FRST-logScan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-11-2013Ran by kai (administrator) on KAI-PC on 25-11-2013 14:19:32Running from C:\Users\kai\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A7N7Q6M3Windows 7 Home Premium (X64) OS Language: German StandardInternet Explorer Version 9Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\ccsvchst.exe(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe(Acer Group) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe(AMD) C:\Windows\System32\atieclxx.exe(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\ccsvchst.exe(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe() C:\Program Files (x86)\Video Web Camera\VideoWebCamera.exe(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe() C:\Users\kai\AppData\Local\Temp\~nsu.tmp\Au_.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes'

Seite 1

FRST-logAnti-Malware\mbamgui.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_152_ActiveX.exe(Microsoft Corporation) C:\Windows\System32\taskmgr.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe() C:\Users\kai\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\360VBQGZ\Defogger.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324608 2010-06-10] (Alcor Micro Corp.)HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-29] (Realtek Semiconductor)HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [585376 2010-05-25] (Atheros Commnucations)HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe[354464 2010-05-25] (Atheros Commnucations)HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-18] (Synaptics Incorporated)HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-11-24] (Google Inc.)HKCU\...\Run: [NextLive] - C:\Windows\SysWOW64\rundll32.exe "C:\Users\kai\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m lHKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe [263936 2010-06-28] (NewTech Infosystems, Inc.)HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-01-22] (Advanced MicroDevices, Inc.)HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-11] (Dritek System Inc.)HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-24] (AVAST Software)HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exeHKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe [154144 2010-07-29] ()HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe [154144 2010-07-29] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://packardbell.msn.comHKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://packardbell.msn.comHKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://packardbell.msn.comHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://packardbell.msn.comHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =

Seite 2

FRST-loghttp://packardbell.msn.comStartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exeSearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\ProgramFiles (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll (Google Inc.)BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No FileBHO-x32: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\coieplg.dll (Symantec Corporation)BHO-x32: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\ips\ipsbho.dll (Symantec Corporation)BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.0.13\coieplg.dll (Symantec Corporation)Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No FileToolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)Tcpip\..\Interfaces\{1E910E37-9175-44F6-8D18-F453FB4635A4}: [NameServer]213.211.192.34

Chrome: =======CHR HomePage: hxxp://www.google.com/CHR RestoreOnStartup: "hxxp://www.google.com/"CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll ()CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll ()CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Seite 3

FRST-logCHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)CHR Extension: (Google Docs) - C:\Users\kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0CHR Extension: (Google Drive) - C:\Users\kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0CHR Extension: (YouTube) - C:\Users\kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0CHR Extension: (Google Search) - C:\Users\kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0CHR Extension: (avast! Online Security) - C:\Users\kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_0CHR Extension: (Google Wallet) - C:\Users\kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0CHR Extension: (Gmail) - C:\Users\kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-24] (AVAST Software)R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [868896 2010-06-11] (Acer Incorporated)S3 GameConsoleService; C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe [246520 2010-04-04] (WildTangent, Inc.)R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe [130008 2011-04-17] (Symantec Corporation)R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [255744 2010-06-28] (NewTech Infosystems, Inc.)R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-11-24] (AVAST Software)R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-11-24] (AVAST Software)R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-24] (AVAST Software)R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-24] ()R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-11-24] (AVAST Software)R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-11-24] (AVAST Software)R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-11-24] (AVAST Software)R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-11-24] ()R1 BHDrvx64;

Seite 4

FRST-logC:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20131114.001\BHDrvx64.sys [1524824 2013-11-14] (Symantec Corporation)R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-24] (Symantec Corporation)R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-24] (Symantec Corporation)R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20131122.001\IDSvia64.sys [521816 2013-11-22] (Symantec Corporation)R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20131124.019\ENG64.SYS [126040 2013-11-25] (Symantec Corporation)R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20131124.019\EX64.SYS [2099288 2013-11-25] (Symantec Corporation)R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1207000.00D\SRTSP64.SYS [744568 2011-03-31] (Symantec Corporation)R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1207010.003\SRTSPX64.SYS [40568 2011-03-31] (Symantec Corporation)R0 SymDS; C:\Windows\System32\drivers\NISx64\1207010.003\SYMDS64.SYS [450680 2011-01-27] (Symantec Corporation)R0 SymEFA; C:\Windows\System32\drivers\NISx64\1207010.003\SYMEFA64.SYS [912504 2011-03-15] (Symantec Corporation)R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2013-11-24] (Symantec Corporation)R1 SymIRON; C:\Windows\system32\drivers\NISx64\1207010.003\Ironx64.SYS [171128 2011-01-27] (Symantec Corporation)R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1207000.00D\SYMNETS.SYS [386168 2011-04-21] (Symantec Corporation)R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-11-25 14:19 - 2013-11-25 14:19 - 00000000 ____D C:\FRST2013-11-25 14:17 - 2013-11-25 14:17 - 00000468 _____ C:\Users\kai\Desktop\defogger_disable.log2013-11-25 14:17 - 2013-11-25 14:17 - 00000000 _____ C:\Users\kai\defogger_reenable2013-11-25 11:50 - 2013-11-25 11:50 - 00000000 ____D C:\Users\kai\AppData\Roaming\Malwarebytes2013-11-25 11:49 - 2013-11-25 11:49 - 00001121 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2013-11-25 11:49 - 2013-11-25 11:49 - 00000000 ____D C:\ProgramData\Malwarebytes2013-11-25 11:49 - 2013-11-25 11:49 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-11-25 11:49 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2013-11-25 11:48 - 2013-11-25 11:49 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\kai\Downloads\mbam-setup-1.75.0.1300(1).exe2013-11-25 11:48 - 2013-11-25 11:48 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\kai\Downloads\mbam-setup-1.75.0.1300.exe2013-11-25 11:24 - 2013-11-25 11:26 - 00000000 ____D C:\Windows\system32\MRT2013-11-25 11:24 - 2013-11-07 16:00 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2013-11-25 11:18 - 2013-11-25 14:19 - 00000000 ____D C:\Users\kai\AppData\Roaming\newnext.me

Seite 5

FRST-log2013-11-25 11:18 - 2013-11-25 11:23 - 00000000 ____D C:\Users\kai\AppData\Local\Mobogenie2013-11-25 11:18 - 2013-11-25 11:18 - 00000000 ____D C:\Users\kai\Documents\Mobogenie2013-11-25 11:18 - 2013-11-25 11:18 - 00000000 ____D C:\Users\kai\AppData\Local\genienext2013-11-25 11:18 - 2013-11-25 11:18 - 00000000 ____D C:\Users\kai\AppData\Local\cache2013-11-25 11:18 - 2013-11-25 11:18 - 00000000 ____D C:\Users\kai\.android2013-11-25 11:18 - 2013-11-25 11:18 - 00000000 _____ C:\Users\kai\daemonprocess.txt2013-11-25 11:17 - 2013-11-25 11:23 - 00000000 ____D C:\Program Files (x86)\MyPCBackup2013-11-25 11:17 - 2013-11-25 11:18 - 00001353 _____ C:\Windows\IE10_main.log2013-11-25 11:15 - 2013-11-25 11:17 - 00846864 _____ (Microsoft Corporation) C:\Users\kai\Downloads\MainOffer.exe2013-11-25 11:14 - 2013-11-25 11:14 - 01126048 _____ (Conduit) C:\Users\kai\Downloads\Internet_Explorer_10.exe2013-11-25 11:13 - 2013-11-25 11:13 - 02077392 _____ (Microsoft Corporation) C:\Users\kai\Downloads\IE11-Windows6.1.exe2013-11-25 11:06 - 2013-11-25 11:06 - 00000000 ____D C:\Users\kai\Desktop\VisualStudio 2013 Premium 32-bit (German)2013-11-25 08:41 - 2013-11-25 08:41 - 00000000 ____D C:\Users\kai\Downloads\Microsoft XNA Game Studio 4.0 (English)2013-11-25 08:39 - 2013-11-25 08:39 - 00000000 ____D C:\Users\kai\Desktop\VisualStudio 2013 Premium 32-bit - Web Installer (German)2013-11-25 08:37 - 2013-11-25 08:37 - 00000000 _____ C:\Users\kai\Desktop\SecureDownloadManager.log2013-11-25 08:17 - 2013-11-25 08:17 - 00000000 ____D C:\Program Files (x86)\MSXML 4.02013-11-25 08:15 - 2013-11-25 08:15 - 17773056 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2013-11-25 08:15 - 2013-11-25 08:15 - 12268544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2013-11-25 08:15 - 2013-11-25 08:15 - 10884096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2013-11-25 08:15 - 2013-11-25 08:15 - 09702400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2013-11-25 08:15 - 2013-11-25 08:15 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat2013-11-25 08:15 - 2013-11-25 08:15 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat2013-11-25 08:15 - 2013-11-25 08:15 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2013-11-25 08:15 - 2013-11-25 08:15 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2013-11-25 08:15 - 2013-11-25 08:15 - 02303488 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2013-11-25 08:15 - 2013-11-25 08:15 - 02136064 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2013-11-25 08:15 - 2013-11-25 08:15 - 01797632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2013-11-25 08:15 - 2013-11-25 08:15 - 01785344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2013-11-25 08:15 - 2013-11-25 08:15 - 01492992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2013-11-25 08:15 - 2013-11-25 08:15 - 01427456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2013-11-25 08:15 - 2013-11-25 08:15 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2013-11-25 08:15 - 2013-11-25 08:15 - 01344000 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2013-11-25 08:15 - 2013-11-25 08:15 - 01126912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2013-11-25 08:15 - 2013-11-25 08:15 - 01102336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00818176 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

Seite 6

FRST-log2013-11-25 08:15 - 2013-11-25 08:15 - 00716800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00697344 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00603648 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00580608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec2013-11-25 08:15 - 2013-11-25 08:15 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec2013-11-25 08:15 - 2013-11-25 08:15 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\url.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2013-11-25 08:15 - 2013-11-25 08:15 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe2013-11-25 08:15 - 2013-11-25 08:15 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe2013-11-25 08:15 - 2013-11-25 08:15 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

Seite 7

FRST-log2013-11-25 08:15 - 2013-11-25 08:15 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe2013-11-25 08:15 - 2013-11-25 08:15 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2013-11-25 08:15 - 2013-11-25 08:15 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe2013-11-25 08:15 - 2013-11-25 08:15 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe2013-11-25 08:15 - 2013-11-25 08:15 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2013-11-25 08:15 - 2013-11-25 08:15 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe2013-11-25 08:15 - 2013-11-25 08:15 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx2013-11-25 08:15 - 2013-11-25 08:15 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe2013-11-25 08:15 - 2013-11-25 08:15 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe2013-11-25 08:15 - 2013-11-25 08:15 - 00072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx2013-11-25 08:15 - 2013-11-25 08:15 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

Seite 8

FRST-log2013-11-25 08:15 - 2013-11-25 08:15 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe2013-11-25 08:15 - 2013-11-25 08:15 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe2013-11-25 08:15 - 2013-11-25 08:15 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe2013-11-25 08:15 - 2013-11-25 08:15 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe2013-11-25 08:13 - 2013-11-25 08:13 - 00000000 ____D C:\Windows\System32\Tasks\Symantec2013-11-25 08:10 - 2013-11-25 08:10 - 00003528 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask2013-11-25 08:10 - 2013-11-25 08:10 - 00001762 _____ C:\Users\Public\Desktop\Browserwahl.lnk2013-11-25 01:29 - 2013-11-25 01:28 - 00295922 _____ C:\Windows\system32\perfi007.dat2013-11-25 01:29 - 2013-11-25 01:28 - 00038104 _____ C:\Windows\system32\perfd007.dat2013-11-25 01:29 - 2013-11-24 18:32 - 00643866 _____ C:\Windows\system32\perfh007.dat2013-11-25 01:29 - 2013-11-24 18:32 - 00126394 _____ C:\Windows\system32\perfc007.dat2013-11-25 01:28 - 2013-11-25 01:28 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer2013-11-25 01:28 - 2013-11-25 01:28 - 00000000 ____D C:\Windows\SysWOW64\de2013-11-25 01:28 - 2013-11-25 01:28 - 00000000 ____D C:\Windows\SysWOW64\04072013-11-25 01:28 - 2013-11-25 01:28 - 00000000 ____D C:\Windows\system32\de2013-11-25 01:28 - 2013-11-25 01:28 - 00000000 ____D C:\Windows\system32\04072013-11-25 01:23 - 2013-11-25 01:23 - 00000000 ____D C:\Windows\NAPP_Dism_Log2013-11-25 01:23 - 2013-11-24 17:10 - 00002843 _____ C:\Windows\Patch.log2013-11-25 01:21 - 2013-11-25 01:23 - 00007691 _____ C:\Windows\WisGAPas.log2013-11-25 01:21 - 2013-11-25 01:21 - 00000926 _____ C:\Windows\MOD01SET74DE0N0003.XML2013-11-25 01:21 - 2013-11-24 16:55 - 00000267 _____ C:\Windows\LaunApp.ini2013-11-25 01:21 - 2010-09-24 08:49 - 00000441 __RSH C:\Patch.rev2013-11-25 01:20 - 2013-11-25 01:20 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll2013-11-25 01:20 - 2013-11-25 01:20 - 00488448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll2013-11-25 01:20 - 2013-11-25 01:20 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys2013-11-25 01:20 - 2013-11-25 01:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys2013-11-25 01:20 - 2013-11-25 01:20 - 00184832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys2013-11-25 01:20 - 2013-11-25 01:20 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys2013-11-25 01:20 - 2010-05-12 03:11 - 02229608 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys2013-11-25 01:20 - 2010-01-26 00:09 - 00349776 _____ (Dritek System Inc.)

