014-04-08 00:22 - 00000609 _____ () C:\Users\Besitzer\Desktop\WINLine Start.lnk
2014-04-08 00:22 - 2014-04-08 00:22 - 00000609 _____ () C:\Users\Administrator\Desktop\WINLine Start.lnk
2014-04-08 00:22 - 2014-04-08 00:22 - 00000000 ____D () C:\Program Files (x86)\WINLineAssistent
2014-04-08 00:20 - 2014-04-08 00:19 - 00000000 ____D () C:\Program Files (x86)\Budgetierung
2014-04-08 00:19 - 2014-04-08 00:19 - 00253952 ____N (Microsoft Corporation) C:\Windows\Setup1.exe
2014-04-08 00:19 - 2014-04-06 00:08 - 00000000 ___RD () C:\Users\Elisabeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-08 00:18 - 2014-04-08 00:18 - 00074752 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE
2014-04-08 00:18 - 2014-04-08 00:18 - 00000000 ____D () C:\Program Files (x86)\Mesonic
2014-04-07 23:12 - 2014-04-07 22:53 - 00010232 _____ () C:\Windows\IE10_main.log
2014-04-07 22:57 - 2014-04-07 22:57 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-04-07 22:57 - 2014-04-07 22:57 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-04-07 22:52 - 2014-04-07 00:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-04-07 21:47 - 2014-04-07 21:23 - 00000000 ____D () C:\Users\Elisabeth\AppData\Roaming\FRITZ!
2014-04-07 21:35 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-04-07 21:34 - 2014-04-07 21:31 - 00000000 ____D () C:\Users\Elisabeth\AppData\Local\FRITZ!
2014-04-07 21:15 - 2014-04-06 00:08 - 00000000 ___RD () C:\Users\Elisabeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-07 21:11 - 2009-07-14 06:45 - 00312496 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-07 21:09 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-04-07 21:09 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-04-07 21:08 - 2009-07-14 09:46 - 00000000 ____D () C:\Program Files\Windows Journal
2014-04-07 19:30 - 2014-04-08 02:27 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Microsoft Help
2014-04-07 19:30 - 2014-04-07 19:30 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-04-07 19:30 - 2014-04-07 19:30 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-04-07 16:55 - 2014-04-07 16:55 - 00000000 ____D () C:\Users\Elisabeth\AppData\Roaming\AGFEO
2014-04-07 16:54 - 2014-04-07 15:04 - 00000000 ____D () C:\Program Files (x86)\AGFEO
2014-04-07 16:54 - 2007-10-30 20:54 - 00000000 ____D () C:\agfeo
2014-04-07 16:30 - 2007-09-13 14:43 - 00000000 ____D () C:\Users\Elisabeth\Documents\Ministranten
2014-04-07 14:40 - 2014-04-07 14:34 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-07 14:39 - 2014-04-07 14:39 - 00000000 ____D () C:\Users\Elisabeth\AppData\Roaming\Adobe
2014-04-07 14:39 - 2014-04-07 14:32 - 00000000 ____D () C:\Users\Elisabeth\AppData\Local\Adobe
2014-04-07 14:38 - 2014-04-07 14:38 - 00000000 ____D () C:\ProgramData\McAfee
2014-04-07 14:35 - 2014-04-07 14:35 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-07 12:01 - 2014-04-07 12:01 - 00000000 ____D () C:\Program Files\Okidata
2014-04-07 12:00 - 2014-04-07 12:00 - 00000000 ____D () C:\ProgramData\OPPU
2014-04-07 10:32 - 2014-04-07 01:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-07 09:41 - 2014-04-09 00:46 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Elisabeth\Desktop\mbam-setup-2.0.1.1004.exe
2014-04-07 02:15 - 2014-04-07 02:15 - 00000000 ____D () C:\Users\Elisabeth\AppData\Roaming\Windows Live Writer
2014-04-07 02:15 - 2014-04-07 02:15 - 00000000 ____D () C:\Users\Elisabeth\AppData\Local\Windows Live Writer
2014-04-07 02:15 - 2014-04-06 13:32 - 00000000 ____D () C:\Users\Elisabeth\AppData\Local\Windows Live
2014-04-07 02:15 - 2014-04-06 00:17 - 00068328 _____ () C:\Users\Elisabeth\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-07 01:45 - 2014-04-07 01:45 - 00000000 ____D () C:\Users\Elisabeth\AppData\Local\Mozilla
2014-04-07 01:45 - 2014-04-07 01:40 - 00000000 ____D () C:\Users\Elisabeth\AppData\Roaming\Mozilla
2014-04-07 01:42 - 2014-04-07 01:42 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-07 01:41 - 2014-04-07 01:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-07 01:40 - 2014-04-07 01:40 - 00002102 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-04-07 01:40 - 2014-04-07 01:40 - 00000000 ____D () C:\Users\Elisabeth\AppData\Roaming\Thunderbird
2014-04-07 01:40 - 2014-04-07 01:40 - 00000000 ____D () C:\Users\Elisabeth\AppData\Local\Thunderbird
2014-04-07 01:40 - 2014-04-07 01:40 - 00000000 ____D () C:\ProgramData\Mozilla
2014-04-07 01:39 - 2014-04-07 01:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-07 00:37 - 2014-04-07 00:37 - 00002703 _____ () C:\Users\Elisabeth\Desktop\Excel 2007.lnk
