Probleme mit dem MSN-EMail Account. Absoluter Laie

LH91 · 29.07.2013, 09:54

Hallo liebe Forennutzer,

eins vorweg ich bin totaler Laie und hab keine Ahnung ich hoffe ihr könnt mir helfen.
Es ist so ich habe von meiner Freundin eine Email erhalten(Keine Spam) und darin war ein Link, welcher nicht funktioniert hat auch eingeben der URL hat nichts gebracht es erschien immer nur: Dieser Link ist nicht mehr verfügbar. Ich habe meine Freundin drauf angesprochen und sie meinte zu mir:"Ich habe dir keine Email geschrieben!" Abends meinte sie zu mir sie hätte eine auch eine Email(Keine SPAM) von mir bekommen welche ich aber definitiv nicht getan habe. Ich habe in meinem Postausgang geschaut und es war keine Email zu sehen. Ich habe schon sämtliche Passwörter geändert-trotzdem will MSN sie nicht erkennen!!! Ich habe Norton 360° und norton sagt mir alles ok. Ich habe schon Antimailwarebyte laufen lassen der hat nichts gefunden. Habt ihr Tipps für mich was ich tun kann. Wie geschrieben bin absoluter Laie und ich hoffe ihr könnt mir helfen.
Als Betriebssystem habe ich Win 8 falls das weiterhilft!

Vielen Dank schonmal im voraus

Euer

LH91

schrauber · 29.07.2013, 09:57

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

LH91 · 29.07.2013, 11:55

hallo schrauber hier sind die ergebnisse:
FRST.txt
FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-07-2013
Ran by Lutz (administrator) on 29-07-2013 12:42:51
Running from C:\Users\Lutz\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Intel Corporation) C:\Windows\system32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [ACMON] - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-09-11] (ASUS)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-03] (NVIDIA Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [37960 2013-05-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-27] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-31] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] - C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [266448 2013-06-21] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll [214448 2013-06-21] (NVIDIA Corporation)
Startup: C:\Users\Lutz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://goggle.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No File
BHO-x32: Plus-HD-2.6 - {11111111-1111-1111-1111-110311341140} - C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-bho.dll (Plus HD)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Lutz\AppData\Roaming\Mozilla\Firefox\Profiles\sfie7b8a.default
FF user.js: detected! => C:\Users\Lutz\AppData\Roaming\Mozilla\Firefox\Profiles\sfie7b8a.default\user.js
FF Keyword.URL: hxxp://www.google.de/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Lutz\AppData\Roaming\Mozilla\Firefox\Profiles\sfie7b8a.default\searchplugins\computer-bild-suche.xml
FF Extension: No Name - C:\Users\Lutz\AppData\Roaming\Mozilla\Firefox\Profiles\sfie7b8a.default\Extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com
FF Extension: No Name - C:\Users\Lutz\AppData\Roaming\Mozilla\Firefox\Profiles\sfie7b8a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\IPSFFPlgn\
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] C:\Program Files\McAfee\MSK
FF Extension: No Name - C:\Program Files\McAfee\MSK

==================== Services (Whitelisted) =================

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1900728 2013-06-06] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
S2 0052531368808816mcinstcleanup; C:\Windows\TEMP\005253~1.EXE -cleanup -nolog [x]

==================== Drivers (Whitelisted) ====================

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-10-31] (ASUS Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-06-11] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-06-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-06-11] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\IPSDefs\20130726.001\IDSvia64.sys [513184 2013-06-08] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\IPSDefs\20130726.001\IDSvia64.sys [513184 2013-06-08] (Symantec Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130728.020\ENG64.SYS [126040 2013-06-11] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130728.020\ENG64.SYS [126040 2013-06-11] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130728.020\EX64.SYS [2098776 2013-06-11] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130728.020\EX64.SYS [2098776 2013-06-11] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1404000.028\SymELAM.sys [23448 2012-11-15] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
U0 msahci; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-29 12:42 - 2013-07-29 12:42 - 00000000 ____D C:\FRST
2013-07-29 12:41 - 2013-07-29 12:42 - 01780547 _____ (Farbar) C:\Users\Lutz\Desktop\FRST64.exe
2013-07-27 11:25 - 2013-07-27 11:25 - 00067386 _____ C:\Users\Lutz\Desktop\Extras.Txt
2013-07-27 11:24 - 2013-07-27 11:24 - 00596312 _____ C:\Users\Lutz\Desktop\OTL.Txt
2013-07-27 11:04 - 2013-07-27 11:04 - 00000408 _____ C:\Users\Gast\AppData\Roaming\sp_data.sys
2013-07-27 11:04 - 2013-07-27 11:04 - 00000000 ____D C:\Users\Gast\AppData\Roaming\ASUS WebStorage
2013-07-27 11:04 - 2013-07-27 11:04 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Apple Computer
2013-07-27 11:02 - 2013-07-27 11:03 - 00000000 ____D C:\Users\Gast
2013-07-27 11:02 - 2013-07-27 11:02 - 00000020 ___SH C:\Users\Gast\ntuser.ini
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Vorlagen
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Startmenü
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Netzwerkumgebung
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Lokale Einstellungen
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Eigene Dateien
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Druckumgebung
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Musik
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Bilder
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Verlauf
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Anwendungsdaten
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Anwendungsdaten
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Adobe
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 ____D C:\Users\Gast\AppData\Local\VirtualStore
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 ____D C:\Users\Gast\AppData\Local\Packages
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 ____D C:\Users\Gast\AppData\Local\ASUS
2013-07-27 10:58 - 2013-07-27 10:52 - 00602112 _____ (OldTimer Tools) C:\Users\Lutz\Desktop\OTL.exe
2013-07-27 10:56 - 2013-07-27 10:56 - 00388608 _____ (Trend Micro Inc.) C:\Users\Lutz\Downloads\HijackThis.exe
2013-07-27 10:52 - 2013-07-27 10:52 - 00602112 _____ (OldTimer Tools) C:\Users\Lutz\Downloads\OTL.exe
2013-07-26 22:46 - 2013-07-26 22:46 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2984763435-1055683380-3862706603-1004
2013-07-26 22:37 - 2013-07-27 11:00 - 00000000 ____D C:\Users\Maike
2013-07-26 21:46 - 2013-07-26 21:46 - 00000795 _____ C:\Windows\setupact.log
2013-07-26 21:46 - 2013-07-26 21:46 - 00000000 _____ C:\Windows\setuperr.log
2013-07-26 21:35 - 2013-07-26 21:35 - 00001115 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-26 21:35 - 2013-07-26 21:35 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Malwarebytes
2013-07-26 21:35 - 2013-07-26 21:35 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-26 21:35 - 2013-07-26 21:35 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-26 21:35 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-07-26 21:29 - 2013-07-26 21:35 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Lutz\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-26 15:26 - 2013-07-26 15:43 - 03260909 _____ (Safer-Networking Ltd.                                       ) C:\Users\Lutz\Downloads\spybot-2.1.exe.part
2013-07-26 15:26 - 2013-07-26 15:26 - 00000000 _____ C:\Users\Lutz\Downloads\spybot-2.1.exe
2013-07-25 16:10 - 2013-06-01 13:54 - 00194816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-07-25 16:10 - 2013-06-01 13:54 - 00125184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2013-07-25 16:10 - 2013-06-01 13:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-07-25 16:10 - 2013-06-01 13:33 - 02233600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-25 16:10 - 2013-06-01 13:29 - 00337152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2013-07-25 16:10 - 2013-06-01 13:29 - 00213248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-07-25 16:10 - 2013-06-01 13:26 - 06987008 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-07-25 16:10 - 2013-06-01 13:26 - 00327936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2013-07-25 16:10 - 2013-06-01 12:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-07-25 16:10 - 2013-06-01 11:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-07-25 16:10 - 2013-06-01 11:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2013-07-25 16:10 - 2013-06-01 11:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2013-07-25 16:10 - 2013-06-01 11:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2013-07-25 16:10 - 2013-06-01 11:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2013-07-25 16:10 - 2013-06-01 11:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2013-07-25 16:10 - 2013-06-01 11:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2013-07-25 16:10 - 2013-06-01 11:22 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-07-25 16:10 - 2013-06-01 11:22 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-07-25 16:10 - 2013-06-01 11:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2013-07-25 16:10 - 2013-06-01 11:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe
2013-07-25 16:10 - 2013-06-01 11:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2013-07-25 16:10 - 2013-06-01 11:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2013-07-25 16:10 - 2013-06-01 11:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2013-07-25 16:10 - 2013-06-01 11:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2013-07-25 16:10 - 2013-06-01 11:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2013-07-25 16:10 - 2013-06-01 11:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2013-07-25 16:10 - 2013-06-01 11:19 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2013-07-25 16:10 - 2013-06-01 11:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll
2013-07-25 16:10 - 2013-06-01 05:08 - 00037632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys
2013-07-25 16:10 - 2013-05-25 00:09 - 01403296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2013-07-25 16:10 - 2013-05-25 00:09 - 01271584 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2013-07-25 16:10 - 2013-05-25 00:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2013-07-25 16:10 - 2013-05-25 00:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2013-07-25 16:10 - 2013-05-20 02:08 - 00386642 _____ C:\Windows\system32\ApnDatabase.xml
2013-07-25 16:09 - 2013-06-17 00:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2013-07-25 16:01 - 2013-07-27 12:41 - 00535382 _____ C:\Windows\WindowsUpdate.log
2013-07-24 22:44 - 2013-07-24 22:44 - 00000000 _____ C:\Users\Lutz\Desktop\Neues Textdokument.txt
2013-07-21 18:09 - 2013-07-21 18:09 - 00000000 _____ C:\Windows\SysWOW64\FAPB412.tmp
2013-07-21 18:08 - 2013-07-21 18:08 - 00000000 _____ C:\Windows\SysWOW64\FAPB20C.tmp
2013-07-21 18:08 - 2013-07-21 18:08 - 00000000 _____ C:\Windows\SysWOW64\FAPABB1.tmp
2013-07-21 18:08 - 2013-07-21 18:08 - 00000000 _____ C:\Windows\SysWOW64\FAPA7D7.tmp
2013-07-21 17:54 - 2013-07-21 17:54 - 00000000 _____ C:\Windows\SysWOW64\FAPF6C4.tmp
2013-07-21 17:53 - 2013-07-21 17:53 - 00000000 _____ C:\Windows\SysWOW64\FAPF470.tmp
2013-07-21 17:53 - 2013-07-21 17:53 - 00000000 _____ C:\Windows\SysWOW64\FAPE6F1.tmp
2013-07-21 17:53 - 2013-07-21 17:53 - 00000000 _____ C:\Windows\SysWOW64\FAPE624.tmp
2013-07-21 17:53 - 2013-07-21 17:53 - 00000000 _____ C:\Windows\SysWOW64\FAP70D3.tmp
2013-07-21 17:53 - 2013-07-21 17:53 - 00000000 _____ C:\Windows\SysWOW64\FAP7006.tmp
2013-07-21 17:53 - 2013-07-21 17:53 - 00000000 _____ C:\Windows\SysWOW64\FAP68FF.tmp
2013-07-21 17:53 - 2013-07-21 17:53 - 00000000 _____ C:\Windows\SysWOW64\FAP688F.tmp
2013-07-21 17:51 - 2013-07-21 17:51 - 00000000 _____ C:\Windows\SysWOW64\FAPF54E.tmp
2013-07-21 17:51 - 2013-07-21 17:51 - 00000000 _____ C:\Windows\SysWOW64\FAPF4B0.tmp
2013-07-21 17:51 - 2013-07-21 17:51 - 00000000 _____ C:\Windows\SysWOW64\FAP1E1C.tmp
2013-07-21 17:51 - 2013-07-21 17:51 - 00000000 _____ C:\Windows\SysWOW64\FAP1D7D.tmp
2013-07-21 17:51 - 2013-07-21 17:51 - 00000000 _____ C:\Windows\SysWOW64\FAP14E0.tmp
2013-07-21 17:51 - 2013-07-21 17:51 - 00000000 _____ C:\Windows\SysWOW64\FAP1452.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAPE6DF.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAPE631.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAPD900.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAPD843.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAPD0EE.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAPD050.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAPB3EC.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAPB33E.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAP279A.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAP269E.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAP1E3F.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAP1DC0.tmp
