Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
SafeSaver lässt sich nicht entfernen

SafeSaver lässt sich nicht entfernen


Log-Analyse und Auswertung: SafeSaver lässt sich nicht entfernen

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 03.01.2014, 20:06   #1
Terrenay
 
SafeSaver lässt sich nicht entfernen - Standard

SafeSaver lässt sich nicht entfernen


Hallo,
mein Bruder hat vor einigen Tagen, als er irgendein Programm heruntergeladen hat, nicht alle Häkchen bei den Zusatzprogrammen entfernt. Das heisst, er hat solche Adware-Programme heruntergeladen...
Das meiste (zB. NationZoom war eines davon) konnte ich entfernen, doch eines ist und bleibt zu hartnäckig für mich: SafeSaver. Ich hab in diesem Forum schon einige Threads zu diesem Addon-Ding gefunden, aber es steht ja in den Regeln, dass jede Infektion anders ist und man deshalb nicht die Ratschläge, die anderen Mitgliedern gegeben wurden, benutzen darf.
BTW: Der SafeSafer-"Virus" ist ein Addon, der auf so ziemlich allen Websites einfach irgendwelche Wörter in Links verwandelt, und wenn man über die Links fährt wird einem entweder "Click to Continue -> By SafeSaver" oder eine Werbebanner angezeigt. Auch vor YouTube-Videos kommen entsprechende Werbebanner.

Ja... Ich habe bereits recht viel versucht, um dieses Addon zu entfernen.. Soll heissen, ich hab versucht, es in der Systemsteuerung unter PROGRAMME zu finden (Ich find es aber nicht o_o), ich hab mehrmals Malwarebytes und AdwCleaner laufen gelassen (Vollscan, dauerte um die 2h), doch ich finde nie etwas.

Computer ist ein Windows 7 Home Premium, und ich benutze Google Chrome, falls das etwas nützt


Kann mir bitte jemand helfen, dieses nervige Addon zu entfernen?
Vielen Dank schon Mal

(Unten befindet sich noch ein Bild davon, wie dieser Thread mit oben genannten Links aussieht... weiss leider nicht, wie man hier spoiler erstellt, Tut mir Leid wenn das Bild zu gross sein sollte :[)


Geändert von Terrenay (03.01.2014 um 20:11 Uhr) Grund: Bild eingefügt

Alt 04.01.2014, 01:39   #2
aharonov
/// TB-Ausbilder
 
SafeSaver lässt sich nicht entfernen - Standard

SafeSaver lässt sich nicht entfernen


Hi,

mach bitte einen FRST-Scan:


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________
Alt 04.01.2014, 18:02   #3
Terrenay
 
SafeSaver lässt sich nicht entfernen - Standard

SafeSaver lässt sich nicht entfernen


Vielen Dank für die Hilfe schon mal!

FRST.txt:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2014
Ran by Sven (administrator) on MirjamZanetti on 04-01-2014 17:50:36
Running from C:\Users\Sven\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
() C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccsvchst.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Overwolf) C:\Program Files (x86)\Overwolf\Overwolf.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Zemi Interactive Inc.) C:\Program Files (x86)\Gameforge4D\4Story_DE\PrePatch.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(SPAMfighter ApS) C:\Program Files (x86)\Fighters\Tray\FightersTray.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccsvchst.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Perfect World Entertainment Inc) C:\Program Files (x86)\Perfect World Entertainment\Arc\Arc.exe
(Overwolf) C:\Program Files (x86)\Common Files\Overwolf\OverwolfHelper64.exe
(Perfect World Entertainment Inc) C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcBrowser.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-06-21] (Egis Technology Inc.)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [630912 2012-01-27] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Hotkey Utility] - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [636520 2012-02-07] ()
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [4StoryPrePatch] - C:\Program Files (x86)\Gameforge4D\4Story_DE\PrePatch.exe [327680 2013-02-19] (Zemi Interactive Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [408432 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202608 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] - C:\Program Files (x86)\BlueStacks\HD-Agent.exe [601928 2013-08-07] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [Arc] - C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcLauncher.exe [129384 2013-09-05] (Perfect World Entertainment)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] - C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare)
HKLM-x32\...\Run: [CommonToolkitTray] - C:\Program Files (x86)\Fighters\Tray\FightersTray.exe [1425952 2013-03-12] (SPAMfighter ApS)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3806544 2013-11-29] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20588704 2013-11-15] (Skype Technologies S.A.)
HKCU\...\Run: [Overwolf] - C:\Program Files (x86)\Overwolf\Overwolf.exe [35768 2013-12-09] (Overwolf)
HKCU\...\Policies\system: [DisableClock] 0
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKCU\...\Policies\Explorer: [NoFind] 0
HKCU\...\Policies\Explorer: [NoNetworkConnections] 0
HKCU\...\Policies\Explorer: [NoChangeStartMenu] 0
HKCU\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Policies\Explorer: [NoCommonGroups] 0
HKCU\...\Policies\Explorer: [NoSaveSettings] 0
HKCU\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
HKU\Mirjam Zanetti\...\Run: [Online Weather] - C:\Users\Mirjam Zanetti\AppData\Local\WebPlayer\Online Weather\WebPlayer.exe
HKU\Mirjam Zanetti\...\Run: [msnmsgr] - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4283256 2011-05-14] (Microsoft Corporation)
HKU\Mirjam Zanetti\...\Run: [SearchProtect] - C:\Users\Mirjam Zanetti\AppData\Roaming\SearchProtect\bin\cltmng.exe
HKU\Mirjam Zanetti\...\Policies\system: [DisableClock] 0
HKU\Mirjam Zanetti\...\Policies\system: [LogonHoursAction] 2
HKU\Mirjam Zanetti\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Tim\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20588704 2013-11-15] (Skype Technologies S.A.)
HKU\Tim\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
HKU\Tim\...\Run: [SearchProtect] - C:\Users\Tim\AppData\Roaming\SearchProtect\bin\cltmng.exe
HKU\Tim\...\Run: [BackgroundContainer] - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Tim\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION
HKU\Tim\...\Run: [Pokki] - C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
HKU\Tim\...\Run: [NextLive] - C:\Windows\SysWOW64\rundll32.exe "C:\Users\Tim\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\Tim\...\RunOnce: [Application Restart #1] - C:\Users\Tim\AppData\Local\Pokki\Engine\pokki.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Tim\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session
HKU\Tim\...\Policies\system: [DisableClock] 0
HKU\Tim\...\Policies\system: [LogonHoursAction] 2
HKU\Tim\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
AppInit_DLLs: C:\ProgramData\WinWeb protection\WinWebprotection_x64.dll [4717568 2013-12-31] ()
AppInit_DLLs-x32: c:\progra~3\networ~1\networ~1.dll c:\progra~3\filtel~1\filtel~1.dll c:\progra~3\accele~1\accele~1.dll   c:\progra~3\winfil~1\winfil~1.dll c:\progra~3\accele~2\accele~1.dll c:\progra~3\winweb~1\winweb~1.dll [4365312 2013-12-31] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.ch/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Fun2Saavee - {253C794B-8CCF-8F1F-FE17-FDC663583CF8} - C:\ProgramData\Fun2Saavee\fq_MxW4Tb.x64.dll No File
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coieplg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ips\ipsbho.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coieplg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\ngipf8qa.default
FF NetworkProxy: "type", 
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.10.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @eximion.com/KalydoPlayer - C:\Users\Sven\AppData\Roaming\Kalydo\KalydoPlayer\bin2\npkalydo.dll (Eximion B.V.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\ngipf8qa.default\Extensions\staged
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\IPSFF
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [12x3q4@3244516.com] - C:\Program Files (x86)\Better-Surf\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha629.net] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha629\ff

Chrome: 
=======
CHR HomePage: hxxp://google.ch/
CHR RestoreOnStartup: "hxxp://www.google.ch/"
CHR Extension: (Google Wallet) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR HKLM-x32\...\Chrome\Extension: [cfigonhgidedenkkhlilmefgodjpefna] - C:\Users\Tim\AppData\Local\CRE\cfigonhgidedenkkhlilmefgodjpefna.crx
CHR HKLM-x32\...\Chrome\Extension: [dbpebffoameokfhnaaedmefjncfboino] - C:\Program Files (x86)\SecretSauce\dbpebffoameokfhnaaedmefjncfboino.crx
CHR HKLM-x32\...\Chrome\Extension: [ealchnonpofjocgofjpopjdoegbbkofj] - C:\Program Files (x86)\HappyLyrics\Chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [fjadoaialeaepfndfhpoeeacjhfipfnn] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha629\ch\WebexpEnhancedV1alpha629.crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\Exts\Chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 03e661da; C:\Windows\system32\rundll32.exe [45568 2009-07-14] (Microsoft Corporation)
R2 03e661da; C:\Windows\SysWow64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation)
R2 3f0ddfac; C:\Windows\system32\rundll32.exe [45568 2009-07-14] (Microsoft Corporation)
R2 3f0ddfac; C:\Windows\SysWow64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation)
R2 5717af3d; C:\Windows\system32\rundll32.exe [45568 2009-07-14] (Microsoft Corporation)
R2 5717af3d; C:\Windows\SysWow64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation)
R2 671c50b0; C:\Windows\system32\rundll32.exe [45568 2009-07-14] (Microsoft Corporation)
R2 671c50b0; C:\Windows\SysWow64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation)
R2 89f7ebe4; C:\Windows\system32\rundll32.exe [45568 2009-07-14] (Microsoft Corporation)
R2 89f7ebe4; C:\Windows\SysWow64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation)
R2 8b68ee33; C:\Windows\system32\rundll32.exe [45568 2009-07-14] (Microsoft Corporation)
R2 8b68ee33; C:\Windows\SysWow64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation)
R2 a5a53867; C:\Windows\system32\rundll32.exe [45568 2009-07-14] (Microsoft Corporation)
R2 a5a53867; C:\Windows\SysWow64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation)
S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88424 2013-09-05] (Perfect World Entertainment Inc)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-08-07] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-08-07] (BlueStack Systems, Inc.)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [1868432 2012-12-24] ()
S2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [240736 2013-10-07] (WildTangent)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSvcHst.exe [143928 2012-10-10] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [5206008 2013-08-25] (INCA Internet Co., Ltd.)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [96184 2013-12-09] (Overwolf)

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20131101.003\BHDrvx64.sys [1524824 2013-10-23] (Symantec Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-08-07] (BlueStack Systems)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1402000.013\ccSetx64.sys [168096 2012-10-03] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-08-31] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [140376 2013-08-31] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20131106.001\IDSvia64.sys [521816 2013-10-28] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20131107.003\ENG64.SYS [126040 2013-11-06] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20131107.003\EX64.SYS [2099288 2013-11-06] (Symantec Corporation)
S3 SRTSP; C:\Windows\system32\drivers\NISx64\1402000.013\SRTSP64.SYS [776864 2012-10-08] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1402000.013\SRTSPX64.SYS [37496 2012-05-24] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1402000.013\SYMDS64.SYS [493216 2012-10-03] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1402000.013\SYMEFA64.SYS [1133216 2012-10-03] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2012-11-07] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1402000.013\Ironx64.SYS [224416 2012-07-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NISx64\1402000.013\SYMNETS.SYS [432800 2012-07-22] (Symantec Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-10-16] (Anchorfree Inc.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-04 17:50 - 2014-01-04 17:51 - 00020932 _____ C:\Users\Sven\Desktop\FRST.txt
2014-01-04 17:49 - 2014-01-04 17:49 - 01931368 _____ (Farbar) C:\Users\Sven\Downloads\FRST64 (1).exe
2014-01-04 17:49 - 2014-01-04 17:49 - 00000000 ____D C:\FRST
2014-01-04 17:48 - 2014-01-04 17:48 - 01931368 _____ (Farbar) C:\Users\Sven\Desktop\FRST64.exe
2014-01-02 20:40 - 2014-01-02 20:40 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-02 20:40 - 2014-01-02 20:40 - 00000000 _____ C:\autoexec.bat
2014-01-02 20:37 - 2014-01-02 22:33 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-02 20:25 - 2014-01-02 20:25 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Sven\Downloads\SpyHunter-Installer.exe
2014-01-02 13:48 - 2014-01-02 13:48 - 00001272 _____ C:\Users\Sven\Desktop\Revo Uninstaller.lnk
2014-01-02 13:48 - 2014-01-02 13:48 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2014-01-02 13:46 - 2014-01-02 13:47 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Sven\Downloads\revosetup95.exe
2014-01-02 09:51 - 2014-01-02 09:51 - 08110300 _____ (Gameforge4D                                                 ) C:\Users\Sven\Downloads\Nicht bestätigt 897926.crdownload
2014-01-01 15:21 - 2014-01-01 15:21 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2014-01-01 15:21 - 2014-01-01 15:21 - 00000000 ____D C:\Program Files (x86)\Overwolf
2014-01-01 15:14 - 2014-01-04 17:42 - 00000000 ____D C:\Users\Sven\AppData\Local\Overwolf
2014-01-01 15:14 - 2014-01-01 16:26 - 00000000 ____D C:\Users\Sven\AppData\Roaming\TS3Client
2014-01-01 15:14 - 2014-01-01 15:14 - 00001174 _____ C:\Users\Sven\Desktop\TeamSpeak 3 Client.lnk
2014-01-01 15:14 - 2014-01-01 15:14 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-01-01 15:14 - 2014-01-01 15:14 - 00000000 ____D C:\Users\Sven\AppData\Local\TeamSpeak 3 Client
2014-01-01 15:09 - 2014-01-01 15:13 - 30095736 _____ (TeamSpeak Systems GmbH) C:\Users\Sven\Downloads\TeamSpeak3-Client-win32-3.0.13.1.exe
2014-01-01 13:03 - 2014-01-01 13:03 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-01 13:03 - 2014-01-01 13:03 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Malwarebytes
2014-01-01 13:03 - 2014-01-01 13:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-01 13:03 - 2014-01-01 13:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-01 13:03 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-01 13:02 - 2014-01-01 13:03 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Sven\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-01 12:51 - 2014-01-01 12:51 - 00000000 ____D C:\Program Files (x86)\Fun2SaVE
2014-01-01 12:41 - 2014-01-01 12:41 - 01233962 _____ C:\Users\Sven\Downloads\adwcleaner_3.016.exe
2014-01-01 12:38 - 2014-01-01 12:38 - 00000000 ____D C:\Program Files (x86)\SavieLots
2014-01-01 09:52 - 2014-01-01 13:22 - 00000000 ____D C:\ProgramData\Fun2SaVE
2014-01-01 09:52 - 2014-01-01 09:52 - 00000000 ____D C:\ProgramData\ealmdgomdcbnoklgoolhfockpbedkceb
2014-01-01 09:51 - 2014-01-01 13:22 - 00000000 ____D C:\ProgramData\SHopDrroope
2014-01-01 09:51 - 2014-01-01 13:22 - 00000000 ____D C:\ProgramData\CheapMe
2014-01-01 09:51 - 2014-01-01 12:45 - 00000000 ____D C:\ProgramData\SavieLots
2013-12-31 22:43 - 2013-12-31 22:43 - 314662811 _____ C:\Users\Tim\Downloads\Nicht bestätigt 935521.crdownload
2013-12-31 21:45 - 2013-12-31 21:45 - 00000000 ____D C:\ProgramData\Browser Enhancer
2013-12-31 19:46 - 2013-12-31 19:46 - 00000000 ____D C:\ProgramData\WinWeb protection
2013-12-31 19:27 - 2013-12-31 19:27 - 00001172 _____ C:\Users\Public\Desktop\Camtasia Studio 8.lnk
2013-12-31 19:27 - 2013-12-31 19:27 - 00000000 ____D C:\ProgramData\regid.1995-08.com.techsmith
2013-12-31 19:27 - 2013-12-31 19:27 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-12-31 19:26 - 2013-12-31 19:26 - 00000000 ____D C:\Program Files (x86)\TechSmith
2013-12-31 18:57 - 2014-01-01 09:51 - 00000000 ____D C:\Users\Tim\AppData\Local\genienext
2013-12-31 18:57 - 2013-12-31 18:57 - 00000000 ____D C:\Users\Tim\.android
2013-12-31 18:30 - 2013-12-31 19:17 - 255479656 _____ C:\Users\Tim\Downloads\camtasia.exe
2013-12-31 09:42 - 2013-12-31 09:42 - 00000000 ____D C:\ProgramData\Accelewin
2013-12-31 09:33 - 2014-01-01 13:22 - 00000000 ____D C:\ProgramData\Fun2Saavee
2013-12-31 09:33 - 2013-12-31 09:33 - 00000000 ____D C:\ProgramData\plbllagpcgldahopijhmmddnhpjgjkgb
2013-12-31 09:32 - 2013-12-31 09:39 - 00000000 ____D C:\ProgramData\WinFilter
2013-12-30 22:42 - 2013-12-30 22:43 - 00001338 _____ C:\Users\Tim\Desktop\Abmelden.lnk
2013-12-30 21:32 - 2013-12-30 21:32 - 00001242 _____ C:\Users\Tim\Desktop\Paint.lnk
2013-12-30 20:46 - 2013-12-30 20:46 - 00000000 ____D C:\ProgramData\Browser System Enahncer
2013-12-30 17:58 - 2014-01-02 21:37 - 00002323 _____ C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2013-12-30 17:58 - 2013-12-30 17:58 - 00002128 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2013-12-30 17:58 - 2013-12-30 17:58 - 00002128 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2013-12-30 17:58 - 2013-12-30 17:58 - 00000000 ___RD C:\Users\Tim\SkyDrive
2013-12-30 17:58 - 2013-12-30 17:58 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive
2013-12-30 17:58 - 2013-12-30 17:58 - 00000000 ____D C:\Program Files (x86)\Microsoft SkyDrive
2013-12-30 17:54 - 2013-12-30 17:54 - 01245168 _____ (Microsoft Corporation) C:\Users\Tim\Downloads\wlsetup-web.exe
2013-12-30 17:54 - 2013-12-30 17:54 - 00000000 ____D C:\Users\Tim\AppData\Local\Windows Live
2013-12-30 17:53 - 2013-12-30 20:51 - 00000000 ____D C:\Users\Tim\Documents\Wondershare Video Editor
2013-12-30 11:32 - 2013-12-30 11:32 - 00000000 ____D C:\ProgramData\Accelesys
2013-12-29 18:28 - 2013-12-29 18:28 - 00000000 ____D C:\ProgramData\Filteligent
2013-12-29 17:22 - 2014-01-02 20:05 - 00000000 ____D C:\Users\Tim\Documents\Fraps
2013-12-27 17:50 - 2013-12-29 15:08 - 00000000 ____D C:\ProgramData\Network Acceleration
2013-12-23 20:30 - 2013-12-23 20:31 - 00429112 _____ C:\Users\Sven\Downloads\pizzaspleef.zip
2013-12-23 17:35 - 2013-12-23 17:35 - 04324265 _____ C:\Users\Tim\Downloads\Timber.zip
2013-12-22 14:13 - 2013-12-22 14:13 - 01536625 _____ C:\Users\Sven\Downloads\LPG'sRedstoneComputer2.7.zip
2013-12-22 10:09 - 2013-12-22 10:09 - 00007658 _____ C:\Users\Sven\Downloads\Prop16BitSQRTExtschematic.zip
2013-12-22 09:49 - 2014-01-02 23:05 - 00000000 ____D C:\AdwCleaner
2013-12-22 09:49 - 2013-12-22 09:49 - 00000000 ____D C:\Users\Sven\AppData\Local\Packages
2013-12-21 10:57 - 2013-12-21 10:57 - 00000928 _____ C:\Users\Sven\Desktop\Movie2KDownloader.lnk
2013-12-21 10:56 - 2013-12-21 10:56 - 00317712 _____ C:\Users\Sven\Downloads\Eragon_-_Das_Vermächtnis_der_Drachenreiter.exe
2013-12-21 10:39 - 2013-12-21 10:40 - 00000000 ____D C:\ProgramData\Oracle
2013-12-21 10:38 - 2013-12-21 10:38 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-12-21 10:38 - 2013-12-21 10:38 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-12-21 10:38 - 2013-12-21 10:38 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-12-21 10:38 - 2013-12-21 10:38 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-12-21 10:38 - 2013-12-21 10:38 - 00000000 ____D C:\Program Files (x86)\Java
2013-12-21 10:29 - 2013-12-21 10:29 - 00915368 _____ (Oracle Corporation) C:\Users\Sven\Downloads\chromeinstall-7u45.exe
2013-12-20 12:16 - 2013-12-31 10:53 - 00000000 ____D C:\Users\Sven\Desktop\Screenshots
2013-12-19 20:22 - 2012-08-23 15:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-12-19 20:22 - 2012-08-23 15:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-12-19 20:22 - 2012-08-23 15:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2013-12-19 20:22 - 2012-08-23 15:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-12-19 20:22 - 2012-08-23 14:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-12-19 20:22 - 2012-08-23 14:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-12-19 20:22 - 2012-08-23 14:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-12-19 20:22 - 2012-08-23 14:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-12-19 20:22 - 2012-08-23 14:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-12-19 20:22 - 2012-08-23 14:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-12-19 20:22 - 2012-08-23 14:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-12-19 20:22 - 2012-08-23 14:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-12-19 20:22 - 2012-08-23 14:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-12-19 20:22 - 2012-08-23 13:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-12-19 20:22 - 2012-08-23 12:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-12-19 20:22 - 2012-08-23 12:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-12-19 20:22 - 2012-08-23 12:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-12-19 20:22 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2013-12-19 20:22 - 2012-08-23 11:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-12-19 20:22 - 2012-08-23 11:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2013-12-19 20:22 - 2012-08-23 11:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-12-19 20:22 - 2012-08-23 11:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-12-19 20:22 - 2012-08-23 10:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-12-19 20:22 - 2012-08-23 09:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-12-19 20:22 - 2012-08-23 09:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-12-19 20:20 - 2012-05-04 12:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2013-12-19 20:20 - 2012-05-04 10:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2013-12-19 20:04 - 2013-12-20 12:14 - 00000000 ____D C:\Windows\system32\MRT
2013-12-19 16:47 - 2013-12-19 16:47 - 00000000 ____D C:\Users\Mirjam Zanetti\AppData\Local\{6AF54B64-306C-463E-8EDF-4B7EF3D5B122}
2013-12-18 18:49 - 2013-12-18 19:13 - 68259380 _____ (Gameforge4D                                                 ) C:\Users\Tim\Downloads\4Story_DE_4.2.1.exe
2013-12-18 17:14 - 2013-12-18 17:18 - 20861012 _____ C:\Users\Tim\Downloads\world.rar
2013-12-17 19:28 - 2013-12-17 19:28 - 00001210 _____ C:\Users\Public\Desktop\Wondershare Video Editor.lnk
2013-12-16 21:57 - 2013-12-16 21:58 - 00007602 _____ C:\Users\Mirjam Zanetti\AppData\Local\Resmon.ResmonCfg
2013-12-16 21:34 - 2013-12-16 21:34 - 00000000 ____D C:\Users\Mirjam Zanetti\AppData\Local\{2CCAE2D2-DC82-40FF-92F3-E53D3BCEDE46}
2013-12-16 19:04 - 2013-12-16 19:07 - 18632916 _____ C:\Users\Tim\Downloads\DrZharks MoCreatures Mod v6.0.1 (1).zip
2013-12-16 19:04 - 2013-12-16 19:04 - 00007605 _____ C:\Users\Tim\AppData\Local\Resmon.ResmonCfg
2013-12-16 12:32 - 2013-12-16 12:35 - 18611238 _____ C:\Users\Tim\Downloads\DrZharks MoCreatures Mod v5.2.5.zip
2013-12-16 12:29 - 2014-01-04 17:42 - 00000440 ____H C:\Windows\Tasks\SK.Enabler-S-1495795506.job
2013-12-16 12:29 - 2014-01-02 16:28 - 00000000 ____D C:\Program Files (x86)\SK Supporter
2013-12-16 12:29 - 2013-12-16 12:29 - 00002686 _____ C:\Windows\System32\Tasks\SK.Enabler-S-1495795506
2013-12-16 12:27 - 2013-12-16 12:29 - 00000000 ____D C:\ProgramData\InstallMate
2013-12-15 19:52 - 2013-12-15 19:53 - 03053697 _____ C:\Users\Sven\Downloads\2.wmv
2013-12-15 18:56 - 2013-12-15 18:56 - 04253137 _____ C:\Users\Tim\Downloads\Ancient Egyptian Palace v2.1.zip
2013-12-15 18:38 - 2013-12-15 18:38 - 00000000 ____D C:\Users\Tim\AppData\Roaming\ATI
2013-12-15 18:38 - 2013-12-15 18:38 - 00000000 ____D C:\Users\Tim\AppData\Local\ATI
2013-12-15 18:38 - 2013-12-15 18:38 - 00000000 ____D C:\ProgramData\ATI
2013-12-15 18:04 - 2013-12-15 18:04 - 01116281 _____ C:\Users\Tim\Downloads\SPC-1.6.4 (1).jar
2013-12-15 18:02 - 2013-12-15 18:02 - 01116281 _____ C:\Users\Tim\Downloads\SPC-1.6.4.jar
2013-12-14 16:35 - 2013-12-29 19:52 - 00007597 _____ C:\Users\Sven\AppData\Local\Resmon.ResmonCfg
2013-12-14 16:24 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2013-12-14 16:24 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2013-12-14 16:24 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2013-12-14 16:23 - 2013-12-14 16:23 - 00001613 _____ C:\Users\Public\Desktop\Play League of Legends.lnk
2013-12-14 16:23 - 2013-12-14 16:23 - 00000000 ____D C:\Riot Games
2013-12-14 16:20 - 2013-12-14 16:24 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Riot Games
2013-12-14 16:14 - 2013-12-14 16:20 - 34888568 _____ (Riot Games) C:\Users\Sven\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2013-12-14 12:38 - 2013-12-14 12:39 - 05511142 _____ C:\Users\Sven\Downloads\32x v6.1 (1.7.2) RuneScape Pack.zip
2013-12-14 07:51 - 2013-12-17 12:20 - 00002204 _____ C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pixsta.lnk
2013-12-13 18:56 - 2013-12-13 18:56 - 00001022 _____ C:\Users\Sven\Downloads\multiplizierer.schematic
2013-12-13 09:32 - 2013-12-13 21:33 - 00000000 ____D C:\Users\Mirjam Zanetti\AppData\Local\{8F431B6C-2062-46B8-B6B1-8309D3A1FDD8}
2013-12-12 19:17 - 2013-12-12 19:17 - 00088799 _____ C:\Users\Sven\Downloads\Nicht bestätigt 116101.crdownload
2013-12-12 17:14 - 2013-12-12 17:14 - 00000000 ____D C:\Users\Mirjam Zanetti\AppData\Local\{0BECB8D7-AAF7-437F-A7B0-8D241ED39115}
2013-12-12 12:43 - 2013-12-12 12:43 - 00830980 _____ C:\Users\Tim\Downloads\shaderpacks.rar
2013-12-12 12:35 - 2013-12-12 12:36 - 00171802 _____ C:\Users\Tim\Downloads\ShadersModCore-mc1.6.2-f789-v2.0.0-pre1.jar
2013-12-12 03:05 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-12 03:05 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-12 03:05 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-12 03:05 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-12 03:03 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 03:03 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 03:03 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 03:03 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-12 03:03 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 03:03 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 03:03 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 03:03 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 03:03 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 03:03 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-12 03:03 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 03:03 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 03:03 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 03:03 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 03:03 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 03:03 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-12 03:03 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-12 03:03 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 03:03 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-12 03:03 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-12 03:03 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-12 03:03 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 03:03 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 03:03 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-12 03:03 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-12 03:03 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 03:03 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 03:03 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 03:03 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-12 03:03 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-12 03:03 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 19:35 - 2013-12-11 19:35 - 00643268 _____ C:\Users\Sven\Downloads\7-Bit-Rechner (Binär) (1).zip
2013-12-11 17:59 - 2013-12-11 18:05 - 01673263 _____ C:\Users\Tim\Downloads\GuiAPI-0.15.7-1.6.2.jar
2013-12-11 17:57 - 2013-12-11 17:57 - 00017595 _____ C:\Users\Tim\Downloads\CustomMobSpawner 2.3.1.zip
2013-12-11 17:55 - 2013-12-11 17:59 - 18632916 _____ C:\Users\Tim\Downloads\DrZharks MoCreatures Mod v6.0.1.zip
2013-12-11 17:37 - 2013-12-11 17:38 - 02243170 _____ C:\Users\Tim\Downloads\Animal Bikes 1.6.4 (2).zip
2013-12-11 17:31 - 2013-12-11 17:31 - 02243170 _____ C:\Users\Tim\Downloads\Animal Bikes 1.6.4 (1).zip
2013-12-11 17:27 - 2013-12-11 17:28 - 02243170 _____ C:\Users\Tim\Downloads\Animal Bikes 1.6.4.zip
2013-12-11 17:16 - 2013-12-11 17:16 - 00421267 _____ C:\Users\Tim\Downloads\OptiFine 1.6.4.jar
2013-12-11 15:20 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-11 15:20 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 15:20 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 15:20 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 15:20 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 15:20 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 15:20 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 15:18 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 15:18 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-11 15:18 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 15:18 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 15:18 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 15:18 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 15:18 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 15:18 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 15:18 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 15:18 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 15:18 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 15:18 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-11 12:43 - 2013-12-11 12:44 - 00675988 _____ C:\Users\Tim\Downloads\Minecraft (1).exe
2013-12-11 12:35 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-12-11 12:20 - 2013-12-11 12:20 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-11 12:20 - 2013-12-11 12:20 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-11 12:20 - 2013-12-11 12:20 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-11 12:20 - 2013-12-11 12:20 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-11 12:20 - 2013-12-11 12:20 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-11 12:20 - 2013-12-11 12:20 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-11 12:20 - 2013-12-11 12:20 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-11 12:17 - 2013-12-11 12:35 - 00014978 _____ C:\Windows\IE11_main.log
2013-12-10 19:25 - 2013-12-10 19:26 - 01032430 _____ C:\Users\Sven\Downloads\BESV4.zip
2013-12-10 17:35 - 2005-09-23 12:52 - 01007853 _____ (Macromedia, Inc.) C:\Users\Tim\Desktop\logisch5.exe
2013-12-08 19:10 - 2013-12-08 19:10 - 00451656 _____ C:\Users\Sven\Downloads\TASCHENRECHNER-.zip
2013-12-07 10:05 - 2013-12-07 10:05 - 00009647 _____ C:\Users\Sven\Downloads\setblockstructure.py
2013-12-07 10:05 - 2013-12-07 10:05 - 00009647 _____ C:\Users\Sven\Downloads\setblockstructure (1).py
2013-12-07 09:12 - 2013-12-07 09:12 - 00000676 _____ C:\Users\Sven\Downloads\display_pancave.schematic
2013-12-07 07:48 - 2013-12-07 07:48 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-12-06 21:34 - 2013-12-06 21:34 - 00006561 _____ C:\Users\Sven\Downloads\Binary to bcd decoder.zip
2013-12-06 21:04 - 2013-12-06 21:05 - 00662990 _____ C:\Users\Sven\Downloads\8 bit and 16 bit decoders.rar
2013-12-06 13:11 - 2013-12-27 20:14 - 00000404 _____ C:\Users\Mirjam Zanetti\daemonprocess.txt
2013-12-05 20:03 - 2013-12-30 19:04 - 00004024 _____ C:\Users\Sven\daemonprocess.txt
2013-12-05 17:54 - 2013-12-20 12:13 - 00002060 _____ C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2013-12-05 17:47 - 2013-12-07 07:47 - 00580753 _____ C:\Users\Tim\Desktop\SkinEdit_alpha3_pre7_fix.zip
2013-12-05 17:46 - 2014-01-01 12:34 - 00001759 _____ C:\Users\Tim\daemonprocess.txt
2013-12-05 17:46 - 2013-12-31 22:33 - 00000000 ____D C:\Users\Tim\AppData\Local\cache
2013-12-05 17:46 - 2013-12-05 17:46 - 00222615 _____ C:\Users\Tim\Downloads\Nicht bestätigt 661495.crdownload
2013-12-05 17:43 - 2013-12-05 17:43 - 00000000 ____D C:\Users\Tim\AppData\Roaming\Minecraft Skin Viewer

