snap.do lässt sich GAR NICHT deinstallieren

a_c_a_b11 · 15.10.2013, 18:53

hey leute

ich bin neu hier und ich bin absolut kein pc profi habe nun aber seit heute das problem mit dem snap.do in diversen anleitungen unter anderem folgende ----> ( hxxp://praxistipps.chip.de/snap-do-entfernen-so-gehts_3287 )so aus meinen browsern is das ganze soweit raus da ich alle 3 besitze und benutze also chrome firefox und den normalen i net explorer war diese seite echt top für mich nun steht da aber ich solle die i net verbindung trennen (was ich natürlich au getan hab )und snap.do ganz normal wie iches kenne unter der systemsteuerung löschen dies geht aber nicht... ich klicke auf deinstallieren und dann kommt nur "please wait while windows cifnigurate snap.do" das fenster schließt sich nach ein paar sekunden wieder und ist immernoch gelistet in meinen programmen ich hoffe irgendwer von euch kann mir helfen das scheusal wieder los zu werden wäre euch echt dankbar

Ps : habe due sufu genutzt aber niemanden gefunden dem es genauso geht wie mir bei den meisten hat sich das alles schon sehr schnell erledigt.... bei mir scheint es ned ganz so "einfach "

schrauber · 15.10.2013, 19:02

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

a_c_a_b11 · 16.10.2013, 10:44

so hab nun mein pc angeschmissen und nu wieder die scheiß snap.do suchmaschiene ich könnt kotzen... danke schrauber das program grad am laufen werde dir die sachen dann schicken hoff des klappt

Hier die FRSt TXT. :
FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Marci (administrator) on A_C_A_B on 16-10-2013 11:38:38
Running from C:\Users\Marci\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\windows\system32\atiesrxx.exe
(AMD) C:\windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Users\Marci\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marci\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marci\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marci\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marci\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1807272 2013-07-27] (Valve Corporation)
HKCU\...\Run: [Google Update] - C:\Users\Marci\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-10] (Google Inc.)
MountPoints2: {1d08d3fa-0eef-11e3-be8a-4c72b9720860} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {5514cf13-90c3-11e2-be6e-001e101fbe27} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {6b0b6370-8f65-11e2-be6c-4c72b9720860} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {6b0b63cd-8f65-11e2-be6c-4c72b9720860} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {8920b946-c943-11e2-be74-4c72b9720860} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {8920b999-c943-11e2-be74-4c72b9720860} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {8920b9b8-c943-11e2-be74-4c72b9720860} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {8920b9d2-c943-11e2-be74-4c72b9720860} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {8920bab2-c943-11e2-be74-4c72b9720860} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {8920bacf-c943-11e2-be74-4c72b9720860} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {ee115b6b-cae3-11e2-be75-001e101fe13a} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {ee115baf-cae3-11e2-be75-001e101fe13a} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {ee115ddc-cae3-11e2-be75-001e101fe13a} - "G:\.\Setup.exe" AUTORUN=1
HKLM-x32\...\Run: [StartCCC] - c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/?gws_rd=cr&ei=SntdUufUAomGtAbHpYGgDw
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQDSK13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQDSK13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/CQDSK13/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQDSK13/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/CQDSK13/4
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CPDTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CPDTDFJS
SearchScopes: HKLM - {79AE7379-BD08-4A58-A721-555A606B024F} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {79AE7379-BD08-4A58-A721-555A606B024F} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CPDTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CPDTDFJS
SearchScopes: HKCU - {79AE7379-BD08-4A58-A721-555A606B024F} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {87554C62-FF35-4958-974F-FF2A79AF514E} URL = hxxp://search.softonic.com/MOY00009/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=44c5aadb0000000000004c72b9720860&r=941
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU -  No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Marci\AppData\Roaming\Mozilla\Firefox\Profiles\rukj03bx.default
FF NewTab: hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=7ab7c4a7-6aad-b7c0-4a51-1346993e4708&searchtype=nt&installDate=11/10/2013
FF Homepage: https://www.google.de/
FF Keyword.URL: hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=7ab7c4a7-6aad-b7c0-4a51-1346993e4708&searchtype=ds&installDate=11/10/2013&q=
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Marci\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Marci\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Marci\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome: 
=======
CHR HomePage: hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=7ab7c4a7-6aad-b7c0-4a51-1346993e4708&searchtype=hp&installDate=11/10/2013
CHR RestoreOnStartup: "hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=7ab7c4a7-6aad-b7c0-4a51-1346993e4708&searchtype=hp&installDate=11/10/2013"
CHR Extension: (Google Docs) - C:\Users\Marci\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Marci\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Marci\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Marci\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Marci\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Marci\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 ALDITALKVerbindungsassistent_Service; C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe [358968 2013-10-07] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [137960 2013-08-30] (AVAST Software)
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R1 aswFW; C:\Windows\System32\Drivers\aswFW.sys [131232 2013-08-30] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswNdisFlt; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [276992 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [138752 2013-03-18] (Huawei Technologies Co., Ltd.)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-16 11:38 - 2013-10-16 11:38 - 00000000 ____D C:\FRST
2013-10-16 11:36 - 2013-10-16 11:36 - 01954124 _____ (Farbar) C:\Users\Marci\Desktop\FRST64.exe
2013-10-16 11:36 - 2013-10-16 11:36 - 00001113 _____ C:\Users\Marci\Desktop\Continue Zip Extractor Installation.lnk
2013-10-16 11:35 - 2013-10-16 11:35 - 00753504 _____ C:\Users\Marci\Downloads\ZipExtractorSetup.exe
2013-10-15 18:56 - 2013-10-15 18:58 - 00000000 ____D C:\AdwCleaner
2013-10-15 18:55 - 2013-10-15 18:55 - 01048960 _____ C:\Users\Marci\Downloads\adwcleaner_3.0.0.7.exe
2013-10-15 18:39 - 2013-10-15 18:39 - 00001080 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-10-15 17:01 - 2013-10-15 17:01 - 00000000 _____ C:\autoexec.bat
2013-10-15 17:00 - 2013-10-15 18:05 - 00000000 ____D C:\windows\037F8C0EE8E1408FABB4FC4ABF947E1B.TMP
2013-10-15 17:00 - 2013-10-15 18:05 - 00000000 ____D C:\sh4ldr
2013-10-15 17:00 - 2013-10-15 17:00 - 00003324 _____ C:\windows\System32\Tasks\SpyHunter4Startup
2013-10-15 17:00 - 2013-10-15 17:00 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-10-15 16:25 - 2013-10-15 16:26 - 00426960 _____ C:\windows\system32\FNTCACHE.DAT
2013-10-15 15:26 - 2013-10-15 15:26 - 00000000 ____D C:\windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-10-15 15:22 - 2013-10-15 15:22 - 00000000 ____D C:\Program Files\Microsoft Office
2013-10-15 15:22 - 2013-10-15 15:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-10-15 15:21 - 2013-10-15 16:16 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-15 15:21 - 2013-10-15 15:21 - 00000000 ____D C:\Users\Marci\AppData\Local\Microsoft Help
2013-10-15 15:20 - 2013-10-15 15:20 - 00000000 __RHD C:\MSOCache
2013-10-15 15:01 - 2013-10-15 16:30 - 00000000 ____D C:\Users\Marci\Desktop\Berichtsheft
2013-10-14 13:55 - 2013-10-14 14:15 - 00000000 ____D C:\Users\Marci\Desktop\caddy
2013-10-14 11:34 - 2013-08-10 07:21 - 00448512 _____ (Microsoft Corporation) C:\windows\system32\SettingSync.dll
2013-10-14 11:34 - 2013-08-10 07:21 - 00128512 _____ (Microsoft Corporation) C:\windows\system32\SettingSyncInfo.dll
2013-10-14 11:34 - 2013-08-10 05:58 - 00356352 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSync.dll
2013-10-14 11:34 - 2013-08-03 08:40 - 01374208 _____ (Microsoft Corporation) C:\windows\system32\wdc.dll
2013-10-14 11:34 - 2013-08-03 08:40 - 00566784 _____ (Microsoft Corporation) C:\windows\system32\wvc.dll
2013-10-14 11:34 - 2013-08-03 08:40 - 00462336 _____ (Microsoft Corporation) C:\windows\system32\sysmon.ocx
2013-10-14 11:34 - 2013-08-03 07:14 - 00399360 _____ (Microsoft Corporation) C:\windows\SysWOW64\sysmon.ocx
2013-10-14 11:34 - 2013-08-03 07:13 - 01245696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdc.dll
2013-10-14 11:34 - 2013-08-03 07:13 - 00437248 _____ (Microsoft Corporation) C:\windows\SysWOW64\wvc.dll
2013-10-14 11:34 - 2013-08-02 08:28 - 19758080 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2013-10-14 11:34 - 2013-08-02 08:28 - 10116608 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2013-10-14 11:34 - 2013-08-02 08:28 - 00222208 _____ (Microsoft Corporation) C:\windows\system32\shdocvw.dll
2013-10-14 11:34 - 2013-08-02 08:26 - 02304512 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2013-10-14 11:34 - 2013-08-02 07:08 - 17561088 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2013-10-14 11:34 - 2013-08-02 07:08 - 08858112 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2013-10-14 11:34 - 2013-08-02 07:08 - 00199168 _____ (Microsoft Corporation) C:\windows\SysWOW64\shdocvw.dll
2013-10-14 11:34 - 2013-08-02 07:06 - 02035712 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2013-10-14 11:34 - 2013-08-01 12:41 - 02233688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2013-10-14 11:34 - 2013-07-31 01:30 - 00386923 _____ C:\windows\system32\ApnDatabase.xml
2013-10-14 11:34 - 2013-07-25 01:10 - 00158208 _____ (Microsoft Corporation) C:\windows\SysWOW64\mbsmsapi.dll
2013-10-14 11:34 - 2013-07-25 01:06 - 00225280 _____ (Microsoft Corporation) C:\windows\system32\mbsmsapi.dll
2013-10-14 11:34 - 2013-04-10 01:17 - 01125888 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2013-10-14 11:34 - 2013-04-10 00:29 - 00893952 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2013-10-12 12:12 - 2013-10-12 16:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-11 15:04 - 2013-10-16 11:30 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-10-11 15:04 - 2013-10-11 15:04 - 00003772 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-10-11 15:04 - 2013-10-11 15:04 - 00000000 ____D C:\ProgramData\McAfee
2013-10-11 14:57 - 2013-10-11 14:57 - 00001161 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-11 14:47 - 2013-10-11 14:47 - 00000000 ____D C:\Users\Marci\AppData\Roaming\TuneUp Software
2013-10-11 14:45 - 2013-10-11 14:47 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-10-11 14:45 - 2013-10-11 14:45 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-10-11 13:30 - 2013-10-11 13:30 - 00000000 ____D C:\Users\Marci\Documents\My Cheat Tables
2013-10-10 11:53 - 2013-10-10 11:53 - 00002340 _____ C:\Users\Marci\Desktop\Google Chrome.lnk
2013-10-10 11:53 - 2013-10-10 11:53 - 00000000 ____D C:\Users\Marci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-10-10 11:52 - 2013-10-15 23:12 - 00001136 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1511230306-1648634698-1318965908-1001UA.job
2013-10-10 11:52 - 2013-10-14 12:12 - 00001084 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1511230306-1648634698-1318965908-1001Core.job
2013-10-10 11:52 - 2013-10-11 12:07 - 00004082 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1511230306-1648634698-1318965908-1001UA
2013-10-10 11:52 - 2013-10-11 12:07 - 00003702 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1511230306-1648634698-1318965908-1001Core
2013-10-10 10:03 - 2013-10-02 03:38 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-10-10 10:03 - 2013-10-02 03:38 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 01:36 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-10-09 01:36 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-10-09 01:36 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-10-09 01:36 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-10-09 01:36 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-10-09 01:36 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-10-09 01:36 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-10-09 01:36 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-10-09 01:36 - 2013-07-06 02:15 - 00652288 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2013-10-09 01:36 - 2013-07-04 04:13 - 00541696 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2013-10-09 01:36 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2013-10-09 01:36 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2013-10-09 01:36 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-10-09 01:36 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-10-09 01:36 - 2013-04-29 00:28 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2013-10-09 01:36 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-10-09 01:36 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-10-09 01:36 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-10-09 01:36 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-10-09 01:36 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2013-10-09 01:36 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-10-09 01:36 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-10-09 01:35 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-10-09 01:35 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-10-09 01:35 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-10-09 01:35 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-10-09 01:35 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-10-09 01:34 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-10-09 01:34 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-10-09 01:34 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-10-09 01:34 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-10-09 01:34 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-10-09 01:33 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-10-09 01:31 - 2013-06-22 07:45 - 00785624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Wdf01000.sys
2013-10-09 01:31 - 2013-06-22 07:45 - 00054488 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdfLdr.sys
2013-10-09 01:30 - 2013-08-23 07:11 - 04040192 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-10-09 01:30 - 2013-07-20 00:13 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 01:30 - 2013-07-20 00:13 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 01:30 - 2013-07-06 00:02 - 00099328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbcir.sys
2013-10-09 01:30 - 2013-07-02 03:41 - 00447320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBHUB3.SYS
2013-10-09 01:30 - 2013-07-02 03:41 - 00337752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBXHCI.SYS
2013-10-09 01:30 - 2013-07-02 03:41 - 00213336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\UCX01000.SYS
2013-10-09 01:30 - 2013-07-02 00:14 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbprint.sys
2013-10-09 01:30 - 2013-07-01 03:42 - 00623448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2013-10-09 01:30 - 2013-07-01 03:42 - 00498008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2013-10-09 01:30 - 2013-07-01 03:42 - 00079192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2013-10-09 01:30 - 2013-07-01 03:42 - 00021848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2013-10-09 01:30 - 2013-06-29 05:08 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2013-10-09 01:30 - 2013-06-29 05:07 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2013-10-09 01:30 - 2013-06-29 05:07 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2013-10-09 01:30 - 2013-06-29 05:06 - 00120832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2013-10-09 01:30 - 2013-05-27 01:17 - 00035328 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2013-10-09 01:30 - 2013-05-27 00:59 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2013-10-09 01:30 - 2013-05-25 05:15 - 00362496 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2013-10-09 01:30 - 2013-05-25 04:32 - 00300032 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2013-10-08 02:07 - 2013-10-08 02:08 - 00000000 ____D C:\Users\Marci\Desktop\Neuer Ordner
2013-10-08 02:04 - 2013-08-16 07:41 - 00058200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dam.sys
2013-10-08 02:04 - 2013-08-16 07:39 - 02371728 _____ (Microsoft Corporation) C:\windows\system32\WSService.dll
2013-10-08 02:04 - 2013-08-16 07:39 - 00059416 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2013-10-08 02:04 - 2013-08-16 07:32 - 00209200 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2013-10-08 02:04 - 2013-08-16 07:22 - 04917760 _____ (Microsoft Corporation) C:\windows\system32\sppsvc.exe
2013-10-08 02:04 - 2013-08-16 07:22 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2013-10-08 02:04 - 2013-08-16 07:21 - 03275776 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 01621504 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 01164288 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00773120 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00688640 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00368640 _____ (Microsoft Corporation) C:\windows\system32\sppwinob.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00252416 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00204800 _____ (Microsoft Corporation) C:\windows\system32\WSClient.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00183808 _____ (Microsoft Corporation) C:\windows\system32\WSSync.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00174592 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00142848 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00120320 _____ (Microsoft Corporation) C:\windows\system32\sppc.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00099328 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\setupcln.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00049664 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00049152 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2013-10-08 02:04 - 2013-08-16 07:20 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2013-10-08 02:04 - 2013-08-16 00:43 - 00628736 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2013-10-08 02:04 - 2013-08-16 00:43 - 00562688 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2013-10-08 02:04 - 2013-08-16 00:43 - 00167424 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSClient.dll
2013-10-08 02:04 - 2013-08-16 00:43 - 00159232 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSSync.dll
2013-10-08 02:04 - 2013-08-16 00:43 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-10-08 02:04 - 2013-08-16 00:43 - 00126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2013-10-08 02:04 - 2013-08-16 00:43 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-10-08 02:04 - 2013-08-16 00:43 - 00084992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2013-10-08 02:04 - 2013-08-16 00:43 - 00083968 _____ C:\windows\SysWOW64\OEMLicense.dll
2013-10-08 02:04 - 2013-08-16 00:43 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2013-10-08 02:04 - 2013-08-16 00:43 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2013-10-08 02:04 - 2013-08-16 00:42 - 00091648 _____ (Microsoft Corporation) C:\windows\SysWOW64\sppc.dll
2013-10-08 02:04 - 2013-08-16 00:42 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\setupcln.dll
2013-10-08 02:01 - 2013-07-09 10:04 - 00120144 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msgpioclx.sys
2013-10-08 02:01 - 2013-07-09 08:18 - 00439488 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2013-10-08 02:01 - 2013-07-09 06:25 - 00385768 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2013-10-08 02:01 - 2013-07-09 05:57 - 00245760 _____ (Microsoft Corporation) C:\windows\SysWOW64\LocationApi.dll
2013-10-08 02:01 - 2013-07-09 00:46 - 00543744 _____ (Microsoft Corporation) C:\windows\system32\wwanmm.dll
2013-10-08 02:01 - 2013-07-09 00:46 - 00414208 _____ (Microsoft Corporation) C:\windows\system32\wwanconn.dll
2013-10-08 02:01 - 2013-07-09 00:46 - 00370688 _____ (Microsoft Corporation) C:\windows\system32\Wwanadvui.dll
2013-10-08 02:01 - 2013-07-09 00:45 - 00312832 _____ (Microsoft Corporation) C:\windows\system32\LocationApi.dll
2013-10-08 02:01 - 2013-07-06 02:16 - 01025024 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2013-10-08 02:01 - 2013-07-03 02:23 - 00778752 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2013-10-08 02:01 - 2013-07-03 02:23 - 00391168 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-10-08 02:01 - 2013-07-03 02:22 - 02839552 _____ (Microsoft Corporation) C:\windows\system32\msftedit.dll
2013-10-08 02:01 - 2013-07-03 02:22 - 01300480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2013-10-08 02:01 - 2013-07-03 02:11 - 00551424 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2013-10-08 02:01 - 2013-07-03 02:11 - 00268800 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-10-08 02:01 - 2013-07-03 02:10 - 02273792 _____ (Microsoft Corporation) C:\windows\SysWOW64\msftedit.dll
2013-10-08 02:01 - 2013-07-01 00:30 - 00067072 _____ (Microsoft Corporation) C:\windows\SysWOW64\openfiles.exe
2013-10-08 02:01 - 2013-07-01 00:29 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\openfiles.exe
2013-10-08 02:01 - 2013-06-29 08:15 - 00195416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys
2013-10-08 02:01 - 2013-06-29 08:15 - 00125784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dumpsd.sys
2013-10-08 02:01 - 2013-06-29 07:43 - 00327512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys
2013-10-08 02:01 - 2013-06-29 03:12 - 01022464 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2013-10-08 02:01 - 2013-06-26 05:01 - 00321536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\udfs.sys
2013-10-08 02:01 - 2013-06-26 04:59 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\HdAudio.sys
2013-10-08 02:01 - 2013-06-25 00:54 - 00447488 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2013-10-08 02:01 - 2013-06-25 00:54 - 00263680 _____ (Microsoft Corporation) C:\windows\system32\wcmsvc.dll
2013-10-08 02:01 - 2013-06-25 00:54 - 00074240 _____ (Microsoft Corporation) C:\windows\system32\wcmcsp.dll
2013-10-08 02:01 - 2013-06-19 07:36 - 00183808 _____ (Microsoft Corporation) C:\windows\system32\winmmbase.dll
2013-10-08 02:01 - 2013-06-19 07:36 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\winmm.dll
2013-10-08 02:01 - 2013-06-19 00:38 - 00160256 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmmbase.dll
2013-10-08 02:01 - 2013-06-19 00:38 - 00125440 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmm.dll
2013-10-08 02:01 - 2013-06-12 01:43 - 00154112 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinSCard.dll
2013-10-08 02:01 - 2013-06-12 01:26 - 00230912 _____ (Microsoft Corporation) C:\windows\system32\WinSCard.dll
2013-10-08 02:01 - 2013-06-10 23:17 - 00096512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wfplwfs.sys
2013-10-08 02:01 - 2013-06-10 21:16 - 00888832 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2013-10-08 02:01 - 2013-06-10 21:15 - 01156096 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2013-10-08 02:01 - 2013-06-10 21:15 - 00723968 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
2013-10-08 02:01 - 2013-06-10 21:15 - 00381952 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2013-10-08 02:01 - 2013-06-10 21:10 - 00702464 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2013-10-08 02:01 - 2013-06-10 21:10 - 00245248 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2013-10-08 02:01 - 2013-06-06 10:03 - 00119040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBSTOR.SYS
2013-10-08 02:00 - 2013-08-07 07:15 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\tssdisai.dll
2013-10-07 01:59 - 2013-10-07 01:59 - 00002100 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2013-10-02 22:31 - 2013-10-07 01:16 - 00000000 ____D C:\Users\Marci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maxis
2013-10-02 22:13 - 2013-10-02 22:13 - 00000000 ____D C:\Program Files (x86)\Maxis
2013-09-27 16:24 - 2013-10-15 16:25 - 00335934 _____ C:\windows\PFRO.log
2013-09-27 16:09 - 2013-09-27 16:09 - 00000000 ____D C:\Users\Marci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinISD Pro [alpha]
2013-09-27 16:08 - 2013-09-27 16:08 - 00000000 ____D C:\Users\Marci\AppData\Local\avgchrome
2013-09-27 16:08 - 2013-09-27 16:08 - 00000000 ____D C:\Program Files (x86)\Linearteam
2013-09-20 22:18 - 2013-09-20 23:51 - 229577206 _____ C:\Users\Marci\Desktop\3096 tage Natascha Kampusch.mp4
2013-09-20 21:29 - 2013-09-20 21:29 - 00000000 ____D C:\ProgramData\Intenium
2013-09-20 20:11 - 2013-09-20 20:11 - 00000000 ____D C:\Users\Public\Documents\intenium
2013-09-20 20:10 - 2013-09-20 20:10 - 00000000 ____D C:\Program Files (x86)\OXXOGames
2013-09-19 18:20 - 2013-09-19 19:40 - 261567936 _____ C:\Users\Marci\Desktop\50 erste dates.mp4