Seite 9

FRST-logC:\Windows\UNINSTLMv4.EXE2013-11-25 01:20 - 2009-09-18 05:12 - 00292912 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys2013-11-25 01:20 - 2009-09-18 05:09 - 00396072 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll2013-11-25 01:20 - 2009-09-18 05:09 - 00263464 _____ (Synaptics Incorporated) C:\Windows\system32\SynCtrl.dll2013-11-25 01:20 - 2009-09-18 05:09 - 00206120 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCtrl.dll2013-11-25 01:20 - 2009-09-18 05:09 - 00205608 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll2013-11-25 01:20 - 2009-09-18 05:09 - 00169256 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCOM.dll2013-11-25 01:20 - 2009-09-18 05:09 - 00147752 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo4.dll2013-11-25 01:20 - 2009-09-18 05:09 - 00107816 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynTPCOM.dll2013-11-25 01:20 - 2009-07-06 08:55 - 00000000 _____ C:\Windows\SysWOW64\Drivers\1025_Acer_Packard Bell_EasyNote LM85.mrk2013-11-25 01:20 - 2009-07-06 08:55 - 00000000 _____ C:\Windows\system32\Drivers\1025_Acer_Packard Bell_EasyNote LM85.mrk2013-11-25 01:19 - 2013-11-25 01:19 - 00000000 ____D C:\Windows\Lan2013-11-25 01:19 - 2013-11-24 17:10 - 00000201 _____ C:\Windows\USER.XML2013-11-25 01:19 - 2010-06-02 00:14 - 00527400 _____ (Wistron Corp.) C:\Windows\WGRegx64.exe2013-11-25 01:19 - 2010-01-22 18:13 - 06233088 _____ (ATI Technologies Inc.) C:\Windows\system32\Drivers\atipmdag.sys2013-11-25 01:19 - 2010-01-22 18:13 - 06233088 _____ (ATI Technologies Inc.) C:\Windows\system32\Drivers\atikmdag.sys2013-11-25 01:19 - 2010-01-22 18:01 - 00450048 _____ (AMD) C:\Windows\system32\atieclxx.exe2013-11-25 01:19 - 2010-01-22 18:01 - 00446464 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIDEMGX.dll2013-11-25 01:19 - 2010-01-22 18:01 - 00202752 _____ (AMD) C:\Windows\system32\atiesrxx.exe2013-11-25 01:19 - 2010-01-22 18:00 - 17567744 _____ (ATI Technologies Inc.) C:\Windows\system32\atio6axx.dll2013-11-25 01:19 - 2010-01-22 17:59 - 00421376 _____ (ATI Technologies, Inc.) C:\Windows\system32\atipdl64.dll2013-11-25 01:19 - 2010-01-22 17:59 - 00356352 _____ (ATI Technologies, Inc.) C:\Windows\SysWOW64\atipdlxx.dll2013-11-25 01:19 - 2010-01-22 17:59 - 00120320 _____ (AMD) C:\Windows\system32\atitmm64.dll2013-11-25 01:19 - 2010-01-22 17:59 - 00012288 _____ (AMD) C:\Windows\system32\atimuixx.dll2013-11-25 01:19 - 2010-01-22 17:58 - 00059392 _____ (ATI Technologies, Inc.) C:\Windows\system32\atiedu64.dll2013-11-25 01:19 - 2010-01-22 17:58 - 00043520 _____ (ATI Technologies, Inc.) C:\Windows\SysWOW64\ati2edxx.dll2013-11-25 01:19 - 2010-01-22 17:56 - 03060224 _____ (ATI Technologies Inc. ) C:\Windows\SysWOW64\atidxx32.dll2013-11-25 01:19 - 2010-01-22 17:48 - 03671040 _____ (ATI Technologies Inc. ) C:\Windows\system32\atidxx64.dll2013-11-25 01:19 - 2010-01-22 17:48 - 00400384 _____ (ATI Technologies Inc. ) C:\Windows\SysWOW64\aticfx32.dll2013-11-25 01:19 - 2010-01-22 17:47 - 00434176 _____ (ATI Technologies Inc. ) C:\Windows\system32\aticfx64.dll2013-11-25 01:19 - 2010-01-22 17:42 - 13388288 _____ (ATI Technologies Inc.) C:\Windows\SysWOW64\atioglxx.dll2013-11-25 01:19 - 2010-01-22 17:39 - 03602432 _____ (ATI Technologies Inc. ) C:\Windows\SysWOW64\atiumdag.dll2013-11-25 01:19 - 2010-01-22 17:33 - 04668928 _____ (ATI Technologies Inc. ) C:\Windows\system32\atiumd64.dll2013-11-25 01:19 - 2010-01-22 17:29 - 00055296 _____ (AMD) C:\Windows\system32\coinst.dll2013-11-25 01:19 - 2010-01-22 17:27 - 02617856 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll2013-11-25 01:19 - 2010-01-22 17:24 - 00409184 _____

Seite 10

FRST-logC:\Windows\system32\atiumd6a.cap2013-11-25 01:19 - 2010-01-22 17:21 - 02913280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll2013-11-25 01:19 - 2010-01-22 17:20 - 04748288 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll2013-11-25 01:19 - 2010-01-22 17:20 - 00409184 _____ C:\Windows\SysWOW64\atiumdva.cap2013-11-25 01:19 - 2010-01-22 17:20 - 00053248 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll2013-11-25 01:19 - 2010-01-22 17:20 - 00053248 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll2013-11-25 01:19 - 2010-01-22 17:20 - 00043008 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll2013-11-25 01:19 - 2010-01-22 17:20 - 00039936 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll2013-11-25 01:19 - 2010-01-22 17:19 - 03641344 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll2013-11-25 01:19 - 2010-01-22 17:09 - 00053248 _____ (ATI Technologies Inc.) C:\Windows\system32\Drivers\ati2erec.dll2013-11-25 01:19 - 2010-01-22 17:09 - 00053248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll2013-11-25 01:19 - 2010-01-22 17:09 - 00053248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll2013-11-25 01:19 - 2010-01-22 17:09 - 00052224 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll2013-11-25 01:19 - 2010-01-22 17:09 - 00052224 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll2013-11-25 01:19 - 2010-01-22 17:08 - 00316928 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll2013-11-25 01:19 - 2010-01-22 17:08 - 00229376 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll2013-11-25 01:19 - 2010-01-22 17:08 - 00016896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll2013-11-25 01:19 - 2010-01-22 17:08 - 00015360 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll2013-11-25 01:19 - 2010-01-22 17:08 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll2013-11-25 01:19 - 2010-01-22 17:08 - 00012800 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll2013-11-25 01:19 - 2010-01-22 17:08 - 00012800 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll2013-11-25 01:19 - 2010-01-22 17:07 - 00161280 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys2013-11-25 01:19 - 2010-01-22 17:07 - 00035840 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll2013-11-25 01:19 - 2010-01-22 17:07 - 00028160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll2013-11-25 01:19 - 2010-01-22 17:07 - 00027136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll2013-11-25 01:19 - 2010-01-22 17:07 - 00020480 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll2013-11-25 01:19 - 2010-01-22 17:06 - 00026112 _____ C:\Windows\system32\atitmp64.dll2013-11-25 01:19 - 2009-11-20 08:52 - 00019462 _____ C:\Windows\atiogl.xml2013-11-25 01:19 - 2009-11-18 19:11 - 00197624 _____ C:\Windows\system32\atiicdxx.dat2013-11-25 01:19 - 2009-10-26 23:06 - 00001035 _____ C:\Windows\SysWOW64\atipblag.dat2013-11-25 01:19 - 2009-10-26 23:06 - 00001035 _____ C:\Windows\system32\atipblag.dat2013-11-25 01:19 - 2009-10-26 21:39 - 00151936 _____ (Intel Corporation) C:\Windows\system32\Drivers\Impcd.sys2013-11-25 01:19 - 2009-09-30 18:34 - 00121872 _____ (ATI Technologies, Inc.) C:\Windows\system32\Drivers\AtiHdmi.sys2013-11-25 01:19 - 2009-05-12 02:35 - 00118784 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atibtmon.exe2013-11-25 01:19 - 2009-02-18 22:55 - 00332288 _____ C:\Windows\system32\ATIODE.exe

Seite 11

FRST-log2013-11-25 01:19 - 2009-02-04 01:52 - 00051200 _____ C:\Windows\system32\ATIODCLI.exe2013-11-25 01:18 - 2013-11-25 01:31 - 00001654 _____ C:\Windows\WPatchProgress.ini2013-11-25 01:18 - 2013-11-25 01:21 - 00234416 _____ C:\Windows\CapsuleDll.log2013-11-25 01:18 - 2010-04-14 07:08 - 00176928 _____ (Wistron Corp.) C:\Windows\PatchFul.exe2013-11-25 01:18 - 2010-03-01 03:23 - 00484128 _____ (Wistron Corp.) C:\Windows\WisMvImg.exe2013-11-25 01:18 - 2009-10-27 19:46 - 00342560 _____ (Acer Inc.) C:\Windows\ParseModule_X64.exe2013-11-25 01:18 - 2009-10-27 19:46 - 00231968 _____ (Acer Inc.) C:\Windows\ParseModule_X86.exe2013-11-25 01:18 - 2009-10-09 19:21 - 00388384 _____ (Wistron Corp.) C:\Windows\WisGAPasx64.exe2013-11-25 01:18 - 2009-10-09 19:08 - 00326432 _____ (Wistron Corp.) C:\Windows\WisGAPas.exe2013-11-25 01:18 - 2009-10-09 03:24 - 00255264 _____ (Wistron Corp.) C:\Windows\WISI2BAT.EXE2013-11-25 00:01 - 2010-09-14 07:45 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll2013-11-25 00:01 - 2010-09-14 07:07 - 00276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll2013-11-24 23:44 - 2013-11-25 08:18 - 00296212 _____ C:\Windows\msxml4-KB973688-enu.LOG2013-11-24 23:40 - 2012-07-26 05:55 - 00785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys2013-11-24 23:40 - 2012-07-26 05:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys2013-11-24 23:40 - 2012-07-26 03:36 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll2013-11-24 23:40 - 2012-06-02 15:35 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf2013-11-24 23:34 - 2013-11-25 08:17 - 00296494 _____ C:\Windows\msxml4-KB954430-enu.LOG2013-11-24 23:28 - 2009-11-25 12:47 - 01942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll2013-11-24 23:28 - 2009-11-25 12:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll2013-11-24 23:28 - 2009-11-25 12:47 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll2013-11-24 23:28 - 2009-11-25 12:47 - 00320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe2013-11-24 23:28 - 2009-11-25 12:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll2013-11-24 23:28 - 2009-11-25 12:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe2013-11-24 23:28 - 2009-11-25 12:47 - 00109912 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll2013-11-24 23:28 - 2009-11-25 12:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll2013-11-24 23:28 - 2009-11-25 12:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll2013-11-24 23:28 - 2009-11-25 12:47 - 00048960 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll2013-11-24 23:27 - 2010-02-23 09:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe2013-11-24 23:26 - 2013-11-25 08:16 - 00007206 _____ C:\Windows\IE9_main.log2013-11-24 23:16 - 2012-12-16 17:52 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll2013-11-24 23:16 - 2012-12-16 15:40 - 00367616 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll2013-11-24 23:16 - 2012-12-16 15:25 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll2013-11-24 23:16 - 2012-12-16 15:25 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll2013-11-24 23:13 - 2012-07-26 04:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll

