|
Firewall blockt .exe Datei Hallo Leute, ich bin neu hier im Forum und habe eine Frage: Meine Firewall hat heute folgende .exe blockiert :" 028b8e4e-4082-4a93-af02-420ffbbdfbd3.exe" . Diese soll angeblich im Ordner C:\program files\avast software\avast\setup\ sein. Dort kann ich sie aber nicht finden. Ich hatte eine ähnliche .exe schon mal bekommen und blockiert und bei Avast nachgefragt, aber die sagten, sie kommt nicht von ihnen. Kann mir jemand sagen, was das sein soll ? Soll ich den Zugriff erlauben oder was soll ich mit der .exe machen ? MfG Sepp3142 |
hi, Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
|
FRST Logfile: [CODE]Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-09-2013 Ran by User (administrator) on ATHLON7 on 19-09-2013 17:46:00 Running from C:\Users\User\AppData\Roaming\uTorrent\Computer\Daten(D)\Return.To.House.On.Haunted.Hill[2007][Unrated.Edition]DvDrip.AC3[Eng]-aXXo\Desktop Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Sphinx Software) C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe () C:\Program Files\Atomic Alarm Clock\timeserv.exe (Binary Fortress Software) C:\ProgramData\DisplayFusion\DisplayFusionService.exe (zett42) C:\Program Files (x86)\FlashFolder\FlashFolder.exe (SafeNet Inc.) C:\Windows\system32\hasplms.exe (Microsoft Corporation) C:\Windows\system32\mqsvc.exe (Winstep Software Technologies) C:\Program Files (x86)\Winstep\WsxService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe (Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe () C:\Program Files\Core Temp\Core Temp.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Sphinx Software) C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (OrdinarySoft) C:\Program Files\Start Menu X\StartMenuX.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Tordex) C:\Program Files\StartKiller\StartKiller.exe (Stardock Corporation) C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe (ashampoo GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo Snap 5\ashsnap.exe () C:\Program Files (x86)\Ditto\Ditto.exe (Ingo Heeskens) C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinEject.exe (Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe () C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe (Desksware) C:\Program Files\desksware\Desktop iCalendar\Desktop iCalendar.exe (Uxus Software) C:\Program Files (x86)\Jingle Keyboard\Jingle Keyboard.exe () C:\Program Files (x86)\RocketDock\RocketDock.exe (Winstep Software Technologies) C:\Program Files (x86)\Winstep\Nexus.exe (Spotify Ltd) C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionAppHook.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Dirk Jansen) C:\Program Files (x86)\MailCheck\MailCheck.exe () C:\Program Files\Rainmeter\Rainmeter.exe () C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe (Stardock) C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe (Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE (Stardock) C:\Program Files (x86)\Stardock\ObjectDockFree\Dock64.exe (BitTorrent, Inc.) C:\Program Files (x86)\utorrent\utorrent.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe (Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\stpass.exe (XimuSoft) C:\Users\User\Programm-EXE\ggtranslate.exe (RaduKing) E:\RK_Launcher_04_Beta\RKLauncher.exe (Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\Windows\KHALMNPR.EXE [130576 2009-04-22] (Logitech, Inc.) HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM\...\Run: [Windows7FirewallControl] - C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe [1143296 2013-04-16] (Sphinx Software) HKLM\...\Run: [Copy Handler] - [x] HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKCU\...\Run: [StartMenuX] - C:\Program Files\Start Menu X\StartMenuX.exe [7657792 2013-06-28] (OrdinarySoft) HKCU\...\Run: [Start Killer] - C:\Program Files\StartKiller\StartKiller.exe [95096 2011-06-24] (Tordex) HKCU\...\Run: [CursorFX] - C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe [432784 2012-05-10] (Stardock Corporation) HKCU\...\Run: [AshSnap] - C:\Program Files (x86)\Ashampoo\Ashampoo Snap 5\ashsnap.exe [3400600 2012-08-03] (ashampoo GmbH & Co. KG) HKCU\...\Run: [Ditto] - C:\Program Files (x86)\Ditto\Ditto.exe [1433200 2012-11-08] () HKCU\...\Run: [WinEjectAutoStart1] - C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinEject.exe [95744 2001-05-10] (Ingo Heeskens) HKCU\...\Run: [DisplayFusion] - C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [7283072 2013-04-26] (Binary Fortress Software) HKCU\...\Run: [AtomicAlarmClock6] - C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe [5335552 2013-06-08] () HKCU\...\Run: [Desktop iCalendar.exe] - C:\Program Files\desksware\Desktop iCalendar\Desktop iCalendar.exe [1090816 2013-07-06] (Desksware) HKCU\...\Run: [JingleKeys] - C:\Program Files (x86)\Jingle Keyboard\Jingle Keyboard HKCU\...\Run: [RocketDock] - C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] () HKCU\...\Run: [SliderDock] - C:\Program Files (x86)\SliderDock\SliderDock.exe [2263040 2012-02-06] (Dimitri Roozendaal) HKCU\...\Run: [Nexus] - C:\Program Files (x86)\Winstep\Nexus.exe [16957056 2012-03-28] (Winstep Software Technologies) HKCU\...\Run: [Spotify Web Helper] - C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-09-18] (Spotify Ltd) HKCU\...\Run: [SandboxieControl] - C:\Program Files\Sandboxie\SbieCtrl.exe [759384 2013-09-17] (Sandboxie Holdings, LLC) HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2792448 2009-12-04] (VIA) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated) HKLM-x32\...\Run: [PhrozenSoft VirusTotal Uploader] - [x] HKLM-x32\...