Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
snap.do Generve

snap.do Generve


Log-Analyse und Auswertung: snap.do Generve

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Seite 1 von 2 1 2
Alt 04.10.2013, 13:20   #1
popegreg
 
snap.do Generve - Icon23

snap.do Generve


Habe mit diesen Dreck bei dem permanent die Suchmaschinen-Seite von snap.do geöffnet wird eingefangen. Habe daraufhin hier im Forum die Beiträge über dieses Thema gelesen, es ist mir aber nicht gelungen den Mist zu entfernen - auch da er bei 'Programme und Funktionen' nicht aufgeführt ist. Noch schlimmer: Wollte mir dieses Farber Recovery Scan Tool instalieren (bin Eurem Link gefolgt) um hier etwas posten zu können, statt dessen hab ich mir noch irgendein Mist (www.thecoolzipextractorapp.com/gb/welcome/?sr=ga&lp=si&cc=DE&c=1) eingefangen. Gibt es denn keine Möglichkeit dieses snap.do zu entfernen OHNE sich irgendein Programm installieren zu müssen bei dem man sich den nächsten Müll einfängt? Habe jetzt schon mehrere Stunden (ohne Erfolg) damit verbracht, das Ding zu entfernen und ich hab meine Zeit auch nicht gerade auf der Gasse gefunden. Ausserdem interessiert mich mal, ob es eigentlich legal ist, den Leuten beim Download einer Software so einen Mist unterzujubeln?

Alt 04.10.2013, 13:42   #2
aharonov
/// TB-Ausbilder
 
snap.do Generve - Standard

snap.do Generve


Zitat:
Gibt es denn keine Möglichkeit dieses snap.do zu entfernen OHNE sich irgendein Programm installieren zu müssen bei dem man sich den nächsten Müll einfängt?
Ja, indem du FRST nochmals richtig herunterlädst und damit scannst. Du hast nämlich den irreführenden Download-Button eines Werbebanners erwischt und nicht den richtigen Download-Link. Wenn die heruntergeladene Datei nicht frst.exe oder frst64.exe heisst, hast du nicht das richtige erwischt. Unsere Tools installieren keinen zusätzlichen Müll.


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________
Alt 04.10.2013, 17:28   #3
popegreg
 
snap.do Generve - Standard

snap.do Generve


Vielen Dank. Der Link führt allerdings zur Registrierungsseite, aber ich hab den richtigen gefunden. Bei mir öffnet sich nachdem das Programm fertig gesucht hat, zweimal der Editor. Ich poste jetzt beide Varianten.

Editor V1
FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Pope Greg (administrator) on STUDIOPC2-W7FLA on 04-10-2013 18:12:22
Running from C:\Users\Pope Greg\Downloads\Trojaner Bekämpfung
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
() C:\Windows\vsnp325.exe
() C:\Program Files (x86)\Ditto\Ditto.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Smartbar) C:\Users\Pope Greg\AppData\Local\Smartbar\Application\QuickShare.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Windows\FixCamera.exe
() C:\Windows\tsnp325.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Users\Pope Greg\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(sw4you, Siegfried Weckmann) C:\Program Files (x86)\Hardcopy\hardcopy.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Oracle Corporation) C:\Program Files (x86)\mytunesrss-4.9.7-SNAPSHOT\data\jre\bin\javaw.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(LaCie) C:\Users\Pope Greg\AppData\Roaming\Wuala\Wuala.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Program Files (x86)\SoulseekQt\SoulseekQt.exe
(GBelectronics GmbH) C:\Program Files (x86)\GBelectronics\Audio-CD-Archiv v7\Audio-CD-Archiv_v7.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(LINE Corporation) C:\Program Files (x86)\Naver\LINE\Line.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE
(mSeven Software) C:\Program Files (x86)\mSeven Software\mSecure\mSecure.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-13] (Adobe Systems Incorporated)
HKLM\...\Run: [snp325] - C:\Windows\vsnp325.exe [835584 2007-05-10] ()
HKLM-x32\...\Runonce: [Del144418955] - cmd.exe /Q /D /c del "C:\Users\POPEGR~1\AppData\Local\Temp\0.del" [x]
HKCU\...\Run: [Ditto] - C:\Program Files (x86)\Ditto\Ditto.exe [1433200 2012-11-08] ()
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2013-01-16] (Hewlett-Packard Company)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [Allmyapps Update] - C:\Users\Pope Greg\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe [282616 2013-09-04] ()
HKCU\...\Run: [Browser Infrastructure Helper] - C:\Users\Pope Greg\AppData\Local\Smartbar\Application\QuickShare.exe [20248 2013-09-14] (Smartbar)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20681584 2013-07-25] (Skype Technologies S.A.)
HKCU\...\Run: [webcam 7] - "C:\Program Files (x86)\webcam 7\wLite.exe" -auto
HKCU\...\Run: [Line] - C:\Program Files (x86)\Naver\LINE\Line.exe [3888672 2013-09-23] (LINE Corporation)
HKCU\...\Run: [AppleIEDAV] - C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1315144 2013-09-04] (Apple Inc.)
HKCU\...\Runonce: [Del144418955] - cmd.exe /Q /D /c del "C:\Users\POPEGR~1\AppData\Local\Temp\0.del"
MountPoints2: {e0168289-e43d-11e2-89e6-001bdc060f13} - M:\setupX.exe
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3478392 2013-09-05] (Adobe Systems Inc.)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2236816 2013-08-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [FixCamera] - C:\Windows\FixCamera.exe [20480 2007-07-11] ()
HKLM-x32\...\Run: [tsnp325] - C:\Windows\tsnp325.exe [270336 2007-04-21] ()
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Startup: C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Pope Greg\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hardcopy.exe - Verknüpfung.lnk
ShortcutTarget: hardcopy.exe - Verknüpfung.lnk -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you, Siegfried Weckmann)
Startup: C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK
ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you, Siegfried Weckmann)
Startup: C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyTunesRSS (2).lnk
ShortcutTarget: MyTunesRSS (2).lnk -> C:\Program Files (x86)\mytunesrss-4.9.7-SNAPSHOT\MyTunesRSS.exe ()
Startup: C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyTunesRSS.lnk
ShortcutTarget: MyTunesRSS.lnk -> C:\Program Files (x86)\mytunesrss-4.8.1\MyTunesRSS.exe (No File)
Startup: C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wuala.lnk
ShortcutTarget: Wuala.lnk -> C:\Users\Pope Greg\AppData\Roaming\Wuala\Wuala.exe (LaCie)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=ed642b45-2aff-4571-a4d7-845e47af4d28&searchtype=ds&q={searchTerms}&installDate=16/09/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=ed642b45-2aff-4571-a4d7-845e47af4d28&searchtype=hp&installDate=16/09/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=ed642b45-2aff-4571-a4d7-845e47af4d28&searchtype=ds&q={searchTerms}&installDate=16/09/2013
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=ed642b45-2aff-4571-a4d7-845e47af4d28&searchtype=ds&q={searchTerms}&installDate=16/09/2013
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=ed642b45-2aff-4571-a4d7-845e47af4d28&searchtype=ds&q={searchTerms}&installDate=16/09/2013
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=ed642b45-2aff-4571-a4d7-845e47af4d28&searchtype=ds&q={searchTerms}&installDate=16/09/2013
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=ed642b45-2aff-4571-a4d7-845e47af4d28&searchtype=ds&q={searchTerms}&installDate=16/09/2013
SearchScopes: HKCU - {326B88A6-4B5A-49CD-BD2B-A07BF7326850} URL = hxxp://search.ividi.org/?q={searchTerms}&src=tbsp&id=f8838778000000000000002421ded394&affilt=3&r=2
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} -  No File
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default
FF user.js: detected! => C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\user.js
FF NewTab: hxxp://www.google.de
FF DefaultSearchEngine: Web Search
FF SelectedSearchEngine: Web Search
FF Homepage: hxxp://www.google.de
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.19 - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\searchplugins\ividi.xml
FF SearchPlugin: C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\searchplugins\leo-eng-deu-v20.xml
FF SearchPlugin: C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: 7Go Games - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\7go@7go.com
FF Extension: Delta Toolbar - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\ffxtlbr@delta.com
FF Extension: Dấu trang iCloud - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\firefoxdav@icloud.com
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\foxsplitter@piro.sakura.ne.jp
FF Extension: Pocket - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\isreaditlater@ideashower.com
FF Extension: Screen Capture Elite - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\screencaptureelite@plugin
FF Extension: Speed Analysis 3 - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\speedanalysis03@SpeedAnalysis.com
FF Extension: LastPass - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\support@lastpass.com
FF Extension: TextMarker! - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{1c530060-b0ae-11d9-9669-0800200c9a66}
FF Extension: Yahoo! Toolbar - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF Extension: PDFssoftware B2  - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{93fa508d-4cb2-456f-8aef-5ed652bc51c0}
FF Extension: AppsHat - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{97A78363-B868-4B48-AC91-A783A31215AF}
FF Extension: WOT - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: Flash and Video Download - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
FF Extension: FoxClocks - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}
FF Extension: Evernote Web Clipper - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
FF Extension: addon - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\addon@gutscheine-live.de.xpi
FF Extension: contextMenuExtension - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\contextMenuExtension@leo.org.xpi
FF Extension: copyplaintext - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\copyplaintext@teo.pl.xpi
FF Extension: firefox-managefolders - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\firefox-managefolders@googlecode.com.xpi
FF Extension: irobinhood - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\irobinhood@irobinhood.org.xpi
FF Extension: jsonview - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\jsonview@brh.numbera.com.xpi
FF Extension: langpack-de - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\langpack-de@firefox.mozilla.org.xpi
FF Extension: newtabgoogle - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\newtabgoogle@graememcc.co.uk.xpi
FF Extension: notreal.ccoptions - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\notreal.ccoptions@environmentalchemistry.com.xpi
FF Extension: show-file-size-2 - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\show-file-size-2@kashiif-gmail.com.xpi
FF Extension: spam - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\spam@trashmail.net.xpi
FF Extension: stealthyextension - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\stealthyextension@gmail.com.xpi
FF Extension: sugestron - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\sugestron@example.net.xpi
FF Extension: tabscroll - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\tabscroll@mthamil.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{902D2C4A-457A-4EF9-AD43-7014562929FF}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{a1109c2a-1187-4027-901d-13097b755625}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{ab4b5718-3998-4a2c-91ae-18a7c2db513e}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{c71ff04d-f001-1fc1-1fc1-c71ff04df005}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{cd617372-6743-4ee4-bac4-fbf60f35719e}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{D46E8522-6E86-44b1-A622-58C0668AD78E}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [OKitSpace@Vittalia.es] - C:\Windows\system32\config\systemprofile\AppData\Roaming\okitspace\Firefox
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Aurora\firefox.exe

Chrome: 
=======
CHR Extension: (QuickShare Widget) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0
CHR Extension: (Google Docs) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\11.0.3.37_0
CHR Extension: (Cr!Box) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjodchcocbnbhfkjeapbdoflbiibnapp\2.4_0
CHR Extension: (avast! Online Security) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0
CHR Extension: (LastPass) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.5.4_0
CHR Extension: (iVidi Chrome Toolbar) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_1
CHR Extension: (The Spark - Digital Blasphemy) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhkknnebkjlngeopapiainhbhkeeihkk\3.1_0
CHR Extension: (Chrome Downloads Extension) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhaaapflafeapcmgbphlmealldkomfbe\2.0.2_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (IPv4 to IPv6 Converter) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgodkdnbaggjjbdolpbpdaofcmdkdooh\1.0_0
CHR Extension: (Gmail) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx
CHR HKLM-x32\...\Chrome\Extension: [iidmoehhpbghchkaogkhmcckhlhebekn] - C:\Program Files (x86)\iRobinHood\iRobinHood Addon\iRobinHoodPartnersVExtension1_42.crx
CHR HKLM-x32\...\Chrome\Extension: [mggiecmcgkpfmegnobeimepgndgdhbjm] - C:\Windows\system32\config\systemprofile\AppData\Roaming\okitspace\Chrome\OKitSpace.crx

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 BotkindSyncService; C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe [182784 2013-07-02] ()
R2 SrvUpdater; C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe [32256 2013-09-26] ()

==================== Drivers (Whitelisted) ====================

S3 AirDisplay; C:\Windows\System32\DRIVERS\AVVideoCard.sys [16248 2013-04-15] (Windows (R) Win 7 DDK provider)
S3 AirDisplayMirror; C:\Windows\System32\DRIVERS\AVVideoCardMirror.sys [16248 2013-04-15] (Windows (R) Win 7 DDK provider)
S3 AirDisplayWDDM; C:\Windows\System32\DRIVERS\AVWDDMMiniPort.sys [45432 2013-04-15] (Windows (R) Win 7 DDK provider)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
R0 AVPCIFilter; C:\Windows\System32\DRIVERS\AVPCIFilter.sys [37240 2013-04-15] (Windows (R) Win 7 DDK provider)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
R3 SNP325; C:\Windows\System32\DRIVERS\snp325.sys [10733184 2007-11-22] (Sonix Co. Ltd.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-04 18:11 - 2013-10-04 18:11 - 00000000 ____D C:\FRST
2013-10-04 17:15 - 2013-10-04 17:15 - 04059587 _____ C:\Users\Pope Greg\AppData\Local\soulseek-client.dat.1380899727943
2013-10-04 16:15 - 2013-10-04 16:15 - 04059587 _____ C:\Users\Pope Greg\AppData\Local\soulseek-client.dat.1380896127946
2013-10-04 15:15 - 2013-10-04 15:15 - 04059587 _____ C:\Users\Pope Greg\AppData\Local\soulseek-client.dat.1380892527961
2013-10-04 13:57 - 2013-10-04 17:57 - 00000306 _____ C:\Windows\Tasks\DigitalSite.job
2013-10-04 13:57 - 2013-10-04 13:57 - 00003268 _____ C:\Windows\System32\Tasks\DigitalSite
2013-10-04 13:57 - 2013-10-04 13:57 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\DigitalSite
2013-10-04 13:52 - 2013-10-04 18:10 - 00000000 ____D C:\Users\Pope Greg\Downloads\Trojaner Bekämpfung
2013-10-02 03:57 - 2013-10-02 04:05 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Vögel
2013-10-02 03:57 - 2013-10-02 03:57 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Sonstige Pix
2013-10-02 03:57 - 2013-10-02 03:57 - 00000000 ___RD C:\Users\Pope Greg\Downloads\RF2 Logos
2013-10-02 03:43 - 2013-10-02 03:57 - 00000000 ___RD C:\Users\Pope Greg\Downloads\RF2
2013-10-02 03:42 - 2013-10-02 03:43 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Haus
2013-10-02 03:42 - 2013-10-02 03:42 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Greg Privat
2013-10-02 03:42 - 2013-10-02 03:42 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Greg
2013-10-02 03:38 - 2013-10-02 03:42 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Friends & Stuff
2013-10-02 02:33 - 2013-10-02 02:35 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Aida
2013-10-02 01:51 - 2013-10-02 01:51 - 00000000 ____D C:\Program Files (x86)\SoftwareUpdater
2013-10-02 01:37 - 2013-10-02 01:37 - 00000000 ____D C:\Windows\Sun
2013-10-02 01:36 - 2013-10-02 01:36 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-02 01:36 - 2013-10-02 01:36 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-02 01:36 - 2013-10-02 01:36 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-02 01:36 - 2013-10-02 01:36 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-02 01:36 - 2013-10-02 01:36 - 00000000 ____D C:\ProgramData\Oracle
2013-10-02 01:36 - 2013-10-02 01:36 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-02 01:33 - 2013-10-02 01:33 - 00000000 ____D C:\Users\Pope Greg\Downloads\Java
2013-10-02 01:17 - 2013-10-02 01:17 - 00000898 _____ C:\Users\Pope Greg\Desktop\Wuala.lnk
2013-10-02 01:17 - 2013-10-02 01:17 - 00000000 ____D C:\Program Files (x86)\Wuala OverlayIcons
2013-10-02 01:17 - 2013-10-02 01:17 - 00000000 ____D C:\Program Files (x86)\Wuala CBFS
2013-10-02 01:17 - 2012-04-09 16:27 - 00352144 _____ (EldoS Corporation) C:\Windows\system32\Drivers\cbfs3.sys
2013-10-02 01:17 - 2012-04-09 16:27 - 00223760 _____ (EldoS Corporation) C:\Windows\SysWOW64\CbFsNetRdr3.dll
2013-10-02 01:17 - 2012-04-09 16:27 - 00190480 _____ (EldoS Corporation) C:\Windows\system32\CbFsMntNtf3.dll
2013-10-02 01:17 - 2012-04-09 16:27 - 00158224 _____ (EldoS Corporation) C:\Windows\SysWOW64\CbFsMntNtf3.dll
2013-10-02 01:17 - 2012-04-09 16:27 - 00141328 _____ (EldoS Corporation) C:\Windows\system32\CbFsNetRdr3.dll
2013-10-02 01:16 - 2013-10-02 01:36 - 00868264 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-10-02 01:16 - 2013-10-02 01:36 - 00790440 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-10-02 01:15 - 2013-10-02 01:53 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Wuala
2013-10-02 01:15 - 2013-10-02 01:23 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\Wuala
2013-10-02 01:15 - 2013-10-02 01:15 - 00000888 _____ C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wuala.lnk
2013-10-02 01:11 - 2013-10-02 01:11 - 00000000 ____D C:\Users\Pope Greg\Downloads\Wuala
2013-09-30 17:08 - 2013-09-30 17:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-26 22:40 - 2013-09-26 22:40 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2013-09-26 22:40 - 2013-09-26 22:40 - 00000000 ____D C:\Program Files\Unlocker
2013-09-26 22:36 - 2013-09-26 22:36 - 00000000 ____D C:\Users\Pope Greg\Downloads\Unlocker
2013-09-26 22:21 - 2013-09-26 22:21 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2013-09-25 21:08 - 2013-09-25 21:08 - 00004912 _____ C:\Users\Pope Greg\Desktop\CopyTransManager.exe - Verknüpfung.lnk
2013-09-25 19:25 - 2013-09-25 19:25 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\WindSolutions
2013-09-25 19:21 - 2013-09-25 19:21 - 00000000 ____D C:\ProgramData\WindSolutions
2013-09-25 19:15 - 2013-09-25 19:21 - 00000000 ____D C:\Users\Pope Greg\Downloads\CopyTrans
2013-09-23 22:45 - 2013-09-23 22:57 - 00000000 ____D C:\Program Files (x86)\MyTuuuuaaaaa
2013-09-23 22:31 - 2013-09-23 23:20 - 00000000 ____D C:\Program Files (x86)\MyTuuuuuuuu
2013-09-23 22:28 - 2013-09-23 22:28 - 00000000 ____D C:\Program Files (x86)\Neuer Ordner
2013-09-23 20:21 - 2013-10-02 21:56 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\MyTunesRSS4
2013-09-23 20:18 - 2013-09-24 16:10 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyTunesRSS
2013-09-23 20:18 - 2013-09-23 22:19 - 00000000 ____D C:\Program Files (x86)\mytunesrss-4.9.7-SNAPSHOT
2013-09-23 19:43 - 2013-09-23 19:43 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Yahoo!
2013-09-22 00:12 - 2013-09-22 22:15 - 00000000 ____D C:\Program Files (x86)\FreeRIP
2013-09-22 00:12 - 2013-09-22 22:14 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeRIP MP3 Converter
2013-09-22 00:12 - 2013-09-22 00:12 - 00000000 ____D C:\ProgramData\FreeRIP MP3 Converter
2013-09-21 20:34 - 2013-09-21 20:34 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-09-21 19:53 - 2013-09-22 22:15 - 00000000 ____D C:\Program Files (x86)\VideoPlayer
2013-09-21 18:59 - 2013-09-22 22:15 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\WebPlayer
2013-09-21 18:59 - 2013-09-22 22:15 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\Minibar
2013-09-21 18:59 - 2013-09-22 22:15 - 00000000 ____D C:\Program Files (x86)\Minibar
2013-09-20 00:29 - 2013-09-20 00:29 - 00000000 ____D C:\Windows\system32\RsFx
2013-09-20 00:28 - 2013-09-20 00:28 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 9.0
2013-09-19 23:04 - 2013-09-19 23:04 - 00000000 ____D C:\ProgramData\EPSON
2013-09-19 20:11 - 2013-09-19 20:11 - 00001063 _____ C:\Users\Pope Greg\Desktop\USB camera - Verknüpfung.lnk
2013-09-19 18:54 - 2013-09-19 18:54 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-19 18:53 - 2013-09-19 18:54 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-19 18:53 - 2013-09-19 18:54 - 00000000 ____D C:\Program Files\iTunes
2013-09-19 18:53 - 2013-09-19 18:54 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-19 18:53 - 2013-09-19 18:53 - 00000000 ____D C:\Program Files\iPod
2013-09-17 20:13 - 2013-09-17 20:13 - 00003222 _____ C:\Windows\System32\Tasks\{A372979D-3926-430A-BBCA-83EE53BD124B}
2013-09-16 16:19 - 2013-09-16 16:19 - 00000000 ____T C:\Windows\system32\DAB Bank GP
2013-09-16 16:19 - 2013-09-16 16:19 - 00000000 _____ C:\Windows\SysWOW64\DAB Bank GP
2013-09-11 16:33 - 2013-09-11 16:57 - 00000000 ____D C:\Users\Pope Greg\Downloads\Erklärungen
2013-09-11 10:50 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-11 10:50 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-11 10:50 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-11 10:50 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-11 10:50 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-11 10:50 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-11 10:50 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-11 10:50 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-11 10:50 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-11 10:50 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-11 10:50 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-11 10:50 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-11 10:50 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-11 10:50 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-11 10:50 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-11 10:50 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-11 10:50 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-11 10:50 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-11 10:50 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-11 10:50 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-11 10:50 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-11 10:49 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-11 10:49 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-11 10:49 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-11 10:49 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-11 10:49 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-11 10:49 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-11 10:49 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-11 10:49 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-11 10:49 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-11 10:49 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-11 03:03 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 03:03 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-11 03:03 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-11 03:03 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-11 03:03 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-11 03:03 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-11 03:03 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-11 03:03 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-11 03:03 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-11 03:03 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-11 03:03 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-11 03:03 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-11 03:03 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-11 03:03 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-11 03:03 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-11 03:03 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-11 03:03 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-11 03:03 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-11 03:03 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-11 03:03 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-11 03:03 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-11 03:03 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 03:03 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-11 03:03 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-11 03:03 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-11 03:03 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-08 20:41 - 2013-09-08 21:10 - 00000000 ___RD C:\Users\Pope Greg\Desktop\HP
2013-09-07 11:39 - 2013-09-07 11:39 - 00000134 _____ C:\Windows\wininit.ini
2013-09-07 08:25 - 2013-09-07 08:25 - 00000000 ____D C:\Program Files (x86)\Veetle
2013-09-05 23:32 - 2013-09-05 23:32 - 00002630 _____ C:\Windows\diagwrn.xml
2013-09-05 23:32 - 2013-09-05 23:32 - 00001908 _____ C:\Windows\diagerr.xml
2013-09-05 21:07 - 2013-09-05 21:07 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\Nero_AG
2013-09-05 21:06 - 2013-09-05 21:07 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\Nero
2013-09-05 15:51 - 2013-09-05 15:51 - 00001057 _____ C:\Users\Public\Desktop\LINE.lnk
2013-09-04 10:57 - 2013-09-05 05:18 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\LogMeIn Rescue Applet
2013-09-04 08:51 - 2013-09-05 11:59 - 00219051 _____ C:\Windows\hpoins47.dat
2013-09-04 07:32 - 2013-10-04 07:37 - 00000412 _____ C:\Windows\Tasks\AllmyappsUpdateTask.job
2013-09-04 07:27 - 2009-12-02 01:00 - 00000601 _____ C:\Windows\hpomdl47.dat