Seite 12

FRST-log2013-11-24 23:13 - 2012-07-26 04:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe2013-11-24 23:13 - 2012-07-26 04:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll2013-11-24 23:13 - 2012-07-26 04:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll2013-11-24 23:13 - 2012-07-26 04:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll2013-11-24 23:13 - 2012-07-26 03:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys2013-11-24 23:13 - 2012-07-26 03:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys2013-11-24 23:13 - 2012-06-02 15:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf2013-11-24 23:06 - 2012-03-01 07:54 - 00022896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys2013-11-24 23:06 - 2012-03-01 07:40 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll2013-11-24 23:06 - 2012-03-01 07:35 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll2013-11-24 23:06 - 2012-03-01 06:45 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll2013-11-24 23:06 - 2012-03-01 06:40 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll2013-11-24 21:20 - 2013-11-24 21:20 - 00000000 ____D C:\Users\kai\Desktop\Microsoft XNA Game Studio 4.0 (English)2013-11-24 21:17 - 2013-11-24 21:17 - 00003125 _____ C:\Users\kai\Desktop\SecureDownload Manager.lnk2013-11-24 21:17 - 2013-11-24 21:17 - 00000183 _____ C:\Users\kai\Desktop\100245465996.sdx2013-11-24 21:17 - 2013-11-24 21:17 - 00000000 ____D C:\Users\kai\AppData\Roaming\e-academy Inc2013-11-24 21:17 - 2013-11-24 21:17 - 00000000 ____D C:\Users\kai\AppData\Local\e-academy Inc2013-11-24 21:17 - 2013-11-24 21:17 - 00000000 _____ C:\Users\kai\Downloads\SecureDownloadManager.log2013-11-24 21:16 - 2013-11-24 21:16 - 00719360 _____ C:\Users\kai\Downloads\SDM_DE.msi2013-11-24 19:51 - 2013-11-24 19:51 - 00000000 ____D C:\ProgramData\Sun2013-11-24 19:51 - 2013-11-24 19:51 - 00000000 ____D C:\ProgramData\Oracle2013-11-24 19:50 - 2013-11-24 19:50 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe2013-11-24 19:50 - 2013-11-24 19:50 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe2013-11-24 19:50 - 2013-11-24 19:50 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe2013-11-24 19:50 - 2013-11-24 19:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll2013-11-24 19:50 - 2013-11-24 19:50 - 00000000 ____D C:\Program Files (x86)\Java2013-11-24 19:41 - 2013-11-24 19:41 - 00000000 ____D C:\Users\kai\AppData\Roaming\AVAST Software2013-11-24 19:40 - 2013-11-24 19:40 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys2013-11-24 19:40 - 2013-11-24 19:40 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys2013-11-24 19:40 - 2013-11-24 19:40 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe2013-11-24 19:40 - 2013-11-24 19:40 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys2013-11-24 19:40 - 2013-11-24 19:40 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys2013-11-24 19:40 - 2013-11-24 19:40 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys2013-11-24 19:40 - 2013-11-24 19:40 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys2013-11-24 19:40 - 2013-11-24 19:40 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys2013-11-24 19:40 - 2013-11-24 19:40 - 00043152 _____ (AVAST Software)

Seite 13

FRST-logC:\Windows\avastSS.scr2013-11-24 19:40 - 2013-11-24 19:40 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys2013-11-24 19:40 - 2013-11-24 19:40 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update2013-11-24 19:40 - 2013-11-24 19:40 - 00001978 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk2013-11-24 19:34 - 2013-11-24 19:34 - 00000000 ____D C:\Program Files\AVAST Software2013-11-24 19:32 - 2013-11-24 19:32 - 00000000 ____D C:\ProgramData\AVAST Software2013-11-24 19:26 - 2013-11-25 13:54 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job2013-11-24 19:26 - 2013-11-24 19:26 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2013-11-24 19:26 - 2013-11-24 19:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2013-11-24 19:26 - 2013-11-24 19:26 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater2013-11-24 19:25 - 2013-11-24 19:25 - 00000000 ____D C:\Windows\system32\Macromed2013-11-24 19:01 - 2012-11-09 06:34 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll2013-11-24 19:01 - 2012-11-09 05:49 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll2013-11-24 19:01 - 2012-03-03 07:29 - 01837568 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll2013-11-24 19:01 - 2012-03-03 07:29 - 01541120 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll2013-11-24 19:01 - 2012-03-03 07:29 - 00902656 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll2013-11-24 19:01 - 2012-03-03 07:29 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll2013-11-24 19:01 - 2012-03-03 07:29 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll2013-11-24 19:01 - 2012-03-03 06:40 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll2013-11-24 19:01 - 2012-03-03 06:40 - 01074176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll2013-11-24 19:01 - 2012-03-03 06:40 - 00739840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll2013-11-24 19:01 - 2012-03-03 06:40 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll2013-11-24 19:01 - 2012-03-03 06:40 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll2013-11-24 19:01 - 2011-06-16 06:31 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll2013-11-24 19:01 - 2011-06-16 05:35 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll2013-11-24 19:01 - 2011-06-15 10:58 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll2013-11-24 19:01 - 2011-06-15 10:58 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll2013-11-24 19:01 - 2011-06-15 10:58 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll2013-11-24 19:01 - 2011-06-15 10:58 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll2013-11-24 19:01 - 2011-06-15 10:04 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll2013-11-24 19:01 - 2011-06-15 10:04 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll2013-11-24 19:01 - 2011-06-15 10:04 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll2013-11-24 19:01 - 2011-06-15 10:04 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll2013-11-24 19:01 - 2011-06-15 10:04 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll2013-11-24 19:01 - 2011-04-27 03:57 - 00102400 _____ (Microsoft Corporation)

Seite 14

FRST-logC:\Windows\system32\Drivers\dfsc.sys2013-11-24 19:00 - 2013-02-12 16:42 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll2013-11-24 19:00 - 2013-02-12 16:37 - 03138048 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll2013-11-24 19:00 - 2013-02-12 16:31 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll2013-11-24 19:00 - 2013-02-12 16:13 - 02691072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll2013-11-24 19:00 - 2013-02-12 16:07 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll2013-11-24 19:00 - 2013-02-12 14:59 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll2013-11-24 19:00 - 2012-11-09 06:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll2013-11-24 19:00 - 2012-11-09 05:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll2013-11-24 19:00 - 2011-04-09 07:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe2013-11-24 19:00 - 2011-04-09 06:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe2013-11-24 19:00 - 2010-12-23 07:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll2013-11-24 19:00 - 2010-12-23 07:07 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll2013-11-24 19:00 - 2010-12-23 07:02 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax2013-11-24 19:00 - 2010-12-23 06:28 - 00850432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll2013-11-24 19:00 - 2010-12-23 06:28 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll2013-11-24 19:00 - 2010-12-23 06:24 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax2013-11-24 19:00 - 2010-08-26 06:27 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll2013-11-24 19:00 - 2010-08-26 05:39 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll2013-11-24 18:59 - 2013-03-01 04:32 - 03150848 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2013-11-24 18:59 - 2012-01-04 10:58 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll2013-11-24 18:59 - 2012-01-04 10:03 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll2013-11-24 18:59 - 2011-11-17 08:12 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll2013-11-24 18:59 - 2011-11-17 06:39 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll2013-11-24 18:59 - 2011-10-26 06:22 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll2013-11-24 18:59 - 2011-10-26 06:22 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll2013-11-24 18:59 - 2011-10-26 05:28 - 01328640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll2013-11-24 18:59 - 2011-10-26 05:28 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll2013-11-24 18:59 - 2011-07-09 03:44 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys2013-11-24 18:59 - 2011-05-04 06:30 - 02326016 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll2013-11-24 18:59 - 2011-05-04 06:28 - 02228224 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll2013-11-24 18:59 - 2011-05-04 06:28 - 00779264 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll2013-11-24 18:59 - 2011-05-04 06:28 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll2013-11-24 18:59 - 2011-05-04 06:28 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll2013-11-24 18:59 - 2011-05-04 06:28 - 00075264 _____ (Microsoft Corporation)

Seite 15

FRST-logC:\Windows\system32\msscntrs.dll2013-11-24 18:59 - 2011-05-04 06:24 - 00593408 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe2013-11-24 18:59 - 2011-05-04 06:24 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe2013-11-24 18:59 - 2011-05-04 06:24 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe2013-11-24 18:59 - 2011-05-04 05:53 - 01553920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll2013-11-24 18:59 - 2011-05-04 05:52 - 01401856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll2013-11-24 18:59 - 2011-05-04 05:52 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll2013-11-24 18:59 - 2011-05-04 05:52 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe2013-11-24 18:59 - 2011-05-04 05:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll2013-11-24 18:59 - 2011-05-04 05:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll2013-11-24 18:59 - 2011-05-04 05:52 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe2013-11-24 18:59 - 2011-05-04 05:52 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe2013-11-24 18:59 - 2011-05-04 05:52 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll2013-11-24 18:59 - 2011-05-04 03:51 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys2013-11-24 18:59 - 2011-05-04 03:51 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys2013-11-24 18:59 - 2010-11-02 06:18 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll2013-11-24 18:59 - 2010-11-02 06:17 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll2013-11-24 18:59 - 2010-11-02 06:17 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll2013-11-24 18:59 - 2010-11-02 06:16 - 01114624 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll2013-11-24 18:59 - 2010-11-02 06:10 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe2013-11-24 18:59 - 2010-11-02 06:10 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe2013-11-24 18:59 - 2010-11-02 05:40 - 00496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll2013-11-24 18:59 - 2010-11-02 05:40 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll2013-11-24 18:59 - 2010-11-02 05:34 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe2013-11-24 18:59 - 2010-11-02 05:34 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe2013-11-24 18:59 - 2010-06-29 06:39 - 02085376 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll2013-11-24 18:59 - 2010-06-29 06:02 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll2013-11-24 18:59 - 2010-05-05 08:37 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll2013-11-24 18:59 - 2010-05-05 07:46 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll2013-11-24 18:58 - 2013-04-12 15:36 - 01653096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys2013-11-24 18:58 - 2012-01-03 07:24 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl2013-11-24 18:58 - 2012-01-03 06:44 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl2013-11-24 18:58 - 2011-03-12 13:03 - 00662528 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll2013-11-24 18:58 - 2011-03-12 12:31 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll2013-11-24 18:58 - 2011-02-24 07:30 - 00476160 _____ (Microsoft Corporation)