==================== One Month Modified Files and Folders =======

2014-01-04 17:51 - 2014-01-04 17:50 - 00020932 _____ C:\Users\Sven\Desktop\FRST.txt
2014-01-04 17:49 - 2014-01-04 17:49 - 01931368 _____ (Farbar) C:\Users\Sven\Downloads\FRST64 (1).exe
2014-01-04 17:49 - 2014-01-04 17:49 - 00000000 ____D C:\FRST
2014-01-04 17:48 - 2014-01-04 17:48 - 01931368 _____ (Farbar) C:\Users\Sven\Desktop\FRST64.exe
2014-01-04 17:42 - 2014-01-01 15:14 - 00000000 ____D C:\Users\Sven\AppData\Local\Overwolf
2014-01-04 17:42 - 2013-12-16 12:29 - 00000440 ____H C:\Windows\Tasks\SK.Enabler-S-1495795506.job
2014-01-04 17:42 - 2013-12-02 19:57 - 00000380 _____ C:\Windows\Tasks\SLOW-PCfighter64-Tim-Notification.job
2014-01-04 17:42 - 2013-12-02 19:57 - 00000378 _____ C:\Windows\Tasks\SLOW-PCfighter64-Tim-Startup.job
2014-01-04 17:42 - 2013-05-03 16:00 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce480efe481209.job
2014-01-04 17:42 - 2013-03-03 19:30 - 00000000 ____D C:\Users\Sven\AppData\Local\LogMeIn Hamachi
2014-01-04 17:15 - 2012-06-29 11:21 - 01863193 _____ C:\Windows\WindowsUpdate.log
2014-01-04 17:04 - 2013-07-10 17:46 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce7d8cf6a6f313.job
2014-01-04 09:25 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-04 09:25 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-04 09:22 - 2013-02-28 22:35 - 00000000 ____D C:\Users\Mirjam Zanetti\AppData\Local\LogMeIn Hamachi
2014-01-04 09:22 - 2012-06-24 19:13 - 00742794 _____ C:\Windows\system32\perfh010.dat
2014-01-04 09:22 - 2012-06-24 19:13 - 00152352 _____ C:\Windows\system32\perfc010.dat
2014-01-04 09:22 - 2012-06-24 19:06 - 00748104 _____ C:\Windows\system32\perfh00C.dat
2014-01-04 09:22 - 2012-06-24 19:06 - 00154994 _____ C:\Windows\system32\perfc00C.dat
2014-01-04 09:22 - 2012-06-24 18:58 - 00710502 _____ C:\Windows\system32\perfh007.dat
2014-01-04 09:22 - 2012-06-24 18:58 - 00154832 _____ C:\Windows\system32\perfc007.dat
2014-01-04 09:22 - 2009-07-14 06:13 - 03450390 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-04 09:18 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-04 09:17 - 2009-07-14 05:51 - 00080868 _____ C:\Windows\setupact.log
2014-01-03 21:48 - 2012-12-29 17:45 - 00000000 ____D C:\Users\Tim\AppData\Roaming\Skype
2014-01-03 21:32 - 2013-03-01 11:41 - 00000000 ____D C:\Users\Tim\AppData\Local\LogMeIn Hamachi
2014-01-03 10:37 - 2012-12-21 12:42 - 00000000 ____D C:\Users\Sven\AppData\Local\CrashDumps
2014-01-02 23:05 - 2013-12-22 09:49 - 00000000 ____D C:\AdwCleaner
2014-01-02 22:33 - 2014-01-02 20:37 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-02 21:37 - 2013-12-30 17:58 - 00002323 _____ C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-01-02 20:40 - 2014-01-02 20:40 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-02 20:40 - 2014-01-02 20:40 - 00000000 _____ C:\autoexec.bat
2014-01-02 20:25 - 2014-01-02 20:25 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Sven\Downloads\SpyHunter-Installer.exe
2014-01-02 20:05 - 2013-12-29 17:22 - 00000000 ____D C:\Users\Tim\Documents\Fraps
2014-01-02 19:13 - 2013-08-27 11:11 - 00000000 ____D C:\Users\Tim\Documents\Camtasia Studio
2014-01-02 19:11 - 2013-09-19 10:55 - 00000000 ____D C:\Users\Tim\AppData\Roaming\.minecraft
2014-01-02 16:30 - 2010-11-21 04:47 - 00587366 _____ C:\Windows\PFRO.log
2014-01-02 16:28 - 2013-12-16 12:29 - 00000000 ____D C:\Program Files (x86)\SK Supporter
2014-01-02 13:48 - 2014-01-02 13:48 - 00001272 _____ C:\Users\Sven\Desktop\Revo Uninstaller.lnk
2014-01-02 13:48 - 2014-01-02 13:48 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2014-01-02 13:47 - 2014-01-02 13:46 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Sven\Downloads\revosetup95.exe
2014-01-02 10:29 - 2012-12-06 13:09 - 00000000 ____D C:\Users\Sven\Documents\Visual Studio 2010
2014-01-02 09:51 - 2014-01-02 09:51 - 08110300 _____ (Gameforge4D                                                 ) C:\Users\Sven\Downloads\Nicht bestätigt 897926.crdownload
2014-01-01 16:26 - 2014-01-01 15:14 - 00000000 ____D C:\Users\Sven\AppData\Roaming\TS3Client
2014-01-01 15:21 - 2014-01-01 15:21 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2014-01-01 15:21 - 2014-01-01 15:21 - 00000000 ____D C:\Program Files (x86)\Overwolf
2014-01-01 15:14 - 2014-01-01 15:14 - 00001174 _____ C:\Users\Sven\Desktop\TeamSpeak 3 Client.lnk
2014-01-01 15:14 - 2014-01-01 15:14 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-01-01 15:14 - 2014-01-01 15:14 - 00000000 ____D C:\Users\Sven\AppData\Local\TeamSpeak 3 Client
2014-01-01 15:13 - 2014-01-01 15:09 - 30095736 _____ (TeamSpeak Systems GmbH) C:\Users\Sven\Downloads\TeamSpeak3-Client-win32-3.0.13.1.exe
2014-01-01 13:24 - 2013-12-02 20:20 - 00000000 ____D C:\Support
2014-01-01 13:24 - 2013-03-06 19:16 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2014-01-01 13:22 - 2014-01-01 09:52 - 00000000 ____D C:\ProgramData\Fun2SaVE
2014-01-01 13:22 - 2014-01-01 09:51 - 00000000 ____D C:\ProgramData\SHopDrroope
2014-01-01 13:22 - 2014-01-01 09:51 - 00000000 ____D C:\ProgramData\CheapMe
2014-01-01 13:22 - 2013-12-31 09:33 - 00000000 ____D C:\ProgramData\Fun2Saavee
2014-01-01 13:22 - 2013-12-02 20:20 - 00000000 ____D C:\Program Files (x86)\PSupport
2014-01-01 13:03 - 2014-01-01 13:03 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-01 13:03 - 2014-01-01 13:03 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Malwarebytes
2014-01-01 13:03 - 2014-01-01 13:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-01 13:03 - 2014-01-01 13:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-01 13:03 - 2014-01-01 13:02 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Sven\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-01 12:51 - 2014-01-01 12:51 - 00000000 ____D C:\Program Files (x86)\Fun2SaVE
2014-01-01 12:51 - 2013-12-02 20:20 - 00000000 ____D C:\ProgramData\4c56cbda1eea8c4f
2014-01-01 12:50 - 2012-03-23 00:18 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2014-01-01 12:45 - 2014-01-01 09:51 - 00000000 ____D C:\ProgramData\SavieLots
2014-01-01 12:45 - 2013-01-18 12:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-01 12:41 - 2014-01-01 12:41 - 01233962 _____ C:\Users\Sven\Downloads\adwcleaner_3.016.exe
2014-01-01 12:38 - 2014-01-01 12:38 - 00000000 ____D C:\Program Files (x86)\SavieLots
2014-01-01 12:34 - 2013-12-05 17:46 - 00001759 _____ C:\Users\Tim\daemonprocess.txt
2014-01-01 10:20 - 2013-03-06 19:16 - 00000000 ____D C:\Users\Tim\AppData\Local\PMB Files
2014-01-01 09:53 - 2013-03-15 11:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-01 09:52 - 2014-01-01 09:52 - 00000000 ____D C:\ProgramData\ealmdgomdcbnoklgoolhfockpbedkceb
2014-01-01 09:51 - 2013-12-31 18:57 - 00000000 ____D C:\Users\Tim\AppData\Local\genienext
2013-12-31 22:43 - 2013-12-31 22:43 - 314662811 _____ C:\Users\Tim\Downloads\Nicht bestätigt 935521.crdownload
2013-12-31 22:33 - 2013-12-05 17:46 - 00000000 ____D C:\Users\Tim\AppData\Local\cache
2013-12-31 21:45 - 2013-12-31 21:45 - 00000000 ____D C:\ProgramData\Browser Enhancer
2013-12-31 19:46 - 2013-12-31 19:46 - 00000000 ____D C:\ProgramData\WinWeb protection
2013-12-31 19:27 - 2013-12-31 19:27 - 00001172 _____ C:\Users\Public\Desktop\Camtasia Studio 8.lnk
2013-12-31 19:27 - 2013-12-31 19:27 - 00000000 ____D C:\ProgramData\regid.1995-08.com.techsmith
2013-12-31 19:27 - 2013-12-31 19:27 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-12-31 19:26 - 2013-12-31 19:26 - 00000000 ____D C:\Program Files (x86)\TechSmith
2013-12-31 19:17 - 2013-12-31 18:30 - 255479656 _____ C:\Users\Tim\Downloads\camtasia.exe
2013-12-31 18:57 - 2013-12-31 18:57 - 00000000 ____D C:\Users\Tim\.android
2013-12-31 18:57 - 2012-12-02 20:28 - 00000000 ____D C:\Users\Tim
2013-12-31 10:53 - 2013-12-20 12:16 - 00000000 ____D C:\Users\Sven\Desktop\Screenshots
2013-12-31 10:36 - 2013-08-21 19:06 - 00000000 ____D C:\Users\Sven\AppData\Roaming\.minecraft
2013-12-31 09:42 - 2013-12-31 09:42 - 00000000 ____D C:\ProgramData\Accelewin
2013-12-31 09:39 - 2013-12-31 09:32 - 00000000 ____D C:\ProgramData\WinFilter
2013-12-31 09:33 - 2013-12-31 09:33 - 00000000 ____D C:\ProgramData\plbllagpcgldahopijhmmddnhpjgjkgb
2013-12-30 22:43 - 2013-12-30 22:42 - 00001338 _____ C:\Users\Tim\Desktop\Abmelden.lnk
2013-12-30 21:32 - 2013-12-30 21:32 - 00001242 _____ C:\Users\Tim\Desktop\Paint.lnk
2013-12-30 20:51 - 2013-12-30 17:53 - 00000000 ____D C:\Users\Tim\Documents\Wondershare Video Editor
2013-12-30 20:46 - 2013-12-30 20:46 - 00000000 ____D C:\ProgramData\Browser System Enahncer
2013-12-30 19:04 - 2013-12-05 20:03 - 00004024 _____ C:\Users\Sven\daemonprocess.txt
2013-12-30 17:58 - 2013-12-30 17:58 - 00002128 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2013-12-30 17:58 - 2013-12-30 17:58 - 00002128 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2013-12-30 17:58 - 2013-12-30 17:58 - 00000000 ___RD C:\Users\Tim\SkyDrive
2013-12-30 17:58 - 2013-12-30 17:58 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive
2013-12-30 17:58 - 2013-12-30 17:58 - 00000000 ____D C:\Program Files (x86)\Microsoft SkyDrive
2013-12-30 17:54 - 2013-12-30 17:54 - 01245168 _____ (Microsoft Corporation) C:\Users\Tim\Downloads\wlsetup-web.exe
2013-12-30 17:54 - 2013-12-30 17:54 - 00000000 ____D C:\Users\Tim\AppData\Local\Windows Live
2013-12-30 11:32 - 2013-12-30 11:32 - 00000000 ____D C:\ProgramData\Accelesys
2013-12-29 19:52 - 2013-12-14 16:35 - 00007597 _____ C:\Users\Sven\AppData\Local\Resmon.ResmonCfg
2013-12-29 18:28 - 2013-12-29 18:28 - 00000000 ____D C:\ProgramData\Filteligent
2013-12-29 15:08 - 2013-12-27 17:50 - 00000000 ____D C:\ProgramData\Network Acceleration
2013-12-27 20:14 - 2013-12-06 13:11 - 00000404 _____ C:\Users\Mirjam Zanetti\daemonprocess.txt
2013-12-23 20:31 - 2013-12-23 20:30 - 00429112 _____ C:\Users\Sven\Downloads\pizzaspleef.zip
2013-12-23 17:35 - 2013-12-23 17:35 - 04324265 _____ C:\Users\Tim\Downloads\Timber.zip
2013-12-22 14:13 - 2013-12-22 14:13 - 01536625 _____ C:\Users\Sven\Downloads\LPG'sRedstoneComputer2.7.zip
2013-12-22 10:10 - 2013-10-28 18:58 - 11649935 _____ C:\Users\Sven\Desktop\MCEdit_dev-0.1.8build665.win-amd64.zip
2013-12-22 10:09 - 2013-12-22 10:09 - 00007658 _____ C:\Users\Sven\Downloads\Prop16BitSQRTExtschematic.zip
2013-12-22 10:00 - 2012-12-02 18:55 - 00001424 _____ C:\Users\Sven\Desktop\Google Chrome.lnk
2013-12-22 09:57 - 2013-01-18 12:02 - 00001057 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-22 09:57 - 2012-12-01 10:20 - 00000997 _____ C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-22 09:49 - 2013-12-22 09:49 - 00000000 ____D C:\Users\Sven\AppData\Local\Packages
2013-12-22 08:48 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-12-21 11:02 - 2011-06-11 01:58 - 00420944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2013-12-21 10:57 - 2013-12-21 10:57 - 00000928 _____ C:\Users\Sven\Desktop\Movie2KDownloader.lnk
2013-12-21 10:56 - 2013-12-21 10:56 - 00317712 _____ C:\Users\Sven\Downloads\Eragon_-_Das_Vermächtnis_der_Drachenreiter.exe
2013-12-21 10:40 - 2013-12-21 10:39 - 00000000 ____D C:\ProgramData\Oracle
2013-12-21 10:38 - 2013-12-21 10:38 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-12-21 10:38 - 2013-12-21 10:38 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-12-21 10:38 - 2013-12-21 10:38 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-12-21 10:38 - 2013-12-21 10:38 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-12-21 10:38 - 2013-12-21 10:38 - 00000000 ____D C:\Program Files (x86)\Java
2013-12-21 10:29 - 2013-12-21 10:29 - 00915368 _____ (Oracle Corporation) C:\Users\Sven\Downloads\chromeinstall-7u45.exe
2013-12-21 07:45 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-20 12:20 - 2013-10-14 11:42 - 00000000 ____D C:\Users\Sven\Desktop\Movies
2013-12-20 12:14 - 2013-12-19 20:04 - 00000000 ____D C:\Windows\system32\MRT
2013-12-20 12:13 - 2013-12-05 17:54 - 00002060 _____ C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2013-12-19 20:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-19 20:10 - 2012-06-29 11:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-12-19 18:43 - 2013-01-28 20:28 - 00000000 ____D C:\Users\Mirjam Zanetti\AppData\Local\CrashDumps
2013-12-19 16:47 - 2013-12-19 16:47 - 00000000 ____D C:\Users\Mirjam Zanetti\AppData\Local\{6AF54B64-306C-463E-8EDF-4B7EF3D5B122}
2013-12-19 16:46 - 2013-03-30 15:36 - 00000000 ____D C:\Users\Mirjam Zanetti\Tracing
2013-12-19 16:46 - 2013-02-08 12:57 - 00109680 _____ C:\Users\Mirjam Zanetti\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-18 19:13 - 2013-12-18 18:49 - 68259380 _____ (Gameforge4D                                                 ) C:\Users\Tim\Downloads\4Story_DE_4.2.1.exe
2013-12-18 17:18 - 2013-12-18 17:14 - 20861012 _____ C:\Users\Tim\Downloads\world.rar
2013-12-18 17:05 - 2013-11-08 15:54 - 00000000 ____D C:\Users\Tim\AppData\Local\VNT
2013-12-18 17:05 - 2012-12-03 11:46 - 00109680 _____ C:\Users\Tim\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-18 13:48 - 2009-07-14 05:45 - 00415048 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-17 19:28 - 2013-12-17 19:28 - 00001210 _____ C:\Users\Public\Desktop\Wondershare Video Editor.lnk
2013-12-17 19:28 - 2012-12-02 18:53 - 00109680 _____ C:\Users\Sven\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-17 12:20 - 2013-12-14 07:51 - 00002204 _____ C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pixsta.lnk
2013-12-16 21:58 - 2013-12-16 21:57 - 00007602 _____ C:\Users\Mirjam Zanetti\AppData\Local\Resmon.ResmonCfg
2013-12-16 21:34 - 2013-12-16 21:34 - 00000000 ____D C:\Users\Mirjam Zanetti\AppData\Local\{2CCAE2D2-DC82-40FF-92F3-E53D3BCEDE46}
2013-12-16 19:07 - 2013-12-16 19:04 - 18632916 _____ C:\Users\Tim\Downloads\DrZharks MoCreatures Mod v6.0.1 (1).zip
2013-12-16 19:04 - 2013-12-16 19:04 - 00007605 _____ C:\Users\Tim\AppData\Local\Resmon.ResmonCfg
2013-12-16 12:35 - 2013-12-16 12:32 - 18611238 _____ C:\Users\Tim\Downloads\DrZharks MoCreatures Mod v5.2.5.zip
2013-12-16 12:29 - 2013-12-16 12:29 - 00002686 _____ C:\Windows\System32\Tasks\SK.Enabler-S-1495795506
2013-12-16 12:29 - 2013-12-16 12:27 - 00000000 ____D C:\ProgramData\InstallMate
2013-12-15 19:53 - 2013-12-15 19:52 - 03053697 _____ C:\Users\Sven\Downloads\2.wmv
2013-12-15 18:56 - 2013-12-15 18:56 - 04253137 _____ C:\Users\Tim\Downloads\Ancient Egyptian Palace v2.1.zip
2013-12-15 18:38 - 2013-12-15 18:38 - 00000000 ____D C:\Users\Tim\AppData\Roaming\ATI
2013-12-15 18:38 - 2013-12-15 18:38 - 00000000 ____D C:\Users\Tim\AppData\Local\ATI
2013-12-15 18:38 - 2013-12-15 18:38 - 00000000 ____D C:\ProgramData\ATI
2013-12-15 18:04 - 2013-12-15 18:04 - 01116281 _____ C:\Users\Tim\Downloads\SPC-1.6.4 (1).jar
2013-12-15 18:02 - 2013-12-15 18:02 - 01116281 _____ C:\Users\Tim\Downloads\SPC-1.6.4.jar
2013-12-15 13:06 - 2013-01-09 14:28 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Skype
2013-12-14 16:24 - 2013-12-14 16:20 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Riot Games
2013-12-14 16:23 - 2013-12-14 16:23 - 00001613 _____ C:\Users\Public\Desktop\Play League of Legends.lnk
2013-12-14 16:23 - 2013-12-14 16:23 - 00000000 ____D C:\Riot Games
2013-12-14 16:23 - 2012-12-25 12:47 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2013-12-14 16:20 - 2013-12-14 16:14 - 34888568 _____ (Riot Games) C:\Users\Sven\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2013-12-14 12:39 - 2013-12-14 12:38 - 05511142 _____ C:\Users\Sven\Downloads\32x v6.1 (1.7.2) RuneScape Pack.zip
2013-12-13 21:33 - 2013-12-13 09:32 - 00000000 ____D C:\Users\Mirjam Zanetti\AppData\Local\{8F431B6C-2062-46B8-B6B1-8309D3A1FDD8}
2013-12-13 18:56 - 2013-12-13 18:56 - 00001022 _____ C:\Users\Sven\Downloads\multiplizierer.schematic
2013-12-13 17:56 - 2012-12-02 20:28 - 00000680 __RSH C:\Users\Tim\ntuser.pol
2013-12-13 17:56 - 2012-12-01 10:20 - 00001326 __RSH C:\Users\Sven\ntuser.pol
2013-12-13 17:56 - 2012-12-01 10:20 - 00000000 ____D C:\Users\Sven
2013-12-13 17:56 - 2012-12-01 10:05 - 00000680 __RSH C:\Users\Mirjam Zanetti\ntuser.pol
2013-12-13 17:56 - 2012-11-07 10:27 - 00000000 ____D C:\Users\Mirjam Zanetti
2013-12-12 19:17 - 2013-12-12 19:17 - 00088799 _____ C:\Users\Sven\Downloads\Nicht bestätigt 116101.crdownload
2013-12-12 17:14 - 2013-12-12 17:14 - 00000000 ____D C:\Users\Mirjam Zanetti\AppData\Local\{0BECB8D7-AAF7-437F-A7B0-8D241ED39115}
2013-12-12 17:13 - 2012-11-07 10:30 - 00001429 _____ C:\Users\Mirjam Zanetti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-12 12:43 - 2013-12-12 12:43 - 00830980 _____ C:\Users\Tim\Downloads\shaderpacks.rar
2013-12-12 12:36 - 2013-12-12 12:35 - 00171802 _____ C:\Users\Tim\Downloads\ShadersModCore-mc1.6.2-f789-v2.0.0-pre1.jar
2013-12-12 03:04 - 2013-01-24 19:36 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-11 19:35 - 2013-12-11 19:35 - 00643268 _____ C:\Users\Sven\Downloads\7-Bit-Rechner (Binär) (1).zip
2013-12-11 18:05 - 2013-12-11 17:59 - 01673263 _____ C:\Users\Tim\Downloads\GuiAPI-0.15.7-1.6.2.jar
2013-12-11 17:59 - 2013-12-11 17:55 - 18632916 _____ C:\Users\Tim\Downloads\DrZharks MoCreatures Mod v6.0.1.zip
2013-12-11 17:57 - 2013-12-11 17:57 - 00017595 _____ C:\Users\Tim\Downloads\CustomMobSpawner 2.3.1.zip
2013-12-11 17:38 - 2013-12-11 17:37 - 02243170 _____ C:\Users\Tim\Downloads\Animal Bikes 1.6.4 (2).zip
2013-12-11 17:31 - 2013-12-11 17:31 - 02243170 _____ C:\Users\Tim\Downloads\Animal Bikes 1.6.4 (1).zip
2013-12-11 17:28 - 2013-12-11 17:27 - 02243170 _____ C:\Users\Tim\Downloads\Animal Bikes 1.6.4.zip
2013-12-11 17:16 - 2013-12-11 17:16 - 00421267 _____ C:\Users\Tim\Downloads\OptiFine 1.6.4.jar
2013-12-11 13:17 - 2012-12-02 20:28 - 00001429 _____ C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-11 12:44 - 2013-12-11 12:43 - 00675988 _____ C:\Users\Tim\Downloads\Minecraft (1).exe
2013-12-11 12:39 - 2012-12-02 20:30 - 00000000 ____D C:\Users\Tim\AppData\Local\Google
2013-12-11 12:35 - 2013-12-11 12:17 - 00014978 _____ C:\Windows\IE11_main.log
2013-12-11 12:20 - 2013-12-11 12:20 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-11 12:20 - 2013-12-11 12:20 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-11 12:20 - 2013-12-11 12:20 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-11 12:20 - 2013-12-11 12:20 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-11 12:20 - 2013-12-11 12:20 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-11 12:20 - 2013-12-11 12:20 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-11 12:20 - 2013-12-11 12:20 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-10 19:26 - 2013-12-10 19:25 - 01032430 _____ C:\Users\Sven\Downloads\BESV4.zip
2013-12-08 19:10 - 2013-12-08 19:10 - 00451656 _____ C:\Users\Sven\Downloads\TASCHENRECHNER-.zip
2013-12-07 10:05 - 2013-12-07 10:05 - 00009647 _____ C:\Users\Sven\Downloads\setblockstructure.py
2013-12-07 10:05 - 2013-12-07 10:05 - 00009647 _____ C:\Users\Sven\Downloads\setblockstructure (1).py
2013-12-07 09:12 - 2013-12-07 09:12 - 00000676 _____ C:\Users\Sven\Downloads\display_pancave.schematic
2013-12-07 08:45 - 2013-11-14 19:39 - 00001338 _____ C:\Users\Sven\Desktop\shutdown.lnk
2013-12-07 07:48 - 2013-12-07 07:48 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-12-07 07:47 - 2013-12-05 17:47 - 00580753 _____ C:\Users\Tim\Desktop\SkinEdit_alpha3_pre7_fix.zip
2013-12-06 21:34 - 2013-12-06 21:34 - 00006561 _____ C:\Users\Sven\Downloads\Binary to bcd decoder.zip
2013-12-06 21:05 - 2013-12-06 21:04 - 00662990 _____ C:\Users\Sven\Downloads\8 bit and 16 bit decoders.rar
2013-12-06 18:31 - 2013-10-15 10:14 - 00000000 ____D C:\Users\Sven\Desktop\Benchmarks
2013-12-06 16:31 - 2012-12-02 20:32 - 00000000 ____D C:\Users\Tim\Desktop\.minecraft
2013-12-05 17:55 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2013-12-05 17:46 - 2013-12-05 17:46 - 00222615 _____ C:\Users\Tim\Downloads\Nicht bestätigt 661495.crdownload
2013-12-05 17:43 - 2013-12-05 17:43 - 00000000 ____D C:\Users\Tim\AppData\Roaming\Minecraft Skin Viewer
2013-12-05 17:03 - 2012-12-28 11:05 - 00000000 ____D C:\Users\Tim\AppData\Local\CrashDumps
2013-12-05 16:55 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.3080.dll
C:\Windows\Tasks\{5DB9E211-1F20-4E8E-90D7-26D9EFE8AE7E}.job


Some content of TEMP:
====================
C:\Users\Mirjam Zanetti\AppData\Local\Temp\55757uninstall.exe
C:\Users\Mirjam Zanetti\AppData\Local\Temp\bundlesweetimsetup.exe
C:\Users\Mirjam Zanetti\AppData\Local\Temp\GenericUninstall.exe
C:\Users\Mirjam Zanetti\AppData\Local\Temp\kpinstaller.exe
C:\Users\Mirjam Zanetti\AppData\Local\Temp\MyBabylonTB.exe
C:\Users\Mirjam Zanetti\AppData\Local\Temp\OnlineWeatherSetup.exe
C:\Users\Mirjam Zanetti\AppData\Local\Temp\ose00000.exe
C:\Users\Mirjam Zanetti\AppData\Local\Temp\PicasaUpdater_2ac4.exe
C:\Users\Mirjam Zanetti\AppData\Local\Temp\propsys.dll
C:\Users\Mirjam Zanetti\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Mirjam Zanetti\AppData\Local\Temp\Sqlite3.dll
C:\Users\Mirjam Zanetti\AppData\Local\Temp\uninst1.exe
C:\Users\Mirjam Zanetti\AppData\Local\Temp\uninstaller.exe
C:\Users\Mirjam Zanetti\AppData\Local\Temp\WSSetup.exe
C:\Users\Sven\AppData\Local\Temp\htmlayout.dll
C:\Users\Sven\AppData\Local\Temp\ifxuec0f.dll
C:\Users\Sven\AppData\Local\Temp\npp.6.3.2.Installer.exe
C:\Users\Sven\AppData\Local\Temp\Quarantine.exe
C:\Users\Sven\AppData\Local\Temp\SHSetup.exe
C:\Users\Sven\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Sven\AppData\Local\Temp\tmp714A.exe
C:\Users\Sven\AppData\Local\Temp\uninst1.exe
C:\Users\Sven\AppData\Local\Temp\upibbv2d.dll
C:\Users\Sven\AppData\Local\Temp\w23ptpgn.dll
C:\Users\Sven\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Tim\AppData\Local\Temp\294823_.exe
C:\Users\Tim\AppData\Local\Temp\Mobogenie_Setup_2-1-23_517.exe
C:\Users\Tim\AppData\Local\Temp\Mobogenie_Setup_2-1-35_517.exe
C:\Users\Tim\AppData\Local\Temp\npp.6.5.1.Installer.exe
C:\Users\Tim\AppData\Local\Temp\PokkiInstaller.exe
C:\Users\Tim\AppData\Local\Temp\SimilarBundleGenericDl.exe
C:\Users\Tim\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Tim\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\Tim\AppData\Local\Temp\version51030bc4470a0.exe
C:\Users\Tim\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-03-25 08:03