==================== One Month Modified Files and Folders =======

2013-10-04 18:11 - 2013-10-04 18:11 - 00000000 ____D C:\FRST
2013-10-04 18:10 - 2013-10-04 13:52 - 00000000 ____D C:\Users\Pope Greg\Downloads\Trojaner Bekämpfung
2013-10-04 17:59 - 2013-07-03 03:51 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Ditto
2013-10-04 17:58 - 2013-07-10 05:06 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-04 17:57 - 2013-10-04 13:57 - 00000306 _____ C:\Windows\Tasks\DigitalSite.job
2013-10-04 17:52 - 2013-08-22 01:40 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Skype
2013-10-04 17:52 - 2013-07-10 04:20 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Mp3tag
2013-10-04 17:47 - 2013-07-25 15:47 - 00000300 _____ C:\Windows\Tasks\DSite.job
2013-10-04 17:17 - 2013-07-10 07:54 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-04 17:15 - 2013-10-04 17:15 - 04059587 _____ C:\Users\Pope Greg\AppData\Local\soulseek-client.dat.1380899727943
2013-10-04 16:35 - 2013-07-03 18:21 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\Apple
2013-10-04 16:15 - 2013-10-04 16:15 - 04059587 _____ C:\Users\Pope Greg\AppData\Local\soulseek-client.dat.1380896127946
2013-10-04 15:15 - 2013-10-04 15:15 - 04059587 _____ C:\Users\Pope Greg\AppData\Local\soulseek-client.dat.1380892527961
2013-10-04 14:38 - 2013-07-03 18:28 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Dropbox
2013-10-04 13:57 - 2013-10-04 13:57 - 00003268 _____ C:\Windows\System32\Tasks\DigitalSite
2013-10-04 13:57 - 2013-10-04 13:57 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\DigitalSite
2013-10-04 13:57 - 2013-07-25 15:47 - 00001110 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-10-04 13:52 - 2013-07-03 03:23 - 01285787 _____ C:\Windows\WindowsUpdate.log
2013-10-04 13:41 - 2013-07-09 11:16 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\EA73FA0A-F5B8-4DEB-A39C-F439CFE7F8A4.aplzod
2013-10-04 07:46 - 2013-07-29 10:04 - 00005164 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for STUDIOPC2-W7FLA-Pope Greg StudioPC2-W7FLA
2013-10-04 07:37 - 2013-09-04 07:32 - 00000412 _____ C:\Windows\Tasks\AllmyappsUpdateTask.job
2013-10-04 02:17 - 2013-07-10 07:54 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-04 02:00 - 2013-07-09 19:14 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\Adobe
2013-10-03 02:06 - 2013-07-10 07:59 - 00002255 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-03 01:56 - 2013-07-10 02:19 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\vlc
2013-10-02 21:59 - 2009-07-14 06:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-02 21:59 - 2009-07-14 06:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-02 21:56 - 2013-09-23 20:21 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\MyTunesRSS4
2013-10-02 21:53 - 2013-07-03 18:43 - 00000000 ___RD C:\Users\Pope Greg\Dropbox
2013-10-02 21:50 - 2013-09-01 03:43 - 00013705 _____ C:\Windows\setupact.log
2013-10-02 21:50 - 2013-07-03 03:35 - 00000000 ____D C:\ProgramData\NVIDIA
2013-10-02 21:50 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-02 04:05 - 2013-10-02 03:57 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Vögel
2013-10-02 03:57 - 2013-10-02 03:57 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Sonstige Pix
2013-10-02 03:57 - 2013-10-02 03:57 - 00000000 ___RD C:\Users\Pope Greg\Downloads\RF2 Logos
2013-10-02 03:57 - 2013-10-02 03:43 - 00000000 ___RD C:\Users\Pope Greg\Downloads\RF2
2013-10-02 03:43 - 2013-10-02 03:42 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Haus
2013-10-02 03:42 - 2013-10-02 03:42 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Greg Privat
2013-10-02 03:42 - 2013-10-02 03:42 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Greg
2013-10-02 03:42 - 2013-10-02 03:38 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Friends & Stuff
2013-10-02 02:36 - 2013-08-22 01:52 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-02 02:36 - 2013-08-22 01:40 - 00000000 ____D C:\ProgramData\Skype
2013-10-02 02:35 - 2013-10-02 02:33 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Aida
2013-10-02 01:53 - 2013-10-02 01:15 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Wuala
2013-10-02 01:51 - 2013-10-02 01:51 - 00000000 ____D C:\Program Files (x86)\SoftwareUpdater
2013-10-02 01:37 - 2013-10-02 01:37 - 00000000 ____D C:\Windows\Sun
2013-10-02 01:36 - 2013-10-02 01:36 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-02 01:36 - 2013-10-02 01:36 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-02 01:36 - 2013-10-02 01:36 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-02 01:36 - 2013-10-02 01:36 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-02 01:36 - 2013-10-02 01:36 - 00000000 ____D C:\ProgramData\Oracle
2013-10-02 01:36 - 2013-10-02 01:36 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-02 01:36 - 2013-10-02 01:16 - 00868264 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-10-02 01:36 - 2013-10-02 01:16 - 00790440 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-10-02 01:33 - 2013-10-02 01:33 - 00000000 ____D C:\Users\Pope Greg\Downloads\Java
2013-10-02 01:23 - 2013-10-02 01:15 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\Wuala
2013-10-02 01:20 - 2013-08-31 16:52 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-02 01:17 - 2013-10-02 01:17 - 00000898 _____ C:\Users\Pope Greg\Desktop\Wuala.lnk
2013-10-02 01:17 - 2013-10-02 01:17 - 00000000 ____D C:\Program Files (x86)\Wuala OverlayIcons
2013-10-02 01:17 - 2013-10-02 01:17 - 00000000 ____D C:\Program Files (x86)\Wuala CBFS
2013-10-02 01:17 - 2013-07-03 03:24 - 00000000 ___RD C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-02 01:15 - 2013-10-02 01:15 - 00000888 _____ C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wuala.lnk
2013-10-02 01:11 - 2013-10-02 01:11 - 00000000 ____D C:\Users\Pope Greg\Downloads\Wuala
2013-10-02 01:02 - 2013-07-03 03:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-30 17:10 - 2013-09-30 17:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-26 22:40 - 2013-09-26 22:40 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2013-09-26 22:40 - 2013-09-26 22:40 - 00000000 ____D C:\Program Files\Unlocker
2013-09-26 22:36 - 2013-09-26 22:36 - 00000000 ____D C:\Users\Pope Greg\Downloads\Unlocker
2013-09-26 22:21 - 2013-09-26 22:21 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2013-09-25 21:08 - 2013-09-25 21:08 - 00004912 _____ C:\Users\Pope Greg\Desktop\CopyTransManager.exe - Verknüpfung.lnk
2013-09-25 19:25 - 2013-09-25 19:25 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\WindSolutions
2013-09-25 19:21 - 2013-09-25 19:21 - 00000000 ____D C:\ProgramData\WindSolutions
2013-09-25 19:21 - 2013-09-25 19:15 - 00000000 ____D C:\Users\Pope Greg\Downloads\CopyTrans
2013-09-24 18:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-24 16:10 - 2013-09-23 20:18 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyTunesRSS
2013-09-23 23:20 - 2013-09-23 22:31 - 00000000 ____D C:\Program Files (x86)\MyTuuuuuuuu
2013-09-23 23:01 - 2013-04-11 18:56 - 00000000 ____D C:\Neuer Ordner
2013-09-23 22:57 - 2013-09-23 22:45 - 00000000 ____D C:\Program Files (x86)\MyTuuuuaaaaa
2013-09-23 22:28 - 2013-09-23 22:28 - 00000000 ____D C:\Program Files (x86)\Neuer Ordner
2013-09-23 22:19 - 2013-09-23 20:18 - 00000000 ____D C:\Program Files (x86)\mytunesrss-4.9.7-SNAPSHOT
2013-09-23 19:43 - 2013-09-23 19:43 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Yahoo!
2013-09-23 19:38 - 2013-09-01 03:43 - 00012046 _____ C:\Windows\PFRO.log
2013-09-23 13:54 - 2013-09-01 05:51 - 00000000 ____D C:\Program Files (x86)\iRobinHood
2013-09-23 13:51 - 2013-08-28 14:19 - 00000000 ____D C:\ProgramData\Yahoo!
2013-09-23 13:51 - 2013-08-28 14:17 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2013-09-23 13:29 - 2013-08-21 05:32 - 00000000 ____D C:\ProgramData\webcam 7
2013-09-23 13:24 - 2013-07-05 07:25 - 00000000 ____D C:\Program Files (x86)\Hardcopy
2013-09-22 22:58 - 2013-07-10 05:06 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-22 22:58 - 2013-07-10 05:06 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-22 22:58 - 2013-07-10 05:06 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-22 22:18 - 2013-07-10 07:54 - 00001922 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-09-22 22:18 - 2013-07-10 07:54 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-09-22 22:17 - 2013-07-03 03:24 - 00000000 ____D C:\Users\Pope Greg
2013-09-22 22:15 - 2013-09-22 00:12 - 00000000 ____D C:\Program Files (x86)\FreeRIP
2013-09-22 22:15 - 2013-09-21 19:53 - 00000000 ____D C:\Program Files (x86)\VideoPlayer
2013-09-22 22:15 - 2013-09-21 18:59 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\WebPlayer
2013-09-22 22:15 - 2013-09-21 18:59 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\Minibar
2013-09-22 22:15 - 2013-09-21 18:59 - 00000000 ____D C:\Program Files (x86)\Minibar
2013-09-22 22:15 - 2013-07-29 12:30 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\IrfanView
2013-09-22 22:15 - 2013-07-10 01:50 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2013-09-22 22:15 - 2013-07-05 01:21 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-09-22 22:14 - 2013-09-22 00:12 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeRIP MP3 Converter
2013-09-22 22:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-09-22 22:11 - 2013-07-03 03:45 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\Mozilla
2013-09-22 00:12 - 2013-09-22 00:12 - 00000000 ____D C:\ProgramData\FreeRIP MP3 Converter
2013-09-21 20:34 - 2013-09-21 20:34 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-09-21 01:39 - 2013-07-06 08:22 - 00009617 _____ C:\ProgramData\hpzinstall.log
2013-09-20 07:23 - 2013-07-26 20:24 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\Apps\2.0
2013-09-20 00:29 - 2013-09-20 00:29 - 00000000 ____D C:\Windows\system32\RsFx
2013-09-20 00:28 - 2013-09-20 00:28 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 9.0
2013-09-19 23:04 - 2013-09-19 23:04 - 00000000 ____D C:\ProgramData\EPSON
2013-09-19 22:02 - 2013-07-26 15:49 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\FRITZ!
2013-09-19 20:11 - 2013-09-19 20:11 - 00001063 _____ C:\Users\Pope Greg\Desktop\USB camera - Verknüpfung.lnk
2013-09-19 18:54 - 2013-09-19 18:54 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-19 18:54 - 2013-09-19 18:53 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-19 18:54 - 2013-09-19 18:53 - 00000000 ____D C:\Program Files\iTunes
2013-09-19 18:54 - 2013-09-19 18:53 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-19 18:53 - 2013-09-19 18:53 - 00000000 ____D C:\Program Files\iPod
2013-09-17 20:13 - 2013-09-17 20:13 - 00003222 _____ C:\Windows\System32\Tasks\{A372979D-3926-430A-BBCA-83EE53BD124B}
2013-09-16 16:19 - 2013-09-16 16:19 - 00000000 ____T C:\Windows\system32\DAB Bank GP
2013-09-16 16:19 - 2013-09-16 16:19 - 00000000 _____ C:\Windows\SysWOW64\DAB Bank GP
2013-09-16 03:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-16 02:49 - 2013-09-01 05:52 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\Smartbar
2013-09-14 18:06 - 2013-07-06 08:26 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\HpUpdate
2013-09-13 17:01 - 2013-07-31 17:16 - 00001009 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-09-11 16:57 - 2013-09-11 16:33 - 00000000 ____D C:\Users\Pope Greg\Downloads\Erklärungen
2013-09-11 11:00 - 2013-07-03 03:24 - 00000000 ___RD C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-11 11:00 - 2009-07-14 06:45 - 05055376 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-11 10:49 - 2013-07-24 03:04 - 00000000 ____D C:\Windows\system32\MRT
2013-09-11 10:47 - 2013-07-09 03:04 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-10 01:48 - 2013-07-27 12:47 - 00000061 _____ C:\Users\Pope Greg\AppData\Roaming\WB.CFG
2013-09-08 21:10 - 2013-09-08 20:41 - 00000000 ___RD C:\Users\Pope Greg\Desktop\HP
2013-09-07 11:39 - 2013-09-07 11:39 - 00000134 _____ C:\Windows\wininit.ini
2013-09-07 09:02 - 2013-04-11 17:59 - 00000000 ____D C:\Software
2013-09-07 08:25 - 2013-09-07 08:25 - 00000000 ____D C:\Program Files (x86)\Veetle
2013-09-07 06:56 - 2009-07-14 04:34 - 00000904 _____ C:\Windows\win.ini
2013-09-05 23:32 - 2013-09-05 23:32 - 00002630 _____ C:\Windows\diagwrn.xml
2013-09-05 23:32 - 2013-09-05 23:32 - 00001908 _____ C:\Windows\diagerr.xml
2013-09-05 23:32 - 2013-09-01 03:43 - 00000000 _____ C:\Windows\setuperr.log
2013-09-05 21:07 - 2013-09-05 21:07 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\Nero_AG
2013-09-05 21:07 - 2013-09-05 21:06 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\Nero
2013-09-05 15:51 - 2013-09-05 15:51 - 00001057 _____ C:\Users\Public\Desktop\LINE.lnk
2013-09-05 11:59 - 2013-09-04 08:51 - 00219051 _____ C:\Windows\hpoins47.dat
2013-09-05 10:20 - 2009-07-14 19:58 - 00657566 _____ C:\Windows\system32\perfh007.dat
2013-09-05 10:20 - 2009-07-14 19:58 - 00130882 _____ C:\Windows\system32\perfc007.dat
2013-09-05 10:20 - 2009-07-14 07:13 - 01507370 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-05 05:18 - 2013-09-04 10:57 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\LogMeIn Rescue Applet
2013-09-04 07:32 - 2013-09-01 03:52 - 00003084 _____ C:\Windows\System32\Tasks\AllmyappsUpdateTask
2013-09-04 05:32 - 2013-07-06 08:22 - 00000000 ____D C:\ProgramData\HP
2013-09-04 05:32 - 2013-07-06 08:22 - 00000000 ____D C:\Program Files (x86)\HP

Some content of TEMP:
====================
C:\Users\Pope Greg\AppData\Local\Temp\AskSLib.dll
C:\Users\Pope Greg\AppData\Local\Temp\instloffer.exe
C:\Users\Pope Greg\AppData\Local\Temp\Player_Setup.exe
C:\Users\Pope Greg\AppData\Local\Temp\SmartbarExeInstaller.exe
C:\Users\Pope Greg\AppData\Local\Temp\webcake.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-02 06:57

==================== End Of Log ============================
--- --- ---

--- --- ---


Editor V2FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by Pope Greg at 2013-10-04 18:16:00
Running from C:\Users\Pope Greg\Downloads\Trojaner Bekämpfung
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

325 USB PC Camera (x32 Version: 0.6.0.001)
64 Bit HP CIO Components Installer (Version: 7.2.8)
7-Zip 9.20 (x32)
7-Zip 9.22 (x64 edition) (Version: 9.22.00.0)
Adobe Acrobat XI Pro (x32 Version: 11.0.04)
Adobe Creative Cloud (x32 Version: 2.1.1.220)
Adobe Extension Manager CC (x32 Version: 7.0)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.175)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Photoshop CS6 (x32 Version: 13.0)
Allmyapps (HKCU Version: 2.0.0.16)
Allway Sync version 12.15.1 (x32)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
ASIO4ALL (x32 Version: 2.10)
Audio-CD-Archiv v7 (x32 Version: 7.00.723)
Aurora 25.0a2 (x86 en-US) (x32 Version: 25.0a2)
avast! Free Antivirus (x32 Version: 8.0.1497.0)
AVM FRITZ!fax für FRITZ!Box (x32)
B110 (x32 Version: 140.0.142.000)
Bonjour (Version: 3.0.0.10)
Bonjour-Druckdienste (Version: 2.0.2.0)
BufferChm (x32 Version: 140.0.212.000)
CCleaner (Version: 4.05)
CDLIB 4.0 (x32 Version: 4.0)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition
Destinations (x32 Version: 140.0.77.000)
DeviceDiscovery (x32 Version: 140.0.212.000)
Digital DJ (x32 Version: 2.0)
Ditto (x32)
Documents To Go Desktop für iOS (x32 Version: 4.0001.010)
Dropbox (HKCU Version: 2.2.13)
Evernote v. 4.6.7 (x32 Version: 4.6.7.8409)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.31.0)
Google Chrome (x32 Version: 30.0.1599.66)
Google Update Helper (x32 Version: 1.3.21.153)
GPBaseService2 (x32 Version: 140.0.211.000)
Hardcopy (x32 Version: 2013.02.18)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (Version: 14.0)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Update (x32 Version: 5.005.000.001)
HPAppStudio (x32 Version: 140.0.95.000)
HPDiagnosticAlert (x32 Version: 1.00.0000)
HPPhotoGadget (x32 Version: 140.0.524.000)
HPProductAssistant (x32 Version: 140.0.212.000)
HPSSupply (x32 Version: 140.0.211.000)
iCloud (Version: 3.0.2.163)
IrfanView (remove only) (x32 Version: 4.36)
iTunes (Version: 11.1.0.126)
Java 7 Update 40 (x32 Version: 7.0.400)
Java Auto Updater (x32 Version: 2.1.9.8)
JDownloader 2 (Version: 2.0)
LightScribe System Software (x32 Version: 1.18.27.10)
LINE (x32 Version: 3.2.0.76)
Lunascape6 (All Users) (x32 Version: 6.8.8.26908)
MAGIX Audio Cleaning Lab MX (x32 Version: 18.0.0.7)
MAGIX Screenshare (x32 Version: 4.3.6.1987)
MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6)
MarketResearch (x32 Version: 140.0.212.000)
mBackup (x32 Version: 3.01)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017)
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017)
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017)
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)
Mp3tag v2.57 (x32 Version: v2.57)
mSecure (x32 Version: 3.114)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
Nero 12 (x32 Version: 12.0.01600)
Nero 12 Content Pack (x32 Version: 12.0.00100)
Nero Abstract Themes (x32 Version: 12.0.11500)
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0)
Nero BackItUp (x32 Version: 12.5.7000)
Nero BackItUp Help (CHM) (x32 Version: 12.0.13000)
Nero Blu-ray Player (x32 Version: 12.0.20014)
Nero Blu-ray Player Help (CHM) (x32 Version: 12.0.9000)
Nero Burning ROM (x32 Version: 12.5.6000)
Nero Burning ROM Help (CHM) (x32 Version: 12.0.3000)
Nero Cliparts (x32 Version: 12.0.11500)
Nero ControlCenter (x32 Version: 11.0.15600)
Nero ControlCenter Help (CHM) (x32 Version: 12.0.12000)
Nero Core Components (x32 Version: 11.0.20900)
Nero Disc Menus 1 (x32 Version: 12.0.11500)
Nero Disc Menus 2 (x32 Version: 12.0.11500)
Nero Disc Menus 3 (x32 Version: 12.0.11500)
Nero Disc Menus Basic (x32 Version: 12.0.11500)
Nero Effects Basic (x32 Version: 12.0.11500)
Nero Express (x32 Version: 12.5.6000)
Nero Express Help (CHM) (x32 Version: 12.0.13000)
Nero Family and Events Themes (x32 Version: 12.0.11500)
Nero Football (Soccer) Themes (x32 Version: 12.0.11500)
Nero Holiday and Sports Themes (x32 Version: 12.0.11500)
Nero Image Samples (x32 Version: 12.0.11500)
Nero Kwik Media (x32 Version: 1.18.20100)
Nero Kwik Media (x32 Version: 11.0.16401)
Nero Kwik Media Help (CHM) (x32 Version: 12.0.12000)
Nero Kwik Themes Basic (x32 Version: 12.0.11500)
Nero PiP Effects 1 (x32 Version: 12.0.11500)
Nero PiP Effects Basic (x32 Version: 12.0.11500)
Nero Platinum Effects 12 (x32 Version: 12.0.11500)
Nero Recode (x32 Version: 12.5.6000)
Nero Recode Help (CHM) (x32 Version: 12.0.12000)
Nero RescueAgent (x32 Version: 12.0.11000)
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000)
Nero Retro Film Themes (x32 Version: 12.0.11700)
Nero SharedVideoCodecs (x32 Version: 1.0.12100.2.0)
Nero Update (x32 Version: 11.0.11800.31.0)
Nero Video (x32 Version: 12.5.4000)
Nero Video Help (CHM) (x32 Version: 12.0.12000)
Nero Video Samples (x32 Version: 12.0.11500)
Nero Video Transitions 1 (x32 Version: 12.0.11500)
nero.prerequisites.msi (x32 Version: 11.0.20008)
Network64 (Version: 140.0.212.000)
Network64 (Version: 140.0.221.000)
No23 Recorder (x32 Version: 2.1.0.3)
NVIDIA 3D Vision Treiber 311.06 (Version: 311.06)
NVIDIA Grafiktreiber 311.06 (Version: 311.06)
NVIDIA HD-Audiotreiber 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.109.718)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106)
NVIDIA Systemsteuerung 311.06 (Version: 311.06)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
Open It! (x32 Version: 1.1.1)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017)
Paint Shop Pro 7 (x32 Version: 7.0.0.0000)
PDF Settings CS6 (x32 Version: 11.0)
Prerequisite installer (x32 Version: 12.0.0003)
PS_AIO_07_B110_SW_Min (x32 Version: 140.0.142.000)
QuickShare (x32 Version: 1.146.60.12450)
QuickTransfer (x32 Version: 140.0.98.000)
Scan (x32 Version: 140.0.77.000)
Shop for HP Supplies (Version: 14.0)
Skype™ 6.7 (x32 Version: 6.7.102)
SmartWebPrinting (x32 Version: 140.0.186.000)
SoftwareUpdater (x32)
SolutionCenter (x32 Version: 140.0.211.000)
SoulseekQt (x32)
Status (x32 Version: 140.0.212.000)
TeamViewer 8 (x32 Version: 8.0.20935)
Toolbox (x32 Version: 140.0.424.000)
TrayApp (x32 Version: 140.0.212.000)
Unlocker 1.9.2 (Version: 1.9.2)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft Access 2013 (KB2760350) 64-Bit Edition
Update for Microsoft Excel 2013 (KB2760339) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2768004) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726961) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition
Update for Microsoft Office 2013 (KB2737954) 64-Bit Edition
Update for Microsoft Office 2013 (KB2752025) 64-Bit Edition
Update for Microsoft Office 2013 (KB2752094) 64-Bit Edition
Update for Microsoft Office 2013 (KB2752101) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760343) 64-Bit Edition
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition
Update for Microsoft Office 2013 (KB2767860) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768333) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768349) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768355) 64-Bit Edition
Update for Microsoft Office 2013 (KB2810010) 64-Bit Edition
Update for Microsoft OneNote 2013 (KB2760334) 64-Bit Edition
Update for Microsoft OneNote 2013 (KB2768011) 64-Bit Edition
Update for Microsoft Outlook 2013 (KB2810015) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2726947) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2727013) 64-Bit Edition
Update for Microsoft SkyDrive Pro (KB2810019) 64-Bit Edition
Update for Microsoft Visio 2013 (KB2810008) 64-Bit Edition
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition
Update for Microsoft Word 2013 (KB2752073) 64-Bit Edition
Update for Microsoft Word 2013 (KB2768007) 64-Bit Edition
Update for Microsoft Word 2013 (KB2768337) 64-Bit Edition
Update for Zip Extractor (HKCU)
Update for Zip Opener (HKCU)
Veetle TV (x32 Version: 0.9.19)
VirtualCloneDrive (x32)
VirtualDJ Home FREE (x32 Version: 7.4)
VLC media player 2.0.8 (Version: 2.0.8)
WebReg (x32 Version: 140.0.212.017)
Welcome App (Start-up experience) (x32 Version: 12.0.15000)
Wuala (HKCU Version: 1.0.444.0)
Wuala CBFS (x32 Version: 3.2.107.0)
Wuala OverlayIcons (x32 Version: 1.0.0.2)
Yahoo! Messenger (x32)

==================== Restore Points  =========================

02-07-2013 03:18:12 Mist 02072013
02-07-2013 13:10:56 Installed Microsoft Fix it 50494
02-07-2013 22:49:43 Uniblue DriverScanner installation
03-07-2013 02:04:47 Windows Update
06-07-2013 20:33:45 Windows Update
08-07-2013 08:01:44 Windows-Sicherung

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-07-14 01:09 - 00001103 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 lm.licenses.adobe.com8
127.0.0.1                   activate.adobe.com
127.0.0.1                   practivate.adobe.com