2014-04-07 00:37 - 2014-04-07 00:37 - 00002697 _____ () C:\Users\Elisabeth\Desktop\Word 2007.lnk
2014-04-07 00:29 - 2014-04-07 00:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-04-07 00:12 - 2014-04-07 00:12 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-04-07 00:12 - 2009-07-14 09:46 - 00000000 ____D () C:\Windows\ShellNew
2014-04-07 00:11 - 2014-04-07 00:11 - 00000000 ____D () C:\Users\Elisabeth\AppData\Local\Microsoft Help
2014-04-06 23:43 - 2009-07-14 09:46 - 00000000 __SHD () C:\Windows\BitLockerDiscoveryVolumeContents
2014-04-06 23:43 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-04-06 23:43 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-04-06 23:43 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-04-06 23:43 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-04-06 23:43 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-04-06 23:43 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-04-06 23:43 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-04-06 23:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\servicing
2014-04-06 23:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-04-06 23:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\sppui
2014-04-06 23:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2014-04-06 23:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-04-06 23:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-04-06 23:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\manifeststore
2014-04-06 23:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-04-06 23:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\AdvancedInstallers
2014-04-06 23:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sppui
2014-04-06 23:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Setup
2014-04-06 23:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\oobe
2014-04-06 23:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\manifeststore
2014-04-06 23:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2014-04-06 23:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\migwiz
2014-04-06 23:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-04-06 22:16 - 2009-07-14 04:36 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2014-04-06 22:16 - 2009-07-14 04:36 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2014-04-06 21:26 - 2014-04-06 21:26 - 00000000 ____D () C:\Windows\system32\SPReview
2014-04-06 21:24 - 2014-04-06 21:24 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-04-06 19:33 - 2014-04-06 19:33 - 00003542 _____ () C:\Windows\System32\Tasks\CreateChoiceProcessTask
2014-04-06 18:19 - 2014-04-06 01:34 - 00002155 _____ () C:\Windows\epplauncher.mif
2014-04-06 18:19 - 2014-04-06 01:31 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-04-06 18:18 - 2014-04-06 01:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-04-06 14:35 - 2014-04-06 14:22 - 00004423 _____ () C:\Windows\IE9_main.log
2014-04-06 14:12 - 2014-04-06 14:12 - 00000000 ____D () C:\Windows\Temp0D49E688-0220-328D-1D11-D4497845549C-Signatures
2014-04-06 08:17 - 2014-04-06 08:17 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-04-06 08:17 - 2009-07-14 07:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-04-06 08:17 - 2009-07-14 07:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-04-06 08:17 - 2009-07-14 06:45 - 00000000 ____D () C:\Windows\Setup
2014-04-06 08:17 - 2007-09-12 18:39 - 00000355 __RSH () C:\Boot.ini.saved
2014-04-06 08:16 - 2014-04-06 08:16 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-04-06 08:16 - 2014-04-06 08:16 - 00000000 ____D () C:\Windows\SysWOW64\de
2014-04-06 08:16 - 2014-04-06 08:16 - 00000000 ____D () C:\Windows\SysWOW64\0407
2014-04-06 08:16 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2014-04-06 08:16 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2014-04-06 08:16 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\SysWOW64\sysprep
2014-04-06 08:16 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2014-04-06 08:16 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2014-04-06 08:16 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\system32\winrm
2014-04-06 08:16 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\DigitalLocker
2014-04-06 08:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-04-06 08:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2014-04-06 08:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\IME