2013-07-21 17:49 - 2013-07-21 17:49 - 00000000 _____ C:\Windows\SysWOW64\FAPADC3.tmp
2013-07-21 17:49 - 2013-07-21 17:49 - 00000000 _____ C:\Windows\SysWOW64\FAPACF6.tmp
2013-07-21 17:49 - 2013-07-21 17:49 - 00000000 _____ C:\Windows\SysWOW64\FAP75C7.tmp
2013-07-21 17:49 - 2013-07-21 17:49 - 00000000 _____ C:\Windows\SysWOW64\FAP74AB.tmp
2013-07-21 17:48 - 2013-07-21 17:48 - 00000000 _____ C:\Windows\SysWOW64\FAPB418.tmp
2013-07-21 17:48 - 2013-07-21 17:48 - 00000000 _____ C:\Windows\SysWOW64\FAPB34B.tmp
2013-07-21 17:48 - 2013-07-21 17:48 - 00000000 _____ C:\Windows\SysWOW64\FAPA928.tmp
2013-07-21 17:48 - 2013-07-21 17:48 - 00000000 _____ C:\Windows\SysWOW64\FAPA8F7.tmp
2013-07-21 17:47 - 2013-07-21 17:47 - 00000000 _____ C:\Windows\SysWOW64\FAPC94B.tmp
2013-07-21 17:47 - 2013-07-21 17:47 - 00000000 _____ C:\Windows\SysWOW64\FAPC82F.tmp
2013-07-21 17:47 - 2013-07-21 17:47 - 00000000 _____ C:\Windows\SysWOW64\FAP57F6.tmp
2013-07-21 17:47 - 2013-07-21 17:47 - 00000000 _____ C:\Windows\SysWOW64\FAP5768.tmp
2013-07-21 17:47 - 2013-07-21 17:47 - 00000000 _____ C:\Windows\SysWOW64\FAP3BB0.tmp
2013-07-21 17:47 - 2013-07-21 17:47 - 00000000 _____ C:\Windows\SysWOW64\FAP3A37.tmp
2013-07-21 17:46 - 2013-07-21 17:46 - 00000000 _____ C:\Windows\SysWOW64\FAPD978.tmp
2013-07-21 17:46 - 2013-07-21 17:46 - 00000000 _____ C:\Windows\SysWOW64\FAPD87C.tmp
2013-07-21 17:46 - 2013-07-21 17:46 - 00000000 _____ C:\Windows\SysWOW64\FAPCF81.tmp
2013-07-21 17:46 - 2013-07-21 17:46 - 00000000 _____ C:\Windows\SysWOW64\FAPCEC4.tmp
2013-07-21 17:46 - 2013-07-21 17:46 - 00000000 _____ C:\Windows\SysWOW64\FAPBCB1.tmp
2013-07-21 17:46 - 2013-07-21 17:46 - 00000000 _____ C:\Windows\SysWOW64\FAPBBF3.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAPFD3A.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAPFB44.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAPF094.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAPECAA.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAPEB7F.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAPA585.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAPA4D7.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAPA12B.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAP9F55.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAP85A0.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAP8512.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAP5FC5.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAP5D90.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAP5BC9.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAP163.tmp
2013-07-21 17:42 - 2013-07-21 17:42 - 00000000 _____ C:\Windows\SysWOW64\FAP9A6F.tmp
2013-07-21 17:42 - 2013-07-21 17:42 - 00000000 _____ C:\Windows\SysWOW64\FAP7C08.tmp
2013-07-21 17:42 - 2013-07-21 17:42 - 00000000 _____ C:\Windows\SysWOW64\FAP756E.tmp
2013-07-21 17:42 - 2013-07-21 17:42 - 00000000 _____ C:\Windows\SysWOW64\FAP7230.tmp
2013-07-21 17:42 - 2013-07-21 17:42 - 00000000 _____ C:\Windows\SysWOW64\FAP70A7.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP78A9.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP721F.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP7114.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP5368.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP5087.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP4FBA.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP258B.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP203A.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP1F9C.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAPFDD9.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAPFCBE.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAPF970.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAPF632.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAPBBE6.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAPBB48.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAP5597.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAP49DD.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAP444D.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAP4370.tmp
2013-07-21 17:39 - 2013-07-21 17:39 - 00000000 _____ C:\Windows\SysWOW64\FAP905A.tmp
2013-07-21 17:39 - 2013-07-21 17:39 - 00000000 _____ C:\Windows\SysWOW64\FAP6D9E.tmp
2013-07-21 17:39 - 2013-07-21 17:39 - 00000000 _____ C:\Windows\SysWOW64\FAP6917.tmp
2013-07-21 17:38 - 2013-07-21 17:38 - 00000000 _____ C:\Windows\SysWOW64\FAPD976.tmp
2013-07-21 17:38 - 2013-07-21 17:38 - 00000000 _____ C:\Windows\SysWOW64\FAPBF83.tmp
2013-07-21 17:38 - 2013-07-21 17:38 - 00000000 _____ C:\Windows\SysWOW64\FAP21DB.tmp
2013-07-21 17:37 - 2013-07-21 17:37 - 00000000 _____ C:\Windows\SysWOW64\FAPEE66.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAPF0FA.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAPEF14.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAPEACC.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAPE7EC.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAPD02C.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAPCEC2.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP9E2B.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP9A8F.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP9916.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP5679.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP5435.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP531A.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP4FAD.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP4913.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP4335.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP42D6.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP411E.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP223A.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP1F79.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP1BFC.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP1B9C.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP190A.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP17C0.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP153D.tmp
2013-07-21 17:35 - 2013-07-21 17:35 - 00000000 _____ C:\Windows\SysWOW64\FAPF959.tmp
2013-07-21 17:34 - 2013-07-21 17:34 - 00000000 _____ C:\Windows\SysWOW64\FAPCBC0.tmp
2013-07-21 17:34 - 2013-07-21 17:34 - 00000000 _____ C:\Windows\SysWOW64\FAPCA37.tmp
2013-07-21 17:34 - 2013-07-21 17:34 - 00000000 _____ C:\Windows\SysWOW64\FAPC767.tmp
2013-07-21 17:34 - 2013-07-21 17:34 - 00000000 _____ C:\Windows\SysWOW64\FAP476C.tmp
2013-07-21 17:34 - 2013-07-21 17:34 - 00000000 _____ C:\Windows\SysWOW64\FAP45F3.tmp
2013-07-21 17:33 - 2013-07-21 17:33 - 00000000 _____ C:\Windows\SysWOW64\FAPCE07.tmp
2013-07-21 17:33 - 2013-07-21 17:33 - 00000000 _____ C:\Windows\SysWOW64\FAP5C6.tmp
2013-07-21 17:33 - 2013-07-21 17:33 - 00000000 _____ C:\Windows\SysWOW64\FAP58BD.tmp
2013-07-21 17:33 - 2013-07-21 17:33 - 00000000 _____ C:\Windows\SysWOW64\FAP57C1.tmp
2013-07-21 17:33 - 2013-07-21 17:33 - 00000000 _____ C:\Windows\SysWOW64\FAP4DA.tmp
2013-07-21 17:33 - 2013-07-21 17:33 - 00000000 _____ C:\Windows\SysWOW64\FAP2A5.tmp
2013-07-21 17:32 - 2013-07-21 17:32 - 00000000 _____ C:\Windows\SysWOW64\FAPF020.tmp
2013-07-21 17:32 - 2013-07-21 17:32 - 00000000 _____ C:\Windows\SysWOW64\FAPEA61.tmp
2013-07-21 17:32 - 2013-07-21 17:32 - 00000000 _____ C:\Windows\SysWOW64\FAPE9E2.tmp
2013-07-21 17:32 - 2013-07-21 17:32 - 00000000 _____ C:\Windows\SysWOW64\FAPD994.tmp
2013-07-21 17:32 - 2013-07-21 17:32 - 00000000 _____ C:\Windows\SysWOW64\FAP72D5.tmp
2013-07-21 17:32 - 2013-07-21 17:32 - 00000000 _____ C:\Windows\SysWOW64\FAP6FA6.tmp
2013-07-21 17:32 - 2013-07-21 17:32 - 00000000 _____ C:\Windows\SysWOW64\FAP6E0E.tmp
2013-07-21 17:32 - 2013-07-21 17:32 - 00000000 _____ C:\Windows\SysWOW64\FAP6AEF.tmp
2013-07-21 17:31 - 2013-07-21 17:31 - 00000000 _____ C:\Windows\SysWOW64\FAPC59D.tmp
2013-07-21 17:31 - 2013-07-21 17:31 - 00000000 _____ C:\Windows\SysWOW64\FAPBFBF.tmp
2013-07-21 17:31 - 2013-07-21 17:31 - 00000000 _____ C:\Windows\SysWOW64\FAPBF4F.tmp
2013-07-21 17:31 - 2013-07-21 17:31 - 00000000 _____ C:\Windows\SysWOW64\FAPB99.tmp
2013-07-21 17:31 - 2013-07-21 17:31 - 00000000 _____ C:\Windows\SysWOW64\FAP7EE.tmp
2013-07-21 17:31 - 2013-07-21 17:31 - 00000000 _____ C:\Windows\SysWOW64\FAP6D16.tmp
2013-07-21 17:31 - 2013-07-21 17:31 - 00000000 _____ C:\Windows\SysWOW64\FAP6C3A.tmp
2013-07-21 17:31 - 2013-07-21 17:31 - 00000000 _____ C:\Windows\SysWOW64\FAP656.tmp
2013-07-21 17:30 - 2013-07-21 17:30 - 00000000 _____ C:\Windows\SysWOW64\FAP7C63.tmp
2013-07-21 17:30 - 2013-07-21 17:30 - 00000000 _____ C:\Windows\SysWOW64\FAP59B6.tmp
2013-07-21 17:30 - 2013-07-21 17:30 - 00000000 _____ C:\Windows\SysWOW64\FAP589B.tmp
2013-07-21 17:30 - 2013-07-21 17:30 - 00000000 _____ C:\Windows\SysWOW64\FAP5463.tmp
2013-07-21 17:30 - 2013-07-21 17:30 - 00000000 _____ C:\Windows\SysWOW64\FAP5163.tmp
2013-07-21 17:30 - 2013-07-21 17:30 - 00000000 _____ C:\Windows\SysWOW64\FAP4163.tmp
2013-07-21 17:30 - 2013-07-21 17:30 - 00000000 _____ C:\Windows\SysWOW64\FAP40F4.tmp
2013-07-21 17:29 - 2013-07-21 17:29 - 00000000 _____ C:\Windows\SysWOW64\FAPF478.tmp
2013-07-21 17:29 - 2013-07-21 17:29 - 00000000 _____ C:\Windows\SysWOW64\FAPEEF8.tmp
2013-07-21 17:29 - 2013-07-21 17:29 - 00000000 _____ C:\Windows\SysWOW64\FAPEE79.tmp
2013-07-18 16:18 - 2013-07-26 22:34 - 00001914 _____ C:\Windows\PFRO.log
2013-07-15 23:34 - 2013-07-15 23:34 - 01067456 _____ (Solid State Networks) C:\Users\Lutz\Downloads\install_flashplayer11x32au_mssd_aaa_aih(1).exe
2013-07-15 17:01 - 2013-07-15 17:01 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Thunderbird
2013-07-15 17:01 - 2013-07-15 17:01 - 00000000 ____D C:\Users\Lutz\AppData\Local\Thunderbird
2013-07-15 16:58 - 2013-07-15 16:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-07-15 16:46 - 2013-07-15 16:48 - 19678576 _____ (Mozilla) C:\Users\Lutz\Downloads\Thunderbird_Setup_17.0.7.exe
2013-07-13 18:47 - 2013-07-13 18:47 - 00421880 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-13 16:34 - 2013-07-26 22:33 - 00000000 ____D C:\Users\Lutz\Downloads\Setup
2013-07-12 15:23 - 2013-05-31 01:14 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-12 15:19 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-12 15:19 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-12 15:19 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-12 15:19 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-12 15:19 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-12 15:19 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-12 15:19 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-12 15:19 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-12 15:19 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-12 15:19 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-12 15:19 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-12 15:19 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-12 15:19 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-12 15:19 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-12 15:19 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-12 15:19 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-12 15:19 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-12 14:57 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-12 14:57 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-12 14:55 - 2013-06-01 11:25 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-12 14:55 - 2013-06-01 11:21 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 20:23 - 2013-07-11 20:23 - 00000000 ____D C:\Windows\SysWOW64\Hotspot Shield
2013-07-11 14:45 - 2013-05-16 00:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2013-07-11 14:45 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-11 14:45 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-02 15:51 - 2013-07-02 15:51 - 00000000 ____D C:\Windows\SysWOW64\NV
2013-07-02 15:51 - 2013-07-02 15:51 - 00000000 ____D C:\Windows\system32\NV
2013-07-02 00:38 - 2013-07-02 00:38 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-02 00:35 - 2013-06-21 14:06 - 27781920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 15920536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 15144928 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 13411896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 11235104 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-07-02 00:35 - 2013-06-21 14:06 - 09239344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 02953504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 00572704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 00570656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 00467232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 00465184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 00218592 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 00181488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 00030496 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys

==================== One Month Modified Files and Folders =======

2013-07-29 12:42 - 2013-07-29 12:42 - 00000000 ____D C:\FRST
2013-07-29 12:42 - 2013-07-29 12:41 - 01780547 _____ (Farbar) C:\Users\Lutz\Desktop\FRST64.exe
2013-07-29 12:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-07-29 11:48 - 2013-05-16 17:54 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-29 10:27 - 2013-06-15 23:07 - 00001842 _____ C:\Windows\Tasks\Plus-HD-2.6-firefoxinstaller.job
2013-07-29 10:27 - 2013-06-15 23:07 - 00001210 _____ C:\Windows\Tasks\Plus-HD-2.6-codedownloader.job
2013-07-29 10:27 - 2013-06-15 23:07 - 00001206 _____ C:\Windows\Tasks\Plus-HD-2.6-updater.job
2013-07-29 10:27 - 2013-06-15 23:07 - 00001110 _____ C:\Windows\Tasks\Plus-HD-2.6-enabler.job
2013-07-29 10:27 - 2013-05-16 15:24 - 00000507 _____ C:\Users\Lutz\AppData\Roaming\sp_data.sys
2013-07-29 10:24 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-28 16:16 - 2012-07-26 07:26 - 00524288 ___SH C:\Windows\system32\config\BBI
2013-07-28 16:15 - 2013-05-23 15:51 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-07-27 12:41 - 2013-07-25 16:01 - 00535382 _____ C:\Windows\WindowsUpdate.log
2013-07-27 11:25 - 2013-07-27 11:25 - 00067386 _____ C:\Users\Lutz\Desktop\Extras.Txt
2013-07-27 11:24 - 2013-07-27 11:24 - 00596312 _____ C:\Users\Lutz\Desktop\OTL.Txt
2013-07-27 11:04 - 2013-07-27 11:04 - 00000408 _____ C:\Users\Gast\AppData\Roaming\sp_data.sys
2013-07-27 11:04 - 2013-07-27 11:04 - 00000000 ____D C:\Users\Gast\AppData\Roaming\ASUS WebStorage
2013-07-27 11:04 - 2013-07-27 11:04 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Apple Computer
2013-07-27 11:03 - 2013-07-27 11:02 - 00000000 ____D C:\Users\Gast
2013-07-27 11:02 - 2013-07-27 11:02 - 00000020 ___SH C:\Users\Gast\ntuser.ini
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Vorlagen
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Startmenü
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Netzwerkumgebung
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Lokale Einstellungen
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Eigene Dateien
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Druckumgebung
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Musik
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Bilder
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Verlauf
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Anwendungsdaten
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Anwendungsdaten
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Adobe
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 ____D C:\Users\Gast\AppData\Local\VirtualStore
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 ____D C:\Users\Gast\AppData\Local\Packages
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 ____D C:\Users\Gast\AppData\Local\ASUS
2013-07-27 11:00 - 2013-07-26 22:37 - 00000000 ____D C:\Users\Maike
2013-07-27 11:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-07-27 10:57 - 2013-05-16 15:21 - 00000000 ____D C:\Users\Lutz\AppData\Local\VirtualStore
2013-07-27 10:56 - 2013-07-27 10:56 - 00388608 _____ (Trend Micro Inc.) C:\Users\Lutz\Downloads\HijackThis.exe
2013-07-27 10:52 - 2013-07-27 10:58 - 00602112 _____ (OldTimer Tools) C:\Users\Lutz\Desktop\OTL.exe
2013-07-27 10:52 - 2013-07-27 10:52 - 00602112 _____ (OldTimer Tools) C:\Users\Lutz\Downloads\OTL.exe
2013-07-26 22:46 - 2013-07-26 22:46 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2984763435-1055683380-3862706603-1004
2013-07-26 22:34 - 2013-07-18 16:18 - 00001914 _____ C:\Windows\PFRO.log
2013-07-26 22:33 - 2013-07-13 16:34 - 00000000 ____D C:\Users\Lutz\Downloads\Setup
2013-07-26 21:50 - 2012-08-03 01:02 - 00753134 _____ C:\Windows\system32\perfh007.dat
2013-07-26 21:50 - 2012-08-03 01:02 - 00155826 _____ C:\Windows\system32\perfc007.dat
2013-07-26 21:50 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-26 21:46 - 2013-07-26 21:46 - 00000795 _____ C:\Windows\setupact.log
2013-07-26 21:46 - 2013-07-26 21:46 - 00000000 _____ C:\Windows\setuperr.log
2013-07-26 21:35 - 2013-07-26 21:35 - 00001115 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-26 21:35 - 2013-07-26 21:35 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Malwarebytes
2013-07-26 21:35 - 2013-07-26 21:35 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-26 21:35 - 2013-07-26 21:35 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-26 21:35 - 2013-07-26 21:29 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Lutz\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-26 15:43 - 2013-07-26 15:26 - 03260909 _____ (Safer-Networking Ltd.                                       ) C:\Users\Lutz\Downloads\spybot-2.1.exe.part
2013-07-26 15:26 - 2013-07-26 15:26 - 00000000 _____ C:\Users\Lutz\Downloads\spybot-2.1.exe
2013-07-26 13:56 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-07-24 22:44 - 2013-07-24 22:44 - 00000000 _____ C:\Users\Lutz\Desktop\Neues Textdokument.txt
2013-07-21 18:09 - 2013-07-21 18:09 - 00000000 _____ C:\Windows\SysWOW64\FAPB412.tmp
2013-07-21 18:08 - 2013-07-21 18:08 - 00000000 _____ C:\Windows\SysWOW64\FAPB20C.tmp
2013-07-21 18:08 - 2013-07-21 18:08 - 00000000 _____ C:\Windows\SysWOW64\FAPABB1.tmp
2013-07-21 18:08 - 2013-07-21 18:08 - 00000000 _____ C:\Windows\SysWOW64\FAPA7D7.tmp
2013-07-21 17:54 - 2013-07-21 17:54 - 00000000 _____ C:\Windows\SysWOW64\FAPF6C4.tmp
2013-07-21 17:53 - 2013-07-21 17:53 - 00000000 _____ C:\Windows\SysWOW64\FAPF470.tmp
2013-07-21 17:53 - 2013-07-21 17:53 - 00000000 _____ C:\Windows\SysWOW64\FAPE6F1.tmp
2013-07-21 17:53 - 2013-07-21 17:53 - 00000000 _____ C:\Windows\SysWOW64\FAPE624.tmp
2013-07-21 17:53 - 2013-07-21 17:53 - 00000000 _____ C:\Windows\SysWOW64\FAP70D3.tmp
2013-07-21 17:53 - 2013-07-21 17:53 - 00000000 _____ C:\Windows\SysWOW64\FAP7006.tmp
2013-07-21 17:53 - 2013-07-21 17:53 - 00000000 _____ C:\Windows\SysWOW64\FAP68FF.tmp
2013-07-21 17:53 - 2013-07-21 17:53 - 00000000 _____ C:\Windows\SysWOW64\FAP688F.tmp
2013-07-21 17:51 - 2013-07-21 17:51 - 00000000 _____ C:\Windows\SysWOW64\FAPF54E.tmp
2013-07-21 17:51 - 2013-07-21 17:51 - 00000000 _____ C:\Windows\SysWOW64\FAPF4B0.tmp
2013-07-21 17:51 - 2013-07-21 17:51 - 00000000 _____ C:\Windows\SysWOW64\FAP1E1C.tmp
2013-07-21 17:51 - 2013-07-21 17:51 - 00000000 _____ C:\Windows\SysWOW64\FAP1D7D.tmp
2013-07-21 17:51 - 2013-07-21 17:51 - 00000000 _____ C:\Windows\SysWOW64\FAP14E0.tmp
2013-07-21 17:51 - 2013-07-21 17:51 - 00000000 _____ C:\Windows\SysWOW64\FAP1452.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAPE6DF.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAPE631.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAPD900.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAPD843.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAPD0EE.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAPD050.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAPB3EC.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAPB33E.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAP279A.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAP269E.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAP1E3F.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAP1DC0.tmp
2013-07-21 17:49 - 2013-07-21 17:49 - 00000000 _____ C:\Windows\SysWOW64\FAPADC3.tmp
2013-07-21 17:49 - 2013-07-21 17:49 - 00000000 _____ C:\Windows\SysWOW64\FAPACF6.tmp
2013-07-21 17:49 - 2013-07-21 17:49 - 00000000 _____ C:\Windows\SysWOW64\FAP75C7.tmp
2013-07-21 17:49 - 2013-07-21 17:49 - 00000000 _____ C:\Windows\SysWOW64\FAP74AB.tmp
2013-07-21 17:48 - 2013-07-21 17:48 - 00000000 _____ C:\Windows\SysWOW64\FAPB418.tmp
2013-07-21 17:48 - 2013-07-21 17:48 - 00000000 _____ C:\Windows\SysWOW64\FAPB34B.tmp
2013-07-21 17:48 - 2013-07-21 17:48 - 00000000 _____ C:\Windows\SysWOW64\FAPA928.tmp
2013-07-21 17:48 - 2013-07-21 17:48 - 00000000 _____ C:\Windows\SysWOW64\FAPA8F7.tmp
2013-07-21 17:47 - 2013-07-21 17:47 - 00000000 _____ C:\Windows\SysWOW64\FAPC94B.tmp
2013-07-21 17:47 - 2013-07-21 17:47 - 00000000 _____ C:\Windows\SysWOW64\FAPC82F.tmp
2013-07-21 17:47 - 2013-07-21 17:47 - 00000000 _____ C:\Windows\SysWOW64\FAP57F6.tmp
2013-07-21 17:47 - 2013-07-21 17:47 - 00000000 _____ C:\Windows\SysWOW64\FAP5768.tmp
2013-07-21 17:47 - 2013-07-21 17:47 - 00000000 _____ C:\Windows\SysWOW64\FAP3BB0.tmp
2013-07-21 17:47 - 2013-07-21 17:47 - 00000000 _____ C:\Windows\SysWOW64\FAP3A37.tmp
2013-07-21 17:46 - 2013-07-21 17:46 - 00000000 _____ C:\Windows\SysWOW64\FAPD978.tmp
2013-07-21 17:46 - 2013-07-21 17:46 - 00000000 _____ C:\Windows\SysWOW64\FAPD87C.tmp
2013-07-21 17:46 - 2013-07-21 17:46 - 00000000 _____ C:\Windows\SysWOW64\FAPCF81.tmp
2013-07-21 17:46 - 2013-07-21 17:46 - 00000000 _____ C:\Windows\SysWOW64\FAPCEC4.tmp
2013-07-21 17:46 - 2013-07-21 17:46 - 00000000 _____ C:\Windows\SysWOW64\FAPBCB1.tmp
2013-07-21 17:46 - 2013-07-21 17:46 - 00000000 _____ C:\Windows\SysWOW64\FAPBBF3.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAPFD3A.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAPFB44.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAPF094.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAPECAA.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAPEB7F.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAPA585.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAPA4D7.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAPA12B.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAP9F55.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAP85A0.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAP8512.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAP5FC5.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAP5D90.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAP5BC9.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAP163.tmp
2013-07-21 17:42 - 2013-07-21 17:42 - 00000000 _____ C:\Windows\SysWOW64\FAP9A6F.tmp
2013-07-21 17:42 - 2013-07-21 17:42 - 00000000 _____ C:\Windows\SysWOW64\FAP7C08.tmp
2013-07-21 17:42 - 2013-07-21 17:42 - 00000000 _____ C:\Windows\SysWOW64\FAP756E.tmp
2013-07-21 17:42 - 2013-07-21 17:42 - 00000000 _____ C:\Windows\SysWOW64\FAP7230.tmp
2013-07-21 17:42 - 2013-07-21 17:42 - 00000000 _____ C:\Windows\SysWOW64\FAP70A7.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP78A9.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP721F.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP7114.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP5368.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP5087.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP4FBA.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP258B.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP203A.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP1F9C.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAPFDD9.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAPFCBE.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAPF970.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAPF632.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAPBBE6.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAPBB48.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAP5597.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAP49DD.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAP444D.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAP4370.tmp
2013-07-21 17:39 - 2013-07-21 17:39 - 00000000 _____ C:\Windows\SysWOW64\FAP905A.tmp
2013-07-21 17:39 - 2013-07-21 17:39 - 00000000 _____ C:\Windows\SysWOW64\FAP6D9E.tmp
2013-07-21 17:39 - 2013-07-21 17:39 - 00000000 _____ C:\Windows\SysWOW64\FAP6917.tmp
2013-07-21 17:38 - 2013-07-21 17:38 - 00000000 _____ C:\Windows\SysWOW64\FAPD976.tmp
2013-07-21 17:38 - 2013-07-21 17:38 - 00000000 _____ C:\Windows\SysWOW64\FAPBF83.tmp
2013-07-21 17:38 - 2013-07-21 17:38 - 00000000 _____ C:\Windows\SysWOW64\FAP21DB.tmp
2013-07-21 17:37 - 2013-07-21 17:37 - 00000000 _____ C:\Windows\SysWOW64\FAPEE66.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAPF0FA.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAPEF14.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAPEACC.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAPE7EC.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAPD02C.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAPCEC2.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP9E2B.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP9A8F.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP9916.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP5679.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP5435.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP531A.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP4FAD.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP4913.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP4335.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP42D6.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP411E.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP223A.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP1F79.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP1BFC.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP1B9C.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP190A.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP17C0.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP153D.tmp
2013-07-21 17:35 - 2013-07-21 17:35 - 00000000 _____ C:\Windows\SysWOW64\FAPF959.tmp
2013-07-21 17:34 - 2013-07-21 17:34 - 00000000 _____ C:\Windows\SysWOW64\FAPCBC0.tmp
2013-07-21 17:34 - 2013-07-21 17:34 - 00000000 _____ C:\Windows\SysWOW64\FAPCA37.tmp
2013-07-21 17:34 - 2013-07-21 17:34 - 00000000 _____ C:\Windows\SysWOW64\FAPC767.tmp
2013-07-21 17:34 - 2013-07-21 17:34 - 00000000 _____ C:\Windows\SysWOW64\FAP476C.tmp
2013-07-21 17:34 - 2013-07-21 17:34 - 00000000 _____ C:\Windows\SysWOW64\FAP45F3.tmp
2013-07-21 17:33 - 2013-07-21 17:33 - 00000000 _____ C:\Windows\SysWOW64\FAPCE07.tmp
2013-07-21 17:33 - 2013-07-21 17:33 - 00000000 _____ C:\Windows\SysWOW64\FAP5C6.tmp
2013-07-21 17:33 - 2013-07-21 17:33 - 00000000 _____ C:\Windows\SysWOW64\FAP58BD.tmp
2013-07-21 17:33 - 2013-07-21 17:33 - 00000000 _____ C:\Windows\SysWOW64\FAP57C1.tmp
2013-07-21 17:33 - 2013-07-21 17:33 - 00000000 _____ C:\Windows\SysWOW64\FAP4DA.tmp
2013-07-21 17:33 - 2013-07-21 17:33 - 00000000 _____ C:\Windows\SysWOW64\FAP2A5.tmp
2013-07-21 17:32 - 2013-07-21 17:32 - 00000000 _____ C:\Windows\SysWOW64\FAPF020.tmp
2013-07-21 17:32 - 2013-07-21 17:32 - 00000000 _____ C:\Windows\SysWOW64\FAPEA61.tmp
2013-07-21 17:32 - 2013-07-21 17:32 - 00000000 _____ C:\Windows\SysWOW64\FAPE9E2.tmp
2013-07-21 17:32 - 2013-07-21 17:32 - 00000000 _____ C:\Windows\SysWOW64\FAPD994.tmp
2013-07-21 17:32 - 2013-07-21 17:32 - 00000000 _____ C:\Windows\SysWOW64\FAP72D5.tmp
2013-07-21 17:32 - 2013-07-21 17:32 - 00000000 _____ C:\Windows\SysWOW64\FAP6FA6.tmp
2013-07-21 17:32 - 2013-07-21 17:32 - 00000000 _____ C:\Windows\SysWOW64\FAP6E0E.tmp
2013-07-21 17:32 - 2013-07-21 17:32 - 00000000 _____ C:\Windows\SysWOW64\FAP6AEF.tmp
2013-07-21 17:31 - 2013-07-21 17:31 - 00000000 _____ C:\Windows\SysWOW64\FAPC59D.tmp
2013-07-21 17:31 - 2013-07-21 17:31 - 00000000 _____ C:\Windows\SysWOW64\FAPBFBF.tmp
2013-07-21 17:31 - 2013-07-21 17:31 - 00000000 _____ C:\Windows\SysWOW64\FAPBF4F.tmp
2013-07-21 17:31 - 2013-07-21 17:31 - 00000000 _____ C:\Windows\SysWOW64\FAPB99.tmp
2013-07-21 17:31 - 2013-07-21 17:31 - 00000000 _____ C:\Windows\SysWOW64\FAP7EE.tmp
2013-07-21 17:31 - 2013-07-21 17:31 - 00000000 _____ C:\Windows\SysWOW64\FAP6D16.tmp
2013-07-21 17:31 - 2013-07-21 17:31 - 00000000 _____ C:\Windows\SysWOW64\FAP6C3A.tmp
2013-07-21 17:31 - 2013-07-21 17:31 - 00000000 _____ C:\Windows\SysWOW64\FAP656.tmp
2013-07-21 17:30 - 2013-07-21 17:30 - 00000000 _____ C:\Windows\SysWOW64\FAP7C63.tmp
2013-07-21 17:30 - 2013-07-21 17:30 - 00000000 _____ C:\Windows\SysWOW64\FAP59B6.tmp
2013-07-21 17:30 - 2013-07-21 17:30 - 00000000 _____ C:\Windows\SysWOW64\FAP589B.tmp
2013-07-21 17:30 - 2013-07-21 17:30 - 00000000 _____ C:\Windows\SysWOW64\FAP5463.tmp
2013-07-21 17:30 - 2013-07-21 17:30 - 00000000 _____ C:\Windows\SysWOW64\FAP5163.tmp
2013-07-21 17:30 - 2013-07-21 17:30 - 00000000 _____ C:\Windows\SysWOW64\FAP4163.tmp
2013-07-21 17:30 - 2013-07-21 17:30 - 00000000 _____ C:\Windows\SysWOW64\FAP40F4.tmp
2013-07-21 17:29 - 2013-07-21 17:29 - 00000000 _____ C:\Windows\SysWOW64\FAPF478.tmp
2013-07-21 17:29 - 2013-07-21 17:29 - 00000000 _____ C:\Windows\SysWOW64\FAPEEF8.tmp
2013-07-21 17:29 - 2013-07-21 17:29 - 00000000 _____ C:\Windows\SysWOW64\FAPEE79.tmp
2013-07-20 14:00 - 2013-05-16 15:31 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2984763435-1055683380-3862706603-1002
2013-07-15 23:37 - 2013-05-16 17:20 - 00000000 ____D C:\Users\Lutz\AppData\Local\Adobe
2013-07-15 23:36 - 2013-05-16 17:54 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-15 23:34 - 2013-07-15 23:34 - 01067456 _____ (Solid State Networks) C:\Users\Lutz\Downloads\install_flashplayer11x32au_mssd_aaa_aih(1).exe
2013-07-15 21:54 - 2013-05-16 16:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-15 17:01 - 2013-07-15 17:01 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Thunderbird
2013-07-15 17:01 - 2013-07-15 17:01 - 00000000 ____D C:\Users\Lutz\AppData\Local\Thunderbird
2013-07-15 16:58 - 2013-07-15 16:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-07-15 16:48 - 2013-07-15 16:46 - 19678576 _____ (Mozilla) C:\Users\Lutz\Downloads\Thunderbird_Setup_17.0.7.exe
2013-07-14 15:22 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-07-13 18:47 - 2013-07-13 18:47 - 00421880 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-13 13:01 - 2012-07-26 11:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-12 15:20 - 2013-05-17 16:38 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-11 20:23 - 2013-07-11 20:23 - 00000000 ____D C:\Windows\SysWOW64\Hotspot Shield
2013-07-11 20:23 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2013-07-05 13:48 - 2013-05-16 15:39 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-07-04 22:49 - 2013-06-27 22:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-02 15:51 - 2013-07-02 15:51 - 00000000 ____D C:\Windows\SysWOW64\NV
2013-07-02 15:51 - 2013-07-02 15:51 - 00000000 ____D C:\Windows\system32\NV
2013-07-02 00:38 - 2013-07-02 00:38 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-02 00:38 - 2012-12-28 18:23 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-02 00:38 - 2012-12-28 18:22 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-01 15:27 - 2013-05-16 15:21 - 00000000 ____D C:\Users\Lutz\AppData\Local\Packages
2013-07-01 01:05 - 2013-06-17 15:10 - 00000000 ____D C:\Users\Lutz\AppData\Local\CrashDumps

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-21 13:38

==================== End Of Log ============================

--- --- ---

--- --- ---

und hier die ergebnisse von
Addition.txtFRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-07-2013
Ran by Lutz at 2013-07-29 12:43:23
Running from C:\Users\Lutz\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Reader X (10.1.7) MUI (x32 Version: 10.1.7)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
ASUS Instant Connect (x32 Version: 1.2.8)
ASUS InstantOn (x32 Version: 3.0.4)
ASUS LifeFrame3 (x32 Version: 3.1.9)
ASUS Live Update (x32 Version: 3.1.9)
ASUS Power4Gear Hybrid (Version: 2.0.4)
ASUS Screen Saver (Version: 1.0.0)
ASUS Smart Gesture (x32 Version: 1.0.35)
ASUS Splendid Video Enhancement Technology (x32 Version: 1.03.0005)
ASUS Tutor (x32 Version: 1.0.8)
ASUS USB Charger Plus (x32 Version: 2.1.5)
ASUS WebStorage Sync Agent (x32 Version: 1.1.10.123)
ATK Package (x32 Version: 1.0.0025)
Bonjour (Version: 3.0.0.10)
Canon IJ Network Scanner Selector EX (x32)
Canon IJ Network Tool (x32 Version: 3.1.0)
Canon IJ Scan Utility (x32)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (x32 Version: 4.0.0)
Canon MG4200 series Benutzerregistrierung (x32)
Canon MG4200 series MP Drivers (Version: 1.01)
CCleaner (Version: 4.01)
D3DX10 (x32 Version: 15.4.2368.0902)
dows Driver Package - ASUS (ATP) Mouse  (10/29/2012 1.0.0.148) (Version: 10/29/2012 1.0.0.148)
Fotogalerie (x32 Version: 16.4.3505.0912)
Free YouTube to MP3 Converter version 3.12.2.430 (x32 Version: 3.12.2.430)
Galerie de photos (x32 Version: 16.4.3505.0912)
Image Editor Packages (HKCU)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2828)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
iTunes (Version: 11.0.4.4)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Movie Maker (x32 Version: 16.4.3505.0912)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 17.0.7)
Mozilla Thunderbird 17.0.7 (x86 de) (x32 Version: 17.0.7)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MyBitCast 2.0 (x32 Version: 2.0)
Norton 360 (x32 Version: 20.4.0.40)
NVIDIA GeForce Experience 1.5.1 (Version: 1.5.1)
NVIDIA Grafiktreiber 320.49 (Version: 320.49)
NVIDIA Install Application (Version: 2.1002.125.816)
NVIDIA Optimus 6.4.23 (Version: 6.4.23)
NVIDIA PhysX (x32 Version: 9.13.0604)
NVIDIA PhysX-Systemsoftware 9.13.0604 (Version: 9.13.0604)
NVIDIA Systemsteuerung 320.49 (Version: 320.49)
NVIDIA Update 6.4.23 (Version: 6.4.23)
NVIDIA Update Components (Version: 6.4.23)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4505.1510)
Office 15 Click-to-Run Licensing Component (Version: 15.0.4505.1510)
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4505.1510)
OPERATION7 (x32)
Photo Common (x32 Version: 16.4.3505.0912)
Photo Gallery (x32 Version: 16.4.3505.0912)
PlanetSide 2 (HKCU Version: 1.0.3.183)
PlanetSide 2 PSG (2) (HKCU Version: 1.0.3.183)
Plus-HD-2.6 (x32 Version: 1.27.153.5)
Qualcomm Atheros Client Installation Program (x32 Version: 10.0)
Raccolta foto (x32 Version: 16.4.3505.0912)
Realtek Ethernet Controller Driver (x32 Version: 8.2.612.2012)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6685)
Realtek PCIE Card Reader (x32 Version: 6.2.8400.27024)
Shared C Run-time for x64 (Version: 10.0.0)
Update for Image Editor (HKCU)
Windows Live (x32 Version: 16.4.3505.0912)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
WinFlash (x32 Version: 2.41.1)