==================== One Month Modified Files and Folders =======

2013-10-16 11:38 - 2013-10-16 11:38 - 00000000 ____D C:\FRST
2013-10-16 11:36 - 2013-10-16 11:36 - 01954124 _____ (Farbar) C:\Users\Marci\Desktop\FRST64.exe
2013-10-16 11:36 - 2013-10-16 11:36 - 00001113 _____ C:\Users\Marci\Desktop\Continue Zip Extractor Installation.lnk
2013-10-16 11:35 - 2013-10-16 11:35 - 00753504 _____ C:\Users\Marci\Downloads\ZipExtractorSetup.exe
2013-10-16 11:30 - 2013-10-11 15:04 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-10-16 11:28 - 2013-03-18 08:26 - 02069673 _____ C:\windows\WindowsUpdate.log
2013-10-16 11:18 - 2012-07-26 10:12 - 00000000 ____D C:\windows\system32\sru
2013-10-15 23:12 - 2013-10-10 11:52 - 00001136 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1511230306-1648634698-1318965908-1001UA.job
2013-10-15 23:06 - 2013-06-12 00:40 - 00001124 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-15 19:11 - 2013-03-18 08:33 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1511230306-1648634698-1318965908-1001
2013-10-15 19:00 - 2013-06-12 00:40 - 00001120 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-15 19:00 - 2013-03-19 13:39 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2013-10-15 18:59 - 2012-07-26 09:22 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-10-15 18:58 - 2013-10-15 18:56 - 00000000 ____D C:\AdwCleaner
2013-10-15 18:58 - 2012-07-26 07:26 - 00262144 ___SH C:\windows\system32\config\BBI
2013-10-15 18:55 - 2013-10-15 18:55 - 01048960 _____ C:\Users\Marci\Downloads\adwcleaner_3.0.0.7.exe
2013-10-15 18:49 - 2012-09-26 03:42 - 00745562 _____ C:\windows\system32\perfh007.dat
2013-10-15 18:49 - 2012-09-26 03:42 - 00169488 _____ C:\windows\system32\perfc007.dat
2013-10-15 18:49 - 2012-07-26 09:28 - 01752656 _____ C:\windows\system32\PerfStringBackup.INI
2013-10-15 18:40 - 2013-03-19 00:31 - 00000000 ____D C:\Users\Marci\AppData\Roaming\vlc
2013-10-15 18:39 - 2013-10-15 18:39 - 00001080 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-10-15 18:05 - 2013-10-15 17:00 - 00000000 ____D C:\windows\037F8C0EE8E1408FABB4FC4ABF947E1B.TMP
2013-10-15 18:05 - 2013-10-15 17:00 - 00000000 ____D C:\sh4ldr
2013-10-15 17:01 - 2013-10-15 17:01 - 00000000 _____ C:\autoexec.bat
2013-10-15 17:00 - 2013-10-15 17:00 - 00003324 _____ C:\windows\System32\Tasks\SpyHunter4Startup
2013-10-15 17:00 - 2013-10-15 17:00 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-10-15 16:30 - 2013-10-15 15:01 - 00000000 ____D C:\Users\Marci\Desktop\Berichtsheft
2013-10-15 16:27 - 2013-03-18 08:27 - 00000000 ___RD C:\Users\Marci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-15 16:27 - 2013-03-18 08:27 - 00000000 ___RD C:\Users\Marci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-15 16:26 - 2013-10-15 16:25 - 00426960 _____ C:\windows\system32\FNTCACHE.DAT
2013-10-15 16:25 - 2013-09-27 16:24 - 00335934 _____ C:\windows\PFRO.log
2013-10-15 16:25 - 2013-03-18 22:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-15 16:24 - 2012-07-26 10:12 - 00000000 ___RD C:\windows\ToastData
2013-10-15 16:16 - 2013-10-15 15:21 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-15 16:11 - 2012-07-26 07:26 - 00000167 _____ C:\windows\win.ini
2013-10-15 16:10 - 2012-09-25 19:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-10-15 15:34 - 2012-07-26 11:45 - 00000000 ____D C:\windows\ShellNew
2013-10-15 15:28 - 2013-06-03 08:52 - 00000000 ____D C:\Users\Marci\AppData\Local\Mozilla
2013-10-15 15:26 - 2013-10-15 15:26 - 00000000 ____D C:\windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-10-15 15:25 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-10-15 15:22 - 2013-10-15 15:22 - 00000000 ____D C:\Program Files\Microsoft Office
2013-10-15 15:22 - 2013-10-15 15:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-10-15 15:21 - 2013-10-15 15:21 - 00000000 ____D C:\Users\Marci\AppData\Local\Microsoft Help
2013-10-15 15:20 - 2013-10-15 15:20 - 00000000 __RHD C:\MSOCache
2013-10-15 15:04 - 2013-05-29 11:04 - 00000052 _____ C:\windows\SysWOW64\DOErrors.log
2013-10-15 15:03 - 2013-05-29 11:04 - 00000000 _____ C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-10-15 13:01 - 2013-06-12 00:40 - 00004096 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-15 13:01 - 2013-06-12 00:40 - 00003860 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-15 12:39 - 2012-07-26 10:12 - 00000000 ____D C:\windows\AUInstallAgent
2013-10-14 14:15 - 2013-10-14 13:55 - 00000000 ____D C:\Users\Marci\Desktop\caddy
2013-10-14 12:12 - 2013-10-10 11:52 - 00001084 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1511230306-1648634698-1318965908-1001Core.job
2013-10-12 16:45 - 2013-10-12 12:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-12 11:32 - 2013-03-18 22:56 - 00000000 ____D C:\Users\Marci\AppData\Local\Thunderbird
2013-10-11 15:05 - 2013-06-03 10:29 - 00000000 ____D C:\Users\Marci\AppData\Local\Adobe
2013-10-11 15:04 - 2013-10-11 15:04 - 00003772 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-10-11 15:04 - 2013-10-11 15:04 - 00000000 ____D C:\ProgramData\McAfee
2013-10-11 14:57 - 2013-10-11 14:57 - 00001161 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-11 14:57 - 2013-07-01 12:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-11 14:47 - 2013-10-11 14:47 - 00000000 ____D C:\Users\Marci\AppData\Roaming\TuneUp Software
2013-10-11 14:47 - 2013-10-11 14:45 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-10-11 14:45 - 2013-10-11 14:45 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-10-11 13:30 - 2013-10-11 13:30 - 00000000 ____D C:\Users\Marci\Documents\My Cheat Tables
2013-10-11 12:07 - 2013-10-10 11:52 - 00004082 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1511230306-1648634698-1318965908-1001UA
2013-10-11 12:07 - 2013-10-10 11:52 - 00003702 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1511230306-1648634698-1318965908-1001Core
2013-10-10 11:53 - 2013-10-10 11:53 - 00002340 _____ C:\Users\Marci\Desktop\Google Chrome.lnk
2013-10-10 11:53 - 2013-10-10 11:53 - 00000000 ____D C:\Users\Marci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-10-10 11:52 - 2013-06-12 00:39 - 00000000 ____D C:\Users\Marci\AppData\Local\Google
2013-10-10 11:51 - 2013-06-12 00:39 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-10 11:43 - 2012-07-26 10:12 - 00000000 ____D C:\windows\rescache
2013-10-10 10:00 - 2012-07-26 10:12 - 00000000 ____D C:\windows\WinStore
2013-10-10 10:00 - 2012-07-26 10:12 - 00000000 ____D C:\windows\PolicyDefinitions
2013-10-10 10:00 - 2012-07-26 07:38 - 00000000 ____D C:\windows\system32\oobe
2013-10-09 12:33 - 2013-08-09 15:54 - 00000000 ____D C:\windows\system32\MRT
2013-10-09 12:31 - 2013-03-19 12:11 - 80541720 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-10-09 02:10 - 2013-06-01 23:26 - 00000000 ____D C:\Users\Marci\AppData\Roaming\ALDITALKVerbindungsassistent
2013-10-08 02:08 - 2013-10-08 02:07 - 00000000 ____D C:\Users\Marci\Desktop\Neuer Ordner
2013-10-08 02:06 - 2013-07-12 22:17 - 00000000 ____D C:\Users\Marci\Desktop\Diverse Ordner
2013-10-07 02:05 - 2013-06-01 23:25 - 00000000 ____D C:\Program Files (x86)\ALDITALKVerbindungsassistent
2013-10-07 01:59 - 2013-10-07 01:59 - 00002100 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2013-10-07 01:24 - 2013-09-06 10:26 - 00001932 _____ C:\Users\Public\Desktop\avast! Internet Security.lnk
2013-10-07 01:24 - 2013-03-19 13:39 - 00000000 _____ C:\windows\SysWOW64\config.nt
2013-10-07 01:22 - 2013-03-18 08:26 - 00000000 ____D C:\Users\Marci
2013-10-07 01:21 - 2012-07-26 07:37 - 00000000 ____D C:\windows\servicing
2013-10-07 01:20 - 2012-07-26 10:12 - 00000000 ____D C:\windows\system32\spp
2013-10-07 01:20 - 2012-07-26 10:12 - 00000000 ____D C:\windows\L2Schemas
2013-10-07 01:20 - 2012-07-26 07:38 - 00000000 ____D C:\windows\system32\Sysprep
2013-10-07 01:19 - 2013-08-15 16:58 - 00000000 ____D C:\Users\Marci\Desktop\Spiele
2013-10-07 01:16 - 2013-10-02 22:31 - 00000000 ____D C:\Users\Marci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maxis
2013-10-07 01:15 - 2012-07-26 10:12 - 00000000 ____D C:\windows\registration
2013-10-02 22:13 - 2013-10-02 22:13 - 00000000 ____D C:\Program Files (x86)\Maxis
2013-10-02 03:38 - 2013-10-10 10:03 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-10-02 03:38 - 2013-10-10 10:03 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-27 16:09 - 2013-09-27 16:09 - 00000000 ____D C:\Users\Marci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinISD Pro [alpha]
2013-09-27 16:08 - 2013-09-27 16:08 - 00000000 ____D C:\Users\Marci\AppData\Local\avgchrome
2013-09-27 16:08 - 2013-09-27 16:08 - 00000000 ____D C:\Program Files (x86)\Linearteam
2013-09-23 01:28 - 2013-10-09 01:36 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-09-23 01:28 - 2013-10-09 01:36 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-09-23 01:27 - 2013-10-09 01:36 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-09-23 01:27 - 2013-10-09 01:36 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-09-23 01:27 - 2013-10-09 01:34 - 02876928 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-09-23 01:27 - 2013-10-09 01:34 - 02048512 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-09-23 01:27 - 2013-10-09 01:34 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-09-23 01:27 - 2013-10-09 01:33 - 14335488 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-09-23 00:55 - 2013-10-09 01:36 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-09-23 00:55 - 2013-10-09 01:36 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-09-23 00:55 - 2013-10-09 01:35 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-09-23 00:54 - 2013-10-09 01:36 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-09-23 00:54 - 2013-10-09 01:36 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-09-23 00:54 - 2013-10-09 01:35 - 19252224 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-09-23 00:54 - 2013-10-09 01:35 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-09-23 00:54 - 2013-10-09 01:34 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-09-23 00:54 - 2013-10-09 01:34 - 02647552 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-09-20 23:51 - 2013-09-20 22:18 - 229577206 _____ C:\Users\Marci\Desktop\3096 tage Natascha Kampusch.mp4
2013-09-20 21:29 - 2013-09-20 21:29 - 00000000 ____D C:\ProgramData\Intenium
2013-09-20 20:11 - 2013-09-20 20:11 - 00000000 ____D C:\Users\Public\Documents\intenium
2013-09-20 20:10 - 2013-09-20 20:10 - 00000000 ____D C:\Program Files (x86)\OXXOGames
2013-09-19 19:40 - 2013-09-19 18:20 - 261567936 _____ C:\Users\Marci\Desktop\50 erste dates.mp4