==================== Scheduled Tasks (whitelisted) =============

Task: {0207F454-5259-4B0B-912A-EDC97B6E21D9} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {07EE7B3A-B25B-4D94-B652-5C5FC6A2F5E0} - System32\Tasks\Microsoft Office 15 Sync Maintenance for STUDIOPC2-W7FLA-Pope Greg StudioPC2-W7FLA => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {0D14C620-BFF6-4369-BD3F-79B9463B287D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software)
Task: {21857FCD-CFFA-49E2-9654-7032A3D7C4CE} - System32\Tasks\{E2C37CCD-A315-4124-9850-358A9C6D5292} => C:\Users\Pope Greg\AppData\Local\JDownloader v2.0\JDownloader2.exe [2013-07-01] (AppWork GmbH)
Task: {38673851-1A47-48E1-9085-5891E05EF3FE} - System32\Tasks\DSite => C:\Users\Pope Greg\AppData\Roaming\DSite\UpdateProc\UpdateTask.exe [2013-07-25] ()
Task: {3F6C592D-6850-488C-8723-6B38D9218687} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-22] (Adobe Systems Incorporated)
Task: {46FB446B-0084-43C2-8C2F-37E143084D03} - System32\Tasks\hcdll2_ex_Win32 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe [2012-11-08] ()
Task: {55156566-2020-4E89-A302-36F06AE4D1CA} - System32\Tasks\{53C696E8-75AD-48E7-BE9B-CC805EA1BDA1} => C:\Users\Pope Greg\AppData\Local\JDownloader v2.0\JDownloader2.exe [2013-07-01] (AppWork GmbH)
Task: {603A84F4-539B-432A-9A26-7254D174F39A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7CA2E1FA-0792-4A76-B2BE-B6202333715A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {941DD9C7-85E5-4539-A3D5-0652303757B4} - System32\Tasks\DigitalSite => C:\Users\Pope Greg\AppData\Roaming\DigitalSite\UpdateProc\UpdateTask.exe [2013-04-12] ()
Task: {B41A918F-0130-4626-BC1A-5B608BCFBE18} - System32\Tasks\AllmyappsUpdateTask => C:\Users\Pope Greg\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe [2013-09-04] ()
Task: {BC8B31C1-6200-4BE3-B0FD-7A69C0FDA3D0} - System32\Tasks\hcdll2_ex_x64 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe [2012-11-08] ()
Task: {BFC5180B-8930-498F-8216-2D3A7C595836} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-10] (Google Inc.)
Task: {CA30E430-247B-481E-8B0F-FAEA41477026} - System32\Tasks\{BE745A74-89DB-4BE7-89E1-367CE96DB781} => C:\Users\Pope Greg\AppData\Local\JDownloader v2.0\JDownloader2.exe [2013-07-01] (AppWork GmbH)
Task: {E04FA123-0099-482A-B301-EAB169270541} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-10] (Google Inc.)
Task: {EE8A5389-1BF5-4A3B-88A6-07DCF99EDCC3} - System32\Tasks\AdobeAAMUpdater-1.0-STUDIOPC2-W7FLA-Pope Greg => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-13] (Adobe Systems Incorporated)
Task: {FC294429-14E8-46BA-8690-236C49E1E818} - System32\Tasks\{271A1801-3217-4C5C-8108-8071D2FE5969} => Firefox.exe hxxp://ui.skype.com/ui/0/6.7.0.102/de/abandoninstall?source=lightinstaller&page=tsPlugin
Task: {FC869878-90B3-4F27-B699-195F14B8F401} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AllmyappsUpdateTask.job => C:\Users\Pope Greg\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe
Task: C:\Windows\Tasks\DigitalSite.job => C:\Users\POPEGR~1\AppData\Roaming\DIGITA~2\UPDATE~1\UPDATE~1.EXE
Task: C:\Windows\Tasks\DSite.job => C:\Users\POPEGR~1\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-07-28 14:19 - 2012-07-30 10:28 - 00125504 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_38_x64.dll
2013-08-30 10:01 - 2013-08-17 00:32 - 03357040 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2013-05-11 12:38 - 2013-05-11 12:38 - 00131072 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Locale\de_de\PDFMaker\PDFMOutlookAddin.DEU
2013-05-11 12:37 - 2013-05-11 12:37 - 04891368 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\PDFMaker\Common\X64\AdobePDFMakerX.dll
2013-05-11 12:38 - 2013-05-11 12:38 - 01446912 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Locale\de_DE\PDFMaker\AdobePDFMakerX.DEU
2012-10-01 20:36 - 2012-10-01 20:36 - 01408624 _____ () C:\Program Files\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll
2013-10-04 13:59 - 2013-10-04 11:57 - 02104832 _____ () C:\Program Files\AVAST Software\Avast\defs\13100400\algo.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-07-28 14:19 - 2012-07-30 10:27 - 00116800 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_38_Win32.dll
2013-07-28 14:19 - 2012-07-05 15:56 - 00052800 _____ () C:\Program Files (x86)\Hardcopy\hardcopy_05.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-01-16 11:58 - 2013-01-16 11:58 - 02408448 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2013-01-16 11:58 - 2013-01-16 11:58 - 08626176 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2013-01-16 11:58 - 2013-01-16 11:58 - 00212992 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00033560 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00055064 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00149784 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00111896 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 01808152 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00055576 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00012568 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00048408 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.Personalization.Settings.PublisherSettingsManager.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00725272 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00081176 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00013592 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00016664 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00029464 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.Resources.Utilities.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00019736 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.Resources.SideBySide.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00057112 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00013592 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll
2013-09-01 05:52 - 2013-09-01 05:52 - 00911128 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00014104 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00051480 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00047384 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2013-09-14 21:50 - 2013-09-14 21:50 - 00025368 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00024856 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00245528 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.Resources.NetSeer.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\acrotray.deu
2013-09-03 15:25 - 2013-08-19 22:12 - 32726528 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2013-03-13 22:48 - 2013-03-13 22:48 - 24978944 _____ () C:\Users\Pope Greg\AppData\Roaming\Dropbox\bin\libcef.dll
2012-09-08 13:16 - 2012-09-08 13:16 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2012-09-08 13:16 - 2012-09-08 13:16 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2013-07-28 14:19 - 2013-02-13 11:22 - 02920952 _____ () C:\Program Files (x86)\Hardcopy\HcDllS.dll
2013-03-13 13:42 - 2013-06-05 14:21 - 00071560 _____ () C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll
2013-10-02 01:23 - 2013-10-02 01:23 - 00165376 _____ () C:\Users\Pope Greg\AppData\Local\Wuala\Program0\lib.446\orangevolt-4n-1.1.2.dll
2013-10-02 01:23 - 2013-10-02 01:23 - 00370688 _____ () C:\Users\Pope Greg\AppData\Local\Wuala\Program0\lib.446\jcbfs3.dll
2013-08-30 10:00 - 2013-08-17 00:32 - 00381808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CCInvokeAAM.dll
2009-01-10 20:32 - 2009-01-10 20:32 - 00011362 _____ () C:\Program Files (x86)\SoulseekQt\mingwm10.dll
2009-06-23 04:42 - 2009-06-23 04:42 - 00043008 _____ () C:\Program Files (x86)\SoulseekQt\libgcc_s_dw2-1.dll
2009-07-13 23:03 - 2009-07-14 03:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2013-10-02 21:34 - 2013-10-03 02:11 - 00018724 ____T () C:\Users\Pope Greg\AppData\Roaming\Microsoft\bass.dll
2013-10-02 21:34 - 2013-10-03 02:11 - 00014456 ____T () C:\Users\Pope Greg\AppData\Roaming\Microsoft\mjcriu.dll
2013-08-31 17:12 - 2013-08-31 17:12 - 00119848 _____ () C:\Program Files (x86)\Naver\LINE\PlayerHelper.dll
2013-09-23 15:28 - 2013-09-23 15:28 - 02421280 _____ () C:\Program Files (x86)\Naver\LINE\amp-dll.dll
2013-09-30 17:08 - 2013-09-30 17:08 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Audiocontroller für Multimedia
Description: Audiocontroller für Multimedia
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Videocontroller für Multimedia
Description: Videocontroller für Multimedia
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Coprozessor
Description: Coprozessor
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/04/2013 04:32:49 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ApplePhotoStreams.exe, Version: 7.12.44.1, Zeitstempel: 0x516e136b
Name des fehlerhaften Moduls: MSVCR80.dll, Version: 8.0.50727.6195, Zeitstempel: 0x4dcddbf3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00028989
ID des fehlerhaften Prozesses: 0xb98
Startzeit der fehlerhaften Anwendung: 0xApplePhotoStreams.exe0
Pfad der fehlerhaften Anwendung: ApplePhotoStreams.exe1
Pfad des fehlerhaften Moduls: ApplePhotoStreams.exe2
Berichtskennung: ApplePhotoStreams.exe3

Error: (10/04/2013 01:10:48 PM) (Source: Application Hang) (User: )
Description: Programm Evernote.exe, Version 4.6.7.8409 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2474

Startzeit: 01cec0761be93000

Endzeit: 2301

Anwendungspfad: C:\Program Files (x86)\Evernote\Evernote\Evernote.exe

Berichts-ID: 98c875f1-2ce5-11e3-911a-002421ded394

Error: (10/03/2013 10:21:04 PM) (Source: Application Hang) (User: )
Description: Programm Evernote.exe, Version 4.6.7.8409 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 21e8

Startzeit: 01cebfdf8d724eb0

Endzeit: 46

Anwendungspfad: C:\Program Files (x86)\Evernote\Evernote\Evernote.exe

Berichts-ID: 4fa38e91-2c69-11e3-911a-002421ded394

Error: (10/03/2013 01:07:19 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Mp3tag.exe, Version: 2.57.0.0, Zeitstempel: 0x51d81ce7
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x08d2fd24
ID des fehlerhaften Prozesses: 0x1c18
Startzeit der fehlerhaften Anwendung: 0xMp3tag.exe0
Pfad der fehlerhaften Anwendung: Mp3tag.exe1
Pfad des fehlerhaften Moduls: Mp3tag.exe2
Berichtskennung: Mp3tag.exe3

Error: (10/03/2013 00:33:00 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Mp3tag.exe, Version: 2.57.0.0, Zeitstempel: 0x51d81ce7
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x06d0fcac
ID des fehlerhaften Prozesses: 0xc6c
Startzeit der fehlerhaften Anwendung: 0xMp3tag.exe0
Pfad der fehlerhaften Anwendung: Mp3tag.exe1
Pfad des fehlerhaften Moduls: Mp3tag.exe2
Berichtskennung: Mp3tag.exe3

Error: (10/03/2013 00:30:22 AM) (Source: Application Hang) (User: )
Description: Programm Mp3tag.exe, Version 2.57.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1e88

Startzeit: 01cebfbd6e566920

Endzeit: 10

Anwendungspfad: C:\Program Files (x86)\Mp3tag\Mp3tag.exe

Berichts-ID: 36d080b1-2bb2-11e3-911a-002421ded394

Error: (10/03/2013 00:23:32 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Mp3tag.exe, Version: 2.57.0.0, Zeitstempel: 0x51d81ce7
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000d
ID des fehlerhaften Prozesses: 0x1e88
Startzeit der fehlerhaften Anwendung: 0xMp3tag.exe0
Pfad der fehlerhaften Anwendung: Mp3tag.exe1
Pfad des fehlerhaften Moduls: Mp3tag.exe2
Berichtskennung: Mp3tag.exe3

Error: (10/02/2013 11:39:15 PM) (Source: Application Error) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm Firefox wurde wegen dieses Fehlers geschlossen.

Programm: Firefox
Datei: 

Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
	- diese sich im Netzwerk befindet, 
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
	- diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt. 
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.

Zusätzliche Daten
Fehlerwert: 00000000
Datenträgertyp: 0

Error: (10/02/2013 11:39:15 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 24.0.0.5001, Zeitstempel: 0x522fd29f
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000096
Fehleroffset: 0x286af4bc
ID des fehlerhaften Prozesses: 0x159c
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3

Error: (10/02/2013 11:34:32 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 24.0.0.5001, Zeitstempel: 0x522fd29f
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x2e05f9e8
ID des fehlerhaften Prozesses: 0x159c
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3


System errors:
=============
Error: (10/04/2013 02:13:14 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (10/02/2013 05:49:35 AM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070420

Error: (10/02/2013 05:45:26 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎02.‎10.‎2013 um 05:43:32 unerwartet heruntergefahren.

Error: (10/02/2013 01:20:52 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "TeamViewer 8" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (10/02/2013 01:20:52 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst TeamViewer 8 erreicht.

Error: (10/02/2013 01:03:48 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Software Updater" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (10/02/2013 01:03:48 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Software Updater erreicht.

Error: (10/02/2013 01:02:33 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎02.‎10.‎2013 um 01:01:05 unerwartet heruntergefahren.

Error: (09/30/2013 09:44:25 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (09/30/2013 09:43:59 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.


Microsoft Office Sessions:
=========================
Error: (10/04/2013 04:32:49 PM) (Source: Application Error)(User: )
Description: ApplePhotoStreams.exe7.12.44.1516e136bMSVCR80.dll8.0.50727.61954dcddbf3c000000500028989b9801cebfa8ed4dd8e0C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exeC:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dlld7563070-2d01-11e3-911a-002421ded394

Error: (10/04/2013 01:10:48 PM) (Source: Application Hang)(User: )
Description: Evernote.exe4.6.7.8409247401cec0761be930002301C:\Program Files (x86)\Evernote\Evernote\Evernote.exe98c875f1-2ce5-11e3-911a-002421ded394

Error: (10/03/2013 10:21:04 PM) (Source: Application Hang)(User: )
Description: Evernote.exe4.6.7.840921e801cebfdf8d724eb046C:\Program Files (x86)\Evernote\Evernote\Evernote.exe4fa38e91-2c69-11e3-911a-002421ded394

Error: (10/03/2013 01:07:19 AM) (Source: Application Error)(User: )
Description: Mp3tag.exe2.57.0.051d81ce7unknown0.0.0.000000000c000000508d2fd241c1801cebfc0e25b4f40C:\Program Files (x86)\Mp3tag\Mp3tag.exeunknown62aeb850-2bb7-11e3-911a-002421ded394

Error: (10/03/2013 00:33:00 AM) (Source: Application Error)(User: )
Description: Mp3tag.exe2.57.0.051d81ce7unknown0.0.0.000000000c000000506d0fcacc6c01cebfbf042a2a30C:\Program Files (x86)\Mp3tag\Mp3tag.exeunknown97553660-2bb2-11e3-911a-002421ded394

Error: (10/03/2013 00:30:22 AM) (Source: Application Hang)(User: )
Description: Mp3tag.exe2.57.0.01e8801cebfbd6e56692010C:\Program Files (x86)\Mp3tag\Mp3tag.exe36d080b1-2bb2-11e3-911a-002421ded394

Error: (10/03/2013 00:23:32 AM) (Source: Application Error)(User: )
Description: Mp3tag.exe2.57.0.051d81ce7unknown0.0.0.000000000c00000050000000d1e8801cebfbd6e566920C:\Program Files (x86)\Mp3tag\Mp3tag.exeunknown44900dc0-2bb1-11e3-911a-002421ded394

Error: (10/02/2013 11:39:15 PM) (Source: Application Error)(User: )
Description: Firefox000000000

Error: (10/02/2013 11:39:15 PM) (Source: Application Error)(User: )
Description: firefox.exe24.0.0.5001522fd29funknown0.0.0.000000000c0000096286af4bc159c01cebfb36211bd40C:\Program Files (x86)\Mozilla Firefox\firefox.exeunknown151bfaa0-2bab-11e3-911a-002421ded394

Error: (10/02/2013 11:34:32 PM) (Source: Application Error)(User: )
Description: firefox.exe24.0.0.5001522fd29funknown0.0.0.000000000c00000052e05f9e8159c01cebfb36211bd40C:\Program Files (x86)\Mozilla Firefox\firefox.exeunknown6c9a2960-2baa-11e3-911a-002421ded394


==================== Memory info =========================== 

Percentage of memory in use: 78%
Total physical RAM: 4095.24 MB
Available physical RAM: 887.51 MB
Total Pagefile: 8188.67 MB
Available Pagefile: 2785.58 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:488.57 GB) (Free:154.76 GB) NTFS
Drive d: (Interne HD) (Fixed) (Total:1397.14 GB) (Free:471.17 GB) NTFS
Drive e: () (Fixed) (Total:340.61 GB) (Free:34.44 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (DATA) (Fixed) (Total:391.61 GB) (Free:158.41 GB) NTFS
Drive p: (PopeGregAccount) (Network) (Total:2844.72 GB) (Free:1972.19 GB) NTFS
Drive w: (Wuala) (Network) (Total:5 GB) (Free:0 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: FCD6DD83)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Not Active) - (Size=392 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=341 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=489 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: 00000000)

Partition: GPT Partition Type
==================== End Of Log ============================
--- --- ---
__________________
Alt 04.10.2013, 18:10   #4
aharonov
/// TB-Ausbilder
 
snap.do Generve - Standard

snap.do Generve


Hi,

Ich hab bei der ersten schnelle Durchsicht der Logs gesehen, dass du unsaubere Software nutzt. Das unterstützen wir nicht: http://www.trojaner-board.de/95394-c...-software.html

Wenn ich dir helfen soll, dann deinstalliere und entferne jetzt zuerst restlos alle illegale Software (Cracks, Keygens, etc.). Sobald alles weg ist, können wir loslegen. Sollte ich im weiteren Verlauf aber trotz dieser Warnung nochmals sowas sehen, ist Schluss.

Gib mir Bescheid, sobald es hier weiter geht.
__________________
cheers,
Leo

Alt 04.10.2013, 18:53   #5
popegreg
 
snap.do Generve - Standard

snap.do Generve


Was sind denn das für Sachen/Programme? Ich selber habe ganz sicher nix in der Richtung installiert, allerdings stammt der PC von einem verstorbenen Kollegen meiner Frau. Und der hatte ihn - soweit ich weiss - wiederum von jemandem anderen (dafür kann ich aber meine Hand nicht ins Feuer legen). Ausserdem nutze ich ihn zusammen mit meiner Frau (die macht aber sowas garantiert nicht) und ihrem Bruder. Alles lief - nachdem wir den Rechner 'geerbt' hatten - gut, da haben wir natürlich net nochmal das Betriebssystem neu installiert. Da ich in der Richtung gar keine Ahnung habe würde ich gerne wissen, welche Programme 'unsauber' sind. Die fliegen dann - auch in meinem Interesse - runter. Andere Alternative wäre Windows 8 draufzumachen, aber 1) soll Win 8 ziemlich bedienungsunfreundlich sein und 2) habe ich noch nie ein Betriebssystem installiert bzw. nur einmal versucht. Deshalb wäre mir Windows 7 eigentlich lieber.


Alt 04.10.2013, 19:02   #6
aharonov
/// TB-Ausbilder
 
snap.do Generve - Standard

snap.do Generve


Namentlich ist der Adobe Photoshop CS6 keine gekaufte Version. Wirf ihn runter und dann mach einen neuen FRST-Scan:


Starte noch einmal FRST.
  • Setze bei Optional Scan den Haken bei Addition.txt und drücke Scan.
  • Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und Addition.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieser beiden Logfiles bitte hier in deinen Thread.
__________________
--> snap.do Generve

Alt 04.10.2013, 19:42   #7
popegreg
 
snap.do Generve - Standard

snap.do Generve


Photoshop haben - wir beiden zumindest - noch nicht ein einziges Mal benutzt (als Grafikprogramm nutzen wir Irfan View oder - seltener - Paint. Habe PS deinstalliert (was übrigens ziemlich lange gedauert hat). Kann diese snap.do- Unsitte evtl. damit zusammenhängen?
Hier die beiden Scans:

1) FRST
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Pope Greg (administrator) on STUDIOPC2-W7FLA on 04-10-2013 20:20:03
Running from C:\Users\Pope Greg\Downloads\Trojaner Bekämpfung
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
() C:\Windows\vsnp325.exe
() C:\Program Files (x86)\Ditto\Ditto.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Smartbar) C:\Users\Pope Greg\AppData\Local\Smartbar\Application\QuickShare.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Windows\FixCamera.exe
() C:\Windows\tsnp325.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Users\Pope Greg\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(sw4you, Siegfried Weckmann) C:\Program Files (x86)\Hardcopy\hardcopy.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(LaCie) C:\Users\Pope Greg\AppData\Roaming\Wuala\Wuala.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Program Files (x86)\SoulseekQt\SoulseekQt.exe
(GBelectronics GmbH) C:\Program Files (x86)\GBelectronics\Audio-CD-Archiv v7\Audio-CD-Archiv_v7.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(LINE Corporation) C:\Program Files (x86)\Naver\LINE\Line.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE
(mSeven Software) C:\Program Files (x86)\mSeven Software\mSecure\mSecure.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Oracle Corporation) C:\Program Files (x86)\mytunesrss-4.9.7-SNAPSHOT\data\jre\bin\javaw.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-13] (Adobe Systems Incorporated)
HKLM\...\Run: [snp325] - C:\Windows\vsnp325.exe [835584 2007-05-10] ()
HKLM-x32\...\Runonce: [Del144418955] - cmd.exe /Q /D /c del "C:\Users\POPEGR~1\AppData\Local\Temp\0.del" [x]
HKCU\...\Run: [Ditto] - C:\Program Files (x86)\Ditto\Ditto.exe [1433200 2012-11-08] ()
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2013-01-16] (Hewlett-Packard Company)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [Allmyapps Update] - C:\Users\Pope Greg\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe [282616 2013-09-04] ()
HKCU\...\Run: [Browser Infrastructure Helper] - C:\Users\Pope Greg\AppData\Local\Smartbar\Application\QuickShare.exe [20248 2013-09-14] (Smartbar)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20681584 2013-07-25] (Skype Technologies S.A.)
HKCU\...\Run: [webcam 7] - "C:\Program Files (x86)\webcam 7\wLite.exe" -auto
HKCU\...\Run: [Line] - C:\Program Files (x86)\Naver\LINE\Line.exe [3888672 2013-09-23] (LINE Corporation)
HKCU\...\Run: [AppleIEDAV] - C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1315144 2013-09-04] (Apple Inc.)
HKCU\...\Runonce: [Del144418955] - cmd.exe /Q /D /c del "C:\Users\POPEGR~1\AppData\Local\Temp\0.del"
MountPoints2: {e0168289-e43d-11e2-89e6-001bdc060f13} - M:\setupX.exe
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3478392 2013-09-05] (Adobe Systems Inc.)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2236816 2013-08-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [FixCamera] - C:\Windows\FixCamera.exe [20480 2007-07-11] ()
HKLM-x32\...\Run: [tsnp325] - C:\Windows\tsnp325.exe [270336 2007-04-21] ()
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Startup: C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Pope Greg\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hardcopy.exe - Verknüpfung.lnk
ShortcutTarget: hardcopy.exe - Verknüpfung.lnk -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you, Siegfried Weckmann)
Startup: C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK
ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you, Siegfried Weckmann)
Startup: C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyTunesRSS (2).lnk
ShortcutTarget: MyTunesRSS (2).lnk -> C:\Program Files (x86)\mytunesrss-4.9.7-SNAPSHOT\MyTunesRSS.exe ()
Startup: C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyTunesRSS.lnk
ShortcutTarget: MyTunesRSS.lnk -> C:\Program Files (x86)\mytunesrss-4.8.1\MyTunesRSS.exe (No File)
Startup: C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wuala.lnk
ShortcutTarget: Wuala.lnk -> C:\Users\Pope Greg\AppData\Roaming\Wuala\Wuala.exe (LaCie)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=ed642b45-2aff-4571-a4d7-845e47af4d28&searchtype=ds&q={searchTerms}&installDate=16/09/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=ed642b45-2aff-4571-a4d7-845e47af4d28&searchtype=hp&installDate=16/09/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=ed642b45-2aff-4571-a4d7-845e47af4d28&searchtype=ds&q={searchTerms}&installDate=16/09/2013
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=ed642b45-2aff-4571-a4d7-845e47af4d28&searchtype=ds&q={searchTerms}&installDate=16/09/2013
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=ed642b45-2aff-4571-a4d7-845e47af4d28&searchtype=ds&q={searchTerms}&installDate=16/09/2013
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=ed642b45-2aff-4571-a4d7-845e47af4d28&searchtype=ds&q={searchTerms}&installDate=16/09/2013
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=ed642b45-2aff-4571-a4d7-845e47af4d28&searchtype=ds&q={searchTerms}&installDate=16/09/2013
SearchScopes: HKCU - {326B88A6-4B5A-49CD-BD2B-A07BF7326850} URL = hxxp://search.ividi.org/?q={searchTerms}&src=tbsp&id=f8838778000000000000002421ded394&affilt=3&r=2
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} -  No File
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default
FF user.js: detected! => C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\user.js
FF NewTab: hxxp://www.google.de
FF Homepage: hxxp://www.google.de
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.19 - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File
FF SearchPlugin: C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\searchplugins\ividi.xml
FF SearchPlugin: C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\searchplugins\leo-eng-deu-v20.xml
FF SearchPlugin: C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: 7Go Games - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\7go@7go.com
FF Extension: Delta Toolbar - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\ffxtlbr@delta.com
FF Extension: Dấu trang iCloud - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\firefoxdav@icloud.com
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\foxsplitter@piro.sakura.ne.jp
FF Extension: Pocket - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\isreaditlater@ideashower.com
FF Extension: Screen Capture Elite - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\screencaptureelite@plugin
FF Extension: Speed Analysis 3 - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\speedanalysis03@SpeedAnalysis.com
FF Extension: LastPass - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\support@lastpass.com
FF Extension: TextMarker! - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{1c530060-b0ae-11d9-9669-0800200c9a66}
FF Extension: Yahoo! Toolbar - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF Extension: PDFssoftware B2  - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{93fa508d-4cb2-456f-8aef-5ed652bc51c0}
FF Extension: AppsHat - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{97A78363-B868-4B48-AC91-A783A31215AF}
FF Extension: WOT - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: Flash and Video Download - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
FF Extension: FoxClocks - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}
FF Extension: Evernote Web Clipper - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
FF Extension: addon - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\addon@gutscheine-live.de.xpi
FF Extension: contextMenuExtension - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\contextMenuExtension@leo.org.xpi
FF Extension: copyplaintext - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\copyplaintext@teo.pl.xpi
FF Extension: firefox-managefolders - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\firefox-managefolders@googlecode.com.xpi
FF Extension: irobinhood - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\irobinhood@irobinhood.org.xpi
FF Extension: jsonview - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\jsonview@brh.numbera.com.xpi
FF Extension: langpack-de - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\langpack-de@firefox.mozilla.org.xpi
FF Extension: newtabgoogle - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\newtabgoogle@graememcc.co.uk.xpi
FF Extension: notreal.ccoptions - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\notreal.ccoptions@environmentalchemistry.com.xpi
FF Extension: show-file-size-2 - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\show-file-size-2@kashiif-gmail.com.xpi
FF Extension: spam - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\spam@trashmail.net.xpi
FF Extension: stealthyextension - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\stealthyextension@gmail.com.xpi
FF Extension: sugestron - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\sugestron@example.net.xpi
FF Extension: tabscroll - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\tabscroll@mthamil.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{902D2C4A-457A-4EF9-AD43-7014562929FF}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{a1109c2a-1187-4027-901d-13097b755625}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{ab4b5718-3998-4a2c-91ae-18a7c2db513e}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{c71ff04d-f001-1fc1-1fc1-c71ff04df005}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{cd617372-6743-4ee4-bac4-fbf60f35719e}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{D46E8522-6E86-44b1-A622-58C0668AD78E}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [OKitSpace@Vittalia.es] - C:\Windows\system32\config\systemprofile\AppData\Roaming\okitspace\Firefox
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Aurora\firefox.exe