==================== Restore Points  =========================

14-07-2013 13:20:38 Windows Update
16-07-2013 10:15:04 Norton 360 Registry Clean
24-07-2013 12:26:34 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0C1063EF-AD60-4059-AA14-A8E22AF89532} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation)
Task: {124B2CE1-E489-45D4-A078-9C59FA18BD4E} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2984763435-1055683380-3862706603-1002
Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical
Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {1D59EFFE-3B2F-4B65-84C5-34DEA905AE97} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance
Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {27F5EF07-6F88-4D61-9FDA-E98C52F1BAD4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)
Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh
Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks
Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update
Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator
Task: {37B4DE1B-9DF7-44D3-998E-34306C496700} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall
Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask
Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage
Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation)
Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon
Task: {4D59BBCF-BC33-4225-9328-43E3E9AB005A} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {4EF7B926-1F23-4579-AC7E-40F0F426C715} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-09-24] (ASUS)
Task: {539903EA-88D0-4DE3-BCD1-62DC84C9B89B} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\Windows\system32\sc.exe [2012-07-26] (Microsoft Corporation)
Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance
Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required
Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation)
Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-11-27] (Microsoft Corporation)
Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319
Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update
Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance
Task: {7F731A8C-50BE-4587-B660-50008484B8F6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-15] (Adobe Systems Incorporated)
Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance
Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)
Task: {8D398121-E46D-4CD2-BC3F-0E2EC8451F53} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-06-06] (Microsoft Corporation)
Task: {8EFC3DE9-FFE1-472B-9AFC-1D724A670EF1} - System32\Tasks\Plus-HD-2.6-enabler => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-enabler.exe [2013-06-17] (Plus HD)
Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses
Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime
Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64
Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Task: {A2C7E81C-55C5-4A66-929E-5DB6005525A8} - System32\Tasks\Plus-HD-2.6-codedownloader => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-codedownloader.exe [2013-06-17] (Plus HD)
Task: {A3FC2458-ED81-4FF6-B06B-F2B6915960F7} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask
Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh
Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask
Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan
Task: {B6CC5159-78A9-4BA2-8F6C-FB071FE2B125} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {BB738F48-2B3A-4FFE-826F-17CD0449FC11} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2013-06-14] (Microsoft Corporation)
Task: {BC11CF2E-A5AD-49DF-B009-5B52537BE41D} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2984763435-1055683380-3862706603-1004
Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific
Task: {BC7E7F38-B731-49BC-845D-488EC470FE2B} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2012-11-27] (Microsoft Corporation)
Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan
Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {CC3F9163-8B75-4801-8861-015D1689893D} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2012-10-31] (AsusTek)
Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork
Task: {CD68AE62-3D7B-4744-8FD8-64B72002872B} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup
Task: {CD6C8F8D-18CC-42E2-A670-60B8947D8C70} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\WSCStub.exe [2013-06-04] (Symantec Corporation)
Task: {D1D2ED26-3A1A-4D9A-B52A-BC44F4565807} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.)
Task: {D6C08640-69CB-4FCC-956B-5D4E7F690327} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect
Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical
Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery
Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-11-27] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM
Task: {ED45527F-74C6-4EBD-8601-22A63F8D518D} - System32\Tasks\Plus-HD-2.6-updater => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-updater.exe [2013-06-17] (Plus HD)
Task: {FA61C9C8-2AC4-479A-8DB5-4E0BA4523368} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {FD7040AB-9A5B-4085-AFF7-EA2BABE490AE} - System32\Tasks\Plus-HD-2.6-firefoxinstaller => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-firefoxinstaller.exe [2013-06-17] (Plus HD)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\dsite.job => ?
Task: C:\Windows\Tasks\Plus-HD-2.6-codedownloader.job => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-codedownloader.exe
Task: C:\Windows\Tasks\Plus-HD-2.6-enabler.job => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-enabler.exe
Task: C:\Windows\Tasks\Plus-HD-2.6-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-firefoxinstaller.exe
Task: C:\Windows\Tasks\Plus-HD-2.6-updater.job => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-updater.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/27/2013 11:00:40 AM) (Source: Microsoft-Windows-User Profiles Service) (User: Meiner)
Description: Das Profilverzeichnis kann nicht gelöscht werden C:\Users\Maike. Dies liegt u. U. daran, dass Dateien in diesem Verzeichnis von einem anderen Programm verwendet werden. 

 DETAIL - Das Verzeichnis ist nicht leer.

Error: (07/26/2013 02:10:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Meiner)
Description: Die App „allesklar.comAG.meinestadt.de_z8bz7cepm792y!App“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.

Error: (07/26/2013 02:01:55 PM) (Source: Application Hang) (User: )
Description: Programm wwahost.exe, Version 6.2.9200.16420 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1338

Startzeit: 01ce89f7c95fb997

Endzeit: 4294967295

Anwendungspfad: C:\Windows\system32\wwahost.exe

Berichts-ID: 260af96b-f5eb-11e2-beb6-74d02b002540

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Microsoft.WindowsLive.Mail

Error: (07/26/2013 02:01:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Meiner)
Description: Das Paket „microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (07/26/2013 00:47:55 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1062

Error: (07/26/2013 00:47:55 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1062

Error: (07/26/2013 00:47:55 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/23/2013 08:49:55 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 897203

Error: (07/23/2013 08:49:55 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 897203

Error: (07/23/2013 08:49:55 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (07/28/2013 04:16:39 PM) (Source: DCOM) (User: Meiner)
Description: Microsoft.WindowsLive.Platform.Service.RemoteProcess

Error: (07/27/2013 11:06:50 AM) (Source: DCOM) (User: Meiner)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}MeinerGastS-1-5-21-2984763435-1055683380-3862706603-501LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (07/27/2013 11:06:44 AM) (Source: DCOM) (User: Meiner)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}MeinerGastS-1-5-21-2984763435-1055683380-3862706603-501LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (07/27/2013 11:06:38 AM) (Source: DCOM) (User: Meiner)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}MeinerGastS-1-5-21-2984763435-1055683380-3862706603-501LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (07/27/2013 11:06:32 AM) (Source: DCOM) (User: Meiner)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}MeinerGastS-1-5-21-2984763435-1055683380-3862706603-501LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (07/27/2013 11:06:26 AM) (Source: DCOM) (User: Meiner)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}MeinerGastS-1-5-21-2984763435-1055683380-3862706603-501LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (07/27/2013 11:06:20 AM) (Source: DCOM) (User: Meiner)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}MeinerGastS-1-5-21-2984763435-1055683380-3862706603-501LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (07/27/2013 11:06:14 AM) (Source: DCOM) (User: Meiner)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}MeinerGastS-1-5-21-2984763435-1055683380-3862706603-501LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (07/27/2013 11:06:08 AM) (Source: DCOM) (User: Meiner)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}MeinerGastS-1-5-21-2984763435-1055683380-3862706603-501LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (07/27/2013 11:06:02 AM) (Source: DCOM) (User: Meiner)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}MeinerGastS-1-5-21-2984763435-1055683380-3862706603-501LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


Microsoft Office Sessions:
=========================
Error: (07/27/2013 11:00:40 AM) (Source: Microsoft-Windows-User Profiles Service)(User: Meiner)
Description: C:\Users\MaikeDas Verzeichnis ist nicht leer.

Error: (07/26/2013 02:10:40 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: Meiner)
Description: allesklar.comAG.meinestadt.de_z8bz7cepm792y!App

Error: (07/26/2013 02:01:55 PM) (Source: Application Hang)(User: )
Description: wwahost.exe6.2.9200.16420133801ce89f7c95fb9974294967295C:\Windows\system32\wwahost.exe260af96b-f5eb-11e2-beb6-74d02b002540microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbweMicrosoft.WindowsLive.Mail

Error: (07/26/2013 02:01:48 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: Meiner)
Description: microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe

Error: (07/26/2013 00:47:55 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1062

Error: (07/26/2013 00:47:55 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1062

Error: (07/26/2013 00:47:55 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/23/2013 08:49:55 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 897203

Error: (07/23/2013 08:49:55 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 897203

Error: (07/23/2013 08:49:55 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


==================== Memory info =========================== 

Percentage of memory in use: 29%
Total physical RAM: 8077.48 MB
Available physical RAM: 5709.03 MB
Total Pagefile: 9293.48 MB
Available Pagefile: 6868.78 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:279.45 GB) (Free:218.04 GB) NTFS (Disk=0 Partition=4) ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:397.87 GB) (Free:397.73 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: C2B20764)

Partition: GPT Partition Type
==================== End Of Log ============================

--- --- ---
ich hoffe das hilft weiter

schrauber · 29.07.2013, 15:16

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

udn ein frisches FRST log bitte.

LH91 · 29.07.2013, 17:50

Hallo schrauber anbei die ergebnisse:
Einmal ein frisches FRST
FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-07-2013
Ran by Lutz (administrator) on 29-07-2013 18:40:49
Running from C:\Users\Lutz\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Intel Corporation) C:\Windows\system32\igfxpers.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [ACMON] - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-09-11] (ASUS)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-03] (NVIDIA Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [37960 2013-05-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-27] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-31] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] - C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [266448 2013-06-21] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll [214448 2013-06-21] (NVIDIA Corporation)
Startup: C:\Users\Lutz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Lutz\AppData\Roaming\Mozilla\Firefox\Profiles\sfie7b8a.default
FF Keyword.URL: hxxp://www.google.de/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Lutz\AppData\Roaming\Mozilla\Firefox\Profiles\sfie7b8a.default\searchplugins\computer-bild-suche.xml
FF Extension: No Name - C:\Users\Lutz\AppData\Roaming\Mozilla\Firefox\Profiles\sfie7b8a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\IPSFFPlgn\
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] C:\Program Files\McAfee\MSK
FF Extension: No Name - C:\Program Files\McAfee\MSK

==================== Services (Whitelisted) =================

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1900728 2013-06-06] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
S2 0052531368808816mcinstcleanup; C:\Windows\TEMP\005253~1.EXE -cleanup -nolog [x]