\Run: [Wondershare Helper Compact.exe] - C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [x] HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software) AppInit_DLLs-x32: c:\progra~3\browse~1\25986~1.67\{c16c1~1\browse~1.dll ;C:\Ḵ춹ࠀ泛5 [ ] () Startup: C:\Users\Player\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (No File) Startup: C:\Users\Player\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe (Stardock) Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled () Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe () Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe (Stardock) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login. HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4875269B4C3CCE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Upgrade to Google Chrome HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Upgrade to Google Chrome HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = Google URLSearchHook: (No Name) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - No File URLSearchHook: (No Name) - {535ae879-ef3b-449c-8726-e1e644ae2290} - No File URLSearchHook: (No Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No File URLSearchHook: (No Name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - No File SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM-x32 - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://de.search.yahoo.com/search/?p={searchTerms}&fr=vc_trans_de_8197&type=ds2se&d SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://de.search.yahoo.com/search/?p={searchTerms}&fr=vc_trans_de_8197&type=ds2se&d SearchScopes: HKCU - {A2DC3FEF-AB4D-442c-8517-34EC6E125C8D} URL = hxxp://search.webwebweb.com/index.html?query={searchTerms}&lang={language}&zip=&town=&site=&country=&safe=[safe,off,strict] BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Adblock IE - {667BEE43-20BD-4CE3-94AC-E63E04D4B191} - C:\Program Files\MGTEK\Adblock IE\adblockie.dll (MGTEK) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: IE7Pro BHO - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files (x86)\IEPro\iepro.dll (IE7Pro.com) BHO-x32: Adblock IE - {667BEE43-20BD-4CE3-94AC-E63E04D4B191} - C:\Program Files (x86)\MGTEK\Adblock IE\adblockie.dll (MGTEK) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Sticky Password Toolbar - {AC02E217-6E13-4F14-9BAC-D7BA27C1E912} - C:\Program Files (x86)\Sticky Password\spIEBho.dll (Lamantine Software a.s.) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\IEPro\IEProRecorder.dll () Toolbar: HKLM-x32 - Sticky Password Toolbar - {AC02E217-6E13-4F14-9BAC-D7BA27C1E912} - C:\Program Files (x86)\Sticky Password\spIEBho.dll (Lamantine Software a.s.) Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Toolbar: HKCU - No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog5 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll" Winsock: Catalog5 05 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll" Winsock: Catalog5-x64 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll" Winsock: Catalog5-x64 05 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll" Tcpip\Parameters: [DhcpNameServer] 83.169.185.33 83.169.185.97 Tcpip\..\Interfaces\{7E036BF8-A73B-4789-87A1-40F1B13AC8B5}: [NameServer]8.26.56.26,156.154.70.22 FireFox: ======== FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249 FF Homepage: chrome://startpage24/content/startpage/index.html FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll No File FF Plugin: @videolan.org/vlc,version=2.0.6 - R:\VLC\npvlc.dll No File FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.) FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.) FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP) FF Plugin-x32: @startpage24.com/npLin64;Version=4 - C:\ProgramData\Startpage24\Plugin\firefox\plugins\nplink64.dll (Link64 GmbH) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - R:\VLC\npvlc.dll No File FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @phonostar.de/phonostar-Player - C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll No File FF Plugin HKCU: @stickypassword.com/Sticky Password - C:\Program Files (x86)\Sticky Password\npspAutofill.dll (Lamantine Software a.s.) FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249\searchplugins\Startpage24_460149a5.xml FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249\searchplugins\webwebweb.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249\Extensions\foxsplitter@piro.sakura.ne.jp FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249\Extensions\ich@maltegoetz.de FF Extension: LastPass - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249\Extensions\support@lastpass.com FF Extension: ReminderFox - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249\Extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae} FF Extension: DownloadHelper - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} FF Extension: autopager - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249\Extensions\autopager@mozilla.org.xpi FF Extension: ffext_basicchromeext - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249\Extensions\ffext_basicchromeext@startpage24.xpi FF Extension: smarterwiki - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249\Extensions\smarterwiki@wikiatic.com.xpi FF Extension: stefanvandamme - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249\Extensions\stefanvandamme@stefanvd.net.xpi FF Extension: translator - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249\Extensions\translator@zoli.bod.xpi FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249\Extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}.xpi FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249\Extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249\Extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\m8254yre.default-1372874611249\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Password Manager 12\spmplugin3 FF HKLM-x32\...\Firefox\Extensions: [ffext@startpage24] - C:\ProgramData\Startpage24\Plugin\firefox FF Extension: No Name - C:\ProgramData\Startpage24\Plugin\firefox FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKCU\...