Some content of TEMP:
====================
C:\Users\Marci\AppData\Local\Temp\AutoRun.exe
C:\Users\Marci\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Marci\AppData\Local\Temp\COMAP.EXE
C:\Users\Marci\AppData\Local\Temp\eauninstall.exe
C:\Users\Marci\AppData\Local\Temp\icqsetup.exe
C:\Users\Marci\AppData\Local\Temp\ICReinstall_ZipExtractorSetup.exe
C:\Users\Marci\AppData\Local\Temp\IminentSetup.exe
C:\Users\Marci\AppData\Local\Temp\mfc80.dll
C:\Users\Marci\AppData\Local\Temp\mfc80u.dll
C:\Users\Marci\AppData\Local\Temp\mfcm80.dll
C:\Users\Marci\AppData\Local\Temp\mfcm80u.dll
C:\Users\Marci\AppData\Local\Temp\msvcm80.dll
C:\Users\Marci\AppData\Local\Temp\msvcp80.dll
C:\Users\Marci\AppData\Local\Temp\msvcr80.dll
C:\Users\Marci\AppData\Local\Temp\Need for Speed Underground 2_uninst.exe
C:\Users\Marci\AppData\Local\Temp\OSU.exe
C:\Users\Marci\AppData\Local\Temp\Quarantine.exe
C:\Users\Marci\AppData\Local\Temp\SHSetup.exe
C:\Users\Marci\AppData\Local\Temp\Softonic_chr_1-8-19-3.exe
C:\Users\Marci\AppData\Local\Temp\SP59485.exe
C:\Users\Marci\AppData\Local\Temp\uninst1.exe
C:\Users\Marci\AppData\Local\Temp\Uninstaller.exe
C:\Users\Marci\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Marci\AppData\Local\Temp\VersionUpdater.exe
C:\Users\Marci\AppData\Local\Temp\vlc-2.0.6-win32.exe
C:\Users\Marci\AppData\Local\Temp\vlc-2.0.7-win32.exe
C:\Users\Marci\AppData\Local\Temp\vlc-2.0.8-win32.exe
C:\Users\Marci\AppData\Local\Temp\WtgDriverInstallX.dll
C:\Users\Marci\AppData\Local\Temp\WTGXMLUtil.dll
C:\Users\Marci\AppData\Local\Temp\WtgZip.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-09 12:19

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by Marci at 2013-10-16 11:41:08
Running from C:\Users\Marci\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Internet Security (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Internet Security (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: avast! Internet Security (Enabled) {131692B0-0864-D491-4E21-3A3A1D8BBB47}

==================== Installed Programs ======================

Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
ALDI TALK Verbindungsassistent (x32 Version: ALDI TALK 4.0)
AMD APP SDK Runtime (Version: 10.0.938.2)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AMD VISION Engine Control Center (x32 Version: 2012.0808.1024.16666)
Ashampoo Burning Studio 2013 v.11.0.6 (x32 Version: 11.0.6)
avast! Internet Security (x32 Version: 8.0.1497.0)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0808.1024.16666)
Catalyst Control Center InstallProxy (x32 Version: 2012.0808.1024.16666)
Catalyst Control Center Localization All (x32 Version: 2012.0808.1024.16666)
CCC Help Chinese Standard (x32 Version: 2012.0808.1023.16666)
CCC Help Chinese Traditional (x32 Version: 2012.0808.1023.16666)
CCC Help Czech (x32 Version: 2012.0808.1023.16666)
CCC Help Danish (x32 Version: 2012.0808.1023.16666)
CCC Help Dutch (x32 Version: 2012.0808.1023.16666)
CCC Help English (x32 Version: 2012.0808.1023.16666)
CCC Help Finnish (x32 Version: 2012.0808.1023.16666)
CCC Help French (x32 Version: 2012.0808.1023.16666)
CCC Help German (x32 Version: 2012.0808.1023.16666)
CCC Help Greek (x32 Version: 2012.0808.1023.16666)
CCC Help Hungarian (x32 Version: 2012.0808.1023.16666)
CCC Help Italian (x32 Version: 2012.0808.1023.16666)
CCC Help Japanese (x32 Version: 2012.0808.1023.16666)
CCC Help Korean (x32 Version: 2012.0808.1023.16666)
CCC Help Norwegian (x32 Version: 2012.0808.1023.16666)
CCC Help Polish (x32 Version: 2012.0808.1023.16666)
CCC Help Portuguese (x32 Version: 2012.0808.1023.16666)
CCC Help Russian (x32 Version: 2012.0808.1023.16666)
CCC Help Spanish (x32 Version: 2012.0808.1023.16666)
CCC Help Swedish (x32 Version: 2012.0808.1023.16666)
CCC Help Thai (x32 Version: 2012.0808.1023.16666)
CCC Help Turkish (x32 Version: 2012.0808.1023.16666)
ccc-utility64 (Version: 2012.0808.1024.16666)
Connected Music powered by Universal Music Group version 1.0 (x32 Version: 1.0)
Counter-Strike: Condition Zero (x32)
CyberLink LabelPrint (x32 Version: 2.5.1.5510)
CyberLink Media Suite 10 (x32 Version: 10.0.1.1916)
CyberLink Power2Go 8 (x32 Version: 8.0.1.1902)
CyberLink PowerDVD (x32 Version: 10.0.1.4319)
D3DX10 (x32 Version: 15.4.2368.0902)
DeepBurner v1.9.0.228 (x32)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Energy Star (Version: 1.0.8)
Free YouTube to MP3 Converter version 3.12.2.430 (x32 Version: 3.12.2.430)
Google Chrome (HKCU Version: 30.0.1599.69)
Google Earth Plug-in (x32 Version: 7.1.1.1888)
GRID (x32)
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000)
HP Connected Music (Meridian - installer) (x32 Version: v1.0)
HP Connected Remote (x32 Version: 1.0.1206)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7)
HP Postscript Converter (Version: 3.1.3591)
HP Registration Service (Version: 1.0.5976.4186)
HP Support Assistant (x32 Version: 7.0.33.6)
HP Support Information (x32 Version: 12.00.0000)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Professional 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0.1)
Mozilla Thunderbird 24.0.1 (x86 de) (x32 Version: 24.0.1)
MSVCRT (x32 Version: 15.4.2862.0708)
Need for Speed Underground 2 (x32)
Need For Speed™ World (x32 Version: 1.0.0.1509)
NirSoft BlueScreenView (x32)
OpenAL (x32)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6662)
Recovery Manager (x32 Version: 5.5.0.5530)
Skype™ 6.6 (x32 Version: 6.6.106)
Snap.Do (x32 Version: 1.102.1.11691)
Steam (x32 Version: 1.0.0.0)
Unity Web Player (HKCU Version: )
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector (KB2583935) (x32)
VLC media player 2.0.8 (x32 Version: 2.0.8)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
YTD Video Downloader 4.2.1 (x32 Version: 4.2.1)

==================== Restore Points  =========================

28-09-2013 06:02:54 Geplanter Prüfpunkt
02-10-2013 19:50:17 Installiert Die Sims Deluxe
06-10-2013 23:05:41 Wiederherstellungsvorgang
11-10-2013 12:51:27 TuneUp Utilities 2014 wird entfernt
15-10-2013 13:19:57 Installed Microsoft Office Professional 2010-Testversion

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05F1CE50-5C38-47E5-A2B6-D69E272678FC} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
Task: {1542D838-65F6-4FF4-8D93-6C164DBFFD93} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1511230306-1648634698-1318965908-1001Core => C:\Users\Marci\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-10] (Google Inc.)
Task: {251444F3-F2B5-4D4B-A0E2-558D84D6C6ED} - \EPUpdater No Task File
Task: {2C73DA89-5E9C-45DB-9B52-918518B00A1A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {734F4CBA-4572-49ED-80CB-4387C5E13D34} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {8AD7A677-D431-4DB5-864D-2DA90FADB47D} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-11] (Adobe Systems Incorporated)
Task: {8B0C6CD6-6E7B-42C5-80D9-61CDCF0BFA7A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-12] (Google Inc.)
Task: {99292779-E7E1-4C47-B4D1-4824412C9EF4} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {A6AAC4E0-EFA2-4F25-BAAD-7563A0B95CBB} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software)
Task: {C2D88C17-C1A1-4A12-9F3F-66C55A7D386E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1511230306-1648634698-1318965908-1001UA => C:\Users\Marci\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-10] (Google Inc.)
Task: {C911790D-517C-4598-91CA-26F78BCC2B85} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-12] (Google Inc.)
Task: {F3F89164-AB04-4914-80B4-80629EACEA94} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {FF03A106-6A80-48FD-9EE6-4EE4CA242566} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-08-07] (Hewlett-Packard Company)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1511230306-1648634698-1318965908-1001Core.job => C:\Users\Marci\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1511230306-1648634698-1318965908-1001UA.job => C:\Users\Marci\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-08-29 11:02 - 2012-08-29 11:02 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2013-03-18 08:29 - 2013-03-18 08:29 - 00120224 _____ () C:\Users\Marci\AppData\Local\assembly\dl3\NOGMAKPB.6WK\1H8N5T5G.6Q8\b4296c12\00af4ffb_c485cd01\HPItunesModule.DLL
2012-08-29 11:02 - 2012-08-29 11:02 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-08-29 11:02 - 2012-08-29 11:02 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2013-10-16 11:36 - 2013-10-16 10:17 - 02105856 _____ () C:\Program Files\AVAST Software\Avast\defs\13101600\algo.dll
2013-10-12 12:12 - 2013-10-12 12:12 - 03008112 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2013-10-12 12:12 - 2013-10-12 12:12 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2013-10-12 12:12 - 2013-10-12 12:12 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2013-10-10 11:53 - 2013-10-03 08:02 - 00698832 _____ () C:\Users\Marci\AppData\Local\Google\Chrome\Application\30.0.1599.69\libglesv2.dll
2013-10-10 11:53 - 2013-10-03 08:02 - 00099792 _____ () C:\Users\Marci\AppData\Local\Google\Chrome\Application\30.0.1599.69\libegl.dll
2013-10-10 11:53 - 2013-10-03 08:03 - 04055504 _____ () C:\Users\Marci\AppData\Local\Google\Chrome\Application\30.0.1599.69\pdf.dll
2013-10-10 11:53 - 2013-10-03 08:03 - 00415184 _____ () C:\Users\Marci\AppData\Local\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll
2013-10-10 11:53 - 2013-10-03 08:02 - 01604560 _____ () C:\Users\Marci\AppData\Local\Google\Chrome\Application\30.0.1599.69\ffmpegsumo.dll
2013-10-15 16:16 - 2013-10-15 16:16 - 13584776 _____ () C:\Users\Marci\AppData\Local\Google\Chrome\User Data\PepperFlash\11.9.900.117\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/15/2013 06:59:51 PM) (Source: Windows Search Service) (User: )
Description: Die Registrierungsinformationen der Leistungsindikatoren für WSearchIdxPi für die Instanz   konnten wegen des folgenden Fehlers nicht abgerufen werden: Der Vorgang wurde erfolgreich beendet.   0x0.

Error: (10/15/2013 06:59:51 PM) (Source: Windows Search Service) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Kontext:  Anwendung, SystemIndex Katalog

Error: (10/15/2013 06:59:50 PM) (Source: Windows Search Service) (User: )
Description: Die Leistungsüberwachung kann für den Gatherer-Dienst nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Error: (10/15/2013 06:05:33 PM) (Source: MsiInstaller) (User: A_C_A_B)
Description: Produkt: SpyHunter -- Fehler 1721. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Ein für den Abschluss der Installation erforderliches Programm konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: , Pfad: WiseCustomCall, Befehl: g5

Error: (10/15/2013 04:27:38 PM) (Source: Windows Search Service) (User: )
Description: Die Registrierungsinformationen der Leistungsindikatoren für WSearchIdxPi für die Instanz   konnten wegen des folgenden Fehlers nicht abgerufen werden: Der Vorgang wurde erfolgreich beendet.   0x0.

Error: (10/15/2013 04:27:38 PM) (Source: Windows Search Service) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Kontext:  Anwendung, SystemIndex Katalog

Error: (10/15/2013 04:27:37 PM) (Source: Windows Search Service) (User: )
Description: Die Leistungsüberwachung kann für den Gatherer-Dienst nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Error: (10/15/2013 04:16:48 PM) (Source: Windows Search Service) (User: )
Description: Die Registrierungsinformationen der Leistungsindikatoren für WSearchIdxPi für die Instanz   konnten wegen des folgenden Fehlers nicht abgerufen werden: Der Vorgang wurde erfolgreich beendet.   0x0.

Error: (10/15/2013 04:16:47 PM) (Source: Windows Search Service) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Kontext:  Anwendung, SystemIndex Katalog

Error: (10/15/2013 04:16:47 PM) (Source: Windows Search Service) (User: )
Description: Die Leistungsüberwachung kann für den Gatherer-Dienst nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.