Seite 16

FRST-logC:\Windows\system32\XpsGdiConverter.dll2013-11-24 18:58 - 2011-02-24 06:32 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll2013-11-24 18:58 - 2010-12-21 07:16 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll2013-11-24 18:58 - 2010-12-21 07:16 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll2013-11-24 18:58 - 2010-12-21 07:16 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll2013-11-24 18:58 - 2010-12-21 07:16 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll2013-11-24 18:58 - 2010-12-21 07:15 - 00264192 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll2013-11-24 18:58 - 2010-12-21 07:15 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll2013-11-24 18:58 - 2010-12-21 07:10 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll2013-11-24 18:58 - 2010-12-21 06:38 - 00350720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll2013-11-24 18:58 - 2010-12-21 06:38 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll2013-11-24 18:58 - 2010-12-21 06:38 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnp.dll2013-11-24 18:58 - 2010-12-21 06:38 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll2013-11-24 18:58 - 2010-12-21 06:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll2013-11-24 18:58 - 2010-12-21 06:34 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll2013-11-24 18:58 - 2010-08-21 07:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll2013-11-24 18:58 - 2010-08-21 06:33 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll2013-11-24 18:58 - 2010-08-04 08:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\msdri.dll2013-11-24 18:57 - 2013-02-12 15:02 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys2013-11-24 18:57 - 2012-11-02 06:30 - 02001408 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll2013-11-24 18:57 - 2012-11-02 06:30 - 01880064 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll2013-11-24 18:57 - 2012-11-02 05:50 - 01388544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll2013-11-24 18:57 - 2012-11-02 05:50 - 01236992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll2013-11-24 18:57 - 2012-08-02 18:55 - 00574464 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll2013-11-24 18:57 - 2012-08-02 18:05 - 00490496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll2013-11-24 18:57 - 2012-06-09 06:30 - 14165504 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll2013-11-24 18:57 - 2012-06-09 05:46 - 12868608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll2013-11-24 18:57 - 2012-06-02 06:38 - 00152432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys2013-11-24 18:57 - 2012-06-02 06:38 - 00095088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys2013-11-24 18:57 - 2012-06-02 06:37 - 00459216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys2013-11-24 18:57 - 2012-06-02 06:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll2013-11-24 18:57 - 2012-06-02 05:48 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll2013-11-24 18:57 - 2012-06-02 05:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll2013-11-24 18:57 - 2012-06-02 05:42 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll2013-11-24 18:57 - 2012-05-02 06:32 - 00208896 _____ (Microsoft Corporation)

Seite 17

FRST-logC:\Windows\system32\profsvc.dll2013-11-24 18:57 - 2012-04-26 06:34 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll2013-11-24 18:57 - 2012-04-26 06:34 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll2013-11-24 18:57 - 2012-04-26 06:28 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe2013-11-24 18:57 - 2011-11-17 08:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll2013-11-24 18:57 - 2011-11-17 08:11 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll2013-11-24 18:57 - 2011-11-17 08:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll2013-11-24 18:57 - 2011-11-17 08:08 - 01446912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2013-11-24 18:57 - 2011-11-17 08:05 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe2013-11-24 18:57 - 2011-04-22 21:18 - 00027008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys2013-11-24 18:57 - 2011-03-11 07:19 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll2013-11-24 18:57 - 2011-03-11 07:19 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll2013-11-24 18:57 - 2011-03-11 06:40 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll2013-11-24 18:57 - 2011-03-11 06:40 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll2013-11-24 18:57 - 2011-03-03 07:17 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll2013-11-24 18:57 - 2011-03-03 07:17 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll2013-11-24 18:57 - 2011-03-03 07:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe2013-11-24 18:57 - 2011-03-03 06:29 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll2013-11-24 18:57 - 2011-03-03 06:27 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe2013-11-24 18:57 - 2011-01-26 07:53 - 00982912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys2013-11-24 18:57 - 2011-01-26 07:53 - 00265088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys2013-11-24 18:57 - 2011-01-26 07:31 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll2013-11-24 18:57 - 2010-11-02 06:18 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll2013-11-24 18:57 - 2010-11-02 06:12 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll2013-11-24 18:57 - 2010-11-02 05:41 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll2013-11-24 18:57 - 2010-08-21 07:29 - 00558592 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe2013-11-24 18:57 - 2010-07-29 07:30 - 00082944 _____ (Radius Inc.) C:\Windows\SysWOW64\iccvid.dll2013-11-24 18:57 - 2010-06-26 06:31 - 01863680 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll2013-11-24 18:57 - 2010-06-26 06:14 - 01495040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll2013-11-24 18:57 - 2010-06-19 07:53 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll2013-11-24 18:57 - 2010-06-19 07:23 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtutils.dll2013-11-24 18:57 - 2010-05-23 11:15 - 01619456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL2013-11-24 18:57 - 2010-05-23 11:11 - 03181568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll2013-11-24 18:57 - 2010-05-23 11:11 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll2013-11-24 18:57 - 2010-05-23 09:37 - 01888256 _____ (Microsoft Corporation)

Seite 18

FRST-logC:\Windows\system32\WMVDECOD.DLL2013-11-24 18:57 - 2010-05-23 09:35 - 04068864 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll2013-11-24 18:57 - 2010-05-23 09:35 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll2013-11-24 18:57 - 2010-05-23 09:35 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll2013-11-24 18:56 - 2013-01-04 06:41 - 01893224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys2013-11-24 18:56 - 2013-01-04 06:40 - 00287576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS2013-11-24 18:56 - 2013-01-04 06:37 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll2013-11-24 18:56 - 2013-01-04 06:37 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll2013-11-24 18:56 - 2013-01-04 06:37 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll2013-11-24 18:56 - 2013-01-04 06:36 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll2013-11-24 18:56 - 2013-01-04 06:33 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll2013-11-24 18:56 - 2013-01-04 06:30 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll2013-11-24 18:56 - 2013-01-04 06:30 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll2013-11-24 18:56 - 2013-01-04 06:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 06:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 06:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 06:27 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 06:27 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 06:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 06:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 06:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 06:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 06:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 06:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 06:26 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 06:26 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 06:26 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 06:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 06:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 06:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 06:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 06:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 06:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 06:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 06:26 - 00003072 ____H (Microsoft Corporation)

Seite 19

FRST-logC:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 06:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 06:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 06:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 06:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 06:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 06:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 05:51 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll2013-11-24 18:56 - 2013-01-04 05:51 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll2013-11-24 18:56 - 2013-01-04 05:51 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll2013-11-24 18:56 - 2013-01-04 05:43 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 05:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 05:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 05:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 05:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 05:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 04:19 - 00338432 _____ (Microsoft Corporation)

Seite 20

FRST-logC:\Windows\system32\conhost.exe2013-11-24 18:56 - 2013-01-04 03:48 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe2013-11-24 18:56 - 2013-01-04 03:48 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll2013-11-24 18:56 - 2013-01-04 03:48 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe2013-11-24 18:56 - 2013-01-04 03:48 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe2013-11-24 18:56 - 2013-01-04 03:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 03:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 03:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll2013-11-24 18:56 - 2013-01-04 03:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll2013-11-24 18:56 - 2012-12-07 06:41 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll2013-11-24 18:56 - 2012-12-07 06:35 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll2013-11-24 18:56 - 2012-12-07 06:04 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll2013-11-24 18:56 - 2012-12-07 05:57 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll2013-11-24 18:56 - 2012-12-07 04:45 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs2013-11-24 18:56 - 2012-12-07 04:45 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs2013-11-24 18:56 - 2012-12-07 04:45 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs2013-11-24 18:56 - 2012-12-07 04:45 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs2013-11-24 18:56 - 2012-12-07 04:45 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs2013-11-24 18:56 - 2012-12-07 04:45 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs2013-11-24 18:56 - 2012-12-07 04:45 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs2013-11-24 18:56 - 2012-12-07 04:45 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs2013-11-24 18:56 - 2012-12-07 04:45 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs2013-11-24 18:56 - 2012-12-07 04:45 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs2013-11-24 18:56 - 2012-12-07 04:45 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs2013-11-24 18:56 - 2012-12-07 04:45 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs2013-11-24 18:56 - 2012-12-07 04:45 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs2013-11-24 18:56 - 2012-12-07 04:45 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs2013-11-24 18:56 - 2012-12-07 04:21 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs2013-11-24 18:56 - 2012-12-07 04:21 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs2013-11-24 18:56 - 2012-12-07 04:21 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs2013-11-24 18:56 - 2012-12-07 04:21 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs2013-11-24 18:56 - 2012-12-07 04:21 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs2013-11-24 18:56 - 2012-12-07 04:21 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs2013-11-24 18:56 - 2012-12-07 04:21 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs2013-11-24 18:56 - 2012-12-07 04:21 - 00030720 _____ (Microsoft)

Seite 21

FRST-logC:\Windows\SysWOW64\usk.rs2013-11-24 18:56 - 2012-12-07 04:21 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs2013-11-24 18:56 - 2012-12-07 04:21 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs2013-11-24 18:56 - 2012-12-07 04:21 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs2013-11-24 18:56 - 2012-12-07 04:21 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs2013-11-24 18:56 - 2012-12-07 04:21 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs2013-11-24 18:56 - 2012-12-07 04:21 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs2013-11-24 18:56 - 2012-11-22 11:32 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll2013-11-24 18:56 - 2012-11-22 10:33 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll2013-11-24 18:56 - 2012-11-20 06:55 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll2013-11-24 18:56 - 2012-11-20 06:10 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll2013-11-24 18:56 - 2012-11-02 06:27 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll2013-11-24 18:56 - 2012-11-02 05:48 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll2013-11-24 18:56 - 2012-09-06 18:38 - 00295792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys2013-11-24 18:56 - 2012-08-24 19:05 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll2013-11-24 18:56 - 2012-08-24 18:10 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll2013-11-24 18:56 - 2012-04-28 04:50 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys2013-11-24 18:56 - 2011-08-17 06:32 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll2013-11-24 18:56 - 2011-08-17 06:27 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax2013-11-24 18:56 - 2011-08-17 06:27 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax2013-11-24 18:56 - 2011-08-17 06:27 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax2013-11-24 18:56 - 2011-08-17 06:27 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax2013-11-24 18:56 - 2011-08-17 05:26 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll2013-11-24 18:56 - 2011-08-17 05:22 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax2013-11-24 18:56 - 2011-08-17 05:22 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax2013-11-24 18:56 - 2011-08-17 05:22 - 00072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax2013-11-24 18:56 - 2011-08-17 05:22 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax2013-11-24 18:56 - 2011-04-29 04:13 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys2013-11-24 18:56 - 2011-04-29 04:12 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys2013-11-24 18:56 - 2011-04-29 04:12 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys2013-11-24 18:56 - 2010-08-21 07:38 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll2013-11-24 18:56 - 2010-08-21 06:36 - 00738816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll2013-11-24 18:55 - 2012-11-30 00:21 - 00420032 _____ C:\Windows\SysWOW64\locale.nls2013-11-24 18:55 - 2012-11-30 00:19 - 00420032 _____ C:\Windows\system32\locale.nls2013-11-24 18:55 - 2012-08-11 01:53 - 00714752 _____ (Microsoft Corporation)

Seite 22

FRST-logC:\Windows\system32\kerberos.dll2013-11-24 18:55 - 2012-08-11 00:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll2013-11-24 18:55 - 2012-04-07 13:18 - 03213824 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll2013-11-24 18:55 - 2012-04-07 12:34 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll2013-11-24 18:55 - 2012-03-17 08:55 - 00075632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys2013-11-24 18:55 - 2011-12-28 04:59 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys2013-11-24 18:54 - 2012-09-25 23:39 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll2013-11-24 18:54 - 2012-09-25 22:55 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll2013-11-24 18:54 - 2011-05-24 12:21 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll2013-11-24 18:54 - 2011-05-24 11:34 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll2013-11-24 18:54 - 2011-05-24 11:34 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll2013-11-24 18:54 - 2011-05-24 11:34 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll2013-11-24 18:54 - 2011-05-24 11:32 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe2013-11-24 18:54 - 2011-02-05 13:41 - 00640896 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi2013-11-24 18:54 - 2011-02-05 13:41 - 00556928 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi2013-11-24 18:54 - 2011-02-05 13:41 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll2013-11-24 18:54 - 2011-02-05 13:41 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll2013-11-24 18:54 - 2011-02-05 13:41 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll2013-11-24 18:54 - 2011-02-05 13:39 - 00603976 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe2013-11-24 18:54 - 2011-02-05 13:39 - 00518160 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe2013-11-24 18:54 - 2010-12-18 07:08 - 01097216 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe2013-11-24 18:54 - 2010-12-18 06:26 - 01034240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe2013-11-24 18:54 - 2010-08-31 05:32 - 00954752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40.dll2013-11-24 18:54 - 2010-08-31 05:32 - 00954288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40u.dll2013-11-24 18:53 - 2013-11-25 11:14 - 00002974 _____ C:\Windows\IE11_main.log2013-11-24 18:53 - 2013-03-19 07:19 - 05497688 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2013-11-24 18:53 - 2013-03-19 06:54 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll2013-11-24 18:53 - 2013-03-19 06:06 - 03958120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe2013-11-24 18:53 - 2013-03-19 06:06 - 03902312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe2013-11-24 18:53 - 2013-03-19 05:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll2013-11-24 18:53 - 2013-03-19 04:19 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe2013-11-24 18:53 - 2013-01-24 06:41 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys2013-11-24 18:53 - 2012-07-04 23:04 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll2013-11-24 18:53 - 2012-07-04 23:01 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll2013-11-24 18:53 - 2012-07-04 23:01 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll

Seite 23

FRST-log2013-11-24 18:53 - 2012-07-04 22:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll2013-11-24 18:53 - 2012-07-04 22:23 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll2013-11-24 18:53 - 2012-05-14 06:20 - 00956416 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll2013-11-24 18:53 - 2012-05-05 09:30 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll2013-11-24 18:53 - 2012-05-05 08:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll2013-11-24 18:53 - 2011-12-16 09:42 - 00634368 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll2013-11-24 18:53 - 2011-12-16 08:59 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll2013-11-24 18:53 - 2011-10-15 07:25 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll2013-11-24 18:53 - 2011-10-15 06:48 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll2013-11-24 18:53 - 2011-08-27 06:40 - 00861184 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll2013-11-24 18:53 - 2011-08-27 06:40 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll2013-11-24 18:53 - 2011-08-27 05:43 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll2013-11-24 18:53 - 2011-08-27 05:43 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll2013-11-24 18:53 - 2011-05-03 06:21 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll2013-11-24 18:53 - 2011-05-03 05:50 - 00740864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll2013-11-24 18:53 - 2011-02-23 06:15 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys2013-11-24 18:53 - 2011-02-18 07:33 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe2013-11-24 18:53 - 2011-02-18 06:33 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe2013-11-24 18:53 - 2011-02-12 07:14 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe2013-11-24 18:53 - 2010-10-16 06:23 - 00112000 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe2013-11-24 18:53 - 2010-09-01 06:21 - 14627840 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll2013-11-24 18:53 - 2010-09-01 06:12 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL2013-11-24 18:53 - 2010-09-01 05:29 - 11406848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll2013-11-24 18:53 - 2010-09-01 05:23 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL2013-11-24 18:50 - 2012-06-02 06:25 - 01462784 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll2013-11-24 18:50 - 2012-06-02 06:25 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll2013-11-24 18:50 - 2012-06-02 06:25 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll2013-11-24 18:50 - 2012-06-02 05:45 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll2013-11-24 18:50 - 2012-06-02 05:45 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll2013-11-24 18:50 - 2012-06-02 05:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll2013-11-24 18:50 - 2011-11-17 08:14 - 01739160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll2013-11-24 18:50 - 2011-11-17 06:41 - 01292592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll2013-11-24 18:50 - 2010-10-16 06:17 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll2013-11-24 18:50 - 2010-10-16 05:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll

Seite 24

FRST-log2013-11-24 18:50 - 2010-08-27 07:14 - 00236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll2013-11-24 18:50 - 2010-08-27 06:46 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll2013-11-24 18:49 - 2011-11-19 16:07 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll2013-11-24 18:49 - 2011-11-19 15:06 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll2013-11-24 18:46 - 2013-11-24 18:46 - 00000000 ____D C:\Users\kai\AppData\Roaming\Google2013-11-24 18:45 - 2013-11-25 13:38 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2013-11-24 18:45 - 2013-11-25 09:01 - 00002187 _____ C:\Users\Public\Desktop\Google Chrome.lnk2013-11-24 18:45 - 2013-11-25 08:31 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2013-11-24 18:45 - 2013-11-24 19:41 - 00000000 ____D C:\Users\kai\AppData\Local\Google2013-11-24 18:45 - 2013-11-24 19:33 - 00004100 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2013-11-24 18:45 - 2013-11-24 19:33 - 00003848 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2013-11-24 18:45 - 2013-11-24 18:45 - 00000000 ____D C:\ProgramData\Google2013-11-24 18:45 - 2013-11-24 18:45 - 00000000 ____D C:\Program Files\Google2013-11-24 18:45 - 2013-11-24 18:45 - 00000000 ____D C:\Program Files (x86)\Google2013-11-24 18:44 - 2013-11-24 18:44 - 00002031 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk2013-11-24 18:34 - 2013-11-24 19:27 - 00000000 ____D C:\Users\kai\AppData\Local\Adobe2013-11-24 18:26 - 2013-11-25 08:07 - 00004980 _____ C:\Windows\PFRO.log2013-11-24 18:10 - 2012-02-15 07:27 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll2013-11-24 18:10 - 2012-02-15 06:44 - 00826368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll2013-11-24 18:10 - 2012-02-15 05:46 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys2013-11-24 18:06 - 2012-06-02 23:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll2013-11-24 18:06 - 2012-06-02 23:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll2013-11-24 18:06 - 2012-06-02 23:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe2013-11-24 18:06 - 2012-06-02 23:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll2013-11-24 18:06 - 2012-06-02 23:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll2013-11-24 18:06 - 2012-06-02 23:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll2013-11-24 18:06 - 2012-06-02 23:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll2013-11-24 18:06 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll2013-11-24 18:06 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe2013-11-24 17:46 - 2013-11-24 17:46 - 00000000 ____D C:\Users\kai\Desktop\VisualStudio 2010 Premium (x86) - DVD (German)2013-11-24 17:44 - 2013-11-24 17:44 - 00000000 ____D C:\Users\kai\Desktop\Visio 2010 with Service Pack 1 (x86 and x64) - DVD (German)2013-11-24 17:31 - 2013-11-24 21:26 - 00000000 ____D C:\Users\kai\Desktop\Back_UP_2311132013-11-24 17:26 - 2013-11-24 17:26 - 00000000 ____D C:\Users\kai\AppData\Roaming\Adobe2013-11-24 17:25 - 2013-11-24 17:25 - 00000000 ____D C:\Users\kai\AppData\Roaming\WildTangent2013-11-24 17:10 - 2013-11-25 08:32 - 00000043 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini2013-11-24 17:10 - 2013-11-25 08:31 - 00001417 _____

Seite 25

FRST-logC:\Users\kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk2013-11-24 17:10 - 2013-11-24 18:24 - 00174200 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS2013-11-24 17:10 - 2013-11-24 18:24 - 00007488 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT2013-11-24 17:10 - 2013-11-24 18:24 - 00000000 ____D C:\Program Files\Symantec2013-11-24 17:10 - 2013-11-24 17:10 - 00002609 _____ C:\Users\Public\Desktop\eBay.lnk2013-11-24 17:10 - 2013-11-24 17:10 - 00000000 ____D C:\Users\kai\AppData\Roaming\Macromedia2013-11-24 17:10 - 2013-11-24 17:10 - 00000000 ____D C:\Users\kai\AppData\Roaming\ATI2013-11-24 17:10 - 2013-11-24 17:10 - 00000000 ____D C:\Users\kai\AppData\Local\ATI2013-11-24 17:10 - 2013-11-24 17:10 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared2013-11-24 17:10 - 2013-11-24 17:10 - 00000000 ____D C:\Program Files (x86)\OEM2013-11-24 17:09 - 2013-11-25 14:17 - 00000000 ____D C:\Users\kai2013-11-24 17:09 - 2013-11-25 11:23 - 00000000 ___RD C:\Users\kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2013-11-24 17:09 - 2013-11-25 08:31 - 00001451 _____ C:\Users\kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2013-11-24 17:09 - 2013-11-25 08:11 - 00059096 _____ C:\Users\kai\AppData\Local\GDIPFONTCACHEV1.DAT2013-11-24 17:09 - 2013-11-25 08:10 - 00000000 ___RD C:\Users\kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools2013-11-24 17:09 - 2013-11-24 17:10 - 00000737 _____ C:\Windows\WisGRegOffer.log2013-11-24 17:09 - 2013-11-24 17:09 - 00001958 _____ C:\Users\Public\Desktop\PB Zubehör Shop.lnk2013-11-24 17:09 - 2013-11-24 17:09 - 00000122 _____ C:\Windows\WLangUpt.log2013-11-24 17:09 - 2013-11-24 17:09 - 00000020 ___SH C:\Users\kai\ntuser.ini2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\kai\Vorlagen2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\kai\Startmenü2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\kai\Netzwerkumgebung2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\kai\Lokale Einstellungen2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\kai\Eigene Dateien2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\kai\Druckumgebung2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\kai\Documents\Eigene Musik2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\kai\Documents\Eigene Bilder2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programme2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\kai\AppData\Local\Verlauf2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\kai\AppData\Local\Anwendungsdaten2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\kai\Anwendungsdaten2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Default\Vorlagen2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Default\Startmenü2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Default\Eigene Dateien2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Default\Druckumgebung

Seite 26

FRST-log2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Programme2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\ProgramData\Vorlagen2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\ProgramData\Startmenü2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\ProgramData\Favoriten2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\ProgramData\Dokumente2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Program Files\GemeinsameDateien2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Dokumente und Einstellungen2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 __SHD C:\Recovery2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 ____D C:\Users\Public\Symantec2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 ____D C:\Users\kai\AppData\Local\VirtualStore2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 ____D C:\Program Files\PB Accessory Store2013-11-24 17:09 - 2010-09-08 05:43 - 00000000 ___RD C:\Users\kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance2013-11-24 17:09 - 2010-09-08 05:43 - 00000000 ___RD C:\Users\kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories2013-11-24 16:55 - 2013-11-24 16:55 - 00001225 _____ C:\Users\Public\Desktop\Adobe Photoshop Elements 8.0.lnk2013-11-24 16:55 - 2008-06-16 03:00 - 00055024 ____N (Sonic Solutions) C:\Windows\system32\Drivers\PxHlpa64.sys2013-11-24 16:52 - 2013-11-24 16:52 - 00000345 _____ C:\Windows\system32\oem_Get_OS_Language.log2013-11-24 16:52 - 2013-11-24 16:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Office2013-11-24 16:51 - 2013-11-24 16:51 - 00031400 _____ C:\Windows\DirectX.log2013-11-24 16:51 - 2013-11-24 16:51 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition2013-11-24 16:51 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll2013-11-24 16:51 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll2013-11-24 16:50 - 2013-11-24 16:50 - 00000000 ____D C:\Program Files (x86)\Windows Live SkyDrive2013-11-24 16:49 - 2013-11-24 16:51 - 00000000 ____D C:\Program Files (x86)\Windows Live2013-11-24 16:49 - 2013-11-24 16:49 - 00000000 ____D C:\Windows\PCHEALTH2013-11-24 16:47 - 2013-11-24 16:47 - 00000000 ____D C:\Program Files (x86)\Cyberlink2013-11-24 16:46 - 2013-11-24 16:47 - 00000000 ____D C:\Program Files (x86)\Social Networks2013-11-24 16:46 - 2013-11-24 16:46 - 00000000 ____D C:\Program Files