\Firefox\Extensions: [{54affe52-8223-453b-be1e-2fe2e250045c}] - C:\Users\User\AppData\Roaming\Lamantine\Sticky Password\spAutofill FF Extension: Sticky Password Autofill Engine - C:\Users\User\AppData\Roaming\Lamantine\Sticky Password\spAutofill Chrome: ======= CHR HomePage: hxxp://www.google.de/ig?hl=de CHR RestoreOnStartup: "hxxp://www.google.de/ig?hl=de" CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{go ogle:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefi xUrl}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility for IJ) - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) CHR Plugin: (NPCIG.dll) - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.) CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (Sticky Password) - C:\Program Files (x86)\Sticky Password\npspAutofill.dll (Lamantine Software a.s.) CHR Plugin: (Startpage24 Startpage) - C:\ProgramData\Startpage24\Plugin\firefox\plugins\nplink64.dll (Link64 GmbH) CHR Plugin: (RocketLife Secure Plug-In Layer) - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP) CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File CHR Plugin: (Java Deployment Toolkit 7.0.210.11) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) CHR Extension: (Google Translate) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.5_0 CHR Extension: (Angry Birds) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0 CHR Extension: (Sort by Name) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\amigcgbheognjmfkaieeeadojiibgbdp\2.0.0_0 CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (GreaseGoogle) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apeeedokdcajckokidhdkbkflkpfpgko\1.61_0 CHR Extension: (Turn Off the Lights) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.2.0.21_0 CHR Extension: (Audials Live Radio & Podcast) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnjlebpekgoocnhepibpaebimepdhccf\1.0.7_0 CHR Extension: (Chrome YouTube Downloader) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkjpbooja\2.6.19_0 CHR Extension: ( "name": "Split at selected tab") - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdochbecpfdpjobpgnacnbepkgcfhoek\1.1_0 CHR Extension: (Adblock Plus) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.5_0 CHR Extension: (New Tab Website) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgkogmmlmfijkljjnhalncbabkljhceo\0.2_0 CHR Extension: (Tampermonkey) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\3.4.3568.10_0 CHR Extension: (Torrent Turbo Search App) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\eegbffmjdkflkcfncpfjjbggbdlnbdif\0.1_0 CHR Extension: (Select Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcjoilhmjjhfpeflkmlhejiaadbgfkgn\1.5.20_0 CHR Extension: (Stylish) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\1.2_0 CHR Extension: (DNSHelper) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaffpnfojcdkcdimoobneboagdnnenbo\1.0.0_0 CHR Extension: (Torrent Turbo Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcdgomceilgkonhjheaijcmgfhabmpio\4.0.0_0 CHR Extension: (Calculator) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebiheilikanaahecmhecdnfnhhekjfg\1.5_0 CHR Extension: (Click&Clean) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\8.3_0 CHR Extension: (Selection Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gipnlpdeieaidmmeaichnddnmjmcakoe\0.7.17_0 CHR Extension: (Porsche) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkclphmapdcppbmekmbkcjfanpmoidpg\3_0 CHR Extension: (Save to Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne\2.0.0_0 CHR Extension: (Downloads Page Button) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmfoedhfgopiadmmbdokkknanefffjff\1_0 CHR Extension: (avast! Online Security) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0 CHR Extension: (SearchPreview) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo\3.0_0 CHR Extension: (New Tab Redirect!) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna\2.0_0 CHR Extension: (Google Play Music) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg\5.2_0 CHR Extension: (Calc SS3) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\iicfbobganffbpdodmdcbcpblomkbeoa\0.9.98_0 CHR Extension: (My Browser Page) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jghfknlgajlcihkhkhnlcoffhbohnlbg\1.0_0 CHR Extension: (Chromium Wheel Smooth Scroller) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\khpcanbeojalbkpgpmjpdkjnkfcgfkhb\1.3.3_0 CHR Extension: (Alarm Clock Radio) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kipdhcpepbpjaoggihaloebfjfafagmi\1.7_0 CHR Extension: (iStart - new tab page, in metro style) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkgdlmlmcijgnglfcophfjhafiafhkae\0.0.0.45_0 CHR Extension: (vavideo) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mceccpkcopbefcjodfojjeegkmmmmhlb\1.4.0.0_0 CHR Extension: (3D Solar System Web) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdaaepplopehigjgkolniddiadbbkphd\0.50_0 CHR Extension: (Web Noire) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhpdijlebpdiimcjojcbkpmcpfabignf\22.5_0 CHR Extension: (Google Mail Checker) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0 CHR Extension: (AutoPager Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgagnmbebdebebbcleklifnobamjonh\0.8.0.4_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 CHR Extension: (Deezer) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\npfkoakaabdallkcdbpkkhfilkkngakh\1.3.2_0 CHR Extension: (YouTube Unblocker) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl\0.4.4_0 CHR Extension: (Spotify Web Player Launcher) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\oafegckanldnpojgnlfgloifiejbkgog\1.12_0 CHR Extension: (Sticky Password Autofill Engine) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\offlaklpbgccmeobfnimdjapgolbfhad\5.0.17.267 CHR Extension: (Click&Clean App) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp\8.0_0 CHR HKLM-x32\...\Chrome\Extension: [gaffpnfojcdkcdimoobneboagdnnenbo] - C:\Users\User\AppData\Roaming\DNSHelper Chrome\DNSHelper.crx CHR HKLM-x32\...\Chrome\Extension: [jaogepninmlbinccpbiakcgiolijlllo] - C:\Program Files (x86)\1&1 Mail & Media\WEB.DE MailCheck\GC\webde_mailcheck.1.0.crx CHR HKLM-x32\...