System errors:
=============
Error: (10/15/2013 07:02:31 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (10/15/2013 07:02:10 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (10/15/2013 06:59:19 PM) (Source: Microsoft-Windows-Ntfs) (User: NT-AUTORITÄT)
Description: I:\Device\HarddiskVolume82

Error: (10/15/2013 06:59:05 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0xc000014d0

Error: (10/15/2013 06:58:03 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (10/15/2013 05:10:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avast! Antivirus" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/15/2013 04:28:52 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (10/15/2013 04:28:39 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (10/15/2013 04:26:20 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BrowserDefendert" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/15/2013 04:25:45 PM) (Source: Microsoft-Windows-Ntfs) (User: NT-AUTORITÄT)
Description: I:\Device\HarddiskVolume62


Microsoft Office Sessions:
=========================
Error: (10/15/2013 06:59:51 PM) (Source: Windows Search Service)(User: )
Description: WSearchIdxPiDer Vorgang wurde erfolgreich beendet.   0x0

Error: (10/15/2013 06:59:51 PM) (Source: Windows Search Service)(User: )
Description: Kontext:  Anwendung, SystemIndex Katalog

Error: (10/15/2013 06:59:50 PM) (Source: Windows Search Service)(User: )
Description: 

Error: (10/15/2013 06:05:33 PM) (Source: MsiInstaller)(User: A_C_A_B)
Description: Produkt: SpyHunter -- Fehler 1721. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Ein für den Abschluss der Installation erforderliches Programm konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: , Pfad: WiseCustomCall, Befehl: g5 (NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/15/2013 04:27:38 PM) (Source: Windows Search Service)(User: )
Description: WSearchIdxPiDer Vorgang wurde erfolgreich beendet.   0x0

Error: (10/15/2013 04:27:38 PM) (Source: Windows Search Service)(User: )
Description: Kontext:  Anwendung, SystemIndex Katalog

Error: (10/15/2013 04:27:37 PM) (Source: Windows Search Service)(User: )
Description: 

Error: (10/15/2013 04:16:48 PM) (Source: Windows Search Service)(User: )
Description: WSearchIdxPiDer Vorgang wurde erfolgreich beendet.   0x0

Error: (10/15/2013 04:16:47 PM) (Source: Windows Search Service)(User: )
Description: Kontext:  Anwendung, SystemIndex Katalog

Error: (10/15/2013 04:16:47 PM) (Source: Windows Search Service)(User: )
Description: 


==================== Memory info =========================== 

Percentage of memory in use: 32%
Total physical RAM: 3659.64 MB
Available physical RAM: 2462.47 MB
Total Pagefile: 4059.64 MB
Available Pagefile: 2515.49 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: (Marci (C:)) (Fixed) (Total:455.65 GB) (Free:359.26 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:8.64 GB) (Free:1.04 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive i: (INTENSO) (Fixed) (Total:931.51 GB) (Free:581.66 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: FA8A6F90)

Partition: GPT Partition Type
========================================================
Disk: 3 (Size: 932 GB) (Disk ID: 5794EDA9)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================

--- --- ---

schrauber · 16.10.2013, 11:28

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

a_c_a_b11 · 16.10.2013, 12:37

das ist vom ADWcleaner von gestern....(
FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Marci (administrator) on A_C_A_B on 16-10-2013 11:38:38
Running from C:\Users\Marci\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\windows\system32\atiesrxx.exe
(AMD) C:\windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Users\Marci\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marci\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marci\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marci\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marci\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1807272 2013-07-27] (Valve Corporation)
HKCU\...\Run: [Google Update] - C:\Users\Marci\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-10] (Google Inc.)
MountPoints2: {1d08d3fa-0eef-11e3-be8a-4c72b9720860} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {5514cf13-90c3-11e2-be6e-001e101fbe27} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {6b0b6370-8f65-11e2-be6c-4c72b9720860} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {6b0b63cd-8f65-11e2-be6c-4c72b9720860} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {8920b946-c943-11e2-be74-4c72b9720860} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {8920b999-c943-11e2-be74-4c72b9720860} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {8920b9b8-c943-11e2-be74-4c72b9720860} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {8920b9d2-c943-11e2-be74-4c72b9720860} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {8920bab2-c943-11e2-be74-4c72b9720860} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {8920bacf-c943-11e2-be74-4c72b9720860} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {ee115b6b-cae3-11e2-be75-001e101fe13a} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {ee115baf-cae3-11e2-be75-001e101fe13a} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {ee115ddc-cae3-11e2-be75-001e101fe13a} - "G:\.\Setup.exe" AUTORUN=1
HKLM-x32\...\Run: [StartCCC] - c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/?gws_rd=cr&ei=SntdUufUAomGtAbHpYGgDw
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQDSK13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQDSK13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/CQDSK13/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQDSK13/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/CQDSK13/4
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CPDTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CPDTDFJS
SearchScopes: HKLM - {79AE7379-BD08-4A58-A721-555A606B024F} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {79AE7379-BD08-4A58-A721-555A606B024F} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CPDTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CPDTDFJS
SearchScopes: HKCU - {79AE7379-BD08-4A58-A721-555A606B024F} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {87554C62-FF35-4958-974F-FF2A79AF514E} URL = hxxp://search.softonic.com/MOY00009/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=44c5aadb0000000000004c72b9720860&r=941
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU -  No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Marci\AppData\Roaming\Mozilla\Firefox\Profiles\rukj03bx.default
FF NewTab: hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=7ab7c4a7-6aad-b7c0-4a51-1346993e4708&searchtype=nt&installDate=11/10/2013
FF Homepage: https://www.google.de/
FF Keyword.URL: hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=7ab7c4a7-6aad-b7c0-4a51-1346993e4708&searchtype=ds&installDate=11/10/2013&q=
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Marci\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Marci\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Marci\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome: 
=======
CHR HomePage: hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=7ab7c4a7-6aad-b7c0-4a51-1346993e4708&searchtype=hp&installDate=11/10/2013
CHR RestoreOnStartup: "hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=7ab7c4a7-6aad-b7c0-4a51-1346993e4708&searchtype=hp&installDate=11/10/2013"
CHR Extension: (Google Docs) - C:\Users\Marci\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Marci\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Marci\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Marci\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Marci\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Marci\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 ALDITALKVerbindungsassistent_Service; C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe [358968 2013-10-07] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [137960 2013-08-30] (AVAST Software)
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R1 aswFW; C:\Windows\System32\Drivers\aswFW.sys [131232 2013-08-30] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswNdisFlt; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [276992 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [138752 2013-03-18] (Huawei Technologies Co., Ltd.)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-16 11:38 - 2013-10-16 11:38 - 00000000 ____D C:\FRST
2013-10-16 11:36 - 2013-10-16 11:36 - 01954124 _____ (Farbar) C:\Users\Marci\Desktop\FRST64.exe
2013-10-16 11:36 - 2013-10-16 11:36 - 00001113 _____ C:\Users\Marci\Desktop\Continue Zip Extractor Installation.lnk
2013-10-16 11:35 - 2013-10-16 11:35 - 00753504 _____ C:\Users\Marci\Downloads\ZipExtractorSetup.exe
2013-10-15 18:56 - 2013-10-15 18:58 - 00000000 ____D C:\AdwCleaner
2013-10-15 18:55 - 2013-10-15 18:55 - 01048960 _____ C:\Users\Marci\Downloads\adwcleaner_3.0.0.7.exe
2013-10-15 18:39 - 2013-10-15 18:39 - 00001080 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-10-15 17:01 - 2013-10-15 17:01 - 00000000 _____ C:\autoexec.bat
2013-10-15 17:00 - 2013-10-15 18:05 - 00000000 ____D C:\windows\037F8C0EE8E1408FABB4FC4ABF947E1B.TMP
2013-10-15 17:00 - 2013-10-15 18:05 - 00000000 ____D C:\sh4ldr
2013-10-15 17:00 - 2013-10-15 17:00 - 00003324 _____ C:\windows\System32\Tasks\SpyHunter4Startup
2013-10-15 17:00 - 2013-10-15 17:00 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-10-15 16:25 - 2013-10-15 16:26 - 00426960 _____ C:\windows\system32\FNTCACHE.DAT
2013-10-15 15:26 - 2013-10-15 15:26 - 00000000 ____D C:\windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-10-15 15:22 - 2013-10-15 15:22 - 00000000 ____D C:\Program Files\Microsoft Office
2013-10-15 15:22 - 2013-10-15 15:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-10-15 15:21 - 2013-10-15 16:16 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-15 15:21 - 2013-10-15 15:21 - 00000000 ____D C:\Users\Marci\AppData\Local\Microsoft Help
2013-10-15 15:20 - 2013-10-15 15:20 - 00000000 __RHD C:\MSOCache
2013-10-15 15:01 - 2013-10-15 16:30 - 00000000 ____D C:\Users\Marci\Desktop\Berichtsheft
2013-10-14 13:55 - 2013-10-14 14:15 - 00000000 ____D C:\Users\Marci\Desktop\caddy
2013-10-14 11:34 - 2013-08-10 07:21 - 00448512 _____ (Microsoft Corporation) C:\windows\system32\SettingSync.dll
2013-10-14 11:34 - 2013-08-10 07:21 - 00128512 _____ (Microsoft Corporation) C:\windows\system32\SettingSyncInfo.dll
2013-10-14 11:34 - 2013-08-10 05:58 - 00356352 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSync.dll
2013-10-14 11:34 - 2013-08-03 08:40 - 01374208 _____ (Microsoft Corporation) C:\windows\system32\wdc.dll
2013-10-14 11:34 - 2013-08-03 08:40 - 00566784 _____ (Microsoft Corporation) C:\windows\system32\wvc.dll
2013-10-14 11:34 - 2013-08-03 08:40 - 00462336 _____ (Microsoft Corporation) C:\windows\system32\sysmon.ocx
2013-10-14 11:34 - 2013-08-03 07:14 - 00399360 _____ (Microsoft Corporation) C:\windows\SysWOW64\sysmon.ocx
2013-10-14 11:34 - 2013-08-03 07:13 - 01245696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdc.dll
2013-10-14 11:34 - 2013-08-03 07:13 - 00437248 _____ (Microsoft Corporation) C:\windows\SysWOW64\wvc.dll
2013-10-14 11:34 - 2013-08-02 08:28 - 19758080 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2013-10-14 11:34 - 2013-08-02 08:28 - 10116608 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2013-10-14 11:34 - 2013-08-02 08:28 - 00222208 _____ (Microsoft Corporation) C:\windows\system32\shdocvw.dll
2013-10-14 11:34 - 2013-08-02 08:26 - 02304512 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2013-10-14 11:34 - 2013-08-02 07:08 - 17561088 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2013-10-14 11:34 - 2013-08-02 07:08 - 08858112 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2013-10-14 11:34 - 2013-08-02 07:08 - 00199168 _____ (Microsoft Corporation) C:\windows\SysWOW64\shdocvw.dll
2013-10-14 11:34 - 2013-08-02 07:06 - 02035712 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2013-10-14 11:34 - 2013-08-01 12:41 - 02233688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2013-10-14 11:34 - 2013-07-31 01:30 - 00386923 _____ C:\windows\system32\ApnDatabase.xml
2013-10-14 11:34 - 2013-07-25 01:10 - 00158208 _____ (Microsoft Corporation) C:\windows\SysWOW64\mbsmsapi.dll
2013-10-14 11:34 - 2013-07-25 01:06 - 00225280 _____ (Microsoft Corporation) C:\windows\system32\mbsmsapi.dll
2013-10-14 11:34 - 2013-04-10 01:17 - 01125888 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2013-10-14 11:34 - 2013-04-10 00:29 - 00893952 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2013-10-12 12:12 - 2013-10-12 16:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-11 15:04 - 2013-10-16 11:30 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-10-11 15:04 - 2013-10-11 15:04 - 00003772 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-10-11 15:04 - 2013-10-11 15:04 - 00000000 ____D C:\ProgramData\McAfee
2013-10-11 14:57 - 2013-10-11 14:57 - 00001161 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-11 14:47 - 2013-10-11 14:47 - 00000000 ____D C:\Users\Marci\AppData\Roaming\TuneUp Software
2013-10-11 14:45 - 2013-10-11 14:47 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-10-11 14:45 - 2013-10-11 14:45 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-10-11 13:30 - 2013-10-11 13:30 - 00000000 ____D C:\Users\Marci\Documents\My Cheat Tables
2013-10-10 11:53 - 2013-10-10 11:53 - 00002340 _____ C:\Users\Marci\Desktop\Google Chrome.lnk
2013-10-10 11:53 - 2013-10-10 11:53 - 00000000 ____D C:\Users\Marci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-10-10 11:52 - 2013-10-15 23:12 - 00001136 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1511230306-1648634698-1318965908-1001UA.job
2013-10-10 11:52 - 2013-10-14 12:12 - 00001084 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1511230306-1648634698-1318965908-1001Core.job
2013-10-10 11:52 - 2013-10-11 12:07 - 00004082 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1511230306-1648634698-1318965908-1001UA
2013-10-10 11:52 - 2013-10-11 12:07 - 00003702 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1511230306-1648634698-1318965908-1001Core
2013-10-10 10:03 - 2013-10-02 03:38 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-10-10 10:03 - 2013-10-02 03:38 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 01:36 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-10-09 01:36 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-10-09 01:36 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-10-09 01:36 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-10-09 01:36 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-10-09 01:36 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-10-09 01:36 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-10-09 01:36 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-10-09 01:36 - 2013-07-06 02:15 - 00652288 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2013-10-09 01:36 - 2013-07-04 04:13 - 00541696 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2013-10-09 01:36 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2013-10-09 01:36 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2013-10-09 01:36 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-10-09 01:36 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-10-09 01:36 - 2013-04-29 00:28 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2013-10-09 01:36 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-10-09 01:36 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-10-09 01:36 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-10-09 01:36 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-10-09 01:36 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2013-10-09 01:36 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-10-09 01:36 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-10-09 01:35 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-10-09 01:35 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-10-09 01:35 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-10-09 01:35 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-10-09 01:35 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-10-09 01:34 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-10-09 01:34 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-10-09 01:34 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-10-09 01:34 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-10-09 01:34 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-10-09 01:33 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-10-09 01:31 - 2013-06-22 07:45 - 00785624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Wdf01000.sys
2013-10-09 01:31 - 2013-06-22 07:45 - 00054488 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdfLdr.sys
2013-10-09 01:30 - 2013-08-23 07:11 - 04040192 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-10-09 01:30 - 2013-07-20 00:13 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 01:30 - 2013-07-20 00:13 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 01:30 - 2013-07-06 00:02 - 00099328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbcir.sys
2013-10-09 01:30 - 2013-07-02 03:41 - 00447320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBHUB3.SYS
2013-10-09 01:30 - 2013-07-02 03:41 - 00337752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBXHCI.SYS
2013-10-09 01:30 - 2013-07-02 03:41 - 00213336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\UCX01000.SYS
2013-10-09 01:30 - 2013-07-02 00:14 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbprint.sys
2013-10-09 01:30 - 2013-07-01 03:42 - 00623448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2013-10-09 01:30 - 2013-07-01 03:42 - 00498008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2013-10-09 01:30 - 2013-07-01 03:42 - 00079192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2013-10-09 01:30 - 2013-07-01 03:42 - 00021848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2013-10-09 01:30 - 2013-06-29 05:08 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2013-10-09 01:30 - 2013-06-29 05:07 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2013-10-09 01:30 - 2013-06-29 05:07 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2013-10-09 01:30 - 2013-06-29 05:06 - 00120832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2013-10-09 01:30 - 2013-05-27 01:17 - 00035328 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2013-10-09 01:30 - 2013-05-27 00:59 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2013-10-09 01:30 - 2013-05-25 05:15 - 00362496 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2013-10-09 01:30 - 2013-05-25 04:32 - 00300032 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2013-10-08 02:07 - 2013-10-08 02:08 - 00000000 ____D C:\Users\Marci\Desktop\Neuer Ordner
2013-10-08 02:04 - 2013-08-16 07:41 - 00058200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dam.sys
2013-10-08 02:04 - 2013-08-16 07:39 - 02371728 _____ (Microsoft Corporation) C:\windows\system32\WSService.dll
2013-10-08 02:04 - 2013-08-16 07:39 - 00059416 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2013-10-08 02:04 - 2013-08-16 07:32 - 00209200 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2013-10-08 02:04 - 2013-08-16 07:22 - 04917760 _____ (Microsoft Corporation) C:\windows\system32\sppsvc.exe
2013-10-08 02:04 - 2013-08-16 07:22 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2013-10-08 02:04 - 2013-08-16 07:21 - 03275776 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 01621504 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 01164288 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00773120 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00688640 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00368640 _____ (Microsoft Corporation) C:\windows\system32\sppwinob.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00252416 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00204800 _____ (Microsoft Corporation) C:\windows\system32\WSClient.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00183808 _____ (Microsoft Corporation) C:\windows\system32\WSSync.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00174592 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00142848 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00120320 _____ (Microsoft Corporation) C:\windows\system32\sppc.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00099328 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\setupcln.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00049664 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00049152 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2013-10-08 02:04 - 2013-08-16 07:20 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2013-10-08 02:04 - 2013-08-16 00:43 - 00628736 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2013-10-08 02:04 - 2013-08-16 00:43 - 00562688 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2013-10-08 02:04 - 2013-08-16 00:43 - 00167424 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSClient.dll
2013-10-08 02:04 - 2013-08-16 00:43 - 00159232 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSSync.dll
2013-10-08 02:04 - 2013-08-16 00:43 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-10-08 02:04 - 2013-08-16 00:43 - 00126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2013-10-08 02:04 - 2013-08-16 00:43 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-10-08 02:04 - 2013-08-16 00:43 - 00084992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2013-10-08 02:04 - 2013-08-16 00:43 - 00083968 _____ C:\windows\SysWOW64\OEMLicense.dll
2013-10-08 02:04 - 2013-08-16 00:43 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2013-10-08 02:04 - 2013-08-16 00:43 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2013-10-08 02:04 - 2013-08-16 00:42 - 00091648 _____ (Microsoft Corporation) C:\windows\SysWOW64\sppc.dll
2013-10-08 02:04 - 2013-08-16 00:42 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\setupcln.dll
2013-10-08 02:01 - 2013-07-09 10:04 - 00120144 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msgpioclx.sys
2013-10-08 02:01 - 2013-07-09 08:18 - 00439488 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2013-10-08 02:01 - 2013-07-09 06:25 - 00385768 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2013-10-08 02:01 - 2013-07-09 05:57 - 00245760 _____ (Microsoft Corporation) C:\windows\SysWOW64\LocationApi.dll
2013-10-08 02:01 - 2013-07-09 00:46 - 00543744 _____ (Microsoft Corporation) C:\windows\system32\wwanmm.dll
2013-10-08 02:01 - 2013-07-09 00:46 - 00414208 _____ (Microsoft Corporation) C:\windows\system32\wwanconn.dll
2013-10-08 02:01 - 2013-07-09 00:46 - 00370688 _____ (Microsoft Corporation) C:\windows\system32\Wwanadvui.dll
2013-10-08 02:01 - 2013-07-09 00:45 - 00312832 _____ (Microsoft Corporation) C:\windows\system32\LocationApi.dll
2013-10-08 02:01 - 2013-07-06 02:16 - 01025024 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2013-10-08 02:01 - 2013-07-03 02:23 - 00778752 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2013-10-08 02:01 - 2013-07-03 02:23 - 00391168 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-10-08 02:01 - 2013-07-03 02:22 - 02839552 _____ (Microsoft Corporation) C:\windows\system32\msftedit.dll
2013-10-08 02:01 - 2013-07-03 02:22 - 01300480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2013-10-08 02:01 - 2013-07-03 02:11 - 00551424 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2013-10-08 02:01 - 2013-07-03 02:11 - 00268800 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-10-08 02:01 - 2013-07-03 02:10 - 02273792 _____ (Microsoft Corporation) C:\windows\SysWOW64\msftedit.dll
2013-10-08 02:01 - 2013-07-01 00:30 - 00067072 _____ (Microsoft Corporation) C:\windows\SysWOW64\openfiles.exe
2013-10-08 02:01 - 2013-07-01 00:29 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\openfiles.exe
2013-10-08 02:01 - 2013-06-29 08:15 - 00195416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys
2013-10-08 02:01 - 2013-06-29 08:15 - 00125784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dumpsd.sys
2013-10-08 02:01 - 2013-06-29 07:43 - 00327512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys
2013-10-08 02:01 - 2013-06-29 03:12 - 01022464 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2013-10-08 02:01 - 2013-06-26 05:01 - 00321536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\udfs.sys
2013-10-08 02:01 - 2013-06-26 04:59 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\HdAudio.sys
2013-10-08 02:01 - 2013-06-25 00:54 - 00447488 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2013-10-08 02:01 - 2013-06-25 00:54 - 00263680 _____ (Microsoft Corporation) C:\windows\system32\wcmsvc.dll
2013-10-08 02:01 - 2013-06-25 00:54 - 00074240 _____ (Microsoft Corporation) C:\windows\system32\wcmcsp.dll
2013-10-08 02:01 - 2013-06-19 07:36 - 00183808 _____ (Microsoft Corporation) C:\windows\system32\winmmbase.dll
2013-10-08 02:01 - 2013-06-19 07:36 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\winmm.dll
2013-10-08 02:01 - 2013-06-19 00:38 - 00160256 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmmbase.dll
2013-10-08 02:01 - 2013-06-19 00:38 - 00125440 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmm.dll
2013-10-08 02:01 - 2013-06-12 01:43 - 00154112 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinSCard.dll
2013-10-08 02:01 - 2013-06-12 01:26 - 00230912 _____ (Microsoft Corporation) C:\windows\system32\WinSCard.dll
2013-10-08 02:01 - 2013-06-10 23:17 - 00096512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wfplwfs.sys
2013-10-08 02:01 - 2013-06-10 21:16 - 00888832 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2013-10-08 02:01 - 2013-06-10 21:15 - 01156096 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2013-10-08 02:01 - 2013-06-10 21:15 - 00723968 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
2013-10-08 02:01 - 2013-06-10 21:15 - 00381952 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2013-10-08 02:01 - 2013-06-10 21:10 - 00702464 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2013-10-08 02:01 - 2013-06-10 21:10 - 00245248 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2013-10-08 02:01 - 2013-06-06 10:03 - 00119040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBSTOR.SYS
2013-10-08 02:00 - 2013-08-07 07:15 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\tssdisai.dll
2013-10-07 01:59 - 2013-10-07 01:59 - 00002100 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2013-10-02 22:31 - 2013-10-07 01:16 - 00000000 ____D C:\Users\Marci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maxis
2013-10-02 22:13 - 2013-10-02 22:13 - 00000000 ____D C:\Program Files (x86)\Maxis
2013-09-27 16:24 - 2013-10-15 16:25 - 00335934 _____ C:\windows\PFRO.log
2013-09-27 16:09 - 2013-09-27 16:09 - 00000000 ____D C:\Users\Marci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinISD Pro [alpha]
2013-09-27 16:08 - 2013-09-27 16:08 - 00000000 ____D C:\Users\Marci\AppData\Local\avgchrome
2013-09-27 16:08 - 2013-09-27 16:08 - 00000000 ____D C:\Program Files (x86)\Linearteam
2013-09-20 22:18 - 2013-09-20 23:51 - 229577206 _____ C:\Users\Marci\Desktop\3096 tage Natascha Kampusch.mp4
2013-09-20 21:29 - 2013-09-20 21:29 - 00000000 ____D C:\ProgramData\Intenium
2013-09-20 20:11 - 2013-09-20 20:11 - 00000000 ____D C:\Users\Public\Documents\intenium
2013-09-20 20:10 - 2013-09-20 20:10 - 00000000 ____D C:\Program Files (x86)\OXXOGames
2013-09-19 18:20 - 2013-09-19 19:40 - 261567936 _____ C:\Users\Marci\Desktop\50 erste dates.mp4