2014-04-06 08:15 - 2014-04-06 08:16 - 00295922 _____ () C:\Windows\system32\perfi007.dat
2014-04-06 08:15 - 2014-04-06 08:16 - 00038104 _____ () C:\Windows\system32\perfd007.dat
2014-04-06 08:15 - 2014-04-06 08:15 - 00000000 ____D () C:\Windows\system32\de
2014-04-06 08:15 - 2014-04-06 08:15 - 00000000 ____D () C:\Windows\system32\0407
2014-04-06 08:15 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\system32\WCN
2014-04-06 08:15 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\system32\slmgr
2014-04-06 08:15 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2014-04-06 08:15 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2014-04-06 08:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\MUI
2014-04-06 08:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\com
2014-04-06 01:16 - 2014-04-06 01:16 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-04-06 00:53 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\restore
2014-04-06 00:47 - 2014-04-06 00:20 - 01055718 _____ () C:\Windows\comsetup.log
2014-04-06 00:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Registration
2014-04-06 00:46 - 2014-04-06 00:46 - 00033436 _____ () C:\Windows\system32\emptyregdb.dat
2014-04-06 00:45 - 2014-03-19 14:49 - 00000000 ____D () C:\01b85af5a2f368cf877f
2014-04-06 00:45 - 2013-10-21 18:13 - 00000000 ____D () C:\98cc01e8b4006edca8
2014-04-06 00:45 - 2013-10-18 10:52 - 00000000 ____D () C:\107c93b5e2101329ba
2014-04-06 00:45 - 2012-04-15 13:57 - 00000000 ____D () C:\0c8369b35abff8a45498dee098
2014-04-06 00:45 - 2008-08-14 09:08 - 00000000 ____D () C:\Gigaset_WLAN54
2014-04-06 00:40 - 2008-08-11 11:33 - 00000000 ____D () C:\Users\Besitzer\Documents\PDF Files
2014-04-06 00:39 - 2007-09-14 16:00 - 00000000 ____D () C:\Users\Elisabeth\Documents\Verwaltung
2014-04-06 00:37 - 2009-02-14 16:44 - 00000000 ____D () C:\Users\Elisabeth\Documents\privat_Ernst
2014-04-06 00:37 - 2008-11-24 14:37 - 00000000 ____D () C:\Users\Elisabeth\Documents\SEM
2014-04-06 00:37 - 2007-09-13 14:43 - 00000000 ____D () C:\Users\Elisabeth\Documents\Privat_Göstl
2014-04-06 00:37 - 2007-09-13 14:43 - 00000000 ____D () C:\Users\Elisabeth\Documents\Pfarren Korr
2014-04-06 00:36 - 2007-09-13 14:43 - 00000000 ____D () C:\Users\Elisabeth\Documents\Pfarrbrief
2014-04-06 00:33 - 2014-04-01 13:04 - 00000000 __RSD () C:\Users\Elisabeth\Documents\My Stationery
2014-04-06 00:33 - 2008-02-21 22:52 - 00000000 ____D () C:\Users\Elisabeth\Documents\PDF Files
2014-04-06 00:31 - 2007-09-13 14:42 - 00000000 ____D () C:\Users\Elisabeth\Documents\Liturgie
2014-04-06 00:31 - 2007-09-13 14:42 - 00000000 ____D () C:\Users\Elisabeth\Documents\Firmung
2014-04-06 00:30 - 2007-11-02 13:08 - 00000000 ____D () C:\Users\Elisabeth\Documents\EvasDateien
2014-04-06 00:29 - 2008-11-24 19:09 - 00000000 ____D () C:\Users\Elisabeth\Documents\Erstkommunion
2014-04-06 00:29 - 2008-02-21 12:09 - 00000000 ___SD () C:\Users\Elisabeth\Documents\Eigene Datenquellen
2014-04-06 00:29 - 2007-09-14 11:42 - 00000000 ____D () C:\Users\Elisabeth\Documents\Eigene PaperPort-Dokumente
2014-04-06 00:27 - 2011-01-21 15:01 - 00000000 ____D () C:\Users\Elisabeth\Documents\Bibliothek
2014-04-06 00:27 - 2007-09-13 14:42 - 00000000 ____D () C:\Users\Elisabeth\Documents\Dekanat
2014-04-06 00:27 - 2007-09-13 14:42 - 00000000 ____D () C:\Users\Elisabeth\Documents\Aktionen
2014-04-06 00:25 - 2011-10-05 09:28 - 00000000 ___RD () C:\Users\Elisabeth\Desktop\members.aon.at
2014-04-06 00:25 - 2009-06-12 10:37 - 00000000 ___HD () C:\Users\Elisabeth\Documents\.TemporaryItems
2014-04-06 00:19 - 2014-04-06 00:19 - 00000000 _SHDL () C:\Users\Besitzer\Vorlagen
2014-04-06 00:19 - 2014-04-06 00:19 - 00000000 _SHDL () C:\Users\Besitzer\Startmenü
2014-04-06 00:19 - 2014-04-06 00:19 - 00000000 _SHDL () C:\Users\Besitzer\Netzwerkumgebung
2014-04-06 00:19 - 2014-04-06 00:19 - 00000000 _SHDL () C:\Users\Besitzer\Lokale Einstellungen
2014-04-06 00:19 - 2014-04-06 00:19 - 00000000 _SHDL () C:\Users\Besitzer\Eigene Dateien
2014-04-06 00:19 - 2014-04-06 00:19 - 00000000 _SHDL () C:\Users\Besitzer\Documents\Eigene Musik
2014-04-06 00:19 - 2014-04-06 00:19 - 00000000 _SHDL () C:\Users\Besitzer\Documents\Eigene Bilder
2014-04-06 00:19 - 2014-04-06 00:19 - 00000000 _SHDL () C:\Users\Besitzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-06 00:19 - 2014-04-06 00:19 - 00000000 _SHDL () C:\Users\Besitzer\AppData\Local\Verlauf
2014-04-06 00:19 - 2014-04-06 00:19 - 00000000 _SHDL () C:\Users\Besitzer\AppData\Local\Anwendungsdaten
2014-04-06 00:19 - 2014-04-06 00:19 - 00000000 _SHDL () C:\Users\Besitzer\Anwendungsdaten