==================== End Of Log ============================
--- --- ---




(Der Text bestand aus 127479 Zeichen und war damit zu lang, wird mir hier angezeigt... Ich hoffe es macht nichts, dass ich es auf 2 Beiträge ausgedehnt habe ^^)
__________________
Alt 04.01.2014, 18:03   #4
Terrenay
 
SafeSaver lässt sich nicht entfernen - Standard

SafeSaver lässt sich nicht entfernen


Und hier die Addition.txt:

FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2014
Ran by Sven at 2014-01-04 17:53:48
Running from C:\Users\Sven\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

 clear.fi SDK - MVP 2 (x32 Version: 2.0.1505 - CyberLink Corp.) Hidden
 clear.fi SDK- Movie 2 (x32 Version: 2.0.1502 - CyberLink Corp.) Hidden
4Story (4STORY) (x32 Version: (4STORY) - ZEMI INTERACTIVE INC)
4Story (HKCU Version: 4.02.02.5 - )
4Story 1.5 (x32 Version:  - )
4Story DE 4.1.176 (x32 Version:  - )
4story_cycle (HKCU Version: 4.01.00.16 - )
Accelesys (x32 Version:  - PlanetCore)
Accelewin (x32 Version:  - Linker Ltd)
Acer eRecovery Management (x32 Version: 5.00.3507 - Acer Incorporated)
Acer Games (x32 Version: 1.0.2.5 - WildTangent)
Acer Registration (x32 Version: 1.04.3506 - Acer Incorporated)
Acer ScreenSaver (x32 Version: 1.1.0609.2011 - Acer Incorporated)
Acer Updater (x32 Version: 1.02.3501 - Acer Incorporated)
Adobe AIR (x32 Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.6.0.19120 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.6.602.180 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.6.602.180 - Adobe Systems Incorporated)
Adobe Reader X (10.1.6) MUI (x32 Version: 10.1.6 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.8.638 - Adobe Systems, Inc)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Allgemeine Runtime Files (x86) (Version: 1.0.3.5 - Sereby Corporation)
AMD Accelerated Video Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.873.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (Version: 3.0.864.0 - Advanced Micro Devices, Inc.)
AMD VISION Engine Control Center (x32 Version: 2012.0126.1906.34079 - Advanced Micro Devices, Inc.) Hidden
Arc (x32 Version: 1.0.0.5510 - Perfect World Entertainment)
aTube Catcher (x32 Version: 2.9.4272 - DsNET Corp)
Benutzerhandbuch - Grundlagen EPSON XP-402 403 405 406 Series (x32 Version:  - )
Benutzerhandbuch EPSON XP-402 403 405 406 Series (x32 Version:  - )
Bing Bar (x32 Version: 7.2.241.0 - Microsoft Corporation)
BitComet 1.36 64-bit (x32 Version: 1.36 - CometNetwork)
BlueStacks App Player (x32 Version: 0.7.17.916 - BlueStack Systems, Inc.)
BlueStacks Notification Center (x32 Version: 0.7.17.916 - BlueStack Systems, Inc.)
Browser Enhancer (x32 Version:  - Goingo)
Browser System Enahncer (x32 Version:  - GreatSoft)
Camtasia Studio 8 (x32 Version: 8.2.1.1423 - TechSmith Corporation)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0126.1906.34079 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0126.1906.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0126.1906.34079 - Advanced Micro Devices, Inc.) Hidden
clear.fi Media (x32 Version: 2.00.3004 - Acer Incorporated)
clear.fi Photo (x32 Version: 2.00.3004 - Acer Incorporated)
Comodo Dragon (x32 Version: 23.4.1.0 - COMODO)
CyberLink MediaEspresso (x32 Version: 6.5.1720_38230 - CyberLink Corp.)
CyberLink MediaEspresso (x32 Version: 6.5.1720_38230 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DirectX 9.0c Extra Files (x86, x64) (Version: 1.10.06.0 - Sereby Corporation)
DirectX for Managed Code (Version: 1.0.0.0 - Sereby Corporation)
Download Navigator (x32 Version: 1.1.0 - SEIKO EPSON CORPORATION)
eBay Worldwide (x32 Version: 2.2.0409 - OEM)
Elsword_DE (x32 Version:  - )
Epson Easy Photo Print 2 (x32 Version: 2.3.2.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (x32 Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (x32 Version: 3.01.0000 - Seiko Epson Corporation)
EPSON Scan (x32 Version:  - Seiko Epson Corporation)
EPSON XP-402 403 405 406 Series Printer Uninstall (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (x32 Version: 2.5.00 - SEIKO EPSON CORPORATION)
Evernote v. 4.5.2 (x32 Version: 4.5.2.5866 - Evernote Corp.)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Filteligent (x32 Version:  - Winteam)
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Fraps (remove only) (x32 Version:  - )
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Gameforge Live 1.0 "Legend" (x32 Version: 1.0.1717 - Gameforge)
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Happy Lyrics (x32 Version:  - Happy Productions) <==== ATTENTION
Hotkey Utility (x32 Version: 2.05.3510 - Acer Incorporated)
HyperCam 3 (x32 Version: 3.5.1211.29 - Solveig Multimedia)
Identity Card (x32 Version: 1.00.3501 - Acer Incorporated)
Iminent (x32 Version: 6.46.1.0 - Iminent) Hidden <==== ATTENTION
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Interdiscount Fotoservice (x32 Version: 4.8.6 - CEWE COLOR AG u Co. OHG)
Java 7 Update 10 (64-bit) (Version: 7.0.100 - Oracle)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
join.me (HKCU Version: 1.8.0.108 - LogMeIn, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kalydo Player 5.09.05 (HKCU Version: 5.09.05 - Eximion B.V.)
League of Legends (x32 Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LogMeIn Hamachi (x32 Version: 2.2.0.109 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.109 - LogMeIn, Inc.) Hidden
MAESTIA Version 201207 (x32 Version: 201207 - RocWorks)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (x32 Version:  - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2656370) (x32 Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (x32 Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (x32 Version:  - )
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (x32 Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (x32 Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (x32 Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x32 Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - DEU (x32 Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - DEU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (x32 Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (Version:  - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (Version: 2.0.50728 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (x32 Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (Version: 10.0.30319 - Microsoft Corporation)
Minecraft Editor 64 bits (Version: 1.6.6 - Axialmedia)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 22.0 - Mozilla)
MpcStar 5.4 (x32 Version: 5.4 - www.mpcstar.com)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (x32 Version: 4.0.14.18 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.18 - Egis Technology Inc.) Hidden
Nero Control Center 10 (x32 Version: 10.6.13200.0.12 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.6.10800 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.20500.9.16 - Nero AG) Hidden
Nero DiscSpeed 10 (x32 Version: 6.4.10500.1.100 - Nero AG)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Express 10 (x32 Version: 10.6.10700.5.100 - Nero AG)
Nero Express 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Multimedia Suite 10 Essentials (x32 Version: 10.6.10300 - Nero AG)
Nero StartSmart 10 (x32 Version: 10.6.10600.4.100 - Nero AG)
Nero StartSmart 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.10022.15.0 - Nero AG) Hidden
Network Acceleration (x32 Version:  - Sourceplace)
Netzwerkhandbuch EPSON XP-402 403 405 406 Series (x32 Version:  - )
Norton Internet Security (x32 Version: 20.2.0.19 - Symantec Corporation)
Notepad++ (x32 Version: 6.4.5 - Notepad++ Team)
Overwolf (x32 Version: 0.47.284 - Overwolf)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Picasa 3 (x32 Version: 3.9 - Google, Inc.)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (x32 Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pokemon Online 2.0.1 (x32 Version:  - Dreambelievers)
POKéMON Simulator 4.5 (x32 Version: 4.5 - Birdiesoft)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
RadioTotal1 Toolbar for IE (x32 Version: 6.17.2.8 - RadioTotal1)
Realtek Ethernet Controller Driver (x32 Version: 7.45.516.2011 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6392 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (x32 Version: 1.95 - VS Revo Group)
Search-Results Toolbar (x32 Version: 1.2.0.0 - APN LLC)
SecretSauce (Version: 2013.12.07.011955 - SecretSauce)
Shareaza (HKCU Version: 9.0.0.133955 - Bandoo Media Inc)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
SK.Enabler (x32 Version: 2.0.0.1106 - PremiumSoft)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
SLOW-PCfighter (Version: 1.7.59 - SPAMfighter ApS) Hidden
SLOW-PCfighter (Version: 1.7.59 - SPAMfighter ApS.)
Steuer 2012 13.0.3 (x32 Version: 13.0.3 - Information Factory AG)
TeamSpeak 3 Client (HKCU Version: 3.0.13 - TeamSpeak Systems GmbH)
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update for 2007 Microsoft Office System (KB967642) (x32 Version:  - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32 Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32 Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32 Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (x32 Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
VIS (x32 Version:  - )
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (x32 Version: 4.0.8080.0 - Microsoft Corporation)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (x32 Version: 1.02.3507 - Acer Incorporated)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорация Майкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinFilter (x32 Version:  - Linker Ltd)
WinRAR 4.20 (32-Bit) (x32 Version: 4.20.0 - win.rar GmbH)
WinRAR 4.20 (64-Bit) (Version: 4.20.0 - win.rar GmbH)
WinWeb protection (x32 Version:  - BullPoint)
Wondershare Video Editor(Build 3.5.0) (x32 Version:  - Wondershare Software)
WPM17.8.0.3159 (x32 Version: 17.8.0.3159 - Cherished Technololgy LIMITED) <==== ATTENTION
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

02-01-2014 12:49:54 Revo Uninstaller's restore point - Fooz Kids
02-01-2014 19:39:18 Installed SpyHunter
02-01-2014 21:32:07 Removed SpyHunter
03-01-2014 08:39:20 Windows Update
04-01-2014 13:00:13 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {13FBF219-AB2F-4E15-9513-29FDD61F4A20} - \BrowserProtect No Task File
Task: {1BBE9B46-44B0-4D36-A315-0B3F0399BC22} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\symerr.exe [2012-10-18] (Symantec Corporation)
Task: {3D23D8C9-0CFA-4FA6-A213-1C2FF0E8A300} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\symerr.exe [2012-10-18] (Symantec Corporation)
Task: {4BEA3EE7-26F9-419C-9225-FBFDE19FE80E} - \Desk 365 RunAsStdUser No Task File
Task: {6A733201-6137-4277-98D7-56AAB8FB7F8A} - System32\Tasks\RunAsStdUser Task => C:\Users\Sven\AppData\Local\Oxy\Application\oxy.exe
Task: {6DDED591-752E-4727-A269-15B10C673A7D} - \EPUpdater No Task File
Task: {981BDC70-BA88-47F5-B382-FB217E538D41} - System32\Tasks\GoogleUpdateTaskMachineCore1ce480efe481209 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-02] (Google Inc.)
Task: {AC774A6E-8700-4848-B0FE-1657D3DCAC3A} - \Funmoods No Task File
Task: {AD41A853-7FC9-4500-9A98-2327213C01C1} - System32\Tasks\SLOW-PCfighter64-Tim-Startup => C:\Program Files\Fighters\SLOW-PCfighter\SLOW-PCfighter64.exe [2013-05-13] (SPAMfighter ApS)
Task: {D7499BBA-E42D-4128-8A0E-8C667E1BB486} - System32\Tasks\GoogleUpdateTaskMachineUA1ce7d8cf6a6f313 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-02] (Google Inc.)
Task: {E98D164B-9749-4D8D-88F7-4897594C7E5F} - System32\Tasks\SLOW-PCfighter64-Tim-Notification => C:\Program Files\Fighters\SLOW-PCfighter\Sync.exe [2013-05-13] (SPAMfighter ApS)
Task: {ECB3A5E8-F61B-4C9E-BB83-D0A25B283C73} - System32\Tasks\SK.Enabler-S-1495795506 => c:\programdata\quickset\sk.enabler\SK.Enabler.exe
Task: {F87AF6AD-1E2B-445F-A72D-DB91FB0F505A} - \BackgroundContainer Startup Task No Task File
Task: {F9B6DE36-4B88-43C5-A788-4A9586051508} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\wscstub.exe [2012-10-19] (Symantec Corporation)
Task: {FF65443E-FF1E-48B2-9B8A-56994011AFCB} - \AmiUpdXp No Task File
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce480efe481209.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce7d8cf6a6f313.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SK.Enabler-S-1495795506.job => c:\programdata\quickset\sk.enabler\SK.Enabler.exe
Task: C:\Windows\Tasks\SLOW-PCfighter64-Tim-Notification.job => C:\Program Files\Fighters\SLOW-PCfighter\Sync.exe
Task: C:\Windows\Tasks\SLOW-PCfighter64-Tim-Startup.job => C:\Program Files\Fighters\SLOW-PCfighter\SLOW-PCfighter64.exe
Task: C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: C:\Windows\Tasks\{5DB9E211-1F20-4E8E-90D7-26D9EFE8AE7E}.job => c:\program files (x86)\google\chrome\application\chrome.exe

==================== Loaded Modules (whitelisted) =============

2013-12-09 12:08 - 2013-12-09 12:08 - 00045608 _____ () C:\Program Files (x86)\Overwolf\x64\OWExplorer-20125.dll
2013-12-09 12:08 - 2013-12-09 12:08 - 00039464 _____ () C:\Program Files (x86)\Overwolf\x64\OWLog.dll
2013-12-09 12:08 - 2013-12-09 12:08 - 00721960 _____ () C:\Program Files (x86)\Overwolf\x64\OWExplorerLauncher.dll
2013-12-27 17:50 - 2013-12-27 17:50 - 04098048 _____ () C:\ProgramData\Network Acceleration\NetworkAcceleration.dll
2013-12-29 18:28 - 2013-12-29 18:28 - 04218368 _____ () C:\ProgramData\Filteligent\Filteligent.dll
2013-12-30 11:32 - 2013-12-30 11:32 - 04253184 _____ () C:\ProgramData\Accelesys\Accelesys.dll
2013-12-31 09:32 - 2013-12-31 09:32 - 04112896 _____ () C:\ProgramData\WinFilter\WinFilter.dll
2013-12-31 09:42 - 2013-12-31 09:42 - 04256768 _____ () C:\ProgramData\Accelewin\Accelewin.dll
2013-12-31 19:46 - 2013-12-31 19:46 - 04365312 _____ () C:\ProgramData\WinWeb protection\WinWebprotection.dll
2013-12-31 09:32 - 2013-12-31 09:32 - 00180048 _____ () C:\ProgramData\WinFilter\WinFilterSvc.dll
2013-12-29 18:28 - 2013-12-29 18:28 - 00179024 _____ () C:\ProgramData\Filteligent\FilteligentSvc.dll
2013-12-31 21:45 - 2013-12-31 21:45 - 00177488 _____ () C:\ProgramData\Browser Enhancer\BrowserEnhancerSvc.dll
2013-12-31 21:45 - 2013-12-31 21:45 - 04333568 _____ () C:\ProgramData\Browser Enhancer\BrowserEnhancer.dll
2013-12-30 20:46 - 2013-12-30 20:46 - 00172880 _____ () C:\ProgramData\Browser System Enahncer\BrowserSystemEnahncerSvc.dll
2013-12-30 20:46 - 2013-12-30 20:46 - 04361728 _____ () C:\ProgramData\Browser System Enahncer\BrowserSystemEnahncer.dll
2013-12-31 19:46 - 2013-12-31 19:46 - 00178000 _____ () C:\ProgramData\WinWeb protection\WinWebprotectionSvc.dll
2013-12-30 11:32 - 2013-12-30 11:32 - 00182608 _____ () C:\ProgramData\Accelesys\AccelesysSvc.dll
2013-12-31 09:42 - 2013-12-31 09:42 - 00179536 _____ () C:\ProgramData\Accelewin\AccelewinSvc.dll
2013-12-09 12:08 - 2013-12-09 12:08 - 00079400 _____ () C:\Program Files (x86)\Overwolf\OWExplorer-20125.dll
2013-12-09 12:08 - 2013-12-09 12:08 - 00015288 _____ () C:\Program Files (x86)\Overwolf\ODK.AddIns.V2.HostView.dll
2013-12-09 12:08 - 2013-12-09 12:08 - 00134696 _____ () C:\Program Files (x86)\Overwolf\OWService.dll
2013-12-09 12:08 - 2013-12-09 12:08 - 00970792 _____ () C:\Program Files (x86)\Overwolf\OWServer.dll
2013-12-09 12:08 - 2013-12-09 12:08 - 00038440 _____ () C:\Program Files (x86)\Overwolf\OWLog.dll
2013-12-09 12:08 - 2013-12-09 12:08 - 00025600 _____ () C:\Program Files (x86)\Overwolf\CoreAudioApi.dll
2013-12-09 12:08 - 2013-12-09 12:08 - 00839720 _____ () C:\Program Files (x86)\Overwolf\OWAgent.dll
2012-02-07 03:18 - 2012-02-07 03:18 - 00151656 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
2013-11-09 12:27 - 2013-07-24 09:24 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2012-11-07 11:04 - 2012-05-30 07:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.2.0.19\wincfi39.dll
2013-09-12 18:26 - 2013-09-12 18:26 - 01235304 _____ () C:\Program Files (x86)\Perfect World Entertainment\Arc\CoreUI.dll
2013-09-12 18:26 - 2013-09-12 18:26 - 00174440 _____ () C:\Program Files (x86)\Perfect World Entertainment\Arc\ZUnZip.dll
2013-09-05 19:08 - 2013-09-05 19:08 - 00063848 _____ () C:\Program Files (x86)\Perfect World Entertainment\Arc\CoreLib_PWP.dll
2013-08-28 10:14 - 2013-08-28 10:14 - 00568576 _____ () C:\Program Files (x86)\Perfect World Entertainment\Arc\sqlite3.dll
2013-09-05 19:09 - 2013-09-05 19:09 - 20609896 _____ () C:\Program Files (x86)\Perfect World Entertainment\Arc\libcef.dll
2013-08-28 10:10 - 2013-08-28 10:10 - 01100664 _____ () C:\Program Files (x86)\Perfect World Entertainment\Arc\avcodec-53.dll
2013-08-28 10:10 - 2013-08-28 10:10 - 00123768 _____ () C:\Program Files (x86)\Perfect World Entertainment\Arc\avutil-51.dll
2013-08-28 10:10 - 2013-08-28 10:10 - 00190328 _____ () C:\Program Files (x86)\Perfect World Entertainment\Arc\avformat-53.dll
2013-08-28 10:14 - 2013-08-28 10:14 - 00649064 _____ () C:\Program Files (x86)\Perfect World Entertainment\Arc\libglesv2.dll
2013-08-28 10:13 - 2013-08-28 10:13 - 00129384 _____ () C:\Program Files (x86)\Perfect World Entertainment\Arc\libegl.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Sven\Downloads\message.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/04/2014 02:00:51 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft Silverlight - Update "Microsoft Silverlight 5.1.20913.0" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\Windows\TEMP\SilverlightMSI.log enthalten.

Error: (01/04/2014 02:00:51 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Microsoft Silverlight -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2705. The arguments are: Directory, ,

Error: (01/04/2014 02:00:49 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Microsoft Silverlight -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2753. The arguments are: XAPAuthenticodeSIPDLL, ,

Error: (01/04/2014 10:16:28 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Dwm.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc541
Name des fehlerhaften Moduls: OWExplorer-20125.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x5296f1ee
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000007fef3d245d0
ID des fehlerhaften Prozesses: 0x1340
Startzeit der fehlerhaften Anwendung: 0xDwm.exe0
Pfad der fehlerhaften Anwendung: Dwm.exe1
Pfad des fehlerhaften Moduls: Dwm.exe2
Berichtskennung: Dwm.exe3

Error: (01/04/2014 09:19:39 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/04/2014 09:18:08 AM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (01/03/2014 10:37:36 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Overwolf.exe, Version: 0.47.284.0, Zeitstempel: 0x52a59669
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce753
ID des fehlerhaften Prozesses: 0x8bc
Startzeit der fehlerhaften Anwendung: 0xOverwolf.exe0
Pfad der fehlerhaften Anwendung: Overwolf.exe1
Pfad des fehlerhaften Moduls: Overwolf.exe2
Berichtskennung: Overwolf.exe3

Error: (01/03/2014 09:40:47 AM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft Silverlight - Update "Microsoft Silverlight 5.1.20913.0" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\Windows\TEMP\SilverlightMSI.log enthalten.

Error: (01/03/2014 09:40:47 AM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Microsoft Silverlight -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2705. The arguments are: Directory, ,

Error: (01/03/2014 09:40:44 AM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Microsoft Silverlight -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2753. The arguments are: XAPAuthenticodeSIPDLL, ,


System errors:
=============
Error: (01/04/2014 02:01:09 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft Silverlight (KB2890788)

Error: (01/04/2014 09:18:08 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (01/04/2014 09:17:58 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎03.‎01.‎2014 um 23:11:40 unerwartet heruntergefahren.

Error: (01/03/2014 09:40:53 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft Silverlight (KB2890788)

Error: (01/03/2014 09:35:44 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (01/03/2014 09:35:30 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎02.‎01.‎2014 um 23:19:59 unerwartet heruntergefahren.

Error: (01/02/2014 11:07:11 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (01/02/2014 04:31:13 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (01/02/2014 10:03:48 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft Silverlight (KB2890788)

Error: (01/02/2014 09:58:09 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 47%
Total physical RAM: 3540.71 MB
Available physical RAM: 1845.18 MB
Total Pagefile: 7079.59 MB
Available Pagefile: 5261.84 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:456.45 GB) (Free:282.34 GB) NTFS
Drive d: (DATA) (Fixed) (Total:456.96 GB) (Free:456.78 GB) NTFS
Drive h: (USB DISK) (Removable) (Total:7.2 GB) (Free:0.74 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 6CE78890)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=456 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=457 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 7 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=7 GB) - (Type=0C)

==================== End Of Log ============================
--- --- ---
Alt 04.01.2014, 19:16   #5
aharonov
/// TB-Ausbilder
 
SafeSaver lässt sich nicht entfernen - Standard

SafeSaver lässt sich nicht entfernen


ok.


Schritt 1
  • Gehe zu Start --> Systemsteuerung und öffne Programme und Funktionen.
  • Suche und deinstalliere dort der Reihe nach folgende Einträge:
    Happy Lyrics
    Iminent
    Search-Results Toolbar
    VIS
    WPM17.8.0.3159
  • Schliesse das Fenster wieder und führe einen Neustart durch, wenn das gefordert wurde.



Schritt 2

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



Schritt 3

Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.



Bitte poste in deiner nächsten Antwort:
  • Log von AdwCleaner
  • Log von FRST

__________________
cheers,
Leo

Alt 04.01.2014, 19:26   #6
Terrenay
 
SafeSaver lässt sich nicht entfernen - Standard

SafeSaver lässt sich nicht entfernen


Also...
Bei Happy Lyrics kam ein Fenster, in dem stand: "Bei der Deinstallation von Happy Lyrics ist ein Fehler aufgetreten. Möglicherweise wurde das Programm bereits deinstalliert. Möchsten Sie es aus der Liste der installierten Programme entfernen?" Dann hab ich mal auf Ja geklickt, weil es anscheinend ja eh schon weg ist.
"Iment" wurde in der Liste nicht angezeigt
Bei "Search Result" stand das gleiche wie bei Happy Lyrics.
"VIS" ebenso
Und bei "WPM17.8.0.3159" trat der selbe Fehler auf.

Ich hoffe, es war nicht falsch, dass ich die Programme aus der Liste entfernt habe

AdwCleaner Log:
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.016 - Bericht erstellt am 04/01/2014 um 19:28:04
# Aktualisiert 23/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Sven - MirjamZanetti
# Gestartet von : C:\Users\Sven\Desktop\adwcleaner_3.016.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v22.0 (de)

[ Datei : C:\Users\Mirjam Zanetti\AppData\Roaming\Mozilla\Firefox\Profiles\zbvehzph.default\prefs.js ]


[ Datei : C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\ngipf8qa.default\prefs.js ]


[ Datei : C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\d90ilwv0.default\prefs.js ]


-\\ Google Chrome v31.0.1650.63

[ Datei : C:\Users\Mirjam Zanetti\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Datei : C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Datei : C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [95665 octets] - [22/12/2013 09:49:15]
AdwCleaner[R1].txt - [6070 octets] - [01/01/2014 12:41:40]
AdwCleaner[R2].txt - [1573 octets] - [01/01/2014 12:53:29]
AdwCleaner[R3].txt - [1915 octets] - [02/01/2014 23:03:42]
AdwCleaner[R4].txt - [1751 octets] - [04/01/2014 19:26:33]
AdwCleaner[S0].txt - [87750 octets] - [22/12/2013 09:55:40]
AdwCleaner[S1].txt - [6037 octets] - [01/01/2014 12:43:11]
AdwCleaner[S2].txt - [1976 octets] - [02/01/2014 23:05:05]
AdwCleaner[S3].txt - [1672 octets] - [04/01/2014 19:28:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1732 octets] ##########
--- --- ---

FRST Log:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2014
Ran by Sven (administrator) on MirjamZanetti on 04-01-2014 19:32:01
Running from C:\Users\Sven\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.EXE
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
() C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccsvchst.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccsvchst.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Overwolf) C:\Program Files (x86)\Overwolf\Overwolf.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Zemi Interactive Inc.) C:\Program Files (x86)\Gameforge4D\4Story_DE\PrePatch.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(SPAMfighter ApS) C:\Program Files (x86)\Fighters\Tray\FightersTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Perfect World Entertainment Inc) C:\Program Files (x86)\Perfect World Entertainment\Arc\Arc.exe
(Overwolf) C:\Program Files (x86)\Common Files\Overwolf\OverwolfHelper64.exe
(Perfect World Entertainment Inc) C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcBrowser.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-06-21] (Egis Technology Inc.)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [630912 2012-01-27] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Hotkey Utility] - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [636520 2012-02-07] ()
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [4StoryPrePatch] - C:\Program Files (x86)\Gameforge4D\4Story_DE\PrePatch.exe [327680 2013-02-19] (Zemi Interactive Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [408432 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202608 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] - C:\Program Files (x86)\BlueStacks\HD-Agent.exe [601928 2013-08-07] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [Arc] - C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcLauncher.exe [129384 2013-09-05] (Perfect World Entertainment)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] - C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare)
HKLM-x32\...\Run: [CommonToolkitTray] - C:\Program Files (x86)\Fighters\Tray\FightersTray.exe [1425952 2013-03-12] (SPAMfighter ApS)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3806544 2013-11-29] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20588704 2013-11-15] (Skype Technologies S.A.)
HKCU\...\Run: [Overwolf] - C:\Program Files (x86)\Overwolf\Overwolf.exe [35768 2013-12-09] (Overwolf)
HKCU\...\Policies\system: [DisableClock] 0
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKCU\...\Policies\Explorer: [NoFind] 0
HKCU\...\Policies\Explorer: [NoNetworkConnections] 0
HKCU\...\Policies\Explorer: [NoChangeStartMenu] 0
HKCU\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Policies\Explorer: [NoCommonGroups] 0
HKCU\...\Policies\Explorer: [NoSaveSettings] 0
HKCU\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
HKU\Mirjam Zanetti\...\Run: [Online Weather] - C:\Users\Mirjam Zanetti\AppData\Local\WebPlayer\Online Weather\WebPlayer.exe
HKU\Mirjam Zanetti\...\Run: [msnmsgr] - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4283256 2011-05-14] (Microsoft Corporation)
HKU\Mirjam Zanetti\...\Run: [SearchProtect] - C:\Users\Mirjam Zanetti\AppData\Roaming\SearchProtect\bin\cltmng.exe
HKU\Mirjam Zanetti\...\Policies\system: [DisableClock] 0
HKU\Mirjam Zanetti\...\Policies\system: [LogonHoursAction] 2
HKU\Mirjam Zanetti\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Tim\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20588704 2013-11-15] (Skype Technologies S.A.)
HKU\Tim\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
HKU\Tim\...\Run: [SearchProtect] - C:\Users\Tim\AppData\Roaming\SearchProtect\bin\cltmng.exe
HKU\Tim\...\Run: [BackgroundContainer] - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Tim\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION
HKU\Tim\...\Run: [Pokki] - C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
HKU\Tim\...\Run: [NextLive] - C:\Windows\SysWOW64\rundll32.exe "C:\Users\Tim\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\Tim\...\RunOnce: [Application Restart #1] - C:\Users\Tim\AppData\Local\Pokki\Engine\pokki.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Tim\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session
HKU\Tim\...\Policies\system: [DisableClock] 0
HKU\Tim\...\Policies\system: [LogonHoursAction] 2
HKU\Tim\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
AppInit_DLLs: C:\ProgramData\WinWeb protection\WinWebprotection_x64.dll [4717568 2013-12-31] ()
AppInit_DLLs-x32: c:\progra~3\networ~1\networ~1.dll c:\progra~3\filtel~1\filtel~1.dll c:\progra~3\accele~1\accele~1.dll   c:\progra~3\winfil~1\winfil~1.dll c:\progra~3\accele~2\accele~1.dll c:\progra~3\winweb~1\winweb~1.dll [4365312 2013-12-31] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.ch/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Fun2Saavee - {253C794B-8CCF-8F1F-FE17-FDC663583CF8} - C:\ProgramData\Fun2Saavee\fq_MxW4Tb.x64.dll No File
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coieplg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ips\ipsbho.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coieplg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\ngipf8qa.default
FF NetworkProxy: "type", 
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.10.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @eximion.com/KalydoPlayer - C:\Users\Sven\AppData\Roaming\Kalydo\KalydoPlayer\bin2\npkalydo.dll (Eximion B.V.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\ngipf8qa.default\Extensions\staged
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\IPSFF
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [12x3q4@3244516.com] - C:\Program Files (x86)\Better-Surf\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha629.net] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha629\ff