==================== Drivers (Whitelisted) ====================

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-10-31] (ASUS Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-06-11] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-06-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-06-11] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\IPSDefs\20130726.001\IDSvia64.sys [513184 2013-06-08] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\IPSDefs\20130726.001\IDSvia64.sys [513184 2013-06-08] (Symantec Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130728.020\ENG64.SYS [126040 2013-06-11] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130728.020\ENG64.SYS [126040 2013-06-11] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130728.020\EX64.SYS [2098776 2013-06-11] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130728.020\EX64.SYS [2098776 2013-06-11] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1404000.028\SymELAM.sys [23448 2012-11-15] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
U0 msahci; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-29 17:45 - 2013-07-29 17:45 - 00004373 _____ C:\Users\Lutz\Desktop\JRT.txt
2013-07-29 17:41 - 2013-07-29 17:41 - 00000000 ____D C:\Windows\ERUNT
2013-07-29 17:40 - 2013-07-29 17:40 - 00004568 _____ C:\Users\Lutz\Desktop\AdwCleaner[S1].txt
2013-07-29 17:37 - 2013-07-29 17:37 - 00004568 _____ C:\AdwCleaner[S1].txt
2013-07-29 17:37 - 2013-07-29 17:37 - 00004408 _____ C:\AdwCleaner[R1].txt
2013-07-29 17:24 - 2013-07-29 17:24 - 00666633 _____ C:\Users\Lutz\Desktop\adwcleaner.exe
2013-07-29 17:24 - 2013-07-29 17:24 - 00562353 _____ (Oleg N. Scherbakov) C:\Users\Lutz\Desktop\JRT.exe
2013-07-29 12:42 - 2013-07-29 12:42 - 00000000 ____D C:\FRST
2013-07-29 12:41 - 2013-07-29 12:42 - 01780547 _____ (Farbar) C:\Users\Lutz\Desktop\FRST64.exe
2013-07-27 11:25 - 2013-07-27 11:25 - 00067386 _____ C:\Users\Lutz\Desktop\Extras.Txt
2013-07-27 11:24 - 2013-07-27 11:24 - 00596312 _____ C:\Users\Lutz\Desktop\OTL.Txt
2013-07-27 11:04 - 2013-07-29 14:01 - 00000408 _____ C:\Users\Gast\AppData\Roaming\sp_data.sys
2013-07-27 11:04 - 2013-07-27 11:04 - 00000000 ____D C:\Users\Gast\AppData\Roaming\ASUS WebStorage
2013-07-27 11:04 - 2013-07-27 11:04 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Apple Computer
2013-07-27 11:02 - 2013-07-27 11:03 - 00000000 ____D C:\Users\Gast
2013-07-27 11:02 - 2013-07-27 11:02 - 00000020 ___SH C:\Users\Gast\ntuser.ini
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Vorlagen
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Startmenü
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Netzwerkumgebung
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Lokale Einstellungen
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Eigene Dateien
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Druckumgebung
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Musik
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Bilder
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Verlauf
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Anwendungsdaten
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Anwendungsdaten
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Adobe
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 ____D C:\Users\Gast\AppData\Local\VirtualStore
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 ____D C:\Users\Gast\AppData\Local\Packages
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 ____D C:\Users\Gast\AppData\Local\ASUS
2013-07-27 10:58 - 2013-07-27 10:52 - 00602112 _____ (OldTimer Tools) C:\Users\Lutz\Desktop\OTL.exe
2013-07-27 10:56 - 2013-07-27 10:56 - 00388608 _____ (Trend Micro Inc.) C:\Users\Lutz\Downloads\HijackThis.exe
2013-07-27 10:52 - 2013-07-27 10:52 - 00602112 _____ (OldTimer Tools) C:\Users\Lutz\Downloads\OTL.exe
2013-07-26 22:46 - 2013-07-26 22:46 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2984763435-1055683380-3862706603-1004
2013-07-26 22:37 - 2013-07-27 11:00 - 00000000 ____D C:\Users\Maike
2013-07-26 21:46 - 2013-07-26 21:46 - 00000795 _____ C:\Windows\setupact.log
2013-07-26 21:46 - 2013-07-26 21:46 - 00000000 _____ C:\Windows\setuperr.log
2013-07-26 21:35 - 2013-07-26 21:35 - 00001115 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-26 21:35 - 2013-07-26 21:35 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Malwarebytes
2013-07-26 21:35 - 2013-07-26 21:35 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-26 21:35 - 2013-07-26 21:35 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-26 21:35 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-07-26 21:29 - 2013-07-26 21:35 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Lutz\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-26 15:26 - 2013-07-26 15:43 - 03260909 _____ (Safer-Networking Ltd.                                       ) C:\Users\Lutz\Downloads\spybot-2.1.exe.part
2013-07-26 15:26 - 2013-07-26 15:26 - 00000000 _____ C:\Users\Lutz\Downloads\spybot-2.1.exe
2013-07-25 16:10 - 2013-06-01 13:54 - 00194816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-07-25 16:10 - 2013-06-01 13:54 - 00125184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2013-07-25 16:10 - 2013-06-01 13:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-07-25 16:10 - 2013-06-01 13:33 - 02233600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-25 16:10 - 2013-06-01 13:29 - 00337152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2013-07-25 16:10 - 2013-06-01 13:29 - 00213248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-07-25 16:10 - 2013-06-01 13:26 - 06987008 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-07-25 16:10 - 2013-06-01 13:26 - 00327936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2013-07-25 16:10 - 2013-06-01 12:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-07-25 16:10 - 2013-06-01 11:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-07-25 16:10 - 2013-06-01 11:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2013-07-25 16:10 - 2013-06-01 11:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2013-07-25 16:10 - 2013-06-01 11:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2013-07-25 16:10 - 2013-06-01 11:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2013-07-25 16:10 - 2013-06-01 11:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2013-07-25 16:10 - 2013-06-01 11:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2013-07-25 16:10 - 2013-06-01 11:22 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-07-25 16:10 - 2013-06-01 11:22 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-07-25 16:10 - 2013-06-01 11:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2013-07-25 16:10 - 2013-06-01 11:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe
2013-07-25 16:10 - 2013-06-01 11:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2013-07-25 16:10 - 2013-06-01 11:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2013-07-25 16:10 - 2013-06-01 11:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2013-07-25 16:10 - 2013-06-01 11:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2013-07-25 16:10 - 2013-06-01 11:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2013-07-25 16:10 - 2013-06-01 11:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2013-07-25 16:10 - 2013-06-01 11:19 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2013-07-25 16:10 - 2013-06-01 11:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll
2013-07-25 16:10 - 2013-06-01 05:08 - 00037632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys
2013-07-25 16:10 - 2013-05-25 00:09 - 01403296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2013-07-25 16:10 - 2013-05-25 00:09 - 01271584 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2013-07-25 16:10 - 2013-05-25 00:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2013-07-25 16:10 - 2013-05-25 00:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2013-07-25 16:10 - 2013-05-20 02:08 - 00386642 _____ C:\Windows\system32\ApnDatabase.xml
2013-07-25 16:09 - 2013-06-17 00:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2013-07-25 16:01 - 2013-07-27 12:41 - 00535382 _____ C:\Windows\WindowsUpdate.log
2013-07-24 22:44 - 2013-07-24 22:44 - 00000000 _____ C:\Users\Lutz\Desktop\Neues Textdokument.txt
2013-07-21 18:09 - 2013-07-21 18:09 - 00000000 _____ C:\Windows\SysWOW64\FAPB412.tmp
2013-07-21 18:08 - 2013-07-21 18:08 - 00000000 _____ C:\Windows\SysWOW64\FAPB20C.tmp
2013-07-21 18:08 - 2013-07-21 18:08 - 00000000 _____ C:\Windows\SysWOW64\FAPABB1.tmp
2013-07-21 18:08 - 2013-07-21 18:08 - 00000000 _____ C:\Windows\SysWOW64\FAPA7D7.tmp
2013-07-21 17:54 - 2013-07-21 17:54 - 00000000 _____ C:\Windows\SysWOW64\FAPF6C4.tmp
2013-07-21 17:53 - 2013-07-21 17:53 - 00000000 _____ C:\Windows\SysWOW64\FAPF470.tmp
2013-07-21 17:53 - 2013-07-21 17:53 - 00000000 _____ C:\Windows\SysWOW64\FAPE6F1.tmp
2013-07-21 17:53 - 2013-07-21 17:53 - 00000000 _____ C:\Windows\SysWOW64\FAPE624.tmp
2013-07-21 17:53 - 2013-07-21 17:53 - 00000000 _____ C:\Windows\SysWOW64\FAP70D3.tmp
2013-07-21 17:53 - 2013-07-21 17:53 - 00000000 _____ C:\Windows\SysWOW64\FAP7006.tmp
2013-07-21 17:53 - 2013-07-21 17:53 - 00000000 _____ C:\Windows\SysWOW64\FAP68FF.tmp
2013-07-21 17:53 - 2013-07-21 17:53 - 00000000 _____ C:\Windows\SysWOW64\FAP688F.tmp
2013-07-21 17:51 - 2013-07-21 17:51 - 00000000 _____ C:\Windows\SysWOW64\FAPF54E.tmp
2013-07-21 17:51 - 2013-07-21 17:51 - 00000000 _____ C:\Windows\SysWOW64\FAPF4B0.tmp
2013-07-21 17:51 - 2013-07-21 17:51 - 00000000 _____ C:\Windows\SysWOW64\FAP1E1C.tmp
2013-07-21 17:51 - 2013-07-21 17:51 - 00000000 _____ C:\Windows\SysWOW64\FAP1D7D.tmp
2013-07-21 17:51 - 2013-07-21 17:51 - 00000000 _____ C:\Windows\SysWOW64\FAP14E0.tmp
2013-07-21 17:51 - 2013-07-21 17:51 - 00000000 _____ C:\Windows\SysWOW64\FAP1452.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAPE6DF.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAPE631.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAPD900.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAPD843.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAPD0EE.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAPD050.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAPB3EC.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAPB33E.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAP279A.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAP269E.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAP1E3F.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAP1DC0.tmp
2013-07-21 17:49 - 2013-07-21 17:49 - 00000000 _____ C:\Windows\SysWOW64\FAPADC3.tmp
2013-07-21 17:49 - 2013-07-21 17:49 - 00000000 _____ C:\Windows\SysWOW64\FAPACF6.tmp
2013-07-21 17:49 - 2013-07-21 17:49 - 00000000 _____ C:\Windows\SysWOW64\FAP75C7.tmp
2013-07-21 17:49 - 2013-07-21 17:49 - 00000000 _____ C:\Windows\SysWOW64\FAP74AB.tmp
2013-07-21 17:48 - 2013-07-21 17:48 - 00000000 _____ C:\Windows\SysWOW64\FAPB418.tmp
2013-07-21 17:48 - 2013-07-21 17:48 - 00000000 _____ C:\Windows\SysWOW64\FAPB34B.tmp
2013-07-21 17:48 - 2013-07-21 17:48 - 00000000 _____ C:\Windows\SysWOW64\FAPA928.tmp
2013-07-21 17:48 - 2013-07-21 17:48 - 00000000 _____ C:\Windows\SysWOW64\FAPA8F7.tmp
2013-07-21 17:47 - 2013-07-21 17:47 - 00000000 _____ C:\Windows\SysWOW64\FAPC94B.tmp
2013-07-21 17:47 - 2013-07-21 17:47 - 00000000 _____ C:\Windows\SysWOW64\FAPC82F.tmp
2013-07-21 17:47 - 2013-07-21 17:47 - 00000000 _____ C:\Windows\SysWOW64\FAP57F6.tmp
2013-07-21 17:47 - 2013-07-21 17:47 - 00000000 _____ C:\Windows\SysWOW64\FAP5768.tmp
2013-07-21 17:47 - 2013-07-21 17:47 - 00000000 _____ C:\Windows\SysWOW64\FAP3BB0.tmp
2013-07-21 17:47 - 2013-07-21 17:47 - 00000000 _____ C:\Windows\SysWOW64\FAP3A37.tmp
2013-07-21 17:46 - 2013-07-21 17:46 - 00000000 _____ C:\Windows\SysWOW64\FAPD978.tmp
2013-07-21 17:46 - 2013-07-21 17:46 - 00000000 _____ C:\Windows\SysWOW64\FAPD87C.tmp
2013-07-21 17:46 - 2013-07-21 17:46 - 00000000 _____ C:\Windows\SysWOW64\FAPCF81.tmp
2013-07-21 17:46 - 2013-07-21 17:46 - 00000000 _____ C:\Windows\SysWOW64\FAPCEC4.tmp
2013-07-21 17:46 - 2013-07-21 17:46 - 00000000 _____ C:\Windows\SysWOW64\FAPBCB1.tmp
2013-07-21 17:46 - 2013-07-21 17:46 - 00000000 _____ C:\Windows\SysWOW64\FAPBBF3.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAPFD3A.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAPFB44.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAPF094.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAPECAA.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAPEB7F.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAPA585.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAPA4D7.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAPA12B.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAP9F55.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAP85A0.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAP8512.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAP5FC5.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAP5D90.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAP5BC9.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAP163.tmp
2013-07-21 17:42 - 2013-07-21 17:42 - 00000000 _____ C:\Windows\SysWOW64\FAP9A6F.tmp
2013-07-21 17:42 - 2013-07-21 17:42 - 00000000 _____ C:\Windows\SysWOW64\FAP7C08.tmp
2013-07-21 17:42 - 2013-07-21 17:42 - 00000000 _____ C:\Windows\SysWOW64\FAP756E.tmp
2013-07-21 17:42 - 2013-07-21 17:42 - 00000000 _____ C:\Windows\SysWOW64\FAP7230.tmp
2013-07-21 17:42 - 2013-07-21 17:42 - 00000000 _____ C:\Windows\SysWOW64\FAP70A7.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP78A9.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP721F.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP7114.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP5368.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP5087.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP4FBA.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP258B.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP203A.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP1F9C.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAPFDD9.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAPFCBE.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAPF970.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAPF632.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAPBBE6.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAPBB48.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAP5597.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAP49DD.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAP444D.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAP4370.tmp
2013-07-21 17:39 - 2013-07-21 17:39 - 00000000 _____ C:\Windows\SysWOW64\FAP905A.tmp
2013-07-21 17:39 - 2013-07-21 17:39 - 00000000 _____ C:\Windows\SysWOW64\FAP6D9E.tmp
2013-07-21 17:39 - 2013-07-21 17:39 - 00000000 _____ C:\Windows\SysWOW64\FAP6917.tmp
2013-07-21 17:38 - 2013-07-21 17:38 - 00000000 _____ C:\Windows\SysWOW64\FAPD976.tmp
2013-07-21 17:38 - 2013-07-21 17:38 - 00000000 _____ C:\Windows\SysWOW64\FAPBF83.tmp
2013-07-21 17:38 - 2013-07-21 17:38 - 00000000 _____ C:\Windows\SysWOW64\FAP21DB.tmp
2013-07-21 17:37 - 2013-07-21 17:37 - 00000000 _____ C:\Windows\SysWOW64\FAPEE66.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAPF0FA.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAPEF14.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAPEACC.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAPE7EC.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAPD02C.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAPCEC2.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP9E2B.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP9A8F.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP9916.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP5679.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP5435.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP531A.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP4FAD.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP4913.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP4335.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP42D6.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP411E.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP223A.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP1F79.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP1BFC.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP1B9C.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP190A.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP17C0.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP153D.tmp
2013-07-21 17:35 - 2013-07-21 17:35 - 00000000 _____ C:\Windows\SysWOW64\FAPF959.tmp
2013-07-21 17:34 - 2013-07-21 17:34 - 00000000 _____ C:\Windows\SysWOW64\FAPCBC0.tmp
2013-07-21 17:34 - 2013-07-21 17:34 - 00000000 _____ C:\Windows\SysWOW64\FAPCA37.tmp
2013-07-21 17:34 - 2013-07-21 17:34 - 00000000 _____ C:\Windows\SysWOW64\FAPC767.tmp
2013-07-21 17:34 - 2013-07-21 17:34 - 00000000 _____ C:\Windows\SysWOW64\FAP476C.tmp
2013-07-21 17:34 - 2013-07-21 17:34 - 00000000 _____ C:\Windows\SysWOW64\FAP45F3.tmp
2013-07-21 17:33 - 2013-07-21 17:33 - 00000000 _____ C:\Windows\SysWOW64\FAPCE07.tmp
2013-07-21 17:33 - 2013-07-21 17:33 - 00000000 _____ C:\Windows\SysWOW64\FAP5C6.tmp
2013-07-21 17:33 - 2013-07-21 17:33 - 00000000 _____ C:\Windows\SysWOW64\FAP58BD.tmp
2013-07-21 17:33 - 2013-07-21 17:33 - 00000000 _____ C:\Windows\SysWOW64\FAP57C1.tmp
2013-07-21 17:33 - 2013-07-21 17:33 - 00000000 _____ C:\Windows\SysWOW64\FAP4DA.tmp
2013-07-21 17:33 - 2013-07-21 17:33 - 00000000 _____ C:\Windows\SysWOW64\FAP2A5.tmp
2013-07-21 17:32 - 2013-07-21 17:32 - 00000000 _____ C:\Windows\SysWOW64\FAPF020.tmp
2013-07-21 17:32 - 2013-07-21 17:32 - 00000000 _____ C:\Windows\SysWOW64\FAPEA61.tmp
2013-07-21 17:32 - 2013-07-21 17:32 - 00000000 _____ C:\Windows\SysWOW64\FAPE9E2.tmp
2013-07-21 17:32 - 2013-07-21 17:32 - 00000000 _____ C:\Windows\SysWOW64\FAPD994.tmp
2013-07-21 17:32 - 2013-07-21 17:32 - 00000000 _____ C:\Windows\SysWOW64\FAP72D5.tmp
2013-07-21 17:32 - 2013-07-21 17:32 - 00000000 _____ C:\Windows\SysWOW64\FAP6FA6.tmp
2013-07-21 17:32 - 2013-07-21 17:32 - 00000000 _____ C:\Windows\SysWOW64\FAP6E0E.tmp
2013-07-21 17:32 - 2013-07-21 17:32 - 00000000 _____ C:\Windows\SysWOW64\FAP6AEF.tmp
2013-07-21 17:31 - 2013-07-21 17:31 - 00000000 _____ C:\Windows\SysWOW64\FAPC59D.tmp
2013-07-21 17:31 - 2013-07-21 17:31 - 00000000 _____ C:\Windows\SysWOW64\FAPBFBF.tmp
2013-07-21 17:31 - 2013-07-21 17:31 - 00000000 _____ C:\Windows\SysWOW64\FAPBF4F.tmp
2013-07-21 17:31 - 2013-07-21 17:31 - 00000000 _____ C:\Windows\SysWOW64\FAPB99.tmp
2013-07-21 17:31 - 2013-07-21 17:31 - 00000000 _____ C:\Windows\SysWOW64\FAP7EE.tmp
2013-07-21 17:31 - 2013-07-21 17:31 - 00000000 _____ C:\Windows\SysWOW64\FAP6D16.tmp
2013-07-21 17:31 - 2013-07-21 17:31 - 00000000 _____ C:\Windows\SysWOW64\FAP6C3A.tmp
2013-07-21 17:31 - 2013-07-21 17:31 - 00000000 _____ C:\Windows\SysWOW64\FAP656.tmp
2013-07-21 17:30 - 2013-07-21 17:30 - 00000000 _____ C:\Windows\SysWOW64\FAP7C63.tmp
2013-07-21 17:30 - 2013-07-21 17:30 - 00000000 _____ C:\Windows\SysWOW64\FAP59B6.tmp
2013-07-21 17:30 - 2013-07-21 17:30 - 00000000 _____ C:\Windows\SysWOW64\FAP589B.tmp
2013-07-21 17:30 - 2013-07-21 17:30 - 00000000 _____ C:\Windows\SysWOW64\FAP5463.tmp
2013-07-21 17:30 - 2013-07-21 17:30 - 00000000 _____ C:\Windows\SysWOW64\FAP5163.tmp
2013-07-21 17:30 - 2013-07-21 17:30 - 00000000 _____ C:\Windows\SysWOW64\FAP4163.tmp
2013-07-21 17:30 - 2013-07-21 17:30 - 00000000 _____ C:\Windows\SysWOW64\FAP40F4.tmp
2013-07-21 17:29 - 2013-07-21 17:29 - 00000000 _____ C:\Windows\SysWOW64\FAPF478.tmp
2013-07-21 17:29 - 2013-07-21 17:29 - 00000000 _____ C:\Windows\SysWOW64\FAPEEF8.tmp
2013-07-21 17:29 - 2013-07-21 17:29 - 00000000 _____ C:\Windows\SysWOW64\FAPEE79.tmp
2013-07-18 16:18 - 2013-07-26 22:34 - 00001914 _____ C:\Windows\PFRO.log
2013-07-15 23:34 - 2013-07-15 23:34 - 01067456 _____ (Solid State Networks) C:\Users\Lutz\Downloads\install_flashplayer11x32au_mssd_aaa_aih(1).exe
2013-07-15 17:01 - 2013-07-15 17:01 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Thunderbird
2013-07-15 17:01 - 2013-07-15 17:01 - 00000000 ____D C:\Users\Lutz\AppData\Local\Thunderbird
2013-07-15 16:58 - 2013-07-15 16:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-07-15 16:46 - 2013-07-15 16:48 - 19678576 _____ (Mozilla) C:\Users\Lutz\Downloads\Thunderbird_Setup_17.0.7.exe
2013-07-13 18:47 - 2013-07-13 18:47 - 00421880 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-13 16:34 - 2013-07-26 22:33 - 00000000 ____D C:\Users\Lutz\Downloads\Setup
2013-07-12 15:23 - 2013-05-31 01:14 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-12 15:19 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-12 15:19 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-12 15:19 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-12 15:19 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-12 15:19 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-12 15:19 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-12 15:19 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-12 15:19 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-12 15:19 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-12 15:19 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-12 15:19 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-12 15:19 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-12 15:19 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-12 15:19 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-12 15:19 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-12 15:19 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-12 15:19 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-12 14:57 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-12 14:57 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-12 14:55 - 2013-06-01 11:25 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-12 14:55 - 2013-06-01 11:21 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 20:23 - 2013-07-11 20:23 - 00000000 ____D C:\Windows\SysWOW64\Hotspot Shield
2013-07-11 14:45 - 2013-05-16 00:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2013-07-11 14:45 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-11 14:45 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-02 15:51 - 2013-07-02 15:51 - 00000000 ____D C:\Windows\SysWOW64\NV
2013-07-02 15:51 - 2013-07-02 15:51 - 00000000 ____D C:\Windows\system32\NV
2013-07-02 00:38 - 2013-07-02 00:38 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-02 00:35 - 2013-06-21 14:06 - 27781920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 15920536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 15144928 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 13411896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 11235104 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-07-02 00:35 - 2013-06-21 14:06 - 09239344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 02953504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 00572704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 00570656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 00467232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 00465184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 00218592 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 00181488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 00030496 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys

==================== One Month Modified Files and Folders =======

2013-07-29 18:02 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-07-29 17:48 - 2013-05-16 17:54 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-29 17:45 - 2013-07-29 17:45 - 00004373 _____ C:\Users\Lutz\Desktop\JRT.txt
2013-07-29 17:41 - 2013-07-29 17:41 - 00000000 ____D C:\Windows\ERUNT
2013-07-29 17:40 - 2013-07-29 17:40 - 00004568 _____ C:\Users\Lutz\Desktop\AdwCleaner[S1].txt
2013-07-29 17:39 - 2013-05-16 15:24 - 00000507 _____ C:\Users\Lutz\AppData\Roaming\sp_data.sys
2013-07-29 17:38 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-29 17:38 - 2012-07-26 07:26 - 00524288 ___SH C:\Windows\system32\config\BBI
2013-07-29 17:37 - 2013-07-29 17:37 - 00004568 _____ C:\AdwCleaner[S1].txt
2013-07-29 17:37 - 2013-07-29 17:37 - 00004408 _____ C:\AdwCleaner[R1].txt
2013-07-29 17:24 - 2013-07-29 17:24 - 00666633 _____ C:\Users\Lutz\Desktop\adwcleaner.exe
2013-07-29 17:24 - 2013-07-29 17:24 - 00562353 _____ (Oleg N. Scherbakov) C:\Users\Lutz\Desktop\JRT.exe
2013-07-29 14:01 - 2013-07-27 11:04 - 00000408 _____ C:\Users\Gast\AppData\Roaming\sp_data.sys
2013-07-29 12:42 - 2013-07-29 12:42 - 00000000 ____D C:\FRST
2013-07-29 12:42 - 2013-07-29 12:41 - 01780547 _____ (Farbar) C:\Users\Lutz\Desktop\FRST64.exe
2013-07-28 16:15 - 2013-05-23 15:51 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-07-27 12:41 - 2013-07-25 16:01 - 00535382 _____ C:\Windows\WindowsUpdate.log
2013-07-27 11:25 - 2013-07-27 11:25 - 00067386 _____ C:\Users\Lutz\Desktop\Extras.Txt
2013-07-27 11:24 - 2013-07-27 11:24 - 00596312 _____ C:\Users\Lutz\Desktop\OTL.Txt
2013-07-27 11:04 - 2013-07-27 11:04 - 00000000 ____D C:\Users\Gast\AppData\Roaming\ASUS WebStorage
2013-07-27 11:04 - 2013-07-27 11:04 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Apple Computer
2013-07-27 11:03 - 2013-07-27 11:02 - 00000000 ____D C:\Users\Gast
2013-07-27 11:02 - 2013-07-27 11:02 - 00000020 ___SH C:\Users\Gast\ntuser.ini
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Vorlagen
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Startmenü
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Netzwerkumgebung
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Lokale Einstellungen
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Eigene Dateien
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Druckumgebung
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Musik
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Bilder
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Verlauf
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Anwendungsdaten
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Anwendungsdaten
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Adobe
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 ____D C:\Users\Gast\AppData\Local\VirtualStore
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 ____D C:\Users\Gast\AppData\Local\Packages
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 ____D C:\Users\Gast\AppData\Local\ASUS
2013-07-27 11:00 - 2013-07-26 22:37 - 00000000 ____D C:\Users\Maike
2013-07-27 11:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-07-27 10:57 - 2013-05-16 15:21 - 00000000 ____D C:\Users\Lutz\AppData\Local\VirtualStore
2013-07-27 10:56 - 2013-07-27 10:56 - 00388608 _____ (Trend Micro Inc.) C:\Users\Lutz\Downloads\HijackThis.exe
2013-07-27 10:52 - 2013-07-27 10:58 - 00602112 _____ (OldTimer Tools) C:\Users\Lutz\Desktop\OTL.exe
2013-07-27 10:52 - 2013-07-27 10:52 - 00602112 _____ (OldTimer Tools) C:\Users\Lutz\Downloads\OTL.exe
2013-07-26 22:46 - 2013-07-26 22:46 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2984763435-1055683380-3862706603-1004
2013-07-26 22:34 - 2013-07-18 16:18 - 00001914 _____ C:\Windows\PFRO.log
2013-07-26 22:33 - 2013-07-13 16:34 - 00000000 ____D C:\Users\Lutz\Downloads\Setup
2013-07-26 21:50 - 2012-08-03 01:02 - 00753134 _____ C:\Windows\system32\perfh007.dat
2013-07-26 21:50 - 2012-08-03 01:02 - 00155826 _____ C:\Windows\system32\perfc007.dat
2013-07-26 21:50 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-26 21:46 - 2013-07-26 21:46 - 00000795 _____ C:\Windows\setupact.log
2013-07-26 21:46 - 2013-07-26 21:46 - 00000000 _____ C:\Windows\setuperr.log
2013-07-26 21:35 - 2013-07-26 21:35 - 00001115 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-26 21:35 - 2013-07-26 21:35 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Malwarebytes
2013-07-26 21:35 - 2013-07-26 21:35 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-26 21:35 - 2013-07-26 21:35 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-26 21:35 - 2013-07-26 21:29 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Lutz\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-26 15:43 - 2013-07-26 15:26 - 03260909 _____ (Safer-Networking Ltd.                                       ) C:\Users\Lutz\Downloads\spybot-2.1.exe.part
2013-07-26 15:26 - 2013-07-26 15:26 - 00000000 _____ C:\Users\Lutz\Downloads\spybot-2.1.exe
2013-07-26 13:56 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-07-24 22:44 - 2013-07-24 22:44 - 00000000 _____ C:\Users\Lutz\Desktop\Neues Textdokument.txt
2013-07-21 18:09 - 2013-07-21 18:09 - 00000000 _____ C:\Windows\SysWOW64\FAPB412.tmp
2013-07-21 18:08 - 2013-07-21 18:08 - 00000000 _____ C:\Windows\SysWOW64\FAPB20C.tmp
2013-07-21 18:08 - 2013-07-21 18:08 - 00000000 _____ C:\Windows\SysWOW64\FAPABB1.tmp
2013-07-21 18:08 - 2013-07-21 18:08 - 00000000 _____ C:\Windows\SysWOW64\FAPA7D7.tmp
2013-07-21 17:54 - 2013-07-21 17:54 - 00000000 _____ C:\Windows\SysWOW64\FAPF6C4.tmp
2013-07-21 17:53 - 2013-07-21 17:53 - 00000000 _____ C:\Windows\SysWOW64\FAPF470.tmp
2013-07-21 17:53 - 2013-07-21 17:53 - 00000000 _____ C:\Windows\SysWOW64\FAPE6F1.tmp
2013-07-21 17:53 - 2013-07-21 17:53 - 00000000 _____ C:\Windows\SysWOW64\FAPE624.tmp
2013-07-21 17:53 - 2013-07-21 17:53 - 00000000 _____ C:\Windows\SysWOW64\FAP70D3.tmp
2013-07-21 17:53 - 2013-07-21 17:53 - 00000000 _____ C:\Windows\SysWOW64\FAP7006.tmp
2013-07-21 17:53 - 2013-07-21 17:53 - 00000000 _____ C:\Windows\SysWOW64\FAP68FF.tmp
2013-07-21 17:53 - 2013-07-21 17:53 - 00000000 _____ C:\Windows\SysWOW64\FAP688F.tmp
2013-07-21 17:51 - 2013-07-21 17:51 - 00000000 _____ C:\Windows\SysWOW64\FAPF54E.tmp
2013-07-21 17:51 - 2013-07-21 17:51 - 00000000 _____ C:\Windows\SysWOW64\FAPF4B0.tmp
2013-07-21 17:51 - 2013-07-21 17:51 - 00000000 _____ C:\Windows\SysWOW64\FAP1E1C.tmp
2013-07-21 17:51 - 2013-07-21 17:51 - 00000000 _____ C:\Windows\SysWOW64\FAP1D7D.tmp
2013-07-21 17:51 - 2013-07-21 17:51 - 00000000 _____ C:\Windows\SysWOW64\FAP14E0.tmp
2013-07-21 17:51 - 2013-07-21 17:51 - 00000000 _____ C:\Windows\SysWOW64\FAP1452.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAPE6DF.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAPE631.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAPD900.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAPD843.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAPD0EE.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAPD050.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAPB3EC.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAPB33E.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAP279A.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAP269E.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAP1E3F.tmp
2013-07-21 17:50 - 2013-07-21 17:50 - 00000000 _____ C:\Windows\SysWOW64\FAP1DC0.tmp
2013-07-21 17:49 - 2013-07-21 17:49 - 00000000 _____ C:\Windows\SysWOW64\FAPADC3.tmp
2013-07-21 17:49 - 2013-07-21 17:49 - 00000000 _____ C:\Windows\SysWOW64\FAPACF6.tmp
2013-07-21 17:49 - 2013-07-21 17:49 - 00000000 _____ C:\Windows\SysWOW64\FAP75C7.tmp
2013-07-21 17:49 - 2013-07-21 17:49 - 00000000 _____ C:\Windows\SysWOW64\FAP74AB.tmp
2013-07-21 17:48 - 2013-07-21 17:48 - 00000000 _____ C:\Windows\SysWOW64\FAPB418.tmp
2013-07-21 17:48 - 2013-07-21 17:48 - 00000000 _____ C:\Windows\SysWOW64\FAPB34B.tmp
2013-07-21 17:48 - 2013-07-21 17:48 - 00000000 _____ C:\Windows\SysWOW64\FAPA928.tmp
2013-07-21 17:48 - 2013-07-21 17:48 - 00000000 _____ C:\Windows\SysWOW64\FAPA8F7.tmp
2013-07-21 17:47 - 2013-07-21 17:47 - 00000000 _____ C:\Windows\SysWOW64\FAPC94B.tmp
2013-07-21 17:47 - 2013-07-21 17:47 - 00000000 _____ C:\Windows\SysWOW64\FAPC82F.tmp
2013-07-21 17:47 - 2013-07-21 17:47 - 00000000 _____ C:\Windows\SysWOW64\FAP57F6.tmp
2013-07-21 17:47 - 2013-07-21 17:47 - 00000000 _____ C:\Windows\SysWOW64\FAP5768.tmp
2013-07-21 17:47 - 2013-07-21 17:47 - 00000000 _____ C:\Windows\SysWOW64\FAP3BB0.tmp
2013-07-21 17:47 - 2013-07-21 17:47 - 00000000 _____ C:\Windows\SysWOW64\FAP3A37.tmp
2013-07-21 17:46 - 2013-07-21 17:46 - 00000000 _____ C:\Windows\SysWOW64\FAPD978.tmp
2013-07-21 17:46 - 2013-07-21 17:46 - 00000000 _____ C:\Windows\SysWOW64\FAPD87C.tmp
2013-07-21 17:46 - 2013-07-21 17:46 - 00000000 _____ C:\Windows\SysWOW64\FAPCF81.tmp
2013-07-21 17:46 - 2013-07-21 17:46 - 00000000 _____ C:\Windows\SysWOW64\FAPCEC4.tmp
2013-07-21 17:46 - 2013-07-21 17:46 - 00000000 _____ C:\Windows\SysWOW64\FAPBCB1.tmp
2013-07-21 17:46 - 2013-07-21 17:46 - 00000000 _____ C:\Windows\SysWOW64\FAPBBF3.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAPFD3A.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAPFB44.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAPF094.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAPECAA.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAPEB7F.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAPA585.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAPA4D7.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAPA12B.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAP9F55.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAP85A0.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAP8512.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAP5FC5.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAP5D90.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAP5BC9.tmp
2013-07-21 17:43 - 2013-07-21 17:43 - 00000000 _____ C:\Windows\SysWOW64\FAP163.tmp
2013-07-21 17:42 - 2013-07-21 17:42 - 00000000 _____ C:\Windows\SysWOW64\FAP9A6F.tmp
2013-07-21 17:42 - 2013-07-21 17:42 - 00000000 _____ C:\Windows\SysWOW64\FAP7C08.tmp
2013-07-21 17:42 - 2013-07-21 17:42 - 00000000 _____ C:\Windows\SysWOW64\FAP756E.tmp
2013-07-21 17:42 - 2013-07-21 17:42 - 00000000 _____ C:\Windows\SysWOW64\FAP7230.tmp
2013-07-21 17:42 - 2013-07-21 17:42 - 00000000 _____ C:\Windows\SysWOW64\FAP70A7.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP78A9.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP721F.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP7114.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP5368.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP5087.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP4FBA.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP258B.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP203A.tmp
2013-07-21 17:41 - 2013-07-21 17:41 - 00000000 _____ C:\Windows\SysWOW64\FAP1F9C.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAPFDD9.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAPFCBE.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAPF970.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAPF632.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAPBBE6.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAPBB48.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAP5597.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAP49DD.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAP444D.tmp
2013-07-21 17:40 - 2013-07-21 17:40 - 00000000 _____ C:\Windows\SysWOW64\FAP4370.tmp
2013-07-21 17:39 - 2013-07-21 17:39 - 00000000 _____ C:\Windows\SysWOW64\FAP905A.tmp
2013-07-21 17:39 - 2013-07-21 17:39 - 00000000 _____ C:\Windows\SysWOW64\FAP6D9E.tmp
2013-07-21 17:39 - 2013-07-21 17:39 - 00000000 _____ C:\Windows\SysWOW64\FAP6917.tmp
2013-07-21 17:38 - 2013-07-21 17:38 - 00000000 _____ C:\Windows\SysWOW64\FAPD976.tmp
2013-07-21 17:38 - 2013-07-21 17:38 - 00000000 _____ C:\Windows\SysWOW64\FAPBF83.tmp
2013-07-21 17:38 - 2013-07-21 17:38 - 00000000 _____ C:\Windows\SysWOW64\FAP21DB.tmp
2013-07-21 17:37 - 2013-07-21 17:37 - 00000000 _____ C:\Windows\SysWOW64\FAPEE66.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAPF0FA.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAPEF14.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAPEACC.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAPE7EC.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAPD02C.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAPCEC2.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP9E2B.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP9A8F.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP9916.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP5679.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP5435.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP531A.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP4FAD.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP4913.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP4335.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP42D6.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP411E.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP223A.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP1F79.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP1BFC.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP1B9C.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP190A.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP17C0.tmp
2013-07-21 17:36 - 2013-07-21 17:36 - 00000000 _____ C:\Windows\SysWOW64\FAP153D.tmp
2013-07-21 17:35 - 2013-07-21 17:35 - 00000000 _____ C:\Windows\SysWOW64\FAPF959.tmp
2013-07-21 17:34 - 2013-07-21 17:34 - 00000000 _____ C:\Windows\SysWOW64\FAPCBC0.tmp
2013-07-21 17:34 - 2013-07-21 17:34 - 00000000 _____ C:\Windows\SysWOW64\FAPCA37.tmp
2013-07-21 17:34 - 2013-07-21 17:34 - 00000000 _____ C:\Windows\SysWOW64\FAPC767.tmp
2013-07-21 17:34 - 2013-07-21 17:34 - 00000000 _____ C:\Windows\SysWOW64\FAP476C.tmp
2013-07-21 17:34 - 2013-07-21 17:34 - 00000000 _____ C:\Windows\SysWOW64\FAP45F3.tmp
2013-07-21 17:33 - 2013-07-21 17:33 - 00000000 _____ C:\Windows\SysWOW64\FAPCE07.tmp
2013-07-21 17:33 - 2013-07-21 17:33 - 00000000 _____ C:\Windows\SysWOW64\FAP5C6.tmp
2013-07-21 17:33 - 2013-07-21 17:33 - 00000000 _____ C:\Windows\SysWOW64\FAP58BD.tmp
2013-07-21 17:33 - 2013-07-21 17:33 - 00000000 _____ C:\Windows\SysWOW64\FAP57C1.tmp
2013-07-21 17:33 - 2013-07-21 17:33 - 00000000 _____ C:\Windows\SysWOW64\FAP4DA.tmp
2013-07-21 17:33 - 2013-07-21 17:33 - 00000000 _____ C:\Windows\SysWOW64\FAP2A5.tmp
2013-07-21 17:32 - 2013-07-21 17:32 - 00000000 _____ C:\Windows\SysWOW64\FAPF020.tmp
2013-07-21 17:32 - 2013-07-21 17:32 - 00000000 _____ C:\Windows\SysWOW64\FAPEA61.tmp
2013-07-21 17:32 - 2013-07-21 17:32 - 00000000 _____ C:\Windows\SysWOW64\FAPE9E2.tmp
2013-07-21 17:32 - 2013-07-21 17:32 - 00000000 _____ C:\Windows\SysWOW64\FAPD994.tmp
2013-07-21 17:32 - 2013-07-21 17:32 - 00000000 _____ C:\Windows\SysWOW64\FAP72D5.tmp
2013-07-21 17:32 - 2013-07-21 17:32 - 00000000 _____ C:\Windows\SysWOW64\FAP6FA6.tmp
2013-07-21 17:32 - 2013-07-21 17:32 - 00000000 _____ C:\Windows\SysWOW64\FAP6E0E.tmp
2013-07-21 17:32 - 2013-07-21 17:32 - 00000000 _____ C:\Windows\SysWOW64\FAP6AEF.tmp
2013-07-21 17:31 - 2013-07-21 17:31 - 00000000 _____ C:\Windows\SysWOW64\FAPC59D.tmp
2013-07-21 17:31 - 2013-07-21 17:31 - 00000000 _____ C:\Windows\SysWOW64\FAPBFBF.tmp
2013-07-21 17:31 - 2013-07-21 17:31 - 00000000 _____ C:\Windows\SysWOW64\FAPBF4F.tmp
2013-07-21 17:31 - 2013-07-21 17:31 - 00000000 _____ C:\Windows\SysWOW64\FAPB99.tmp
2013-07-21 17:31 - 2013-07-21 17:31 - 00000000 _____ C:\Windows\SysWOW64\FAP7EE.tmp
2013-07-21 17:31 - 2013-07-21 17:31 - 00000000 _____ C:\Windows\SysWOW64\FAP6D16.tmp
2013-07-21 17:31 - 2013-07-21 17:31 - 00000000 _____ C:\Windows\SysWOW64\FAP6C3A.tmp
2013-07-21 17:31 - 2013-07-21 17:31 - 00000000 _____ C:\Windows\SysWOW64\FAP656.tmp
2013-07-21 17:30 - 2013-07-21 17:30 - 00000000 _____ C:\Windows\SysWOW64\FAP7C63.tmp
2013-07-21 17:30 - 2013-07-21 17:30 - 00000000 _____ C:\Windows\SysWOW64\FAP59B6.tmp
2013-07-21 17:30 - 2013-07-21 17:30 - 00000000 _____ C:\Windows\SysWOW64\FAP589B.tmp
2013-07-21 17:30 - 2013-07-21 17:30 - 00000000 _____ C:\Windows\SysWOW64\FAP5463.tmp
2013-07-21 17:30 - 2013-07-21 17:30 - 00000000 _____ C:\Windows\SysWOW64\FAP5163.tmp
2013-07-21 17:30 - 2013-07-21 17:30 - 00000000 _____ C:\Windows\SysWOW64\FAP4163.tmp
2013-07-21 17:30 - 2013-07-21 17:30 - 00000000 _____ C:\Windows\SysWOW64\FAP40F4.tmp
2013-07-21 17:29 - 2013-07-21 17:29 - 00000000 _____ C:\Windows\SysWOW64\FAPF478.tmp
2013-07-21 17:29 - 2013-07-21 17:29 - 00000000 _____ C:\Windows\SysWOW64\FAPEEF8.tmp
2013-07-21 17:29 - 2013-07-21 17:29 - 00000000 _____ C:\Windows\SysWOW64\FAPEE79.tmp
2013-07-20 14:00 - 2013-05-16 15:31 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2984763435-1055683380-3862706603-1002
2013-07-15 23:37 - 2013-05-16 17:20 - 00000000 ____D C:\Users\Lutz\AppData\Local\Adobe
2013-07-15 23:36 - 2013-05-16 17:54 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-15 23:34 - 2013-07-15 23:34 - 01067456 _____ (Solid State Networks) C:\Users\Lutz\Downloads\install_flashplayer11x32au_mssd_aaa_aih(1).exe
2013-07-15 21:54 - 2013-05-16 16:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-15 17:01 - 2013-07-15 17:01 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Thunderbird
2013-07-15 17:01 - 2013-07-15 17:01 - 00000000 ____D C:\Users\Lutz\AppData\Local\Thunderbird
2013-07-15 16:58 - 2013-07-15 16:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-07-15 16:48 - 2013-07-15 16:46 - 19678576 _____ (Mozilla) C:\Users\Lutz\Downloads\Thunderbird_Setup_17.0.7.exe
2013-07-14 15:22 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-07-13 18:47 - 2013-07-13 18:47 - 00421880 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-13 13:01 - 2012-07-26 11:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-12 15:20 - 2013-05-17 16:38 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-11 20:23 - 2013-07-11 20:23 - 00000000 ____D C:\Windows\SysWOW64\Hotspot Shield
2013-07-11 20:23 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2013-07-05 13:48 - 2013-05-16 15:39 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-07-04 22:49 - 2013-06-27 22:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-02 15:51 - 2013-07-02 15:51 - 00000000 ____D C:\Windows\SysWOW64\NV
2013-07-02 15:51 - 2013-07-02 15:51 - 00000000 ____D C:\Windows\system32\NV
2013-07-02 00:38 - 2013-07-02 00:38 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-02 00:38 - 2012-12-28 18:23 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-02 00:38 - 2012-12-28 18:22 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-01 15:27 - 2013-05-16 15:21 - 00000000 ____D C:\Users\Lutz\AppData\Local\Packages
2013-07-01 01:05 - 2013-06-17 15:10 - 00000000 ____D C:\Users\Lutz\AppData\Local\CrashDumps