2014-04-06 00:19 - 2014-04-06 00:19 - 00000000 __HDL () C:\Users\Besitzer\Druckumgebung
2014-04-06 00:19 - 2014-04-06 00:19 - 00000000 ____D () C:\Users\Besitzer
2014-04-06 00:17 - 2014-04-06 00:17 - 00000000 ___DC () C:\Users\Elisabeth\AppData\Local\MigWiz
2014-04-06 00:14 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-04-06 00:08 - 2014-04-06 00:08 - 00000020 ___SH () C:\Users\Elisabeth\ntuser.ini
2014-04-06 00:08 - 2014-04-06 00:08 - 00000000 _SHDL () C:\Users\Elisabeth\Vorlagen
2014-04-06 00:08 - 2014-04-06 00:08 - 00000000 _SHDL () C:\Users\Elisabeth\Startmenü
2014-04-06 00:08 - 2014-04-06 00:08 - 00000000 _SHDL () C:\Users\Elisabeth\Netzwerkumgebung
2014-04-06 00:08 - 2014-04-06 00:08 - 00000000 _SHDL () C:\Users\Elisabeth\Lokale Einstellungen
2014-04-06 00:08 - 2014-04-06 00:08 - 00000000 _SHDL () C:\Users\Elisabeth\Eigene Dateien
2014-04-06 00:08 - 2014-04-06 00:08 - 00000000 _SHDL () C:\Users\Elisabeth\Documents\Eigene Musik
2014-04-06 00:08 - 2014-04-06 00:08 - 00000000 _SHDL () C:\Users\Elisabeth\Documents\Eigene Bilder
2014-04-06 00:08 - 2014-04-06 00:08 - 00000000 _SHDL () C:\Users\Elisabeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-06 00:08 - 2014-04-06 00:08 - 00000000 _SHDL () C:\Users\Elisabeth\AppData\Local\Verlauf
2014-04-06 00:08 - 2014-04-06 00:08 - 00000000 _SHDL () C:\Users\Elisabeth\AppData\Local\Anwendungsdaten
2014-04-06 00:08 - 2014-04-06 00:08 - 00000000 _SHDL () C:\Users\Elisabeth\Anwendungsdaten
2014-04-06 00:08 - 2014-04-06 00:08 - 00000000 __HDL () C:\Users\Elisabeth\Druckumgebung
2014-04-06 00:08 - 2014-04-06 00:08 - 00000000 ____D () C:\Users\Elisabeth\AppData\Local\VirtualStore
2014-04-05 23:58 - 2014-04-05 23:58 - 00001421 _____ () C:\Users\Ente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-04-05 23:58 - 2014-04-05 23:57 - 00001455 _____ () C:\Users\Ente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-05 23:58 - 2014-04-05 23:57 - 00000000 ___RD () C:\Users\Ente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-05 23:58 - 2014-04-05 23:57 - 00000000 ___RD () C:\Users\Ente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-05 23:57 - 2014-04-05 23:57 - 00000020 ___SH () C:\Users\Ente\ntuser.ini
2014-04-05 23:57 - 2014-04-05 23:57 - 00000000 _SHDL () C:\Users\Ente\Vorlagen
2014-04-05 23:57 - 2014-04-05 23:57 - 00000000 _SHDL () C:\Users\Ente\Startmenü
2014-04-05 23:57 - 2014-04-05 23:57 - 00000000 _SHDL () C:\Users\Ente\Netzwerkumgebung
2014-04-05 23:57 - 2014-04-05 23:57 - 00000000 _SHDL () C:\Users\Ente\Lokale Einstellungen
2014-04-05 23:57 - 2014-04-05 23:57 - 00000000 _SHDL () C:\Users\Ente\Eigene Dateien
2014-04-05 23:57 - 2014-04-05 23:57 - 00000000 _SHDL () C:\Users\Ente\Druckumgebung
2014-04-05 23:57 - 2014-04-05 23:57 - 00000000 _SHDL () C:\Users\Ente\Documents\Eigene Musik
2014-04-05 23:57 - 2014-04-05 23:57 - 00000000 _SHDL () C:\Users\Ente\Documents\Eigene Bilder
2014-04-05 23:57 - 2014-04-05 23:57 - 00000000 _SHDL () C:\Users\Ente\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-05 23:57 - 2014-04-05 23:57 - 00000000 _SHDL () C:\Users\Ente\AppData\Local\Verlauf
2014-04-05 23:57 - 2014-04-05 23:57 - 00000000 _SHDL () C:\Users\Ente\AppData\Local\Anwendungsdaten
2014-04-05 23:57 - 2014-04-05 23:57 - 00000000 _SHDL () C:\Users\Ente\Anwendungsdaten
2014-04-05 23:57 - 2014-04-05 23:57 - 00000000 ____D () C:\Users\Ente\AppData\Local\VirtualStore
2014-04-05 23:57 - 2014-04-05 23:57 - 00000000 ____D () C:\Users\Ente
2014-04-05 23:04 - 2014-04-06 08:17 - 00000000 ____D () C:\Windows\Panther
2014-04-05 22:23 - 2014-04-05 22:23 - 00001313 _____ () C:\Windows\TSSysprep.log
2014-04-05 22:23 - 2009-07-14 06:46 - 00001774 _____ () C:\Windows\DtcInstall.log
2014-04-05 22:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-04-05 22:21 - 2014-04-05 22:21 - 00010698 _____ () C:\Windows\avmcoins.log
2014-04-05 22:20 - 2009-07-14 09:46 - 00000000 ____D () C:\Windows\CSC
2014-04-05 19:49 - 2007-09-12 17:41 - 00000000 ___RD () C:\Programme
2014-04-04 11:11 - 2008-05-30 21:38 - 00043012 ____H () C:\Users\Elisabeth\Documents\.DS_Store
2014-04-03 16:02 - 2014-04-08 17:57 - 157883928 _____ (AVG Technologies) C:\Users\Elisabeth\Desktop\avgfreexalla_34171.exe
2014-04-03 09:51 - 2014-04-09 00:47 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-09 00:47 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-09 00:47 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 13:43 - 2014-04-07 00:18 - 03710504 _____ (Piriform Ltd) C:\Users\Elisabeth\Desktop\ccsetup412_slim.exe