Chrome: 
=======
CHR HomePage: hxxp://google.ch/
CHR RestoreOnStartup: "hxxp://www.google.ch/"
CHR Extension: (Google Wallet) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR HKLM-x32\...\Chrome\Extension: [cfigonhgidedenkkhlilmefgodjpefna] - C:\Users\Tim\AppData\Local\CRE\cfigonhgidedenkkhlilmefgodjpefna.crx
CHR HKLM-x32\...\Chrome\Extension: [dbpebffoameokfhnaaedmefjncfboino] - C:\Program Files (x86)\SecretSauce\dbpebffoameokfhnaaedmefjncfboino.crx
CHR HKLM-x32\...\Chrome\Extension: [ealchnonpofjocgofjpopjdoegbbkofj] - C:\Program Files (x86)\HappyLyrics\Chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [fjadoaialeaepfndfhpoeeacjhfipfnn] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha629\ch\WebexpEnhancedV1alpha629.crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\Exts\Chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 03e661da; C:\Windows\system32\rundll32.exe [45568 2009-07-14] (Microsoft Corporation)
R2 03e661da; C:\Windows\SysWow64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation)
R2 3f0ddfac; C:\Windows\system32\rundll32.exe [45568 2009-07-14] (Microsoft Corporation)
R2 3f0ddfac; C:\Windows\SysWow64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation)
R2 5717af3d; C:\Windows\system32\rundll32.exe [45568 2009-07-14] (Microsoft Corporation)
R2 5717af3d; C:\Windows\SysWow64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation)
R2 671c50b0; C:\Windows\system32\rundll32.exe [45568 2009-07-14] (Microsoft Corporation)
R2 671c50b0; C:\Windows\SysWow64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation)
R2 89f7ebe4; C:\Windows\system32\rundll32.exe [45568 2009-07-14] (Microsoft Corporation)
R2 89f7ebe4; C:\Windows\SysWow64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation)
R2 8b68ee33; C:\Windows\system32\rundll32.exe [45568 2009-07-14] (Microsoft Corporation)
R2 8b68ee33; C:\Windows\SysWow64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation)
R2 a5a53867; C:\Windows\system32\rundll32.exe [45568 2009-07-14] (Microsoft Corporation)
R2 a5a53867; C:\Windows\SysWow64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation)
S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88424 2013-09-05] (Perfect World Entertainment Inc)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-08-07] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-08-07] (BlueStack Systems, Inc.)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [1868432 2012-12-24] ()
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [240736 2013-10-07] (WildTangent)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSvcHst.exe [143928 2012-10-10] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [5206008 2013-08-25] (INCA Internet Co., Ltd.)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [96184 2013-12-09] (Overwolf)

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20131101.003\BHDrvx64.sys [1524824 2013-10-23] (Symantec Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-08-07] (BlueStack Systems)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1402000.013\ccSetx64.sys [168096 2012-10-03] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-08-31] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [140376 2013-08-31] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20131106.001\IDSvia64.sys [521816 2013-10-28] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20131107.003\ENG64.SYS [126040 2013-11-06] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20131107.003\EX64.SYS [2099288 2013-11-06] (Symantec Corporation)
S3 SRTSP; C:\Windows\system32\drivers\NISx64\1402000.013\SRTSP64.SYS [776864 2012-10-08] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1402000.013\SRTSPX64.SYS [37496 2012-05-24] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1402000.013\SYMDS64.SYS [493216 2012-10-03] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1402000.013\SYMEFA64.SYS [1133216 2012-10-03] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2012-11-07] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1402000.013\Ironx64.SYS [224416 2012-07-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NISx64\1402000.013\SYMNETS.SYS [432800 2012-07-22] (Symantec Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-10-16] (Anchorfree Inc.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-04 18:08 - 2014-01-04 18:20 - 00000000 ____D C:\Users\Sven\AppData\Local\Temporary Projects
2014-01-04 17:53 - 2014-01-04 17:54 - 00042038 _____ C:\Users\Sven\Desktop\Addition.txt
2014-01-04 17:50 - 2014-01-04 19:32 - 00020966 _____ C:\Users\Sven\Desktop\FRST.txt
2014-01-04 17:49 - 2014-01-04 17:49 - 01931368 _____ (Farbar) C:\Users\Sven\Downloads\FRST64 (1).exe
2014-01-04 17:49 - 2014-01-04 17:49 - 00000000 ____D C:\FRST
2014-01-04 17:48 - 2014-01-04 17:48 - 01931368 _____ (Farbar) C:\Users\Sven\Desktop\FRST64.exe
2014-01-02 20:40 - 2014-01-02 20:40 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-02 20:40 - 2014-01-02 20:40 - 00000000 _____ C:\autoexec.bat
2014-01-02 20:37 - 2014-01-02 22:33 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-02 20:25 - 2014-01-02 20:25 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Sven\Downloads\SpyHunter-Installer.exe
2014-01-02 13:48 - 2014-01-02 13:48 - 00001272 _____ C:\Users\Sven\Desktop\Revo Uninstaller.lnk
2014-01-02 13:48 - 2014-01-02 13:48 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2014-01-02 13:46 - 2014-01-02 13:47 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Sven\Downloads\revosetup95.exe
2014-01-02 09:51 - 2014-01-02 09:51 - 08110300 _____ (Gameforge4D                                                 ) C:\Users\Sven\Downloads\Nicht bestätigt 897926.crdownload
2014-01-01 15:21 - 2014-01-01 15:21 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2014-01-01 15:21 - 2014-01-01 15:21 - 00000000 ____D C:\Program Files (x86)\Overwolf
2014-01-01 15:14 - 2014-01-04 19:30 - 00000000 ____D C:\Users\Sven\AppData\Local\Overwolf
2014-01-01 15:14 - 2014-01-01 16:26 - 00000000 ____D C:\Users\Sven\AppData\Roaming\TS3Client
2014-01-01 15:14 - 2014-01-01 15:14 - 00001174 _____ C:\Users\Sven\Desktop\TeamSpeak 3 Client.lnk
2014-01-01 15:14 - 2014-01-01 15:14 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-01-01 15:14 - 2014-01-01 15:14 - 00000000 ____D C:\Users\Sven\AppData\Local\TeamSpeak 3 Client
2014-01-01 15:09 - 2014-01-01 15:13 - 30095736 _____ (TeamSpeak Systems GmbH) C:\Users\Sven\Downloads\TeamSpeak3-Client-win32-3.0.13.1.exe
2014-01-01 13:03 - 2014-01-01 13:03 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-01 13:03 - 2014-01-01 13:03 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Malwarebytes
2014-01-01 13:03 - 2014-01-01 13:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-01 13:03 - 2014-01-01 13:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-01 13:03 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-01 13:02 - 2014-01-01 13:03 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Sven\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-01 12:51 - 2014-01-01 12:51 - 00000000 ____D C:\Program Files (x86)\Fun2SaVE
2014-01-01 12:41 - 2014-01-01 12:41 - 01233962 _____ C:\Users\Sven\Desktop\adwcleaner_3.016.exe
2014-01-01 12:38 - 2014-01-01 12:38 - 00000000 ____D C:\Program Files (x86)\SavieLots
2014-01-01 09:52 - 2014-01-01 13:22 - 00000000 ____D C:\ProgramData\Fun2SaVE
2014-01-01 09:52 - 2014-01-01 09:52 - 00000000 ____D C:\ProgramData\ealmdgomdcbnoklgoolhfockpbedkceb
2014-01-01 09:51 - 2014-01-01 13:22 - 00000000 ____D C:\ProgramData\SHopDrroope
2014-01-01 09:51 - 2014-01-01 13:22 - 00000000 ____D C:\ProgramData\CheapMe
2014-01-01 09:51 - 2014-01-01 12:45 - 00000000 ____D C:\ProgramData\SavieLots
2013-12-31 22:43 - 2013-12-31 22:43 - 314662811 _____ C:\Users\Tim\Downloads\Nicht bestätigt 935521.crdownload
2013-12-31 21:45 - 2013-12-31 21:45 - 00000000 ____D C:\ProgramData\Browser Enhancer
2013-12-31 19:46 - 2013-12-31 19:46 - 00000000 ____D C:\ProgramData\WinWeb protection
2013-12-31 19:27 - 2013-12-31 19:27 - 00001172 _____ C:\Users\Public\Desktop\Camtasia Studio 8.lnk
2013-12-31 19:27 - 2013-12-31 19:27 - 00000000 ____D C:\ProgramData\regid.1995-08.com.techsmith
2013-12-31 19:27 - 2013-12-31 19:27 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-12-31 19:26 - 2013-12-31 19:26 - 00000000 ____D C:\Program Files (x86)\TechSmith
2013-12-31 18:57 - 2014-01-01 09:51 - 00000000 ____D C:\Users\Tim\AppData\Local\genienext
2013-12-31 18:57 - 2013-12-31 18:57 - 00000000 ____D C:\Users\Tim\.android
2013-12-31 18:30 - 2013-12-31 19:17 - 255479656 _____ C:\Users\Tim\Downloads\camtasia.exe
2013-12-31 09:42 - 2013-12-31 09:42 - 00000000 ____D C:\ProgramData\Accelewin
2013-12-31 09:33 - 2014-01-01 13:22 - 00000000 ____D C:\ProgramData\Fun2Saavee
2013-12-31 09:33 - 2013-12-31 09:33 - 00000000 ____D C:\ProgramData\plbllagpcgldahopijhmmddnhpjgjkgb
2013-12-31 09:32 - 2013-12-31 09:39 - 00000000 ____D C:\ProgramData\WinFilter
2013-12-30 22:42 - 2013-12-30 22:43 - 00001338 _____ C:\Users\Tim\Desktop\Abmelden.lnk
2013-12-30 21:32 - 2013-12-30 21:32 - 00001242 _____ C:\Users\Tim\Desktop\Paint.lnk
2013-12-30 20:46 - 2013-12-30 20:46 - 00000000 ____D C:\ProgramData\Browser System Enahncer
2013-12-30 17:58 - 2014-01-02 21:37 - 00002323 _____ C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2013-12-30 17:58 - 2013-12-30 17:58 - 00002128 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2013-12-30 17:58 - 2013-12-30 17:58 - 00002128 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2013-12-30 17:58 - 2013-12-30 17:58 - 00000000 ___RD C:\Users\Tim\SkyDrive
2013-12-30 17:58 - 2013-12-30 17:58 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive
2013-12-30 17:58 - 2013-12-30 17:58 - 00000000 ____D C:\Program Files (x86)\Microsoft SkyDrive
2013-12-30 17:54 - 2013-12-30 17:54 - 01245168 _____ (Microsoft Corporation) C:\Users\Tim\Downloads\wlsetup-web.exe
2013-12-30 17:54 - 2013-12-30 17:54 - 00000000 ____D C:\Users\Tim\AppData\Local\Windows Live
2013-12-30 17:53 - 2013-12-30 20:51 - 00000000 ____D C:\Users\Tim\Documents\Wondershare Video Editor
2013-12-30 11:32 - 2013-12-30 11:32 - 00000000 ____D C:\ProgramData\Accelesys
2013-12-29 18:28 - 2013-12-29 18:28 - 00000000 ____D C:\ProgramData\Filteligent
2013-12-29 17:22 - 2014-01-02 20:05 - 00000000 ____D C:\Users\Tim\Documents\Fraps
2013-12-27 17:50 - 2013-12-29 15:08 - 00000000 ____D C:\ProgramData\Network Acceleration
2013-12-23 20:30 - 2013-12-23 20:31 - 00429112 _____ C:\Users\Sven\Downloads\pizzaspleef.zip
2013-12-23 17:35 - 2013-12-23 17:35 - 04324265 _____ C:\Users\Tim\Downloads\Timber.zip
2013-12-22 14:13 - 2013-12-22 14:13 - 01536625 _____ C:\Users\Sven\Downloads\LPG'sRedstoneComputer2.7.zip
2013-12-22 10:09 - 2013-12-22 10:09 - 00007658 _____ C:\Users\Sven\Downloads\Prop16BitSQRTExtschematic.zip
2013-12-22 09:49 - 2014-01-04 19:28 - 00000000 ____D C:\AdwCleaner
2013-12-22 09:49 - 2013-12-22 09:49 - 00000000 ____D C:\Users\Sven\AppData\Local\Packages
2013-12-21 10:57 - 2013-12-21 10:57 - 00000928 _____ C:\Users\Sven\Desktop\Movie2KDownloader.lnk
2013-12-21 10:56 - 2013-12-21 10:56 - 00317712 _____ C:\Users\Sven\Downloads\Eragon_-_Das_Vermächtnis_der_Drachenreiter.exe
2013-12-21 10:39 - 2013-12-21 10:40 - 00000000 ____D C:\ProgramData\Oracle
2013-12-21 10:38 - 2013-12-21 10:38 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-12-21 10:38 - 2013-12-21 10:38 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-12-21 10:38 - 2013-12-21 10:38 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-12-21 10:38 - 2013-12-21 10:38 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-12-21 10:38 - 2013-12-21 10:38 - 00000000 ____D C:\Program Files (x86)\Java
2013-12-21 10:29 - 2013-12-21 10:29 - 00915368 _____ (Oracle Corporation) C:\Users\Sven\Downloads\chromeinstall-7u45.exe
2013-12-20 12:16 - 2013-12-31 10:53 - 00000000 ____D C:\Users\Sven\Desktop\Screenshots
2013-12-19 20:22 - 2012-08-23 15:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-12-19 20:22 - 2012-08-23 15:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-12-19 20:22 - 2012-08-23 15:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2013-12-19 20:22 - 2012-08-23 15:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-12-19 20:22 - 2012-08-23 14:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-12-19 20:22 - 2012-08-23 14:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-12-19 20:22 - 2012-08-23 14:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-12-19 20:22 - 2012-08-23 14:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-12-19 20:22 - 2012-08-23 14:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-12-19 20:22 - 2012-08-23 14:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-12-19 20:22 - 2012-08-23 14:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-12-19 20:22 - 2012-08-23 14:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-12-19 20:22 - 2012-08-23 14:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-12-19 20:22 - 2012-08-23 13:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-12-19 20:22 - 2012-08-23 12:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-12-19 20:22 - 2012-08-23 12:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-12-19 20:22 - 2012-08-23 12:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-12-19 20:22 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2013-12-19 20:22 - 2012-08-23 11:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-12-19 20:22 - 2012-08-23 11:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2013-12-19 20:22 - 2012-08-23 11:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-12-19 20:22 - 2012-08-23 11:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-12-19 20:22 - 2012-08-23 10:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-12-19 20:22 - 2012-08-23 09:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-12-19 20:22 - 2012-08-23 09:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-12-19 20:20 - 2012-05-04 12:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2013-12-19 20:20 - 2012-05-04 10:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2013-12-19 20:04 - 2013-12-20 12:14 - 00000000 ____D C:\Windows\system32\MRT
2013-12-19 16:47 - 2013-12-19 16:47 - 00000000 ____D C:\Users\Mirjam Zanetti\AppData\Local\{6AF54B64-306C-463E-8EDF-4B7EF3D5B122}
2013-12-18 18:49 - 2013-12-18 19:13 - 68259380 _____ (Gameforge4D                                                 ) C:\Users\Tim\Downloads\4Story_DE_4.2.1.exe
2013-12-18 17:14 - 2013-12-18 17:18 - 20861012 _____ C:\Users\Tim\Downloads\world.rar
2013-12-17 19:28 - 2013-12-17 19:28 - 00001210 _____ C:\Users\Public\Desktop\Wondershare Video Editor.lnk
2013-12-16 21:57 - 2013-12-16 21:58 - 00007602 _____ C:\Users\Mirjam Zanetti\AppData\Local\Resmon.ResmonCfg
2013-12-16 21:34 - 2013-12-16 21:34 - 00000000 ____D C:\Users\Mirjam Zanetti\AppData\Local\{2CCAE2D2-DC82-40FF-92F3-E53D3BCEDE46}
2013-12-16 19:04 - 2013-12-16 19:07 - 18632916 _____ C:\Users\Tim\Downloads\DrZharks MoCreatures Mod v6.0.1 (1).zip
2013-12-16 19:04 - 2013-12-16 19:04 - 00007605 _____ C:\Users\Tim\AppData\Local\Resmon.ResmonCfg
2013-12-16 12:32 - 2013-12-16 12:35 - 18611238 _____ C:\Users\Tim\Downloads\DrZharks MoCreatures Mod v5.2.5.zip
2013-12-16 12:29 - 2014-01-04 19:29 - 00000440 ____H C:\Windows\Tasks\SK.Enabler-S-1495795506.job
2013-12-16 12:29 - 2014-01-02 16:28 - 00000000 ____D C:\Program Files (x86)\SK Supporter
2013-12-16 12:29 - 2013-12-16 12:29 - 00002686 _____ C:\Windows\System32\Tasks\SK.Enabler-S-1495795506
2013-12-16 12:27 - 2013-12-16 12:29 - 00000000 ____D C:\ProgramData\InstallMate
2013-12-15 19:52 - 2013-12-15 19:53 - 03053697 _____ C:\Users\Sven\Downloads\2.wmv
2013-12-15 18:56 - 2013-12-15 18:56 - 04253137 _____ C:\Users\Tim\Downloads\Ancient Egyptian Palace v2.1.zip
2013-12-15 18:38 - 2013-12-15 18:38 - 00000000 ____D C:\Users\Tim\AppData\Roaming\ATI
2013-12-15 18:38 - 2013-12-15 18:38 - 00000000 ____D C:\Users\Tim\AppData\Local\ATI
2013-12-15 18:38 - 2013-12-15 18:38 - 00000000 ____D C:\ProgramData\ATI
2013-12-15 18:04 - 2013-12-15 18:04 - 01116281 _____ C:\Users\Tim\Downloads\SPC-1.6.4 (1).jar
2013-12-15 18:02 - 2013-12-15 18:02 - 01116281 _____ C:\Users\Tim\Downloads\SPC-1.6.4.jar
2013-12-14 16:35 - 2013-12-29 19:52 - 00007597 _____ C:\Users\Sven\AppData\Local\Resmon.ResmonCfg
2013-12-14 16:24 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2013-12-14 16:24 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2013-12-14 16:24 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2013-12-14 16:23 - 2013-12-14 16:23 - 00001613 _____ C:\Users\Public\Desktop\Play League of Legends.lnk
2013-12-14 16:23 - 2013-12-14 16:23 - 00000000 ____D C:\Riot Games
2013-12-14 16:20 - 2013-12-14 16:24 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Riot Games
2013-12-14 16:14 - 2013-12-14 16:20 - 34888568 _____ (Riot Games) C:\Users\Sven\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2013-12-14 12:38 - 2013-12-14 12:39 - 05511142 _____ C:\Users\Sven\Downloads\32x v6.1 (1.7.2) RuneScape Pack.zip
2013-12-14 07:51 - 2013-12-17 12:20 - 00002204 _____ C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pixsta.lnk
2013-12-13 18:56 - 2013-12-13 18:56 - 00001022 _____ C:\Users\Sven\Downloads\multiplizierer.schematic
2013-12-13 09:32 - 2013-12-13 21:33 - 00000000 ____D C:\Users\Mirjam Zanetti\AppData\Local\{8F431B6C-2062-46B8-B6B1-8309D3A1FDD8}
2013-12-12 19:17 - 2013-12-12 19:17 - 00088799 _____ C:\Users\Sven\Downloads\Nicht bestätigt 116101.crdownload
2013-12-12 17:14 - 2013-12-12 17:14 - 00000000 ____D C:\Users\Mirjam Zanetti\AppData\Local\{0BECB8D7-AAF7-437F-A7B0-8D241ED39115}
2013-12-12 12:43 - 2013-12-12 12:43 - 00830980 _____ C:\Users\Tim\Downloads\shaderpacks.rar
2013-12-12 12:35 - 2013-12-12 12:36 - 00171802 _____ C:\Users\Tim\Downloads\ShadersModCore-mc1.6.2-f789-v2.0.0-pre1.jar
2013-12-12 03:05 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-12 03:05 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-12 03:05 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-12 03:05 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-12 03:03 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 03:03 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 03:03 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 03:03 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-12 03:03 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 03:03 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 03:03 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 03:03 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 03:03 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 03:03 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-12 03:03 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 03:03 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 03:03 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 03:03 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 03:03 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 03:03 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-12 03:03 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-12 03:03 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 03:03 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-12 03:03 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-12 03:03 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-12 03:03 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 03:03 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 03:03 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-12 03:03 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-12 03:03 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 03:03 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 03:03 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 03:03 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-12 03:03 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-12 03:03 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 19:35 - 2013-12-11 19:35 - 00643268 _____ C:\Users\Sven\Downloads\7-Bit-Rechner (Binär) (1).zip
2013-12-11 17:59 - 2013-12-11 18:05 - 01673263 _____ C:\Users\Tim\Downloads\GuiAPI-0.15.7-1.6.2.jar
2013-12-11 17:57 - 2013-12-11 17:57 - 00017595 _____ C:\Users\Tim\Downloads\CustomMobSpawner 2.3.1.zip
2013-12-11 17:55 - 2013-12-11 17:59 - 18632916 _____ C:\Users\Tim\Downloads\DrZharks MoCreatures Mod v6.0.1.zip
2013-12-11 17:37 - 2013-12-11 17:38 - 02243170 _____ C:\Users\Tim\Downloads\Animal Bikes 1.6.4 (2).zip
2013-12-11 17:31 - 2013-12-11 17:31 - 02243170 _____ C:\Users\Tim\Downloads\Animal Bikes 1.6.4 (1).zip
2013-12-11 17:27 - 2013-12-11 17:28 - 02243170 _____ C:\Users\Tim\Downloads\Animal Bikes 1.6.4.zip
2013-12-11 17:16 - 2013-12-11 17:16 - 00421267 _____ C:\Users\Tim\Downloads\OptiFine 1.6.4.jar
2013-12-11 15:20 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-11 15:20 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 15:20 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 15:20 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 15:20 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 15:20 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 15:20 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 15:18 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 15:18 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-11 15:18 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 15:18 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 15:18 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 15:18 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 15:18 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 15:18 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 15:18 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 15:18 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 15:18 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 15:18 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-11 12:43 - 2013-12-11 12:44 - 00675988 _____ C:\Users\Tim\Downloads\Minecraft (1).exe
2013-12-11 12:35 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-12-11 12:20 - 2013-12-11 12:20 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-11 12:20 - 2013-12-11 12:20 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-11 12:20 - 2013-12-11 12:20 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-11 12:20 - 2013-12-11 12:20 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-11 12:20 - 2013-12-11 12:20 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-11 12:20 - 2013-12-11 12:20 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-11 12:20 - 2013-12-11 12:20 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-11 12:17 - 2013-12-11 12:35 - 00014978 _____ C:\Windows\IE11_main.log
2013-12-10 19:25 - 2013-12-10 19:26 - 01032430 _____ C:\Users\Sven\Downloads\BESV4.zip
2013-12-10 17:35 - 2005-09-23 12:52 - 01007853 _____ (Macromedia, Inc.) C:\Users\Tim\Desktop\logisch5.exe
2013-12-08 19:10 - 2013-12-08 19:10 - 00451656 _____ C:\Users\Sven\Downloads\TASCHENRECHNER-.zip
2013-12-07 10:05 - 2013-12-07 10:05 - 00009647 _____ C:\Users\Sven\Downloads\setblockstructure.py
2013-12-07 10:05 - 2013-12-07 10:05 - 00009647 _____ C:\Users\Sven\Downloads\setblockstructure (1).py
2013-12-07 09:12 - 2013-12-07 09:12 - 00000676 _____ C:\Users\Sven\Downloads\display_pancave.schematic
2013-12-07 07:48 - 2013-12-07 07:48 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-12-06 21:34 - 2013-12-06 21:34 - 00006561 _____ C:\Users\Sven\Downloads\Binary to bcd decoder.zip
2013-12-06 21:04 - 2013-12-06 21:05 - 00662990 _____ C:\Users\Sven\Downloads\8 bit and 16 bit decoders.rar
2013-12-06 13:11 - 2013-12-27 20:14 - 00000404 _____ C:\Users\Mirjam Zanetti\daemonprocess.txt
2013-12-05 20:03 - 2013-12-30 19:04 - 00004024 _____ C:\Users\Sven\daemonprocess.txt
2013-12-05 17:54 - 2013-12-20 12:13 - 00002060 _____ C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2013-12-05 17:47 - 2013-12-07 07:47 - 00580753 _____ C:\Users\Tim\Desktop\SkinEdit_alpha3_pre7_fix.zip
2013-12-05 17:46 - 2014-01-01 12:34 - 00001759 _____ C:\Users\Tim\daemonprocess.txt
2013-12-05 17:46 - 2013-12-31 22:33 - 00000000 ____D C:\Users\Tim\AppData\Local\cache
2013-12-05 17:46 - 2013-12-05 17:46 - 00222615 _____ C:\Users\Tim\Downloads\Nicht bestätigt 661495.crdownload
2013-12-05 17:43 - 2013-12-05 17:43 - 00000000 ____D C:\Users\Tim\AppData\Roaming\Minecraft Skin Viewer