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-21 13:38

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

Dann gibt es jetzt die Auswertung von Adwcleaner:AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v2.306 - Datei am 29/07/2013 um 17:37:35 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzer : Lutz - MEINER
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Lutz\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Windows\Tasks\DSite.job
Datei Gelöscht : C:\Windows\tasks\Plus-HD-2.6-codedownloader.job
Datei Gelöscht : C:\Windows\tasks\Plus-HD-2.6-enabler.job
Datei Gelöscht : C:\Windows\tasks\Plus-HD-2.6-firefoxinstaller.job
Datei Gelöscht : C:\Windows\tasks\Plus-HD-2.6-updater.job
Ordner Gelöscht : C:\Program Files (x86)\Plus-HD-2.6
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Users\Lutz\AppData\Roaming\DSite
Ordner Gelöscht : C:\Users\Lutz\AppData\Roaming\dvdvideosoftiehelpers

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311341140}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0033440.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0033440.BHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0033440.Sandbox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0033440.Sandbox.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344344440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110311341140}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220322342240}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{55555555-5555-5555-5555-550355345540}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66666666-6666-6666-6666-660366346640}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311341140}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355345540}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366346640}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : HKLM\SOFTWARE\Tarma Installer

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v22.0 (de)

Datei : C:\Users\Lutz\AppData\Roaming\Mozilla\Firefox\Profiles\sfie7b8a.default\prefs.js

C:\Users\Lutz\AppData\Roaming\Mozilla\Firefox\Profiles\sfie7b8a.default\user.js ... Gelöscht !

Gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.3344[...]
Gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.3344[...]
Gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.3344[...]
Gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.3344[...]
Gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.3344[...]
Gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.3344[...]
Gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.3344[...]
Gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.3344[...]

*************************

AdwCleaner[R1].txt - [4408 octets] - [29/07/2013 17:37:18]
AdwCleaner[S1].txt - [4449 octets] - [29/07/2013 17:37:35]

########## EOF - C:\AdwCleaner[S1].txt - [4509 octets] ##########

--- --- ---

und zu guter letzt die Ergebnisse von Junkware Removal:JRT Logfile:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.7 (07.29.2013:1)
OS: Windows 8 x64
Ran by Lutz on 29.07.2013 at 17:41:04,56
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\clsid\{fb684d26-01f4-4d9d-87cb-f486beba56dc}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\clsid\{fb684d26-01f4-4d9d-87cb-f486beba56dc}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\anchorfree



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [Folder] C:\Users\Lutz\AppData\Roaming\mozilla\firefox\profiles\sfie7b8a.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com
Successfully deleted the following from C:\Users\Lutz\AppData\Roaming\mozilla\firefox\profiles\sfie7b8a.default\prefs.js

user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.backgroundjs", "\n\n/****************************************************
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.cache/530e52021dc20843b1aa62957edeb9f8.value", "%22var%20adsDe
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.js", "\n\n  /************************************************************
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_102.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_119.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_120.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_123.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_138.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_14.name", "CrossriderUtils");
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],regi
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){va
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.res
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_78.name", "CrossriderInfo");
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_87.code", "var CROSSRIDER_PLATFORM=true;var JQ=bbrsJQ=$jqu
user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.plugins.plugin_92.code", "if(typeof appAPI.internal.monetization===\"unde
user_pref("extensions.crossrider.bic", "13f49aba76437eac71ef58ed0da364e4");
Emptied folder: C:\Users\Lutz\AppData\Roaming\mozilla\firefox\profiles\sfie7b8a.default\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29.07.2013 at 17:45:41,18
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

--- --- ---

ich hoffe das hilft weiter bei der Problembewältigung

schrauber · 29.07.2013, 19:56

Schon besser

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? Passwort vom Email Account auf jeden Fall ändern.

LH91 · 30.07.2013, 14:15

Hallo schrauber, TFC habe ich durchlaufen lassen und er hat ca 14.000 dateien runtergeworfen. Nun die ergebnisse:
zu Eset Smartinstaller:
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetesets_scanner_update returned -1 esets_gle=12
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=96eafbed141a9e48898ae511984b00da
# engine=14584
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-07-30 12:36:20
# local_time=2013-07-30 02:36:20 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=3592 16777213 100 91 1474383 125850276 0 0
# compatibility_mode=5122 16777214 0 9 5956715 34679490 0 0
# compatibility_mode=5893 16776574 100 94 5956972 34693891 0 0
# scanned=183553
# found=0
# cleaned=0
# scan_time=3680

und zu Security Check
Results of screen317's Security Check version 0.99.71
x64 (UAC is enabled)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
Windows Defender
Norton 360
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware Version 1.75.0.1300
Adobe Flash Player 11.8.800.94
Adobe Reader 10.1.7 Adobe Reader out of Date!
Mozilla Firefox (22.0)
Mozilla Thunderbird (17.0.7)
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````

zu guter letzt ein neues FRST
FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-07-2013
Ran by Lutz (administrator) on 30-07-2013 15:14:20
Running from C:\Users\Lutz\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\system32\igfxpers.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Users\Lutz\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [ACMON] - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-09-11] (ASUS)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-03] (NVIDIA Corporation)
HKCU\...\RunOnce: [Uninstall C:\Users\Lutz\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] - C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lutz\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" [404992 2012-07-26] (Microsoft Corporation)
HKCU\...\RunOnce: [Uninstall C:\Users\Lutz\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] - C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lutz\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910" [404992 2012-07-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [37960 2013-05-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-27] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-31] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] - C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [266448 2013-06-21] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll [214448 2013-06-21] (NVIDIA Corporation)
Startup: C:\Users\Lutz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Lutz\AppData\Roaming\Mozilla\Firefox\Profiles\sfie7b8a.default
FF Keyword.URL: hxxp://www.google.de/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Lutz\AppData\Roaming\Mozilla\Firefox\Profiles\sfie7b8a.default\searchplugins\computer-bild-suche.xml
FF Extension: No Name - C:\Users\Lutz\AppData\Roaming\Mozilla\Firefox\Profiles\sfie7b8a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\IPSFFPlgn\
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] C:\Program Files\McAfee\MSK
FF Extension: No Name - C:\Program Files\McAfee\MSK

==================== Services (Whitelisted) =================

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1900728 2013-06-06] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
S2 0052531368808816mcinstcleanup; C:\Windows\TEMP\005253~1.EXE -cleanup -nolog [x]