Seite 27

FRST-log(x86)\Video Web Camera2013-11-24 16:45 - 2013-11-24 16:45 - 00004702 _____ C:\Windows\DPINST.LOG2013-11-24 16:45 - 2013-11-24 16:45 - 00003230 _____ C:\Windows\System32\Tasks\SidebarExecute2013-11-24 16:45 - 2013-11-24 16:45 - 00000184 _____ C:\Windows\LMv4.UNI2013-11-24 16:45 - 2013-11-24 16:45 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf2013-11-24 16:45 - 2013-11-24 16:45 - 00000000 ____D C:\Program Files\Synaptics2013-11-24 16:45 - 2013-11-24 16:45 - 00000000 ____D C:\Program Files\Intel2013-11-24 16:45 - 2013-11-24 16:45 - 00000000 ____D C:\Program Files (x86)\Launch Manager2013-11-24 16:44 - 2013-11-24 16:44 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_btath_hcrp_01009.Wdf2013-11-24 16:44 - 2010-05-25 15:26 - 00264040 _____ (Atheros) C:\Windows\system32\Drivers\btfilter.sys2013-11-24 16:44 - 2010-05-20 13:42 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01009.dll2013-11-24 16:44 - 2010-05-20 13:42 - 00294760 _____ (Atheros) C:\Windows\system32\Drivers\btath_a2dp.sys2013-11-24 16:44 - 2010-05-20 13:42 - 00202792 _____ (Atheros) C:\Windows\system32\Drivers\btath_hcrp.sys2013-11-24 16:44 - 2010-05-20 13:42 - 00156392 _____ (Atheros) C:\Windows\system32\Drivers\btath_rcp.sys2013-11-24 16:44 - 2010-05-20 13:42 - 00052584 _____ (Atheros) C:\Windows\system32\Drivers\btath_lwflt.sys2013-11-24 16:44 - 2010-05-20 13:42 - 00038248 _____ (Atheros) C:\Windows\system32\Drivers\btath_flt.sys2013-11-24 16:44 - 2010-05-20 13:42 - 00032296 _____ (Atheros) C:\Windows\system32\Drivers\btath_bus.sys2013-11-24 16:43 - 2013-11-24 16:43 - 00000000 ____D C:\Program Files (x86)\Bluetooth Suite2013-11-24 16:41 - 2013-11-24 16:41 - 00002142 _____ C:\RHDSetup.log2013-11-24 16:41 - 2013-11-24 16:41 - 00000000 ____D C:\Windows\SysWOW64\RTCOM2013-11-24 16:41 - 2013-11-24 16:41 - 00000000 ____D C:\Windows\Options2013-11-24 16:41 - 2013-11-24 16:41 - 00000000 ____D C:\Program Files\Realtek2013-11-24 16:41 - 2013-11-24 16:41 - 00000000 ____D C:\Program Files (x86)\Realtek2013-11-24 16:41 - 2010-07-29 03:26 - 02445672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys2013-11-24 16:41 - 2010-07-29 03:26 - 02032232 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll2013-11-24 16:41 - 2010-07-29 03:26 - 01146984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl2013-11-24 16:41 - 2010-07-29 03:26 - 00332392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll2013-11-24 16:41 - 2010-07-29 03:26 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll2013-11-24 16:41 - 2010-07-29 03:25 - 02618984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll2013-11-24 16:41 - 2010-07-29 03:25 - 01213544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll2013-11-24 16:41 - 2010-07-29 03:25 - 00476264 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll2013-11-24 16:41 - 2010-07-29 03:25 - 00372328 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat2013-11-24 16:41 - 2010-07-29 03:25 - 00076904 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInst64.dll2013-11-24 16:41 - 2010-07-27 22:54 - 01251944 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll2013-11-24 16:41 - 2010-07-23 01:48 - 00220496 _____ (Virage Logic Corporation /Sonic Focus) C:\Windows\system32\SFNHK64.dll2013-11-24 16:41 - 2010-07-23 01:48 - 00081232 _____ (Virage Logic Corporation /Sonic Focus) C:\Windows\system32\SFCOM64.dll2013-11-24 16:41 - 2010-07-23 01:48 - 00078160 _____ (Virage Logic Corporation /Sonic Focus) C:\Windows\system32\SFAPO64.dll2013-11-24 16:41 - 2010-07-23 01:48 - 00074064 _____ (Virage Logic Corporation /Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll2013-11-24 16:41 - 2010-07-23 01:37 - 00200800 _____ (Andrea Electronics

Seite 28

FRST-logCorporation) C:\Windows\system32\AERTAC64.dll2013-11-24 16:41 - 2010-07-06 20:48 - 01756160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll2013-11-24 16:41 - 2010-07-01 22:44 - 00124128 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll2013-11-24 16:41 - 2010-07-01 22:44 - 00124128 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll2013-11-24 16:41 - 2010-07-01 22:44 - 00123104 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll2013-11-24 16:41 - 2010-06-28 02:14 - 00334848 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll2013-11-24 16:41 - 2010-06-10 22:44 - 00037468 _____ C:\Windows\system32\Drivers\RtPCEE3.DAT2013-11-24 16:41 - 2010-05-07 02:34 - 00334680 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll2013-11-24 16:41 - 2010-05-07 01:43 - 02601816 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll2013-11-24 16:41 - 2010-04-27 22:50 - 00330656 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll2013-11-24 16:41 - 2010-04-15 02:56 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll2013-11-24 16:41 - 2010-03-22 22:21 - 00247560 _____ C:\Windows\system32\Drivers\RTConvEQ.dat2013-11-24 16:41 - 2010-03-22 22:21 - 00001448 _____ C:\Windows\system32\Drivers\RtHdatEx.dat2013-11-24 16:41 - 2010-03-02 01:42 - 00000520 _____ C:\Windows\system32\Drivers\RTEQEX0.dat2013-11-24 16:41 - 2010-02-12 00:45 - 00000176 _____ C:\Windows\system32\Drivers\RTHDAEQ1.dat2013-11-24 16:41 - 2010-01-30 00:43 - 00000016 _____ C:\Windows\system32\Drivers\rtkhdaud.dat2013-11-24 16:41 - 2010-01-27 06:52 - 00000520 _____ C:\Windows\system32\Drivers\RTEQEX3.dat2013-11-24 16:41 - 2010-01-05 22:41 - 01325328 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll2013-11-24 16:41 - 2010-01-05 22:41 - 00489744 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll2013-11-24 16:41 - 2010-01-05 22:41 - 00474896 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll2013-11-24 16:41 - 2010-01-05 22:40 - 01178384 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll2013-11-24 16:41 - 2010-01-05 22:40 - 01110800 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll2013-11-24 16:41 - 2010-01-05 22:40 - 00504592 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll2013-11-24 16:41 - 2010-01-05 22:40 - 00315152 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll2013-11-24 16:41 - 2010-01-05 22:40 - 00268560 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll2013-11-24 16:41 - 2010-01-05 22:40 - 00265488 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll2013-11-24 16:41 - 2009-12-16 03:26 - 00372936 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll2013-11-24 16:41 - 2009-12-16 03:26 - 00201928 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll2013-11-24 16:41 - 2009-12-16 03:26 - 00099016 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll2013-11-24 16:41 - 2009-12-16 03:26 - 00076488 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll2013-11-24 16:41 - 2009-12-11 18:55 - 00307920 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll2013-11-24 16:41 - 2009-12-11 18:55 - 00307920 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll2013-11-24 16:41 - 2009-12-04 00:28 - 00064000 ____N (LSI Corporation) C:\Windows\SysWOW64\agrsmdel.exe2013-11-24 16:41 - 2009-12-04 00:28 - 00027648 ____N (LSI Corporation) C:\Windows\SysWOW64\agrsco64.dll2013-11-24 16:41 - 2009-11-24 18:55 - 00518896 _____ (SRS Labs, Inc.)

Seite 29

FRST-logC:\Windows\system32\SRSTSX64.dll2013-11-24 16:41 - 2009-11-24 18:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll2013-11-24 16:41 - 2009-11-24 18:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll2013-11-24 16:41 - 2009-11-24 18:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll2013-11-24 16:41 - 2009-11-19 03:42 - 02197264 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll2013-11-24 16:41 - 2009-11-18 03:12 - 00108960 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll2013-11-24 16:41 - 2008-08-21 22:43 - 00000520 _____ C:\Windows\system32\Drivers\RTEQEX2.dat2013-11-24 16:41 - 2005-06-27 14:29 - 00000520 _____ C:\Windows\system32\Drivers\RTEQEX1.dat2013-11-24 16:40 - 2013-11-25 13:33 - 01951034 _____ C:\Windows\WindowsUpdate.log2013-11-24 16:40 - 2013-11-24 16:40 - 00000000 ____D C:\ProgramData\ATI2013-11-24 16:40 - 2013-11-24 16:40 - 00000000 ____D C:\Program Files\Broadcom2013-11-24 16:39 - 2013-11-24 16:40 - 00000000 ____D C:\Program Files (x86)\ATI Technologies2013-11-24 16:39 - 2013-11-24 16:39 - 00000000 ____D C:\Program Files\ATI2013-11-24 16:38 - 2013-11-24 17:09 - 00000246 _____ C:\Windows\PatchFul.log2013-11-24 16:38 - 2009-09-17 12:54 - 00056344 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys2013-11-24 16:37 - 2013-11-24 16:37 - 00000000 _____ C:\Windows\ativpsrm.bin

==================== One Month Modified Files and Folders =======

2013-11-25 14:19 - 2013-11-25 14:19 - 00000000 ____D C:\FRST2013-11-25 14:19 - 2013-11-25 11:18 - 00000000 ____D C:\Users\kai\AppData\Roaming\newnext.me2013-11-25 14:17 - 2013-11-25 14:17 - 00000468 _____ C:\Users\kai\Desktop\defogger_disable.log2013-11-25 14:17 - 2013-11-25 14:17 - 00000000 _____ C:\Users\kai\defogger_reenable2013-11-25 14:17 - 2013-11-24 17:09 - 00000000 ____D C:\Users\kai2013-11-25 13:54 - 2013-11-24 19:26 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job2013-11-25 13:38 - 2013-11-24 18:45 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2013-11-25 13:33 - 2013-11-24 16:40 - 01951034 _____ C:\Windows\WindowsUpdate.log2013-11-25 11:50 - 2013-11-25 11:50 - 00000000 ____D C:\Users\kai\AppData\Roaming\Malwarebytes2013-11-25 11:49 - 2013-11-25 11:49 - 00001121 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2013-11-25 11:49 - 2013-11-25 11:49 - 00000000 ____D C:\ProgramData\Malwarebytes2013-11-25 11:49 - 2013-11-25 11:49 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-11-25 11:49 - 2013-11-25 11:48 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\kai\Downloads\mbam-setup-1.75.0.1300(1).exe2013-11-25 11:48 - 2013-11-25 11:48 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\kai\Downloads\mbam-setup-1.75.0.1300.exe2013-11-25 11:26 - 2013-11-25 11:24 - 00000000 ____D C:\Windows\system32\MRT2013-11-25 11:23 - 2013-11-25 11:18 - 00000000 ____D C:\Users\kai\AppData\Local\Mobogenie2013-11-25 11:23 - 2013-11-25 11:17 - 00000000 ____D C:\Program Files (x86)\MyPCBackup2013-11-25 11:23 - 2013-11-24 17:09 - 00000000 ___RD C:\Users\kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2013-11-25 11:18 - 2013-11-25 11:18 - 00000000 ____D C:\Users\kai\Documents\Mobogenie2013-11-25 11:18 - 2013-11-25 11:18 - 00000000 ____D C:\Users\kai\AppData\Local\genienext2013-11-25 11:18 - 2013-11-25 11:18 - 00000000 ____D