Chrome: 
=======
CHR Extension: (QuickShare Widget) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0
CHR Extension: (Google Docs) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\11.0.3.37_0
CHR Extension: (Cr!Box) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjodchcocbnbhfkjeapbdoflbiibnapp\2.4_0
CHR Extension: (avast! Online Security) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0
CHR Extension: (LastPass) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.5.4_0
CHR Extension: (iVidi Chrome Toolbar) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_1
CHR Extension: (The Spark - Digital Blasphemy) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhkknnebkjlngeopapiainhbhkeeihkk\3.1_0
CHR Extension: (Chrome Downloads Extension) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhaaapflafeapcmgbphlmealldkomfbe\2.0.2_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (IPv4 to IPv6 Converter) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgodkdnbaggjjbdolpbpdaofcmdkdooh\1.0_0
CHR Extension: (Gmail) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx
CHR HKLM-x32\...\Chrome\Extension: [iidmoehhpbghchkaogkhmcckhlhebekn] - C:\Program Files (x86)\iRobinHood\iRobinHood Addon\iRobinHoodPartnersVExtension1_42.crx
CHR HKLM-x32\...\Chrome\Extension: [mggiecmcgkpfmegnobeimepgndgdhbjm] - C:\Windows\system32\config\systemprofile\AppData\Roaming\okitspace\Chrome\OKitSpace.crx

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 BotkindSyncService; C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe [182784 2013-07-02] ()
R2 SrvUpdater; C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe [32256 2013-09-26] ()

==================== Drivers (Whitelisted) ====================

S3 AirDisplay; C:\Windows\System32\DRIVERS\AVVideoCard.sys [16248 2013-04-15] (Windows (R) Win 7 DDK provider)
S3 AirDisplayMirror; C:\Windows\System32\DRIVERS\AVVideoCardMirror.sys [16248 2013-04-15] (Windows (R) Win 7 DDK provider)
S3 AirDisplayWDDM; C:\Windows\System32\DRIVERS\AVWDDMMiniPort.sys [45432 2013-04-15] (Windows (R) Win 7 DDK provider)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
R0 AVPCIFilter; C:\Windows\System32\DRIVERS\AVPCIFilter.sys [37240 2013-04-15] (Windows (R) Win 7 DDK provider)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
R3 SNP325; C:\Windows\System32\DRIVERS\snp325.sys [10733184 2007-11-22] (Sonix Co. Ltd.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-04 20:15 - 2013-10-04 20:15 - 04059572 _____ C:\Users\Pope Greg\AppData\Local\soulseek-client.dat.1380910528326
2013-10-04 19:15 - 2013-10-04 19:15 - 04059553 _____ C:\Users\Pope Greg\AppData\Local\soulseek-client.dat.1380906928018
2013-10-04 18:15 - 2013-10-04 18:15 - 04059572 _____ C:\Users\Pope Greg\AppData\Local\soulseek-client.dat.1380903328000
2013-10-04 18:11 - 2013-10-04 18:11 - 00000000 ____D C:\FRST
2013-10-04 13:57 - 2013-10-04 19:57 - 00000306 _____ C:\Windows\Tasks\DigitalSite.job
2013-10-04 13:57 - 2013-10-04 13:57 - 00003268 _____ C:\Windows\System32\Tasks\DigitalSite
2013-10-04 13:57 - 2013-10-04 13:57 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\DigitalSite
2013-10-04 13:52 - 2013-10-04 20:20 - 00000000 ____D C:\Users\Pope Greg\Downloads\Trojaner Bekämpfung
2013-10-02 03:57 - 2013-10-02 04:05 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Vögel
2013-10-02 03:57 - 2013-10-02 03:57 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Sonstige Pix
2013-10-02 03:57 - 2013-10-02 03:57 - 00000000 ___RD C:\Users\Pope Greg\Downloads\RF2 Logos
2013-10-02 03:43 - 2013-10-02 03:57 - 00000000 ___RD C:\Users\Pope Greg\Downloads\RF2
2013-10-02 03:42 - 2013-10-02 03:43 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Haus
2013-10-02 03:42 - 2013-10-02 03:42 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Greg Privat
2013-10-02 03:42 - 2013-10-02 03:42 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Greg
2013-10-02 03:38 - 2013-10-02 03:42 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Friends & Stuff
2013-10-02 02:33 - 2013-10-02 02:35 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Aida
2013-10-02 01:51 - 2013-10-02 01:51 - 00000000 ____D C:\Program Files (x86)\SoftwareUpdater
2013-10-02 01:37 - 2013-10-02 01:37 - 00000000 ____D C:\Windows\Sun
2013-10-02 01:36 - 2013-10-02 01:36 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-02 01:36 - 2013-10-02 01:36 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-02 01:36 - 2013-10-02 01:36 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-02 01:36 - 2013-10-02 01:36 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-02 01:36 - 2013-10-02 01:36 - 00000000 ____D C:\ProgramData\Oracle
2013-10-02 01:36 - 2013-10-02 01:36 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-02 01:33 - 2013-10-02 01:33 - 00000000 ____D C:\Users\Pope Greg\Downloads\Java
2013-10-02 01:17 - 2013-10-02 01:17 - 00000898 _____ C:\Users\Pope Greg\Desktop\Wuala.lnk
2013-10-02 01:17 - 2013-10-02 01:17 - 00000000 ____D C:\Program Files (x86)\Wuala OverlayIcons
2013-10-02 01:17 - 2013-10-02 01:17 - 00000000 ____D C:\Program Files (x86)\Wuala CBFS
2013-10-02 01:17 - 2012-04-09 16:27 - 00352144 _____ (EldoS Corporation) C:\Windows\system32\Drivers\cbfs3.sys
2013-10-02 01:17 - 2012-04-09 16:27 - 00223760 _____ (EldoS Corporation) C:\Windows\SysWOW64\CbFsNetRdr3.dll
2013-10-02 01:17 - 2012-04-09 16:27 - 00190480 _____ (EldoS Corporation) C:\Windows\system32\CbFsMntNtf3.dll
2013-10-02 01:17 - 2012-04-09 16:27 - 00158224 _____ (EldoS Corporation) C:\Windows\SysWOW64\CbFsMntNtf3.dll
2013-10-02 01:17 - 2012-04-09 16:27 - 00141328 _____ (EldoS Corporation) C:\Windows\system32\CbFsNetRdr3.dll
2013-10-02 01:16 - 2013-10-02 01:36 - 00868264 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-10-02 01:16 - 2013-10-02 01:36 - 00790440 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-10-02 01:15 - 2013-10-02 01:53 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Wuala
2013-10-02 01:15 - 2013-10-02 01:23 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\Wuala
2013-10-02 01:15 - 2013-10-02 01:15 - 00000888 _____ C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wuala.lnk
2013-10-02 01:11 - 2013-10-02 01:11 - 00000000 ____D C:\Users\Pope Greg\Downloads\Wuala
2013-09-30 17:08 - 2013-09-30 17:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-26 22:40 - 2013-09-26 22:40 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2013-09-26 22:40 - 2013-09-26 22:40 - 00000000 ____D C:\Program Files\Unlocker
2013-09-26 22:36 - 2013-09-26 22:36 - 00000000 ____D C:\Users\Pope Greg\Downloads\Unlocker
2013-09-26 22:21 - 2013-09-26 22:21 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2013-09-25 21:08 - 2013-09-25 21:08 - 00004912 _____ C:\Users\Pope Greg\Desktop\CopyTransManager.exe - Verknüpfung.lnk
2013-09-25 19:25 - 2013-09-25 19:25 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\WindSolutions
2013-09-25 19:21 - 2013-09-25 19:21 - 00000000 ____D C:\ProgramData\WindSolutions
2013-09-25 19:15 - 2013-09-25 19:21 - 00000000 ____D C:\Users\Pope Greg\Downloads\CopyTrans
2013-09-23 22:45 - 2013-09-23 22:57 - 00000000 ____D C:\Program Files (x86)\MyTuuuuaaaaa
2013-09-23 22:31 - 2013-09-23 23:20 - 00000000 ____D C:\Program Files (x86)\MyTuuuuuuuu
2013-09-23 22:28 - 2013-09-23 22:28 - 00000000 ____D C:\Program Files (x86)\Neuer Ordner
2013-09-23 20:21 - 2013-10-04 18:44 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\MyTunesRSS4
2013-09-23 20:18 - 2013-09-24 16:10 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyTunesRSS
2013-09-23 20:18 - 2013-09-23 22:19 - 00000000 ____D C:\Program Files (x86)\mytunesrss-4.9.7-SNAPSHOT
2013-09-23 19:43 - 2013-09-23 19:43 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Yahoo!
2013-09-22 00:12 - 2013-09-22 22:15 - 00000000 ____D C:\Program Files (x86)\FreeRIP
2013-09-22 00:12 - 2013-09-22 22:14 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeRIP MP3 Converter
2013-09-22 00:12 - 2013-09-22 00:12 - 00000000 ____D C:\ProgramData\FreeRIP MP3 Converter
2013-09-21 20:34 - 2013-09-21 20:34 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-09-21 19:53 - 2013-09-22 22:15 - 00000000 ____D C:\Program Files (x86)\VideoPlayer
2013-09-21 18:59 - 2013-09-22 22:15 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\WebPlayer
2013-09-21 18:59 - 2013-09-22 22:15 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\Minibar
2013-09-21 18:59 - 2013-09-22 22:15 - 00000000 ____D C:\Program Files (x86)\Minibar
2013-09-20 00:29 - 2013-09-20 00:29 - 00000000 ____D C:\Windows\system32\RsFx
2013-09-20 00:28 - 2013-09-20 00:28 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 9.0
2013-09-19 23:04 - 2013-09-19 23:04 - 00000000 ____D C:\ProgramData\EPSON
2013-09-19 20:11 - 2013-09-19 20:11 - 00001063 _____ C:\Users\Pope Greg\Desktop\USB camera - Verknüpfung.lnk
2013-09-19 18:54 - 2013-09-19 18:54 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-19 18:53 - 2013-09-19 18:54 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-19 18:53 - 2013-09-19 18:54 - 00000000 ____D C:\Program Files\iTunes
2013-09-19 18:53 - 2013-09-19 18:54 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-19 18:53 - 2013-09-19 18:53 - 00000000 ____D C:\Program Files\iPod
2013-09-17 20:13 - 2013-09-17 20:13 - 00003222 _____ C:\Windows\System32\Tasks\{A372979D-3926-430A-BBCA-83EE53BD124B}
2013-09-16 16:19 - 2013-09-16 16:19 - 00000000 ____T C:\Windows\system32\DAB Bank GP
2013-09-16 16:19 - 2013-09-16 16:19 - 00000000 _____ C:\Windows\SysWOW64\DAB Bank GP
2013-09-11 16:33 - 2013-09-11 16:57 - 00000000 ____D C:\Users\Pope Greg\Downloads\Erklärungen
2013-09-11 10:50 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-11 10:50 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-11 10:50 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-11 10:50 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-11 10:50 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-11 10:50 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-11 10:50 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-11 10:50 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-11 10:50 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-11 10:50 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-11 10:50 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-11 10:50 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-11 10:50 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-11 10:50 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-11 10:50 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-11 10:50 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-11 10:50 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-11 10:50 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-11 10:50 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-11 10:50 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-11 10:50 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-11 10:49 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-11 10:49 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-11 10:49 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-11 10:49 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-11 10:49 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-11 10:49 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-11 10:49 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-11 10:49 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-11 10:49 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-11 10:49 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-11 03:03 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 03:03 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-11 03:03 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-11 03:03 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-11 03:03 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-11 03:03 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-11 03:03 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-11 03:03 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-11 03:03 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-11 03:03 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-11 03:03 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-11 03:03 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-11 03:03 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-11 03:03 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-11 03:03 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-11 03:03 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-11 03:03 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-11 03:03 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-11 03:03 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-11 03:03 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-11 03:03 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-11 03:03 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 03:03 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 03:03 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-11 03:03 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-11 03:03 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-11 03:03 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-08 20:41 - 2013-09-08 21:10 - 00000000 ___RD C:\Users\Pope Greg\Desktop\HP
2013-09-07 11:39 - 2013-09-07 11:39 - 00000134 _____ C:\Windows\wininit.ini
2013-09-07 08:25 - 2013-09-07 08:25 - 00000000 ____D C:\Program Files (x86)\Veetle
2013-09-05 23:32 - 2013-09-05 23:32 - 00002630 _____ C:\Windows\diagwrn.xml
2013-09-05 23:32 - 2013-09-05 23:32 - 00001908 _____ C:\Windows\diagerr.xml
2013-09-05 21:07 - 2013-09-05 21:07 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\Nero_AG
2013-09-05 21:06 - 2013-09-05 21:07 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\Nero
2013-09-05 15:51 - 2013-09-05 15:51 - 00001057 _____ C:\Users\Public\Desktop\LINE.lnk
2013-09-04 10:57 - 2013-09-05 05:18 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\LogMeIn Rescue Applet
2013-09-04 08:51 - 2013-09-05 11:59 - 00219051 _____ C:\Windows\hpoins47.dat
2013-09-04 07:32 - 2013-10-04 07:37 - 00000412 _____ C:\Windows\Tasks\AllmyappsUpdateTask.job
2013-09-04 07:27 - 2009-12-02 01:00 - 00000601 _____ C:\Windows\hpomdl47.dat

==================== One Month Modified Files and Folders =======

2013-10-04 20:20 - 2013-10-04 13:52 - 00000000 ____D C:\Users\Pope Greg\Downloads\Trojaner Bekämpfung
2013-10-04 20:20 - 2013-08-22 01:40 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Skype
2013-10-04 20:17 - 2013-07-10 07:54 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-04 20:17 - 2013-07-03 03:51 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Ditto
2013-10-04 20:15 - 2013-10-04 20:15 - 04059572 _____ C:\Users\Pope Greg\AppData\Local\soulseek-client.dat.1380910528326
2013-10-04 20:13 - 2013-07-09 19:36 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-10-04 20:11 - 2013-07-14 00:52 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-10-04 20:05 - 2013-07-09 19:15 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2013-10-04 19:58 - 2013-07-10 05:06 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-04 19:57 - 2013-10-04 13:57 - 00000306 _____ C:\Windows\Tasks\DigitalSite.job
2013-10-04 19:47 - 2013-07-25 15:47 - 00000300 _____ C:\Windows\Tasks\DSite.job
2013-10-04 19:15 - 2013-10-04 19:15 - 04059553 _____ C:\Users\Pope Greg\AppData\Local\soulseek-client.dat.1380906928018
2013-10-04 19:07 - 2013-07-10 04:20 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Mp3tag
2013-10-04 18:44 - 2013-09-23 20:21 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\MyTunesRSS4
2013-10-04 18:15 - 2013-10-04 18:15 - 04059572 _____ C:\Users\Pope Greg\AppData\Local\soulseek-client.dat.1380903328000
2013-10-04 18:11 - 2013-10-04 18:11 - 00000000 ____D C:\FRST
2013-10-04 16:35 - 2013-07-03 18:21 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\Apple
2013-10-04 14:38 - 2013-07-03 18:28 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Dropbox
2013-10-04 13:57 - 2013-10-04 13:57 - 00003268 _____ C:\Windows\System32\Tasks\DigitalSite
2013-10-04 13:57 - 2013-10-04 13:57 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\DigitalSite
2013-10-04 13:57 - 2013-07-25 15:47 - 00001110 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-10-04 13:52 - 2013-07-03 03:23 - 01285787 _____ C:\Windows\WindowsUpdate.log
2013-10-04 13:41 - 2013-07-09 11:16 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\EA73FA0A-F5B8-4DEB-A39C-F439CFE7F8A4.aplzod
2013-10-04 07:46 - 2013-07-29 10:04 - 00005164 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for STUDIOPC2-W7FLA-Pope Greg StudioPC2-W7FLA
2013-10-04 07:37 - 2013-09-04 07:32 - 00000412 _____ C:\Windows\Tasks\AllmyappsUpdateTask.job
2013-10-04 02:17 - 2013-07-10 07:54 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-04 02:00 - 2013-07-09 19:14 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\Adobe
2013-10-03 02:06 - 2013-07-10 07:59 - 00002255 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-03 01:56 - 2013-07-10 02:19 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\vlc
2013-10-02 21:59 - 2009-07-14 06:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-02 21:59 - 2009-07-14 06:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-02 21:53 - 2013-07-03 18:43 - 00000000 ___RD C:\Users\Pope Greg\Dropbox
2013-10-02 21:50 - 2013-09-01 03:43 - 00013705 _____ C:\Windows\setupact.log
2013-10-02 21:50 - 2013-07-03 03:35 - 00000000 ____D C:\ProgramData\NVIDIA
2013-10-02 21:50 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-02 04:05 - 2013-10-02 03:57 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Vögel
2013-10-02 03:57 - 2013-10-02 03:57 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Sonstige Pix
2013-10-02 03:57 - 2013-10-02 03:57 - 00000000 ___RD C:\Users\Pope Greg\Downloads\RF2 Logos
2013-10-02 03:57 - 2013-10-02 03:43 - 00000000 ___RD C:\Users\Pope Greg\Downloads\RF2
2013-10-02 03:43 - 2013-10-02 03:42 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Haus
2013-10-02 03:42 - 2013-10-02 03:42 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Greg Privat
2013-10-02 03:42 - 2013-10-02 03:42 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Greg
2013-10-02 03:42 - 2013-10-02 03:38 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Friends & Stuff
2013-10-02 02:36 - 2013-08-22 01:52 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-02 02:36 - 2013-08-22 01:40 - 00000000 ____D C:\ProgramData\Skype
2013-10-02 02:35 - 2013-10-02 02:33 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Aida
2013-10-02 01:53 - 2013-10-02 01:15 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Wuala
2013-10-02 01:51 - 2013-10-02 01:51 - 00000000 ____D C:\Program Files (x86)\SoftwareUpdater
2013-10-02 01:37 - 2013-10-02 01:37 - 00000000 ____D C:\Windows\Sun
2013-10-02 01:36 - 2013-10-02 01:36 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-02 01:36 - 2013-10-02 01:36 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-02 01:36 - 2013-10-02 01:36 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-02 01:36 - 2013-10-02 01:36 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-02 01:36 - 2013-10-02 01:36 - 00000000 ____D C:\ProgramData\Oracle
2013-10-02 01:36 - 2013-10-02 01:36 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-02 01:36 - 2013-10-02 01:16 - 00868264 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-10-02 01:36 - 2013-10-02 01:16 - 00790440 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-10-02 01:33 - 2013-10-02 01:33 - 00000000 ____D C:\Users\Pope Greg\Downloads\Java
2013-10-02 01:23 - 2013-10-02 01:15 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\Wuala
2013-10-02 01:20 - 2013-08-31 16:52 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-02 01:17 - 2013-10-02 01:17 - 00000898 _____ C:\Users\Pope Greg\Desktop\Wuala.lnk
2013-10-02 01:17 - 2013-10-02 01:17 - 00000000 ____D C:\Program Files (x86)\Wuala OverlayIcons
2013-10-02 01:17 - 2013-10-02 01:17 - 00000000 ____D C:\Program Files (x86)\Wuala CBFS
2013-10-02 01:17 - 2013-07-03 03:24 - 00000000 ___RD C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-02 01:15 - 2013-10-02 01:15 - 00000888 _____ C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wuala.lnk
2013-10-02 01:11 - 2013-10-02 01:11 - 00000000 ____D C:\Users\Pope Greg\Downloads\Wuala
2013-10-02 01:02 - 2013-07-03 03:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-30 17:10 - 2013-09-30 17:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-26 22:40 - 2013-09-26 22:40 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2013-09-26 22:40 - 2013-09-26 22:40 - 00000000 ____D C:\Program Files\Unlocker
2013-09-26 22:36 - 2013-09-26 22:36 - 00000000 ____D C:\Users\Pope Greg\Downloads\Unlocker
2013-09-26 22:21 - 2013-09-26 22:21 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2013-09-25 21:08 - 2013-09-25 21:08 - 00004912 _____ C:\Users\Pope Greg\Desktop\CopyTransManager.exe - Verknüpfung.lnk
2013-09-25 19:25 - 2013-09-25 19:25 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\WindSolutions
2013-09-25 19:21 - 2013-09-25 19:21 - 00000000 ____D C:\ProgramData\WindSolutions
2013-09-25 19:21 - 2013-09-25 19:15 - 00000000 ____D C:\Users\Pope Greg\Downloads\CopyTrans
2013-09-24 18:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-24 16:10 - 2013-09-23 20:18 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyTunesRSS
2013-09-23 23:20 - 2013-09-23 22:31 - 00000000 ____D C:\Program Files (x86)\MyTuuuuuuuu
2013-09-23 23:01 - 2013-04-11 18:56 - 00000000 ____D C:\Neuer Ordner
2013-09-23 22:57 - 2013-09-23 22:45 - 00000000 ____D C:\Program Files (x86)\MyTuuuuaaaaa
2013-09-23 22:28 - 2013-09-23 22:28 - 00000000 ____D C:\Program Files (x86)\Neuer Ordner
2013-09-23 22:19 - 2013-09-23 20:18 - 00000000 ____D C:\Program Files (x86)\mytunesrss-4.9.7-SNAPSHOT
2013-09-23 19:43 - 2013-09-23 19:43 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Yahoo!
2013-09-23 19:38 - 2013-09-01 03:43 - 00012046 _____ C:\Windows\PFRO.log
2013-09-23 13:54 - 2013-09-01 05:51 - 00000000 ____D C:\Program Files (x86)\iRobinHood
2013-09-23 13:51 - 2013-08-28 14:19 - 00000000 ____D C:\ProgramData\Yahoo!
2013-09-23 13:51 - 2013-08-28 14:17 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2013-09-23 13:29 - 2013-08-21 05:32 - 00000000 ____D C:\ProgramData\webcam 7
2013-09-23 13:24 - 2013-07-05 07:25 - 00000000 ____D C:\Program Files (x86)\Hardcopy
2013-09-22 22:58 - 2013-07-10 05:06 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-22 22:58 - 2013-07-10 05:06 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-22 22:58 - 2013-07-10 05:06 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-22 22:18 - 2013-07-10 07:54 - 00001922 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-09-22 22:18 - 2013-07-10 07:54 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-09-22 22:17 - 2013-07-03 03:24 - 00000000 ____D C:\Users\Pope Greg
2013-09-22 22:15 - 2013-09-22 00:12 - 00000000 ____D C:\Program Files (x86)\FreeRIP
2013-09-22 22:15 - 2013-09-21 19:53 - 00000000 ____D C:\Program Files (x86)\VideoPlayer
2013-09-22 22:15 - 2013-09-21 18:59 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\WebPlayer
2013-09-22 22:15 - 2013-09-21 18:59 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\Minibar
2013-09-22 22:15 - 2013-09-21 18:59 - 00000000 ____D C:\Program Files (x86)\Minibar
2013-09-22 22:15 - 2013-07-29 12:30 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\IrfanView
2013-09-22 22:15 - 2013-07-10 01:50 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2013-09-22 22:15 - 2013-07-05 01:21 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-09-22 22:14 - 2013-09-22 00:12 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeRIP MP3 Converter
2013-09-22 22:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-09-22 22:11 - 2013-07-03 03:45 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\Mozilla
2013-09-22 00:12 - 2013-09-22 00:12 - 00000000 ____D C:\ProgramData\FreeRIP MP3 Converter
2013-09-21 20:34 - 2013-09-21 20:34 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-09-21 01:39 - 2013-07-06 08:22 - 00009617 _____ C:\ProgramData\hpzinstall.log
2013-09-20 07:23 - 2013-07-26 20:24 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\Apps\2.0
2013-09-20 00:29 - 2013-09-20 00:29 - 00000000 ____D C:\Windows\system32\RsFx
2013-09-20 00:28 - 2013-09-20 00:28 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 9.0
2013-09-19 23:04 - 2013-09-19 23:04 - 00000000 ____D C:\ProgramData\EPSON
2013-09-19 22:02 - 2013-07-26 15:49 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\FRITZ!
2013-09-19 20:11 - 2013-09-19 20:11 - 00001063 _____ C:\Users\Pope Greg\Desktop\USB camera - Verknüpfung.lnk
2013-09-19 18:54 - 2013-09-19 18:54 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-19 18:54 - 2013-09-19 18:53 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-19 18:54 - 2013-09-19 18:53 - 00000000 ____D C:\Program Files\iTunes
2013-09-19 18:54 - 2013-09-19 18:53 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-19 18:53 - 2013-09-19 18:53 - 00000000 ____D C:\Program Files\iPod
2013-09-17 20:13 - 2013-09-17 20:13 - 00003222 _____ C:\Windows\System32\Tasks\{A372979D-3926-430A-BBCA-83EE53BD124B}
2013-09-16 16:19 - 2013-09-16 16:19 - 00000000 ____T C:\Windows\system32\DAB Bank GP
2013-09-16 16:19 - 2013-09-16 16:19 - 00000000 _____ C:\Windows\SysWOW64\DAB Bank GP
2013-09-16 03:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-16 02:49 - 2013-09-01 05:52 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\Smartbar
2013-09-14 18:06 - 2013-07-06 08:26 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\HpUpdate
2013-09-13 17:01 - 2013-07-31 17:16 - 00001009 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-09-11 16:57 - 2013-09-11 16:33 - 00000000 ____D C:\Users\Pope Greg\Downloads\Erklärungen
2013-09-11 11:00 - 2013-07-03 03:24 - 00000000 ___RD C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-11 11:00 - 2009-07-14 06:45 - 05055376 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-11 10:49 - 2013-07-24 03:04 - 00000000 ____D C:\Windows\system32\MRT
2013-09-11 10:47 - 2013-07-09 03:04 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-10 01:48 - 2013-07-27 12:47 - 00000061 _____ C:\Users\Pope Greg\AppData\Roaming\WB.CFG
2013-09-08 21:10 - 2013-09-08 20:41 - 00000000 ___RD C:\Users\Pope Greg\Desktop\HP
2013-09-07 11:39 - 2013-09-07 11:39 - 00000134 _____ C:\Windows\wininit.ini
2013-09-07 09:02 - 2013-04-11 17:59 - 00000000 ____D C:\Software
2013-09-07 08:25 - 2013-09-07 08:25 - 00000000 ____D C:\Program Files (x86)\Veetle
2013-09-07 06:56 - 2009-07-14 04:34 - 00000904 _____ C:\Windows\win.ini
2013-09-05 23:32 - 2013-09-05 23:32 - 00002630 _____ C:\Windows\diagwrn.xml
2013-09-05 23:32 - 2013-09-05 23:32 - 00001908 _____ C:\Windows\diagerr.xml
2013-09-05 23:32 - 2013-09-01 03:43 - 00000000 _____ C:\Windows\setuperr.log
2013-09-05 21:07 - 2013-09-05 21:07 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\Nero_AG
2013-09-05 21:07 - 2013-09-05 21:06 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\Nero
2013-09-05 15:51 - 2013-09-05 15:51 - 00001057 _____ C:\Users\Public\Desktop\LINE.lnk
2013-09-05 11:59 - 2013-09-04 08:51 - 00219051 _____ C:\Windows\hpoins47.dat
2013-09-05 10:20 - 2009-07-14 19:58 - 00657566 _____ C:\Windows\system32\perfh007.dat
2013-09-05 10:20 - 2009-07-14 19:58 - 00130882 _____ C:\Windows\system32\perfc007.dat
2013-09-05 10:20 - 2009-07-14 07:13 - 01507370 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-05 05:18 - 2013-09-04 10:57 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\LogMeIn Rescue Applet
2013-09-04 07:32 - 2013-09-01 03:52 - 00003084 _____ C:\Windows\System32\Tasks\AllmyappsUpdateTask
2013-09-04 05:32 - 2013-07-06 08:22 - 00000000 ____D C:\ProgramData\HP
2013-09-04 05:32 - 2013-07-06 08:22 - 00000000 ____D C:\Program Files (x86)\HP