==================== One Month Modified Files and Folders =======

2013-10-16 11:38 - 2013-10-16 11:38 - 00000000 ____D C:\FRST
2013-10-16 11:36 - 2013-10-16 11:36 - 01954124 _____ (Farbar) C:\Users\Marci\Desktop\FRST64.exe
2013-10-16 11:36 - 2013-10-16 11:36 - 00001113 _____ C:\Users\Marci\Desktop\Continue Zip Extractor Installation.lnk
2013-10-16 11:35 - 2013-10-16 11:35 - 00753504 _____ C:\Users\Marci\Downloads\ZipExtractorSetup.exe
2013-10-16 11:30 - 2013-10-11 15:04 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-10-16 11:28 - 2013-03-18 08:26 - 02069673 _____ C:\windows\WindowsUpdate.log
2013-10-16 11:18 - 2012-07-26 10:12 - 00000000 ____D C:\windows\system32\sru
2013-10-15 23:12 - 2013-10-10 11:52 - 00001136 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1511230306-1648634698-1318965908-1001UA.job
2013-10-15 23:06 - 2013-06-12 00:40 - 00001124 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-15 19:11 - 2013-03-18 08:33 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1511230306-1648634698-1318965908-1001
2013-10-15 19:00 - 2013-06-12 00:40 - 00001120 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-15 19:00 - 2013-03-19 13:39 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2013-10-15 18:59 - 2012-07-26 09:22 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-10-15 18:58 - 2013-10-15 18:56 - 00000000 ____D C:\AdwCleaner
2013-10-15 18:58 - 2012-07-26 07:26 - 00262144 ___SH C:\windows\system32\config\BBI
2013-10-15 18:55 - 2013-10-15 18:55 - 01048960 _____ C:\Users\Marci\Downloads\adwcleaner_3.0.0.7.exe
2013-10-15 18:49 - 2012-09-26 03:42 - 00745562 _____ C:\windows\system32\perfh007.dat
2013-10-15 18:49 - 2012-09-26 03:42 - 00169488 _____ C:\windows\system32\perfc007.dat
2013-10-15 18:49 - 2012-07-26 09:28 - 01752656 _____ C:\windows\system32\PerfStringBackup.INI
2013-10-15 18:40 - 2013-03-19 00:31 - 00000000 ____D C:\Users\Marci\AppData\Roaming\vlc
2013-10-15 18:39 - 2013-10-15 18:39 - 00001080 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-10-15 18:05 - 2013-10-15 17:00 - 00000000 ____D C:\windows\037F8C0EE8E1408FABB4FC4ABF947E1B.TMP
2013-10-15 18:05 - 2013-10-15 17:00 - 00000000 ____D C:\sh4ldr
2013-10-15 17:01 - 2013-10-15 17:01 - 00000000 _____ C:\autoexec.bat
2013-10-15 17:00 - 2013-10-15 17:00 - 00003324 _____ C:\windows\System32\Tasks\SpyHunter4Startup
2013-10-15 17:00 - 2013-10-15 17:00 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-10-15 16:30 - 2013-10-15 15:01 - 00000000 ____D C:\Users\Marci\Desktop\Berichtsheft
2013-10-15 16:27 - 2013-03-18 08:27 - 00000000 ___RD C:\Users\Marci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-15 16:27 - 2013-03-18 08:27 - 00000000 ___RD C:\Users\Marci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-15 16:26 - 2013-10-15 16:25 - 00426960 _____ C:\windows\system32\FNTCACHE.DAT
2013-10-15 16:25 - 2013-09-27 16:24 - 00335934 _____ C:\windows\PFRO.log
2013-10-15 16:25 - 2013-03-18 22:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-15 16:24 - 2012-07-26 10:12 - 00000000 ___RD C:\windows\ToastData
2013-10-15 16:16 - 2013-10-15 15:21 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-15 16:11 - 2012-07-26 07:26 - 00000167 _____ C:\windows\win.ini
2013-10-15 16:10 - 2012-09-25 19:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-10-15 15:34 - 2012-07-26 11:45 - 00000000 ____D C:\windows\ShellNew
2013-10-15 15:28 - 2013-06-03 08:52 - 00000000 ____D C:\Users\Marci\AppData\Local\Mozilla
2013-10-15 15:26 - 2013-10-15 15:26 - 00000000 ____D C:\windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-10-15 15:25 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-10-15 15:22 - 2013-10-15 15:22 - 00000000 ____D C:\Program Files\Microsoft Office
2013-10-15 15:22 - 2013-10-15 15:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-10-15 15:21 - 2013-10-15 15:21 - 00000000 ____D C:\Users\Marci\AppData\Local\Microsoft Help
2013-10-15 15:20 - 2013-10-15 15:20 - 00000000 __RHD C:\MSOCache
2013-10-15 15:04 - 2013-05-29 11:04 - 00000052 _____ C:\windows\SysWOW64\DOErrors.log
2013-10-15 15:03 - 2013-05-29 11:04 - 00000000 _____ C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-10-15 13:01 - 2013-06-12 00:40 - 00004096 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-15 13:01 - 2013-06-12 00:40 - 00003860 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-15 12:39 - 2012-07-26 10:12 - 00000000 ____D C:\windows\AUInstallAgent
2013-10-14 14:15 - 2013-10-14 13:55 - 00000000 ____D C:\Users\Marci\Desktop\caddy
2013-10-14 12:12 - 2013-10-10 11:52 - 00001084 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1511230306-1648634698-1318965908-1001Core.job
2013-10-12 16:45 - 2013-10-12 12:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-12 11:32 - 2013-03-18 22:56 - 00000000 ____D C:\Users\Marci\AppData\Local\Thunderbird
2013-10-11 15:05 - 2013-06-03 10:29 - 00000000 ____D C:\Users\Marci\AppData\Local\Adobe
2013-10-11 15:04 - 2013-10-11 15:04 - 00003772 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-10-11 15:04 - 2013-10-11 15:04 - 00000000 ____D C:\ProgramData\McAfee
2013-10-11 14:57 - 2013-10-11 14:57 - 00001161 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-11 14:57 - 2013-07-01 12:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-11 14:47 - 2013-10-11 14:47 - 00000000 ____D C:\Users\Marci\AppData\Roaming\TuneUp Software
2013-10-11 14:47 - 2013-10-11 14:45 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-10-11 14:45 - 2013-10-11 14:45 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-10-11 13:30 - 2013-10-11 13:30 - 00000000 ____D C:\Users\Marci\Documents\My Cheat Tables
2013-10-11 12:07 - 2013-10-10 11:52 - 00004082 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1511230306-1648634698-1318965908-1001UA
2013-10-11 12:07 - 2013-10-10 11:52 - 00003702 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1511230306-1648634698-1318965908-1001Core
2013-10-10 11:53 - 2013-10-10 11:53 - 00002340 _____ C:\Users\Marci\Desktop\Google Chrome.lnk
2013-10-10 11:53 - 2013-10-10 11:53 - 00000000 ____D C:\Users\Marci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-10-10 11:52 - 2013-06-12 00:39 - 00000000 ____D C:\Users\Marci\AppData\Local\Google
2013-10-10 11:51 - 2013-06-12 00:39 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-10 11:43 - 2012-07-26 10:12 - 00000000 ____D C:\windows\rescache
2013-10-10 10:00 - 2012-07-26 10:12 - 00000000 ____D C:\windows\WinStore
2013-10-10 10:00 - 2012-07-26 10:12 - 00000000 ____D C:\windows\PolicyDefinitions
2013-10-10 10:00 - 2012-07-26 07:38 - 00000000 ____D C:\windows\system32\oobe
2013-10-09 12:33 - 2013-08-09 15:54 - 00000000 ____D C:\windows\system32\MRT
2013-10-09 12:31 - 2013-03-19 12:11 - 80541720 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-10-09 02:10 - 2013-06-01 23:26 - 00000000 ____D C:\Users\Marci\AppData\Roaming\ALDITALKVerbindungsassistent
2013-10-08 02:08 - 2013-10-08 02:07 - 00000000 ____D C:\Users\Marci\Desktop\Neuer Ordner
2013-10-08 02:06 - 2013-07-12 22:17 - 00000000 ____D C:\Users\Marci\Desktop\Diverse Ordner
2013-10-07 02:05 - 2013-06-01 23:25 - 00000000 ____D C:\Program Files (x86)\ALDITALKVerbindungsassistent
2013-10-07 01:59 - 2013-10-07 01:59 - 00002100 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2013-10-07 01:24 - 2013-09-06 10:26 - 00001932 _____ C:\Users\Public\Desktop\avast! Internet Security.lnk
2013-10-07 01:24 - 2013-03-19 13:39 - 00000000 _____ C:\windows\SysWOW64\config.nt
2013-10-07 01:22 - 2013-03-18 08:26 - 00000000 ____D C:\Users\Marci
2013-10-07 01:21 - 2012-07-26 07:37 - 00000000 ____D C:\windows\servicing
2013-10-07 01:20 - 2012-07-26 10:12 - 00000000 ____D C:\windows\system32\spp
2013-10-07 01:20 - 2012-07-26 10:12 - 00000000 ____D C:\windows\L2Schemas
2013-10-07 01:20 - 2012-07-26 07:38 - 00000000 ____D C:\windows\system32\Sysprep
2013-10-07 01:19 - 2013-08-15 16:58 - 00000000 ____D C:\Users\Marci\Desktop\Spiele
2013-10-07 01:16 - 2013-10-02 22:31 - 00000000 ____D C:\Users\Marci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maxis
2013-10-07 01:15 - 2012-07-26 10:12 - 00000000 ____D C:\windows\registration
2013-10-02 22:13 - 2013-10-02 22:13 - 00000000 ____D C:\Program Files (x86)\Maxis
2013-10-02 03:38 - 2013-10-10 10:03 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-10-02 03:38 - 2013-10-10 10:03 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-27 16:09 - 2013-09-27 16:09 - 00000000 ____D C:\Users\Marci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinISD Pro [alpha]
2013-09-27 16:08 - 2013-09-27 16:08 - 00000000 ____D C:\Users\Marci\AppData\Local\avgchrome
2013-09-27 16:08 - 2013-09-27 16:08 - 00000000 ____D C:\Program Files (x86)\Linearteam
2013-09-23 01:28 - 2013-10-09 01:36 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-09-23 01:28 - 2013-10-09 01:36 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-09-23 01:27 - 2013-10-09 01:36 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-09-23 01:27 - 2013-10-09 01:36 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-09-23 01:27 - 2013-10-09 01:34 - 02876928 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-09-23 01:27 - 2013-10-09 01:34 - 02048512 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-09-23 01:27 - 2013-10-09 01:34 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-09-23 01:27 - 2013-10-09 01:33 - 14335488 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-09-23 00:55 - 2013-10-09 01:36 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-09-23 00:55 - 2013-10-09 01:36 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-09-23 00:55 - 2013-10-09 01:35 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-09-23 00:54 - 2013-10-09 01:36 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-09-23 00:54 - 2013-10-09 01:36 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-09-23 00:54 - 2013-10-09 01:35 - 19252224 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-09-23 00:54 - 2013-10-09 01:35 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-09-23 00:54 - 2013-10-09 01:34 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-09-23 00:54 - 2013-10-09 01:34 - 02647552 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-09-20 23:51 - 2013-09-20 22:18 - 229577206 _____ C:\Users\Marci\Desktop\3096 tage Natascha Kampusch.mp4
2013-09-20 21:29 - 2013-09-20 21:29 - 00000000 ____D C:\ProgramData\Intenium
2013-09-20 20:11 - 2013-09-20 20:11 - 00000000 ____D C:\Users\Public\Documents\intenium
2013-09-20 20:10 - 2013-09-20 20:10 - 00000000 ____D C:\Program Files (x86)\OXXOGames
2013-09-19 19:40 - 2013-09-19 18:20 - 261567936 _____ C:\Users\Marci\Desktop\50 erste dates.mp4