==================== One Month Modified Files and Folders =======

2014-01-04 19:33 - 2014-01-04 17:50 - 00020966 _____ C:\Users\Sven\Desktop\FRST.txt
2014-01-04 19:32 - 2012-06-29 11:21 - 01898845 _____ C:\Windows\WindowsUpdate.log
2014-01-04 19:31 - 2013-01-09 14:28 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Skype
2014-01-04 19:30 - 2014-01-01 15:14 - 00000000 ____D C:\Users\Sven\AppData\Local\Overwolf
2014-01-04 19:30 - 2013-03-03 19:30 - 00000000 ____D C:\Users\Sven\AppData\Local\LogMeIn Hamachi
2014-01-04 19:29 - 2013-12-16 12:29 - 00000440 ____H C:\Windows\Tasks\SK.Enabler-S-1495795506.job
2014-01-04 19:29 - 2013-12-02 19:57 - 00000380 _____ C:\Windows\Tasks\SLOW-PCfighter64-Tim-Notification.job
2014-01-04 19:29 - 2013-12-02 19:57 - 00000378 _____ C:\Windows\Tasks\SLOW-PCfighter64-Tim-Startup.job
2014-01-04 19:29 - 2013-05-03 16:00 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce480efe481209.job
2014-01-04 19:29 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-04 19:29 - 2009-07-14 05:51 - 00080924 _____ C:\Windows\setupact.log
2014-01-04 19:28 - 2013-12-22 09:49 - 00000000 ____D C:\AdwCleaner
2014-01-04 19:16 - 2014-01-04 18:08 - 00000000 ____D C:\Users\Sven\AppData\Local\Temporary Projects
2014-01-04 19:04 - 2013-07-10 17:46 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce7d8cf6a6f313.job
2014-01-04 17:54 - 2014-01-04 17:53 - 00042038 _____ C:\Users\Sven\Desktop\Addition.txt
2014-01-04 17:54 - 2012-12-21 12:42 - 00000000 ____D C:\Users\Sven\AppData\Local\CrashDumps
2014-01-04 17:49 - 2014-01-04 17:49 - 01931368 _____ (Farbar) C:\Users\Sven\Downloads\FRST64 (1).exe
2014-01-04 17:49 - 2014-01-04 17:49 - 00000000 ____D C:\FRST
2014-01-04 17:48 - 2014-01-04 17:48 - 01931368 _____ (Farbar) C:\Users\Sven\Desktop\FRST64.exe
2014-01-04 09:25 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-04 09:25 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-04 09:22 - 2013-02-28 22:35 - 00000000 ____D C:\Users\Mirjam Zanetti\AppData\Local\LogMeIn Hamachi
2014-01-04 09:22 - 2012-06-24 19:13 - 00742794 _____ C:\Windows\system32\perfh010.dat
2014-01-04 09:22 - 2012-06-24 19:13 - 00152352 _____ C:\Windows\system32\perfc010.dat
2014-01-04 09:22 - 2012-06-24 19:06 - 00748104 _____ C:\Windows\system32\perfh00C.dat
2014-01-04 09:22 - 2012-06-24 19:06 - 00154994 _____ C:\Windows\system32\perfc00C.dat
2014-01-04 09:22 - 2012-06-24 18:58 - 00710502 _____ C:\Windows\system32\perfh007.dat
2014-01-04 09:22 - 2012-06-24 18:58 - 00154832 _____ C:\Windows\system32\perfc007.dat
2014-01-04 09:22 - 2009-07-14 06:13 - 03450390 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-03 21:48 - 2012-12-29 17:45 - 00000000 ____D C:\Users\Tim\AppData\Roaming\Skype
2014-01-03 21:32 - 2013-03-01 11:41 - 00000000 ____D C:\Users\Tim\AppData\Local\LogMeIn Hamachi
2014-01-02 22:33 - 2014-01-02 20:37 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-02 21:37 - 2013-12-30 17:58 - 00002323 _____ C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-01-02 20:40 - 2014-01-02 20:40 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-02 20:40 - 2014-01-02 20:40 - 00000000 _____ C:\autoexec.bat
2014-01-02 20:25 - 2014-01-02 20:25 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Sven\Downloads\SpyHunter-Installer.exe
2014-01-02 20:05 - 2013-12-29 17:22 - 00000000 ____D C:\Users\Tim\Documents\Fraps
2014-01-02 19:13 - 2013-08-27 11:11 - 00000000 ____D C:\Users\Tim\Documents\Camtasia Studio
2014-01-02 19:11 - 2013-09-19 10:55 - 00000000 ____D C:\Users\Tim\AppData\Roaming\.minecraft
2014-01-02 16:30 - 2010-11-21 04:47 - 00587366 _____ C:\Windows\PFRO.log
2014-01-02 16:28 - 2013-12-16 12:29 - 00000000 ____D C:\Program Files (x86)\SK Supporter
2014-01-02 13:48 - 2014-01-02 13:48 - 00001272 _____ C:\Users\Sven\Desktop\Revo Uninstaller.lnk
2014-01-02 13:48 - 2014-01-02 13:48 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2014-01-02 13:47 - 2014-01-02 13:46 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Sven\Downloads\revosetup95.exe
2014-01-02 10:29 - 2012-12-06 13:09 - 00000000 ____D C:\Users\Sven\Documents\Visual Studio 2010
2014-01-02 09:51 - 2014-01-02 09:51 - 08110300 _____ (Gameforge4D                                                 ) C:\Users\Sven\Downloads\Nicht bestätigt 897926.crdownload
2014-01-01 16:26 - 2014-01-01 15:14 - 00000000 ____D C:\Users\Sven\AppData\Roaming\TS3Client
2014-01-01 15:21 - 2014-01-01 15:21 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2014-01-01 15:21 - 2014-01-01 15:21 - 00000000 ____D C:\Program Files (x86)\Overwolf
2014-01-01 15:14 - 2014-01-01 15:14 - 00001174 _____ C:\Users\Sven\Desktop\TeamSpeak 3 Client.lnk
2014-01-01 15:14 - 2014-01-01 15:14 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-01-01 15:14 - 2014-01-01 15:14 - 00000000 ____D C:\Users\Sven\AppData\Local\TeamSpeak 3 Client
2014-01-01 15:13 - 2014-01-01 15:09 - 30095736 _____ (TeamSpeak Systems GmbH) C:\Users\Sven\Downloads\TeamSpeak3-Client-win32-3.0.13.1.exe
2014-01-01 13:24 - 2013-12-02 20:20 - 00000000 ____D C:\Support
2014-01-01 13:24 - 2013-03-06 19:16 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2014-01-01 13:22 - 2014-01-01 09:52 - 00000000 ____D C:\ProgramData\Fun2SaVE
2014-01-01 13:22 - 2014-01-01 09:51 - 00000000 ____D C:\ProgramData\SHopDrroope
2014-01-01 13:22 - 2014-01-01 09:51 - 00000000 ____D C:\ProgramData\CheapMe
2014-01-01 13:22 - 2013-12-31 09:33 - 00000000 ____D C:\ProgramData\Fun2Saavee
2014-01-01 13:22 - 2013-12-02 20:20 - 00000000 ____D C:\Program Files (x86)\PSupport
2014-01-01 13:03 - 2014-01-01 13:03 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-01 13:03 - 2014-01-01 13:03 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Malwarebytes
2014-01-01 13:03 - 2014-01-01 13:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-01 13:03 - 2014-01-01 13:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-01 13:03 - 2014-01-01 13:02 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Sven\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-01 12:51 - 2014-01-01 12:51 - 00000000 ____D C:\Program Files (x86)\Fun2SaVE
2014-01-01 12:51 - 2013-12-02 20:20 - 00000000 ____D C:\ProgramData\4c56cbda1eea8c4f
2014-01-01 12:50 - 2012-03-23 00:18 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2014-01-01 12:45 - 2014-01-01 09:51 - 00000000 ____D C:\ProgramData\SavieLots
2014-01-01 12:45 - 2013-01-18 12:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-01 12:41 - 2014-01-01 12:41 - 01233962 _____ C:\Users\Sven\Desktop\adwcleaner_3.016.exe
2014-01-01 12:38 - 2014-01-01 12:38 - 00000000 ____D C:\Program Files (x86)\SavieLots
2014-01-01 12:34 - 2013-12-05 17:46 - 00001759 _____ C:\Users\Tim\daemonprocess.txt
2014-01-01 10:20 - 2013-03-06 19:16 - 00000000 ____D C:\Users\Tim\AppData\Local\PMB Files
2014-01-01 09:53 - 2013-03-15 11:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-01 09:52 - 2014-01-01 09:52 - 00000000 ____D C:\ProgramData\ealmdgomdcbnoklgoolhfockpbedkceb
2014-01-01 09:51 - 2013-12-31 18:57 - 00000000 ____D C:\Users\Tim\AppData\Local\genienext
2013-12-31 22:43 - 2013-12-31 22:43 - 314662811 _____ C:\Users\Tim\Downloads\Nicht bestätigt 935521.crdownload
2013-12-31 22:33 - 2013-12-05 17:46 - 00000000 ____D C:\Users\Tim\AppData\Local\cache
2013-12-31 21:45 - 2013-12-31 21:45 - 00000000 ____D C:\ProgramData\Browser Enhancer
2013-12-31 19:46 - 2013-12-31 19:46 - 00000000 ____D C:\ProgramData\WinWeb protection
2013-12-31 19:27 - 2013-12-31 19:27 - 00001172 _____ C:\Users\Public\Desktop\Camtasia Studio 8.lnk
2013-12-31 19:27 - 2013-12-31 19:27 - 00000000 ____D C:\ProgramData\regid.1995-08.com.techsmith
2013-12-31 19:27 - 2013-12-31 19:27 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-12-31 19:26 - 2013-12-31 19:26 - 00000000 ____D C:\Program Files (x86)\TechSmith
2013-12-31 19:17 - 2013-12-31 18:30 - 255479656 _____ C:\Users\Tim\Downloads\camtasia.exe
2013-12-31 18:57 - 2013-12-31 18:57 - 00000000 ____D C:\Users\Tim\.android
2013-12-31 18:57 - 2012-12-02 20:28 - 00000000 ____D C:\Users\Tim
2013-12-31 10:53 - 2013-12-20 12:16 - 00000000 ____D C:\Users\Sven\Desktop\Screenshots
2013-12-31 10:36 - 2013-08-21 19:06 - 00000000 ____D C:\Users\Sven\AppData\Roaming\.minecraft
2013-12-31 09:42 - 2013-12-31 09:42 - 00000000 ____D C:\ProgramData\Accelewin
2013-12-31 09:39 - 2013-12-31 09:32 - 00000000 ____D C:\ProgramData\WinFilter
2013-12-31 09:33 - 2013-12-31 09:33 - 00000000 ____D C:\ProgramData\plbllagpcgldahopijhmmddnhpjgjkgb
2013-12-30 22:43 - 2013-12-30 22:42 - 00001338 _____ C:\Users\Tim\Desktop\Abmelden.lnk
2013-12-30 21:32 - 2013-12-30 21:32 - 00001242 _____ C:\Users\Tim\Desktop\Paint.lnk
2013-12-30 20:51 - 2013-12-30 17:53 - 00000000 ____D C:\Users\Tim\Documents\Wondershare Video Editor
2013-12-30 20:46 - 2013-12-30 20:46 - 00000000 ____D C:\ProgramData\Browser System Enahncer
2013-12-30 19:04 - 2013-12-05 20:03 - 00004024 _____ C:\Users\Sven\daemonprocess.txt
2013-12-30 17:58 - 2013-12-30 17:58 - 00002128 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2013-12-30 17:58 - 2013-12-30 17:58 - 00002128 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2013-12-30 17:58 - 2013-12-30 17:58 - 00000000 ___RD C:\Users\Tim\SkyDrive
2013-12-30 17:58 - 2013-12-30 17:58 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive
2013-12-30 17:58 - 2013-12-30 17:58 - 00000000 ____D C:\Program Files (x86)\Microsoft SkyDrive
2013-12-30 17:54 - 2013-12-30 17:54 - 01245168 _____ (Microsoft Corporation) C:\Users\Tim\Downloads\wlsetup-web.exe
2013-12-30 17:54 - 2013-12-30 17:54 - 00000000 ____D C:\Users\Tim\AppData\Local\Windows Live
2013-12-30 11:32 - 2013-12-30 11:32 - 00000000 ____D C:\ProgramData\Accelesys
2013-12-29 19:52 - 2013-12-14 16:35 - 00007597 _____ C:\Users\Sven\AppData\Local\Resmon.ResmonCfg
2013-12-29 18:28 - 2013-12-29 18:28 - 00000000 ____D C:\ProgramData\Filteligent
2013-12-29 15:08 - 2013-12-27 17:50 - 00000000 ____D C:\ProgramData\Network Acceleration
2013-12-27 20:14 - 2013-12-06 13:11 - 00000404 _____ C:\Users\Mirjam Zanetti\daemonprocess.txt
2013-12-23 20:31 - 2013-12-23 20:30 - 00429112 _____ C:\Users\Sven\Downloads\pizzaspleef.zip
2013-12-23 17:35 - 2013-12-23 17:35 - 04324265 _____ C:\Users\Tim\Downloads\Timber.zip
2013-12-22 14:13 - 2013-12-22 14:13 - 01536625 _____ C:\Users\Sven\Downloads\LPG'sRedstoneComputer2.7.zip
2013-12-22 10:10 - 2013-10-28 18:58 - 11649935 _____ C:\Users\Sven\Desktop\MCEdit_dev-0.1.8build665.win-amd64.zip
2013-12-22 10:09 - 2013-12-22 10:09 - 00007658 _____ C:\Users\Sven\Downloads\Prop16BitSQRTExtschematic.zip
2013-12-22 10:00 - 2012-12-02 18:55 - 00001424 _____ C:\Users\Sven\Desktop\Google Chrome.lnk
2013-12-22 09:57 - 2013-01-18 12:02 - 00001057 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-22 09:57 - 2012-12-01 10:20 - 00000997 _____ C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-22 09:49 - 2013-12-22 09:49 - 00000000 ____D C:\Users\Sven\AppData\Local\Packages
2013-12-22 08:48 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-12-21 11:02 - 2011-06-11 01:58 - 00420944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2013-12-21 10:57 - 2013-12-21 10:57 - 00000928 _____ C:\Users\Sven\Desktop\Movie2KDownloader.lnk
2013-12-21 10:56 - 2013-12-21 10:56 - 00317712 _____ C:\Users\Sven\Downloads\Eragon_-_Das_Vermächtnis_der_Drachenreiter.exe
2013-12-21 10:40 - 2013-12-21 10:39 - 00000000 ____D C:\ProgramData\Oracle
2013-12-21 10:38 - 2013-12-21 10:38 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-12-21 10:38 - 2013-12-21 10:38 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-12-21 10:38 - 2013-12-21 10:38 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-12-21 10:38 - 2013-12-21 10:38 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-12-21 10:38 - 2013-12-21 10:38 - 00000000 ____D C:\Program Files (x86)\Java
2013-12-21 10:29 - 2013-12-21 10:29 - 00915368 _____ (Oracle Corporation) C:\Users\Sven\Downloads\chromeinstall-7u45.exe
2013-12-21 07:45 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-20 12:20 - 2013-10-14 11:42 - 00000000 ____D C:\Users\Sven\Desktop\Movies
2013-12-20 12:14 - 2013-12-19 20:04 - 00000000 ____D C:\Windows\system32\MRT
2013-12-20 12:13 - 2013-12-05 17:54 - 00002060 _____ C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2013-12-19 20:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-19 20:10 - 2012-06-29 11:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-12-19 18:43 - 2013-01-28 20:28 - 00000000 ____D C:\Users\Mirjam Zanetti\AppData\Local\CrashDumps
2013-12-19 16:47 - 2013-12-19 16:47 - 00000000 ____D C:\Users\Mirjam Zanetti\AppData\Local\{6AF54B64-306C-463E-8EDF-4B7EF3D5B122}
2013-12-19 16:46 - 2013-03-30 15:36 - 00000000 ____D C:\Users\Mirjam Zanetti\Tracing
2013-12-19 16:46 - 2013-02-08 12:57 - 00109680 _____ C:\Users\Mirjam Zanetti\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-18 19:13 - 2013-12-18 18:49 - 68259380 _____ (Gameforge4D                                                 ) C:\Users\Tim\Downloads\4Story_DE_4.2.1.exe
2013-12-18 17:18 - 2013-12-18 17:14 - 20861012 _____ C:\Users\Tim\Downloads\world.rar
2013-12-18 17:05 - 2013-11-08 15:54 - 00000000 ____D C:\Users\Tim\AppData\Local\VNT
2013-12-18 17:05 - 2012-12-03 11:46 - 00109680 _____ C:\Users\Tim\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-18 13:48 - 2009-07-14 05:45 - 00415048 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-17 19:28 - 2013-12-17 19:28 - 00001210 _____ C:\Users\Public\Desktop\Wondershare Video Editor.lnk
2013-12-17 19:28 - 2012-12-02 18:53 - 00109680 _____ C:\Users\Sven\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-17 12:20 - 2013-12-14 07:51 - 00002204 _____ C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pixsta.lnk
2013-12-16 21:58 - 2013-12-16 21:57 - 00007602 _____ C:\Users\Mirjam Zanetti\AppData\Local\Resmon.ResmonCfg
2013-12-16 21:34 - 2013-12-16 21:34 - 00000000 ____D C:\Users\Mirjam Zanetti\AppData\Local\{2CCAE2D2-DC82-40FF-92F3-E53D3BCEDE46}
2013-12-16 19:07 - 2013-12-16 19:04 - 18632916 _____ C:\Users\Tim\Downloads\DrZharks MoCreatures Mod v6.0.1 (1).zip
2013-12-16 19:04 - 2013-12-16 19:04 - 00007605 _____ C:\Users\Tim\AppData\Local\Resmon.ResmonCfg
2013-12-16 12:35 - 2013-12-16 12:32 - 18611238 _____ C:\Users\Tim\Downloads\DrZharks MoCreatures Mod v5.2.5.zip
2013-12-16 12:29 - 2013-12-16 12:29 - 00002686 _____ C:\Windows\System32\Tasks\SK.Enabler-S-1495795506
2013-12-16 12:29 - 2013-12-16 12:27 - 00000000 ____D C:\ProgramData\InstallMate
2013-12-15 19:53 - 2013-12-15 19:52 - 03053697 _____ C:\Users\Sven\Downloads\2.wmv
2013-12-15 18:56 - 2013-12-15 18:56 - 04253137 _____ C:\Users\Tim\Downloads\Ancient Egyptian Palace v2.1.zip
2013-12-15 18:38 - 2013-12-15 18:38 - 00000000 ____D C:\Users\Tim\AppData\Roaming\ATI
2013-12-15 18:38 - 2013-12-15 18:38 - 00000000 ____D C:\Users\Tim\AppData\Local\ATI
2013-12-15 18:38 - 2013-12-15 18:38 - 00000000 ____D C:\ProgramData\ATI
2013-12-15 18:04 - 2013-12-15 18:04 - 01116281 _____ C:\Users\Tim\Downloads\SPC-1.6.4 (1).jar
2013-12-15 18:02 - 2013-12-15 18:02 - 01116281 _____ C:\Users\Tim\Downloads\SPC-1.6.4.jar
2013-12-14 16:24 - 2013-12-14 16:20 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Riot Games
2013-12-14 16:23 - 2013-12-14 16:23 - 00001613 _____ C:\Users\Public\Desktop\Play League of Legends.lnk
2013-12-14 16:23 - 2013-12-14 16:23 - 00000000 ____D C:\Riot Games
2013-12-14 16:23 - 2012-12-25 12:47 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2013-12-14 16:20 - 2013-12-14 16:14 - 34888568 _____ (Riot Games) C:\Users\Sven\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2013-12-14 12:39 - 2013-12-14 12:38 - 05511142 _____ C:\Users\Sven\Downloads\32x v6.1 (1.7.2) RuneScape Pack.zip
2013-12-13 21:33 - 2013-12-13 09:32 - 00000000 ____D C:\Users\Mirjam Zanetti\AppData\Local\{8F431B6C-2062-46B8-B6B1-8309D3A1FDD8}
2013-12-13 18:56 - 2013-12-13 18:56 - 00001022 _____ C:\Users\Sven\Downloads\multiplizierer.schematic
2013-12-13 17:56 - 2012-12-02 20:28 - 00000680 __RSH C:\Users\Tim\ntuser.pol
2013-12-13 17:56 - 2012-12-01 10:20 - 00001326 __RSH C:\Users\Sven\ntuser.pol
2013-12-13 17:56 - 2012-12-01 10:20 - 00000000 ____D C:\Users\Sven
2013-12-13 17:56 - 2012-12-01 10:05 - 00000680 __RSH C:\Users\Mirjam Zanetti\ntuser.pol
2013-12-13 17:56 - 2012-11-07 10:27 - 00000000 ____D C:\Users\Mirjam Zanetti
2013-12-12 19:17 - 2013-12-12 19:17 - 00088799 _____ C:\Users\Sven\Downloads\Nicht bestätigt 116101.crdownload
2013-12-12 17:14 - 2013-12-12 17:14 - 00000000 ____D C:\Users\Mirjam Zanetti\AppData\Local\{0BECB8D7-AAF7-437F-A7B0-8D241ED39115}
2013-12-12 17:13 - 2012-11-07 10:30 - 00001429 _____ C:\Users\Mirjam Zanetti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-12 12:43 - 2013-12-12 12:43 - 00830980 _____ C:\Users\Tim\Downloads\shaderpacks.rar
2013-12-12 12:36 - 2013-12-12 12:35 - 00171802 _____ C:\Users\Tim\Downloads\ShadersModCore-mc1.6.2-f789-v2.0.0-pre1.jar
2013-12-12 03:04 - 2013-01-24 19:36 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-11 19:35 - 2013-12-11 19:35 - 00643268 _____ C:\Users\Sven\Downloads\7-Bit-Rechner (Binär) (1).zip
2013-12-11 18:05 - 2013-12-11 17:59 - 01673263 _____ C:\Users\Tim\Downloads\GuiAPI-0.15.7-1.6.2.jar
2013-12-11 17:59 - 2013-12-11 17:55 - 18632916 _____ C:\Users\Tim\Downloads\DrZharks MoCreatures Mod v6.0.1.zip
2013-12-11 17:57 - 2013-12-11 17:57 - 00017595 _____ C:\Users\Tim\Downloads\CustomMobSpawner 2.3.1.zip
2013-12-11 17:38 - 2013-12-11 17:37 - 02243170 _____ C:\Users\Tim\Downloads\Animal Bikes 1.6.4 (2).zip
2013-12-11 17:31 - 2013-12-11 17:31 - 02243170 _____ C:\Users\Tim\Downloads\Animal Bikes 1.6.4 (1).zip
2013-12-11 17:28 - 2013-12-11 17:27 - 02243170 _____ C:\Users\Tim\Downloads\Animal Bikes 1.6.4.zip
2013-12-11 17:16 - 2013-12-11 17:16 - 00421267 _____ C:\Users\Tim\Downloads\OptiFine 1.6.4.jar
2013-12-11 13:17 - 2012-12-02 20:28 - 00001429 _____ C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-11 12:44 - 2013-12-11 12:43 - 00675988 _____ C:\Users\Tim\Downloads\Minecraft (1).exe
2013-12-11 12:39 - 2012-12-02 20:30 - 00000000 ____D C:\Users\Tim\AppData\Local\Google
2013-12-11 12:35 - 2013-12-11 12:17 - 00014978 _____ C:\Windows\IE11_main.log
2013-12-11 12:20 - 2013-12-11 12:20 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-11 12:20 - 2013-12-11 12:20 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-11 12:20 - 2013-12-11 12:20 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-11 12:20 - 2013-12-11 12:20 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-11 12:20 - 2013-12-11 12:20 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-11 12:20 - 2013-12-11 12:20 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-11 12:20 - 2013-12-11 12:20 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-10 19:26 - 2013-12-10 19:25 - 01032430 _____ C:\Users\Sven\Downloads\BESV4.zip
2013-12-08 19:10 - 2013-12-08 19:10 - 00451656 _____ C:\Users\Sven\Downloads\TASCHENRECHNER-.zip
2013-12-07 10:05 - 2013-12-07 10:05 - 00009647 _____ C:\Users\Sven\Downloads\setblockstructure.py
2013-12-07 10:05 - 2013-12-07 10:05 - 00009647 _____ C:\Users\Sven\Downloads\setblockstructure (1).py
2013-12-07 09:12 - 2013-12-07 09:12 - 00000676 _____ C:\Users\Sven\Downloads\display_pancave.schematic
2013-12-07 08:45 - 2013-11-14 19:39 - 00001338 _____ C:\Users\Sven\Desktop\shutdown.lnk
2013-12-07 07:48 - 2013-12-07 07:48 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-12-07 07:47 - 2013-12-05 17:47 - 00580753 _____ C:\Users\Tim\Desktop\SkinEdit_alpha3_pre7_fix.zip
2013-12-06 21:34 - 2013-12-06 21:34 - 00006561 _____ C:\Users\Sven\Downloads\Binary to bcd decoder.zip
2013-12-06 21:05 - 2013-12-06 21:04 - 00662990 _____ C:\Users\Sven\Downloads\8 bit and 16 bit decoders.rar
2013-12-06 18:31 - 2013-10-15 10:14 - 00000000 ____D C:\Users\Sven\Desktop\Benchmarks
2013-12-06 16:31 - 2012-12-02 20:32 - 00000000 ____D C:\Users\Tim\Desktop\.minecraft
2013-12-05 17:55 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2013-12-05 17:46 - 2013-12-05 17:46 - 00222615 _____ C:\Users\Tim\Downloads\Nicht bestätigt 661495.crdownload
2013-12-05 17:43 - 2013-12-05 17:43 - 00000000 ____D C:\Users\Tim\AppData\Roaming\Minecraft Skin Viewer
2013-12-05 17:03 - 2012-12-28 11:05 - 00000000 ____D C:\Users\Tim\AppData\Local\CrashDumps
2013-12-05 16:55 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.3080.dll
C:\Windows\Tasks\{5DB9E211-1F20-4E8E-90D7-26D9EFE8AE7E}.job


Some content of TEMP:
====================
C:\Users\Mirjam Zanetti\AppData\Local\Temp\55757uninstall.exe
C:\Users\Mirjam Zanetti\AppData\Local\Temp\bundlesweetimsetup.exe
C:\Users\Mirjam Zanetti\AppData\Local\Temp\GenericUninstall.exe
C:\Users\Mirjam Zanetti\AppData\Local\Temp\kpinstaller.exe
C:\Users\Mirjam Zanetti\AppData\Local\Temp\MyBabylonTB.exe
C:\Users\Mirjam Zanetti\AppData\Local\Temp\OnlineWeatherSetup.exe
C:\Users\Mirjam Zanetti\AppData\Local\Temp\ose00000.exe
C:\Users\Mirjam Zanetti\AppData\Local\Temp\PicasaUpdater_2ac4.exe
C:\Users\Mirjam Zanetti\AppData\Local\Temp\propsys.dll
C:\Users\Mirjam Zanetti\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Mirjam Zanetti\AppData\Local\Temp\Sqlite3.dll
C:\Users\Mirjam Zanetti\AppData\Local\Temp\uninst1.exe
C:\Users\Mirjam Zanetti\AppData\Local\Temp\uninstaller.exe
C:\Users\Mirjam Zanetti\AppData\Local\Temp\WSSetup.exe
C:\Users\Sven\AppData\Local\Temp\htmlayout.dll
C:\Users\Sven\AppData\Local\Temp\ifxuec0f.dll
C:\Users\Sven\AppData\Local\Temp\npp.6.3.2.Installer.exe
C:\Users\Sven\AppData\Local\Temp\Quarantine.exe
C:\Users\Sven\AppData\Local\Temp\SHSetup.exe
C:\Users\Sven\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Sven\AppData\Local\Temp\tmp714A.exe
C:\Users\Sven\AppData\Local\Temp\uninst1.exe
C:\Users\Sven\AppData\Local\Temp\upibbv2d.dll
C:\Users\Sven\AppData\Local\Temp\w23ptpgn.dll
C:\Users\Sven\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Tim\AppData\Local\Temp\294823_.exe
C:\Users\Tim\AppData\Local\Temp\Mobogenie_Setup_2-1-23_517.exe
C:\Users\Tim\AppData\Local\Temp\Mobogenie_Setup_2-1-35_517.exe
C:\Users\Tim\AppData\Local\Temp\npp.6.5.1.Installer.exe
C:\Users\Tim\AppData\Local\Temp\PokkiInstaller.exe
C:\Users\Tim\AppData\Local\Temp\SimilarBundleGenericDl.exe
C:\Users\Tim\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Tim\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\Tim\AppData\Local\Temp\version51030bc4470a0.exe
C:\Users\Tim\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-03-25 08:03

==================== End Of Log ============================
--- --- ---
Geändert von Terrenay (04.01.2014 um 19:37 Uhr)

Alt 04.01.2014, 19:50   #7
aharonov
/// TB-Ausbilder
 
SafeSaver lässt sich nicht entfernen - Standard

SafeSaver lässt sich nicht entfernen


Wie sieht es nach diesen Schritten aus? Welche Probleme bestehen dann noch?


Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKU\Mirjam Zanetti\...\Run: [Online Weather] - C:\Users\Mirjam Zanetti\AppData\Local\WebPlayer\Online Weather\WebPlayer.exe
HKU\Mirjam Zanetti\...\Run: [SearchProtect] - C:\Users\Mirjam Zanetti\AppData\Roaming\SearchProtect\bin\cltmng.exe
HKU\Tim\...\Run: [Pokki] - C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
HKU\Tim\...\Run: [NextLive] - C:\Windows\SysWOW64\rundll32.exe "C:\Users\Tim\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\Tim\...\RunOnce: [Application Restart #1] - C:\Users\Tim\AppData\Local\Pokki\Engine\pokki.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Tim\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session
AppInit_DLLs: C:\ProgramData\WinWeb protection\WinWebprotection_x64.dll [4717568 2013-12-31] ()
AppInit_DLLs-x32: c:\progra~3\networ~1\networ~1.dll c:\progra~3\filtel~1\filtel~1.dll c:\progra~3\accele~1\accele~1.dll   c:\progra~3\winfil~1\winfil~1.dll c:\progra~3\accele~2\accele~1.dll c:\progra~3\winweb~1\winweb~1.dll [4365312 2013-12-31] ()
BHO: Fun2Saavee - {253C794B-8CCF-8F1F-FE17-FDC663583CF8} - C:\ProgramData\Fun2Saavee\fq_MxW4Tb.x64.dll No File
FF HKLM-x32\...\Firefox\Extensions: [12x3q4@3244516.com] - C:\Program Files (x86)\Better-Surf\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha629.net] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha629\ff
CHR HKLM-x32\...\Chrome\Extension: [cfigonhgidedenkkhlilmefgodjpefna] - C:\Users\Tim\AppData\Local\CRE\cfigonhgidedenkkhlilmefgodjpefna.crx
CHR HKLM-x32\...\Chrome\Extension: [dbpebffoameokfhnaaedmefjncfboino] - C:\Program Files (x86)\SecretSauce\dbpebffoameokfhnaaedmefjncfboino.crx
CHR HKLM-x32\...\Chrome\Extension: [ealchnonpofjocgofjpopjdoegbbkofj] - C:\Program Files (x86)\HappyLyrics\Chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [fjadoaialeaepfndfhpoeeacjhfipfnn] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha629\ch\WebexpEnhancedV1alpha629.crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\Exts\Chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx
R2 03e661da; C:\Windows\system32\rundll32.exe [45568 2009-07-14] (Microsoft Corporation)
R2 03e661da; C:\Windows\SysWow64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation)
R2 3f0ddfac; C:\Windows\system32\rundll32.exe [45568 2009-07-14] (Microsoft Corporation)
R2 3f0ddfac; C:\Windows\SysWow64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation)
R2 5717af3d; C:\Windows\system32\rundll32.exe [45568 2009-07-14] (Microsoft Corporation)
R2 5717af3d; C:\Windows\SysWow64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation)
R2 671c50b0; C:\Windows\system32\rundll32.exe [45568 2009-07-14] (Microsoft Corporation)
R2 671c50b0; C:\Windows\SysWow64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation)
R2 89f7ebe4; C:\Windows\system32\rundll32.exe [45568 2009-07-14] (Microsoft Corporation)
R2 89f7ebe4; C:\Windows\SysWow64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation)
R2 8b68ee33; C:\Windows\system32\rundll32.exe [45568 2009-07-14] (Microsoft Corporation)
R2 8b68ee33; C:\Windows\SysWow64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation)
R2 a5a53867; C:\Windows\system32\rundll32.exe [45568 2009-07-14] (Microsoft Corporation)
R2 a5a53867; C:\Windows\SysWow64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation)
2014-01-01 12:51 - 2014-01-01 12:51 - 00000000 ____D C:\Program Files (x86)\Fun2SaVE
2014-01-01 12:38 - 2014-01-01 12:38 - 00000000 ____D C:\Program Files (x86)\SavieLots
2014-01-01 09:52 - 2014-01-01 13:22 - 00000000 ____D C:\ProgramData\Fun2SaVE
2014-01-01 09:52 - 2014-01-01 09:52 - 00000000 ____D C:\ProgramData\ealmdgomdcbnoklgoolhfockpbedkceb
2014-01-01 09:51 - 2014-01-01 13:22 - 00000000 ____D C:\ProgramData\SHopDrroope
2014-01-01 09:51 - 2014-01-01 13:22 - 00000000 ____D C:\ProgramData\CheapMe
2014-01-01 09:51 - 2014-01-01 12:45 - 00000000 ____D C:\ProgramData\SavieLots
2013-12-31 21:45 - 2013-12-31 21:45 - 00000000 ____D C:\ProgramData\Browser Enhancer
2013-12-31 19:46 - 2013-12-31 19:46 - 00000000 ____D C:\ProgramData\WinWeb protection
2013-12-27 17:50 - 2013-12-29 15:08 - 00000000 ____D C:\ProgramData\Network Acceleration
2013-12-30 20:46 - 2013-12-30 20:46 - 00000000 ____D C:\ProgramData\Browser System Enahncer
2013-12-31 09:42 - 2013-12-31 09:42 - 00000000 ____D C:\ProgramData\Accelewin
2013-12-31 09:33 - 2014-01-01 13:22 - 00000000 ____D C:\ProgramData\Fun2Saavee
2013-12-31 09:33 - 2013-12-31 09:33 - 00000000 ____D C:\ProgramData\plbllagpcgldahopijhmmddnhpjgjkgb
2013-12-31 09:32 - 2013-12-31 09:39 - 00000000 ____D C:\ProgramData\WinFilter
2013-12-05 17:46 - 2014-01-01 12:34 - 00001759 _____ C:\Users\Tim\daemonprocess.txt
2013-12-05 17:46 - 2013-12-31 22:33 - 00000000 ____D C:\Users\Tim\AppData\Local\cache
2013-12-06 13:11 - 2013-12-27 20:14 - 00000404 _____ C:\Users\Mirjam Zanetti\daemonprocess.txt
2013-12-05 20:03 - 2013-12-30 19:04 - 00004024 _____ C:\Users\Sven\daemonprocess.txt
C:\Windows\Tasks\{5DB9E211-1F20-4E8E-90D7-26D9EFE8AE7E}.job
C:\Users\Mirjam Zanetti\AppData\Local\Temp\*.exe
C:\Users\Sven\AppData\Local\Temp\*.exe
C:\Users\Tim\AppData\Local\Temp\*.exe

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Schritt 2
  • Öffne das Programm Malwarebytes Anti-Malware.
    Vista und Win7 User mit Rechtsklick "als Administrator starten".
  • Klicke auf Aktualisierung --> Suche nach Aktualisierung.
  • Wenn das Update beendet wurde, aktiviere im Reiter Suchlauf die Option Quick-Scan durchführen und drücke auf Scannen.
  • Wenn der Scan fertig ist, klicke auf Ergebnisse anzeigen.
  • Versichere dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter dem Reiter Logdateien finden.