Some content of TEMP:
====================
C:\Users\Pope Greg\AppData\Local\Temp\AskSLib.dll
C:\Users\Pope Greg\AppData\Local\Temp\instloffer.exe
C:\Users\Pope Greg\AppData\Local\Temp\Player_Setup.exe
C:\Users\Pope Greg\AppData\Local\Temp\SmartbarExeInstaller.exe
C:\Users\Pope Greg\AppData\Local\Temp\webcake.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-02 06:57

==================== End Of Log ============================
--- --- ---



2) Additional ScanFRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by Pope Greg at 2013-10-04 20:22:35
Running from C:\Users\Pope Greg\Downloads\Trojaner Bekämpfung
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

325 USB PC Camera (x32 Version: 0.6.0.001)
64 Bit HP CIO Components Installer (Version: 7.2.8)
7-Zip 9.20 (x32)
7-Zip 9.22 (x64 edition) (Version: 9.22.00.0)
Adobe Acrobat XI Pro (x32 Version: 11.0.04)
Adobe Creative Cloud (x32 Version: 2.1.1.220)
Adobe Extension Manager CC (x32 Version: 7.0)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.175)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Allmyapps (HKCU Version: 2.0.0.16)
Allway Sync version 12.15.1 (x32)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
ASIO4ALL (x32 Version: 2.10)
Audio-CD-Archiv v7 (x32 Version: 7.00.723)
Aurora 25.0a2 (x86 en-US) (x32 Version: 25.0a2)
avast! Free Antivirus (x32 Version: 8.0.1497.0)
AVM FRITZ!fax für FRITZ!Box (x32)
B110 (x32 Version: 140.0.142.000)
Bonjour (Version: 3.0.0.10)
Bonjour-Druckdienste (Version: 2.0.2.0)
BufferChm (x32 Version: 140.0.212.000)
CCleaner (Version: 4.05)
CDLIB 4.0 (x32 Version: 4.0)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition
Destinations (x32 Version: 140.0.77.000)
DeviceDiscovery (x32 Version: 140.0.212.000)
Digital DJ (x32 Version: 2.0)
Ditto (x32)
Documents To Go Desktop für iOS (x32 Version: 4.0001.010)
Dropbox (HKCU Version: 2.2.13)
Evernote v. 4.6.7 (x32 Version: 4.6.7.8409)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.31.0)
Google Chrome (x32 Version: 30.0.1599.66)
Google Update Helper (x32 Version: 1.3.21.153)
GPBaseService2 (x32 Version: 140.0.211.000)
Hardcopy (x32 Version: 2013.02.18)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (Version: 14.0)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Update (x32 Version: 5.005.000.001)
HPAppStudio (x32 Version: 140.0.95.000)
HPDiagnosticAlert (x32 Version: 1.00.0000)
HPPhotoGadget (x32 Version: 140.0.524.000)
HPProductAssistant (x32 Version: 140.0.212.000)
HPSSupply (x32 Version: 140.0.211.000)
iCloud (Version: 3.0.2.163)
IrfanView (remove only) (x32 Version: 4.36)
iTunes (Version: 11.1.0.126)
Java 7 Update 40 (x32 Version: 7.0.400)
Java Auto Updater (x32 Version: 2.1.9.8)
JDownloader 2 (Version: 2.0)
LightScribe System Software (x32 Version: 1.18.27.10)
LINE (x32 Version: 3.2.0.76)
Lunascape6 (All Users) (x32 Version: 6.8.8.26908)
MAGIX Audio Cleaning Lab MX (x32 Version: 18.0.0.7)
MAGIX Screenshare (x32 Version: 4.3.6.1987)
MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6)
MarketResearch (x32 Version: 140.0.212.000)
mBackup (x32 Version: 3.01)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017)
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017)
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017)
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)
Mp3tag v2.57 (x32 Version: v2.57)
mSecure (x32 Version: 3.114)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
Nero 12 (x32 Version: 12.0.01600)
Nero 12 Content Pack (x32 Version: 12.0.00100)
Nero Abstract Themes (x32 Version: 12.0.11500)
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0)
Nero BackItUp (x32 Version: 12.5.7000)
Nero BackItUp Help (CHM) (x32 Version: 12.0.13000)
Nero Blu-ray Player (x32 Version: 12.0.20014)
Nero Blu-ray Player Help (CHM) (x32 Version: 12.0.9000)
Nero Burning ROM (x32 Version: 12.5.6000)
Nero Burning ROM Help (CHM) (x32 Version: 12.0.3000)
Nero Cliparts (x32 Version: 12.0.11500)
Nero ControlCenter (x32 Version: 11.0.15600)
Nero ControlCenter Help (CHM) (x32 Version: 12.0.12000)
Nero Core Components (x32 Version: 11.0.20900)
Nero Disc Menus 1 (x32 Version: 12.0.11500)
Nero Disc Menus 2 (x32 Version: 12.0.11500)
Nero Disc Menus 3 (x32 Version: 12.0.11500)
Nero Disc Menus Basic (x32 Version: 12.0.11500)
Nero Effects Basic (x32 Version: 12.0.11500)
Nero Express (x32 Version: 12.5.6000)
Nero Express Help (CHM) (x32 Version: 12.0.13000)
Nero Family and Events Themes (x32 Version: 12.0.11500)
Nero Football (Soccer) Themes (x32 Version: 12.0.11500)
Nero Holiday and Sports Themes (x32 Version: 12.0.11500)
Nero Image Samples (x32 Version: 12.0.11500)
Nero Kwik Media (x32 Version: 1.18.20100)
Nero Kwik Media (x32 Version: 11.0.16401)
Nero Kwik Media Help (CHM) (x32 Version: 12.0.12000)
Nero Kwik Themes Basic (x32 Version: 12.0.11500)
Nero PiP Effects 1 (x32 Version: 12.0.11500)
Nero PiP Effects Basic (x32 Version: 12.0.11500)
Nero Platinum Effects 12 (x32 Version: 12.0.11500)
Nero Recode (x32 Version: 12.5.6000)
Nero Recode Help (CHM) (x32 Version: 12.0.12000)
Nero RescueAgent (x32 Version: 12.0.11000)
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000)
Nero Retro Film Themes (x32 Version: 12.0.11700)
Nero SharedVideoCodecs (x32 Version: 1.0.12100.2.0)
Nero Update (x32 Version: 11.0.11800.31.0)
Nero Video (x32 Version: 12.5.4000)
Nero Video Help (CHM) (x32 Version: 12.0.12000)
Nero Video Samples (x32 Version: 12.0.11500)
Nero Video Transitions 1 (x32 Version: 12.0.11500)
nero.prerequisites.msi (x32 Version: 11.0.20008)
Network64 (Version: 140.0.212.000)
Network64 (Version: 140.0.221.000)
No23 Recorder (x32 Version: 2.1.0.3)
NVIDIA 3D Vision Treiber 311.06 (Version: 311.06)
NVIDIA Grafiktreiber 311.06 (Version: 311.06)
NVIDIA HD-Audiotreiber 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.109.718)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106)
NVIDIA Systemsteuerung 311.06 (Version: 311.06)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
Open It! (x32 Version: 1.1.1)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017)
Paint Shop Pro 7 (x32 Version: 7.0.0.0000)
Prerequisite installer (x32 Version: 12.0.0003)
PS_AIO_07_B110_SW_Min (x32 Version: 140.0.142.000)
QuickShare (x32 Version: 1.146.60.12450)
QuickTransfer (x32 Version: 140.0.98.000)
Scan (x32 Version: 140.0.77.000)
Shop for HP Supplies (Version: 14.0)
Skype™ 6.7 (x32 Version: 6.7.102)
SmartWebPrinting (x32 Version: 140.0.186.000)
SoftwareUpdater (x32)
SolutionCenter (x32 Version: 140.0.211.000)
SoulseekQt (x32)
Status (x32 Version: 140.0.212.000)
TeamViewer 8 (x32 Version: 8.0.20935)
Toolbox (x32 Version: 140.0.424.000)
TrayApp (x32 Version: 140.0.212.000)
Unlocker 1.9.2 (Version: 1.9.2)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft Access 2013 (KB2760350) 64-Bit Edition
Update for Microsoft Excel 2013 (KB2760339) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2768004) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726961) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition
Update for Microsoft Office 2013 (KB2737954) 64-Bit Edition
Update for Microsoft Office 2013 (KB2752025) 64-Bit Edition
Update for Microsoft Office 2013 (KB2752094) 64-Bit Edition
Update for Microsoft Office 2013 (KB2752101) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760343) 64-Bit Edition
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition
Update for Microsoft Office 2013 (KB2767860) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768333) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768349) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768355) 64-Bit Edition
Update for Microsoft Office 2013 (KB2810010) 64-Bit Edition
Update for Microsoft OneNote 2013 (KB2760334) 64-Bit Edition
Update for Microsoft OneNote 2013 (KB2768011) 64-Bit Edition
Update for Microsoft Outlook 2013 (KB2810015) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2726947) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2727013) 64-Bit Edition
Update for Microsoft SkyDrive Pro (KB2810019) 64-Bit Edition
Update for Microsoft Visio 2013 (KB2810008) 64-Bit Edition
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition
Update for Microsoft Word 2013 (KB2752073) 64-Bit Edition
Update for Microsoft Word 2013 (KB2768007) 64-Bit Edition
Update for Microsoft Word 2013 (KB2768337) 64-Bit Edition
Update for Zip Extractor (HKCU)
Update for Zip Opener (HKCU)
Veetle TV (x32 Version: 0.9.19)
VirtualCloneDrive (x32)
VirtualDJ Home FREE (x32 Version: 7.4)
VLC media player 2.0.8 (Version: 2.0.8)
WebReg (x32 Version: 140.0.212.017)
Welcome App (Start-up experience) (x32 Version: 12.0.15000)
Wuala (HKCU Version: 1.0.444.0)
Wuala CBFS (x32 Version: 3.2.107.0)
Wuala OverlayIcons (x32 Version: 1.0.0.2)
Yahoo! Messenger (x32)

==================== Restore Points  =========================

02-07-2013 03:18:12 Mist 02072013
02-07-2013 13:10:56 Installed Microsoft Fix it 50494
02-07-2013 22:49:43 Uniblue DriverScanner installation
03-07-2013 02:04:47 Windows Update
06-07-2013 20:33:45 Windows Update
08-07-2013 08:01:44 Windows-Sicherung

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-07-14 01:09 - 00001103 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 lm.licenses.adobe.com8
127.0.0.1                   activate.adobe.com
127.0.0.1                   practivate.adobe.com


==================== Scheduled Tasks (whitelisted) =============

Task: {0207F454-5259-4B0B-912A-EDC97B6E21D9} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {07EE7B3A-B25B-4D94-B652-5C5FC6A2F5E0} - System32\Tasks\Microsoft Office 15 Sync Maintenance for STUDIOPC2-W7FLA-Pope Greg StudioPC2-W7FLA => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {0D14C620-BFF6-4369-BD3F-79B9463B287D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software)
Task: {21857FCD-CFFA-49E2-9654-7032A3D7C4CE} - System32\Tasks\{E2C37CCD-A315-4124-9850-358A9C6D5292} => C:\Users\Pope Greg\AppData\Local\JDownloader v2.0\JDownloader2.exe [2013-07-01] (AppWork GmbH)
Task: {38673851-1A47-48E1-9085-5891E05EF3FE} - System32\Tasks\DSite => C:\Users\Pope Greg\AppData\Roaming\DSite\UpdateProc\UpdateTask.exe [2013-07-25] ()
Task: {3F6C592D-6850-488C-8723-6B38D9218687} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-22] (Adobe Systems Incorporated)
Task: {46FB446B-0084-43C2-8C2F-37E143084D03} - System32\Tasks\hcdll2_ex_Win32 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe [2012-11-08] ()
Task: {55156566-2020-4E89-A302-36F06AE4D1CA} - System32\Tasks\{53C696E8-75AD-48E7-BE9B-CC805EA1BDA1} => C:\Users\Pope Greg\AppData\Local\JDownloader v2.0\JDownloader2.exe [2013-07-01] (AppWork GmbH)
Task: {603A84F4-539B-432A-9A26-7254D174F39A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7CA2E1FA-0792-4A76-B2BE-B6202333715A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {941DD9C7-85E5-4539-A3D5-0652303757B4} - System32\Tasks\DigitalSite => C:\Users\Pope Greg\AppData\Roaming\DigitalSite\UpdateProc\UpdateTask.exe [2013-04-12] ()
Task: {B41A918F-0130-4626-BC1A-5B608BCFBE18} - System32\Tasks\AllmyappsUpdateTask => C:\Users\Pope Greg\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe [2013-09-04] ()
Task: {BC8B31C1-6200-4BE3-B0FD-7A69C0FDA3D0} - System32\Tasks\hcdll2_ex_x64 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe [2012-11-08] ()
Task: {BFC5180B-8930-498F-8216-2D3A7C595836} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-10] (Google Inc.)
Task: {CA30E430-247B-481E-8B0F-FAEA41477026} - System32\Tasks\{BE745A74-89DB-4BE7-89E1-367CE96DB781} => C:\Users\Pope Greg\AppData\Local\JDownloader v2.0\JDownloader2.exe [2013-07-01] (AppWork GmbH)
Task: {E04FA123-0099-482A-B301-EAB169270541} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-10] (Google Inc.)
Task: {EE8A5389-1BF5-4A3B-88A6-07DCF99EDCC3} - System32\Tasks\AdobeAAMUpdater-1.0-STUDIOPC2-W7FLA-Pope Greg => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-13] (Adobe Systems Incorporated)
Task: {FC294429-14E8-46BA-8690-236C49E1E818} - System32\Tasks\{271A1801-3217-4C5C-8108-8071D2FE5969} => Firefox.exe hxxp://ui.skype.com/ui/0/6.7.0.102/de/abandoninstall?source=lightinstaller&page=tsPlugin
Task: {FC869878-90B3-4F27-B699-195F14B8F401} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AllmyappsUpdateTask.job => C:\Users\Pope Greg\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe
Task: C:\Windows\Tasks\DigitalSite.job => C:\Users\POPEGR~1\AppData\Roaming\DIGITA~2\UPDATE~1\UPDATE~1.EXE
Task: C:\Windows\Tasks\DSite.job => C:\Users\POPEGR~1\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-07-28 14:19 - 2012-07-30 10:28 - 00125504 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_38_x64.dll
2013-08-30 10:01 - 2013-08-17 00:32 - 03357040 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2013-05-11 12:38 - 2013-05-11 12:38 - 00131072 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Locale\de_de\PDFMaker\PDFMOutlookAddin.DEU
2013-05-11 12:37 - 2013-05-11 12:37 - 04891368 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\PDFMaker\Common\X64\AdobePDFMakerX.dll
2013-05-11 12:38 - 2013-05-11 12:38 - 01446912 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Locale\de_DE\PDFMaker\AdobePDFMakerX.DEU
2012-10-01 20:36 - 2012-10-01 20:36 - 01408624 _____ () C:\Program Files\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll
2013-10-04 13:59 - 2013-10-04 11:57 - 02104832 _____ () C:\Program Files\AVAST Software\Avast\defs\13100400\algo.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-07-28 14:19 - 2012-07-30 10:27 - 00116800 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_38_Win32.dll
2013-07-28 14:19 - 2012-07-05 15:56 - 00052800 _____ () C:\Program Files (x86)\Hardcopy\hardcopy_05.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-01-16 11:58 - 2013-01-16 11:58 - 02408448 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2013-01-16 11:58 - 2013-01-16 11:58 - 08626176 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2013-01-16 11:58 - 2013-01-16 11:58 - 00212992 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00033560 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00055064 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00149784 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00111896 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 01808152 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00055576 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00012568 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00048408 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.Personalization.Settings.PublisherSettingsManager.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00725272 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00081176 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00013592 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00016664 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00029464 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.Resources.Utilities.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00019736 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.Resources.SideBySide.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00057112 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00013592 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll
2013-09-01 05:52 - 2013-09-01 05:52 - 00911128 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00014104 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00051480 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00047384 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2013-09-14 21:50 - 2013-09-14 21:50 - 00025368 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00024856 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00245528 _____ () C:\Users\Pope Greg\AppData\Local\Smartbar\Application\Smartbar.Resources.NetSeer.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\acrotray.deu
2013-09-03 15:25 - 2013-08-19 22:12 - 32726528 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2013-03-13 22:48 - 2013-03-13 22:48 - 24978944 _____ () C:\Users\Pope Greg\AppData\Roaming\Dropbox\bin\libcef.dll
2012-09-08 13:16 - 2012-09-08 13:16 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2012-09-08 13:16 - 2012-09-08 13:16 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2013-07-28 14:19 - 2013-02-13 11:22 - 02920952 _____ () C:\Program Files (x86)\Hardcopy\HcDllS.dll
2013-03-13 13:42 - 2013-06-05 14:21 - 00071560 _____ () C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll
2013-10-02 01:23 - 2013-10-02 01:23 - 00165376 _____ () C:\Users\Pope Greg\AppData\Local\Wuala\Program0\lib.446\orangevolt-4n-1.1.2.dll
2013-10-02 01:23 - 2013-10-02 01:23 - 00370688 _____ () C:\Users\Pope Greg\AppData\Local\Wuala\Program0\lib.446\jcbfs3.dll
2013-08-30 10:00 - 2013-08-17 00:32 - 00381808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CCInvokeAAM.dll
2009-01-10 20:32 - 2009-01-10 20:32 - 00011362 _____ () C:\Program Files (x86)\SoulseekQt\mingwm10.dll
2009-06-23 04:42 - 2009-06-23 04:42 - 00043008 _____ () C:\Program Files (x86)\SoulseekQt\libgcc_s_dw2-1.dll
2009-07-13 23:03 - 2009-07-14 03:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2013-10-02 21:34 - 2013-10-03 02:11 - 00018724 ____T () C:\Users\Pope Greg\AppData\Roaming\Microsoft\bass.dll
2013-10-02 21:34 - 2013-10-03 02:11 - 00014456 ____T () C:\Users\Pope Greg\AppData\Roaming\Microsoft\mjcriu.dll
2013-08-31 17:12 - 2013-08-31 17:12 - 00119848 _____ () C:\Program Files (x86)\Naver\LINE\PlayerHelper.dll
2013-09-23 15:28 - 2013-09-23 15:28 - 02421280 _____ () C:\Program Files (x86)\Naver\LINE\amp-dll.dll
2013-09-30 17:08 - 2013-09-30 17:08 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-11 01:58 - 2013-09-11 01:58 - 16177544 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Audiocontroller für Multimedia
Description: Audiocontroller für Multimedia
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Videocontroller für Multimedia
Description: Videocontroller für Multimedia
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Coprozessor
Description: Coprozessor
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/04/2013 04:32:49 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ApplePhotoStreams.exe, Version: 7.12.44.1, Zeitstempel: 0x516e136b
Name des fehlerhaften Moduls: MSVCR80.dll, Version: 8.0.50727.6195, Zeitstempel: 0x4dcddbf3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00028989
ID des fehlerhaften Prozesses: 0xb98
Startzeit der fehlerhaften Anwendung: 0xApplePhotoStreams.exe0
Pfad der fehlerhaften Anwendung: ApplePhotoStreams.exe1
Pfad des fehlerhaften Moduls: ApplePhotoStreams.exe2
Berichtskennung: ApplePhotoStreams.exe3

Error: (10/04/2013 01:10:48 PM) (Source: Application Hang) (User: )
Description: Programm Evernote.exe, Version 4.6.7.8409 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2474

Startzeit: 01cec0761be93000

Endzeit: 2301

Anwendungspfad: C:\Program Files (x86)\Evernote\Evernote\Evernote.exe

Berichts-ID: 98c875f1-2ce5-11e3-911a-002421ded394

Error: (10/03/2013 10:21:04 PM) (Source: Application Hang) (User: )
Description: Programm Evernote.exe, Version 4.6.7.8409 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 21e8

Startzeit: 01cebfdf8d724eb0

Endzeit: 46

Anwendungspfad: C:\Program Files (x86)\Evernote\Evernote\Evernote.exe

Berichts-ID: 4fa38e91-2c69-11e3-911a-002421ded394

Error: (10/03/2013 01:07:19 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Mp3tag.exe, Version: 2.57.0.0, Zeitstempel: 0x51d81ce7
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x08d2fd24
ID des fehlerhaften Prozesses: 0x1c18
Startzeit der fehlerhaften Anwendung: 0xMp3tag.exe0
Pfad der fehlerhaften Anwendung: Mp3tag.exe1
Pfad des fehlerhaften Moduls: Mp3tag.exe2
Berichtskennung: Mp3tag.exe3

Error: (10/03/2013 00:33:00 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Mp3tag.exe, Version: 2.57.0.0, Zeitstempel: 0x51d81ce7
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x06d0fcac
ID des fehlerhaften Prozesses: 0xc6c
Startzeit der fehlerhaften Anwendung: 0xMp3tag.exe0
Pfad der fehlerhaften Anwendung: Mp3tag.exe1
Pfad des fehlerhaften Moduls: Mp3tag.exe2
Berichtskennung: Mp3tag.exe3

Error: (10/03/2013 00:30:22 AM) (Source: Application Hang) (User: )
Description: Programm Mp3tag.exe, Version 2.57.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1e88

Startzeit: 01cebfbd6e566920

Endzeit: 10

Anwendungspfad: C:\Program Files (x86)\Mp3tag\Mp3tag.exe

Berichts-ID: 36d080b1-2bb2-11e3-911a-002421ded394

Error: (10/03/2013 00:23:32 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Mp3tag.exe, Version: 2.57.0.0, Zeitstempel: 0x51d81ce7
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000d
ID des fehlerhaften Prozesses: 0x1e88
Startzeit der fehlerhaften Anwendung: 0xMp3tag.exe0
Pfad der fehlerhaften Anwendung: Mp3tag.exe1
Pfad des fehlerhaften Moduls: Mp3tag.exe2
Berichtskennung: Mp3tag.exe3

Error: (10/02/2013 11:39:15 PM) (Source: Application Error) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm Firefox wurde wegen dieses Fehlers geschlossen.