==================== Drivers (Whitelisted) ====================

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-10-31] (ASUS Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-06-11] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-06-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-06-11] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\IPSDefs\20130727.001\IDSvia64.sys [513184 2013-06-08] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\IPSDefs\20130727.001\IDSvia64.sys [513184 2013-06-08] (Symantec Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130729.019\ENG64.SYS [126040 2013-06-11] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130729.019\ENG64.SYS [126040 2013-06-11] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130729.019\EX64.SYS [2098776 2013-06-11] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130729.019\EX64.SYS [2098776 2013-06-11] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1404000.028\SymELAM.sys [23448 2012-11-15] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
U0 msahci; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-30 13:29 - 2013-07-30 13:29 - 00000000 ____D C:\Program Files (x86)\ESET
2013-07-30 13:25 - 2013-07-30 13:25 - 00891098 _____ C:\Users\Lutz\Desktop\SecurityCheck.exe
2013-07-30 13:24 - 2013-07-30 13:24 - 02347384 _____ (ESET) C:\Users\Lutz\Desktop\esetsmartinstaller_enu.exe
2013-07-30 13:24 - 2013-07-30 13:24 - 00448512 _____ (OldTimer Tools) C:\Users\Lutz\Desktop\TFC.exe
2013-07-29 17:41 - 2013-07-29 17:41 - 00000000 ____D C:\Windows\ERUNT
2013-07-29 17:37 - 2013-07-29 17:37 - 00004568 _____ C:\AdwCleaner[S1].txt
2013-07-29 17:37 - 2013-07-29 17:37 - 00004408 _____ C:\AdwCleaner[R1].txt
2013-07-29 17:24 - 2013-07-29 17:24 - 00666633 _____ C:\Users\Lutz\Desktop\adwcleaner.exe
2013-07-29 17:24 - 2013-07-29 17:24 - 00562353 _____ (Oleg N. Scherbakov) C:\Users\Lutz\Desktop\JRT.exe
2013-07-29 12:42 - 2013-07-29 12:42 - 00000000 ____D C:\FRST
2013-07-29 12:41 - 2013-07-29 12:42 - 01780547 _____ (Farbar) C:\Users\Lutz\Desktop\FRST64.exe
2013-07-27 11:04 - 2013-07-29 14:01 - 00000408 _____ C:\Users\Gast\AppData\Roaming\sp_data.sys
2013-07-27 11:04 - 2013-07-27 11:04 - 00000000 ____D C:\Users\Gast\AppData\Roaming\ASUS WebStorage
2013-07-27 11:04 - 2013-07-27 11:04 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Apple Computer
2013-07-27 11:02 - 2013-07-27 11:03 - 00000000 ____D C:\Users\Gast
2013-07-27 11:02 - 2013-07-27 11:02 - 00000020 ___SH C:\Users\Gast\ntuser.ini
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Vorlagen
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Startmenü
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Netzwerkumgebung
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Lokale Einstellungen
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Eigene Dateien
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Druckumgebung
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Musik
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Bilder
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Verlauf
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Anwendungsdaten
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Anwendungsdaten
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Adobe
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 ____D C:\Users\Gast\AppData\Local\VirtualStore
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 ____D C:\Users\Gast\AppData\Local\Packages
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 ____D C:\Users\Gast\AppData\Local\ASUS
2013-07-27 10:58 - 2013-07-27 10:52 - 00602112 _____ (OldTimer Tools) C:\Users\Lutz\Desktop\OTL.exe
2013-07-27 10:56 - 2013-07-27 10:56 - 00388608 _____ (Trend Micro Inc.) C:\Users\Lutz\Downloads\HijackThis.exe
2013-07-27 10:52 - 2013-07-27 10:52 - 00602112 _____ (OldTimer Tools) C:\Users\Lutz\Downloads\OTL.exe
2013-07-26 22:46 - 2013-07-26 22:46 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2984763435-1055683380-3862706603-1004
2013-07-26 22:37 - 2013-07-27 11:00 - 00000000 ____D C:\Users\Maike
2013-07-26 21:46 - 2013-07-26 21:46 - 00000795 _____ C:\Windows\setupact.log
2013-07-26 21:46 - 2013-07-26 21:46 - 00000000 _____ C:\Windows\setuperr.log
2013-07-26 21:35 - 2013-07-26 21:35 - 00001115 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-26 21:35 - 2013-07-26 21:35 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Malwarebytes
2013-07-26 21:35 - 2013-07-26 21:35 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-26 21:35 - 2013-07-26 21:35 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-26 21:35 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-07-26 21:29 - 2013-07-26 21:35 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Lutz\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-26 15:26 - 2013-07-26 15:43 - 03260909 _____ (Safer-Networking Ltd.                                       ) C:\Users\Lutz\Downloads\spybot-2.1.exe.part
2013-07-26 15:26 - 2013-07-26 15:26 - 00000000 _____ C:\Users\Lutz\Downloads\spybot-2.1.exe
2013-07-25 16:10 - 2013-06-01 13:54 - 00194816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-07-25 16:10 - 2013-06-01 13:54 - 00125184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2013-07-25 16:10 - 2013-06-01 13:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-07-25 16:10 - 2013-06-01 13:33 - 02233600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-25 16:10 - 2013-06-01 13:29 - 00337152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2013-07-25 16:10 - 2013-06-01 13:29 - 00213248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-07-25 16:10 - 2013-06-01 13:26 - 06987008 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-07-25 16:10 - 2013-06-01 13:26 - 00327936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2013-07-25 16:10 - 2013-06-01 12:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-07-25 16:10 - 2013-06-01 11:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-07-25 16:10 - 2013-06-01 11:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2013-07-25 16:10 - 2013-06-01 11:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2013-07-25 16:10 - 2013-06-01 11:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2013-07-25 16:10 - 2013-06-01 11:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2013-07-25 16:10 - 2013-06-01 11:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2013-07-25 16:10 - 2013-06-01 11:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2013-07-25 16:10 - 2013-06-01 11:22 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-07-25 16:10 - 2013-06-01 11:22 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-07-25 16:10 - 2013-06-01 11:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2013-07-25 16:10 - 2013-06-01 11:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe
2013-07-25 16:10 - 2013-06-01 11:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2013-07-25 16:10 - 2013-06-01 11:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2013-07-25 16:10 - 2013-06-01 11:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2013-07-25 16:10 - 2013-06-01 11:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2013-07-25 16:10 - 2013-06-01 11:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2013-07-25 16:10 - 2013-06-01 11:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2013-07-25 16:10 - 2013-06-01 11:19 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2013-07-25 16:10 - 2013-06-01 11:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll
2013-07-25 16:10 - 2013-06-01 05:08 - 00037632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys
2013-07-25 16:10 - 2013-05-25 00:09 - 01403296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2013-07-25 16:10 - 2013-05-25 00:09 - 01271584 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2013-07-25 16:10 - 2013-05-25 00:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2013-07-25 16:10 - 2013-05-25 00:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2013-07-25 16:10 - 2013-05-20 02:08 - 00386642 _____ C:\Windows\system32\ApnDatabase.xml
2013-07-25 16:09 - 2013-06-17 00:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2013-07-25 16:01 - 2013-07-27 12:41 - 00535382 _____ C:\Windows\WindowsUpdate.log
2013-07-18 16:18 - 2013-07-26 22:34 - 00001914 _____ C:\Windows\PFRO.log
2013-07-15 23:34 - 2013-07-15 23:34 - 01067456 _____ (Solid State Networks) C:\Users\Lutz\Downloads\install_flashplayer11x32au_mssd_aaa_aih(1).exe
2013-07-15 17:01 - 2013-07-15 17:01 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Thunderbird
2013-07-15 17:01 - 2013-07-15 17:01 - 00000000 ____D C:\Users\Lutz\AppData\Local\Thunderbird
2013-07-15 16:58 - 2013-07-15 16:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-07-15 16:46 - 2013-07-15 16:48 - 19678576 _____ (Mozilla) C:\Users\Lutz\Downloads\Thunderbird_Setup_17.0.7.exe
2013-07-13 18:47 - 2013-07-13 18:47 - 00421880 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-13 16:34 - 2013-07-26 22:33 - 00000000 ____D C:\Users\Lutz\Downloads\Setup
2013-07-12 15:23 - 2013-05-31 01:14 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-12 15:19 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-12 15:19 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-12 15:19 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-12 15:19 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-12 15:19 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-12 15:19 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-12 15:19 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-12 15:19 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-12 15:19 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-12 15:19 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-12 15:19 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-12 15:19 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-12 15:19 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-12 15:19 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-12 15:19 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-12 15:19 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-12 15:19 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-12 14:57 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-12 14:57 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-12 14:55 - 2013-06-01 11:25 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-12 14:55 - 2013-06-01 11:21 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 20:23 - 2013-07-11 20:23 - 00000000 ____D C:\Windows\SysWOW64\Hotspot Shield
2013-07-11 14:45 - 2013-05-16 00:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2013-07-11 14:45 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-11 14:45 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-02 15:51 - 2013-07-02 15:51 - 00000000 ____D C:\Windows\SysWOW64\NV
2013-07-02 15:51 - 2013-07-02 15:51 - 00000000 ____D C:\Windows\system32\NV
2013-07-02 00:38 - 2013-07-02 00:38 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-02 00:35 - 2013-06-21 14:06 - 27781920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 15920536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 15144928 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 13411896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 11235104 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-07-02 00:35 - 2013-06-21 14:06 - 09239344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 02953504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 00572704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 00570656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 00467232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 00465184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 00218592 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 00181488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-07-02 00:35 - 2013-06-21 14:06 - 00030496 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
201

==================== One Month Modified Files and Folders =======

2013-07-30 15:11 - 2013-05-16 15:21 - 00002242 _____ C:\Users\Lutz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2013-07-30 15:10 - 2013-07-30 15:10 - 00000000 ___RD C:\Users\Lutz\SkyDrive
2013-07-30 15:10 - 2013-05-16 15:21 - 00000000 ____D C:\Users\Lutz
2013-07-30 15:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-07-30 14:48 - 2013-05-16 17:54 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-30 14:38 - 2013-05-16 15:31 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2984763435-1055683380-3862706603-1002
2013-07-30 13:29 - 2013-07-30 13:29 - 00000000 ____D C:\Program Files (x86)\ESET
2013-07-30 13:27 - 2013-05-16 15:24 - 00000507 _____ C:\Users\Lutz\AppData\Roaming\sp_data.sys
2013-07-30 13:25 - 2013-07-30 13:25 - 00891098 _____ C:\Users\Lutz\Desktop\SecurityCheck.exe
2013-07-30 13:24 - 2013-07-30 13:24 - 02347384 _____ (ESET) C:\Users\Lutz\Desktop\esetsmartinstaller_enu.exe
2013-07-30 13:24 - 2013-07-30 13:24 - 00448512 _____ (OldTimer Tools) C:\Users\Lutz\Desktop\TFC.exe
2013-07-30 13:13 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-30 07:44 - 2012-07-26 07:26 - 00524288 ___SH C:\Windows\system32\config\BBI
2013-07-29 17:41 - 2013-07-29 17:41 - 00000000 ____D C:\Windows\ERUNT
2013-07-29 17:37 - 2013-07-29 17:37 - 00004568 _____ C:\AdwCleaner[S1].txt
2013-07-29 17:37 - 2013-07-29 17:37 - 00004408 _____ C:\AdwCleaner[R1].txt
2013-07-29 17:24 - 2013-07-29 17:24 - 00666633 _____ C:\Users\Lutz\Desktop\adwcleaner.exe
2013-07-29 17:24 - 2013-07-29 17:24 - 00562353 _____ (Oleg N. Scherbakov) C:\Users\Lutz\Desktop\JRT.exe
2013-07-29 14:01 - 2013-07-27 11:04 - 00000408 _____ C:\Users\Gast\AppData\Roaming\sp_data.sys
2013-07-29 12:42 - 2013-07-29 12:42 - 00000000 ____D C:\FRST
2013-07-29 12:42 - 2013-07-29 12:41 - 01780547 _____ (Farbar) C:\Users\Lutz\Desktop\FRST64.exe
2013-07-28 16:15 - 2013-05-23 15:51 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-07-27 12:41 - 2013-07-25 16:01 - 00535382 _____ C:\Windows\WindowsUpdate.log
2013-07-27 11:04 - 2013-07-27 11:04 - 00000000 ____D C:\Users\Gast\AppData\Roaming\ASUS WebStorage
2013-07-27 11:04 - 2013-07-27 11:04 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Apple Computer
2013-07-27 11:03 - 2013-07-27 11:02 - 00000000 ____D C:\Users\Gast
2013-07-27 11:02 - 2013-07-27 11:02 - 00000020 ___SH C:\Users\Gast\ntuser.ini
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Vorlagen
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Startmenü
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Netzwerkumgebung
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Lokale Einstellungen
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Eigene Dateien
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Druckumgebung
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Musik
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Bilder
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Verlauf
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Anwendungsdaten
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 _SHDL C:\Users\Gast\Anwendungsdaten
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Adobe
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 ____D C:\Users\Gast\AppData\Local\VirtualStore
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 ____D C:\Users\Gast\AppData\Local\Packages
2013-07-27 11:02 - 2013-07-27 11:02 - 00000000 ____D C:\Users\Gast\AppData\Local\ASUS
2013-07-27 11:00 - 2013-07-26 22:37 - 00000000 ____D C:\Users\Maike
2013-07-27 11:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-07-27 10:57 - 2013-05-16 15:21 - 00000000 ____D C:\Users\Lutz\AppData\Local\VirtualStore
2013-07-27 10:56 - 2013-07-27 10:56 - 00388608 _____ (Trend Micro Inc.) C:\Users\Lutz\Downloads\HijackThis.exe
2013-07-27 10:52 - 2013-07-27 10:58 - 00602112 _____ (OldTimer Tools) C:\Users\Lutz\Desktop\OTL.exe
2013-07-27 10:52 - 2013-07-27 10:52 - 00602112 _____ (OldTimer Tools) C:\Users\Lutz\Downloads\OTL.exe
2013-07-26 22:46 - 2013-07-26 22:46 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2984763435-1055683380-3862706603-1004
2013-07-26 22:34 - 2013-07-18 16:18 - 00001914 _____ C:\Windows\PFRO.log
2013-07-26 22:33 - 2013-07-13 16:34 - 00000000 ____D C:\Users\Lutz\Downloads\Setup
2013-07-26 21:50 - 2012-08-03 01:02 - 00753134 _____ C:\Windows\system32\perfh007.dat
2013-07-26 21:50 - 2012-08-03 01:02 - 00155826 _____ C:\Windows\system32\perfc007.dat
2013-07-26 21:50 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-26 21:46 - 2013-07-26 21:46 - 00000795 _____ C:\Windows\setupact.log
2013-07-26 21:46 - 2013-07-26 21:46 - 00000000 _____ C:\Windows\setuperr.log
2013-07-26 21:35 - 2013-07-26 21:35 - 00001115 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-26 21:35 - 2013-07-26 21:35 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Malwarebytes
2013-07-26 21:35 - 2013-07-26 21:35 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-26 21:35 - 2013-07-26 21:35 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-26 21:35 - 2013-07-26 21:29 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Lutz\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-26 15:43 - 2013-07-26 15:26 - 03260909 _____ (Safer-Networking Ltd.                                       ) C:\Users\Lutz\Downloads\spybot-2.1.exe.part
2013-07-26 15:26 - 2013-07-26 15:26 - 00000000 _____ C:\Users\Lutz\Downloads\spybot-2.1.exe
2013-07-26 13:56 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-07-15 23:37 - 2013-05-16 17:20 - 00000000 ____D C:\Users\Lutz\AppData\Local\Adobe
2013-07-15 23:36 - 2013-05-16 17:54 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-15 23:34 - 2013-07-15 23:34 - 01067456 _____ (Solid State Networks) C:\Users\Lutz\Downloads\install_flashplayer11x32au_mssd_aaa_aih(1).exe
2013-07-15 21:54 - 2013-05-16 16:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-15 17:01 - 2013-07-15 17:01 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Thunderbird
2013-07-15 17:01 - 2013-07-15 17:01 - 00000000 ____D C:\Users\Lutz\AppData\Local\Thunderbird
2013-07-15 16:58 - 2013-07-15 16:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-07-15 16:48 - 2013-07-15 16:46 - 19678576 _____ (Mozilla) C:\Users\Lutz\Downloads\Thunderbird_Setup_17.0.7.exe
2013-07-14 15:22 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-07-13 18:47 - 2013-07-13 18:47 - 00421880 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-13 13:01 - 2012-07-26 11:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-12 15:20 - 2013-05-17 16:38 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-11 20:23 - 2013-07-11 20:23 - 00000000 ____D C:\Windows\SysWOW64\Hotspot Shield
2013-07-11 20:23 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2013-07-05 13:48 - 2013-05-16 15:39 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-07-04 22:49 - 2013-06-27 22:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-02 15:51 - 2013-07-02 15:51 - 00000000 ____D C:\Windows\SysWOW64\NV
2013-07-02 15:51 - 2013-07-02 15:51 - 00000000 ____D C:\Windows\system32\NV
2013-07-02 00:38 - 2013-07-02 00:38 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-02 00:38 - 2012-12-28 18:23 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-02 00:38 - 2012-12-28 18:22 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-01 15:27 - 2013-05-16 15:21 - 00000000 ____D C:\Users\Lutz\AppData\Local\Packages
2013-07-01 01:05 - 2013-06-17 15:10 - 00000000 ____D C:\Users\Lutz\AppData\Local\CrashDumps

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-21 13:38

==================== End Of Log ============================

--- --- ---

--- --- ---

ich hoffe es hilft

schrauber · 30.07.2013, 14:20

Adobe Reader updaten. Noch Probleme?

LH91 · 30.07.2013, 16:08

Ja ein anderes Problem habe ich ist heute aufgetreten: und zwar ist meine gesamte Musik vom PC verschwunden(Bis auf die vom Desktop) könntest du mir sagen woran das liegen könnte. Suchfunktion blieb ohne Erfolg und die Musik auf dem Desktop ist immer noch da?

trotzdem vielen lieben Dank Schrauber für die schnelle und kompetente Hilfe

schrauber · 31.07.2013, 07:31

Wo war die denn vorher?

30.07.2013, 14:20	#8
schrauber /// the machine /// TB-Ausbilder	Probleme mit dem MSN-EMail Account. Absoluter Laie Adobe Reader updaten. Noch Probleme? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

31.07.2013, 07:31	#10
schrauber /// the machine /// TB-Ausbilder	Probleme mit dem MSN-EMail Account. Absoluter Laie Wo war die denn vorher? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Probleme mit dem MSN-EMail Account. Absoluter Laie

Plagegeister aller Art und deren Bekämpfung: Probleme mit dem MSN-EMail Account. Absoluter Laie