Schritt 3


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset




Schritt 4

Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.



Bitte poste in deiner nächsten Antwort:
  • Fixlog von FRST
  • Log von MBAM
  • Log von ESET
  • Log von FRST
__________________
cheers,
Leo

Alt 04.01.2014, 20:08   #8
Terrenay
 
SafeSaver lässt sich nicht entfernen - Standard

SafeSaver lässt sich nicht entfernen


Problem besteht leider weiterhin...

Fixlog von FRST:

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-01-2014
Ran by Sven at 2014-01-04 20:04:31 Run:1
Running from C:\Users\Sven\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\Mirjam Zanetti\...\Run: [Online Weather] - C:\Users\Mirjam Zanetti\AppData\Local\WebPlayer\Online Weather\WebPlayer.exe
HKU\Mirjam Zanetti\...\Run: [SearchProtect] - C:\Users\Mirjam Zanetti\AppData\Roaming\SearchProtect\bin\cltmng.exe
HKU\Tim\...\Run: [Pokki] - C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
HKU\Tim\...\Run: [NextLive] - C:\Windows\SysWOW64\rundll32.exe "C:\Users\Tim\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\Tim\...\RunOnce: [Application Restart #1] - C:\Users\Tim\AppData\Local\Pokki\Engine\pokki.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Tim\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session
AppInit_DLLs: C:\ProgramData\WinWeb protection\WinWebprotection_x64.dll [4717568 2013-12-31] ()
AppInit_DLLs-x32: c:\progra~3\networ~1\networ~1.dll c:\progra~3\filtel~1\filtel~1.dll c:\progra~3\accele~1\accele~1.dll   c:\progra~3\winfil~1\winfil~1.dll c:\progra~3\accele~2\accele~1.dll c:\progra~3\winweb~1\winweb~1.dll [4365312 2013-12-31] ()
BHO: Fun2Saavee - {253C794B-8CCF-8F1F-FE17-FDC663583CF8} - C:\ProgramData\Fun2Saavee\fq_MxW4Tb.x64.dll No File
FF HKLM-x32\...\Firefox\Extensions: [12x3q4@3244516.com] - C:\Program Files (x86)\Better-Surf\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha629.net] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha629\ff
CHR HKLM-x32\...\Chrome\Extension: [cfigonhgidedenkkhlilmefgodjpefna] - C:\Users\Tim\AppData\Local\CRE\cfigonhgidedenkkhlilmefgodjpefna.crx
CHR HKLM-x32\...\Chrome\Extension: [dbpebffoameokfhnaaedmefjncfboino] - C:\Program Files (x86)\SecretSauce\dbpebffoameokfhnaaedmefjncfboino.crx
CHR HKLM-x32\...\Chrome\Extension: [ealchnonpofjocgofjpopjdoegbbkofj] - C:\Program Files (x86)\HappyLyrics\Chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [fjadoaialeaepfndfhpoeeacjhfipfnn] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha629\ch\WebexpEnhancedV1alpha629.crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\Exts\Chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx
R2 03e661da; C:\Windows\system32\rundll32.exe [45568 2009-07-14] (Microsoft Corporation)
R2 03e661da; C:\Windows\SysWow64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation)
R2 3f0ddfac; C:\Windows\system32\rundll32.exe [45568 2009-07-14] (Microsoft Corporation)
R2 3f0ddfac; C:\Windows\SysWow64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation)
R2 5717af3d; C:\Windows\system32\rundll32.exe [45568 2009-07-14] (Microsoft Corporation)
R2 5717af3d; C:\Windows\SysWow64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation)
R2 671c50b0; C:\Windows\system32\rundll32.exe [45568 2009-07-14] (Microsoft Corporation)
R2 671c50b0; C:\Windows\SysWow64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation)
R2 89f7ebe4; C:\Windows\system32\rundll32.exe [45568 2009-07-14] (Microsoft Corporation)
R2 89f7ebe4; C:\Windows\SysWow64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation)
R2 8b68ee33; C:\Windows\system32\rundll32.exe [45568 2009-07-14] (Microsoft Corporation)
R2 8b68ee33; C:\Windows\SysWow64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation)
R2 a5a53867; C:\Windows\system32\rundll32.exe [45568 2009-07-14] (Microsoft Corporation)
R2 a5a53867; C:\Windows\SysWow64\rundll32.exe [44544 2009-07-14] (Microsoft Corporation)
2014-01-01 12:51 - 2014-01-01 12:51 - 00000000 ____D C:\Program Files (x86)\Fun2SaVE
2014-01-01 12:38 - 2014-01-01 12:38 - 00000000 ____D C:\Program Files (x86)\SavieLots
2014-01-01 09:52 - 2014-01-01 13:22 - 00000000 ____D C:\ProgramData\Fun2SaVE
2014-01-01 09:52 - 2014-01-01 09:52 - 00000000 ____D C:\ProgramData\ealmdgomdcbnoklgoolhfockpbedkceb
2014-01-01 09:51 - 2014-01-01 13:22 - 00000000 ____D C:\ProgramData\SHopDrroope
2014-01-01 09:51 - 2014-01-01 13:22 - 00000000 ____D C:\ProgramData\CheapMe
2014-01-01 09:51 - 2014-01-01 12:45 - 00000000 ____D C:\ProgramData\SavieLots
2013-12-31 21:45 - 2013-12-31 21:45 - 00000000 ____D C:\ProgramData\Browser Enhancer
2013-12-31 19:46 - 2013-12-31 19:46 - 00000000 ____D C:\ProgramData\WinWeb protection
2013-12-27 17:50 - 2013-12-29 15:08 - 00000000 ____D C:\ProgramData\Network Acceleration
2013-12-30 20:46 - 2013-12-30 20:46 - 00000000 ____D C:\ProgramData\Browser System Enahncer
2013-12-31 09:42 - 2013-12-31 09:42 - 00000000 ____D C:\ProgramData\Accelewin
2013-12-31 09:33 - 2014-01-01 13:22 - 00000000 ____D C:\ProgramData\Fun2Saavee
2013-12-31 09:33 - 2013-12-31 09:33 - 00000000 ____D C:\ProgramData\plbllagpcgldahopijhmmddnhpjgjkgb
2013-12-31 09:32 - 2013-12-31 09:39 - 00000000 ____D C:\ProgramData\WinFilter
2013-12-05 17:46 - 2014-01-01 12:34 - 00001759 _____ C:\Users\Tim\daemonprocess.txt
2013-12-05 17:46 - 2013-12-31 22:33 - 00000000 ____D C:\Users\Tim\AppData\Local\cache
2013-12-06 13:11 - 2013-12-27 20:14 - 00000404 _____ C:\Users\Mirjam Zanetti\daemonprocess.txt
2013-12-05 20:03 - 2013-12-30 19:04 - 00004024 _____ C:\Users\Sven\daemonprocess.txt
C:\Windows\Tasks\{5DB9E211-1F20-4E8E-90D7-26D9EFE8AE7E}.job
C:\Users\Mirjam Zanetti\AppData\Local\Temp\*.exe
C:\Users\Sven\AppData\Local\Temp\*.exe
C:\Users\Tim\AppData\Local\Temp\*.exe
         
*****************

HKU\Mirjam Zanetti\Software\Microsoft\Windows\CurrentVersion\Run\\Online Weather => Value deleted successfully.
HKU\Mirjam Zanetti\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtect => Value deleted successfully.
HKU\Tim\Software\Microsoft\Windows\CurrentVersion\Run\\Pokki => Value deleted successfully.
HKU\Tim\Software\Microsoft\Windows\CurrentVersion\Run\\NextLive => Value deleted successfully.
HKU\Tim\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application Restart #1 => Value deleted successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{253C794B-8CCF-8F1F-FE17-FDC663583CF8} => Key deleted successfully.
HKCR\CLSID\{253C794B-8CCF-8F1F-FE17-FDC663583CF8} => Key deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\12x3q4@3244516.com => Value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@bettersurfplus.com => Value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@WebexpEnhancedV1alpha629.net => Value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cfigonhgidedenkkhlilmefgodjpefna => Key deleted successfully.
C:\Users\Tim\AppData\Local\CRE\cfigonhgidedenkkhlilmefgodjpefna.crx => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dbpebffoameokfhnaaedmefjncfboino => Key deleted successfully.
"C:\Program Files (x86)\SecretSauce\dbpebffoameokfhnaaedmefjncfboino.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ealchnonpofjocgofjpopjdoegbbkofj => Key deleted successfully.
"C:\Program Files (x86)\HappyLyrics\Chrome.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fjadoaialeaepfndfhpoeeacjhfipfnn => Key deleted successfully.
"C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha629\ch\WebexpEnhancedV1alpha629.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk => Key deleted successfully.
Could not move "C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\Exts\Chrome.crx" => Scheduled to move on reboot.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mmifolfpllfdhilecpdpmemhelmanajl => Key deleted successfully.
"C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx" => File/Directory not found.
03e661da => Service deleted successfully.
03e661da => Service not found.
3f0ddfac => Service deleted successfully.
3f0ddfac => Service not found.
5717af3d => Service deleted successfully.
5717af3d => Service not found.
671c50b0 => Service deleted successfully.
671c50b0 => Service not found.
89f7ebe4 => Service deleted successfully.
89f7ebe4 => Service not found.
8b68ee33 => Service deleted successfully.
8b68ee33 => Service not found.
a5a53867 => Service deleted successfully.
a5a53867 => Service not found.
C:\Program Files (x86)\Fun2SaVE => Moved successfully.
C:\Program Files (x86)\SavieLots => Moved successfully.
C:\ProgramData\Fun2SaVE => Moved successfully.
C:\ProgramData\ealmdgomdcbnoklgoolhfockpbedkceb => Moved successfully.
C:\ProgramData\SHopDrroope => Moved successfully.
C:\ProgramData\CheapMe => Moved successfully.
C:\ProgramData\SavieLots => Moved successfully.

"C:\ProgramData\Browser Enhancer" directory move:

C:\ProgramData\Browser Enhancer\BrowserEnhancer.dll => Moved successfully.
Could not move "C:\ProgramData\Browser Enhancer\BrowserEnhancerSvc.dll" => Scheduled to move on reboot.
C:\ProgramData\Browser Enhancer\BrowserEnhancer_x64.dll => Moved successfully.
Could not move "C:\ProgramData\Browser Enhancer" directory. => Scheduled to move on reboot.


"C:\ProgramData\WinWeb protection" directory move:

C:\ProgramData\WinWeb protection\WinWebprotection.dll => Moved successfully.
Could not move "C:\ProgramData\WinWeb protection\WinWebprotectionSvc.dll" => Scheduled to move on reboot.
C:\ProgramData\WinWeb protection\WinWebprotection_x64.dll => Moved successfully.
Could not move "C:\ProgramData\WinWeb protection" directory. => Scheduled to move on reboot.

C:\ProgramData\Network Acceleration => Moved successfully.

"C:\ProgramData\Browser System Enahncer" directory move:

C:\ProgramData\Browser System Enahncer\BrowserSystemEnahncer.dll => Moved successfully.
Could not move "C:\ProgramData\Browser System Enahncer\BrowserSystemEnahncerSvc.dll" => Scheduled to move on reboot.
C:\ProgramData\Browser System Enahncer\BrowserSystemEnahncer_x64.dll => Moved successfully.
Could not move "C:\ProgramData\Browser System Enahncer" directory. => Scheduled to move on reboot.


"C:\ProgramData\Accelewin" directory move:

C:\ProgramData\Accelewin\Accelewin.dll => Moved successfully.
Could not move "C:\ProgramData\Accelewin\AccelewinSvc.dll" => Scheduled to move on reboot.
C:\ProgramData\Accelewin\Accelewin_x64.dll => Moved successfully.
Could not move "C:\ProgramData\Accelewin" directory. => Scheduled to move on reboot.

C:\ProgramData\Fun2Saavee => Moved successfully.
C:\ProgramData\plbllagpcgldahopijhmmddnhpjgjkgb => Moved successfully.

"C:\ProgramData\WinFilter" directory move:

C:\ProgramData\WinFilter\WinFilter.dll => Moved successfully.
Could not move "C:\ProgramData\WinFilter\WinFilterSvc.dll" => Scheduled to move on reboot.
C:\ProgramData\WinFilter\WinFilter_x64.dll => Moved successfully.
Could not move "C:\ProgramData\WinFilter" directory. => Scheduled to move on reboot.

C:\Users\Tim\daemonprocess.txt => Moved successfully.
C:\Users\Tim\AppData\Local\cache => Moved successfully.
C:\Users\Mirjam Zanetti\daemonprocess.txt => Moved successfully.
C:\Users\Sven\daemonprocess.txt => Moved successfully.
C:\Windows\Tasks\{5DB9E211-1F20-4E8E-90D7-26D9EFE8AE7E}.job => Moved successfully.
C:\Users\Mirjam Zanetti\AppData\Local\Temp\*.exe => Moved successfully.
C:\Users\Sven\AppData\Local\Temp\*.exe => Moved successfully.
C:\Users\Tim\AppData\Local\Temp\*.exe => Moved successfully.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-01-04 20:06:09)<=

"C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\Exts\Chrome.crx" => File could not move.
C:\ProgramData\Browser Enhancer\BrowserEnhancerSvc.dll => Is moved successfully.
C:\ProgramData\Browser Enhancer => Moved successfully.
C:\ProgramData\WinWeb protection\WinWebprotectionSvc.dll => Moved successfully.
C:\ProgramData\WinWeb protection => Moved successfully.
C:\ProgramData\Browser System Enahncer\BrowserSystemEnahncerSvc.dll => Moved successfully.
C:\ProgramData\Browser System Enahncer => Moved successfully.
C:\ProgramData\Accelewin\AccelewinSvc.dll => Moved successfully.
C:\ProgramData\Accelewin => Moved successfully.
C:\ProgramData\WinFilter\WinFilterSvc.dll => Moved successfully.
C:\ProgramData\WinFilter => Moved successfully.

==== End of Fixlog ====
MBAM Log:

Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.01.04.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Sven :: MirjamZanetti [Administrator]

Schutz: Aktiviert

04.01.2014 20:10:19
mbam-log-2014-01-04 (20-10-19).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 322761
Laufzeit: 12 Minute(n), 21 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252} (PUP.Optional.GreatSaver.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
[Alles andere muss ich noch scannen, ich poste einfach mal, was ich schon hab und werd diesen Beitrag laufend editieren ^^]
Geändert von Terrenay (04.01.2014 um 20:24 Uhr)

Alt 04.01.2014, 20:37   #9
aharonov
/// TB-Ausbilder
 
SafeSaver lässt sich nicht entfernen - Standard

SafeSaver lässt sich nicht entfernen


Ok, der ESET-Scan könnte länger dauern, das ist normal.
(Posts bitte nicht editieren, sondern einen neuen anfügen. Beim Editieren bekommen ich keine Benachrichtigung und übersehe es dann wahrscheinlich.)
__________________
cheers,
Leo

Alt 05.01.2014, 12:28   #10
Terrenay
 
SafeSaver lässt sich nicht entfernen - Standard

SafeSaver lässt sich nicht entfernen


Hats auch^^

ESET Log:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=40d661f0052cf644a514a3b23d74a3b1
# engine=16523
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-04 11:46:24
# local_time=2014-01-05 12:46:24 (+0100, Mitteleuropäische Zeit)
# country="Switzerland"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3591 16777213 100 91 28518536 151504568 0 0
# compatibility_mode=5893 16776573 100 94 19694 140509034 0 0
# scanned=532603
# found=17
# cleaned=0
# scan_time=15070
sh=3A148EA6C9DECD7BCAE3E8E9A7E733A4AD112249 ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HappyLyrics\chrome.crx.vir"
sh=DFB776EBC17CAD398493562FB86B746D447DCA0E ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HappyLyrics\FF\chrome\content\main.js.vir"
sh=410B32FD3FE4642644AD91AC60C69B86EC2762DD ft=1 fh=0e378a435beab91a vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir"
sh=4023407A99B7EF4F7F82B233841CA10813A00A0D ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\d90ilwv0.default\Extensions\staged\3rb9mvlt-7y4w@km-yekaeia.co.uk\content\bg.js.vir"
sh=A0A85F8E2D81F386557F56BF02CBF33FF64002AD ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\d90ilwv0.default\Extensions\staged\otobjb@ttpjv.com\content\bg.js.vir"
sh=7452444F7F8231197295F9AA1B7073F500738641 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\d90ilwv0.default\Extensions\staged\zyxdoyii@riln-eya.com\content\bg.js.vir"
sh=397F9632B8506664E3512589F3AF3E2F0474C2D8 ft=1 fh=ae8efdd2020acfbe vn="a variant of Win32/AdWare.MultiPlug.K.gen application" ac=I fn="C:\FRST\Quarantine\294823_.exe"
sh=2085D949078D2EA097A497CB888528B83F347BEE ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\Users\Mirjam Zanetti\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcajmpbpihocicjjhcoohpdilegoocnm\2.2\DC15xR5O7v.js"
sh=B3EA248D85095B8B2D3D8E1A8F29A429FA74E7A0 ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\Users\Mirjam Zanetti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ealchnonpofjocgofjpopjdoegbbkofj\1.111_0\contentscript.js"
sh=2085D949078D2EA097A497CB888528B83F347BEE ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\Users\Mirjam Zanetti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lcajmpbpihocicjjhcoohpdilegoocnm\2.2\DC15xR5O7v.js"
sh=6922B66EF1243B23E309AD4234AE3E6E214A8BA0 ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\Users\Mirjam Zanetti\AppData\Local\Temp\che49A.tmp"
sh=2253D38C6258F0D3B70979DA80F4E7EA46DE138F ft=1 fh=bae3e61beb99b2ae vn="Win32/Adware.1ClickDownload.W application" ac=I fn="C:\Users\Mirjam Zanetti\Downloads\Rio (1).exe"
sh=2253D38C6258F0D3B70979DA80F4E7EA46DE138F ft=1 fh=bae3e61beb99b2ae vn="Win32/Adware.1ClickDownload.W application" ac=I fn="C:\Users\Mirjam Zanetti\Downloads\Rio.exe"
sh=B3EA248D85095B8B2D3D8E1A8F29A429FA74E7A0 ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\Users\Sven\AppData\Local\Chromium\User Data\Default\Extensions\ealchnonpofjocgofjpopjdoegbbkofj\1.111_0\contentscript.js"
sh=302A8E774E178A4C8F0E60B944712B74804DDC84 ft=1 fh=ecc5a64da13b123a vn="Win32/AdWare.1ClickDownload.AQ application" ac=I fn="C:\Users\Sven\Downloads\Eragon_-_Das_Vermächtnis_der_Drachenreiter.exe"
sh=FE503A93C4AB55DE8892633A0C528169B21CA45B ft=1 fh=493e1309448069eb vn="a variant of Win32/Adware.MediaFinder.H application" ac=I fn="C:\Users\Sven\Downloads\first4second.exe"
sh=7929724C8FBF6D322C52253C1C3EA2A99A291716 ft=1 fh=602d8b116250b27f vn="a variant of Win32/AdWare.MultiPlug.L application" ac=I fn="C:\Users\Tim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\APFGZTKS\xT4eMvcT[1].exe"
FRST Log:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2014
Ran by Sven (administrator) on MirjamZanetti on 05-01-2014 09:35:11
Running from C:\Users\Sven\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
() C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccsvchst.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccsvchst.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Zemi Interactive Inc.) C:\Program Files (x86)\Gameforge4D\4Story_DE\PrePatch.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(SPAMfighter ApS) C:\Program Files (x86)\Fighters\Tray\FightersTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Perfect World Entertainment Inc) C:\Program Files (x86)\Perfect World Entertainment\Arc\Arc.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Perfect World Entertainment Inc) C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcBrowser.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-06-21] (Egis Technology Inc.)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [630912 2012-01-27] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Hotkey Utility] - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [636520 2012-02-07] ()
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [4StoryPrePatch] - C:\Program Files (x86)\Gameforge4D\4Story_DE\PrePatch.exe [327680 2013-02-19] (Zemi Interactive Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [408432 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202608 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] - C:\Program Files (x86)\BlueStacks\HD-Agent.exe [601928 2013-08-07] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [Arc] - C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcLauncher.exe [129384 2013-09-05] (Perfect World Entertainment)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] - C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare)
HKLM-x32\...\Run: [CommonToolkitTray] - C:\Program Files (x86)\Fighters\Tray\FightersTray.exe [1425952 2013-03-12] (SPAMfighter ApS)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3806544 2013-11-29] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20588704 2013-11-15] (Skype Technologies S.A.)
HKCU\...\Run: [Overwolf] - C:\Program Files (x86)\Overwolf\Overwolf.exe [35768 2013-12-09] (Overwolf)
HKCU\...\Policies\system: [DisableClock] 0
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKCU\...\Policies\Explorer: [NoFind] 0
HKCU\...\Policies\Explorer: [NoNetworkConnections] 0
HKCU\...\Policies\Explorer: [NoChangeStartMenu] 0
HKCU\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Policies\Explorer: [NoCommonGroups] 0
HKCU\...\Policies\Explorer: [NoSaveSettings] 0
HKCU\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
HKU\Mirjam Zanetti\...\Run: [msnmsgr] - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4283256 2011-05-14] (Microsoft Corporation)
HKU\Mirjam Zanetti\...\Policies\system: [DisableClock] 0
HKU\Mirjam Zanetti\...\Policies\system: [LogonHoursAction] 2
HKU\Mirjam Zanetti\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Tim\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20588704 2013-11-15] (Skype Technologies S.A.)
HKU\Tim\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
HKU\Tim\...\Run: [SearchProtect] - C:\Users\Tim\AppData\Roaming\SearchProtect\bin\cltmng.exe
HKU\Tim\...\Run: [BackgroundContainer] - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Tim\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION
HKU\Tim\...\Policies\system: [DisableClock] 0
HKU\Tim\...\Policies\system: [LogonHoursAction] 2
HKU\Tim\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.ch/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coieplg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ips\ipsbho.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coieplg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\ngipf8qa.default
FF NetworkProxy: "type", 
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.10.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @eximion.com/KalydoPlayer - C:\Users\Sven\AppData\Roaming\Kalydo\KalydoPlayer\bin2\npkalydo.dll (Eximion B.V.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\ngipf8qa.default\Extensions\staged
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\IPSFF
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\coFFPlgn\

Chrome: 
=======
CHR HomePage: hxxp://google.ch/
CHR RestoreOnStartup: "hxxp://www.google.ch/"
CHR Extension: (Google Wallet) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88424 2013-09-05] (Perfect World Entertainment Inc)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-08-07] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-08-07] (BlueStack Systems, Inc.)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [1868432 2012-12-24] ()
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [240736 2013-10-07] (WildTangent)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSvcHst.exe [143928 2012-10-10] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [5206008 2013-08-25] (INCA Internet Co., Ltd.)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [96184 2013-12-09] (Overwolf)