\Chrome\Extension: [ngnjhfpfhadncgafgbneeljaginimmmk] - C:\Users\User\AppData\Local\CRE\ngnjhfpfhadncgafgbneeljaginimmmk.crx ==================== Services (Whitelisted) ================= R2 AtomicAlarmClock; C:\Program Files\Atomic Alarm Clock\timeserv.exe [2007040 2013-04-24] () R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software) R2 DisplayFusionService; C:\ProgramData\DisplayFusion\DisplayFusionService.exe [1498000 2013-04-26] (Binary Fortress Software) R2 FlashFolder; C:\Program Files (x86)\FlashFolder\FlashFolder.exe [71680 2008-03-21] (zett42) R2 hasplms; C:\Windows\system32\hasplms.exe [4941768 2012-06-28] (SafeNet Inc.) R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-14] (Microsoft Corporation) R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [183896 2013-07-08] (Sandboxie Holdings, LLC) R2 Windows7FirewallService; C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe [778752 2013-04-16] (Sphinx Software) R2 Winstep Xtreme Service; C:\Program Files (x86)\Winstep\WsxService [x] ==================== Drivers (Whitelisted) ==================== R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software) R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] () R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software) R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] () R1 BIOS; C:\Windows\system32\drivers\BIOS64.sys [14136 2009-06-18] (BIOSTAR Group) R1 BIOS; C:\Windows\system32\drivers\BIOS64.sys [14136 2009-06-18] (BIOSTAR Group) S3 FARMNTIO; c:\windows\system32\drivers\farmntio.sys [24664 2012-01-11] () S3 FARMNTIO; c:\windows\system32\drivers\farmntio.sys [24664 2012-01-11] () R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [321536 2011-09-28] (SafeNet Inc.) R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-14] (Microsoft Corporation) R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2010-07-16] (CACE Technologies, Inc.) R1 RAMDiskVE; C:\Windows\System32\Drivers\RAMDiskVE.sys [84720 2013-05-04] (Dataram, Inc.) S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-02-05] (RapidSolution Software AG) R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-02-05] (RapidSolution Software AG) R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [199384 2013-07-08] (Sandboxie Holdings, LLC) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-11-17] (Duplex Secure Ltd.) S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13920 2012-06-20] () R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [90960 2013-02-18] (Windows (R) 2000 DDK provider) R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [633680 2013-02-18] (Paragon) R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [390224 2012-10-31] (Paragon) R2 WinisoCDBus; C:\Windows\System32\drivers\WinisoCDBus.sys [204032 2013-06-06] (WinISO.com) S3 WsAudioDevice_383S(1); C:\Windows\System32\drivers\WsAudioDevice_383S(1).sys [29288 2013-01-08] (Wondershare) R3 ALSysIO; \??\C:\Users\User\AppData\Local\Temp\ALSysIO64.sys [x] U3 DfSdkS; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-19 17:45 - 2013-09-19 17:45 - 00000000 ____D C:\FRST 2013-09-18 15:24 - 2013-09-18 15:42 - 00001828 _____ C:\Windows\Sandboxie.ini 2013-09-18 15:23 - 2013-09-18 15:31 - 00000000 ____D C:\Program Files\Sandboxie 2013-09-18 15:15 - 2013-09-18 15:15 - 00000000 ____H C:\ProgramData\cm-lock 2013-09-17 21:54 - 2013-09-19 12:21 - 00000000 ____D C:\Users\User\AppData\Roaming\Spotify 2013-09-17 12:18 - 2013-09-17 12:18 - 00000218 _____ C:\Users\User\.recently-used.xbel 2013-09-17 07:30 - 2013-09-18 04:08 - 00000000 ____D C:\Users\Public\Documents\Winstep 2013-09-17 07:30 - 2013-09-17 07:30 - 00001051 _____ C:\Users\User\Documents\Winstep.lnk 2013-09-17 07:30 - 2013-09-17 07:30 - 00000000 ____D C:\Program Files (x86)\Winstep 2013-09-17 07:30 - 2008-02-05 15:36 - 00798208 _____ (Winstep Software Technologies) C:\Windows\SysWOW64\NextControls.ocx 2013-09-17 07:30 - 1997-07-19 16:55 - 01347344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvbvm50.dll 2013-09-15 12:52 - 2013-09-18 14:36 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2013-09-15 12:52 - 2013-08-30 09:48 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2013-09-15 12:52 - 2013-08-30 09:48 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2013-09-15 12:52 - 2013-08-30 09:48 - 00204880 _____ C:\Windows\system32\Drivers\aswVmm.sys 2013-09-15 12:52 - 2013-08-30 09:48 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2013-09-15 12:52 - 2013-08-30 09:48 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2013-09-15 12:52 - 2013-08-30 09:48 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys 2013-09-15 12:52 - 2013-08-30 09:48 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys 2013-09-15 12:52 - 2013-08-30 09:48 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys 2013-09-15 12:52 - 2013-08-30 09:47 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr 2013-09-15 12:41 - 2013-09-15 12:41 - 00003148 _____ C:\Windows\System32\Tasks\SidebarExecute 2013-09-13 23:15 - 2013-09-13 23:13 - 00002293 _____ C:\Users\User\Documents\License.avastlic 2013-09-13 16:34 - 2013-09-13 16:34 - 00003250 _____ C:\Windows\System32\Tasks\Stefan 2013-09-13 11:19 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-09-13 11:19 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-09-13 11:19 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-09-13 11:19 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-09-13 11:19 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-09-13 11:19 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-09-13 11:19 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-09-13 11:19 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-09-13 11:19 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-09-13 11:19 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-09-13 11:19 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-09-13 11:19 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-09-13 11:19 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-09-13 11:19 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-09-13 11:19 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-09-13 11:19 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-09-13 