Seite 30

FRST-logC:\Users\kai\AppData\Local\cache2013-11-25 11:18 - 2013-11-25 11:18 - 00000000 ____D C:\Users\kai\.android2013-11-25 11:18 - 2013-11-25 11:18 - 00000000 _____ C:\Users\kai\daemonprocess.txt2013-11-25 11:18 - 2013-11-25 11:17 - 00001353 _____ C:\Windows\IE10_main.log2013-11-25 11:17 - 2013-11-25 11:15 - 00846864 _____ (Microsoft Corporation) C:\Users\kai\Downloads\MainOffer.exe2013-11-25 11:14 - 2013-11-25 11:14 - 01126048 _____ (Conduit) C:\Users\kai\Downloads\Internet_Explorer_10.exe2013-11-25 11:14 - 2013-11-24 18:53 - 00002974 _____ C:\Windows\IE11_main.log2013-11-25 11:13 - 2013-11-25 11:13 - 02077392 _____ (Microsoft Corporation) C:\Users\kai\Downloads\IE11-Windows6.1.exe2013-11-25 11:06 - 2013-11-25 11:06 - 00000000 ____D C:\Users\kai\Desktop\VisualStudio 2013 Premium 32-bit (German)2013-11-25 09:51 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache2013-11-25 09:13 - 2010-09-08 04:06 - 00000000 ____D C:\Windows\system32\Drivers\NISx642013-11-25 09:01 - 2013-11-24 18:45 - 00002187 _____ C:\Users\Public\Desktop\Google Chrome.lnk2013-11-25 08:41 - 2013-11-25 08:41 - 00000000 ____D C:\Users\kai\Downloads\Microsoft XNA Game Studio 4.0 (English)2013-11-25 08:39 - 2013-11-25 08:39 - 00000000 ____D C:\Users\kai\Desktop\VisualStudio 2013 Premium 32-bit - Web Installer (German)2013-11-25 08:37 - 2013-11-25 08:37 - 00000000 _____ C:\Users\kai\Desktop\SecureDownloadManager.log2013-11-25 08:37 - 2009-07-14 05:45 - 00017376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02013-11-25 08:37 - 2009-07-14 05:45 - 00017376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02013-11-25 08:32 - 2013-11-24 17:10 - 00000043 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini2013-11-25 08:31 - 2013-11-24 18:45 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2013-11-25 08:31 - 2013-11-24 17:10 - 00001417 _____ C:\Users\kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk2013-11-25 08:31 - 2013-11-24 17:09 - 00001451 _____ C:\Users\kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2013-11-25 08:30 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT2013-11-25 08:30 - 2009-07-14 05:51 - 00051986 _____ C:\Windows\setupact.log2013-11-25 08:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions2013-11-25 08:18 - 2013-11-24 23:44 - 00296212 _____ C:\Windows\msxml4-KB973688-enu.LOG2013-11-25 08:17 - 2013-11-25 08:17 - 00000000 ____D C:\Program Files (x86)\MSXML 4.02013-11-25 08:17 - 2013-11-24 23:34 - 00296494 _____ C:\Windows\msxml4-KB954430-enu.LOG2013-11-25 08:16 - 2013-11-24 23:26 - 00007206 _____ C:\Windows\IE9_main.log2013-11-25 08:15 - 2013-11-25 08:15 - 17773056 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2013-11-25 08:15 - 2013-11-25 08:15 - 12268544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2013-11-25 08:15 - 2013-11-25 08:15 - 10884096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2013-11-25 08:15 - 2013-11-25 08:15 - 09702400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2013-11-25 08:15 - 2013-11-25 08:15 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat2013-11-25 08:15 - 2013-11-25 08:15 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat2013-11-25 08:15 - 2013-11-25 08:15 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2013-11-25 08:15 - 2013-11-25 08:15 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

Seite 31

FRST-log2013-11-25 08:15 - 2013-11-25 08:15 - 02303488 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2013-11-25 08:15 - 2013-11-25 08:15 - 02136064 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2013-11-25 08:15 - 2013-11-25 08:15 - 01797632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2013-11-25 08:15 - 2013-11-25 08:15 - 01785344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2013-11-25 08:15 - 2013-11-25 08:15 - 01492992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2013-11-25 08:15 - 2013-11-25 08:15 - 01427456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2013-11-25 08:15 - 2013-11-25 08:15 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2013-11-25 08:15 - 2013-11-25 08:15 - 01344000 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2013-11-25 08:15 - 2013-11-25 08:15 - 01126912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2013-11-25 08:15 - 2013-11-25 08:15 - 01102336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00818176 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00716800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00697344 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00603648 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00580608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec2013-11-25 08:15 - 2013-11-25 08:15 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec2013-11-25 08:15 - 2013-11-25 08:15 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\url.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

Seite 32

FRST-log2013-11-25 08:15 - 2013-11-25 08:15 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2013-11-25 08:15 - 2013-11-25 08:15 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe2013-11-25 08:15 - 2013-11-25 08:15 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe2013-11-25 08:15 - 2013-11-25 08:15 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe2013-11-25 08:15 - 2013-11-25 08:15 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe2013-11-25 08:15 - 2013-11-25 08:15 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2013-11-25 08:15 - 2013-11-25 08:15 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe2013-11-25 08:15 - 2013-11-25 08:15 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe2013-11-25 08:15 - 2013-11-25 08:15 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2013-11-25 08:15 - 2013-11-25 08:15 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

Seite 33

FRST-log2013-11-25 08:15 - 2013-11-25 08:15 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx2013-11-25 08:15 - 2013-11-25 08:15 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe2013-11-25 08:15 - 2013-11-25 08:15 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe2013-11-25 08:15 - 2013-11-25 08:15 - 00072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx2013-11-25 08:15 - 2013-11-25 08:15 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll2013-11-25 08:15 - 2013-11-25 08:15 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe2013-11-25 08:15 - 2013-11-25 08:15 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe2013-11-25 08:15 - 2013-11-25 08:15 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe2013-11-25 08:15 - 2013-11-25 08:15 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe2013-11-25 08:13 - 2013-11-25 08:13 - 00000000 ____D C:\Windows\System32\Tasks\Symantec2013-11-25 08:11 - 2013-11-24 17:09 - 00059096 _____ C:\Users\kai\AppData\Local\GDIPFONTCACHEV1.DAT2013-11-25 08:10 - 2013-11-25 08:10 - 00003528 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask2013-11-25 08:10 - 2013-11-25 08:10 - 00001762 _____ C:\Users\Public\Desktop\Browserwahl.lnk2013-11-25 08:10 - 2013-11-24 17:09 - 00000000 ___RD C:\Users\kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools2013-11-25 08:07 - 2013-11-24 18:26 - 00004980 _____ C:\Windows\PFRO.log2013-11-25 08:07 - 2009-07-14 05:45 - 00272576 _____ C:\Windows\system32\FNTCACHE.DAT2013-11-25 08:04 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System2013-11-25 08:03 - 2010-09-08 04:25 - 00000000 ____D C:\Program Files\Windows Journal2013-11-25 08:02 - 2010-09-08 04:07 - 00002501 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk

Seite 34

FRST-log2013-11-25 01:32 - 2009-07-14 06:38 - 00025600 ___SH C:\Windows\system32\config\BCD-Template.LOG2013-11-25 01:32 - 2009-07-14 06:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template2013-11-25 01:31 - 2013-11-25 01:18 - 00001654 _____ C:\Windows\WPatchProgress.ini2013-11-25 01:31 - 2009-07-14 06:37 - 00000000 ____D C:\Windows\SysWOW64\winrm2013-11-25 01:31 - 2009-07-14 06:37 - 00000000 ____D C:\Windows\SysWOW64\WCN2013-11-25 01:31 - 2009-07-14 06:37 - 00000000 ____D C:\Windows\SysWOW64\sysprep2013-11-25 01:31 - 2009-07-14 06:37 - 00000000 ____D C:\Windows\SysWOW64\slmgr2013-11-25 01:31 - 2009-07-14 06:37 - 00000000 ____D C:\Windows\system32\winrm2013-11-25 01:31 - 2009-07-14 06:37 - 00000000 ____D C:\Windows\system32\WCN2013-11-25 01:31 - 2009-07-14 06:37 - 00000000 ____D C:\Windows\system32\slmgr2013-11-25 01:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\oobe2013-11-25 01:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\MUI2013-11-25 01:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\MUI2013-11-25 01:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Dism2013-11-25 01:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\servicing2013-11-25 01:31 - 2009-03-12 10:30 - 00000000 ____D C:\Windows\LP2013-11-25 01:28 - 2013-11-25 01:29 - 00295922 _____ C:\Windows\system32\perfi007.dat2013-11-25 01:28 - 2013-11-25 01:29 - 00038104 _____ C:\Windows\system32\perfd007.dat2013-11-25 01:28 - 2013-11-25 01:28 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer2013-11-25 01:28 - 2013-11-25 01:28 - 00000000 ____D C:\Windows\SysWOW64\de2013-11-25 01:28 - 2013-11-25 01:28 - 00000000 ____D C:\Windows\SysWOW64\04072013-11-25 01:28 - 2013-11-25 01:28 - 00000000 ____D C:\Windows\system32\de2013-11-25 01:28 - 2013-11-25 01:28 - 00000000 ____D C:\Windows\system32\04072013-11-25 01:28 - 2009-07-14 06:37 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts2013-11-25 01:28 - 2009-07-14 06:37 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts2013-11-25 01:28 - 2009-07-14 06:37 - 00000000 ____D C:\Windows\DigitalLocker2013-11-25 01:28 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\WinBioPlugIns2013-11-25 01:28 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Sidebar2013-11-25 01:28 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer2013-11-25 01:28 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Defender2013-11-25 01:28 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\DVD Maker2013-11-25 01:28 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar2013-11-25 01:28 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer2013-11-25 01:28 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender2013-11-25 01:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Setup2013-11-25 01:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz2013-11-25 01:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Dism2013-11-25 01:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\com2013-11-25 01:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Setup2013-11-25 01:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\oobe2013-11-25 01:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\migwiz2013-11-25 01:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\com2013-11-25 01:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\IME2013-11-25 01:23 - 2013-11-25 01:23 - 00000000 ____D C:\Windows\NAPP_Dism_Log2013-11-25 01:23 - 2013-11-25 01:21 - 00007691 _____ C:\Windows\WisGAPas.log2013-11-25 01:21 - 2013-11-25 01:21 - 00000926 _____ C:\Windows\MOD01SET74DE0N0003.XML2013-11-25 01:21 - 2013-11-25 01:18 - 00234416 _____ C:\Windows\CapsuleDll.log2013-11-25 01:20 - 2013-11-25 01:20 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll2013-11-25 01:20 - 2013-11-25 01:20 - 00488448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll2013-11-25 01:20 - 2013-11-25 01:20 - 00343040 _____ (Microsoft Corporation)

Seite 35

FRST-logC:\Windows\system32\Drivers\usbhub.sys2013-11-25 01:20 - 2013-11-25 01:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys2013-11-25 01:20 - 2013-11-25 01:20 - 00184832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys2013-11-25 01:20 - 2013-11-25 01:20 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys2013-11-25 01:19 - 2013-11-25 01:19 - 00000000 ____D C:\Windows\Lan2013-11-25 01:19 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Microsoft Games2013-11-24 21:26 - 2013-11-24 17:31 - 00000000 ____D C:\Users\kai\Desktop\Back_UP_2311132013-11-24 21:20 - 2013-11-24 21:20 - 00000000 ____D C:\Users\kai\Desktop\Microsoft XNA Game Studio 4.0 (English)2013-11-24 21:17 - 2013-11-24 21:17 - 00003125 _____ C:\Users\kai\Desktop\SecureDownload Manager.lnk2013-11-24 21:17 - 2013-11-24 21:17 - 00000183 _____ C:\Users\kai\Desktop\100245465996.sdx2013-11-24 21:17 - 2013-11-24 21:17 - 00000000 ____D C:\Users\kai\AppData\Roaming\e-academy Inc2013-11-24 21:17 - 2013-11-24 21:17 - 00000000 ____D C:\Users\kai\AppData\Local\e-academy Inc2013-11-24 21:17 - 2013-11-24 21:17 - 00000000 _____ C:\Users\kai\Downloads\SecureDownloadManager.log2013-11-24 21:16 - 2013-11-24 21:16 - 00719360 _____ C:\Users\kai\Downloads\SDM_DE.msi2013-11-24 19:51 - 2013-11-24 19:51 - 00000000 ____D C:\ProgramData\Sun2013-11-24 19:51 - 2013-11-24 19:51 - 00000000 ____D C:\ProgramData\Oracle2013-11-24 19:50 - 2013-11-24 19:50 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe2013-11-24 19:50 - 2013-11-24 19:50 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe2013-11-24 19:50 - 2013-11-24 19:50 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe2013-11-24 19:50 - 2013-11-24 19:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll2013-11-24 19:50 - 2013-11-24 19:50 - 00000000 ____D C:\Program Files (x86)\Java2013-11-24 19:41 - 2013-11-24 19:41 - 00000000 ____D C:\Users\kai\AppData\Roaming\AVAST Software2013-11-24 19:41 - 2013-11-24 18:45 - 00000000 ____D C:\Users\kai\AppData\Local\Google2013-11-24 19:40 - 2013-11-24 19:40 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys2013-11-24 19:40 - 2013-11-24 19:40 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys2013-11-24 19:40 - 2013-11-24 19:40 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe2013-11-24 19:40 - 2013-11-24 19:40 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys2013-11-24 19:40 - 2013-11-24 19:40 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys2013-11-24 19:40 - 2013-11-24 19:40 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys2013-11-24 19:40 - 2013-11-24 19:40 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys2013-11-24 19:40 - 2013-11-24 19:40 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys2013-11-24 19:40 - 2013-11-24 19:40 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr2013-11-24 19:40 - 2013-11-24 19:40 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys2013-11-24 19:40 - 2013-11-24 19:40 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update2013-11-24 19:40 - 2013-11-24 19:40 - 00001978 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk2013-11-24 19:34 - 2013-11-24 19:34 - 00000000 ____D C:\Program Files\AVAST Software2013-11-24 19:33 - 2013-11-24 18:45 - 00004100 _____