Some content of TEMP:
====================
C:\Users\Marci\AppData\Local\Temp\AutoRun.exe
C:\Users\Marci\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Marci\AppData\Local\Temp\COMAP.EXE
C:\Users\Marci\AppData\Local\Temp\eauninstall.exe
C:\Users\Marci\AppData\Local\Temp\icqsetup.exe
C:\Users\Marci\AppData\Local\Temp\ICReinstall_ZipExtractorSetup.exe
C:\Users\Marci\AppData\Local\Temp\IminentSetup.exe
C:\Users\Marci\AppData\Local\Temp\mfc80.dll
C:\Users\Marci\AppData\Local\Temp\mfc80u.dll
C:\Users\Marci\AppData\Local\Temp\mfcm80.dll
C:\Users\Marci\AppData\Local\Temp\mfcm80u.dll
C:\Users\Marci\AppData\Local\Temp\msvcm80.dll
C:\Users\Marci\AppData\Local\Temp\msvcp80.dll
C:\Users\Marci\AppData\Local\Temp\msvcr80.dll
C:\Users\Marci\AppData\Local\Temp\Need for Speed Underground 2_uninst.exe
C:\Users\Marci\AppData\Local\Temp\OSU.exe
C:\Users\Marci\AppData\Local\Temp\Quarantine.exe
C:\Users\Marci\AppData\Local\Temp\SHSetup.exe
C:\Users\Marci\AppData\Local\Temp\Softonic_chr_1-8-19-3.exe
C:\Users\Marci\AppData\Local\Temp\SP59485.exe
C:\Users\Marci\AppData\Local\Temp\uninst1.exe
C:\Users\Marci\AppData\Local\Temp\Uninstaller.exe
C:\Users\Marci\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Marci\AppData\Local\Temp\VersionUpdater.exe
C:\Users\Marci\AppData\Local\Temp\vlc-2.0.6-win32.exe
C:\Users\Marci\AppData\Local\Temp\vlc-2.0.7-win32.exe
C:\Users\Marci\AppData\Local\Temp\vlc-2.0.8-win32.exe
C:\Users\Marci\AppData\Local\Temp\WtgDriverInstallX.dll
C:\Users\Marci\AppData\Local\Temp\WTGXMLUtil.dll
C:\Users\Marci\AppData\Local\Temp\WtgZip.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-09 12:19

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

malwareantimalware bytes lief au gestern jedoch ohne funde habe davor gescannt (am selben tag) und hattte ca 900 malware aufm rechner die ich wohl alle entfernt habe

die aktuelle log von malware antimalwarebytes :

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.10.09.06

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16721
Marci :: A_C_A_B [Administrator]

16.10.2013 12:41:29
mbam-log-2013-10-16 (12-41-29).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 203382
Laufzeit: 10 Minute(n), 14 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\Marci\AppData\Local\Temp\is1590112554\59830249_stp\wajam_validate.exe (PUP.Optional.Wajam) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 8 x64
Ran by Marci on 16.10.2013 at 12:45:55,98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL\\Default
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\searchURL\\Default
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\searchURL\\Default

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1511230306-1648634698-1318965908-1001\Software\SweetIM
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{79AE7379-BD08-4A58-A721-555A606B024F}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{87554C62-FF35-4958-974F-FF2A79AF514E}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{79AE7379-BD08-4A58-A721-555A606B024F}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\Internet Explorer\SearchScopes\{79AE7379-BD08-4A58-A721-555A606B024F}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{79AE7379-BD08-4A58-A721-555A606B024F}

~~~ Files

~~~ Folders

Failed to delete: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\Users\Marci\AppData\Roaming\pluswinks"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"

~~~ FireFox

Successfully deleted the following from C:\Users\Marci\AppData\Roaming\mozilla\firefox\profiles\rukj03bx.default\prefs.js

user_pref("browser.newtab.url", "hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=7ab7c4a7-6aad-b7c0-4a51-1346993e4708&searchtype=nt&installDate=11/10
user_pref("keyword.URL", "hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=7ab7c4a7-6aad-b7c0-4a51-1346993e4708&searchtype=ds&installDate=11/10/2013&q
Emptied folder: C:\Users\Marci\AppData\Roaming\mozilla\firefox\profiles\rukj03bx.default\minidumps [2 files]

~~~ Chrome

Successfully deleted: [Folder] C:\Users\Marci\appdata\local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.10.2013 at 13:07:04,15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

so das müsste alles sein was du wolltest oder?