Programm: Firefox
Datei: 

Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
	- diese sich im Netzwerk befindet, 
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
	- diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt. 
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.

Zusätzliche Daten
Fehlerwert: 00000000
Datenträgertyp: 0

Error: (10/02/2013 11:39:15 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 24.0.0.5001, Zeitstempel: 0x522fd29f
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000096
Fehleroffset: 0x286af4bc
ID des fehlerhaften Prozesses: 0x159c
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3

Error: (10/02/2013 11:34:32 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 24.0.0.5001, Zeitstempel: 0x522fd29f
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x2e05f9e8
ID des fehlerhaften Prozesses: 0x159c
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3


System errors:
=============
Error: (10/04/2013 02:13:14 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (10/02/2013 05:49:35 AM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070420

Error: (10/02/2013 05:45:26 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎02.‎10.‎2013 um 05:43:32 unerwartet heruntergefahren.

Error: (10/02/2013 01:20:52 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "TeamViewer 8" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (10/02/2013 01:20:52 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst TeamViewer 8 erreicht.

Error: (10/02/2013 01:03:48 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Software Updater" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (10/02/2013 01:03:48 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Software Updater erreicht.

Error: (10/02/2013 01:02:33 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎02.‎10.‎2013 um 01:01:05 unerwartet heruntergefahren.

Error: (09/30/2013 09:44:25 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (09/30/2013 09:43:59 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.


Microsoft Office Sessions:
=========================
Error: (10/04/2013 04:32:49 PM) (Source: Application Error)(User: )
Description: ApplePhotoStreams.exe7.12.44.1516e136bMSVCR80.dll8.0.50727.61954dcddbf3c000000500028989b9801cebfa8ed4dd8e0C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exeC:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dlld7563070-2d01-11e3-911a-002421ded394

Error: (10/04/2013 01:10:48 PM) (Source: Application Hang)(User: )
Description: Evernote.exe4.6.7.8409247401cec0761be930002301C:\Program Files (x86)\Evernote\Evernote\Evernote.exe98c875f1-2ce5-11e3-911a-002421ded394

Error: (10/03/2013 10:21:04 PM) (Source: Application Hang)(User: )
Description: Evernote.exe4.6.7.840921e801cebfdf8d724eb046C:\Program Files (x86)\Evernote\Evernote\Evernote.exe4fa38e91-2c69-11e3-911a-002421ded394

Error: (10/03/2013 01:07:19 AM) (Source: Application Error)(User: )
Description: Mp3tag.exe2.57.0.051d81ce7unknown0.0.0.000000000c000000508d2fd241c1801cebfc0e25b4f40C:\Program Files (x86)\Mp3tag\Mp3tag.exeunknown62aeb850-2bb7-11e3-911a-002421ded394

Error: (10/03/2013 00:33:00 AM) (Source: Application Error)(User: )
Description: Mp3tag.exe2.57.0.051d81ce7unknown0.0.0.000000000c000000506d0fcacc6c01cebfbf042a2a30C:\Program Files (x86)\Mp3tag\Mp3tag.exeunknown97553660-2bb2-11e3-911a-002421ded394

Error: (10/03/2013 00:30:22 AM) (Source: Application Hang)(User: )
Description: Mp3tag.exe2.57.0.01e8801cebfbd6e56692010C:\Program Files (x86)\Mp3tag\Mp3tag.exe36d080b1-2bb2-11e3-911a-002421ded394

Error: (10/03/2013 00:23:32 AM) (Source: Application Error)(User: )
Description: Mp3tag.exe2.57.0.051d81ce7unknown0.0.0.000000000c00000050000000d1e8801cebfbd6e566920C:\Program Files (x86)\Mp3tag\Mp3tag.exeunknown44900dc0-2bb1-11e3-911a-002421ded394

Error: (10/02/2013 11:39:15 PM) (Source: Application Error)(User: )
Description: Firefox000000000

Error: (10/02/2013 11:39:15 PM) (Source: Application Error)(User: )
Description: firefox.exe24.0.0.5001522fd29funknown0.0.0.000000000c0000096286af4bc159c01cebfb36211bd40C:\Program Files (x86)\Mozilla Firefox\firefox.exeunknown151bfaa0-2bab-11e3-911a-002421ded394

Error: (10/02/2013 11:34:32 PM) (Source: Application Error)(User: )
Description: firefox.exe24.0.0.5001522fd29funknown0.0.0.000000000c00000052e05f9e8159c01cebfb36211bd40C:\Program Files (x86)\Mozilla Firefox\firefox.exeunknown6c9a2960-2baa-11e3-911a-002421ded394


==================== Memory info =========================== 

Percentage of memory in use: 75%
Total physical RAM: 4095.24 MB
Available physical RAM: 988.42 MB
Total Pagefile: 8188.67 MB
Available Pagefile: 2580.05 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:488.57 GB) (Free:156.88 GB) NTFS
Drive d: (Interne HD) (Fixed) (Total:1397.14 GB) (Free:471.16 GB) NTFS
Drive e: () (Fixed) (Total:340.61 GB) (Free:34.44 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (DATA) (Fixed) (Total:391.61 GB) (Free:158.41 GB) NTFS
Drive p: (PopeGregAccount) (Network) (Total:2844.72 GB) (Free:1972.19 GB) NTFS
Drive w: (Wuala) (Network) (Total:5 GB) (Free:0 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: FCD6DD83)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Not Active) - (Size=392 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=341 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=489 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: 00000000)

Partition: GPT Partition Type
==================== End Of Log ============================
--- --- ---
Alt 05.10.2013, 15:03   #8
aharonov
/// TB-Ausbilder
 
snap.do Generve - Standard

snap.do Generve


Ok.


Schritt 1

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



Schritt 2

Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.
__________________
cheers,
Leo

Alt 13.10.2013, 12:36   #9
aharonov
/// TB-Ausbilder
 
snap.do Generve - Standard

snap.do Generve


Hi,

ich hab schon länger keine Antwort mehr von dir erhalten. Brauchst du weiterhin noch Hilfe?

Wenn ich in den nächsten 24 Stunden nichts von dir höre, gehe ich davon aus, dass sich das Thema erledigt hat und lösche es aus meinen Abos.
__________________
cheers,
Leo

Alt 16.10.2013, 12:20   #10
aharonov
/// TB-Ausbilder
 
snap.do Generve - Standard

snap.do Generve


Fehlende Rückmeldung
Dieses Thema wurde aus meinen Abos gelöscht. Somit bekomme ich keine Benachrichtigung mehr über neue Antworten.
Schreib mir eine PM, falls du das Thema doch wieder fortsetzen möchtest. Dann machen wir hier weiter.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass dein Rechner schon sauber ist.

Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.
__________________
cheers,
Leo

Alt 17.10.2013, 13:42   #11
popegreg
 
snap.do Generve - Standard

snap.do Generve


Besten Dank!

Hier jetzt die Kopie der beiden letzten Schritte mit AdwCleaner:

Schritt 1:AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.008 - Bericht erstellt am 17/10/2013 um 13:58:10
# Updated 17/10/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Pope Greg - STUDIOPC2-W7FLA
# Gestartet von : C:\Users\Pope Greg\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\okitspace
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\BrowserDefender
Ordner Gelöscht : C:\ProgramData\Uniblue\DriverScanner
Ordner Gelöscht : C:\Program Files (x86)\FreeRIP
Ordner Gelöscht : C:\Program Files (x86)\openit
Ordner Gelöscht : C:\Program Files (x86)\PC Speed Maximizer
Ordner Gelöscht : C:\Users\POPEGR~1\AppData\Local\Temp\eIntaller
Ordner Gelöscht : C:\Users\Pope Greg\AppData\LocalLow\Smartbar
Ordner Gelöscht : C:\Users\Pope Greg\AppData\Roaming\digitalsite
Ordner Gelöscht : C:\Users\Pope Greg\AppData\Roaming\DSite
Ordner Gelöscht : C:\Users\Pope Greg\AppData\Roaming\PerformerSoft
Ordner Gelöscht : C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\8af2e526-8c09-42dc-8d01-1001b936572c@5f890a75-ea43-44fa-9c15-0da08497ff9d.com
Ordner Gelöscht : C:\Users\Pope Greg\AppData\Local\Google\Chrome\User Data\Default\Extensions\feignjcdbggijogkdpeljgllgehempia
Datei Gelöscht : C:\Users\Public\Desktop\Open It!.lnk
Datei Gelöscht : C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\searchplugins\Conduit.xml
Datei Gelöscht : C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\user.js
Datei Gelöscht : C:\Windows\Tasks\digitalsite.job
Datei Gelöscht : C:\Windows\System32\Tasks\digitalsite
Datei Gelöscht : C:\Windows\Tasks\DSite.job
Datei Gelöscht : C:\Windows\System32\Tasks\DSite

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarDisplayState
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Cr_Installer
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKCU\Software\InstalledThirdPartyPrograms
Schlüssel Gelöscht : HKCU\Software\lollipop
Schlüssel Gelöscht : HKCU\Software\smartbar
Schlüssel Gelöscht : HKCU\Software\smartbarbackup
Schlüssel Gelöscht : HKCU\Software\smartbarlog
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\smartbar
Schlüssel Gelöscht : HKLM\Software\PIP
Schlüssel Gelöscht : HKLM\Software\Uniblue\DriverScanner
Schlüssel Gelöscht : HKLM\Software\Vittalia
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\lollipop
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OpenIt Open It!
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16720

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v24.0 (de)

[ Datei : C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\prefs.js ]

Zeile gelöscht : user_pref("extensions.crossrider.bic", "141bd96f7ee9bf15bdb332026e4c4078");
Zeile gelöscht : user_pref("extensions.ffxtlbr@delta.com.install-event-fired", true);
Zeile gelöscht : user_pref("extensions.ividi.hpOld0", "hxxp://search.conduit.com/?ctid=CT3297959&CUI=UN16268468495357152&UM=1&SearchSource=13");

-\\ Google Chrome v30.0.1599.69

[ Datei : C:\Users\Pope Greg\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht : homepage
Gelöscht : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [9641 octets] - [17/10/2013 13:16:01]
AdwCleaner[S0].txt - [8015 octets] - [17/10/2013 13:58:10]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8075 octets] ##########
--- --- ---

Schritt 2:AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.008 - Bericht erstellt am 17/10/2013 um 14:18:10
# Updated 17/10/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Pope Greg - STUDIOPC2-W7FLA
# Gestartet von : C:\Users\Pope Greg\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Pope Greg\AppData\Local\Google\Chrome\User Data\Default\Extensions\feignjcdbggijogkdpeljgllgehempia

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16720


-\\ Mozilla Firefox v24.0 (de)

[ Datei : C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\prefs.js ]


-\\ Google Chrome v30.0.1599.69

[ Datei : C:\Users\Pope Greg\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [9641 octets] - [17/10/2013 13:16:01]
AdwCleaner[R1].txt - [1197 octets] - [17/10/2013 14:14:32]
AdwCleaner[S0].txt - [8207 octets] - [17/10/2013 13:58:10]
AdwCleaner[S1].txt - [1119 octets] - [17/10/2013 14:18:10]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1179 octets] ##########
--- --- ---

Nochmals Vielen Dank!

Vergessen:

Was ist eigentlich Anti-PUP? Der Begriff taucht bei den Ratschlägen im AdwCleaner auf?

Alt 17.10.2013, 13:48   #12
aharonov
/// TB-Ausbilder
 
snap.do Generve - Standard

snap.do Generve


Und jetzt noch ein frisches FRST-Log:


Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.
__________________
cheers,
Leo

Alt 17.10.2013, 16:05   #13
popegreg
 
snap.do Generve - Standard

snap.do Generve


Ich denke mal, Du meinst nicht 'Scan' sondern 'Suchen'. Is ja auch egal, bin gerade dabei. Poste es Dir asap.

Alt 17.10.2013, 16:41   #14
aharonov
/// TB-Ausbilder
 
snap.do Generve - Standard

snap.do Generve


Ich meine FRST und nicht nochmals AdwCleaner. Und dort den Button "Scan" drücken.
__________________
cheers,
Leo

Alt 17.10.2013, 19:12   #15
popegreg
 
snap.do Generve - Standard

snap.do Generve


Ach sooo, hatte das missverstanden. Jetzt habe ich aber den Scan mit Farber Recovery Scan beendet, die Kopie des TXT-Files kommt gleich. Ob das ganze Generve in Firefox jetzt weg ist, kann ich noch nicht 100%ig sagen. Es scheint aber, daß immerhin viel weniger neue (unerwünschte) Seiten im Firefox aufgehen.


Hier die Kopie des Scans mit FRST:
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Pope Greg (administrator) on STUDIOPC2-W7FLA on 17-10-2013 19:58:23
Running from C:\Users\Pope Greg\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4530.0\AdAwareService.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Windows\vsnp325.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4530.0\AdAwareTray.exe
() C:\Program Files (x86)\Ditto\Ditto.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(LINE Corporation) C:\Program Files (x86)\Naver\LINE\Line.exe
(BitTorrent Inc.) C:\Users\Pope Greg\AppData\Roaming\uTorrent\uTorrent.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Windows\FixCamera.exe
() C:\Windows\tsnp325.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Dropbox, Inc.) C:\Users\Pope Greg\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(sw4you, Siegfried Weckmann) C:\Program Files (x86)\Hardcopy\hardcopy.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(LaCie) C:\Users\Pope Greg\AppData\Roaming\Wuala\Wuala.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(mSeven Software) C:\Program Files (x86)\mSeven Software\mSecure\mSecure.exe
(Oracle Corporation) C:\Program Files (x86)\mytunesrss-4.9.12\data\jre\bin\javaw.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(GBelectronics GmbH) C:\Program Files (x86)\GBelectronics\Audio-CD-Archiv v7\Audio-CD-Archiv_v7.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-13] (Adobe Systems Incorporated)
HKLM\...\Run: [snp325] - C:\Windows\vsnp325.exe [835584 2007-05-10] ()
HKLM\...\Run: [etMonitor] - C:\Windows\etMon.exe
HKLM\...\Run: [] - [x]
HKLM\...\Run: [AdAwareTray] - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4530.0\AdAwareTray.exe [2520408 2013-10-14] ()
HKCU\...\Run: [Ditto] - C:\Program Files (x86)\Ditto\Ditto.exe [1433200 2012-11-08] ()
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2013-01-16] (Hewlett-Packard Company)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [Allmyapps Update] - C:\Users\Pope Greg\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe [282616 2013-09-04] ()
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20474016 2013-10-02] (Skype Technologies S.A.)
HKCU\...\Run: [webcam 7] - "C:\Program Files (x86)\webcam 7\wLite.exe" -auto
HKCU\...\Run: [Line] - C:\Program Files (x86)\Naver\LINE\Line.exe [3888672 2013-09-23] (LINE Corporation)
HKCU\...\Run: [AppleIEDAV] - C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1315144 2013-09-04] (Apple Inc.)
HKCU\...\Run: [uTorrent] - C:\Users\Pope Greg\AppData\Roaming\uTorrent\uTorrent.exe [1141328 2013-10-09] (BitTorrent Inc.)
MountPoints2: {e0168289-e43d-11e2-89e6-001bdc060f13} - M:\setupX.exe
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3478392 2013-09-05] (Adobe Systems Inc.)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2236816 2013-08-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [FixCamera] - C:\Windows\FixCamera.exe [20480 2007-07-11] ()
HKLM-x32\...\Run: [tsnp325] - C:\Windows\tsnp325.exe [270336 2007-04-21] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)
Startup: C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Pope Greg\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hardcopy.exe - Verknüpfung.lnk
ShortcutTarget: hardcopy.exe - Verknüpfung.lnk -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you, Siegfried Weckmann)
Startup: C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK
ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you, Siegfried Weckmann)
Startup: C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyTunesRSS (2).lnk
ShortcutTarget: MyTunesRSS (2).lnk -> C:\Program Files (x86)\mytunesrss-4.9.7-SNAPSHOT\MyTunesRSS.exe (No File)
Startup: C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyTunesRSS.lnk
ShortcutTarget: MyTunesRSS.lnk -> C:\Program Files (x86)\mytunesrss-4.8.1\MyTunesRSS.exe (No File)
Startup: C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wuala.lnk
ShortcutTarget: Wuala.lnk -> C:\Users\Pope Greg\AppData\Roaming\Wuala\Wuala.exe (LaCie)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

SearchScopes: HKCU - {326B88A6-4B5A-49CD-BD2B-A07BF7326850} URL = hxxp://search.ividi.org/?q={searchTerms}&src=tbsp&id=f8838778000000000000002421ded394&affilt=3&r=2
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default
FF NewTab: hxxp://www.google.de
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.19 - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File
FF SearchPlugin: C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\searchplugins\ividi.xml
FF SearchPlugin: C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\searchplugins\leo-eng-deu-v20.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Dấu trang iCloud - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\firefoxdav@icloud.com
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\foxsplitter@piro.sakura.ne.jp
FF Extension: Pocket - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\isreaditlater@ideashower.com
FF Extension: Screen Capture Elite - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\screencaptureelite@plugin
FF Extension: LastPass - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\support@lastpass.com
FF Extension: TextMarker! - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{1c530060-b0ae-11d9-9669-0800200c9a66}
FF Extension: WOT - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: Flash and Video Download - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
FF Extension: FoxClocks - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}
FF Extension: Evernote Web Clipper - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
FF Extension: 7go - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\7go@7go.com.xpi
FF Extension: addon - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\addon@gutscheine-live.de.xpi
FF Extension: closealltabs - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\closealltabs@michael.grafl.xpi
FF Extension: contextMenuExtension - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\contextMenuExtension@leo.org.xpi
FF Extension: copyplaintext - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\copyplaintext@teo.pl.xpi
FF Extension: firefox-managefolders - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\firefox-managefolders@googlecode.com.xpi
FF Extension: irobinhood - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\irobinhood@irobinhood.org.xpi
FF Extension: jsonview - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\jsonview@brh.numbera.com.xpi
FF Extension: langpack-de - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\langpack-de@firefox.mozilla.org.xpi
FF Extension: newtabgoogle - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\newtabgoogle@graememcc.co.uk.xpi
FF Extension: notreal.ccoptions - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\notreal.ccoptions@environmentalchemistry.com.xpi
FF Extension: show-file-size-2 - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\show-file-size-2@kashiif-gmail.com.xpi
FF Extension: spam - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\spam@trashmail.net.xpi
FF Extension: speedanalysis03 - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\speedanalysis03@SpeedAnalysis.com.xpi
FF Extension: stealthyextension - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\stealthyextension@gmail.com.xpi
FF Extension: sugestron - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\sugestron@example.net.xpi
FF Extension: tabscroll - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\tabscroll@mthamil.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{902D2C4A-457A-4EF9-AD43-7014562929FF}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{a1109c2a-1187-4027-901d-13097b755625}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{ab4b5718-3998-4a2c-91ae-18a7c2db513e}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{c71ff04d-f001-1fc1-1fc1-c71ff04df005}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{cd617372-6743-4ee4-bac4-fbf60f35719e}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{D46E8522-6E86-44b1-A622-58C0668AD78E}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}.xpi
FF Extension: No Name - C:\Users\Pope Greg\AppData\Roaming\Mozilla\Firefox\Profiles\muvpjjel.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [OKitSpace@Vittalia.es] - C:\Users\Pope Greg\AppData\Roaming\okitSpace\Firefox
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup:     "urls_to_restore_on_startup": [
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\PepperFlash\pepflashplayer.dll ()
CHR Extension: (Google Docs) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\11.0.3.37_0
CHR Extension: (Cr!Box) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjodchcocbnbhfkjeapbdoflbiibnapp\2.4_0
CHR Extension: (OKitSpace) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gloibdidpokhhlcmgaknlpkogbhagfho\1.0_1
CHR Extension: (avast! Online Security) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0
CHR Extension: (LastPass) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.5.4_0
CHR Extension: (The Spark - Digital Blasphemy) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhkknnebkjlngeopapiainhbhkeeihkk\3.1_0
CHR Extension: (Chrome Downloads Extension) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhaaapflafeapcmgbphlmealldkomfbe\2.0.2_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (IPv4 to IPv6 Converter) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgodkdnbaggjjbdolpbpdaofcmdkdooh\1.0_0
CHR Extension: (Gmail) - C:\Users\POPEGR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx
CHR HKLM-x32\...\Chrome\Extension: [gloibdidpokhhlcmgaknlpkogbhagfho] - \okitSpace\Chrome\OKitSpace.crx
CHR HKLM-x32\...\Chrome\Extension: [iidmoehhpbghchkaogkhmcckhlhebekn] - C:\Program Files (x86)\iRobinHood\iRobinHood Addon\iRobinHoodPartnersVExtension1_42.crx
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 BotkindSyncService; C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe [182784 2013-07-02] ()
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4530.0\AdAwareService.exe [517344 2013-10-14] ()