11:19 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-09-13 11:19 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-09-13 11:19 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-09-13 11:19 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-09-13 11:19 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-09-13 11:19 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-09-13 11:19 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-09-13 11:19 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-09-13 11:19 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-09-13 11:19 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-09-13 11:19 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-09-13 11:19 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-09-13 11:19 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-09-13 11:19 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-09-13 11:19 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-09-13 09:25 - 2013-09-13 09:25 - 00003244 _____ C:\Windows\System32\Tasks\Hallo 2013-09-13 08:38 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys 2013-09-13 08:38 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-09-13 08:38 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-09-13 08:38 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2013-09-13 08:38 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2013-09-13 08:38 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2013-09-13 08:38 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2013-09-13 08:38 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2013-09-13 08:38 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2013-09-13 08:38 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2013-09-13 08:38 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2013-09-13 08:38 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2013-09-13 08:38 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2013-09-13 08:38 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2013-09-13 08:38 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2013-09-13 08:38 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-09-13 08:38 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-09-13 08:38 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2013-09-13 08:38 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2013-09-13 08:38 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2013-09-13 08:38 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2013-09-13 08:38 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2013-09-13 08:38 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2013-09-13 08:38 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2013-09-13 08:38 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2013-09-13 08:37 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-09-13 08:37 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2013-09-13 08:37 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2013-09-13 08:37 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2013-09-13 08:37 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2013-09-13 08:37 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2013-09-13 08:37 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2013-09-13 08:37 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2013-09-13 08:37 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2013-09-13 08:37 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2013-09-13 08:37 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2013-09-13 08:37 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2013-09-13 08:37 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2013-09-12 21:51 - 2013-09-12 21:59 - 00000000 ____D C:\Users\User\AppData\Local\SliderDock 2013-09-12 21:51 - 2013-09-12 21:51 - 00000000 ____D C:\Program Files (x86)\SliderDock 2013-09-12 19:49 - 2013-09-12 19:49 - 00003556 _____ C:\Windows\System32\Tasks\Hausarzt 2013-09-11 14:21 - 2013-09-17 19:33 - 00000964 _____ C:\Windows\Tasks\Paragon Archive name diff_110913121931221.job 2013-09-11 14:21 - 2013-09-11 14:21 - 00003970 _____ C:\Windows\System32\Tasks\Paragon Archive name diff_110913121931221 2013-09-11 13:02 - 2013-09-11 13:02 - 00000000 ____D C:\ProgramData\complexbackup 2013-09-10 19:39 - 2013-09-11 06:18 - 00000000 ____D C:\Program Files (x86)\sTabLauncher 2013-09-09 00:27 - 2013-09-09 00:27 - 00002984 _____ C:\Windows\System32\Tasks\{58F829F6-9A19-4A17-822E-C2B532A84F3A} 2013-09-08 19:02 - 2013-09-08 19:03 - 00000000 ____D C:\Users\User\AppData\Local\ToolwizCareFree 2013-09-08 19:02 - 2013-09-08 19:02 - 00001047 _____ C:\Users\UpdatusUser\Desktop\Toolwiz Care.lnk 2013-09-08 02:13 - 2013-09-08 02:13 - 00000000 ____D C:\Users\User\Documents\WWT MIDI Controller Maps 2013-09-08 02:13 - 2013-09-08 02:13 - 00000000 ____D C:\Users\User\Documents\WWT Collections 2013-09-07 21:00 - 2013-09-07 21:00 - 00002489 _____ C:\Users\User\Programme.gcs 2013-09-07 20:39 - 2013-09-08 00:20 - 00001155 _____ C:\Users\User\AppData\Roaming\gcstar.log 2013-09-07 15:55 - 2013-09-07 16:21 - 00000000 ____D C:\Users\Player\AppData\Roaming\Winamp 2013-09-07 14:51 - 2013-09-08 19:41 - 00000000 ____D C:\Program Files (x86)\Toolwiz TimeFreeze 2013-09-07 14:51 - 2013-09-07 14:51 - 00001108 _____ C:\Users\User\Documents\Toolwiz TimeFreeze.lnk 2013-09-07 14:51 - 2013-09-07 14:51 - 00001108 _____ C:\Users\UpdatusUser\Desktop\Toolwiz TimeFreeze.lnk 2013-09-07 14:49 - 2013-09-15 01:34 - 00000000 ____D C:\Users\User\AppData\Roaming\DVD Flick 2013-09-07 14:30 - 2013-09-07 14:30 - 00000000 ____D C:\Program Files (x86)\DVD Flick 2013-09-05 21:35 - 2013-09-05 21:35 - 00000000 ____D C:\Users\User\Documents\default 2013-09-04 19:53 - 2013-09-04 19:53 - 00000000 ____D C:\ProgramData\scripts 2013-09-02 18:12 - 2013-09-08 21:55 - 00000000 ____D C:\Program Files (x86)\Celestia 2013-09-02 11:56 - 2013-09-02 12:31 - 00000000 ____D C:\Users\User\Documents\Ashampoo Gadge It 2013-09-02 11:09 - 2013-09-14 14:59 - 00001197 _____ C:\Users\User\AppData\Roaming\Ashampoo Gadge It event.log 