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20131101.003\BHDrvx64.sys [1524824 2013-10-23] (Symantec Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-08-07] (BlueStack Systems)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1402000.013\ccSetx64.sys [168096 2012-10-03] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-08-31] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [140376 2013-08-31] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20131106.001\IDSvia64.sys [521816 2013-10-28] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20131107.003\ENG64.SYS [126040 2013-11-06] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20131107.003\EX64.SYS [2099288 2013-11-06] (Symantec Corporation)
S3 SRTSP; C:\Windows\system32\drivers\NISx64\1402000.013\SRTSP64.SYS [776864 2012-10-08] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1402000.013\SRTSPX64.SYS [37496 2012-05-24] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1402000.013\SYMDS64.SYS [493216 2012-10-03] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1402000.013\SYMEFA64.SYS [1133216 2012-10-03] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2012-11-07] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1402000.013\Ironx64.SYS [224416 2012-07-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NISx64\1402000.013\SYMNETS.SYS [432800 2012-07-22] (Symantec Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-10-16] (Anchorfree Inc.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-04 20:26 - 2014-01-04 20:26 - 00000000 ____D C:\Program Files (x86)\ESET
2014-01-04 20:24 - 2014-01-04 20:25 - 02347384 _____ (ESET) C:\Users\Sven\Desktop\esetsmartinstaller_enu.exe
2014-01-04 18:08 - 2014-01-04 19:16 - 00000000 ____D C:\Users\Sven\AppData\Local\Temporary Projects
2014-01-04 17:53 - 2014-01-04 17:54 - 00042038 _____ C:\Users\Sven\Desktop\Addition.txt
2014-01-04 17:50 - 2014-01-05 09:35 - 00016603 _____ C:\Users\Sven\Desktop\FRST.txt
2014-01-04 17:49 - 2014-01-04 20:06 - 00000000 ____D C:\FRST
2014-01-04 17:49 - 2014-01-04 17:49 - 01931368 _____ (Farbar) C:\Users\Sven\Downloads\FRST64 (1).exe
2014-01-04 17:48 - 2014-01-04 17:48 - 01931368 _____ (Farbar) C:\Users\Sven\Desktop\FRST64.exe
2014-01-02 20:40 - 2014-01-02 20:40 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-02 20:40 - 2014-01-02 20:40 - 00000000 _____ C:\autoexec.bat
2014-01-02 20:37 - 2014-01-02 22:33 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-02 20:25 - 2014-01-02 20:25 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Sven\Downloads\SpyHunter-Installer.exe
2014-01-02 13:48 - 2014-01-02 13:48 - 00001272 _____ C:\Users\Sven\Desktop\Revo Uninstaller.lnk
2014-01-02 13:48 - 2014-01-02 13:48 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2014-01-02 13:46 - 2014-01-02 13:47 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Sven\Downloads\revosetup95.exe
2014-01-02 09:51 - 2014-01-02 09:51 - 08110300 _____ (Gameforge4D                                                 ) C:\Users\Sven\Downloads\Nicht bestätigt 897926.crdownload
2014-01-01 15:21 - 2014-01-01 15:21 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2014-01-01 15:21 - 2014-01-01 15:21 - 00000000 ____D C:\Program Files (x86)\Overwolf
2014-01-01 15:14 - 2014-01-04 20:06 - 00000000 ____D C:\Users\Sven\AppData\Local\Overwolf
2014-01-01 15:14 - 2014-01-01 16:26 - 00000000 ____D C:\Users\Sven\AppData\Roaming\TS3Client
2014-01-01 15:14 - 2014-01-01 15:14 - 00001174 _____ C:\Users\Sven\Desktop\TeamSpeak 3 Client.lnk
2014-01-01 15:14 - 2014-01-01 15:14 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-01-01 15:14 - 2014-01-01 15:14 - 00000000 ____D C:\Users\Sven\AppData\Local\TeamSpeak 3 Client
2014-01-01 15:09 - 2014-01-01 15:13 - 30095736 _____ (TeamSpeak Systems GmbH) C:\Users\Sven\Downloads\TeamSpeak3-Client-win32-3.0.13.1.exe
2014-01-01 13:03 - 2014-01-01 13:03 - 00001135 _____ C:\Users\Sven\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-01 13:03 - 2014-01-01 13:03 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-01 13:03 - 2014-01-01 13:03 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Malwarebytes
2014-01-01 13:03 - 2014-01-01 13:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-01 13:03 - 2014-01-01 13:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-01 13:03 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-01 13:02 - 2014-01-01 13:03 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Sven\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-01 12:41 - 2014-01-01 12:41 - 01233962 _____ C:\Users\Sven\Desktop\adwcleaner_3.016.exe
2013-12-31 22:43 - 2013-12-31 22:43 - 314662811 _____ C:\Users\Tim\Downloads\Nicht bestätigt 935521.crdownload
2013-12-31 21:45 - 2013-12-31 21:45 - 00177488 _____ C:\Users\Sven\Desktop\㩃䙜卒屔畑牡湡楴敮
2013-12-31 19:27 - 2013-12-31 19:27 - 00001172 _____ C:\Users\Public\Desktop\Camtasia Studio 8.lnk
2013-12-31 19:27 - 2013-12-31 19:27 - 00000000 ____D C:\ProgramData\regid.1995-08.com.techsmith
2013-12-31 19:27 - 2013-12-31 19:27 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-12-31 19:26 - 2013-12-31 19:26 - 00000000 ____D C:\Program Files (x86)\TechSmith
2013-12-31 18:57 - 2014-01-01 09:51 - 00000000 ____D C:\Users\Tim\AppData\Local\genienext
2013-12-31 18:57 - 2013-12-31 18:57 - 00000000 ____D C:\Users\Tim\.android
2013-12-31 18:30 - 2013-12-31 19:17 - 255479656 _____ C:\Users\Tim\Downloads\camtasia.exe
2013-12-30 22:42 - 2013-12-30 22:43 - 00001338 _____ C:\Users\Tim\Desktop\Abmelden.lnk
2013-12-30 21:32 - 2013-12-30 21:32 - 00001242 _____ C:\Users\Tim\Desktop\Paint.lnk
2013-12-30 17:58 - 2014-01-02 21:37 - 00002323 _____ C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2013-12-30 17:58 - 2013-12-30 17:58 - 00002128 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2013-12-30 17:58 - 2013-12-30 17:58 - 00002128 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2013-12-30 17:58 - 2013-12-30 17:58 - 00000000 ___RD C:\Users\Tim\SkyDrive
2013-12-30 17:58 - 2013-12-30 17:58 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive
2013-12-30 17:58 - 2013-12-30 17:58 - 00000000 ____D C:\Program Files (x86)\Microsoft SkyDrive
2013-12-30 17:54 - 2013-12-30 17:54 - 01245168 _____ (Microsoft Corporation) C:\Users\Tim\Downloads\wlsetup-web.exe
2013-12-30 17:54 - 2013-12-30 17:54 - 00000000 ____D C:\Users\Tim\AppData\Local\Windows Live
2013-12-30 17:53 - 2013-12-30 20:51 - 00000000 ____D C:\Users\Tim\Documents\Wondershare Video Editor
2013-12-30 11:32 - 2013-12-30 11:32 - 00000000 ____D C:\ProgramData\Accelesys
2013-12-29 18:28 - 2013-12-29 18:28 - 00000000 ____D C:\ProgramData\Filteligent
2013-12-29 17:22 - 2014-01-02 20:05 - 00000000 ____D C:\Users\Tim\Documents\Fraps
2013-12-23 20:30 - 2013-12-23 20:31 - 00429112 _____ C:\Users\Sven\Downloads\pizzaspleef.zip
2013-12-23 17:35 - 2013-12-23 17:35 - 04324265 _____ C:\Users\Tim\Downloads\Timber.zip
2013-12-22 14:13 - 2013-12-22 14:13 - 01536625 _____ C:\Users\Sven\Downloads\LPG'sRedstoneComputer2.7.zip
2013-12-22 10:09 - 2013-12-22 10:09 - 00007658 _____ C:\Users\Sven\Downloads\Prop16BitSQRTExtschematic.zip
2013-12-22 09:49 - 2014-01-04 19:28 - 00000000 ____D C:\AdwCleaner
2013-12-22 09:49 - 2013-12-22 09:49 - 00000000 ____D C:\Users\Sven\AppData\Local\Packages
2013-12-21 10:57 - 2013-12-21 10:57 - 00000928 _____ C:\Users\Sven\Desktop\Movie2KDownloader.lnk
2013-12-21 10:56 - 2013-12-21 10:56 - 00317712 _____ C:\Users\Sven\Downloads\Eragon_-_Das_Vermächtnis_der_Drachenreiter.exe
2013-12-21 10:39 - 2013-12-21 10:40 - 00000000 ____D C:\ProgramData\Oracle
2013-12-21 10:38 - 2013-12-21 10:38 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-12-21 10:38 - 2013-12-21 10:38 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-12-21 10:38 - 2013-12-21 10:38 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-12-21 10:38 - 2013-12-21 10:38 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-12-21 10:38 - 2013-12-21 10:38 - 00000000 ____D C:\Program Files (x86)\Java
2013-12-21 10:29 - 2013-12-21 10:29 - 00915368 _____ (Oracle Corporation) C:\Users\Sven\Downloads\chromeinstall-7u45.exe
2013-12-20 12:16 - 2013-12-31 10:53 - 00000000 ____D C:\Users\Sven\Desktop\Screenshots
2013-12-19 20:22 - 2012-08-23 15:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-12-19 20:22 - 2012-08-23 15:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-12-19 20:22 - 2012-08-23 15:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2013-12-19 20:22 - 2012-08-23 15:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-12-19 20:22 - 2012-08-23 14:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-12-19 20:22 - 2012-08-23 14:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-12-19 20:22 - 2012-08-23 14:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-12-19 20:22 - 2012-08-23 14:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-12-19 20:22 - 2012-08-23 14:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-12-19 20:22 - 2012-08-23 14:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-12-19 20:22 - 2012-08-23 14:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-12-19 20:22 - 2012-08-23 14:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-12-19 20:22 - 2012-08-23 14:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-12-19 20:22 - 2012-08-23 13:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-12-19 20:22 - 2012-08-23 12:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-12-19 20:22 - 2012-08-23 12:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-12-19 20:22 - 2012-08-23 12:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-12-19 20:22 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2013-12-19 20:22 - 2012-08-23 11:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-12-19 20:22 - 2012-08-23 11:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2013-12-19 20:22 - 2012-08-23 11:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-12-19 20:22 - 2012-08-23 11:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-12-19 20:22 - 2012-08-23 10:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-12-19 20:22 - 2012-08-23 09:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-12-19 20:22 - 2012-08-23 09:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-12-19 20:20 - 2012-05-04 12:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2013-12-19 20:20 - 2012-05-04 10:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2013-12-19 20:04 - 2013-12-20 12:14 - 00000000 ____D C:\Windows\system32\MRT
2013-12-19 16:47 - 2013-12-19 16:47 - 00000000 ____D C:\Users\Mirjam Zanetti\AppData\Local\{6AF54B64-306C-463E-8EDF-4B7EF3D5B122}
2013-12-18 18:49 - 2013-12-18 19:13 - 68259380 _____ (Gameforge4D                                                 ) C:\Users\Tim\Downloads\4Story_DE_4.2.1.exe
2013-12-18 17:14 - 2013-12-18 17:18 - 20861012 _____ C:\Users\Tim\Downloads\world.rar
2013-12-17 19:28 - 2013-12-17 19:28 - 00001210 _____ C:\Users\Public\Desktop\Wondershare Video Editor.lnk
2013-12-16 21:57 - 2013-12-16 21:58 - 00007602 _____ C:\Users\Mirjam Zanetti\AppData\Local\Resmon.ResmonCfg
2013-12-16 21:34 - 2013-12-16 21:34 - 00000000 ____D C:\Users\Mirjam Zanetti\AppData\Local\{2CCAE2D2-DC82-40FF-92F3-E53D3BCEDE46}
2013-12-16 19:04 - 2013-12-16 19:07 - 18632916 _____ C:\Users\Tim\Downloads\DrZharks MoCreatures Mod v6.0.1 (1).zip
2013-12-16 19:04 - 2013-12-16 19:04 - 00007605 _____ C:\Users\Tim\AppData\Local\Resmon.ResmonCfg
2013-12-16 12:32 - 2013-12-16 12:35 - 18611238 _____ C:\Users\Tim\Downloads\DrZharks MoCreatures Mod v5.2.5.zip
2013-12-16 12:29 - 2014-01-04 20:06 - 00000440 ____H C:\Windows\Tasks\SK.Enabler-S-1495795506.job
2013-12-16 12:29 - 2014-01-02 16:28 - 00000000 ____D C:\Program Files (x86)\SK Supporter
2013-12-16 12:29 - 2013-12-16 12:29 - 00002686 _____ C:\Windows\System32\Tasks\SK.Enabler-S-1495795506
2013-12-16 12:27 - 2013-12-16 12:29 - 00000000 ____D C:\ProgramData\InstallMate
2013-12-15 19:52 - 2013-12-15 19:53 - 03053697 _____ C:\Users\Sven\Downloads\2.wmv
2013-12-15 18:56 - 2013-12-15 18:56 - 04253137 _____ C:\Users\Tim\Downloads\Ancient Egyptian Palace v2.1.zip
2013-12-15 18:38 - 2013-12-15 18:38 - 00000000 ____D C:\Users\Tim\AppData\Roaming\ATI
2013-12-15 18:38 - 2013-12-15 18:38 - 00000000 ____D C:\Users\Tim\AppData\Local\ATI
2013-12-15 18:38 - 2013-12-15 18:38 - 00000000 ____D C:\ProgramData\ATI
2013-12-15 18:04 - 2013-12-15 18:04 - 01116281 _____ C:\Users\Tim\Downloads\SPC-1.6.4 (1).jar
2013-12-15 18:02 - 2013-12-15 18:02 - 01116281 _____ C:\Users\Tim\Downloads\SPC-1.6.4.jar
2013-12-14 16:35 - 2013-12-29 19:52 - 00007597 _____ C:\Users\Sven\AppData\Local\Resmon.ResmonCfg
2013-12-14 16:24 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2013-12-14 16:24 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2013-12-14 16:24 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2013-12-14 16:23 - 2013-12-14 16:23 - 00001613 _____ C:\Users\Public\Desktop\Play League of Legends.lnk
2013-12-14 16:23 - 2013-12-14 16:23 - 00000000 ____D C:\Riot Games
2013-12-14 16:20 - 2013-12-14 16:24 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Riot Games
2013-12-14 16:14 - 2013-12-14 16:20 - 34888568 _____ (Riot Games) C:\Users\Sven\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2013-12-14 12:38 - 2013-12-14 12:39 - 05511142 _____ C:\Users\Sven\Downloads\32x v6.1 (1.7.2) RuneScape Pack.zip
2013-12-14 07:51 - 2013-12-17 12:20 - 00002204 _____ C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pixsta.lnk
2013-12-13 18:56 - 2013-12-13 18:56 - 00001022 _____ C:\Users\Sven\Downloads\multiplizierer.schematic
2013-12-13 09:32 - 2013-12-13 21:33 - 00000000 ____D C:\Users\Mirjam Zanetti\AppData\Local\{8F431B6C-2062-46B8-B6B1-8309D3A1FDD8}
2013-12-12 19:17 - 2013-12-12 19:17 - 00088799 _____ C:\Users\Sven\Downloads\Nicht bestätigt 116101.crdownload
2013-12-12 17:14 - 2013-12-12 17:14 - 00000000 ____D C:\Users\Mirjam Zanetti\AppData\Local\{0BECB8D7-AAF7-437F-A7B0-8D241ED39115}
2013-12-12 12:43 - 2013-12-12 12:43 - 00830980 _____ C:\Users\Tim\Downloads\shaderpacks.rar
2013-12-12 12:35 - 2013-12-12 12:36 - 00171802 _____ C:\Users\Tim\Downloads\ShadersModCore-mc1.6.2-f789-v2.0.0-pre1.jar
2013-12-12 03:05 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-12 03:05 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-12 03:05 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-12 03:05 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-12 03:03 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 03:03 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 03:03 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 03:03 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-12 03:03 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 03:03 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 03:03 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 03:03 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 03:03 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 03:03 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-12 03:03 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 03:03 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 03:03 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 03:03 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 03:03 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 03:03 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-12 03:03 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-12 03:03 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 03:03 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-12 03:03 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-12 03:03 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-12 03:03 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 03:03 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 03:03 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-12 03:03 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-12 03:03 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 03:03 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 03:03 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 03:03 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-12 03:03 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-12 03:03 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 19:35 - 2013-12-11 19:35 - 00643268 _____ C:\Users\Sven\Downloads\7-Bit-Rechner (Binär) (1).zip
2013-12-11 17:59 - 2013-12-11 18:05 - 01673263 _____ C:\Users\Tim\Downloads\GuiAPI-0.15.7-1.6.2.jar
2013-12-11 17:57 - 2013-12-11 17:57 - 00017595 _____ C:\Users\Tim\Downloads\CustomMobSpawner 2.3.1.zip
2013-12-11 17:55 - 2013-12-11 17:59 - 18632916 _____ C:\Users\Tim\Downloads\DrZharks MoCreatures Mod v6.0.1.zip
2013-12-11 17:37 - 2013-12-11 17:38 - 02243170 _____ C:\Users\Tim\Downloads\Animal Bikes 1.6.4 (2).zip
2013-12-11 17:31 - 2013-12-11 17:31 - 02243170 _____ C:\Users\Tim\Downloads\Animal Bikes 1.6.4 (1).zip
2013-12-11 17:27 - 2013-12-11 17:28 - 02243170 _____ C:\Users\Tim\Downloads\Animal Bikes 1.6.4.zip
2013-12-11 17:16 - 2013-12-11 17:16 - 00421267 _____ C:\Users\Tim\Downloads\OptiFine 1.6.4.jar
2013-12-11 15:20 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-11 15:20 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 15:20 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 15:20 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 15:20 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 15:20 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 15:20 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 15:18 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 15:18 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-11 15:18 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 15:18 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 15:18 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 15:18 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 15:18 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 15:18 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 15:18 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 15:18 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 15:18 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 15:18 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-11 12:43 - 2013-12-11 12:44 - 00675988 _____ C:\Users\Tim\Downloads\Minecraft (1).exe
2013-12-11 12:35 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-12-11 12:20 - 2013-12-11 12:20 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-11 12:20 - 2013-12-11 12:20 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-11 12:20 - 2013-12-11 12:20 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-11 12:20 - 2013-12-11 12:20 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-11 12:20 - 2013-12-11 12:20 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-11 12:20 - 2013-12-11 12:20 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-11 12:20 - 2013-12-11 12:20 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-11 12:17 - 2013-12-11 12:35 - 00014978 _____ C:\Windows\IE11_main.log
2013-12-10 19:25 - 2013-12-10 19:26 - 01032430 _____ C:\Users\Sven\Downloads\BESV4.zip
2013-12-10 17:35 - 2005-09-23 12:52 - 01007853 _____ (Macromedia, Inc.) C:\Users\Tim\Desktop\logisch5.exe
2013-12-08 19:10 - 2013-12-08 19:10 - 00451656 _____ C:\Users\Sven\Downloads\TASCHENRECHNER-.zip
2013-12-07 10:05 - 2013-12-07 10:05 - 00009647 _____ C:\Users\Sven\Downloads\setblockstructure.py
2013-12-07 10:05 - 2013-12-07 10:05 - 00009647 _____ C:\Users\Sven\Downloads\setblockstructure (1).py
2013-12-07 09:12 - 2013-12-07 09:12 - 00000676 _____ C:\Users\Sven\Downloads\display_pancave.schematic
2013-12-07 07:48 - 2013-12-07 07:48 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-12-06 21:34 - 2013-12-06 21:34 - 00006561 _____ C:\Users\Sven\Downloads\Binary to bcd decoder.zip
2013-12-06 21:04 - 2013-12-06 21:05 - 00662990 _____ C:\Users\Sven\Downloads\8 bit and 16 bit decoders.rar

==================== One Month Modified Files and Folders =======

2014-01-05 09:35 - 2014-01-04 17:50 - 00016603 _____ C:\Users\Sven\Desktop\FRST.txt
2014-01-05 09:04 - 2013-07-10 17:46 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce7d8cf6a6f313.job
2014-01-05 07:57 - 2013-12-02 19:57 - 00000380 _____ C:\Windows\Tasks\SLOW-PCfighter64-Tim-Notification.job
2014-01-05 04:53 - 2012-06-29 11:21 - 02053573 _____ C:\Windows\WindowsUpdate.log
2014-01-04 21:04 - 2013-05-03 16:00 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce480efe481209.job
2014-01-04 20:26 - 2014-01-04 20:26 - 00000000 ____D C:\Program Files (x86)\ESET
2014-01-04 20:25 - 2014-01-04 20:24 - 02347384 _____ (ESET) C:\Users\Sven\Desktop\esetsmartinstaller_enu.exe
2014-01-04 20:23 - 2012-12-21 12:42 - 00000000 ____D C:\Users\Sven\AppData\Local\CrashDumps
2014-01-04 20:13 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-04 20:13 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-04 20:12 - 2012-06-24 19:13 - 00742794 _____ C:\Windows\system32\perfh010.dat
2014-01-04 20:12 - 2012-06-24 19:13 - 00152352 _____ C:\Windows\system32\perfc010.dat
2014-01-04 20:12 - 2012-06-24 19:06 - 00748104 _____ C:\Windows\system32\perfh00C.dat
2014-01-04 20:12 - 2012-06-24 19:06 - 00154994 _____ C:\Windows\system32\perfc00C.dat
2014-01-04 20:12 - 2012-06-24 18:58 - 00710502 _____ C:\Windows\system32\perfh007.dat
2014-01-04 20:12 - 2012-06-24 18:58 - 00154832 _____ C:\Windows\system32\perfc007.dat
2014-01-04 20:12 - 2009-07-14 06:13 - 03450390 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-04 20:09 - 2013-01-09 14:28 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Skype
2014-01-04 20:06 - 2014-01-04 17:49 - 00000000 ____D C:\FRST
2014-01-04 20:06 - 2014-01-01 15:14 - 00000000 ____D C:\Users\Sven\AppData\Local\Overwolf
2014-01-04 20:06 - 2013-12-16 12:29 - 00000440 ____H C:\Windows\Tasks\SK.Enabler-S-1495795506.job
2014-01-04 20:06 - 2013-12-02 19:57 - 00000378 _____ C:\Windows\Tasks\SLOW-PCfighter64-Tim-Startup.job
2014-01-04 20:06 - 2013-03-03 19:30 - 00000000 ____D C:\Users\Sven\AppData\Local\LogMeIn Hamachi
2014-01-04 20:05 - 2010-11-21 04:47 - 00589724 _____ C:\Windows\PFRO.log
2014-01-04 20:05 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-04 20:05 - 2009-07-14 05:51 - 00080980 _____ C:\Windows\setupact.log
2014-01-04 20:04 - 2013-12-02 20:04 - 00000000 ____D C:\Users\Tim\AppData\Local\CRE
2014-01-04 20:04 - 2012-12-02 20:28 - 00000000 ____D C:\Users\Tim
2014-01-04 20:04 - 2012-12-01 10:20 - 00000000 ____D C:\Users\Sven
2014-01-04 20:04 - 2012-11-07 10:27 - 00000000 ____D C:\Users\Mirjam Zanetti
2014-01-04 19:28 - 2013-12-22 09:49 - 00000000 ____D C:\AdwCleaner
2014-01-04 19:16 - 2014-01-04 18:08 - 00000000 ____D C:\Users\Sven\AppData\Local\Temporary Projects
2014-01-04 17:54 - 2014-01-04 17:53 - 00042038 _____ C:\Users\Sven\Desktop\Addition.txt
2014-01-04 17:49 - 2014-01-04 17:49 - 01931368 _____ (Farbar) C:\Users\Sven\Downloads\FRST64 (1).exe
2014-01-04 17:48 - 2014-01-04 17:48 - 01931368 _____ (Farbar) C:\Users\Sven\Desktop\FRST64.exe
2014-01-04 09:22 - 2013-02-28 22:35 - 00000000 ____D C:\Users\Mirjam Zanetti\AppData\Local\LogMeIn Hamachi
2014-01-03 21:48 - 2012-12-29 17:45 - 00000000 ____D C:\Users\Tim\AppData\Roaming\Skype
2014-01-03 21:32 - 2013-03-01 11:41 - 00000000 ____D C:\Users\Tim\AppData\Local\LogMeIn Hamachi
2014-01-02 22:33 - 2014-01-02 20:37 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-02 21:37 - 2013-12-30 17:58 - 00002323 _____ C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-01-02 20:40 - 2014-01-02 20:40 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-02 20:40 - 2014-01-02 20:40 - 00000000 _____ C:\autoexec.bat
2014-01-02 20:25 - 2014-01-02 20:25 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Sven\Downloads\SpyHunter-Installer.exe
2014-01-02 20:05 - 2013-12-29 17:22 - 00000000 ____D C:\Users\Tim\Documents\Fraps
2014-01-02 19:13 - 2013-08-27 11:11 - 00000000 ____D C:\Users\Tim\Documents\Camtasia Studio
2014-01-02 19:11 - 2013-09-19 10:55 - 00000000 ____D C:\Users\Tim\AppData\Roaming\.minecraft
2014-01-02 16:28 - 2013-12-16 12:29 - 00000000 ____D C:\Program Files (x86)\SK Supporter
2014-01-02 13:48 - 2014-01-02 13:48 - 00001272 _____ C:\Users\Sven\Desktop\Revo Uninstaller.lnk
2014-01-02 13:48 - 2014-01-02 13:48 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2014-01-02 13:47 - 2014-01-02 13:46 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Sven\Downloads\revosetup95.exe
2014-01-02 10:29 - 2012-12-06 13:09 - 00000000 ____D C:\Users\Sven\Documents\Visual Studio 2010
2014-01-02 09:51 - 2014-01-02 09:51 - 08110300 _____ (Gameforge4D                                                 ) C:\Users\Sven\Downloads\Nicht bestätigt 897926.crdownload
2014-01-01 16:26 - 2014-01-01 15:14 - 00000000 ____D C:\Users\Sven\AppData\Roaming\TS3Client
2014-01-01 15:21 - 2014-01-01 15:21 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2014-01-01 15:21 - 2014-01-01 15:21 - 00000000 ____D C:\Program Files (x86)\Overwolf
2014-01-01 15:14 - 2014-01-01 15:14 - 00001174 _____ C:\Users\Sven\Desktop\TeamSpeak 3 Client.lnk
2014-01-01 15:14 - 2014-01-01 15:14 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-01-01 15:14 - 2014-01-01 15:14 - 00000000 ____D C:\Users\Sven\AppData\Local\TeamSpeak 3 Client
2014-01-01 15:13 - 2014-01-01 15:09 - 30095736 _____ (TeamSpeak Systems GmbH) C:\Users\Sven\Downloads\TeamSpeak3-Client-win32-3.0.13.1.exe
2014-01-01 13:24 - 2013-12-02 20:20 - 00000000 ____D C:\Support
2014-01-01 13:24 - 2013-03-06 19:16 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2014-01-01 13:22 - 2013-12-02 20:20 - 00000000 ____D C:\Program Files (x86)\PSupport
2014-01-01 13:03 - 2014-01-01 13:03 - 00001135 _____ C:\Users\Sven\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-01 13:03 - 2014-01-01 13:03 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-01 13:03 - 2014-01-01 13:03 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Malwarebytes
2014-01-01 13:03 - 2014-01-01 13:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-01 13:03 - 2014-01-01 13:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-01 13:03 - 2014-01-01 13:02 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Sven\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-01 12:51 - 2013-12-02 20:20 - 00000000 ____D C:\ProgramData\4c56cbda1eea8c4f
2014-01-01 12:50 - 2012-03-23 00:18 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2014-01-01 12:45 - 2013-01-18 12:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-01 12:41 - 2014-01-01 12:41 - 01233962 _____ C:\Users\Sven\Desktop\adwcleaner_3.016.exe
2014-01-01 10:20 - 2013-03-06 19:16 - 00000000 ____D C:\Users\Tim\AppData\Local\PMB Files
2014-01-01 09:53 - 2013-03-15 11:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-01 09:51 - 2013-12-31 18:57 - 00000000 ____D C:\Users\Tim\AppData\Local\genienext
2013-12-31 22:43 - 2013-12-31 22:43 - 314662811 _____ C:\Users\Tim\Downloads\Nicht bestätigt 935521.crdownload
2013-12-31 21:45 - 2013-12-31 21:45 - 00177488 _____ C:\Users\Sven\Desktop\㩃䙜卒屔畑牡湡楴敮
2013-12-31 19:27 - 2013-12-31 19:27 - 00001172 _____ C:\Users\Public\Desktop\Camtasia Studio 8.lnk
2013-12-31 19:27 - 2013-12-31 19:27 - 00000000 ____D C:\ProgramData\regid.1995-08.com.techsmith
2013-12-31 19:27 - 2013-12-31 19:27 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-12-31 19:26 - 2013-12-31 19:26 - 00000000 ____D C:\Program Files (x86)\TechSmith
2013-12-31 19:17 - 2013-12-31 18:30 - 255479656 _____ C:\Users\Tim\Downloads\camtasia.exe
2013-12-31 18:57 - 2013-12-31 18:57 - 00000000 ____D C:\Users\Tim\.android
2013-12-31 10:53 - 2013-12-20 12:16 - 00000000 ____D C:\Users\Sven\Desktop\Screenshots
2013-12-31 10:36 - 2013-08-21 19:06 - 00000000 ____D C:\Users\Sven\AppData\Roaming\.minecraft
2013-12-30 22:43 - 2013-12-30 22:42 - 00001338 _____ C:\Users\Tim\Desktop\Abmelden.lnk
2013-12-30 21:32 - 2013-12-30 21:32 - 00001242 _____ C:\Users\Tim\Desktop\Paint.lnk
2013-12-30 20:51 - 2013-12-30 17:53 - 00000000 ____D C:\Users\Tim\Documents\Wondershare Video Editor
2013-12-30 17:58 - 2013-12-30 17:58 - 00002128 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2013-12-30 17:58 - 2013-12-30 17:58 - 00002128 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2013-12-30 17:58 - 2013-12-30 17:58 - 00000000 ___RD C:\Users\Tim\SkyDrive
2013-12-30 17:58 - 2013-12-30 17:58 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive
2013-12-30 17:58 - 2013-12-30 17:58 - 00000000 ____D C:\Program Files (x86)\Microsoft SkyDrive
2013-12-30 17:54 - 2013-12-30 17:54 - 01245168 _____ (Microsoft Corporation) C:\Users\Tim\Downloads\wlsetup-web.exe
2013-12-30 17:54 - 2013-12-30 17:54 - 00000000 ____D C:\Users\Tim\AppData\Local\Windows Live
2013-12-30 11:32 - 2013-12-30 11:32 - 00000000 ____D C:\ProgramData\Accelesys
2013-12-29 19:52 - 2013-12-14 16:35 - 00007597 _____ C:\Users\Sven\AppData\Local\Resmon.ResmonCfg
2013-12-29 18:28 - 2013-12-29 18:28 - 00000000 ____D C:\ProgramData\Filteligent
2013-12-23 20:31 - 2013-12-23 20:30 - 00429112 _____ C:\Users\Sven\Downloads\pizzaspleef.zip
2013-12-23 17:35 - 2013-12-23 17:35 - 04324265 _____ C:\Users\Tim\Downloads\Timber.zip
2013-12-22 14:13 - 2013-12-22 14:13 - 01536625 _____ C:\Users\Sven\Downloads\LPG'sRedstoneComputer2.7.zip
2013-12-22 10:10 - 2013-10-28 18:58 - 11649935 _____ C:\Users\Sven\Desktop\MCEdit_dev-0.1.8build665.win-amd64.zip
2013-12-22 10:09 - 2013-12-22 10:09 - 00007658 _____ C:\Users\Sven\Downloads\Prop16BitSQRTExtschematic.zip
2013-12-22 10:00 - 2012-12-02 18:55 - 00001424 _____ C:\Users\Sven\Desktop\Google Chrome.lnk
2013-12-22 09:57 - 2013-01-18 12:02 - 00001057 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-22 09:57 - 2012-12-01 10:20 - 00000997 _____ C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-22 09:49 - 2013-12-22 09:49 - 00000000 ____D C:\Users\Sven\AppData\Local\Packages
2013-12-22 08:48 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-12-21 11:02 - 2011-06-11 01:58 - 00420944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2013-12-21 10:57 - 2013-12-21 10:57 - 00000928 _____ C:\Users\Sven\Desktop\Movie2KDownloader.lnk
2013-12-21 10:56 - 2013-12-21 10:56 - 00317712 _____ C:\Users\Sven\Downloads\Eragon_-_Das_Vermächtnis_der_Drachenreiter.exe
2013-12-21 10:40 - 2013-12-21 10:39 - 00000000 ____D C:\ProgramData\Oracle
2013-12-21 10:38 - 2013-12-21 10:38 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-12-21 10:38 - 2013-12-21 10:38 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-12-21 10:38 - 2013-12-21 10:38 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-12-21 10:38 - 2013-12-21 10:38 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-12-21 10:38 - 2013-12-21 10:38 - 00000000 ____D C:\Program Files (x86)\Java
2013-12-21 10:29 - 2013-12-21 10:29 - 00915368 _____ (Oracle Corporation) C:\Users\Sven\Downloads\chromeinstall-7u45.exe
2013-12-21 07:45 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-20 12:20 - 2013-10-14 11:42 - 00000000 ____D C:\Users\Sven\Desktop\Movies
2013-12-20 12:14 - 2013-12-19 20:04 - 00000000 ____D C:\Windows\system32\MRT
2013-12-20 12:13 - 2013-12-05 17:54 - 00002060 _____ C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2013-12-19 20:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-19 20:10 - 2012-06-29 11:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-12-19 18:43 - 2013-01-28 20:28 - 00000000 ____D C:\Users\Mirjam Zanetti\AppData\Local\CrashDumps
2013-12-19 16:47 - 2013-12-19 16:47 - 00000000 ____D C:\Users\Mirjam Zanetti\AppData\Local\{6AF54B64-306C-463E-8EDF-4B7EF3D5B122}
2013-12-19 16:46 - 2013-03-30 15:36 - 00000000 ____D C:\Users\Mirjam Zanetti\Tracing
2013-12-19 16:46 - 2013-02-08 12:57 - 00109680 _____ C:\Users\Mirjam Zanetti\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-18 19:13 - 2013-12-18 18:49 - 68259380 _____ (Gameforge4D                                                 ) C:\Users\Tim\Downloads\4Story_DE_4.2.1.exe
2013-12-18 17:18 - 2013-12-18 17:14 - 20861012 _____ C:\Users\Tim\Downloads\world.rar
2013-12-18 17:05 - 2013-11-08 15:54 - 00000000 ____D C:\Users\Tim\AppData\Local\VNT
2013-12-18 17:05 - 2012-12-03 11:46 - 00109680 _____ C:\Users\Tim\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-18 13:48 - 2009-07-14 05:45 - 00415048 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-17 19:28 - 2013-12-17 19:28 - 00001210 _____ C:\Users\Public\Desktop\Wondershare Video Editor.lnk
2013-12-17 19:28 - 2012-12-02 18:53 - 00109680 _____ C:\Users\Sven\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-17 12:20 - 2013-12-14 07:51 - 00002204 _____ C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pixsta.lnk
2013-12-16 21:58 - 2013-12-16 21:57 - 00007602 _____ C:\Users\Mirjam Zanetti\AppData\Local\Resmon.ResmonCfg
2013-12-16 21:34 - 2013-12-16 21:34 - 00000000 ____D C:\Users\Mirjam Zanetti\AppData\Local\{2CCAE2D2-DC82-40FF-92F3-E53D3BCEDE46}
2013-12-16 19:07 - 2013-12-16 19:04 - 18632916 _____ C:\Users\Tim\Downloads\DrZharks MoCreatures Mod v6.0.1 (1).zip
2013-12-16 19:04 - 2013-12-16 19:04 - 00007605 _____ C:\Users\Tim\AppData\Local\Resmon.ResmonCfg
2013-12-16 12:35 - 2013-12-16 12:32 - 18611238 _____ C:\Users\Tim\Downloads\DrZharks MoCreatures Mod v5.2.5.zip
2013-12-16 12:29 - 2013-12-16 12:29 - 00002686 _____ C:\Windows\System32\Tasks\SK.Enabler-S-1495795506
2013-12-16 12:29 - 2013-12-16 12:27 - 00000000 ____D C:\ProgramData\InstallMate
2013-12-15 19:53 - 2013-12-15 19:52 - 03053697 _____ C:\Users\Sven\Downloads\2.wmv
2013-12-15 18:56 - 2013-12-15 18:56 - 04253137 _____ C:\Users\Tim\Downloads\Ancient Egyptian Palace v2.1.zip
2013-12-15 18:38 - 2013-12-15 18:38 - 00000000 ____D C:\Users\Tim\AppData\Roaming\ATI
2013-12-15 18:38 - 2013-12-15 18:38 - 00000000 ____D C:\Users\Tim\AppData\Local\ATI
2013-12-15 18:38 - 2013-12-15 18:38 - 00000000 ____D C:\ProgramData\ATI
2013-12-15 18:04 - 2013-12-15 18:04 - 01116281 _____ C:\Users\Tim\Downloads\SPC-1.6.4 (1).jar
2013-12-15 18:02 - 2013-12-15 18:02 - 01116281 _____ C:\Users\Tim\Downloads\SPC-1.6.4.jar
2013-12-14 16:24 - 2013-12-14 16:20 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Riot Games
2013-12-14 16:23 - 2013-12-14 16:23 - 00001613 _____ C:\Users\Public\Desktop\Play League of Legends.lnk
2013-12-14 16:23 - 2013-12-14 16:23 - 00000000 ____D C:\Riot Games
2013-12-14 16:23 - 2012-12-25 12:47 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2013-12-14 16:20 - 2013-12-14 16:14 - 34888568 _____ (Riot Games) C:\Users\Sven\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2013-12-14 12:39 - 2013-12-14 12:38 - 05511142 _____ C:\Users\Sven\Downloads\32x v6.1 (1.7.2) RuneScape Pack.zip
2013-12-13 21:33 - 2013-12-13 09:32 - 00000000 ____D C:\Users\Mirjam Zanetti\AppData\Local\{8F431B6C-2062-46B8-B6B1-8309D3A1FDD8}
2013-12-13 18:56 - 2013-12-13 18:56 - 00001022 _____ C:\Users\Sven\Downloads\multiplizierer.schematic
2013-12-13 17:56 - 2012-12-02 20:28 - 00000680 __RSH C:\Users\Tim\ntuser.pol
2013-12-13 17:56 - 2012-12-01 10:20 - 00001326 __RSH C:\Users\Sven\ntuser.pol
2013-12-13 17:56 - 2012-12-01 10:05 - 00000680 __RSH C:\Users\Mirjam Zanetti\ntuser.pol
2013-12-12 19:17 - 2013-12-12 19:17 - 00088799 _____ C:\Users\Sven\Downloads\Nicht bestätigt 116101.crdownload
2013-12-12 17:14 - 2013-12-12 17:14 - 00000000 ____D C:\Users\Mirjam Zanetti\AppData\Local\{0BECB8D7-AAF7-437F-A7B0-8D241ED39115}
2013-12-12 17:13 - 2012-11-07 10:30 - 00001429 _____ C:\Users\Mirjam Zanetti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-12 12:43 - 2013-12-12 12:43 - 00830980 _____ C:\Users\Tim\Downloads\shaderpacks.rar
2013-12-12 12:36 - 2013-12-12 12:35 - 00171802 _____ C:\Users\Tim\Downloads\ShadersModCore-mc1.6.2-f789-v2.0.0-pre1.jar
2013-12-12 03:04 - 2013-01-24 19:36 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-11 19:35 - 2013-12-11 19:35 - 00643268 _____ C:\Users\Sven\Downloads\7-Bit-Rechner (Binär) (1).zip
2013-12-11 18:05 - 2013-12-11 17:59 - 01673263 _____ C:\Users\Tim\Downloads\GuiAPI-0.15.7-1.6.2.jar
2013-12-11 17:59 - 2013-12-11 17:55 - 18632916 _____ C:\Users\Tim\Downloads\DrZharks MoCreatures Mod v6.0.1.zip
2013-12-11 17:57 - 2013-12-11 17:57 - 00017595 _____ C:\Users\Tim\Downloads\CustomMobSpawner 2.3.1.zip
2013-12-11 17:38 - 2013-12-11 17:37 - 02243170 _____ C:\Users\Tim\Downloads\Animal Bikes 1.6.4 (2).zip
2013-12-11 17:31 - 2013-12-11 17:31 - 02243170 _____ C:\Users\Tim\Downloads\Animal Bikes 1.6.4 (1).zip
2013-12-11 17:28 - 2013-12-11 17:27 - 02243170 _____ C:\Users\Tim\Downloads\Animal Bikes 1.6.4.zip
2013-12-11 17:16 - 2013-12-11 17:16 - 00421267 _____ C:\Users\Tim\Downloads\OptiFine 1.6.4.jar
2013-12-11 13:17 - 2012-12-02 20:28 - 00001429 _____ C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-11 12:44 - 2013-12-11 12:43 - 00675988 _____ C:\Users\Tim\Downloads\Minecraft (1).exe
2013-12-11 12:39 - 2012-12-02 20:30 - 00000000 ____D C:\Users\Tim\AppData\Local\Google
2013-12-11 12:35 - 2013-12-11 12:17 - 00014978 _____ C:\Windows\IE11_main.log
2013-12-11 12:20 - 2013-12-11 12:20 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-11 12:20 - 2013-12-11 12:20 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-11 12:20 - 2013-12-11 12:20 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-11 12:20 - 2013-12-11 12:20 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-11 12:20 - 2013-12-11 12:20 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-11 12:20 - 2013-12-11 12:20 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-11 12:20 - 2013-12-11 12:20 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-11 12:20 - 2013-12-11 12:20 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-11 12:20 - 2013-12-11 12:20 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-10 19:26 - 2013-12-10 19:25 - 01032430 _____ C:\Users\Sven\Downloads\BESV4.zip
2013-12-08 19:10 - 2013-12-08 19:10 - 00451656 _____ C:\Users\Sven\Downloads\TASCHENRECHNER-.zip
2013-12-07 10:05 - 2013-12-07 10:05 - 00009647 _____ C:\Users\Sven\Downloads\setblockstructure.py
2013-12-07 10:05 - 2013-12-07 10:05 - 00009647 _____ C:\Users\Sven\Downloads\setblockstructure (1).py
2013-12-07 09:12 - 2013-12-07 09:12 - 00000676 _____ C:\Users\Sven\Downloads\display_pancave.schematic
2013-12-07 08:45 - 2013-11-14 19:39 - 00001338 _____ C:\Users\Sven\Desktop\shutdown.lnk
2013-12-07 07:48 - 2013-12-07 07:48 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-12-07 07:47 - 2013-12-05 17:47 - 00580753 _____ C:\Users\Tim\Desktop\SkinEdit_alpha3_pre7_fix.zip
2013-12-06 21:34 - 2013-12-06 21:34 - 00006561 _____ C:\Users\Sven\Downloads\Binary to bcd decoder.zip
2013-12-06 21:05 - 2013-12-06 21:04 - 00662990 _____ C:\Users\Sven\Downloads\8 bit and 16 bit decoders.rar
2013-12-06 18:31 - 2013-10-15 10:14 - 00000000 ____D C:\Users\Sven\Desktop\Benchmarks
2013-12-06 16:31 - 2012-12-02 20:32 - 00000000 ____D C:\Users\Tim\Desktop\.minecraft