==================== Drivers (Whitelisted) ====================

S3 AirDisplay; C:\Windows\System32\DRIVERS\AVVideoCard.sys [16248 2013-04-15] (Windows (R) Win 7 DDK provider)
S3 AirDisplayMirror; C:\Windows\System32\DRIVERS\AVVideoCardMirror.sys [16248 2013-04-15] (Windows (R) Win 7 DDK provider)
S3 AirDisplayWDDM; C:\Windows\System32\DRIVERS\AVWDDMMiniPort.sys [45432 2013-04-15] (Windows (R) Win 7 DDK provider)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
R0 AVPCIFilter; C:\Windows\System32\DRIVERS\AVPCIFilter.sys [37240 2013-04-15] (Windows (R) Win 7 DDK provider)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
R3 DCamUSBET; C:\Windows\System32\DRIVERS\etDevice64.sys [527744 2007-07-23] (eMPIA Technology, Inc.)
R3 FiltUSBET; C:\Windows\System32\DRIVERS\etFilter64.sys [281088 2007-06-14] (eMPIA Technology Inc.)
R3 ScanUSBET; C:\Windows\System32\DRIVERS\etScan64.sys [9216 2007-07-23] (eMPIA Technology, Inc.)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 SNP325; C:\Windows\System32\DRIVERS\snp325.sys [10733184 2007-11-22] (Sonix Co. Ltd.)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [329800 2013-07-17] (BitDefender S.R.L.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-17 19:57 - 2013-10-17 19:57 - 01954124 _____ (Farbar) C:\Users\Pope Greg\Downloads\FRST64.exe
2013-10-17 14:52 - 2013-10-17 15:17 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\MyTunesRSS4
2013-10-17 14:51 - 2013-10-17 14:51 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyTunesRSS
2013-10-17 14:51 - 2013-10-17 14:51 - 00000000 ____D C:\Program Files (x86)\mytunesrss-4.9.12
2013-10-17 14:45 - 2013-10-17 14:46 - 69987720 _____ C:\Users\Pope Greg\Downloads\mytunesrss-4.9.12-setup.exe
2013-10-17 13:15 - 2013-10-17 16:54 - 00000000 ____D C:\AdwCleaner
2013-10-17 13:15 - 2013-10-17 13:15 - 01050644 _____ C:\Users\Pope Greg\Downloads\adwcleaner.exe
2013-10-17 12:46 - 2013-10-17 12:46 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\LavasoftStatistics
2013-10-17 12:45 - 2013-10-17 12:45 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Lavasoft
2013-10-17 12:43 - 2013-10-17 12:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Strafzettel & Co
2013-10-17 12:18 - 2013-10-17 12:18 - 00001327 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2013-10-17 12:17 - 2013-10-17 12:17 - 00000000 ____D C:\Program Files\Lavasoft
2013-10-17 12:16 - 2013-10-17 12:16 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2013-10-17 12:15 - 2013-10-17 12:15 - 00000000 ____D C:\ProgramData\Lavasoft
2013-10-17 12:15 - 2013-10-17 12:14 - 01724552 _____ C:\Users\Pope Greg\Downloads\Adaware_Installer.exe
2013-10-17 11:42 - 2013-10-17 11:42 - 02995357 _____ C:\Users\Pope Greg\AppData\Local\soulseek-client.dat.1382002977869
2013-10-17 11:31 - 2013-10-17 11:31 - 02995357 _____ C:\Users\Pope Greg\AppData\Local\soulseek-client.dat.1382002293343
2013-10-17 11:26 - 2013-10-17 11:26 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Malwarebytes
2013-10-17 11:25 - 2013-10-17 11:25 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-10-17 11:25 - 2013-10-17 11:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-17 11:25 - 2013-10-17 11:25 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-17 11:25 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-10-17 11:24 - 2013-10-17 11:24 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Pope Greg\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-17 10:31 - 2013-10-17 10:31 - 02995357 _____ C:\Users\Pope Greg\AppData\Local\soulseek-client.dat.1381998693106
2013-10-15 02:33 - 2013-10-15 02:33 - 00036524 _____ C:\Users\Pope Greg\Downloads\tam263.wav
2013-10-15 00:11 - 2013-10-15 00:12 - 00000000 ____D C:\Users\Pope Greg\Documents\Signatur
2013-10-14 23:44 - 2013-10-15 17:01 - 00000000 ____D C:\Users\Pope Greg\Documents\Ärztliches
2013-10-14 23:44 - 2013-10-15 00:09 - 00000000 ____D C:\Users\Pope Greg\Documents\Perso
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Wertstoffhof Öffnungszeiten
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Webspace
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Vorlagen
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\VOIP
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Todesanzeige
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Technisches und Einstellungen
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Strabag PFS
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Sonstige Streitigkeiten
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Schulden
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Schadensfälle
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Rechtsanwalt
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Rechnungen
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Privat
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\MyTunesRSS
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Mobile Tarife
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Label Print
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\KFZ
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Hausverkauf
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Geschäftlich
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Gehaltsüberzahlung Telekom
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Freier Mitarbeiter
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Einladung
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Datenkram
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\ComputerHilfe
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Briefkopf
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Bertug
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Behörden
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Bedienungsanleitungen
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Banking & Kreditkarten
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Bagusoft Daten in Excel
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Apple & ITunes
2013-10-13 07:17 - 2013-10-17 11:45 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Wuala
2013-10-13 07:17 - 2013-10-13 07:23 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\Wuala
2013-10-13 07:17 - 2013-10-13 07:17 - 00000898 _____ C:\Users\Pope Greg\Desktop\Wuala.lnk
2013-10-13 07:17 - 2013-10-13 07:17 - 00000888 _____ C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wuala.lnk
2013-10-13 07:17 - 2013-10-13 07:17 - 00000000 ____D C:\Program Files (x86)\Wuala CBFS
2013-10-13 07:17 - 2012-04-09 16:27 - 00352144 _____ (EldoS Corporation) C:\Windows\system32\Drivers\cbfs3.sys
2013-10-13 07:17 - 2012-04-09 16:27 - 00223760 _____ (EldoS Corporation) C:\Windows\SysWOW64\CbFsNetRdr3.dll
2013-10-13 07:17 - 2012-04-09 16:27 - 00190480 _____ (EldoS Corporation) C:\Windows\system32\CbFsMntNtf3.dll
2013-10-13 07:17 - 2012-04-09 16:27 - 00158224 _____ (EldoS Corporation) C:\Windows\SysWOW64\CbFsMntNtf3.dll
2013-10-13 07:17 - 2012-04-09 16:27 - 00141328 _____ (EldoS Corporation) C:\Windows\system32\CbFsNetRdr3.dll
2013-10-13 07:16 - 2013-10-13 07:17 - 26788960 _____ C:\Users\Pope Greg\Downloads\WualaSetup.exe
2013-10-13 07:01 - 2013-10-13 07:04 - 23094928 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part32.rar.part
2013-10-13 06:39 - 2013-10-13 06:57 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part29.rar
2013-10-13 06:20 - 2013-10-13 06:38 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part28.rar
2013-10-13 06:01 - 2013-10-13 06:19 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part27.rar
2013-10-13 05:43 - 2013-10-13 06:00 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part26.rar
2013-10-13 05:24 - 2013-10-13 05:42 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part25.rar
2013-10-13 05:03 - 2013-10-13 05:21 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part22.rar
2013-10-13 04:45 - 2013-10-13 05:02 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part21.rar
2013-10-13 00:50 - 2013-10-13 01:10 - 96424560 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part20.rar.part
2013-10-11 07:24 - 2013-10-11 07:24 - 00000961 _____ C:\Users\Public\Desktop\iCamSource.lnk
2013-10-11 07:24 - 2013-10-11 07:24 - 00000000 ____D C:\Program Files (x86)\iCamSource
2013-10-11 07:19 - 2013-10-11 07:20 - 04763626 _____ (SKJM, LLC) C:\Users\Pope Greg\Downloads\iCamSourceSetup2.7.7VXP.exe
2013-10-11 05:09 - 2013-10-11 05:10 - 00611014 _____ C:\Users\Pope Greg\Downloads\Keygen.rar.part
2013-10-11 05:09 - 2013-10-11 05:09 - 00000000 _____ C:\Users\Pope Greg\Downloads\Keygen.rar
2013-10-11 04:55 - 2013-10-11 22:15 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part19.rar
2013-10-11 04:42 - 2013-10-11 04:42 - 04421336 _____ (Smart Projects                                              ) C:\Users\Pope Greg\Downloads\isobuster_all_lang.exe
2013-10-11 04:33 - 2013-10-11 04:50 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part18.rar
2013-10-11 04:16 - 2013-10-11 04:16 - 00000000 ____D C:\Users\Pope Greg\Downloads\Iso Buster
2013-10-11 04:13 - 2013-10-11 04:31 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part11.rar
2013-10-11 04:13 - 2013-10-11 04:13 - 00000000 ____D C:\Users\Pope Greg\Downloads\Buster.3.2.Final
2013-10-11 04:12 - 2013-10-11 04:13 - 04419891 _____ C:\Users\Pope Greg\Downloads\Buster.3.2.Final.rar
2013-10-11 03:29 - 2013-10-11 03:46 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part16.rar
2013-10-10 20:59 - 2013-10-10 21:34 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part15.rar
2013-10-10 17:57 - 2013-10-10 17:57 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-10 17:55 - 2013-10-10 17:57 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-10 17:55 - 2013-10-10 17:57 - 00000000 ____D C:\Program Files\iTunes
2013-10-10 17:55 - 2013-10-10 17:57 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-10-10 17:55 - 2013-10-10 17:55 - 00000000 ____D C:\Program Files\iPod
2013-10-10 17:49 - 2013-10-10 17:49 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2013-10-10 17:49 - 2013-10-10 17:49 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-10-10 17:45 - 2013-10-10 18:16 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part13.rar
2013-10-10 03:16 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-10 03:16 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-10 03:16 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-10 03:16 - 2013-09-23 01:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-10 03:16 - 2013-09-23 01:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-10 03:16 - 2013-09-23 01:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-10 03:16 - 2013-09-23 01:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-10 03:16 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-10 03:16 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-10 03:16 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-10 03:16 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-10 03:16 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-10 03:16 - 2013-09-23 00:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-10 03:16 - 2013-09-23 00:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-10 03:16 - 2013-09-23 00:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-10 03:16 - 2013-09-23 00:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-10 03:16 - 2013-09-21 05:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-10 03:16 - 2013-09-21 05:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-10 03:16 - 2013-09-21 04:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-10 03:16 - 2013-09-21 04:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-10 03:15 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-10 03:15 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-10 03:15 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-10 03:15 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-10 03:15 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-10 03:15 - 2013-09-23 01:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-10 03:15 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-10 03:15 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-10 03:15 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-10 03:15 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-10 03:15 - 2013-09-23 00:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-09 20:12 - 2013-10-09 20:47 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part10.rar
2013-10-09 19:36 - 2013-10-09 20:11 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part17.rar
2013-10-09 18:57 - 2013-10-09 19:28 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part09.rar
2013-10-09 18:36 - 2013-10-09 18:36 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\R-TT
2013-10-09 18:34 - 2013-10-09 18:34 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\R-Studio
2013-10-09 18:33 - 2013-10-09 18:36 - 00000000 ____D C:\Users\Pope Greg\Downloads\R-TT
2013-10-09 18:33 - 2013-10-09 18:34 - 00000000 ____D C:\Program Files (x86)\R-Studio
2013-10-09 18:31 - 2013-10-09 18:31 - 33920888 _____ (R-Tools Technology Inc.) C:\Users\Pope Greg\Downloads\RStudio7.exe
2013-10-09 18:25 - 2013-10-09 18:56 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part08.rar
2013-10-09 17:53 - 2013-10-09 18:23 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part07.rar
2013-10-09 17:35 - 2013-10-09 17:35 - 00281896 _____ (Mozilla) C:\Users\Pope Greg\Downloads\Firefox Setup Stub 24.0.exe
2013-10-09 17:21 - 2013-10-09 17:52 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part06.rar
2013-10-09 16:49 - 2013-10-09 17:20 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part04.rar
2013-10-09 16:16 - 2013-10-09 16:47 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part02.rar
2013-10-09 15:44 - 2013-10-09 16:14 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part05.rar
2013-10-09 15:10 - 2013-10-09 15:41 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part03.rar
2013-10-09 14:46 - 2013-10-09 15:08 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part01.rar
2013-10-09 14:10 - 2013-10-09 14:10 - 00000000 ____D C:\Users\Pope Greg\Downloads\Avast
2013-10-09 14:07 - 2013-10-09 14:07 - 00000000 ____D C:\Users\Pope Greg\Downloads\Avast.8.0.1489
2013-10-09 13:14 - 2013-10-09 13:13 - 00001092 _____ C:\Users\Pope Greg\Downloads\Avast_Internet_Security_8.0.1489_inkl._Aktivierung-3cte2pmtk0u5y.dlc
2013-10-09 12:14 - 2013-09-14 03:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-09 12:14 - 2013-09-08 04:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-09 12:14 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-09 12:14 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-09 12:14 - 2013-08-29 04:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-09 12:14 - 2013-08-28 03:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-09 12:14 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-09 12:14 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-09 12:14 - 2013-07-12 12:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2013-10-09 12:14 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-09 12:14 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-09 12:14 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-09 12:14 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-09 12:14 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-09 12:14 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-09 12:14 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-09 12:14 - 2013-07-03 06:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-09 12:14 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-09 12:14 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-09 12:14 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-09 12:14 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-09 12:14 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-09 12:14 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-09 12:14 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-09 12:14 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-09 12:14 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-09 12:14 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-09 12:14 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-09 12:14 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-09 12:14 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-09 12:13 - 2013-09-04 14:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-09 12:13 - 2013-09-04 14:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-09 12:13 - 2013-09-04 14:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-09 12:13 - 2013-09-04 14:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-09 12:13 - 2013-09-04 14:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-09 12:13 - 2013-09-04 14:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-09 12:13 - 2013-09-04 14:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-09 12:13 - 2013-08-29 04:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-09 12:13 - 2013-08-29 04:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-09 12:13 - 2013-08-29 04:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-09 12:13 - 2013-08-29 04:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-09 12:13 - 2013-08-29 03:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-09 12:13 - 2013-08-29 03:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-09 12:13 - 2013-08-29 03:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-09 12:13 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-09 12:13 - 2013-08-29 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-09 12:13 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-09 12:13 - 2013-08-29 02:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-09 12:13 - 2013-08-29 02:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-09 12:13 - 2013-08-29 02:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-09 12:13 - 2013-08-29 02:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-09 12:13 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-09 12:13 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-09 12:13 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 12:13 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 11:23 - 2013-10-09 11:23 - 00001224 _____ C:\Users\Public\Desktop\EaseUS Data Recovery Wizard 6.0 .lnk
2013-10-09 11:09 - 2013-10-09 11:09 - 00000000 ____D C:\Users\Pope Greg\Downloads\EASEUS Data Recovery Wizard Professional 6.0 whith Key
2013-10-09 11:08 - 2013-10-09 11:08 - 00000862 _____ C:\Users\Pope Greg\Desktop\µTorrent.lnk
2013-10-09 11:08 - 2013-10-09 11:08 - 00000842 _____ C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2013-10-09 11:07 - 2013-10-17 19:58 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\uTorrent
2013-10-09 11:07 - 2013-10-09 11:06 - 01141328 _____ (BitTorrent Inc.) C:\Users\Pope Greg\Downloads\utorrent.exe
2013-10-09 10:55 - 2013-10-09 10:55 - 00000000 ____D C:\Program Files (x86)\EaseUS
2013-10-09 10:54 - 2013-10-09 10:54 - 04892376 _____ (EaseUS                                                      ) C:\Users\Pope Greg\Downloads\drw_free.exe
2013-10-09 10:18 - 2013-10-09 10:18 - 03462033 _____ C:\Users\Pope Greg\Downloads\pci_filerecovery.exe
2013-10-09 10:18 - 2013-10-09 10:18 - 00001322 _____ C:\Users\Pope Greg\Desktop\PC Inspector File Recovery.lnk
2013-10-09 10:18 - 2013-10-09 10:18 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Convar
2013-10-09 10:18 - 2013-10-09 10:18 - 00000000 ____D C:\Program Files (x86)\Convar
2013-10-09 08:03 - 2013-10-09 08:04 - 00000000 ____D C:\Program Files\Recuva
2013-10-09 08:03 - 2013-10-09 08:03 - 00001658 _____ C:\Users\Public\Desktop\Recuva.lnk
2013-10-09 08:01 - 2013-10-09 08:01 - 03723592 _____ (Piriform Ltd) C:\Users\Pope Greg\Downloads\rcsetup147.exe
2013-10-06 18:36 - 2013-10-06 18:36 - 02634152 _____ C:\Users\Pope Greg\Downloads\mp3tagv258setup.exe
2013-10-06 14:30 - 2013-10-06 14:30 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\Tools&More
2013-10-06 14:29 - 2013-10-06 14:29 - 00001942 _____ C:\Users\Public\Desktop\Joe.lnk
2013-10-06 14:29 - 2013-10-06 14:29 - 00000000 ____D C:\Program Files (x86)\Tools&More
2013-10-06 14:28 - 2013-10-06 14:28 - 00000000 ____D C:\Windows\Downloaded Installations
2013-10-06 14:24 - 2013-10-06 14:24 - 00000000 ____D C:\Users\Pope Greg\Downloads\JOE
2013-10-06 13:42 - 2013-10-06 13:42 - 00000000 ____D C:\Users\Pope Greg\Documents\Wichtig
2013-10-05 09:54 - 2013-10-05 10:34 - 3192264704 _____ C:\Users\Pope Greg\Downloads\X15-65741.iso
2013-10-04 18:11 - 2013-10-04 18:11 - 00000000 ____D C:\FRST
2013-10-04 13:52 - 2013-10-04 20:24 - 00000000 ____D C:\Users\Pope Greg\Downloads\Trojaner Bekämpfung
2013-10-02 03:57 - 2013-10-02 04:05 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Vögel
2013-10-02 03:57 - 2013-10-02 03:57 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Sonstige Pix
2013-10-02 03:57 - 2013-10-02 03:57 - 00000000 ___RD C:\Users\Pope Greg\Downloads\RF2 Logos
2013-10-02 03:43 - 2013-10-02 03:57 - 00000000 ___RD C:\Users\Pope Greg\Downloads\RF2
2013-10-02 03:42 - 2013-10-02 03:43 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Haus
2013-10-02 03:42 - 2013-10-02 03:42 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Greg Privat
2013-10-02 03:42 - 2013-10-02 03:42 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Greg
2013-10-02 03:38 - 2013-10-02 03:42 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Friends & Stuff
2013-10-02 02:33 - 2013-10-02 02:35 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Aida
2013-10-02 01:37 - 2013-10-02 01:37 - 00000000 ____D C:\Windows\Sun
2013-10-02 01:36 - 2013-10-02 01:36 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-02 01:36 - 2013-10-02 01:36 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-02 01:36 - 2013-10-02 01:36 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-02 01:36 - 2013-10-02 01:36 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-02 01:36 - 2013-10-02 01:36 - 00000000 ____D C:\ProgramData\Oracle
2013-10-02 01:36 - 2013-10-02 01:36 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-02 01:33 - 2013-10-02 01:33 - 00000000 ____D C:\Users\Pope Greg\Downloads\Java
2013-10-02 01:17 - 2013-10-13 13:07 - 00000000 ____D C:\Program Files (x86)\Wuala OverlayIcons
2013-10-02 01:16 - 2013-10-02 01:36 - 00868264 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-10-02 01:16 - 2013-10-02 01:36 - 00790440 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-10-02 01:11 - 2013-10-02 01:11 - 00000000 ____D C:\Users\Pope Greg\Downloads\Wuala
2013-09-30 17:08 - 2013-10-09 17:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-26 22:40 - 2013-10-13 07:55 - 00000000 ____D C:\Program Files\Unlocker
2013-09-26 22:40 - 2013-09-26 22:40 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2013-09-26 22:36 - 2013-09-26 22:36 - 00000000 ____D C:\Users\Pope Greg\Downloads\Unlocker
2013-09-26 22:21 - 2013-09-26 22:21 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2013-09-25 21:08 - 2013-09-25 21:08 - 00004912 _____ C:\Users\Pope Greg\Desktop\CopyTransManager.exe - Verknüpfung.lnk
2013-09-25 19:25 - 2013-09-25 19:25 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\WindSolutions
2013-09-25 19:21 - 2013-09-25 19:21 - 00000000 ____D C:\ProgramData\WindSolutions
2013-09-25 19:15 - 2013-09-25 19:21 - 00000000 ____D C:\Users\Pope Greg\Downloads\CopyTrans
2013-09-23 22:45 - 2013-09-23 22:57 - 00000000 ____D C:\Program Files (x86)\MyTuuuuaaaaa
2013-09-23 22:31 - 2013-09-23 23:20 - 00000000 ____D C:\Program Files (x86)\MyTuuuuuuuu
2013-09-23 22:28 - 2013-09-23 22:28 - 00000000 ____D C:\Program Files (x86)\Neuer Ordner
2013-09-23 19:43 - 2013-09-23 19:43 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Yahoo!
2013-09-22 00:12 - 2013-09-22 22:14 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeRIP MP3 Converter
2013-09-22 00:12 - 2013-09-22 00:12 - 00000000 ____D C:\ProgramData\FreeRIP MP3 Converter
2013-09-21 20:34 - 2013-09-21 20:34 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-09-21 19:53 - 2013-09-22 22:15 - 00000000 ____D C:\Program Files (x86)\VideoPlayer
2013-09-21 18:59 - 2013-09-22 22:15 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\WebPlayer
2013-09-20 00:29 - 2013-09-20 00:29 - 00000000 ____D C:\Windows\system32\RsFx
2013-09-20 00:28 - 2013-09-20 00:28 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 9.0
2013-09-19 23:04 - 2013-09-19 23:04 - 00000000 ____D C:\ProgramData\EPSON
2013-09-19 20:11 - 2013-09-19 20:11 - 00001063 _____ C:\Users\Pope Greg\Desktop\USB camera - Verknüpfung.lnk
2013-09-17 20:13 - 2013-09-17 20:13 - 00003222 _____ C:\Windows\System32\Tasks\{A372979D-3926-430A-BBCA-83EE53BD124B}