2013-09-01 17:48 - 2013-09-01 17:48 - 00003136 _____ C:\Windows\System32\Tasks\{3D3C8058-7F5E-47CB-9C40-7BD18A7D7A41} 2013-09-01 16:10 - 2013-09-01 16:10 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Smith&WelcomeInc 2013-09-01 16:10 - 2013-09-01 16:10 - 00000000 ____D C:\Program Files (x86)\Smith&Welcome Inc 2013-09-01 05:26 - 2013-09-01 05:26 - 00000000 ____D C:\Program Files (x86)\Ant Renamer 2013-09-01 02:48 - 2013-09-01 02:48 - 00000000 ____D C:\Users\Player\AppData\Local\Ashampoo 2013-08-30 16:55 - 2013-08-30 16:55 - 00000000 ____D C:\Program Files (x86)\Seam Carving GUI 2013-08-30 06:21 - 2013-09-18 21:59 - 00000966 _____ C:\Windows\Tasks\Paragon Archive name diff_300813041740867.job 2013-08-30 06:21 - 2013-08-30 06:21 - 00004006 _____ C:\Windows\System32\Tasks\Paragon Archive name diff_300813041740867 2013-08-29 01:26 - 2013-08-31 13:54 - 00000000 ___RD C:\Users\User\SkyDrive 2013-08-27 23:02 - 2013-08-27 23:02 - 00000000 ____D C:\Users\Player\AppData\Roaming\OpenOffice 2013-08-27 20:04 - 2013-08-27 20:04 - 00000000 ____D C:\Program Files (x86)\MailCheck 2013-08-25 09:35 - 2013-09-19 17:07 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-08-25 09:35 - 2013-08-25 23:29 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-08-24 17:26 - 2013-08-24 17:26 - 00001931 _____ C:\Users\User\AppData\avast! Internet Security.lnk 2013-08-24 07:36 - 2013-09-07 19:53 - 00003248 _____ C:\Windows\System32\Tasks\BetterDesktopTool 2013-08-22 06:24 - 2013-08-22 06:24 - 00000000 ____D C:\Users\Player\AppData\Local\BetterDesktopTool 2013-08-22 06:16 - 2013-08-22 06:24 - 00000000 ____D C:\Program Files (x86)\BetterDesktopTool 2013-08-22 06:16 - 2013-08-22 06:16 - 00000000 ____D C:\Users\User\AppData\Local\BetterDesktopTool 2013-08-21 15:06 - 2013-08-21 15:06 - 00002693 _____ C:\Users\User\AppData\Lumac.lnk 2013-08-21 15:05 - 2013-08-21 15:05 - 00000000 ____D C:\Program Files (x86)\VideoLAN 2013-08-20 12:29 - 2013-08-20 12:29 - 00000000 ____D C:\Users\User\AppData\Local\Harmony_Hollow_Software 2013-08-20 12:27 - 2013-08-22 04:45 - 00000000 ____D C:\Users\User\AppData\Local\CTDSounds 2013-08-20 12:27 - 2013-08-20 12:27 - 00000000 ____D C:\Program Files (x86)\Cool Timer Deluxe ==================== One Month Modified Files and Folders ======= 2013-09-19 17:45 - 2013-09-19 17:45 - 00000000 ____D C:\FRST 2013-09-19 17:45 - 2013-01-15 17:21 - 00000000 ___RD C:\Users\User\Downloads 2 2013-09-19 17:45 - 2012-08-07 17:40 - 00000000 ____D C:\Users\User\AppData\Roaming\uTorrent 2013-09-19 17:24 - 2012-08-05 12:38 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-09-19 17:13 - 2012-12-30 11:50 - 00007576 _____ C:\Users\User\XPasswörter.txt 2013-09-19 17:07 - 2013-08-25 09:35 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-09-19 16:55 - 2012-10-09 19:25 - 00000000 ___RD C:\Users\User\Documents\Sticky Passwords 2013-09-19 16:29 - 2011-03-26 14:16 - 01634527 _____ C:\Windows\WindowsUpdate.log 2013-09-19 12:21 - 2013-09-17 21:54 - 00000000 ____D C:\Users\User\AppData\Roaming\Spotify 2013-09-19 11:51 - 2012-12-27 01:19 - 00007666 _____ C:\Users\User\AppData\Local\resmon.resmoncfg 2013-09-19 11:28 - 2013-06-28 00:38 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc 2013-09-19 03:18 - 2013-04-20 11:01 - 00000000 ____D C:\Users\User\AppData\Roaming\Ditto 2013-09-19 03:18 - 2012-08-05 12:38 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-09-19 00:27 - 2012-12-08 10:35 - 00000000 ____D C:\Users\User\AppData\Roaming\TVgenial 2013-09-19 00:18 - 2012-11-12 10:12 - 00000000 ___RD C:\Users\User\Bildvorlagen 2013-09-18 21:59 - 2013-08-30 06:21 - 00000966 _____ C:\Windows\Tasks\Paragon Archive name diff_300813041740867.job 2013-09-18 17:33 - 2013-07-07 17:48 - 00000000 ____D C:\Users\User\AppData\Roaming\Rainmeter 2013-09-18 16:59 - 2012-11-19 20:21 - 00000000 ____D C:\Users\User\AppData\Roaming\SolSuite 2013-09-18 16:02 - 2012-12-07 23:53 - 00000000 ___RD C:\Users\User\Pictures 2 2013-09-18 15:42 - 2013-09-18 15:24 - 00001828 _____ C:\Windows\Sandboxie.ini 2013-09-18 15:31 - 2013-09-18 15:23 - 00000000 ____D C:\Program Files\Sandboxie 2013-09-18 15:23 - 2009-07-14 06:45 - 00019712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-09-18 15:23 - 2009-07-14 06:45 - 00019712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-09-18 15:15 - 2013-09-18 15:15 - 00000000 ____H C:\ProgramData\cm-lock 2013-09-18 15:15 - 2013-05-24 13:55 - 00017062 _____ C:\Windows\setupact.log 2013-09-18 15:14 - 2010-07-14 17:06 - 00000000 ____D C:\ProgramData\NVIDIA 2013-09-18 15:14 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-18 15:12 - 2013-05-05 00:07 - 2147549232 ____C C:\RAMDisk.img 2013-09-18 14:36 - 2013-09-15 12:52 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2013-09-18 05:36 - 2013-04-13 18:23 - 00000000 ___RD C:\Users\User\icons 2 2013-09-18 04:08 - 2013-09-17 07:30 - 00000000 ____D C:\Users\Public\Documents\Winstep 2013-09-18 03:36 - 2012-12-21 07:32 - 00001793 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2013-09-18 03:36 - 2012-12-21 07:32 - 00000000 ____D C:\Users\User\AppData\Local\Spotify 2013-09-18 03:06 - 2013-05-24 13:55 - 00032926 _____ C:\Windows\PFRO.log 2013-09-18 03:06 - 2009-07-14 06:45 - 05124856 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-17 23:23 - 2013-05-05 00:07 - 2147549232 ____C C:\RAMDisk.img.bak 2013-09-17 20:21 - 2012-12-03 08:04 - 00000000 ____D C:\Users\User\AppData\Local\CrashDumps 2013-09-17 19:33 - 2013-09-11 14:21 - 00000964 _____ C:\Windows\Tasks\Paragon Archive name diff_110913121931221.job 2013-09-17 12:28 - 2013-07-10 10:36 - 00154680 _____ C:\Users\Player\AppData\Local\GDIPFONTCACHEV1.DAT 2013-09-17 12:18 - 2013-09-17 12:18 - 00000218 _____ C:\Users\User\.recently-used.xbel 2013-09-17 12:18 - 2012-12-14 20:02 - 00000000 ____D C:\Users\User\AppData\Roaming\griffith 2013-09-17 12:14 - 2013-06-04 16:25 - 23867483 _____ C:\Users\User\Documents\DVD -MOVIES 3.odt 2013-09-17 11:04 - 2012-12-18 17:34 - 00000000 ___RD C:\Users\User\TIPPS 2013-09-17 07:35 - 2012-07-06 16:57 - 00154680 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT 2013-09-17 07:30 - 2013-09-17 07:30 - 00001051 _____ C:\Users\User\Documents\Winstep.lnk 2013-09-17 07:30 - 2013-09-17 07:30 - 00000000 ____D C:\Program Files (x86)\Winstep 2013-09-17 07:29 - 2013-03-20 22:16 - 00000000 ___RD C:\Users\User\Programm-EXE 2013-09-17 07:14 - 2013-07-31 05:38 - 00000000 ____D C:\Users\User\AppData\Roaming\Winamp 2013-09-16 23:49 - 2012-12-31 15:33 - 00000000 ____D C:\Users\User\AppData\Roaming\GmailNotifierPro 2013-09-15 12:52 - 2013-06-19 00:09 - 00000000 _____ C:\Windows\SysWOW64\config.nt 2013-09-15 12:51 - 2013-06-19 00:09 - 00000000 ____D C:\Program Files\AVAST Software 2013-09-15 12:51 - 2013-06-19 00:05 - 00000000 ____D C:\ProgramData\AVAST Software 2013-09-15 12:41 - 2013-09-15 12:41 - 00003148 _____ C:\Windows\System32\Tasks\SidebarExecute 2013-09-15 02:43 - 2012-07-06 20:58 - 00000000 ___RD C:\Users\User\Wallpapers 2013-09-15 01:34 - 2013-09-07 14:49 - 00000000 ____D C:\Users\User\AppData\Roaming\DVD Flick 2013-09-14 14:59 - 2013-09-02 11:09 - 00001197 _____ C:\Users\User\AppData\Roaming\Ashampoo Gadge It event.log 2013-09-14 14:31 - 2013-08-19 13:52 - 00000000 ____D C:\Users\User\AppData\Roaming\Mp3tag 2013-09-13 23:13 - 2013-09-13 23:15 - 00002293 _____ C:\Users\User\Documents\License.avastlic 2013-09-13 18:06 - 2013-07-10 10:36 - 00000000 ___RD C:\Users\Player\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-09-13 18:06 - 2013-07-10 10:36 - 00000000 ___RD C:\Users\Player\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-09-13 18:06 - 2013-07-10 10:36 - 00000000 ____D C:\Users\Player 2013-09-13 16:34 - 2013-09-13 16:34 - 00003250 _____ C:\Windows\System32\Tasks\Stefan 2013-09-13 11:27 - 2011-04-16 15:56 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-09-13 11:27 - 2011-04-16 15:56 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-09-13 11:19 - 2013-08-14 21:46 - 00000000 ____D C:\Windows\system32\MRT 2013-09-13 11:16 - 2012-02-19 10:47 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-09-13 09:25 - 2013-09-13 09:25 - 00003244 _____ C:\Windows\System32\Tasks\Hallo 2013-09-12 21:59 - 2013-09-12 21:51 - 00000000 ____D C:\Users\User\AppData\Local\SliderDock 2013-09-12 21:51 - 2013-09-12 21:51 - 00000000 ____D C:\Program Files (x86)\SliderDock 2013-09-12 21:02 - 2013-07-05 07:30 - 00000000 ___RD C:\Users\User\Stefan 2013-09-12 19:49 - 2013-09-12 19:49 - 00003556 _____ C:\Windows\System32\Tasks\Hausarzt 2013-09-11 14:21 - 2013-09-11 14:21 - 00003970 _____ C:\Windows\System32\Tasks\Paragon Archive name diff_110913121931221 2013-09-11 13:02 - 2013-09-11 13:02 - 00000000 ____D C:\ProgramData\complexbackup 2013-09-11 12:57 - 2013-03-19 20:52 - 00000000 ____D C:\Program Files (x86)\Paragon Software 2013-09-11 06:18 - 2013-09-10 19:39 - 00000000 ____D C:\Program Files (x86)\sTabLauncher 2013-09-10 10:55 - 2009-07-14 19:58 - 00702398 _____ C:\Windows\system32\perfh007.dat 2013-09-10 10:55 - 2009-07-14 19:58 - 00151190 _____ C:\Windows\system32\perfc007.dat 2013-09-10 10:55 - 2009-07-14 07:13 - 01629926 _____ C:\Windows\system32\PerfStringBackup.INI 2013-09-09 15:56 - 2013-06-27 07:16 - 00000000 ____D C:\Users\User\AppData\Roaming\DisplayFusion 2013-09-09 00:27 - 2013-09-09 00:27 - 00002984 _____ C:\Windows\System32\Tasks\{58F829F6-9A19-4A17-822E-C2B532A84F3A} 2013-09-08 21:55 - 2013-09-02 18:12 - 00000000 ____D C:\Program Files (x86)\Celestia 2013-09-08 20:29 - 2012-08-11 12:09 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software 2013-09-08 19:41 - 2013-09-07 14:51 - 00000000 ____D C:\Program Files (x86)\Toolwiz TimeFreeze 2013-09-08 19:03 - 2013-09-08 19:02 - 00000000 ____D C:\Users\User\AppData\Local\ToolwizCareFree 2013-09-08 19:02 - 2013-09-08 19:02 - 00001047 _____ C:\Users\UpdatusUser\Desktop\Toolwiz Care.lnk 2013-09-08 02:13 - 2013-09-08 02:13 - 00000000 ____D C:\Users\User\Documents\WWT MIDI Controller Maps 2013-09-08 02:13 - 2013-09-08 02:13 - 00000000 ____D C:\Users\User\Documents\WWT Collections 2013-09-08 00:20 - 2013-09-07 20:39 - 00001155 _____ C:\Users\User\AppData\Roaming\gcstar.log 2013-09-07 23:00 - 2012-06-01 12:22 - 00000000 ____D C:\ProgramData\CanonIJPLM 2013-09-07 22:52 - 2013-01-15 06:19 - 00054127 _____ C:\Users\User\Documents\DVD`s.txt 2013-09-07 21:00 - 2013-09-07 21:00 - 00002489 _____ C:\Users\User\Programme.gcs 2013-09-07 20:56 - 2012-12-14 20:07 - 00000000 ____D C:\Users\User\AppData\Roaming\gtk-2.0 2013-09-07 19:53 - 2013-08-24 07:36 - 00003248 _____ C:\Windows\System32\Tasks\BetterDesktopTool 2013-09-07 16:21 - 2013-09-07 15:55 - 00000000 ____D C:\Users\Player\AppData\Roaming\Winamp 2013-09-07 14:51 - 2013-09-07 14:51 - 00001108 _____ C:\Users\User\Documents\Toolwiz TimeFreeze.lnk 2013-09-07 14:51 - 2013-09-07 14:51 - 00001108 _____ C:\Users\UpdatusUser\Desktop\Toolwiz TimeFreeze.lnk 2013-09-07 14:30 - 2013-09-07 14:30 - 00000000 ____D C:\Program Files (x86)\DVD Flick 2013-09-07 13:42 - 2013-05-15 10:58 - 00000000 ___RD C:\Users\User\Magazine 2013-09-05 21:35 - 2013-09-05 21:35 - 00000000 ____D C:\Users\User\Documents\default 2013-09-04 19:53 - 2013-09-04 19:53 - 00000000 ____D C:\ProgramData\scripts 2013-09-04 15:56 - 2012-08-24 10:04 - 00000000 ____D C:\Users\User\AppData\Roaming\dvdcss 2013-09-02 12:31 - 2013-09-02 11:56 - 00000000 ____D C:\Users\User\Documents\Ashampoo Gadge It 2013-09-02 11:08 - 2010-07-14 17:36 - 00000000 ____D C:\ProgramData\ashampoo 2013-09-02 11:08 - 2010-07-14 17:36 - 00000000 ____D C:\Program Files (x86)\Ashampoo 2013-09-01 17:48 - 2013-09-01 17:48 - 00003136 _____ C:\Windows\System32\Tasks\{3D3C8058-7F5E-47CB-9C40-7BD18A7D7A41} 2013-09-01 16:10 - 2013-09-01 16:10 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Smith&WelcomeInc 2013-09-01 16:10 - 2013-09-01 16:10 - 00000000 ____D C:\Program Files (x86)\Smith&Welcome Inc 2013-09-01 15:22 - 2012-03-18 11:07 - 00000000 ____D C:\Users\User\AppData\Local\ashampoo 2013-09-01 05:26 - 2013-09-01 05:26 - 00000000 ____D C:\Program Files (x86)\Ant Renamer 2013-09-01 02:48 - 2013-09-01 02:48 - 00000000 ____D C:\Users\Player\AppData\Local\Ashampoo 2013-09-01 01:34 - 2013-05-10 00:23 - 00010752 _____ C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-08-31 13:54 - 2013-08-29 01:26 - 00000000 ___RD C:\Users\User\SkyDrive 2013-08-30 18:09 - 2013-07-11 04:41 - 00000000 ____D C:\Users\Player\AppData\Roaming\vlc 2013-08-30 16:55 - 2013-08-30 16:55 - 00000000 ____D C:\Program Files (x86)\Seam Carving GUI 2013-08-30 09:48 - 2013-09-15 12:52 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2013-08-30 09:48 - 2013-09-15 12:52 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2013-08-30 09:48 - 2013-09-15 12:52 - 00204880 _____ C:\Windows\system32\Drivers\aswVmm.sys 2013-08-30 09:48 - 2013-09-15 12:52 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2013-08-30 09:48 - 2013-09-15 12:52 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2013-08-30 09:48 - 2013-09-15 12:52 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys 2013-08-30 09:48 - 2013-09-15 12:52 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys 2013-08-30 09:48 - 2013-09-15 12:52 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys 2013-08-30 09:47 - 2013-09-15 12:52 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr 2013-08-30 09:47 - 2013-06-19 00:09 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2013-08-30 06:21 - 2013-08-30 06:21 - 00004006 _____ C:\Windows\System32\Tasks\Paragon Archive name diff_300813041740867 2013-08-29 10:04 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-08-28 23:32 - 2013-04-23 16:04 - 00000000 ___RD C:\Users\User\WAV-Töne 2013-08-28 13:56 - 2013-05-14 00:10 - 00000000 ____D C:\Users\User\AppData\Roaming\http;scientific-calculator.appspot.com 2013-08-28 00:23 - 2013-08-05 17:07 - 00000000 ____D C:\ProgramData\firebird 2013-08-27 23:02 - 2013-08-27 23:02 - 00000000 ____D C:\Users\Player\AppData\Roaming\OpenOffice 2013-08-27 21:19 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2013-08-27 20:04 - 2013-08-27 20:04 - 00000000 ____D C:\Program Files (x86)\MailCheck 2013-08-27 10:29 - 2013-06-12 19:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-08-26 22:08 - 2013-07-04 08:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-08-26 14:44 - 2013-07-14 02:50 - 00000000 ____D C:\Users\Player\AppData\Local\CrashDumps 2013-08-25 23:29 - 2013-08-25 09:35 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-08-25 23:29 - 2013-06-12 23:16 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-08-25 23:29 - 2013-06-12 23:04 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-08-24 17:43 - 2013-06-12 22:51 - 00000000 ____D C:\ProgramData\Adobe 2013-08-24 17:43 - 2013-06-12 20:15 - 00000000 ____D C:\Users\User\AppData\Roaming\Adobe 2013-08-24 17:43 - 2012-02-19 13:01 - 00000000 ____D C:\Users\User\AppData\Local\Adobe 2013-08-24 17:26 - 2013-08-24 17:26 - 00001931 _____ C:\Users\User\AppData\avast! Internet Security.lnk 2013-08-23 15:35 - 2010-07-14 17:29 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-08-23 15:30 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp 2013-08-23 15:04 - 2013-01-02 11:37 - 00000000 ____D C:\Users\User\AppData\Roaming\LumacDaemon 2013-08-23 12:58 - 2012-09-19 10:30 - 00000000 ____D C:\Users\User\AppData\Local\Patience 2013-08-22 19:46 - 2012-11-27 14:22 - 00000000 ____D C:\Users\User\AppData\Roaming\Vso 2013-08-22 06:24 - 2013-08-22 06:24 - 00000000 ____D C:\Users\Player\AppData\Local\BetterDesktopTool 2013-08-22 06:24 - 2013-08-22 06:16 - 00000000 ____D C:\Program Files (x86)\BetterDesktopTool 2013-08-22 06:16 - 2013-08-22 06:16 - 00000000 ____D C:\Users\User\AppData\Local\BetterDesktopTool 2013-08-22 04:45 - 2013-08-20 12:27 - 00000000 ____D C:\Users\User\AppData\Local\CTDSounds 2013-08-21 15:06 - 2013-08-21 15:06 - 00002693 _____ C:\Users\User\AppData\Lumac.lnk 2013-08-21 15:05 - 2013-08-21 15:05 - 00000000 ____D C:\Program Files (x86)\VideoLAN 2013-08-21 08:29 - 2013-05-31 10:28 - 00000000 ___RD C:\Users\User\Google Drive 2013-08-20 12:29 - 2013-08-20 12:29 - 00000000 ____D C:\Users\User\AppData\Local\Harmony_Hollow_Software 2013-08-20 12:27 - 2013-08-20 12:27 - 00000000 ____D C:\Program Files (x86)\Cool Timer Deluxe ZeroAccess: C:\Windows\Installer\{0acb387b-50c4-7e8b-bfd2-67f1f8822f40} C:\Windows\Installer\{0acb387b-50c4-7e8b-bfd2-67f1f8822f40}\@ Some content of TEMP: ==================== C:\Users\Player\AppData\Local\Temp\AQOle32.dll C:\Users\Player\AppData\Local\Temp\AQShell32.dll C:\Users\Player\AppData\Local\Temp\vlc-2.0.7-win64.exe C:\Users\User\AppData\Local\Temp\AQOle32.dll C:\Users\User\AppData\Local\Temp\AQShell32.dll C:\Users\User\AppData\Local\Temp\JIntellitype.dll C:\Users\User\AppData\Local\Temp\proxy_vole4357746667509323487.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-06-06 22:15 ==================== End OfFRST Additions Logfile: Code: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-09-2013--- --- --- Hallo Schrauber, hier sind die Teile. Gruß Sepp |
 So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
|
Hallo Schrauber, diese Combofix.exe hat Virus. Ich werde sie nicht installieren. Gruß Sepp3124 |
Bullshit, die Datei ist von uns aus der Community und wird am Tag 1 milliarde mal genutzt. Ich würd mal das Antivirenprogram abschalten das diesen Stuss meldet ;) |
Hallo Schrauber, du sagst Bullshit. Sieh mal hier und sag mir, daß das harmlos ist..Scan von Virustotal 19.09., 8 Treffer. Du mußt verstehen, daß ich da skeptisch bin. Gruß Sepp3124 |
Was genau lädst du hoch? die Combofix.exe? Die ist sauber. schau dich en bissl um, schau vielleicht in die knapp 200 posts die ich heut schon gemacht hab, und wieviel tausend User täglich Combofix anwenden nach Anleitung. Das Ding ist sauber. Zeig mal den Link zum Virustotal Ergebnis. Wenn Du Combofix auber runterlädst und nit auf die Werbung klickst passt das. Entweder Combofix oder Formatieren. Ich kann aus der Ferne sonst nix machen. |
Hallo Schrauber ,hier ist der Link. https://www.virustotal.com/de/file/09d48b2958803957c05ed93223b35f765061b03a1cea2e6ef1514c4bcbaf078d/analysis/ .Ich hab´die .exe direkt von combofix runtergeladen. |
Fehlalarme :) |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 14:33 Uhr. |
Copyright ©2000-2025, Trojaner-Board