Seite 36

FRST-logC:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2013-11-24 19:33 - 2013-11-24 18:45 - 00003848 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2013-11-24 19:32 - 2013-11-24 19:32 - 00000000 ____D C:\ProgramData\AVAST Software2013-11-24 19:27 - 2013-11-24 18:34 - 00000000 ____D C:\Users\kai\AppData\Local\Adobe2013-11-24 19:26 - 2013-11-24 19:26 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2013-11-24 19:26 - 2013-11-24 19:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2013-11-24 19:26 - 2013-11-24 19:26 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater2013-11-24 19:25 - 2013-11-24 19:25 - 00000000 ____D C:\Windows\system32\Macromed2013-11-24 18:46 - 2013-11-24 18:46 - 00000000 ____D C:\Users\kai\AppData\Roaming\Google2013-11-24 18:45 - 2013-11-24 18:45 - 00000000 ____D C:\ProgramData\Google2013-11-24 18:45 - 2013-11-24 18:45 - 00000000 ____D C:\Program Files\Google2013-11-24 18:45 - 2013-11-24 18:45 - 00000000 ____D C:\Program Files (x86)\Google2013-11-24 18:44 - 2013-11-24 18:44 - 00002031 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk2013-11-24 18:44 - 2010-09-08 04:05 - 00000000 ____D C:\ProgramData\Adobe2013-11-24 18:44 - 2010-09-08 04:05 - 00000000 ____D C:\Program Files (x86)\Adobe2013-11-24 18:32 - 2013-11-25 01:29 - 00643866 _____ C:\Windows\system32\perfh007.dat2013-11-24 18:32 - 2013-11-25 01:29 - 00126394 _____ C:\Windows\system32\perfc007.dat2013-11-24 18:32 - 2009-07-14 06:13 - 01472002 _____ C:\Windows\system32\PerfStringBackup.INI2013-11-24 18:24 - 2013-11-24 17:10 - 00174200 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS2013-11-24 18:24 - 2013-11-24 17:10 - 00007488 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT2013-11-24 18:24 - 2013-11-24 17:10 - 00000000 ____D C:\Program Files\Symantec2013-11-24 18:06 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\restore2013-11-24 17:46 - 2013-11-24 17:46 - 00000000 ____D C:\Users\kai\Desktop\VisualStudio 2010 Premium (x86) - DVD (German)2013-11-24 17:44 - 2013-11-24 17:44 - 00000000 ____D C:\Users\kai\Desktop\Visio 2010 with Service Pack 1 (x86 and x64) - DVD (German)2013-11-24 17:26 - 2013-11-24 17:26 - 00000000 ____D C:\Users\kai\AppData\Roaming\Adobe2013-11-24 17:25 - 2013-11-24 17:25 - 00000000 ____D C:\Users\kai\AppData\Roaming\WildTangent2013-11-24 17:10 - 2013-11-25 01:23 - 00002843 _____ C:\Windows\Patch.log2013-11-24 17:10 - 2013-11-25 01:19 - 00000201 _____ C:\Windows\USER.XML2013-11-24 17:10 - 2013-11-24 17:10 - 00002609 _____ C:\Users\Public\Desktop\eBay.lnk2013-11-24 17:10 - 2013-11-24 17:10 - 00000000 ____D C:\Users\kai\AppData\Roaming\Macromedia2013-11-24 17:10 - 2013-11-24 17:10 - 00000000 ____D C:\Users\kai\AppData\Roaming\ATI2013-11-24 17:10 - 2013-11-24 17:10 - 00000000 ____D C:\Users\kai\AppData\Local\ATI2013-11-24 17:10 - 2013-11-24 17:10 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared2013-11-24 17:10 - 2013-11-24 17:10 - 00000000 ____D C:\Program Files (x86)\OEM2013-11-24 17:10 - 2013-11-24 17:09 - 00000737 _____ C:\Windows\WisGRegOffer.log2013-11-24 17:10 - 2010-09-08 04:22 - 00000000 ____D C:\ProgramData\oem2013-11-24 17:10 - 2010-09-08 04:06 - 00000000 ____D C:\ProgramData\Norton2013-11-24 17:10 - 2010-09-08 03:30 - 00782049 _____ C:\Windows\launApp.log2013-11-24 17:10 - 2009-07-27 21:26 - 00000000 ___DC C:\elements2013-11-24 17:10 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help2013-11-24 17:09 - 2013-11-24 17:09 - 00001958 _____ C:\Users\Public\Desktop\PB Zubehör Shop.lnk2013-11-24 17:09 - 2013-11-24 17:09 - 00000122 _____ C:\Windows\WLangUpt.log

Seite 37

FRST-log2013-11-24 17:09 - 2013-11-24 17:09 - 00000020 ___SH C:\Users\kai\ntuser.ini2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\kai\Vorlagen2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\kai\Startmenü2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\kai\Netzwerkumgebung2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\kai\Lokale Einstellungen2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\kai\Eigene Dateien2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\kai\Druckumgebung2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\kai\Documents\Eigene Musik2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\kai\Documents\Eigene Bilder2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programme2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\kai\AppData\Local\Verlauf2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\kai\AppData\Local\Anwendungsdaten2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\kai\Anwendungsdaten2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Default\Vorlagen2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Default\Startmenü2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Default\Eigene Dateien2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Default\Druckumgebung2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Programme2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\ProgramData\Vorlagen2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\ProgramData\Startmenü2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\ProgramData\Favoriten2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\ProgramData\Dokumente2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Program Files\GemeinsameDateien2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 _SHDL C:\Dokumente und Einstellungen

Seite 38

FRST-log2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 __SHD C:\Recovery2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 ____D C:\Users\Public\Symantec2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 ____D C:\Users\kai\AppData\Local\VirtualStore2013-11-24 17:09 - 2013-11-24 17:09 - 00000000 ____D C:\Program Files\PB Accessory Store2013-11-24 17:09 - 2013-11-24 16:38 - 00000246 _____ C:\Windows\PatchFul.log2013-11-24 17:09 - 2010-09-08 04:17 - 00000000 ___HD C:\OEM2013-11-24 17:09 - 2010-09-08 04:16 - 00157711 _____ C:\Windows\PLaunch.log2013-11-24 17:09 - 2010-09-08 04:16 - 00000222 __RSH C:\Preload.rev2013-11-24 17:09 - 2010-09-08 04:16 - 00000168 _____ C:\Windows\WisLangCode.ini2013-11-24 17:09 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default2013-11-24 17:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Recovery2013-11-24 17:09 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Windows NT2013-11-24 17:04 - 2010-09-08 04:16 - 00000213 _____ C:\Windows\Factory.xml2013-11-24 17:03 - 2009-07-27 21:41 - 00000000 ____D C:\Windows\Panther2013-11-24 17:03 - 2009-07-14 05:46 - 00004059 _____ C:\Windows\DtcInstall.log2013-11-24 17:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\sysprep2013-11-24 16:55 - 2013-11-25 01:21 - 00000267 _____ C:\Windows\LaunApp.ini2013-11-24 16:55 - 2013-11-24 16:55 - 00001225 _____ C:\Users\Public\Desktop\Adobe Photoshop Elements 8.0.lnk2013-11-24 16:52 - 2013-11-24 16:52 - 00000345 _____ C:\Windows\system32\oem_Get_OS_Language.log2013-11-24 16:52 - 2013-11-24 16:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Office2013-11-24 16:51 - 2013-11-24 16:51 - 00031400 _____ C:\Windows\DirectX.log2013-11-24 16:51 - 2013-11-24 16:51 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition2013-11-24 16:51 - 2013-11-24 16:49 - 00000000 ____D C:\Program Files (x86)\Windows Live2013-11-24 16:50 - 2013-11-24 16:50 - 00000000 ____D C:\Program Files (x86)\Windows Live SkyDrive2013-11-24 16:49 - 2013-11-24 16:49 - 00000000 ____D C:\Windows\PCHEALTH2013-11-24 16:49 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared2013-11-24 16:48 - 2009-10-05 22:35 - 00000000 ____D C:\Windows\DeployWinRE22013-11-24 16:47 - 2013-11-24 16:47 - 00000000 ____D C:\Program Files (x86)\Cyberlink2013-11-24 16:47 - 2013-11-24 16:46 - 00000000 ____D C:\Program Files (x86)\Social Networks2013-11-24 16:47 - 2010-09-08 04:11 - 00000000 ____D C:\Program Files\Packard Bell2013-11-24 16:47 - 2010-09-08 04:01 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information2013-11-24 16:46 - 2013-11-24 16:46 - 00000000 ____D C:\Program Files (x86)\Video Web Camera2013-11-24 16:46 - 2010-09-08 04:09 - 00000000 ____D C:\Program Files (x86)\Packard Bell2013-11-24 16:45 - 2013-11-24 16:45 - 00004702 _____ C:\Windows\DPINST.LOG2013-11-24 16:45 - 2013-11-24 16:45 - 00003230 _____ C:\Windows\System32\Tasks\SidebarExecute2013-11-24 16:45 - 2013-11-24 16:45 - 00000184 _____ C:\Windows\LMv4.UNI2013-11-24 16:45 - 2013-11-24 16:45 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf2013-11-24 16:45 - 2013-11-24 16:45 - 00000000 ____D C:\Program Files\Synaptics2013-11-24 16:45 - 2013-11-24 16:45 - 00000000 ____D C:\Program Files\Intel2013-11-24 16:45 - 2013-11-24 16:45 - 00000000 ____D C:\Program Files (x86)\Launch Manager2013-11-24 16:44 - 2013-11-24 16:44 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_btath_hcrp_01009.Wdf2013-11-24 16:44 - 2010-05-21 12:26 - 00246804 _____ C:\Windows\system32\Drivers\AtherosBt.bin2013-11-24 16:43 - 2013-11-24 16:43 - 00000000 ____D C:\Program Files (x86)\Bluetooth Suite2013-11-24 16:41 - 2013-11-24 16:41 - 00002142 _____ C:\RHDSetup.log2013-11-24 16:41 - 2013-11-24 16:41 - 00000000 ____D C:\Windows\SysWOW64\RTCOM2013-11-24 16:41 - 2013-11-24 16:41 - 00000000 ____D C:\Windows\Options

Seite 39

FRST-log2013-11-24 16:41 - 2013-11-24 16:41 - 00000000 ____D C:\Program Files\Realtek2013-11-24 16:41 - 2013-11-24 16:41 - 00000000 ____D C:\Program Files (x86)\Realtek2013-11-24 16:40 - 2013-11-24 16:40 - 00000000 ____D C:\ProgramData\ATI2013-11-24 16:40 - 2013-11-24 16:40 - 00000000 ____D C:\Program Files\Broadcom2013-11-24 16:40 - 2013-11-24 16:39 - 00000000 ____D C:\Program Files (x86)\ATI Technologies2013-11-24 16:40 - 2010-09-08 04:01 - 00000000 ____D C:\Program Files (x86)\Intel2013-11-24 16:39 - 2013-11-24 16:39 - 00000000 ____D C:\Program Files\ATI2013-11-24 16:37 - 2013-11-24 16:37 - 00000000 _____ C:\Windows\ativpsrm.bin2013-11-24 16:35 - 2009-07-27 20:43 - 00005767 _____ C:\Windows\TSSysprep.log2013-11-07 16:00 - 2013-11-25 11:24 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:====================C:\Users\kai\AppData\Local\Temp\BackupSetup.exeC:\Users\kai\AppData\Local\Temp\MSN75ED.exeC:\Users\kai\AppData\Local\Temp\vcredist_x64.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-11-24 16:42

==================== End Of Log ============================

Seite 40