schrauber · 16.10.2013, 13:38

frisches FRST log nach all diesen Scans

a_c_a_b11 · 17.10.2013, 00:18

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Marci (administrator) on A_C_A_B on 17-10-2013 01:14:48
Running from C:\Users\Marci\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\windows\system32\atiesrxx.exe
(AMD) C:\windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Microsoft Corporation) C:\windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16683_none_62280e15510f8e79\TiWorker.exe
(Microsoft Corporation) C:\windows\system32\msiexec.exe
(Google Inc.) C:\Users\Marci\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marci\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marci\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marci\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marci\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] - rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1807272 2013-07-27] (Valve Corporation)
HKCU\...\Run: [Google Update] - C:\Users\Marci\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-10] (Google Inc.)
MountPoints2: {1d08d3fa-0eef-11e3-be8a-4c72b9720860} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {5514cf13-90c3-11e2-be6e-001e101fbe27} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {6b0b6370-8f65-11e2-be6c-4c72b9720860} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {6b0b63cd-8f65-11e2-be6c-4c72b9720860} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {8920b946-c943-11e2-be74-4c72b9720860} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {8920b999-c943-11e2-be74-4c72b9720860} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {8920b9b8-c943-11e2-be74-4c72b9720860} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {8920b9d2-c943-11e2-be74-4c72b9720860} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {8920bab2-c943-11e2-be74-4c72b9720860} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {8920bacf-c943-11e2-be74-4c72b9720860} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {ee115b6b-cae3-11e2-be75-001e101fe13a} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {ee115baf-cae3-11e2-be75-001e101fe13a} - "G:\.\Setup.exe" AUTORUN=1
MountPoints2: {ee115ddc-cae3-11e2-be75-001e101fe13a} - "G:\.\Setup.exe" AUTORUN=1
HKLM-x32\...\Run: [StartCCC] - c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/?gws_rd=cr&ei=SntdUufUAomGtAbHpYGgDw
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQDSK13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQDSK13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/CQDSK13/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQDSK13/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/CQDSK13/4
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CPDTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CPDTDFJS
SearchScopes: HKLM - {79AE7379-BD08-4A58-A721-555A606B024F} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {79AE7379-BD08-4A58-A721-555A606B024F} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CPDTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CPDTDFJS
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU -  No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Marci\AppData\Roaming\Mozilla\Firefox\Profiles\rukj03bx.default
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Marci\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Marci\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Marci\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome: 
=======
CHR HomePage: hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=7ab7c4a7-6aad-b7c0-4a51-1346993e4708&searchtype=hp&installDate=11/10/2013
CHR RestoreOnStartup: "hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=7ab7c4a7-6aad-b7c0-4a51-1346993e4708&searchtype=hp&installDate=11/10/2013"
CHR Extension: (Google Docs) - C:\Users\Marci\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Marci\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Marci\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Marci\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Gmail) - C:\Users\Marci\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 ALDITALKVerbindungsassistent_Service; C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe [358968 2013-10-07] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [137960 2013-08-30] (AVAST Software)
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R1 aswFW; C:\Windows\System32\Drivers\aswFW.sys [131232 2013-08-30] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswNdisFlt; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [276992 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [138752 2013-03-18] (Huawei Technologies Co., Ltd.)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-16 13:07 - 2013-10-16 13:07 - 00002995 _____ C:\Users\Marci\Desktop\JRT.txt
2013-10-16 12:45 - 2013-10-16 12:45 - 00000000 ____D C:\windows\ERUNT
2013-10-16 12:44 - 2013-10-16 12:45 - 01033335 _____ (Thisisu) C:\Users\Marci\Downloads\JRT.exe
2013-10-16 12:17 - 2013-10-16 12:17 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-10-16 12:17 - 2013-10-16 12:17 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-10-16 11:41 - 2013-10-16 11:42 - 00023058 _____ C:\Users\Marci\Desktop\Addition.txt
2013-10-16 11:38 - 2013-10-16 11:38 - 00000000 ____D C:\FRST
2013-10-16 11:36 - 2013-10-16 11:36 - 01954124 _____ (Farbar) C:\Users\Marci\Desktop\FRST64.exe
2013-10-16 11:35 - 2013-10-16 11:35 - 00753504 _____ C:\Users\Marci\Downloads\ZipExtractorSetup.exe
2013-10-15 18:56 - 2013-10-15 18:58 - 00000000 ____D C:\AdwCleaner
2013-10-15 18:55 - 2013-10-15 18:55 - 01048960 _____ C:\Users\Marci\Downloads\adwcleaner_3.0.0.7.exe
2013-10-15 18:39 - 2013-10-15 18:39 - 00001080 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-10-15 17:01 - 2013-10-15 17:01 - 00000000 _____ C:\autoexec.bat
2013-10-15 17:00 - 2013-10-15 18:05 - 00000000 ____D C:\windows\037F8C0EE8E1408FABB4FC4ABF947E1B.TMP
2013-10-15 17:00 - 2013-10-15 18:05 - 00000000 ____D C:\sh4ldr
2013-10-15 17:00 - 2013-10-15 17:00 - 00003324 _____ C:\windows\System32\Tasks\SpyHunter4Startup
2013-10-15 17:00 - 2013-10-15 17:00 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-10-15 16:25 - 2013-10-15 16:26 - 00426960 _____ C:\windows\system32\FNTCACHE.DAT
2013-10-15 15:26 - 2013-10-15 15:26 - 00000000 ____D C:\windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-10-15 15:22 - 2013-10-15 15:22 - 00000000 ____D C:\Program Files\Microsoft Office
2013-10-15 15:22 - 2013-10-15 15:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-10-15 15:21 - 2013-10-16 12:31 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-15 15:21 - 2013-10-15 15:21 - 00000000 ____D C:\Users\Marci\AppData\Local\Microsoft Help
2013-10-15 15:20 - 2013-10-15 15:20 - 00000000 __RHD C:\MSOCache
2013-10-15 15:01 - 2013-10-15 16:30 - 00000000 ____D C:\Users\Marci\Desktop\Berichtsheft
2013-10-14 13:55 - 2013-10-14 14:15 - 00000000 ____D C:\Users\Marci\Desktop\caddy
2013-10-14 11:34 - 2013-08-10 07:21 - 00448512 _____ (Microsoft Corporation) C:\windows\system32\SettingSync.dll
2013-10-14 11:34 - 2013-08-10 07:21 - 00128512 _____ (Microsoft Corporation) C:\windows\system32\SettingSyncInfo.dll
2013-10-14 11:34 - 2013-08-10 05:58 - 00356352 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSync.dll
2013-10-14 11:34 - 2013-08-03 08:40 - 01374208 _____ (Microsoft Corporation) C:\windows\system32\wdc.dll
2013-10-14 11:34 - 2013-08-03 08:40 - 00566784 _____ (Microsoft Corporation) C:\windows\system32\wvc.dll
2013-10-14 11:34 - 2013-08-03 08:40 - 00462336 _____ (Microsoft Corporation) C:\windows\system32\sysmon.ocx
2013-10-14 11:34 - 2013-08-03 07:14 - 00399360 _____ (Microsoft Corporation) C:\windows\SysWOW64\sysmon.ocx
2013-10-14 11:34 - 2013-08-03 07:13 - 01245696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdc.dll
2013-10-14 11:34 - 2013-08-03 07:13 - 00437248 _____ (Microsoft Corporation) C:\windows\SysWOW64\wvc.dll
2013-10-14 11:34 - 2013-08-02 08:28 - 19758080 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2013-10-14 11:34 - 2013-08-02 08:28 - 10116608 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2013-10-14 11:34 - 2013-08-02 08:28 - 00222208 _____ (Microsoft Corporation) C:\windows\system32\shdocvw.dll
2013-10-14 11:34 - 2013-08-02 08:26 - 02304512 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2013-10-14 11:34 - 2013-08-02 07:08 - 17561088 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2013-10-14 11:34 - 2013-08-02 07:08 - 08858112 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2013-10-14 11:34 - 2013-08-02 07:08 - 00199168 _____ (Microsoft Corporation) C:\windows\SysWOW64\shdocvw.dll
2013-10-14 11:34 - 2013-08-02 07:06 - 02035712 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2013-10-14 11:34 - 2013-08-01 12:41 - 02233688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2013-10-14 11:34 - 2013-07-31 01:30 - 00386923 _____ C:\windows\system32\ApnDatabase.xml
2013-10-14 11:34 - 2013-07-25 01:10 - 00158208 _____ (Microsoft Corporation) C:\windows\SysWOW64\mbsmsapi.dll
2013-10-14 11:34 - 2013-07-25 01:06 - 00225280 _____ (Microsoft Corporation) C:\windows\system32\mbsmsapi.dll
2013-10-14 11:34 - 2013-04-10 01:17 - 01125888 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2013-10-14 11:34 - 2013-04-10 00:29 - 00893952 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2013-10-12 12:12 - 2013-10-12 16:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-11 15:04 - 2013-10-16 16:30 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-10-11 15:04 - 2013-10-11 15:04 - 00003772 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-10-11 15:04 - 2013-10-11 15:04 - 00000000 ____D C:\ProgramData\McAfee
2013-10-11 14:57 - 2013-10-11 14:57 - 00001161 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-11 14:47 - 2013-10-11 14:47 - 00000000 ____D C:\Users\Marci\AppData\Roaming\TuneUp Software
2013-10-11 14:45 - 2013-10-11 14:47 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-10-11 14:45 - 2013-10-11 14:45 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-10-11 13:30 - 2013-10-11 13:30 - 00000000 ____D C:\Users\Marci\Documents\My Cheat Tables
2013-10-10 11:53 - 2013-10-10 11:53 - 00002340 _____ C:\Users\Marci\Desktop\Google Chrome.lnk
2013-10-10 11:53 - 2013-10-10 11:53 - 00000000 ____D C:\Users\Marci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-10-10 11:52 - 2013-10-16 16:12 - 00001136 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1511230306-1648634698-1318965908-1001UA.job
2013-10-10 11:52 - 2013-10-16 12:12 - 00001084 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1511230306-1648634698-1318965908-1001Core.job
2013-10-10 11:52 - 2013-10-11 12:07 - 00004082 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1511230306-1648634698-1318965908-1001UA
2013-10-10 11:52 - 2013-10-11 12:07 - 00003702 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1511230306-1648634698-1318965908-1001Core
2013-10-10 10:03 - 2013-10-02 03:38 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-10-10 10:03 - 2013-10-02 03:38 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 01:36 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-10-09 01:36 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-10-09 01:36 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-10-09 01:36 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-10-09 01:36 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-10-09 01:36 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-10-09 01:36 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-10-09 01:36 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-10-09 01:36 - 2013-07-06 02:15 - 00652288 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2013-10-09 01:36 - 2013-07-04 04:13 - 00541696 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2013-10-09 01:36 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2013-10-09 01:36 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2013-10-09 01:36 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-10-09 01:36 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-10-09 01:36 - 2013-04-29 00:28 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2013-10-09 01:36 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-10-09 01:36 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-10-09 01:36 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-10-09 01:36 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-10-09 01:36 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2013-10-09 01:36 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-10-09 01:36 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-10-09 01:35 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-10-09 01:35 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-10-09 01:35 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-10-09 01:35 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-10-09 01:35 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-10-09 01:34 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-10-09 01:34 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-10-09 01:34 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-10-09 01:34 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-10-09 01:34 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-10-09 01:33 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-10-09 01:31 - 2013-06-22 07:45 - 00785624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Wdf01000.sys
2013-10-09 01:31 - 2013-06-22 07:45 - 00054488 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdfLdr.sys
2013-10-09 01:30 - 2013-08-23 07:11 - 04040192 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-10-09 01:30 - 2013-07-20 00:13 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 01:30 - 2013-07-20 00:13 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 01:30 - 2013-07-06 00:02 - 00099328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbcir.sys
2013-10-09 01:30 - 2013-07-02 03:41 - 00447320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBHUB3.SYS
2013-10-09 01:30 - 2013-07-02 03:41 - 00337752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBXHCI.SYS
2013-10-09 01:30 - 2013-07-02 03:41 - 00213336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\UCX01000.SYS
2013-10-09 01:30 - 2013-07-02 00:14 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbprint.sys
2013-10-09 01:30 - 2013-07-01 03:42 - 00623448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2013-10-09 01:30 - 2013-07-01 03:42 - 00498008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2013-10-09 01:30 - 2013-07-01 03:42 - 00079192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2013-10-09 01:30 - 2013-07-01 03:42 - 00021848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2013-10-09 01:30 - 2013-06-29 05:08 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2013-10-09 01:30 - 2013-06-29 05:07 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2013-10-09 01:30 - 2013-06-29 05:07 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2013-10-09 01:30 - 2013-06-29 05:06 - 00120832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2013-10-09 01:30 - 2013-05-27 01:17 - 00035328 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2013-10-09 01:30 - 2013-05-27 00:59 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2013-10-09 01:30 - 2013-05-25 05:15 - 00362496 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2013-10-09 01:30 - 2013-05-25 04:32 - 00300032 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2013-10-08 02:07 - 2013-10-08 02:08 - 00000000 ____D C:\Users\Marci\Desktop\Neuer Ordner
2013-10-08 02:04 - 2013-08-16 07:41 - 00058200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dam.sys
2013-10-08 02:04 - 2013-08-16 07:39 - 02371728 _____ (Microsoft Corporation) C:\windows\system32\WSService.dll
2013-10-08 02:04 - 2013-08-16 07:39 - 00059416 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2013-10-08 02:04 - 2013-08-16 07:32 - 00209200 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2013-10-08 02:04 - 2013-08-16 07:22 - 04917760 _____ (Microsoft Corporation) C:\windows\system32\sppsvc.exe
2013-10-08 02:04 - 2013-08-16 07:22 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2013-10-08 02:04 - 2013-08-16 07:21 - 03275776 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 01621504 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 01164288 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00773120 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00688640 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00368640 _____ (Microsoft Corporation) C:\windows\system32\sppwinob.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00252416 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00204800 _____ (Microsoft Corporation) C:\windows\system32\WSClient.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00183808 _____ (Microsoft Corporation) C:\windows\system32\WSSync.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00174592 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00142848 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00120320 _____ (Microsoft Corporation) C:\windows\system32\sppc.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00099328 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\setupcln.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00049664 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2013-10-08 02:04 - 2013-08-16 07:21 - 00049152 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2013-10-08 02:04 - 2013-08-16 07:20 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2013-10-08 02:04 - 2013-08-16 00:43 - 00628736 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2013-10-08 02:04 - 2013-08-16 00:43 - 00562688 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2013-10-08 02:04 - 2013-08-16 00:43 - 00167424 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSClient.dll
2013-10-08 02:04 - 2013-08-16 00:43 - 00159232 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSSync.dll
2013-10-08 02:04 - 2013-08-16 00:43 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-10-08 02:04 - 2013-08-16 00:43 - 00126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2013-10-08 02:04 - 2013-08-16 00:43 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-10-08 02:04 - 2013-08-16 00:43 - 00084992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2013-10-08 02:04 - 2013-08-16 00:43 - 00083968 _____ C:\windows\SysWOW64\OEMLicense.dll
2013-10-08 02:04 - 2013-08-16 00:43 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2013-10-08 02:04 - 2013-08-16 00:43 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2013-10-08 02:04 - 2013-08-16 00:42 - 00091648 _____ (Microsoft Corporation) C:\windows\SysWOW64\sppc.dll
2013-10-08 02:04 - 2013-08-16 00:42 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\setupcln.dll
2013-10-08 02:01 - 2013-07-09 10:04 - 00120144 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msgpioclx.sys
2013-10-08 02:01 - 2013-07-09 08:18 - 00439488 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2013-10-08 02:01 - 2013-07-09 06:25 - 00385768 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2013-10-08 02:01 - 2013-07-09 05:57 - 00245760 _____ (Microsoft Corporation) C:\windows\SysWOW64\LocationApi.dll
2013-10-08 02:01 - 2013-07-09 00:46 - 00543744 _____ (Microsoft Corporation) C:\windows\system32\wwanmm.dll
2013-10-08 02:01 - 2013-07-09 00:46 - 00414208 _____ (Microsoft Corporation) C:\windows\system32\wwanconn.dll
2013-10-08 02:01 - 2013-07-09 00:46 - 00370688 _____ (Microsoft Corporation) C:\windows\system32\Wwanadvui.dll
2013-10-08 02:01 - 2013-07-09 00:45 - 00312832 _____ (Microsoft Corporation) C:\windows\system32\LocationApi.dll
2013-10-08 02:01 - 2013-07-06 02:16 - 01025024 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2013-10-08 02:01 - 2013-07-03 02:23 - 00778752 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2013-10-08 02:01 - 2013-07-03 02:23 - 00391168 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-10-08 02:01 - 2013-07-03 02:22 - 02839552 _____ (Microsoft Corporation) C:\windows\system32\msftedit.dll
2013-10-08 02:01 - 2013-07-03 02:22 - 01300480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2013-10-08 02:01 - 2013-07-03 02:11 - 00551424 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2013-10-08 02:01 - 2013-07-03 02:11 - 00268800 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-10-08 02:01 - 2013-07-03 02:10 - 02273792 _____ (Microsoft Corporation) C:\windows\SysWOW64\msftedit.dll
2013-10-08 02:01 - 2013-07-01 00:30 - 00067072 _____ (Microsoft Corporation) C:\windows\SysWOW64\openfiles.exe
2013-10-08 02:01 - 2013-07-01 00:29 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\openfiles.exe
2013-10-08 02:01 - 2013-06-29 08:15 - 00195416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys
2013-10-08 02:01 - 2013-06-29 08:15 - 00125784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dumpsd.sys
2013-10-08 02:01 - 2013-06-29 07:43 - 00327512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys
2013-10-08 02:01 - 2013-06-29 03:12 - 01022464 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2013-10-08 02:01 - 2013-06-26 05:01 - 00321536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\udfs.sys
2013-10-08 02:01 - 2013-06-26 04:59 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\HdAudio.sys
2013-10-08 02:01 - 2013-06-25 00:54 - 00447488 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2013-10-08 02:01 - 2013-06-25 00:54 - 00263680 _____ (Microsoft Corporation) C:\windows\system32\wcmsvc.dll
2013-10-08 02:01 - 2013-06-25 00:54 - 00074240 _____ (Microsoft Corporation) C:\windows\system32\wcmcsp.dll
2013-10-08 02:01 - 2013-06-19 07:36 - 00183808 _____ (Microsoft Corporation) C:\windows\system32\winmmbase.dll
2013-10-08 02:01 - 2013-06-19 07:36 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\winmm.dll
2013-10-08 02:01 - 2013-06-19 00:38 - 00160256 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmmbase.dll
2013-10-08 02:01 - 2013-06-19 00:38 - 00125440 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmm.dll
2013-10-08 02:01 - 2013-06-12 01:43 - 00154112 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinSCard.dll
2013-10-08 02:01 - 2013-06-12 01:26 - 00230912 _____ (Microsoft Corporation) C:\windows\system32\WinSCard.dll
2013-10-08 02:01 - 2013-06-10 23:17 - 00096512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wfplwfs.sys
2013-10-08 02:01 - 2013-06-10 21:16 - 00888832 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2013-10-08 02:01 - 2013-06-10 21:15 - 01156096 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2013-10-08 02:01 - 2013-06-10 21:15 - 00723968 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
2013-10-08 02:01 - 2013-06-10 21:15 - 00381952 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2013-10-08 02:01 - 2013-06-10 21:10 - 00702464 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2013-10-08 02:01 - 2013-06-10 21:10 - 00245248 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2013-10-08 02:01 - 2013-06-06 10:03 - 00119040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBSTOR.SYS
2013-10-08 02:00 - 2013-08-07 07:15 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\tssdisai.dll
2013-10-07 01:59 - 2013-10-07 01:59 - 00002100 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2013-10-02 22:31 - 2013-10-07 01:16 - 00000000 ____D C:\Users\Marci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maxis
2013-10-02 22:13 - 2013-10-02 22:13 - 00000000 ____D C:\Program Files (x86)\Maxis
2013-09-27 16:24 - 2013-10-15 16:25 - 00335934 _____ C:\windows\PFRO.log
2013-09-27 16:09 - 2013-09-27 16:09 - 00000000 ____D C:\Users\Marci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinISD Pro [alpha]
2013-09-27 16:08 - 2013-09-27 16:08 - 00000000 ____D C:\Users\Marci\AppData\Local\avgchrome
2013-09-27 16:08 - 2013-09-27 16:08 - 00000000 ____D C:\Program Files (x86)\Linearteam
2013-09-20 22:18 - 2013-09-20 23:51 - 229577206 _____ C:\Users\Marci\Desktop\3096 tage Natascha Kampusch.mp4
2013-09-20 21:29 - 2013-09-20 21:29 - 00000000 ____D C:\ProgramData\Intenium
2013-09-20 20:11 - 2013-09-20 20:11 - 00000000 ____D C:\Users\Public\Documents\intenium
2013-09-20 20:10 - 2013-09-20 20:10 - 00000000 ____D C:\Program Files (x86)\OXXOGames
2013-09-19 18:20 - 2013-09-19 19:40 - 261567936 _____ C:\Users\Marci\Desktop\50 erste dates.mp4