Some content of TEMP:
====================
C:\Users\Elisabeth\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-09 03:27

==================== End Of Log ============================
und eine neue FRST Addition:

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-04-2014 01
Ran by Elisabeth at 2014-04-14 07:55:25
Running from C:\Users\Elisabeth\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AGFEO TK-Suite Basic 3 (HKLM-x32\...\tksuite_tksuite_basic) (Version:  - AGFEO)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4355 - AVG Technologies)
AVG 2014 (Version: 14.0.3882 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4355 - AVG Technologies) Hidden
Budgetierung (HKLM-x32\...\ST6UNST #1) (Version:  - )
DA0 3.6 und ODBC (HKLM-x32\...\{F534FFD4-F013-11D3-8031-0090272C6495}) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)
NVIDIA Grafiktreiber 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 307.83 (Version: 307.83 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
OKI Network Extension (HKLM-x32\...\{38ADB9A6-798C-11D6-A855-00105A80791C}) (Version: 1.00.000 - Okidata)
Realtek AC'97 Audio (HKLM-x32\...\{FB08F381-6533-4108-B7DD-039E11FBC27E}) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WINLine (HKLM-x32\...\{4C94C4BC-97DC-4E29-83E7-1B9B4388C330}) (Version:  - )
WINLine Assistent Version 7.1 (HKLM-x32\...\WINLine Assistent_is1) (Version:  - )