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.3080.dll


Some content of TEMP:
====================
C:\Users\Mirjam Zanetti\AppData\Local\Temp\propsys.dll
C:\Users\Mirjam Zanetti\AppData\Local\Temp\Sqlite3.dll
C:\Users\Sven\AppData\Local\Temp\htmlayout.dll
C:\Users\Sven\AppData\Local\Temp\ifxuec0f.dll
C:\Users\Sven\AppData\Local\Temp\upibbv2d.dll
C:\Users\Sven\AppData\Local\Temp\w23ptpgn.dll
C:\Users\Tim\AppData\Local\Temp\swt-win32-3740.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-03-25 08:03

==================== End Of Log ============================
--- --- ---

--- --- ---


Achja, soweit ich das gerade sehe, sind die Links verschwunden. Hab auf jeden Fall auf den letzten 10 Seiten, die ich besucht habe, keine mehr gesehen ^^
Geändert von Terrenay (05.01.2014 um 09:43 Uhr)

Alt 05.01.2014, 13:24   #11
aharonov
/// TB-Ausbilder
 
SafeSaver lässt sich nicht entfernen - Standard

SafeSaver lässt sich nicht entfernen


Ok, diese Funde sind nicht mehr wild.


Schritt 1

Drücke die + R Taste und schreibe "notepad" in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument:
Code:
ATTFilter
HKU\Tim\...\Run: [SearchProtect] - C:\Users\Tim\AppData\Roaming\SearchProtect\bin\cltmng.exe
HKU\Tim\...\Run: [BackgroundContainer] - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Tim\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION
2014-01-02 20:37 - 2014-01-02 22:33 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-02 20:25 - 2014-01-02 20:25 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Sven\Downloads\SpyHunter-Installer.exe
C:\Users\Mirjam Zanetti\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcajmpbpihocicjjhcoohpdilegoocnm
C:\Users\Mirjam Zanetti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ealchnonpofjocgofjpopjdoegbbkofj
C:\Users\Mirjam Zanetti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lcajmpbpihocicjjhcoohpdilegoocnm
C:\Users\Sven\AppData\Local\Chromium\User Data\Default\Extensions\ealchnonpofjocgofjpopjdoegbbkofj
C:\Users\Mirjam Zanetti\Downloads\Rio (1).exe
C:\Users\Mirjam Zanetti\Downloads\Rio.exe
C:\Users\Sven\Downloads\first4second.exe
Speichere dieses dann bitte unter dem Dateinamen Fixlist.txt ebenfalls auf deinen Desktop neben FRST.
  • Starte nun FRST und klicke den Fix Button.
  • Ich brauch kein Log mehr davon.



Schritt 2

Lade dir TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
  • Öffne die TFC.exe.
    Vista und Win 7 User mit Rechtsklick "als Administrator starten".
  • Schließe alle anderen Programme.
  • Drücke auf den Button Start.
  • Falls du zu einem Neustart aufgefordert wirst, bestätige diesen.




Schritt 3

Du hast unter anderem eine veraltete Java-Version installiert. Ältere Versionen enthalten Sicherheitslücken, die von Malware zur Infizierung per Drive-by Download missbraucht werden können.

Die aktuelle Version ist Java 7 Update 45.
  • Gehe zu
    Start --> Systemsteuerung --> Programme und Funktionen (bei Vista / Win 7)
    Start --> Systemsteuerung --> Software (bei Win XP)
    und deinstalliere alle älteren Java-Versionen.



Schritt 4

Die Version deines Adobe PDF Readers ist veraltet, wir müssen ihn updaten:
  • Deinstalliere bitte deine aktuelle Version von Adobe Reader über
    Start --> Systemsteuerung --> Software (bei Windows XP)
    Start --> Systemsteuerung --> Programme und Funktionen (bei Vista / Windows 7)
  • Besuche diese Seite von Adobe.
  • Entferne gegebenenfalls den Haken bei McAfee Security Scan bzw. Google Chrome.
  • Drücke auf Jetzt herunterladen und installiere die neuste Version.



Schritt 5

Dein Firefox ist nicht mehr aktuell.
Starte deinen Firefox als Administrator, klicke Hilfe --> Über Firefox und führe das angebotene Update durch.
Wiederhole diesen Schritt, bis Firefox als aktuell angezeigt wird.



Schritt 6

Dein Flashplayer ist veraltet. Installiere folgendermassen die aktuelle Version:
  • Besuche diese Seite von Adobe.
  • Entferne gegebenenfalls den Haken bei McAfee Security Scan bzw. Google Chrome.
  • Drücke auf Jetzt herunterladen und installiere die neuste Version.

Überprüfe dann mit diesem Plugin-Check (mit dem Firefox hier), ob nun alle deine verwendeten Versionen aktuell sind und update sie anderenfalls.



Cleanup

Zum Schluss werden wir jetzt noch unsere Tools (inklusive der Quarantäne-Ordner) wegräumen, die verseuchten Systemwiederherstellungspunkte löschen und alle Einstellungen wieder herrichten. Auch diese Schritte sind noch wichtig und sollten in der angegebenen Reihenfolge ausgeführt werden.
  1. Bei MBAM würd ich dir unbedingt empfehlen, es zu behalten und wöchentlich einen Quick-Scan durchzuführen. Wenn du es nicht weiter verwenden möchtest, kannst du es jetzt normal über die Systemsteuerung deinstallieren.
  2. Auch den ESET Online Scanner kannst du behalten, um ab und zu (monatlich) für eine Zweitmeinung dein System damit zu scannen. Falls du ESET deinstallieren möchtest, dann kannst du das ebenfalls über die Systemsteuerung tun.
  3. Downloade dir bitte auf jeden Fall DelFix auf deinen Desktop.
    • Schliesse alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • DelFix entfernt u.a. alle von uns verwendeten Programme und löscht sich anschliessend selbst.
  4. Wenn jetzt noch etwas übriggeblieben ist, dann kannst du es einfach manuell löschen.




>> OK <<
Wir sind durch, deine Logs sehen für mich im Moment sauber aus.

Ich habe dir nachfolgend ein paar Hinweise und Tipps zusammengestellt, die dazu beitragen sollen, dass du in Zukunft unsere Hilfe nicht mehr brauchen wirst.

Bitte gib mir danach noch eine kurze Rückmeldung, wenn auch von deiner Seite keine Probleme oder Fragen mehr offen sind, damit ich dieses Thema als erledigt betrachten kann.




Epilog: Tipps, Dos & Don'ts

Aktualität von System und Software

Das Betriebsystem Windows muss zwingend immer auf dem neusten Stand sein. Stelle sicher, dass die automatischen Updates aktiviert sind:
  • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
  • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren

Auch die installierte Software sollte immer in der aktuellsten Version vorliegen.
Speziell gilt das für den Browser, Java, Flash-Player und PDF-Reader, denn bekannte Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim blossen Besuch einer präparierten Website per Drive-by Download Malware zu installieren. Das kann sogar auf normalerweise legitimen Websites geschehen, wenn es einem Angreifer gelungen ist, seinen Code in die Seite einzuschleusen, und ist deshalb relativ unberechenbar.
  • Mit diesem kleinen Plugin-Check kannst du regelmässig diese Komponenten auf deren Aktualität überprüfen.
  • Achte auch darauf, dass alte, nicht mehr verwendete Versionen deinstalliert sind.
  • Optional: Das Programm Secunia Personal Software Inspector kann dich dabei unterstützen, stets die aktuellen Versionen sämtlicher installierter Software zu nutzen.

Sicherheits-Software

Eine Bemerkung vorneweg: Jede Softwarelösung hat ihre Schwächen. Die gesamte Verantwortung für die Sicherheit auf Software zu übertragen und einen Rundum-Schutz zu erwarten, wäre eine gefährliche Illusion. Bei unbedachtem oder bewusst risikoreichem Verhalten wird auch das beste Programm früher oder später seinen Dienst versagen (z.B. ein Virenscanner, der eine verseuchte Datei nicht erkennt).
Trotzdem ist entsprechende Software natürlich wichtig und hilft dir in Kombination mit einem gut gewarteten (up-to-date) System und durchdachtem Verhalten, deinen Rechner sauber zu halten.
  • Nutze einen Virenscanner mit Hintergrundwächter mit stets aktueller Datenbank. Welches Produkt gewählt wird, spielt keine so entscheidende Rolle. Wenn du ein kommerzielles Programm kaufen möchtest, kann ich dir Emsisoft Anti-Malware empfehlen (die Freeware-Version davon reicht aber nicht, denn die hat keinen Hintergrundwächter). Bevorzugst du ein kostenloses Produkt, dann ist Avast! Free Antivirus eine gute Alternative.
    Betreibe aber keinesfalls zwei Wächter parallel, die würden sich gegenseitig behindern.
  • Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.
  • Zusätzlich zum Virenscanner kannst du dein System regelmässig mit einem On-Demand Antimalwareprogramm scannen. Empfehlenswert ist die Free-Version von Malwarebytes Anti-Malware. Vor jedem Scan die Datenbank updaten.
  • Optional: Das Programm Sandboxie führt Anwendungen in einer isolierten Umgebung ("Sandkasten") aus, so dass keine Änderungen am System vorgenommen werden können. Wenn du deinen Browser darin startest, vermindert sich die Chance, dass beim Surfen eingefangene Malware sich dauerhaft im System festsetzen kann.
  • Optional: Das Addon WOT (web of trust) warnt dich vor einer als schädlich gemeldeten Website, bevor sie geladen wird. Für verschiedene Browser erhältlich.

Es liegt in der Natur der Sache, dass die am weitesten verbreitete Anwendungs-Software auch am häufigsten von Malware-Autoren attackiert wird. Es kann daher bereits einen kleinen Sicherheitsgewinn darstellen, wenn man alternative Software (z.B. einen alternativen PDF Reader) benutzt.
Anstelle des Internet Explorers kann man beispielsweise den Mozilla Firefox einsetzen, für welchen es zwei nützliche Addons zur Empfehlung gibt:
  • NoScript verhindert standardmässig das Ausführen von aktiven Inhalten (Java, JavaScript, Flash, ..) für sämtliche Websites. Du kannst selber nach dem Prinzip einer Whitelist festlegen, welchen Seiten du vertrauen und Scripts erlauben willst, auch temporär.
  • Adblock Plus blockt die meisten Werbebanner weg. Solche Banner können nebst ihrer störenden Erscheinung auch als Infektionsherde fungieren.

(Un-)Sicheres Verhalten im Internet

Nebst unbemerkten Drive-by Installationen wird Malware aber auch oft mehr oder weniger aktiv vom Benutzer selbst installiert.

Der Besuch zwielichtiger Websites kann bereits Risiken bergen. Und Downloads aus dubiosen Quellen sind immer russisches Roulette. Auch wenn der Virenscanner im Moment darin keine Bedrohung erkennt, muss das nichts bedeuten.
  • Illegale Cracks, Keygens und Serials sind ein ausgesprochen einfacher (und ein beliebter) Weg, um Malware zu verbreiten.
  • Bei Dateien aus Peer-to-Peer- und Filesharingprogrammen oder von Filehostern kannst du dir nie sicher sein, ob auch wirklich drin ist, was drauf steht.

Oft wird auch versucht, den Benutzer mit mehr oder weniger trickreichen Methoden dazu zu bringen, eine für ihn verhängnisvolle Handlung selbst auszuführen (Überbegriff Social Engineering).
  • Surfe mit Vorsicht und lass dich nicht von irgendwie interessant erscheinenden Elementen zu einem vorschnellen Klick verleiten. Lass dich nicht von Popups täuschen, die aussehen wie System- oder Virenmeldungen.
  • Sei skeptisch bei unerwarteten E-Mails, insbesondere wenn sie Anhänge enthalten. Auch wenn sie auf den ersten Blick authentisch wirken, persönliche Daten von dir enthalten oder vermeintlich von einem bekannten Absender stammen: Lieber nochmals in Ruhe überdenken oder nachfragen, anstatt einfach mal Links oder ausführbare Anhänge öffnen oder irgendwo deine Daten eingeben.
  • Auch in sozialen Netzwerken oder über Instant Messaging Systeme können schädliche Links oder Dateien die Runde machen. Erhältst du von einem deiner Freunde eine Nachricht, die merkwürdig ist oder so sensationell interessant oder skandalös tönt, dass man einfach draufklicken muss, dann hat bei ihm/ihr wahrscheinlich Neugier über Verstand gesiegt und du solltest nicht denselben Fehler machen.
  • Lass die Dateiendungen anzeigen, so dass du dich nicht täuschen lässt, wenn eine ausführbare Datei über ein doppelte Dateiendung kaschiert wird, z.B. Nacktfoto.jpg.exe.

Nervige Adware (Werbung) und unnötige Toolbars werden auch meist durch den Benutzer selbst mitinstalliert.
  • Lade Software in erster Priorität immer direkt vom Hersteller herunter. Viele Softwareportale (z.B. Softonic) packen noch unnützes Zeug mit in die Installation. Alternativ dazu wähle ein sauberes Portal wie Filepony oder heise.
  • Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen fürs Programm irrelevanten Ergänzungen.

Allgemeine Hinweise

Abschliessend noch ein paar grundsätzliche Bemerkungen:
  • Dein Benutzerkonto für den alltäglichen Gebrauch sollte nicht über Administratorenrechte verfügen. Nutze ein Konto mit eingeschränkten Rechten (Windows XP) bzw. aktiviere die Benutzerkontensteuerung (UAC) auf der höchsten Stufe (Windows Vista / 7).
  • Erstelle regelmässig Backups deiner Daten und Dokumente auf externen Datenträgern, bei wichtigen Dateien mindestens zweifach. Nicht nur ein Malwarebefall kann schmerzhaften Datenverlust nach sich ziehen sondern auch ein gewöhnlicher Festplattendefekt.
  • Die Autorun/Autoplay-Funktion stellt ein Risiko dar, denn sie ermöglicht es, dass beispielsweise beim Einstecken eines entsprechend infizierten USB-Sticks der Befall auf den Rechner überspringt. Überlege dir, ob du diese Funktion nicht besser deaktivieren möchtest.
  • Wähle deine Passwörter gemäss den gängigen Regeln, um besser gegen Brute-Force- und Wörterbuchattacken gewappnet zu sein. Benutze jedes deiner Passwörter nur einmal und ändere sie regelmässig.
  • Der Nutzen von Registry-Cleanern zur Performancesteigerung ist umstritten. Auf jeden Fall lässt sich damit grosser Schaden anrichten, wenn man nicht weiss, was man tut. Wir empfehlen deshalb, die Finger von der Registry zu lassen. Um von Zeit zu Zeit die temporären Dateien zu löschen, genügt TFC.

Wenn du möchtest, kannst du das Forum mit einer kleinen Spende unterstützen.
Es bleibt mir nur noch, dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen.
__________________
cheers,
Leo

Alt 05.01.2014, 14:45   #12
Terrenay
 
SafeSaver lässt sich nicht entfernen - Standard

SafeSaver lässt sich nicht entfernen


Alles aktualisiert ^^
Das Cleanup werde ich auch gleich machen

Äh, in Rückmeldungen bin ich generell nicht so begabt o_o
Egal xD
Vielen, vielen Dank für die Hilfe, war verständlich erklärt und die Links und alles sind weg, also, ich kann mich nicht beklagen

Werd nachher gleich mal allen Mitbenutzern erklären, was du mir gesagt hast undso ^.^

Jo, hab keine Fragen oder Probleme mehr ^^
Hoffentlich ist der PC jetzt mal für ne Weile clean...


Also dann,
Tschüss und Danke nochmals ;D

Alt 05.01.2014, 14:48   #13
aharonov
/// TB-Ausbilder
 
SafeSaver lässt sich nicht entfernen - Standard

SafeSaver lässt sich nicht entfernen


Freut mich, dass wir helfen konnten.

Falls du dem Forum noch Verbesserungsvorschläge, Kritik oder ein Lob mitgeben möchtest, kannst du das hier tun.

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Ich bekomme somit keine Benachrichtigung mehr über neue Antworten.
Solltest du das Thema erneut brauchen, schicke mir bitte eine PM und wir machen hier weiter.

Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.
__________________
cheers,
Leo

Antwort

Themen zu SafeSaver lässt sich nicht entfernen
adware, bettersurf, continue, malwarebytes, mobogenie, mobogenie entfernen, nationzoom, nationzoom entfernen, pup.optional.greatsaver.a, spyhunter, spyhunter entfernen, systemsteuerung, win32/adware.1clickdownload.aq, win32/adware.1clickdownload.w, win32/adware.addlyrics.f, win32/adware.mediafinder.h, win32/adware.multiplug.h, win32/adware.multiplug.k.gen, win32/adware.multiplug.l, win32/adware.yontoo.b, windows


« Windows 7: nation zoom nach cc cleaner Installation von dieser Seite: http://www.ccleaner.de/ | GVU Trojaner, Windows Vista geht auch nicht im abgesicherten Modus »


Ähnliche Themen: SafeSaver lässt sich nicht entfernen


  1. Windows7 taskmgr lässt sich nicht starten, Avira Echtzeitscanner lässt sich nicht aktivieren, USB wird nicht angenommen, ohne Meldung,
    Log-Analyse und Auswertung - 01.06.2015 (15)
  2. Conhost.exe prozess lässt sich nicht beenden & auch nicht entfernen.
    Plagegeister aller Art und deren Bekämpfung - 15.05.2015 (9)
  3. Win 8.1 PC mit Webguard Add, die sich nicht entfernen lässt
    Plagegeister aller Art und deren Bekämpfung - 17.03.2015 (9)
  4. TR/Crypt.EPACK.20167 -- lässt sich nicht löschen -- Echtzeitscanner lässt sich nicht aktivieren
    Plagegeister aller Art und deren Bekämpfung - 14.01.2015 (29)
  5. Win 8.1 : ADs by SpeedCheck lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 10.01.2015 (1)
  6. Laptop ruckelt nur noch, Iminent lässt sich nicht löschen und Radio schaltet sich alleine an und aus und lässt sich ebenfalls nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 27.06.2014 (3)
  7. Spyhunter lässt sich nicht entfernen
    Log-Analyse und Auswertung - 31.05.2014 (25)
  8. spyhunter lässt sich nicht entfernen
    Log-Analyse und Auswertung - 26.02.2014 (13)
  9. Auch hier: SafeSaver lässt sich nicht entfernen!
    Log-Analyse und Auswertung - 07.01.2014 (4)
  10. SafeSaver lässt sich nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 02.01.2014 (3)
  11. SECURITY TOOL WARNUNG öffnet sich andauernd und lässt sich nicht entfernen!
    Log-Analyse und Auswertung - 03.10.2010 (1)
  12. Security Essentials 2010 lässt sich nicht entfernen, rkill funktioniert nicht
    Plagegeister aller Art und deren Bekämpfung - 26.09.2010 (11)
  13. Win32/Kryptik.EKH Trojaner lässt sich nicht entfernen/MBAM startet nicht
    Plagegeister aller Art und deren Bekämpfung - 18.06.2010 (18)
  14. Spybot+Firefox hängen sich auf / Windows Security Alert lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 11.05.2010 (15)
  15. Pls help! TR/Vundo.Gen lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 08.11.2007 (3)
  16. Lässt sich nicht entfernen
    Log-Analyse und Auswertung - 07.05.2006 (10)
  17. CWS lässt sich nicht entfernen
    Log-Analyse und Auswertung - 28.06.2004 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema SafeSaver lässt sich nicht entfernen - Hallo, mein Bruder hat vor einigen Tagen, als er irgendein Programm heruntergeladen hat, nicht alle Häkchen bei den Zusatzprogrammen entfernt. Das heisst, er hat solche Adware-Programme heruntergeladen... Das meiste (zB. - SafeSaver lässt sich nicht entfernen...
Archiv
Du betrachtest: SafeSaver lässt sich nicht entfernen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130