==================== One Month Modified Files and Folders =======

2013-10-17 01:12 - 2012-07-26 10:12 - 00000000 ____D C:\windows\system32\sru
2013-10-16 16:30 - 2013-10-11 15:04 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-10-16 16:12 - 2013-10-10 11:52 - 00001136 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1511230306-1648634698-1318965908-1001UA.job
2013-10-16 16:06 - 2013-06-12 00:40 - 00001124 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-16 13:07 - 2013-10-16 13:07 - 00002995 _____ C:\Users\Marci\Desktop\JRT.txt
2013-10-16 13:07 - 2013-03-18 08:33 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1511230306-1648634698-1318965908-1001
2013-10-16 13:06 - 2013-06-12 00:40 - 00001120 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-16 12:53 - 2012-09-26 03:42 - 00745562 _____ C:\windows\system32\perfh007.dat
2013-10-16 12:53 - 2012-09-26 03:42 - 00169488 _____ C:\windows\system32\perfc007.dat
2013-10-16 12:53 - 2012-07-26 09:28 - 01752656 _____ C:\windows\system32\PerfStringBackup.INI
2013-10-16 12:50 - 2013-07-01 12:29 - 00000000 ____D C:\ProgramData\YTD Video Downloader
2013-10-16 12:45 - 2013-10-16 12:45 - 00000000 ____D C:\windows\ERUNT
2013-10-16 12:45 - 2013-10-16 12:44 - 01033335 _____ (Thisisu) C:\Users\Marci\Downloads\JRT.exe
2013-10-16 12:42 - 2013-03-18 08:26 - 01203481 _____ C:\windows\WindowsUpdate.log
2013-10-16 12:31 - 2013-10-15 15:21 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-16 12:22 - 2012-07-26 10:12 - 00000000 ____D C:\windows\rescache
2013-10-16 12:17 - 2013-10-16 12:17 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-10-16 12:17 - 2013-10-16 12:17 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-10-16 12:14 - 2012-07-26 07:26 - 00000167 _____ C:\windows\win.ini
2013-10-16 12:12 - 2013-10-10 11:52 - 00001084 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1511230306-1648634698-1318965908-1001Core.job
2013-10-16 11:42 - 2013-10-16 11:41 - 00023058 _____ C:\Users\Marci\Desktop\Addition.txt
2013-10-16 11:38 - 2013-10-16 11:38 - 00000000 ____D C:\FRST
2013-10-16 11:36 - 2013-10-16 11:36 - 01954124 _____ (Farbar) C:\Users\Marci\Desktop\FRST64.exe
2013-10-16 11:35 - 2013-10-16 11:35 - 00753504 _____ C:\Users\Marci\Downloads\ZipExtractorSetup.exe
2013-10-15 19:00 - 2013-03-19 13:39 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2013-10-15 18:59 - 2012-07-26 09:22 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-10-15 18:58 - 2013-10-15 18:56 - 00000000 ____D C:\AdwCleaner
2013-10-15 18:58 - 2012-07-26 07:26 - 00262144 ___SH C:\windows\system32\config\BBI
2013-10-15 18:55 - 2013-10-15 18:55 - 01048960 _____ C:\Users\Marci\Downloads\adwcleaner_3.0.0.7.exe
2013-10-15 18:40 - 2013-03-19 00:31 - 00000000 ____D C:\Users\Marci\AppData\Roaming\vlc
2013-10-15 18:39 - 2013-10-15 18:39 - 00001080 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-10-15 18:05 - 2013-10-15 17:00 - 00000000 ____D C:\windows\037F8C0EE8E1408FABB4FC4ABF947E1B.TMP
2013-10-15 18:05 - 2013-10-15 17:00 - 00000000 ____D C:\sh4ldr
2013-10-15 17:01 - 2013-10-15 17:01 - 00000000 _____ C:\autoexec.bat
2013-10-15 17:00 - 2013-10-15 17:00 - 00003324 _____ C:\windows\System32\Tasks\SpyHunter4Startup
2013-10-15 17:00 - 2013-10-15 17:00 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-10-15 16:30 - 2013-10-15 15:01 - 00000000 ____D C:\Users\Marci\Desktop\Berichtsheft
2013-10-15 16:27 - 2013-03-18 08:27 - 00000000 ___RD C:\Users\Marci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-15 16:27 - 2013-03-18 08:27 - 00000000 ___RD C:\Users\Marci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-15 16:26 - 2013-10-15 16:25 - 00426960 _____ C:\windows\system32\FNTCACHE.DAT
2013-10-15 16:25 - 2013-09-27 16:24 - 00335934 _____ C:\windows\PFRO.log
2013-10-15 16:25 - 2013-03-18 22:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-15 16:24 - 2012-07-26 10:12 - 00000000 ___RD C:\windows\ToastData
2013-10-15 16:10 - 2012-09-25 19:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-10-15 15:34 - 2012-07-26 11:45 - 00000000 ____D C:\windows\ShellNew
2013-10-15 15:28 - 2013-06-03 08:52 - 00000000 ____D C:\Users\Marci\AppData\Local\Mozilla
2013-10-15 15:26 - 2013-10-15 15:26 - 00000000 ____D C:\windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-10-15 15:25 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-10-15 15:22 - 2013-10-15 15:22 - 00000000 ____D C:\Program Files\Microsoft Office
2013-10-15 15:22 - 2013-10-15 15:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-10-15 15:21 - 2013-10-15 15:21 - 00000000 ____D C:\Users\Marci\AppData\Local\Microsoft Help
2013-10-15 15:20 - 2013-10-15 15:20 - 00000000 __RHD C:\MSOCache
2013-10-15 15:04 - 2013-05-29 11:04 - 00000052 _____ C:\windows\SysWOW64\DOErrors.log
2013-10-15 15:03 - 2013-05-29 11:04 - 00000000 _____ C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-10-15 13:01 - 2013-06-12 00:40 - 00004096 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-15 13:01 - 2013-06-12 00:40 - 00003860 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-15 12:39 - 2012-07-26 10:12 - 00000000 ____D C:\windows\AUInstallAgent
2013-10-14 14:15 - 2013-10-14 13:55 - 00000000 ____D C:\Users\Marci\Desktop\caddy
2013-10-12 16:45 - 2013-10-12 12:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-12 11:32 - 2013-03-18 22:56 - 00000000 ____D C:\Users\Marci\AppData\Local\Thunderbird
2013-10-11 15:05 - 2013-06-03 10:29 - 00000000 ____D C:\Users\Marci\AppData\Local\Adobe
2013-10-11 15:04 - 2013-10-11 15:04 - 00003772 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-10-11 15:04 - 2013-10-11 15:04 - 00000000 ____D C:\ProgramData\McAfee
2013-10-11 14:57 - 2013-10-11 14:57 - 00001161 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-11 14:57 - 2013-07-01 12:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-11 14:47 - 2013-10-11 14:47 - 00000000 ____D C:\Users\Marci\AppData\Roaming\TuneUp Software
2013-10-11 14:47 - 2013-10-11 14:45 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-10-11 14:45 - 2013-10-11 14:45 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-10-11 13:30 - 2013-10-11 13:30 - 00000000 ____D C:\Users\Marci\Documents\My Cheat Tables
2013-10-11 12:07 - 2013-10-10 11:52 - 00004082 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1511230306-1648634698-1318965908-1001UA
2013-10-11 12:07 - 2013-10-10 11:52 - 00003702 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1511230306-1648634698-1318965908-1001Core
2013-10-10 11:53 - 2013-10-10 11:53 - 00002340 _____ C:\Users\Marci\Desktop\Google Chrome.lnk
2013-10-10 11:53 - 2013-10-10 11:53 - 00000000 ____D C:\Users\Marci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-10-10 11:52 - 2013-06-12 00:39 - 00000000 ____D C:\Users\Marci\AppData\Local\Google
2013-10-10 11:51 - 2013-06-12 00:39 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-10 10:00 - 2012-07-26 10:12 - 00000000 ____D C:\windows\WinStore
2013-10-10 10:00 - 2012-07-26 10:12 - 00000000 ____D C:\windows\PolicyDefinitions
2013-10-10 10:00 - 2012-07-26 07:38 - 00000000 ____D C:\windows\system32\oobe
2013-10-09 12:33 - 2013-08-09 15:54 - 00000000 ____D C:\windows\system32\MRT
2013-10-09 12:31 - 2013-03-19 12:11 - 80541720 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-10-09 02:10 - 2013-06-01 23:26 - 00000000 ____D C:\Users\Marci\AppData\Roaming\ALDITALKVerbindungsassistent
2013-10-08 02:08 - 2013-10-08 02:07 - 00000000 ____D C:\Users\Marci\Desktop\Neuer Ordner
2013-10-08 02:06 - 2013-07-12 22:17 - 00000000 ____D C:\Users\Marci\Desktop\Diverse Ordner
2013-10-07 02:05 - 2013-06-01 23:25 - 00000000 ____D C:\Program Files (x86)\ALDITALKVerbindungsassistent
2013-10-07 01:59 - 2013-10-07 01:59 - 00002100 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2013-10-07 01:24 - 2013-09-06 10:26 - 00001932 _____ C:\Users\Public\Desktop\avast! Internet Security.lnk
2013-10-07 01:24 - 2013-03-19 13:39 - 00000000 _____ C:\windows\SysWOW64\config.nt
2013-10-07 01:22 - 2013-03-18 08:26 - 00000000 ____D C:\Users\Marci
2013-10-07 01:21 - 2012-07-26 07:37 - 00000000 ____D C:\windows\servicing
2013-10-07 01:20 - 2012-07-26 10:12 - 00000000 ____D C:\windows\system32\spp
2013-10-07 01:20 - 2012-07-26 10:12 - 00000000 ____D C:\windows\L2Schemas
2013-10-07 01:20 - 2012-07-26 07:38 - 00000000 ____D C:\windows\system32\Sysprep
2013-10-07 01:19 - 2013-08-15 16:58 - 00000000 ____D C:\Users\Marci\Desktop\Spiele
2013-10-07 01:16 - 2013-10-02 22:31 - 00000000 ____D C:\Users\Marci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maxis
2013-10-07 01:15 - 2012-07-26 10:12 - 00000000 ____D C:\windows\registration
2013-10-02 22:13 - 2013-10-02 22:13 - 00000000 ____D C:\Program Files (x86)\Maxis
2013-10-02 03:38 - 2013-10-10 10:03 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-10-02 03:38 - 2013-10-10 10:03 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-27 16:09 - 2013-09-27 16:09 - 00000000 ____D C:\Users\Marci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinISD Pro [alpha]
2013-09-27 16:08 - 2013-09-27 16:08 - 00000000 ____D C:\Users\Marci\AppData\Local\avgchrome
2013-09-27 16:08 - 2013-09-27 16:08 - 00000000 ____D C:\Program Files (x86)\Linearteam
2013-09-23 01:28 - 2013-10-09 01:36 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-09-23 01:28 - 2013-10-09 01:36 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-09-23 01:27 - 2013-10-09 01:36 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-09-23 01:27 - 2013-10-09 01:36 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-09-23 01:27 - 2013-10-09 01:34 - 02876928 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-09-23 01:27 - 2013-10-09 01:34 - 02048512 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-09-23 01:27 - 2013-10-09 01:34 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-09-23 01:27 - 2013-10-09 01:33 - 14335488 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-09-23 00:55 - 2013-10-09 01:36 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-09-23 00:55 - 2013-10-09 01:36 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-09-23 00:55 - 2013-10-09 01:35 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-09-23 00:54 - 2013-10-09 01:36 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-09-23 00:54 - 2013-10-09 01:36 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-09-23 00:54 - 2013-10-09 01:35 - 19252224 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-09-23 00:54 - 2013-10-09 01:35 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-09-23 00:54 - 2013-10-09 01:34 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-09-23 00:54 - 2013-10-09 01:34 - 02647552 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-09-20 23:51 - 2013-09-20 22:18 - 229577206 _____ C:\Users\Marci\Desktop\3096 tage Natascha Kampusch.mp4
2013-09-20 21:29 - 2013-09-20 21:29 - 00000000 ____D C:\ProgramData\Intenium
2013-09-20 20:11 - 2013-09-20 20:11 - 00000000 ____D C:\Users\Public\Documents\intenium
2013-09-20 20:10 - 2013-09-20 20:10 - 00000000 ____D C:\Program Files (x86)\OXXOGames
2013-09-19 19:40 - 2013-09-19 18:20 - 261567936 _____ C:\Users\Marci\Desktop\50 erste dates.mp4

Some content of TEMP:
====================
C:\Users\Marci\AppData\Local\Temp\AutoRun.exe
C:\Users\Marci\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Marci\AppData\Local\Temp\COMAP.EXE
C:\Users\Marci\AppData\Local\Temp\eauninstall.exe
C:\Users\Marci\AppData\Local\Temp\icqsetup.exe
C:\Users\Marci\AppData\Local\Temp\ICReinstall_ZipExtractorSetup.exe
C:\Users\Marci\AppData\Local\Temp\IminentSetup.exe
C:\Users\Marci\AppData\Local\Temp\mfc80.dll
C:\Users\Marci\AppData\Local\Temp\mfc80u.dll
C:\Users\Marci\AppData\Local\Temp\mfcm80.dll
C:\Users\Marci\AppData\Local\Temp\mfcm80u.dll
C:\Users\Marci\AppData\Local\Temp\msvcm80.dll
C:\Users\Marci\AppData\Local\Temp\msvcp80.dll
C:\Users\Marci\AppData\Local\Temp\msvcr80.dll
C:\Users\Marci\AppData\Local\Temp\Need for Speed Underground 2_uninst.exe
C:\Users\Marci\AppData\Local\Temp\OSU.exe
C:\Users\Marci\AppData\Local\Temp\Quarantine.exe
C:\Users\Marci\AppData\Local\Temp\SHSetup.exe
C:\Users\Marci\AppData\Local\Temp\Softonic_chr_1-8-19-3.exe
C:\Users\Marci\AppData\Local\Temp\SP59485.exe
C:\Users\Marci\AppData\Local\Temp\uninst1.exe
C:\Users\Marci\AppData\Local\Temp\Uninstaller.exe
C:\Users\Marci\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Marci\AppData\Local\Temp\VersionUpdater.exe
C:\Users\Marci\AppData\Local\Temp\vlc-2.0.6-win32.exe
C:\Users\Marci\AppData\Local\Temp\vlc-2.0.7-win32.exe
C:\Users\Marci\AppData\Local\Temp\vlc-2.0.8-win32.exe
C:\Users\Marci\AppData\Local\Temp\WtgDriverInstallX.dll
C:\Users\Marci\AppData\Local\Temp\WTGXMLUtil.dll
C:\Users\Marci\AppData\Local\Temp\WtgZip.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-09 12:19

==================== End Of Log ============================

--- --- ---

schrauber · 17.10.2013, 11:36

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

a_c_a_b11 · 17.10.2013, 23:00

dat eset hängt sich d ganze zeit auf und macht ned vorwärts... -.-'

schrauber · 18.10.2013, 15:17

Lass ESET weg, mach nen Vollscan mit deinem AV Programm

a_c_a_b11 · 22.10.2013, 16:16

hey hab n vollscan gemacht geht aber immernoch ned zum einfach deinstallieren

schrauber · 23.10.2013, 06:45

Mach mal den Rest obiger Anleitung. Wo genau findest Du Snap.Do noch, nur unter installierte Programme oder auch auf dem Rechner selbst?

a_c_a_b11 · 23.10.2013, 23:20

nurnoch unter installierte programme... sonst eig nirgends hab doch alles gemahcht was mir empfohlen hattest oder brauchst du noch was wenn ja dann sag mir was dann mach ichs.... is doch kein ding

schrauber · 24.10.2013, 11:13

du hast ESET durch nen Scan mit deinem AV ersetzt, aber da oben stehen neben ESEt noch 2 Sachen in der Anleitung

16.10.2013, 13:38	#6
schrauber /// the machine /// TB-Ausbilder	snap.do lässt sich GAR NICHT deinstallieren frisches FRST log nach all diesen Scans __________________ --> snap.do lässt sich GAR NICHT deinstallieren

18.10.2013, 15:17	#10
schrauber /// the machine /// TB-Ausbilder	snap.do lässt sich GAR NICHT deinstallieren Lass ESET weg, mach nen Vollscan mit deinem AV Programm __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

23.10.2013, 06:45	#12
schrauber /// the machine /// TB-Ausbilder	snap.do lässt sich GAR NICHT deinstallieren Mach mal den Rest obiger Anleitung. Wo genau findest Du Snap.Do noch, nur unter installierte Programme oder auch auf dem Rechner selbst? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

24.10.2013, 11:13	#14
schrauber /// the machine /// TB-Ausbilder	snap.do lässt sich GAR NICHT deinstallieren du hast ESET durch nen Scan mit deinem AV ersetzt, aber da oben stehen neben ESEt noch 2 Sachen in der Anleitung __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

snap.do lässt sich GAR NICHT deinstallieren

Plagegeister aller Art und deren Bekämpfung: snap.do lässt sich GAR NICHT deinstallieren