==================== One Month Modified Files and Folders =======

2013-10-17 19:58 - 2013-10-09 11:07 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\uTorrent
2013-10-17 19:58 - 2013-07-10 05:06 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-17 19:57 - 2013-10-17 19:57 - 01954124 _____ (Farbar) C:\Users\Pope Greg\Downloads\FRST64.exe
2013-10-17 19:43 - 2013-08-22 01:40 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Skype
2013-10-17 19:43 - 2013-07-10 07:54 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-17 18:46 - 2013-07-03 03:51 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Ditto
2013-10-17 18:34 - 2013-07-10 04:20 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Mp3tag
2013-10-17 17:57 - 2013-07-10 02:19 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\vlc
2013-10-17 16:54 - 2013-10-17 13:15 - 00000000 ____D C:\AdwCleaner
2013-10-17 15:17 - 2013-10-17 14:52 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\MyTunesRSS4
2013-10-17 14:51 - 2013-10-17 14:51 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyTunesRSS
2013-10-17 14:51 - 2013-10-17 14:51 - 00000000 ____D C:\Program Files (x86)\mytunesrss-4.9.12
2013-10-17 14:46 - 2013-10-17 14:45 - 69987720 _____ C:\Users\Pope Greg\Downloads\mytunesrss-4.9.12-setup.exe
2013-10-17 14:44 - 2013-07-29 10:04 - 00005162 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for STUDIOPC2-W7FLA-Pope Greg StudioPC2-W7FLA
2013-10-17 14:29 - 2009-07-14 06:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-17 14:29 - 2009-07-14 06:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-17 14:25 - 2013-07-09 11:16 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\EA73FA0A-F5B8-4DEB-A39C-F439CFE7F8A4.aplzod
2013-10-17 14:23 - 2013-07-03 18:28 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Dropbox
2013-10-17 14:22 - 2013-07-03 18:43 - 00000000 ___RD C:\Users\Pope Greg\Dropbox
2013-10-17 14:20 - 2013-09-01 03:43 - 00017254 _____ C:\Windows\setupact.log
2013-10-17 14:20 - 2013-07-10 07:54 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-17 14:20 - 2013-07-03 03:35 - 00000000 ____D C:\ProgramData\NVIDIA
2013-10-17 14:20 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-17 14:18 - 2013-07-03 03:23 - 01161994 _____ C:\Windows\WindowsUpdate.log
2013-10-17 13:58 - 2013-09-01 06:07 - 00000000 ____D C:\ProgramData\Uniblue
2013-10-17 13:50 - 2013-07-08 09:28 - 00000000 ____D C:\Users\Pope Greg\Documents\PC Stuff
2013-10-17 13:15 - 2013-10-17 13:15 - 01050644 _____ C:\Users\Pope Greg\Downloads\adwcleaner.exe
2013-10-17 12:46 - 2013-10-17 12:46 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\LavasoftStatistics
2013-10-17 12:45 - 2013-10-17 12:45 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Lavasoft
2013-10-17 12:44 - 2013-10-17 12:43 - 00000000 ____D C:\Users\Pope Greg\Documents\Strafzettel & Co
2013-10-17 12:18 - 2013-10-17 12:18 - 00001327 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2013-10-17 12:17 - 2013-10-17 12:17 - 00000000 ____D C:\Program Files\Lavasoft
2013-10-17 12:16 - 2013-10-17 12:16 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2013-10-17 12:15 - 2013-10-17 12:15 - 00000000 ____D C:\ProgramData\Lavasoft
2013-10-17 12:14 - 2013-10-17 12:15 - 01724552 _____ C:\Users\Pope Greg\Downloads\Adaware_Installer.exe
2013-10-17 12:05 - 2013-07-06 08:26 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\HpUpdate
2013-10-17 11:54 - 2013-09-01 03:43 - 00410478 _____ C:\Windows\PFRO.log
2013-10-17 11:45 - 2013-10-13 07:17 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Wuala
2013-10-17 11:42 - 2013-10-17 11:42 - 02995357 _____ C:\Users\Pope Greg\AppData\Local\soulseek-client.dat.1382002977869
2013-10-17 11:31 - 2013-10-17 11:31 - 02995357 _____ C:\Users\Pope Greg\AppData\Local\soulseek-client.dat.1382002293343
2013-10-17 11:26 - 2013-10-17 11:26 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Malwarebytes
2013-10-17 11:25 - 2013-10-17 11:25 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-10-17 11:25 - 2013-10-17 11:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-17 11:25 - 2013-10-17 11:25 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-17 11:24 - 2013-10-17 11:24 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Pope Greg\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-17 10:31 - 2013-10-17 10:31 - 02995357 _____ C:\Users\Pope Greg\AppData\Local\soulseek-client.dat.1381998693106
2013-10-17 07:37 - 2013-09-04 07:32 - 00000412 _____ C:\Windows\Tasks\AllmyappsUpdateTask.job
2013-10-17 02:00 - 2013-07-09 19:14 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\Adobe
2013-10-15 17:01 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Ärztliches
2013-10-15 16:59 - 2013-07-26 17:35 - 00000000 ____D C:\Users\Pope Greg\Documents\Fax
2013-10-15 02:33 - 2013-10-15 02:33 - 00036524 _____ C:\Users\Pope Greg\Downloads\tam263.wav
2013-10-15 00:12 - 2013-10-15 00:11 - 00000000 ____D C:\Users\Pope Greg\Documents\Signatur
2013-10-15 00:09 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Perso
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Wertstoffhof Öffnungszeiten
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Webspace
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Vorlagen
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\VOIP
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Todesanzeige
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Technisches und Einstellungen
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Strabag PFS
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Sonstige Streitigkeiten
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Schulden
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Schadensfälle
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Rechtsanwalt
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Rechnungen
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Privat
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\MyTunesRSS
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Mobile Tarife
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Label Print
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\KFZ
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Hausverkauf
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Geschäftlich
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Gehaltsüberzahlung Telekom
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Freier Mitarbeiter
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Einladung
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Datenkram
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\ComputerHilfe
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Briefkopf
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Bertug
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Behörden
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Bedienungsanleitungen
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Banking & Kreditkarten
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Bagusoft Daten in Excel
2013-10-14 23:44 - 2013-10-14 23:44 - 00000000 ____D C:\Users\Pope Greg\Documents\Apple & ITunes
2013-10-13 13:07 - 2013-10-02 01:17 - 00000000 ____D C:\Program Files (x86)\Wuala OverlayIcons
2013-10-13 08:14 - 2013-08-22 01:52 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-13 08:14 - 2013-08-22 01:40 - 00000000 ____D C:\ProgramData\Skype
2013-10-13 07:55 - 2013-09-26 22:40 - 00000000 ____D C:\Program Files\Unlocker
2013-10-13 07:23 - 2013-10-13 07:17 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\Wuala
2013-10-13 07:17 - 2013-10-13 07:17 - 00000898 _____ C:\Users\Pope Greg\Desktop\Wuala.lnk
2013-10-13 07:17 - 2013-10-13 07:17 - 00000888 _____ C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wuala.lnk
2013-10-13 07:17 - 2013-10-13 07:17 - 00000000 ____D C:\Program Files (x86)\Wuala CBFS
2013-10-13 07:17 - 2013-10-13 07:16 - 26788960 _____ C:\Users\Pope Greg\Downloads\WualaSetup.exe
2013-10-13 07:17 - 2013-07-03 03:24 - 00000000 ___RD C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-13 07:04 - 2013-10-13 07:01 - 23094928 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part32.rar.part
2013-10-13 06:57 - 2013-10-13 06:39 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part29.rar
2013-10-13 06:38 - 2013-10-13 06:20 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part28.rar
2013-10-13 06:19 - 2013-10-13 06:01 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part27.rar
2013-10-13 06:00 - 2013-10-13 05:43 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part26.rar
2013-10-13 05:42 - 2013-10-13 05:24 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part25.rar
2013-10-13 05:21 - 2013-10-13 05:03 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part22.rar
2013-10-13 05:02 - 2013-10-13 04:45 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part21.rar
2013-10-13 01:10 - 2013-10-13 00:50 - 96424560 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part20.rar.part
2013-10-11 22:15 - 2013-10-11 04:55 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part19.rar
2013-10-11 21:19 - 2013-07-05 02:49 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\JDownloader v2.0
2013-10-11 07:24 - 2013-10-11 07:24 - 00000961 _____ C:\Users\Public\Desktop\iCamSource.lnk
2013-10-11 07:24 - 2013-10-11 07:24 - 00000000 ____D C:\Program Files (x86)\iCamSource
2013-10-11 07:20 - 2013-10-11 07:19 - 04763626 _____ (SKJM, LLC) C:\Users\Pope Greg\Downloads\iCamSourceSetup2.7.7VXP.exe
2013-10-11 05:10 - 2013-10-11 05:09 - 00611014 _____ C:\Users\Pope Greg\Downloads\Keygen.rar.part
2013-10-11 05:09 - 2013-10-11 05:09 - 00000000 _____ C:\Users\Pope Greg\Downloads\Keygen.rar
2013-10-11 04:50 - 2013-10-11 04:33 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part18.rar
2013-10-11 04:42 - 2013-10-11 04:42 - 04421336 _____ (Smart Projects                                              ) C:\Users\Pope Greg\Downloads\isobuster_all_lang.exe
2013-10-11 04:31 - 2013-10-11 04:13 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part11.rar
2013-10-11 04:16 - 2013-10-11 04:16 - 00000000 ____D C:\Users\Pope Greg\Downloads\Iso Buster
2013-10-11 04:13 - 2013-10-11 04:13 - 00000000 ____D C:\Users\Pope Greg\Downloads\Buster.3.2.Final
2013-10-11 04:13 - 2013-10-11 04:12 - 04419891 _____ C:\Users\Pope Greg\Downloads\Buster.3.2.Final.rar
2013-10-11 03:46 - 2013-10-11 03:29 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part16.rar
2013-10-10 21:34 - 2013-10-10 20:59 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part15.rar
2013-10-10 18:16 - 2013-10-10 17:45 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part13.rar
2013-10-10 17:57 - 2013-10-10 17:57 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-10 17:57 - 2013-10-10 17:55 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-10 17:57 - 2013-10-10 17:55 - 00000000 ____D C:\Program Files\iTunes
2013-10-10 17:57 - 2013-10-10 17:55 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-10-10 17:55 - 2013-10-10 17:55 - 00000000 ____D C:\Program Files\iPod
2013-10-10 17:49 - 2013-10-10 17:49 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2013-10-10 17:49 - 2013-10-10 17:49 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-10-10 13:56 - 2013-07-23 09:37 - 00000000 ____D C:\Users\Pope Greg\Documents\Eigene Scans
2013-10-10 04:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-10-10 03:47 - 2009-07-14 19:58 - 00657788 _____ C:\Windows\system32\perfh007.dat
2013-10-10 03:47 - 2009-07-14 19:58 - 00131104 _____ C:\Windows\system32\perfc007.dat
2013-10-10 03:47 - 2009-07-14 07:13 - 01507606 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-10 03:41 - 2009-07-14 06:45 - 05055376 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-10 03:39 - 2013-07-03 03:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-10 03:11 - 2013-07-24 03:04 - 00000000 ____D C:\Windows\system32\MRT
2013-10-10 03:06 - 2013-07-09 03:04 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-09 20:47 - 2013-10-09 20:12 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part10.rar
2013-10-09 20:11 - 2013-10-09 19:36 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part17.rar
2013-10-09 19:28 - 2013-10-09 18:57 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part09.rar
2013-10-09 18:56 - 2013-10-09 18:25 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part08.rar
2013-10-09 18:36 - 2013-10-09 18:36 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\R-TT
2013-10-09 18:36 - 2013-10-09 18:33 - 00000000 ____D C:\Users\Pope Greg\Downloads\R-TT
2013-10-09 18:34 - 2013-10-09 18:34 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\R-Studio
2013-10-09 18:34 - 2013-10-09 18:33 - 00000000 ____D C:\Program Files (x86)\R-Studio
2013-10-09 18:31 - 2013-10-09 18:31 - 33920888 _____ (R-Tools Technology Inc.) C:\Users\Pope Greg\Downloads\RStudio7.exe
2013-10-09 18:23 - 2013-10-09 17:53 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part07.rar
2013-10-09 17:52 - 2013-10-09 17:21 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part06.rar
2013-10-09 17:40 - 2013-09-30 17:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-09 17:40 - 2013-07-03 03:44 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-09 17:35 - 2013-10-09 17:35 - 00281896 _____ (Mozilla) C:\Users\Pope Greg\Downloads\Firefox Setup Stub 24.0.exe
2013-10-09 17:20 - 2013-10-09 16:49 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part04.rar
2013-10-09 16:47 - 2013-10-09 16:16 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part02.rar
2013-10-09 16:14 - 2013-10-09 15:44 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part05.rar
2013-10-09 15:58 - 2013-07-10 05:06 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-09 15:58 - 2013-07-10 05:06 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 15:58 - 2013-07-10 05:06 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-09 15:41 - 2013-10-09 15:10 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part03.rar
2013-10-09 15:08 - 2013-10-09 14:46 - 104857600 _____ C:\Users\Pope Greg\Downloads\Urlaub2009.part01.rar
2013-10-09 14:10 - 2013-10-09 14:10 - 00000000 ____D C:\Users\Pope Greg\Downloads\Avast
2013-10-09 14:07 - 2013-10-09 14:07 - 00000000 ____D C:\Users\Pope Greg\Downloads\Avast.8.0.1489
2013-10-09 13:15 - 2013-04-11 17:59 - 00000000 ____D C:\Software
2013-10-09 13:13 - 2013-10-09 13:14 - 00001092 _____ C:\Users\Pope Greg\Downloads\Avast_Internet_Security_8.0.1489_inkl._Aktivierung-3cte2pmtk0u5y.dlc
2013-10-09 11:23 - 2013-10-09 11:23 - 00001224 _____ C:\Users\Public\Desktop\EaseUS Data Recovery Wizard 6.0 .lnk
2013-10-09 11:09 - 2013-10-09 11:09 - 00000000 ____D C:\Users\Pope Greg\Downloads\EASEUS Data Recovery Wizard Professional 6.0 whith Key
2013-10-09 11:08 - 2013-10-09 11:08 - 00000862 _____ C:\Users\Pope Greg\Desktop\µTorrent.lnk
2013-10-09 11:08 - 2013-10-09 11:08 - 00000842 _____ C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2013-10-09 11:06 - 2013-10-09 11:07 - 01141328 _____ (BitTorrent Inc.) C:\Users\Pope Greg\Downloads\utorrent.exe
2013-10-09 10:55 - 2013-10-09 10:55 - 00000000 ____D C:\Program Files (x86)\EaseUS
2013-10-09 10:54 - 2013-10-09 10:54 - 04892376 _____ (EaseUS                                                      ) C:\Users\Pope Greg\Downloads\drw_free.exe
2013-10-09 10:18 - 2013-10-09 10:18 - 03462033 _____ C:\Users\Pope Greg\Downloads\pci_filerecovery.exe
2013-10-09 10:18 - 2013-10-09 10:18 - 00001322 _____ C:\Users\Pope Greg\Desktop\PC Inspector File Recovery.lnk
2013-10-09 10:18 - 2013-10-09 10:18 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Convar
2013-10-09 10:18 - 2013-10-09 10:18 - 00000000 ____D C:\Program Files (x86)\Convar
2013-10-09 08:15 - 2013-07-03 03:24 - 00000000 ____D C:\Users\Pope Greg
2013-10-09 08:04 - 2013-10-09 08:03 - 00000000 ____D C:\Program Files\Recuva
2013-10-09 08:03 - 2013-10-09 08:03 - 00001658 _____ C:\Users\Public\Desktop\Recuva.lnk
2013-10-09 08:01 - 2013-10-09 08:01 - 03723592 _____ (Piriform Ltd) C:\Users\Pope Greg\Downloads\rcsetup147.exe
2013-10-08 21:38 - 2013-07-10 07:54 - 00004112 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-08 21:38 - 2013-07-10 07:54 - 00003860 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-06 18:38 - 2013-07-10 04:24 - 00000979 _____ C:\Users\Public\Desktop\Mp3tag.lnk
2013-10-06 18:38 - 2013-07-03 03:54 - 00000000 ____D C:\Program Files (x86)\Mp3tag
2013-10-06 18:36 - 2013-10-06 18:36 - 02634152 _____ C:\Users\Pope Greg\Downloads\mp3tagv258setup.exe
2013-10-06 14:30 - 2013-10-06 14:30 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\Tools&More
2013-10-06 14:29 - 2013-10-06 14:29 - 00001942 _____ C:\Users\Public\Desktop\Joe.lnk
2013-10-06 14:29 - 2013-10-06 14:29 - 00000000 ____D C:\Program Files (x86)\Tools&More
2013-10-06 14:28 - 2013-10-06 14:28 - 00000000 ____D C:\Windows\Downloaded Installations
2013-10-06 14:27 - 2013-07-05 03:02 - 00000000 ____D C:\Users\Pope Greg\Downloads\off Maks
2013-10-06 14:24 - 2013-10-06 14:24 - 00000000 ____D C:\Users\Pope Greg\Downloads\JOE
2013-10-06 13:42 - 2013-10-06 13:42 - 00000000 ____D C:\Users\Pope Greg\Documents\Wichtig
2013-10-06 02:33 - 2013-07-31 17:16 - 00001009 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-10-05 18:25 - 2013-07-10 07:59 - 00002102 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-05 10:34 - 2013-10-05 09:54 - 3192264704 _____ C:\Users\Pope Greg\Downloads\X15-65741.iso
2013-10-05 09:42 - 2013-08-31 16:52 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-04 20:24 - 2013-10-04 13:52 - 00000000 ____D C:\Users\Pope Greg\Downloads\Trojaner Bekämpfung
2013-10-04 20:13 - 2013-07-09 19:36 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-10-04 20:11 - 2013-07-14 00:52 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-10-04 20:05 - 2013-07-09 19:15 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2013-10-04 18:11 - 2013-10-04 18:11 - 00000000 ____D C:\FRST
2013-10-04 16:35 - 2013-07-03 18:21 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\Apple
2013-10-02 04:05 - 2013-10-02 03:57 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Vögel
2013-10-02 03:57 - 2013-10-02 03:57 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Sonstige Pix
2013-10-02 03:57 - 2013-10-02 03:57 - 00000000 ___RD C:\Users\Pope Greg\Downloads\RF2 Logos
2013-10-02 03:57 - 2013-10-02 03:43 - 00000000 ___RD C:\Users\Pope Greg\Downloads\RF2
2013-10-02 03:43 - 2013-10-02 03:42 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Haus
2013-10-02 03:42 - 2013-10-02 03:42 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Greg Privat
2013-10-02 03:42 - 2013-10-02 03:42 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Greg
2013-10-02 03:42 - 2013-10-02 03:38 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Friends & Stuff
2013-10-02 02:35 - 2013-10-02 02:33 - 00000000 ___RD C:\Users\Pope Greg\Downloads\Aida
2013-10-02 01:37 - 2013-10-02 01:37 - 00000000 ____D C:\Windows\Sun
2013-10-02 01:36 - 2013-10-02 01:36 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-02 01:36 - 2013-10-02 01:36 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-02 01:36 - 2013-10-02 01:36 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-02 01:36 - 2013-10-02 01:36 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-02 01:36 - 2013-10-02 01:36 - 00000000 ____D C:\ProgramData\Oracle
2013-10-02 01:36 - 2013-10-02 01:36 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-02 01:36 - 2013-10-02 01:16 - 00868264 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-10-02 01:36 - 2013-10-02 01:16 - 00790440 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-10-02 01:33 - 2013-10-02 01:33 - 00000000 ____D C:\Users\Pope Greg\Downloads\Java
2013-10-02 01:11 - 2013-10-02 01:11 - 00000000 ____D C:\Users\Pope Greg\Downloads\Wuala
2013-09-26 22:40 - 2013-09-26 22:40 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2013-09-26 22:36 - 2013-09-26 22:36 - 00000000 ____D C:\Users\Pope Greg\Downloads\Unlocker
2013-09-26 22:21 - 2013-09-26 22:21 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2013-09-25 21:08 - 2013-09-25 21:08 - 00004912 _____ C:\Users\Pope Greg\Desktop\CopyTransManager.exe - Verknüpfung.lnk
2013-09-25 19:25 - 2013-09-25 19:25 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\WindSolutions
2013-09-25 19:21 - 2013-09-25 19:21 - 00000000 ____D C:\ProgramData\WindSolutions
2013-09-25 19:21 - 2013-09-25 19:15 - 00000000 ____D C:\Users\Pope Greg\Downloads\CopyTrans
2013-09-24 18:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-23 23:20 - 2013-09-23 22:31 - 00000000 ____D C:\Program Files (x86)\MyTuuuuuuuu
2013-09-23 23:01 - 2013-04-11 18:56 - 00000000 ____D C:\Neuer Ordner
2013-09-23 22:57 - 2013-09-23 22:45 - 00000000 ____D C:\Program Files (x86)\MyTuuuuaaaaa
2013-09-23 22:28 - 2013-09-23 22:28 - 00000000 ____D C:\Program Files (x86)\Neuer Ordner
2013-09-23 19:43 - 2013-09-23 19:43 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Yahoo!
2013-09-23 13:54 - 2013-09-01 05:51 - 00000000 ____D C:\Program Files (x86)\iRobinHood
2013-09-23 13:51 - 2013-08-28 14:19 - 00000000 ____D C:\ProgramData\Yahoo!
2013-09-23 13:51 - 2013-08-28 14:17 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2013-09-23 13:29 - 2013-08-21 05:32 - 00000000 ____D C:\ProgramData\webcam 7
2013-09-23 13:24 - 2013-07-05 07:25 - 00000000 ____D C:\Program Files (x86)\Hardcopy
2013-09-23 01:28 - 2013-10-10 03:15 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-23 01:28 - 2013-10-10 03:15 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-23 01:27 - 2013-10-10 03:16 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-23 01:27 - 2013-10-10 03:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-23 01:27 - 2013-10-10 03:16 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-23 01:27 - 2013-10-10 03:16 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-23 01:27 - 2013-10-10 03:16 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-23 01:27 - 2013-10-10 03:16 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-23 01:27 - 2013-10-10 03:16 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-23 01:27 - 2013-10-10 03:15 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-23 01:27 - 2013-10-10 03:15 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-23 01:27 - 2013-10-10 03:15 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-23 01:27 - 2013-10-10 03:15 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-23 00:55 - 2013-10-10 03:16 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-23 00:55 - 2013-10-10 03:15 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-23 00:55 - 2013-10-10 03:15 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-23 00:54 - 2013-10-10 03:16 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-23 00:54 - 2013-10-10 03:16 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-23 00:54 - 2013-10-10 03:16 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-23 00:54 - 2013-10-10 03:16 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-23 00:54 - 2013-10-10 03:16 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-23 00:54 - 2013-10-10 03:16 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-23 00:54 - 2013-10-10 03:16 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-23 00:54 - 2013-10-10 03:16 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-23 00:54 - 2013-10-10 03:15 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-23 00:54 - 2013-10-10 03:15 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-23 00:54 - 2013-10-10 03:15 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-22 22:18 - 2013-07-10 07:54 - 00001922 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-09-22 22:18 - 2013-07-10 07:54 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-09-22 22:15 - 2013-09-21 19:53 - 00000000 ____D C:\Program Files (x86)\VideoPlayer
2013-09-22 22:15 - 2013-09-21 18:59 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\WebPlayer
2013-09-22 22:15 - 2013-07-29 12:30 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\IrfanView
2013-09-22 22:15 - 2013-07-10 01:50 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2013-09-22 22:15 - 2013-07-05 01:21 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-09-22 22:14 - 2013-09-22 00:12 - 00000000 ____D C:\Users\Pope Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeRIP MP3 Converter
2013-09-22 22:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-09-22 22:11 - 2013-07-03 03:45 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\Mozilla
2013-09-22 00:12 - 2013-09-22 00:12 - 00000000 ____D C:\ProgramData\FreeRIP MP3 Converter
2013-09-21 20:34 - 2013-09-21 20:34 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-09-21 05:38 - 2013-10-10 03:16 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-21 05:30 - 2013-10-10 03:16 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-21 04:48 - 2013-10-10 03:16 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-21 04:39 - 2013-10-10 03:16 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-21 01:39 - 2013-07-06 08:22 - 00009617 _____ C:\ProgramData\hpzinstall.log
2013-09-20 07:23 - 2013-07-26 20:24 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\Apps\2.0
2013-09-20 00:29 - 2013-09-20 00:29 - 00000000 ____D C:\Windows\system32\RsFx
2013-09-20 00:28 - 2013-09-20 00:28 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 9.0
2013-09-19 23:04 - 2013-09-19 23:04 - 00000000 ____D C:\ProgramData\EPSON
2013-09-19 22:02 - 2013-07-26 15:49 - 00000000 ____D C:\Users\Pope Greg\AppData\Local\FRITZ!
2013-09-19 20:11 - 2013-09-19 20:11 - 00001063 _____ C:\Users\Pope Greg\Desktop\USB camera - Verknüpfung.lnk
2013-09-17 20:13 - 2013-09-17 20:13 - 00003222 _____ C:\Windows\System32\Tasks\{A372979D-3926-430A-BBCA-83EE53BD124B}

Some content of TEMP:
====================
C:\Users\Pope Greg\AppData\Local\Temp\AskSLib.dll
C:\Users\Pope Greg\AppData\Local\Temp\d50de168-967f-4854-a6ef-bbfdad88962b.exe
C:\Users\Pope Greg\AppData\Local\Temp\Player_Setup.exe
C:\Users\Pope Greg\AppData\Local\Temp\proxy_util_w32.dll
C:\Users\Pope Greg\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-11 00:30

==================== End Of Log ============================
--- --- ---
Antwort
Seite 1 von 2 1 2

Themen zu snap.do Generve
beiträge, download, dreck, entferne, entfernen, forum, funktionen, fängt, instalieren, installieren, keine entfernung, legal, leute, link, permanent, poste, posten, programme, programme und funktionen, recovery, scan, schlimmer, snapdo, software, stunden, suchmaschine, thema, tool


« Hilfe bei trojaner Software Updater Ui.exe | Österreichischer Polizei Virus - auch im abgesicherten Modus »


Ähnliche Themen: snap.do Generve


  1. Kann Snap.do & Snap.do engine gar nicht deinstallieren?
    Plagegeister aller Art und deren Bekämpfung - 12.09.2015 (3)
  2. Snap.do / Snap.do engine entdeckt
    Log-Analyse und Auswertung - 23.05.2015 (9)
  3. Snap.Do
    Log-Analyse und Auswertung - 17.12.2013 (15)
  4. Wie entferne ich Snap.Do?
    Plagegeister aller Art und deren Bekämpfung - 26.08.2013 (3)
  5. Snap.Do eingefangen
    Log-Analyse und Auswertung - 22.07.2013 (12)
  6. snap.do
    Plagegeister aller Art und deren Bekämpfung - 28.06.2013 (7)
  7. snap.do
    Log-Analyse und Auswertung - 11.06.2013 (35)
  8. Snap.Do hat zugeschlagen
    Log-Analyse und Auswertung - 11.05.2013 (11)
  9. snap.do eingefangen :-S
    Plagegeister aller Art und deren Bekämpfung - 10.05.2013 (25)
  10. snap.do wie deinstalieren
    Plagegeister aller Art und deren Bekämpfung - 09.05.2013 (14)
  11. snap.do eingefangen in XP
    Log-Analyse und Auswertung - 23.04.2013 (3)
  12. Snap.Do Trojaner! Wie entferne ich Snap.Do?
    Plagegeister aller Art und deren Bekämpfung - 21.04.2013 (12)
  13. snap.do Infizierung
    Plagegeister aller Art und deren Bekämpfung - 19.04.2013 (3)
  14. snap.do
    Plagegeister aller Art und deren Bekämpfung - 12.04.2013 (18)
  15. snap.do eingefangen
    Plagegeister aller Art und deren Bekämpfung - 11.04.2013 (16)
  16. Snap.do - mit AnyVideoConverter
    Plagegeister aller Art und deren Bekämpfung - 10.04.2013 (11)
  17. "search.snap.do" als Startseite und "Snap.Do" auf Symbolleiste
    Plagegeister aller Art und deren Bekämpfung - 18.03.2013 (37)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema snap.do Generve - Habe mit diesen Dreck bei dem permanent die Suchmaschinen-Seite von snap.do geöffnet wird eingefangen. Habe daraufhin hier im Forum die Beiträge über dieses Thema gelesen, es ist mir aber nicht - snap.do Generve...
Archiv
Du betrachtest: snap.do Generve auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19