==================== Restore Points  =========================

14-04-2014 04:04:15 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-04-10 18:02 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {28FBB271-854B-47A4-9D82-A82B12F09C63} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-08] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-04-08 02:27 - 2013-01-31 11:25 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2006-12-01 14:41 - 2006-12-01 14:41 - 00028672 _____ () C:\Program Files (x86)\AGFEO\Tk-Suite-Basic\tkserver\tkmedia_lib.dll
2006-12-01 14:41 - 2006-12-01 14:41 - 00036864 _____ () C:\Program Files (x86)\AGFEO\Tk-Suite-Basic\tkserver\tkmedia_capi.dll
2006-12-01 14:41 - 2006-12-01 14:41 - 00020480 _____ () C:\Program Files (x86)\AGFEO\Tk-Suite-Basic\tkserver\tkmedia_serial.dll
2006-12-01 14:41 - 2006-12-01 14:41 - 00020480 _____ () C:\Program Files (x86)\AGFEO\Tk-Suite-Basic\tkserver\tkmedia_xport.dll
2005-04-26 09:10 - 2005-04-26 09:10 - 04005888 _____ () C:\Program Files (x86)\AGFEO\Tk-Suite-Basic\tools\qt-mt334.dll
2005-04-26 09:10 - 2005-04-26 09:10 - 00061440 _____ () C:\Program Files (x86)\AGFEO\Tk-Suite-Basic\tools\styles\qwindowsxpstyle.dll
2014-04-07 01:41 - 2014-03-15 10:40 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/14/2014 07:39:06 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/14/2014 07:21:09 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/14/2014 05:59:39 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/14/2014 05:59:16 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/14/2014 05:58:16 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/13/2014 06:17:11 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/13/2014 06:17:06 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/12/2014 10:01:33 AM) (Source: Application Hang) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 3c8

Startzeit: 01cf56240a19ddf4

Endzeit: 94

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID: 85958fb4-c218-11e3-8ebb-404e57434401


System errors:
=============
Error: (04/13/2014 07:15:56 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (04/13/2014 07:15:02 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst lmhosts erreicht.

Error: (04/13/2014 06:41:52 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (04/13/2014 06:06:19 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (04/13/2014 06:05:25 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "vToolbarUpdater18.0.5" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/13/2014 03:33:25 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (04/13/2014 03:32:54 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "vToolbarUpdater18.0.5" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/13/2014 11:17:29 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (04/13/2014 11:16:27 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "vToolbarUpdater18.0.5" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/13/2014 07:26:00 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-04-10 18:00:29.462
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-10 18:00:28.978
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 60%
Total physical RAM: 2047.55 MB
Available physical RAM: 800.86 MB
Total Pagefile: 4095.11 MB
Available Pagefile: 2429.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (WinXPHomeSP2) (Fixed) (Total:68.36 GB) (Free:2.99 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Daten) (Fixed) (Total:80.68 GB) (Free:65.81 GB) NTFS
Drive f: () (Removable) (Total:3.94 GB) (Free:2.69 GB) FAT32
Drive g: (DATA ES) (Removable) (Total:0.96 GB) (Free:0.75 GB) FAT32
Drive h: () (Removable) (Total:13.73 GB) (Free:10.9 GB) FAT32
Drive i: () (Removable) (Total:0.06 GB) (Free:0.04 GB) FAT
Drive j: (HDDRIVE2GO) (Fixed) (Total:335.35 GB) (Free:260.6 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: E869E869)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 983 MB) (Disk ID: E1E4A198)

Partition: GPT Partition Type.

========================================================
Disk: 2 (Size: 4 GB) (Disk ID: 01B14E06)
Partition 1: (Active) - (Size=4 GB) - (Type=0B)

========================================================
Disk: 3 (Size: 14 GB) (Disk ID: 6E06FA57)
Partition 1: (Not Active) - (Size=14 GB) - (Type=0C)

========================================================
Disk: 4 (Size: 62 MB) (Disk ID: DAD556B8)

Partition: GPT Partition Type.

========================================================
Disk: 5 (Size: 335 GB) (Disk ID: 750A8025)
Partition 1: (Not Active) - (Size=335 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Du fragst "Noch Probleme?"
Ja!
Bei jedem Herunterfahren erscheint die Meldung "Es wird gewartet, dass Hintergrundprogramme beendet werden." Dann erscheint das Tast Host Window - schließt sich (mal schneller, mal langsamer) - und erst dann wird heruntergefahren.
Firefox ist sehr langsam und hat vorhin einen Appcrash gemeldet:
Code:
Problemsignatur:
  Problemereignisname:        APPCRASH
  Anwendungsname:        firefox.exe
  Anwendungsversion:        28.0.0.5186
  Anwendungszeitstempel:        53240e37
  Fehlermodulname:        xul.dll
  Fehlermodulversion:        28.0.0.5186
  Fehlermodulzeitstempel:        53240e04
  Ausnahmecode:        c0000005
  Ausnahmeoffset:        00184729
  Betriebsystemversion:        6.1.7601.2.1.0.256.1
  Gebietsschema-ID:        3079
  Zusatzinformation 1:        a7aa
  Zusatzinformation 2:        a7aa91f17ea749d42a4de3b390fa5b3d
  Zusatzinformation 3:        a7aa
  Zusatzinformation 4:        a7aa91f17ea749d42a4de3b390fa5b3d

Außerdem:
Der infizierte Win7-Computer war in unserem Heim-Netzwerk:
1 x win xp SP3 Laptop Gericom MP
1 x win xp SP3 Laptop Lenovo ThinkPad (Ethernet und WLAN)
1 x Mac OS 10.6 Apple Powerbook (Intel) - war ausgeschaltet und seither nie eingeschaltet
1 x Router Siemens Gigaset SE361 WLAN
1 x Apple TimeCapsule Festplatte + Router (Ethernet und WLAN)
1 x Telefonanlage ISDN Agfeo AS 35 all in one (verbunden mit dem infizierten Computer über Fritz Card S0-Bus)
1 x Netzwerkdrucker OKI B430dn

Bis auf das Apple Powerbook war also alles über den Router bzw. einen zusätzlichen HUB (alles Ethernet) aktiv verbunden, WLAN sollte eigentlich überall deaktiviert sein.

Und - vielleicht bin ich ja paranoid - alle Handys (eigene und Gäste) haben in den letzten Tagen bei uns "gesponnen". Symptome waren z.B.: beim Einschalten Tastatur gesperrt, Kalender aufgerufen, beim ersten Wählen einer Nummer kam manchmal keine Verbindung zustande.

schrauber 15.04.2014 10:33
Firefox würde ich mal neu installieren.

Für das Herunterfahren:

http://www.trojaner-board.de/126216-...epair-aio.html


Deine Aufzählunf zielt also darauf ab dass du wissen möchtest ob deser Rechner nun alle Geräte im Netz infiziert hat? Nein, gar nit möglich.


Alle Zeitangaben in WEZ +1. Es ist jetzt 20:00 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131